Provide an error framework for use with the TLSv1.3 code.

This is based on the libtls error handling code, but adds machine readable codes and subcodes. We then map these codes back to libssl error codes. ok beck@ inoguchi@
author: jsing <> 2020-01-20 13:10:37 +0000
committer: jsing <> 2020-01-20 13:10:37 +0000
commit: b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55 (patch)
tree: cfa7f8e8231dba5be24e1ea4325ed5f91b57cb43 /src/lib/libssl/tls13_internal.h
parent: 101a098151714705f06800dd03668b1d84167aa1 (diff)
download: openbsd-b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55.tar.gz
openbsd-b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55.tar.bz2
openbsd-b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55.zip
1 files changed, 28 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index b33e4818af..41833f233f 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.36 2019/11/26 23:46:18 beck Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.37 2020/01/20 13:10:37 jsing Exp $ */
 /*
 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -37,6 +37,8 @@ __BEGIN_HIDDEN_DECLS
 #define TLS13_IO_WANT_POLLOUT   -3
 #define TLS13_IO_USE_LEGACY     -4
+#define TLS13_ERR_VERIFY_FAILED 16
 typedef void (*tls13_alert_cb)(uint8_t _alert_desc, void *_cb_arg);
 typedef ssize_t (*tls13_phh_recv_cb)(void *_cb_arg, CBS *cbs);
 typedef void (*tls13_phh_sent_cb)(void *_cb_arg);
@@ -160,7 +162,18 @@ struct tls13_handshake_stage {
 struct ssl_handshake_tls13_st;
+struct tls13_error {
+        int code;
+        int subcode;
+        int errnum;
+        const char *file;
+        int line;
+        char *msg;
+};
 struct tls13_ctx {
+        struct tls13_error error;
        SSL *ssl;
        struct ssl_handshake_tls13_st *hs;
        uint8_t mode;
@@ -261,6 +274,20 @@ int tls13_server_certificate_verify_recv(struct tls13_ctx *ctx);
 int tls13_server_finished_recv(struct tls13_ctx *ctx);
 int tls13_server_finished_send(struct tls13_ctx *ctx);
+void tls13_error_clear(struct tls13_error *error);
+int tls13_error_set(struct tls13_error *error, int code, int subcode,
+    const char *file, int line, const char *fmt, ...);
+int tls13_error_setx(struct tls13_error *error, int code, int subcode,
+    const char *file, int line, const char *fmt, ...);
+#define tls13_set_error(ctx, code, subcode, fmt, ...) \
+        tls13_error_set(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \
+            (fmt), __VA_ARGS__)
+#define tls13_set_errorx(ctx, code, subcode, fmt, ...) \
+        tls13_error_setx(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \
+            (fmt), __VA_ARGS__)
 __END_HIDDEN_DECLS
 #endif
author	jsing <>	2020-01-20 13:10:37 +0000
committer	jsing <>	2020-01-20 13:10:37 +0000
commit	b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55 (patch)
tree	cfa7f8e8231dba5be24e1ea4325ed5f91b57cb43 /src/lib/libssl/tls13_internal.h
parent	101a098151714705f06800dd03668b1d84167aa1 (diff)
download	openbsd-b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55.tar.gz openbsd-b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55.tar.bz2 openbsd-b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55.zip

diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index b33e4818af..41833f233f 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_internal.h,v 1.36 2019/11/26 23:46:18 beck Exp $ */	1	/* $OpenBSD: tls13_internal.h,v 1.37 2020/01/20 13:10:37 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Bob Beck <beck@openbsd.org>	3	* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
4	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -37,6 +37,8 @@ __BEGIN_HIDDEN_DECLS
37	#define TLS13_IO_WANT_POLLOUT -3	37	#define TLS13_IO_WANT_POLLOUT -3
38	#define TLS13_IO_USE_LEGACY -4	38	#define TLS13_IO_USE_LEGACY -4
39		39
		40	#define TLS13_ERR_VERIFY_FAILED 16
		41
40	typedef void (tls13_alert_cb)(uint8_t _alert_desc, void _cb_arg);	42	typedef void (tls13_alert_cb)(uint8_t _alert_desc, void _cb_arg);
41	typedef ssize_t (tls13_phh_recv_cb)(void _cb_arg, CBS *cbs);	43	typedef ssize_t (tls13_phh_recv_cb)(void _cb_arg, CBS *cbs);
42	typedef void (tls13_phh_sent_cb)(void _cb_arg);	44	typedef void (tls13_phh_sent_cb)(void _cb_arg);
@@ -160,7 +162,18 @@ struct tls13_handshake_stage {
160		162
161	struct ssl_handshake_tls13_st;	163	struct ssl_handshake_tls13_st;
162		164
		165	struct tls13_error {
		166	int code;
		167	int subcode;
		168	int errnum;
		169	const char *file;
		170	int line;
		171	char *msg;
		172	};
		173
163	struct tls13_ctx {	174	struct tls13_ctx {
		175	struct tls13_error error;
		176
164	SSL *ssl;	177	SSL *ssl;
165	struct ssl_handshake_tls13_st *hs;	178	struct ssl_handshake_tls13_st *hs;
166	uint8_t mode;	179	uint8_t mode;
@@ -261,6 +274,20 @@ int tls13_server_certificate_verify_recv(struct tls13_ctx *ctx);
261	int tls13_server_finished_recv(struct tls13_ctx *ctx);	274	int tls13_server_finished_recv(struct tls13_ctx *ctx);
262	int tls13_server_finished_send(struct tls13_ctx *ctx);	275	int tls13_server_finished_send(struct tls13_ctx *ctx);
263		276
		277	void tls13_error_clear(struct tls13_error *error);
		278
		279	int tls13_error_set(struct tls13_error *error, int code, int subcode,
		280	const char file, int line, const char fmt, ...);
		281	int tls13_error_setx(struct tls13_error *error, int code, int subcode,
		282	const char file, int line, const char fmt, ...);
		283
		284	#define tls13_set_error(ctx, code, subcode, fmt, ...) \
		285	tls13_error_set(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \
		286	(fmt), __VA_ARGS__)
		287	#define tls13_set_errorx(ctx, code, subcode, fmt, ...) \
		288	tls13_error_setx(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \
		289	(fmt), __VA_ARGS__)
		290
264	__END_HIDDEN_DECLS	291	__END_HIDDEN_DECLS
265		292
266	#endif	293	#endif