Return 0 on failure from send/get kex functions in the legacy stack.

In the legacy stack, a message handling function returns -1 for failure, 0 for need more data and 1 for success (although in extra special cases 2 may also be used). However, the various send/get kex functions only need to indicate success or failure - switch these to return 0 on failure (rather than -1) and use normal result testing. This leaves GOST unchanged for now, as that code is special and needs extra work. ok inoguchi@ tb@
author: jsing <> 2022-01-04 12:53:31 +0000
committer: jsing <> 2022-01-04 12:53:31 +0000
commit: 1a7cc6fb282b8ea2dda029734dc811a2b8be05aa (patch)
tree: 677e8d374c2a5e8377c22892318d9e86c208563a /src/lib
parent: eecca3168d4e6703e9f977f8f602e55d994ff03e (diff)
download: openbsd-1a7cc6fb282b8ea2dda029734dc811a2b8be05aa.tar.gz
openbsd-1a7cc6fb282b8ea2dda029734dc811a2b8be05aa.tar.bz2
openbsd-1a7cc6fb282b8ea2dda029734dc811a2b8be05aa.zip
2 files changed, 43 insertions, 43 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 3e4a4b3790..80a16f1042 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.125 2022/01/04 11:17:11 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.126 2022/01/04 12:53:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1258,7 +1258,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs)
        sc->peer_dh_tmp = dh;
-        return (1);
+        return 1;
 decode_err:
        SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
@@ -1267,14 +1267,14 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs)
 err:
        DH_free(dh);
-        return (-1);
+        return 0;
 }
 static int
 ssl3_get_server_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, int nid, CBS *public)
 {
        EC_KEY *ecdh = NULL;
-        int ret = -1;
+        int ret = 0;
        /* Extract the server's ephemeral ECDH public key. */
        if ((ecdh = EC_KEY_new()) == NULL) {
@@ -1320,10 +1320,10 @@ ssl3_get_server_kex_ecdhe_ecx(SSL *s, SESS_CERT *sc, int nid, CBS *public)
                goto err;
        }
-        return (1);
+        return 1;
 err:
-        return (-1);
+        return 0;
 }
 static int
@@ -1371,10 +1371,10 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, CBS *cbs)
        }
        if (nid == NID_X25519) {
-                if (ssl3_get_server_kex_ecdhe_ecx(s, sc, nid, &public) != 1)
+                if (!ssl3_get_server_kex_ecdhe_ecx(s, sc, nid, &public))
                        goto err;
        } else {
-                if (ssl3_get_server_kex_ecdhe_ecp(s, sc, nid, &public) != 1)
+                if (!ssl3_get_server_kex_ecdhe_ecp(s, sc, nid, &public))
                        goto err;
        }
@@ -1391,13 +1391,13 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, CBS *cbs)
                /* XXX - Anonymous ECDH, so no certificate or pkey. */
                *pkey = NULL;
-        return (1);
+        return 1;
 decode_err:
        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
        SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
 err:
-        return (-1);
+        return 0;
 }
 int
@@ -1465,10 +1465,10 @@ ssl3_get_server_key_exchange(SSL *s)
        param_len = CBS_len(&cbs);
        if (alg_k & SSL_kDHE) {
-                if (ssl3_get_server_kex_dhe(s, &pkey, &cbs) != 1)
+                if (!ssl3_get_server_kex_dhe(s, &pkey, &cbs))
                        goto err;
        } else if (alg_k & SSL_kECDHE) {
-                if (ssl3_get_server_kex_ecdhe(s, &pkey, &cbs) != 1)
+                if (!ssl3_get_server_kex_ecdhe(s, &pkey, &cbs))
                        goto err;
        } else if (alg_k != 0) {
                al = SSL_AD_UNEXPECTED_MESSAGE;
@@ -1904,7 +1904,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
        uint16_t max_legacy_version;
        EVP_PKEY *pkey = NULL;
        RSA *rsa;
-        int ret = -1;
+        int ret = 0;
        int enc_len;
        CBB epms;
@@ -1960,7 +1960,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
        EVP_PKEY_free(pkey);
        free(enc_pms);
-        return (ret);
+        return ret;
 }
 static int
@@ -1970,7 +1970,7 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
        DH *dh_srvr;
        uint8_t *key = NULL;
        size_t key_len = 0;
-        int ret = -1;
+        int ret = 0;
        /* Ensure that we have an ephemeral key from the server for DHE. */
        if ((dh_srvr = sess_cert->peer_dh_tmp) == NULL) {
@@ -1999,7 +1999,7 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
        DH_free(dh_clnt);
        freezero(key, key_len);
-        return (ret);
+        return ret;
 }
 static int
@@ -2008,7 +2008,7 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
        EC_KEY *ecdh = NULL;
        uint8_t *key = NULL;
        size_t key_len = 0;
-        int ret = -1;
+        int ret = 0;
        CBB ecpoint;
        if ((ecdh = EC_KEY_new()) == NULL) {
@@ -2039,14 +2039,14 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
        freezero(key, key_len);
        EC_KEY_free(ecdh);
-        return (ret);
+        return ret;
 }
 static int
 ssl3_send_client_kex_ecdhe_ecx(SSL *s, SESS_CERT *sc, CBB *cbb)
 {
        uint8_t *public_key = NULL, *private_key = NULL, *shared_key = NULL;
-        int ret = -1;
+        int ret = 0;
        CBB ecpoint;
        /* Generate X25519 key pair and derive shared key. */
@@ -2078,7 +2078,7 @@ ssl3_send_client_kex_ecdhe_ecx(SSL *s, SESS_CERT *sc, CBB *cbb)
        freezero(private_key, X25519_KEY_LENGTH);
        freezero(shared_key, X25519_KEY_LENGTH);
-        return (ret);
+        return ret;
 }
 static int
@@ -2096,10 +2096,10 @@ ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb)
                goto err;
        }
-        return (1);
+        return 1;
 err:
-        return (-1);
+        return 0;
 }
 static int
@@ -2237,13 +2237,13 @@ ssl3_send_client_key_exchange(SSL *s)
                        goto err;
                if (alg_k & SSL_kRSA) {
-                        if (ssl3_send_client_kex_rsa(s, sess_cert, &kex) != 1)
+                        if (!ssl3_send_client_kex_rsa(s, sess_cert, &kex))
                                goto err;
                } else if (alg_k & SSL_kDHE) {
-                        if (ssl3_send_client_kex_dhe(s, sess_cert, &kex) != 1)
+                        if (!ssl3_send_client_kex_dhe(s, sess_cert, &kex))
                                goto err;
                } else if (alg_k & SSL_kECDHE) {
-                        if (ssl3_send_client_kex_ecdhe(s, sess_cert, &kex) != 1)
+                        if (!ssl3_send_client_kex_ecdhe(s, sess_cert, &kex))
                                goto err;
                } else if (alg_k & SSL_kGOST) {
                        if (ssl3_send_client_kex_gost(s, sess_cert, &kex) != 1)
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 330f9176d8..0496985351 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.129 2021/12/26 15:10:59 tb Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.130 2022/01/04 12:53:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1361,7 +1361,7 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb)
 err:
        DH_free(dh);
-        return -1;
+        return 0;
 }
 static int
@@ -1417,12 +1417,12 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
        if (!CBB_flush(cbb))
                goto err;
-        return (1);
+        return 1;
 fatal_err:
        ssl3_send_alert(s, SSL3_AL_FATAL, al);
 err:
-        return (-1);
+        return 0;
 }
 static int
@@ -1431,7 +1431,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb)
        uint8_t *public_key = NULL, *private_key = NULL;
        uint16_t curve_id;
        CBB ecpoint;
-        int ret = -1;
+        int ret = 0;
        /* Generate an X25519 key pair. */
        if (S3I(s)->tmp.x25519 != NULL) {
@@ -1469,7 +1469,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb)
        free(public_key);
        freezero(private_key, X25519_KEY_LENGTH);
-        return (ret);
+        return ret;
 }
 static int
@@ -1518,10 +1518,10 @@ ssl3_send_server_key_exchange(SSL *s)
                type = S3I(s)->hs.cipher->algorithm_mkey;
                if (type & SSL_kDHE) {
-                        if (ssl3_send_server_kex_dhe(s, &cbb_params) != 1)
+                        if (!ssl3_send_server_kex_dhe(s, &cbb_params))
                                goto err;
                } else if (type & SSL_kECDHE) {
-                        if (ssl3_send_server_kex_ecdhe(s, &cbb_params) != 1)
+                        if (!ssl3_send_server_kex_ecdhe(s, &cbb_params))
                                goto err;
                } else {
                        al = SSL_AD_HANDSHAKE_FAILURE;
@@ -1775,7 +1775,7 @@ ssl3_get_client_kex_rsa(SSL *s, CBS *cbs)
        freezero(pms, pms_len);
-        return (1);
+        return 1;
 decode_err:
        al = SSL_AD_DECODE_ERROR;
@@ -1785,7 +1785,7 @@ ssl3_get_client_kex_rsa(SSL *s, CBS *cbs)
 err:
        freezero(pms, pms_len);
-        return (-1);
+        return 0;
 }
 static int
@@ -1796,7 +1796,7 @@ ssl3_get_client_kex_dhe(SSL *s, CBS *cbs)
        int invalid_key;
        uint8_t *key = NULL;
        size_t key_len = 0;
-        int ret = -1;
+        int ret = 0;
        if ((dh_srvr = S3I(s)->tmp.dh) == NULL) {
                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
@@ -1844,7 +1844,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, CBS *cbs)
        EC_KEY *ecdh_peer = NULL;
        EC_KEY *ecdh;
        CBS public;
-        int ret = -1;
+        int ret = 0;
        /*
         * Use the ephemeral values we saved when generating the
@@ -1887,7 +1887,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, CBS *cbs)
        freezero(key, key_len);
        EC_KEY_free(ecdh_peer);
-        return (ret);
+        return ret;
 }
 static int
@@ -1895,7 +1895,7 @@ ssl3_get_client_kex_ecdhe_ecx(SSL *s, CBS *cbs)
 {
        uint8_t *shared_key = NULL;
        CBS ecpoint;
-        int ret = -1;
+        int ret = 0;
        if (!CBS_get_u8_length_prefixed(cbs, &ecpoint))
                goto err;
@@ -1920,7 +1920,7 @@ ssl3_get_client_kex_ecdhe_ecx(SSL *s, CBS *cbs)
 err:
        freezero(shared_key, X25519_KEY_LENGTH);
-        return (ret);
+        return ret;
 }
 static int
@@ -2023,13 +2023,13 @@ ssl3_get_client_key_exchange(SSL *s)
        alg_k = S3I(s)->hs.cipher->algorithm_mkey;
        if (alg_k & SSL_kRSA) {
-                if (ssl3_get_client_kex_rsa(s, &cbs) != 1)
+                if (!ssl3_get_client_kex_rsa(s, &cbs))
                        goto err;
        } else if (alg_k & SSL_kDHE) {
-                if (ssl3_get_client_kex_dhe(s, &cbs) != 1)
+                if (!ssl3_get_client_kex_dhe(s, &cbs))
                        goto err;
        } else if (alg_k & SSL_kECDHE) {
-                if (ssl3_get_client_kex_ecdhe(s, &cbs) != 1)
+                if (!ssl3_get_client_kex_ecdhe(s, &cbs))
                        goto err;
        } else if (alg_k & SSL_kGOST) {
                if (ssl3_get_client_kex_gost(s, &cbs) != 1)
author	jsing <>	2022-01-04 12:53:31 +0000
committer	jsing <>	2022-01-04 12:53:31 +0000
commit	1a7cc6fb282b8ea2dda029734dc811a2b8be05aa (patch)
tree	677e8d374c2a5e8377c22892318d9e86c208563a /src/lib
parent	eecca3168d4e6703e9f977f8f602e55d994ff03e (diff)
download	openbsd-1a7cc6fb282b8ea2dda029734dc811a2b8be05aa.tar.gz openbsd-1a7cc6fb282b8ea2dda029734dc811a2b8be05aa.tar.bz2 openbsd-1a7cc6fb282b8ea2dda029734dc811a2b8be05aa.zip

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 3e4a4b3790..80a16f1042 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.125 2022/01/04 11:17:11 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.126 2022/01/04 12:53:31 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1258,7 +1258,7 @@ ssl3_get_server_kex_dhe(SSL s, EVP_PKEY pkey, CBS cbs)
1258		1258
1259	sc->peer_dh_tmp = dh;	1259	sc->peer_dh_tmp = dh;
1260		1260
1261	return (1);	1261	return 1;
1262		1262
1263	decode_err:	1263	decode_err:
1264	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);	1264	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
@@ -1267,14 +1267,14 @@ ssl3_get_server_kex_dhe(SSL s, EVP_PKEY pkey, CBS cbs)
1267	err:	1267	err:
1268	DH_free(dh);	1268	DH_free(dh);
1269		1269
1270	return (-1);	1270	return 0;
1271	}	1271	}
1272		1272
1273	static int	1273	static int
1274	ssl3_get_server_kex_ecdhe_ecp(SSL s, SESS_CERT sc, int nid, CBS *public)	1274	ssl3_get_server_kex_ecdhe_ecp(SSL s, SESS_CERT sc, int nid, CBS *public)
1275	{	1275	{
1276	EC_KEY *ecdh = NULL;	1276	EC_KEY *ecdh = NULL;
1277	int ret = -1;	1277	int ret = 0;
1278		1278
1279	/* Extract the server's ephemeral ECDH public key. */	1279	/* Extract the server's ephemeral ECDH public key. */
1280	if ((ecdh = EC_KEY_new()) == NULL) {	1280	if ((ecdh = EC_KEY_new()) == NULL) {
@@ -1320,10 +1320,10 @@ ssl3_get_server_kex_ecdhe_ecx(SSL s, SESS_CERT sc, int nid, CBS *public)
1320	goto err;	1320	goto err;
1321	}	1321	}
1322		1322
1323	return (1);	1323	return 1;
1324		1324
1325	err:	1325	err:
1326	return (-1);	1326	return 0;
1327	}	1327	}
1328		1328
1329	static int	1329	static int
@@ -1371,10 +1371,10 @@ ssl3_get_server_kex_ecdhe(SSL s, EVP_PKEY pkey, CBS cbs)
1371	}	1371	}
1372		1372
1373	if (nid == NID_X25519) {	1373	if (nid == NID_X25519) {
1374	if (ssl3_get_server_kex_ecdhe_ecx(s, sc, nid, &public) != 1)	1374	if (!ssl3_get_server_kex_ecdhe_ecx(s, sc, nid, &public))
1375	goto err;	1375	goto err;
1376	} else {	1376	} else {
1377	if (ssl3_get_server_kex_ecdhe_ecp(s, sc, nid, &public) != 1)	1377	if (!ssl3_get_server_kex_ecdhe_ecp(s, sc, nid, &public))
1378	goto err;	1378	goto err;
1379	}	1379	}
1380		1380
@@ -1391,13 +1391,13 @@ ssl3_get_server_kex_ecdhe(SSL s, EVP_PKEY pkey, CBS cbs)
1391	/* XXX - Anonymous ECDH, so no certificate or pkey. */	1391	/* XXX - Anonymous ECDH, so no certificate or pkey. */
1392	*pkey = NULL;	1392	*pkey = NULL;
1393		1393
1394	return (1);	1394	return 1;
1395		1395
1396	decode_err:	1396	decode_err:
1397	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);	1397	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1398	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);	1398	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1399	err:	1399	err:
1400	return (-1);	1400	return 0;
1401	}	1401	}
1402		1402
1403	int	1403	int
@@ -1465,10 +1465,10 @@ ssl3_get_server_key_exchange(SSL *s)
1465	param_len = CBS_len(&cbs);	1465	param_len = CBS_len(&cbs);
1466		1466
1467	if (alg_k & SSL_kDHE) {	1467	if (alg_k & SSL_kDHE) {
1468	if (ssl3_get_server_kex_dhe(s, &pkey, &cbs) != 1)	1468	if (!ssl3_get_server_kex_dhe(s, &pkey, &cbs))
1469	goto err;	1469	goto err;
1470	} else if (alg_k & SSL_kECDHE) {	1470	} else if (alg_k & SSL_kECDHE) {
1471	if (ssl3_get_server_kex_ecdhe(s, &pkey, &cbs) != 1)	1471	if (!ssl3_get_server_kex_ecdhe(s, &pkey, &cbs))
1472	goto err;	1472	goto err;
1473	} else if (alg_k != 0) {	1473	} else if (alg_k != 0) {
1474	al = SSL_AD_UNEXPECTED_MESSAGE;	1474	al = SSL_AD_UNEXPECTED_MESSAGE;
@@ -1904,7 +1904,7 @@ ssl3_send_client_kex_rsa(SSL s, SESS_CERT sess_cert, CBB *cbb)
1904	uint16_t max_legacy_version;	1904	uint16_t max_legacy_version;
1905	EVP_PKEY *pkey = NULL;	1905	EVP_PKEY *pkey = NULL;
1906	RSA *rsa;	1906	RSA *rsa;
1907	int ret = -1;	1907	int ret = 0;
1908	int enc_len;	1908	int enc_len;
1909	CBB epms;	1909	CBB epms;
1910		1910
@@ -1960,7 +1960,7 @@ ssl3_send_client_kex_rsa(SSL s, SESS_CERT sess_cert, CBB *cbb)
1960	EVP_PKEY_free(pkey);	1960	EVP_PKEY_free(pkey);
1961	free(enc_pms);	1961	free(enc_pms);
1962		1962
1963	return (ret);	1963	return ret;
1964	}	1964	}
1965		1965
1966	static int	1966	static int
@@ -1970,7 +1970,7 @@ ssl3_send_client_kex_dhe(SSL s, SESS_CERT sess_cert, CBB *cbb)
1970	DH *dh_srvr;	1970	DH *dh_srvr;
1971	uint8_t *key = NULL;	1971	uint8_t *key = NULL;
1972	size_t key_len = 0;	1972	size_t key_len = 0;
1973	int ret = -1;	1973	int ret = 0;
1974		1974
1975	/* Ensure that we have an ephemeral key from the server for DHE. */	1975	/* Ensure that we have an ephemeral key from the server for DHE. */
1976	if ((dh_srvr = sess_cert->peer_dh_tmp) == NULL) {	1976	if ((dh_srvr = sess_cert->peer_dh_tmp) == NULL) {
@@ -1999,7 +1999,7 @@ ssl3_send_client_kex_dhe(SSL s, SESS_CERT sess_cert, CBB *cbb)
1999	DH_free(dh_clnt);	1999	DH_free(dh_clnt);
2000	freezero(key, key_len);	2000	freezero(key, key_len);
2001		2001
2002	return (ret);	2002	return ret;
2003	}	2003	}
2004		2004
2005	static int	2005	static int
@@ -2008,7 +2008,7 @@ ssl3_send_client_kex_ecdhe_ecp(SSL s, SESS_CERT sc, CBB *cbb)
2008	EC_KEY *ecdh = NULL;	2008	EC_KEY *ecdh = NULL;
2009	uint8_t *key = NULL;	2009	uint8_t *key = NULL;
2010	size_t key_len = 0;	2010	size_t key_len = 0;
2011	int ret = -1;	2011	int ret = 0;
2012	CBB ecpoint;	2012	CBB ecpoint;
2013		2013
2014	if ((ecdh = EC_KEY_new()) == NULL) {	2014	if ((ecdh = EC_KEY_new()) == NULL) {
@@ -2039,14 +2039,14 @@ ssl3_send_client_kex_ecdhe_ecp(SSL s, SESS_CERT sc, CBB *cbb)
2039	freezero(key, key_len);	2039	freezero(key, key_len);
2040	EC_KEY_free(ecdh);	2040	EC_KEY_free(ecdh);
2041		2041
2042	return (ret);	2042	return ret;
2043	}	2043	}
2044		2044
2045	static int	2045	static int
2046	ssl3_send_client_kex_ecdhe_ecx(SSL s, SESS_CERT sc, CBB *cbb)	2046	ssl3_send_client_kex_ecdhe_ecx(SSL s, SESS_CERT sc, CBB *cbb)
2047	{	2047	{
2048	uint8_t public_key = NULL, private_key = NULL, *shared_key = NULL;	2048	uint8_t public_key = NULL, private_key = NULL, *shared_key = NULL;
2049	int ret = -1;	2049	int ret = 0;
2050	CBB ecpoint;	2050	CBB ecpoint;
2051		2051
2052	/* Generate X25519 key pair and derive shared key. */	2052	/* Generate X25519 key pair and derive shared key. */
@@ -2078,7 +2078,7 @@ ssl3_send_client_kex_ecdhe_ecx(SSL s, SESS_CERT sc, CBB *cbb)
2078	freezero(private_key, X25519_KEY_LENGTH);	2078	freezero(private_key, X25519_KEY_LENGTH);
2079	freezero(shared_key, X25519_KEY_LENGTH);	2079	freezero(shared_key, X25519_KEY_LENGTH);
2080		2080
2081	return (ret);	2081	return ret;
2082	}	2082	}
2083		2083
2084	static int	2084	static int
@@ -2096,10 +2096,10 @@ ssl3_send_client_kex_ecdhe(SSL s, SESS_CERT sc, CBB *cbb)
2096	goto err;	2096	goto err;
2097	}	2097	}
2098		2098
2099	return (1);	2099	return 1;
2100		2100
2101	err:	2101	err:
2102	return (-1);	2102	return 0;
2103	}	2103	}
2104		2104
2105	static int	2105	static int
@@ -2237,13 +2237,13 @@ ssl3_send_client_key_exchange(SSL *s)
2237	goto err;	2237	goto err;
2238		2238
2239	if (alg_k & SSL_kRSA) {	2239	if (alg_k & SSL_kRSA) {
2240	if (ssl3_send_client_kex_rsa(s, sess_cert, &kex) != 1)	2240	if (!ssl3_send_client_kex_rsa(s, sess_cert, &kex))
2241	goto err;	2241	goto err;
2242	} else if (alg_k & SSL_kDHE) {	2242	} else if (alg_k & SSL_kDHE) {
2243	if (ssl3_send_client_kex_dhe(s, sess_cert, &kex) != 1)	2243	if (!ssl3_send_client_kex_dhe(s, sess_cert, &kex))
2244	goto err;	2244	goto err;
2245	} else if (alg_k & SSL_kECDHE) {	2245	} else if (alg_k & SSL_kECDHE) {
2246	if (ssl3_send_client_kex_ecdhe(s, sess_cert, &kex) != 1)	2246	if (!ssl3_send_client_kex_ecdhe(s, sess_cert, &kex))
2247	goto err;	2247	goto err;
2248	} else if (alg_k & SSL_kGOST) {	2248	} else if (alg_k & SSL_kGOST) {
2249	if (ssl3_send_client_kex_gost(s, sess_cert, &kex) != 1)	2249	if (ssl3_send_client_kex_gost(s, sess_cert, &kex) != 1)


diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 330f9176d8..0496985351 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_srvr.c,v 1.129 2021/12/26 15:10:59 tb Exp $ */	1	/* $OpenBSD: ssl_srvr.c,v 1.130 2022/01/04 12:53:31 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1361,7 +1361,7 @@ ssl3_send_server_kex_dhe(SSL s, CBB cbb)
1361	err:	1361	err:
1362	DH_free(dh);	1362	DH_free(dh);
1363		1363
1364	return -1;	1364	return 0;
1365	}	1365	}
1366		1366
1367	static int	1367	static int
@@ -1417,12 +1417,12 @@ ssl3_send_server_kex_ecdhe_ecp(SSL s, int nid, CBB cbb)
1417	if (!CBB_flush(cbb))	1417	if (!CBB_flush(cbb))
1418	goto err;	1418	goto err;
1419		1419
1420	return (1);	1420	return 1;
1421		1421
1422	fatal_err:	1422	fatal_err:
1423	ssl3_send_alert(s, SSL3_AL_FATAL, al);	1423	ssl3_send_alert(s, SSL3_AL_FATAL, al);
1424	err:	1424	err:
1425	return (-1);	1425	return 0;
1426	}	1426	}
1427		1427
1428	static int	1428	static int
@@ -1431,7 +1431,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL s, int nid, CBB cbb)
1431	uint8_t public_key = NULL, private_key = NULL;	1431	uint8_t public_key = NULL, private_key = NULL;
1432	uint16_t curve_id;	1432	uint16_t curve_id;
1433	CBB ecpoint;	1433	CBB ecpoint;
1434	int ret = -1;	1434	int ret = 0;
1435		1435
1436	/* Generate an X25519 key pair. */	1436	/* Generate an X25519 key pair. */
1437	if (S3I(s)->tmp.x25519 != NULL) {	1437	if (S3I(s)->tmp.x25519 != NULL) {
@@ -1469,7 +1469,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL s, int nid, CBB cbb)
1469	free(public_key);	1469	free(public_key);
1470	freezero(private_key, X25519_KEY_LENGTH);	1470	freezero(private_key, X25519_KEY_LENGTH);
1471		1471
1472	return (ret);	1472	return ret;
1473	}	1473	}
1474		1474
1475	static int	1475	static int
@@ -1518,10 +1518,10 @@ ssl3_send_server_key_exchange(SSL *s)
1518		1518
1519	type = S3I(s)->hs.cipher->algorithm_mkey;	1519	type = S3I(s)->hs.cipher->algorithm_mkey;
1520	if (type & SSL_kDHE) {	1520	if (type & SSL_kDHE) {
1521	if (ssl3_send_server_kex_dhe(s, &cbb_params) != 1)	1521	if (!ssl3_send_server_kex_dhe(s, &cbb_params))
1522	goto err;	1522	goto err;
1523	} else if (type & SSL_kECDHE) {	1523	} else if (type & SSL_kECDHE) {
1524	if (ssl3_send_server_kex_ecdhe(s, &cbb_params) != 1)	1524	if (!ssl3_send_server_kex_ecdhe(s, &cbb_params))
1525	goto err;	1525	goto err;
1526	} else {	1526	} else {
1527	al = SSL_AD_HANDSHAKE_FAILURE;	1527	al = SSL_AD_HANDSHAKE_FAILURE;
@@ -1775,7 +1775,7 @@ ssl3_get_client_kex_rsa(SSL s, CBS cbs)
1775		1775
1776	freezero(pms, pms_len);	1776	freezero(pms, pms_len);
1777		1777
1778	return (1);	1778	return 1;
1779		1779
1780	decode_err:	1780	decode_err:
1781	al = SSL_AD_DECODE_ERROR;	1781	al = SSL_AD_DECODE_ERROR;
@@ -1785,7 +1785,7 @@ ssl3_get_client_kex_rsa(SSL s, CBS cbs)
1785	err:	1785	err:
1786	freezero(pms, pms_len);	1786	freezero(pms, pms_len);
1787		1787
1788	return (-1);	1788	return 0;
1789	}	1789	}
1790		1790
1791	static int	1791	static int
@@ -1796,7 +1796,7 @@ ssl3_get_client_kex_dhe(SSL s, CBS cbs)
1796	int invalid_key;	1796	int invalid_key;
1797	uint8_t *key = NULL;	1797	uint8_t *key = NULL;
1798	size_t key_len = 0;	1798	size_t key_len = 0;
1799	int ret = -1;	1799	int ret = 0;
1800		1800
1801	if ((dh_srvr = S3I(s)->tmp.dh) == NULL) {	1801	if ((dh_srvr = S3I(s)->tmp.dh) == NULL) {
1802	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);	1802	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
@@ -1844,7 +1844,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL s, CBS cbs)
1844	EC_KEY *ecdh_peer = NULL;	1844	EC_KEY *ecdh_peer = NULL;
1845	EC_KEY *ecdh;	1845	EC_KEY *ecdh;
1846	CBS public;	1846	CBS public;
1847	int ret = -1;	1847	int ret = 0;
1848		1848
1849	/*	1849	/*
1850	* Use the ephemeral values we saved when generating the	1850	* Use the ephemeral values we saved when generating the
@@ -1887,7 +1887,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL s, CBS cbs)
1887	freezero(key, key_len);	1887	freezero(key, key_len);
1888	EC_KEY_free(ecdh_peer);	1888	EC_KEY_free(ecdh_peer);
1889		1889
1890	return (ret);	1890	return ret;
1891	}	1891	}
1892		1892
1893	static int	1893	static int
@@ -1895,7 +1895,7 @@ ssl3_get_client_kex_ecdhe_ecx(SSL s, CBS cbs)
1895	{	1895	{
1896	uint8_t *shared_key = NULL;	1896	uint8_t *shared_key = NULL;
1897	CBS ecpoint;	1897	CBS ecpoint;
1898	int ret = -1;	1898	int ret = 0;
1899		1899
1900	if (!CBS_get_u8_length_prefixed(cbs, &ecpoint))	1900	if (!CBS_get_u8_length_prefixed(cbs, &ecpoint))
1901	goto err;	1901	goto err;
@@ -1920,7 +1920,7 @@ ssl3_get_client_kex_ecdhe_ecx(SSL s, CBS cbs)
1920	err:	1920	err:
1921	freezero(shared_key, X25519_KEY_LENGTH);	1921	freezero(shared_key, X25519_KEY_LENGTH);
1922		1922
1923	return (ret);	1923	return ret;
1924	}	1924	}
1925		1925
1926	static int	1926	static int
@@ -2023,13 +2023,13 @@ ssl3_get_client_key_exchange(SSL *s)
2023	alg_k = S3I(s)->hs.cipher->algorithm_mkey;	2023	alg_k = S3I(s)->hs.cipher->algorithm_mkey;
2024		2024
2025	if (alg_k & SSL_kRSA) {	2025	if (alg_k & SSL_kRSA) {
2026	if (ssl3_get_client_kex_rsa(s, &cbs) != 1)	2026	if (!ssl3_get_client_kex_rsa(s, &cbs))
2027	goto err;	2027	goto err;
2028	} else if (alg_k & SSL_kDHE) {	2028	} else if (alg_k & SSL_kDHE) {
2029	if (ssl3_get_client_kex_dhe(s, &cbs) != 1)	2029	if (!ssl3_get_client_kex_dhe(s, &cbs))
2030	goto err;	2030	goto err;
2031	} else if (alg_k & SSL_kECDHE) {	2031	} else if (alg_k & SSL_kECDHE) {
2032	if (ssl3_get_client_kex_ecdhe(s, &cbs) != 1)	2032	if (!ssl3_get_client_kex_ecdhe(s, &cbs))
2033	goto err;	2033	goto err;
2034	} else if (alg_k & SSL_kGOST) {	2034	} else if (alg_k & SSL_kGOST) {
2035	if (ssl3_get_client_kex_gost(s, &cbs) != 1)	2035	if (ssl3_get_client_kex_gost(s, &cbs) != 1)