Provide alert defines for TLSv1.3 and use in the TLSv1.3 code.

Rather than using a mess of SSL_AL_*, SSL_AD_*, SSL3_AD_* and TLS1_AD_*
defines, provide our own TLS13_ALERT_* defines and use those. This also
provides the alerts that are new to TLSv1.3.

ok beck@

1 files changed, 26 insertions, 25 deletions

diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index ce6327b694..9ea1a820ce 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.36 2020/05/09 15:47:11 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.37 2020/05/10 16:56:11 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -268,13 +268,13 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl)
                 return TLS13_IO_FAILURE;
 
         if (!CBS_get_u8(&rl->rbuf_cbs, &alert_level))
-                return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+                return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
 
         if (!CBS_get_u8(&rl->rbuf_cbs, &alert_desc))
-                return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+                return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
 
         if (CBS_len(&rl->rbuf_cbs) != 0)
-                return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+                return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
 
         tls13_record_layer_rbuf_free(rl);
 
@@ -283,21 +283,22 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl)
          * however for error alerts (RFC 8446 section 6.2), the alert level
          * must be specified as fatal.
          */
-        if (alert_desc == SSL_AD_CLOSE_NOTIFY) {
+        if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
                 rl->read_closed = 1;
                 ret = TLS13_IO_EOF;
-        } else if (alert_desc == SSL_AD_USER_CANCELLED) {
+        } else if (alert_desc == TLS13_ALERT_USER_CANCELED) {
                 /* Ignored at the record layer. */
                 ret = TLS13_IO_WANT_RETRY;
-        } else if (alert_level == SSL3_AL_FATAL) {
+        } else if (alert_level == TLS13_ALERT_LEVEL_FATAL) {
                 rl->read_closed = 1;
                 rl->write_closed = 1;
                 ret = TLS13_IO_ALERT;
-        } else if (rl->legacy_alerts_allowed && alert_level == SSL3_AL_WARNING) {
+        } else if (rl->legacy_alerts_allowed &&
+            alert_level == TLS13_ALERT_LEVEL_WARNING) {
                 /* Ignored and not passed to the callback. */
                 return TLS13_IO_WANT_RETRY;
         } else {
-                return tls13_send_alert(rl, SSL_AD_ILLEGAL_PARAMETER);
+                return tls13_send_alert(rl, TLS13_ALERT_ILLEGAL_PARAMETER);
         }
 
         rl->alert_cb(alert_desc, rl->cb_arg);
@@ -322,10 +323,10 @@ tls13_record_layer_send_alert(struct tls13_record_layer *rl)
         rl->alert_data = NULL;
         rl->alert_len = 0;
 
-        if (rl->alert_desc == SSL_AD_CLOSE_NOTIFY) {
+        if (rl->alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
                 rl->write_closed = 1;
                 ret = TLS13_IO_SUCCESS;
-        } else if (rl->alert_desc == SSL_AD_USER_CANCELLED) {
+        } else if (rl->alert_desc == TLS13_ALERT_USER_CANCELED) {
                 /* Ignored at the record layer. */
                 ret = TLS13_IO_SUCCESS;
         } else {
@@ -796,13 +797,13 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
          */
         if (content_type == SSL3_RT_CHANGE_CIPHER_SPEC) {
                 if (!rl->ccs_allowed || rl->ccs_seen >= 2)
-                        return tls13_send_alert(rl, SSL_AD_UNEXPECTED_MESSAGE);
+                        return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
                 if (!tls13_record_content(rl->rrec, &cbs))
-                        return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+                        return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
                 if (!CBS_get_u8(&cbs, &ccs))
-                        return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+                        return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
                 if (ccs != 1)
-                        return tls13_send_alert(rl, SSL_AD_ILLEGAL_PARAMETER);
+                        return tls13_send_alert(rl, TLS13_ALERT_ILLEGAL_PARAMETER);
                 rl->ccs_seen++;
                 tls13_record_layer_rrec_free(rl);
                 return TLS13_IO_WANT_RETRY;
@@ -814,7 +815,7 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
          * dummy ChangeCipherSpec messages, handled above).
          */
         if (rl->aead != NULL && content_type != SSL3_RT_APPLICATION_DATA)
-                return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+                return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 
         if (!tls13_record_layer_open_record(rl))
                 goto err;
@@ -829,7 +830,7 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
         if (CBS_len(&rl->rbuf_cbs) == 0 &&
             (rl->rbuf_content_type == SSL3_RT_ALERT ||
              rl->rbuf_content_type == SSL3_RT_HANDSHAKE))
-                return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+                return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 
         switch (rl->rbuf_content_type) {
         case SSL3_RT_ALERT:
@@ -840,11 +841,11 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
 
         case SSL3_RT_APPLICATION_DATA:
                 if (!rl->handshake_completed)
-                        return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+                        return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
                 break;
 
         default:
-                return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+                return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
         }
 
         return TLS13_IO_SUCCESS;
@@ -887,7 +888,7 @@ tls13_record_layer_read_internal(struct tls13_record_layer *rl,
          * any record type that isn't a handshake until we are done.
          */
         if (rl->phh && rl->rbuf_content_type != SSL3_RT_HANDSHAKE)
-                return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+                return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 
         if (rl->rbuf_content_type != content_type) {
                 /*
@@ -941,7 +942,7 @@ tls13_record_layer_read_internal(struct tls13_record_layer *rl,
                         }
                 }
 
-                return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+                return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
         }
 
         if (n > CBS_len(&rl->rbuf_cbs))
@@ -1151,12 +1152,12 @@ tls13_write_application_data(struct tls13_record_layer *rl, const uint8_t *buf,
 ssize_t
 tls13_send_alert(struct tls13_record_layer *rl, uint8_t alert_desc)
 {
-        uint8_t alert_level = SSL3_AL_FATAL;
+        uint8_t alert_level = TLS13_ALERT_LEVEL_FATAL;
         ssize_t ret;
 
-        if (alert_desc == SSL_AD_CLOSE_NOTIFY ||
-            alert_desc == SSL_AD_USER_CANCELLED)
-                alert_level = SSL3_AL_WARNING;
+        if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY ||
+            alert_desc == TLS13_ALERT_USER_CANCELED)
+                alert_level = TLS13_ALERT_LEVEL_WARNING;
 
         do {
                 ret = tls13_record_layer_alert(rl, alert_level, alert_desc);