diff options
| author | joshua <> | 2024-03-28 06:55:02 +0000 |
|---|---|---|
| committer | joshua <> | 2024-03-28 06:55:02 +0000 |
| commit | d3012ebd0480445b9625c35635eb2e6849c6501a (patch) | |
| tree | 25976626a856952211e9b3036677a6db54eb83d8 /src/lib/libtls/tls_config.c | |
| parent | 2736f69ae92cd280dc0ebde4d1d52bd44f9f81e7 (diff) | |
| download | openbsd-d3012ebd0480445b9625c35635eb2e6849c6501a.tar.gz openbsd-d3012ebd0480445b9625c35635eb2e6849c6501a.tar.bz2 openbsd-d3012ebd0480445b9625c35635eb2e6849c6501a.zip | |
Use TLS_ERROR_INVALID_ARGUMENT for "too large" and "too small" errors
ok beck tb
Diffstat (limited to 'src/lib/libtls/tls_config.c')
| -rw-r--r-- | src/lib/libtls/tls_config.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c index 645562e838..10dc5003cb 100644 --- a/src/lib/libtls/tls_config.c +++ b/src/lib/libtls/tls_config.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_config.c,v 1.69 2024/03/27 07:35:30 joshua Exp $ */ | 1 | /* $OpenBSD: tls_config.c,v 1.70 2024/03/28 06:55:02 joshua Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -301,7 +301,8 @@ tls_config_parse_alpn(struct tls_config *config, const char *alpn, | |||
| 301 | *alpn_len = 0; | 301 | *alpn_len = 0; |
| 302 | 302 | ||
| 303 | if ((buf_len = strlen(alpn) + 1) > 65535) { | 303 | if ((buf_len = strlen(alpn) + 1) > 65535) { |
| 304 | tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, "alpn too large"); | 304 | tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT, |
| 305 | "alpn too large"); | ||
| 305 | goto err; | 306 | goto err; |
| 306 | } | 307 | } |
| 307 | 308 | ||
| @@ -865,7 +866,7 @@ tls_config_set_session_id(struct tls_config *config, | |||
| 865 | const unsigned char *session_id, size_t len) | 866 | const unsigned char *session_id, size_t len) |
| 866 | { | 867 | { |
| 867 | if (len > TLS_MAX_SESSION_ID_LENGTH) { | 868 | if (len > TLS_MAX_SESSION_ID_LENGTH) { |
| 868 | tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, | 869 | tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT, |
| 869 | "session ID too large"); | 870 | "session ID too large"); |
| 870 | return (-1); | 871 | return (-1); |
| 871 | } | 872 | } |
| @@ -878,12 +879,12 @@ int | |||
| 878 | tls_config_set_session_lifetime(struct tls_config *config, int lifetime) | 879 | tls_config_set_session_lifetime(struct tls_config *config, int lifetime) |
| 879 | { | 880 | { |
| 880 | if (lifetime > TLS_MAX_SESSION_TIMEOUT) { | 881 | if (lifetime > TLS_MAX_SESSION_TIMEOUT) { |
| 881 | tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, | 882 | tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT, |
| 882 | "session lifetime too large"); | 883 | "session lifetime too large"); |
| 883 | return (-1); | 884 | return (-1); |
| 884 | } | 885 | } |
| 885 | if (lifetime != 0 && lifetime < TLS_MIN_SESSION_TIMEOUT) { | 886 | if (lifetime != 0 && lifetime < TLS_MIN_SESSION_TIMEOUT) { |
| 886 | tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, | 887 | tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT, |
| 887 | "session lifetime too small"); | 888 | "session lifetime too small"); |
| 888 | return (-1); | 889 | return (-1); |
| 889 | } | 890 | } |