1 files changed, 16 insertions, 16 deletions
diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c
index 82dc8bfdef..26c14543fc 100644
--- a/src/lib/libssl/d1_srtp.c
+++ b/src/lib/libssl/d1_srtp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srtp.c,v 1.20 2017/01/26 12:16:13 beck Exp $ */
+/* $OpenBSD: d1_srtp.c,v 1.21 2017/02/07 02:08:38 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -187,7 +187,7 @@ ssl_ctx_make_profiles(const char *profiles_string,
        SRTP_PROTECTION_PROFILE *p;
        if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) {
-                SSLerror(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
+                SSLerrorx(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
                return 1;
        }
@@ -198,7 +198,7 @@ ssl_ctx_make_profiles(const char *profiles_string,
                    col ? col - ptr : (int)strlen(ptr))) {
                        sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
                } else {
-                        SSLerror(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
+                        SSLerrorx(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
                        sk_SRTP_PROTECTION_PROFILE_free(profiles);
                        return 1;
                }
@@ -262,12 +262,12 @@ ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen)
        if (p) {
                if (ct == 0) {
-                        SSLerror(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
+                        SSLerror(s, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
                        return 1;
                }
                if ((2 + ct * 2 + 1) > maxlen) {
-                        SSLerror(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
+                        SSLerror(s, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
                        return 1;
                }
@@ -300,7 +300,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
        CBS cbs, ciphers, mki;
        if (len < 0) {
-                SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+                SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
                *al = SSL_AD_DECODE_ERROR;
                goto done;
        }
@@ -309,7 +309,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
        /* Pull off the cipher suite list */
        if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) ||
            CBS_len(&ciphers) % 2) {
-                SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+                SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
                *al = SSL_AD_DECODE_ERROR;
                goto done;
        }
@@ -318,7 +318,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
        while (CBS_len(&ciphers) > 0) {
                if (!CBS_get_u16(&ciphers, &id)) {
-                        SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+                        SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
                        *al = SSL_AD_DECODE_ERROR;
                        goto done;
                }
@@ -332,7 +332,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
        /* Extract the MKI value as a sanity check, but discard it for now. */
        if (!CBS_get_u8_length_prefixed(&cbs, &mki) ||
            CBS_len(&cbs) != 0) {
-                SSLerror(SSL_R_BAD_SRTP_MKI_VALUE);
+                SSLerror(s, SSL_R_BAD_SRTP_MKI_VALUE);
                *al = SSL_AD_DECODE_ERROR;
                goto done;
        }
@@ -373,12 +373,12 @@ ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen)
 {
        if (p) {
                if (maxlen < 5) {
-                        SSLerror(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
+                        SSLerror(s, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
                        return 1;
                }
                if (s->internal->srtp_profile == 0) {
-                        SSLerror(SSL_R_USE_SRTP_NOT_NEGOTIATED);
+                        SSLerror(s, SSL_R_USE_SRTP_NOT_NEGOTIATED);
                        return 1;
                }
                s2n(2, p);
@@ -401,7 +401,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int
        CBS cbs, profile_ids, mki;
        if (len < 0) {
-                SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+                SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
                *al = SSL_AD_DECODE_ERROR;
                return 1;
        }
@@ -414,14 +414,14 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int
         */
        if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) ||
            !CBS_get_u16(&profile_ids, &id) || CBS_len(&profile_ids) != 0) {
-                SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+                SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
                *al = SSL_AD_DECODE_ERROR;
                return 1;
        }
        /* Must be no MKI, since we never offer one. */
        if (!CBS_get_u8_length_prefixed(&cbs, &mki) || CBS_len(&mki) != 0) {
-                SSLerror(SSL_R_BAD_SRTP_MKI_VALUE);
+                SSLerror(s, SSL_R_BAD_SRTP_MKI_VALUE);
                *al = SSL_AD_ILLEGAL_PARAMETER;
                return 1;
        }
@@ -430,7 +430,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int
        /* Throw an error if the server gave us an unsolicited extension. */
        if (clnt == NULL) {
-                SSLerror(SSL_R_NO_SRTP_PROFILES);
+                SSLerror(s, SSL_R_NO_SRTP_PROFILES);
                *al = SSL_AD_DECODE_ERROR;
                return 1;
        }
@@ -449,7 +449,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int
                }
        }
-        SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+        SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
        *al = SSL_AD_DECODE_ERROR;
        return 1;
 }

diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c index 82dc8bfdef..26c14543fc 100644 --- a/src/lib/libssl/d1_srtp.c +++ b/src/lib/libssl/d1_srtp.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_srtp.c,v 1.20 2017/01/26 12:16:13 beck Exp $ */	1	/* $OpenBSD: d1_srtp.c,v 1.21 2017/02/07 02:08:38 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -187,7 +187,7 @@ ssl_ctx_make_profiles(const char *profiles_string,
187	SRTP_PROTECTION_PROFILE *p;	187	SRTP_PROTECTION_PROFILE *p;
188		188
189	if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) {	189	if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) {
190	SSLerror(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);	190	SSLerrorx(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
191	return 1;	191	return 1;
192	}	192	}
193		193
@@ -198,7 +198,7 @@ ssl_ctx_make_profiles(const char *profiles_string,
198	col ? col - ptr : (int)strlen(ptr))) {	198	col ? col - ptr : (int)strlen(ptr))) {
199	sk_SRTP_PROTECTION_PROFILE_push(profiles, p);	199	sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
200	} else {	200	} else {
201	SSLerror(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);	201	SSLerrorx(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
202	sk_SRTP_PROTECTION_PROFILE_free(profiles);	202	sk_SRTP_PROTECTION_PROFILE_free(profiles);
203	return 1;	203	return 1;
204	}	204	}
@@ -262,12 +262,12 @@ ssl_add_clienthello_use_srtp_ext(SSL s, unsigned char p, int *len, int maxlen)
262		262
263	if (p) {	263	if (p) {
264	if (ct == 0) {	264	if (ct == 0) {
265	SSLerror(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);	265	SSLerror(s, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
266	return 1;	266	return 1;
267	}	267	}
268		268
269	if ((2 + ct * 2 + 1) > maxlen) {	269	if ((2 + ct * 2 + 1) > maxlen) {
270	SSLerror(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);	270	SSLerror(s, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
271	return 1;	271	return 1;
272	}	272	}
273		273
@@ -300,7 +300,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL s, const unsigned char d, int len,
300	CBS cbs, ciphers, mki;	300	CBS cbs, ciphers, mki;
301		301
302	if (len < 0) {	302	if (len < 0) {
303	SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);	303	SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
304	*al = SSL_AD_DECODE_ERROR;	304	*al = SSL_AD_DECODE_ERROR;
305	goto done;	305	goto done;
306	}	306	}
@@ -309,7 +309,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL s, const unsigned char d, int len,
309	/* Pull off the cipher suite list */	309	/* Pull off the cipher suite list */
310	if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) \|\|	310	if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) \|\|
311	CBS_len(&ciphers) % 2) {	311	CBS_len(&ciphers) % 2) {
312	SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);	312	SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
313	*al = SSL_AD_DECODE_ERROR;	313	*al = SSL_AD_DECODE_ERROR;
314	goto done;	314	goto done;
315	}	315	}
@@ -318,7 +318,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL s, const unsigned char d, int len,
318		318
319	while (CBS_len(&ciphers) > 0) {	319	while (CBS_len(&ciphers) > 0) {
320	if (!CBS_get_u16(&ciphers, &id)) {	320	if (!CBS_get_u16(&ciphers, &id)) {
321	SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);	321	SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
322	*al = SSL_AD_DECODE_ERROR;	322	*al = SSL_AD_DECODE_ERROR;
323	goto done;	323	goto done;
324	}	324	}
@@ -332,7 +332,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL s, const unsigned char d, int len,
332	/* Extract the MKI value as a sanity check, but discard it for now. */	332	/* Extract the MKI value as a sanity check, but discard it for now. */
333	if (!CBS_get_u8_length_prefixed(&cbs, &mki) \|\|	333	if (!CBS_get_u8_length_prefixed(&cbs, &mki) \|\|
334	CBS_len(&cbs) != 0) {	334	CBS_len(&cbs) != 0) {
335	SSLerror(SSL_R_BAD_SRTP_MKI_VALUE);	335	SSLerror(s, SSL_R_BAD_SRTP_MKI_VALUE);
336	*al = SSL_AD_DECODE_ERROR;	336	*al = SSL_AD_DECODE_ERROR;
337	goto done;	337	goto done;
338	}	338	}
@@ -373,12 +373,12 @@ ssl_add_serverhello_use_srtp_ext(SSL s, unsigned char p, int *len, int maxlen)
373	{	373	{
374	if (p) {	374	if (p) {
375	if (maxlen < 5) {	375	if (maxlen < 5) {
376	SSLerror(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);	376	SSLerror(s, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
377	return 1;	377	return 1;
378	}	378	}
379		379
380	if (s->internal->srtp_profile == 0) {	380	if (s->internal->srtp_profile == 0) {
381	SSLerror(SSL_R_USE_SRTP_NOT_NEGOTIATED);	381	SSLerror(s, SSL_R_USE_SRTP_NOT_NEGOTIATED);
382	return 1;	382	return 1;
383	}	383	}
384	s2n(2, p);	384	s2n(2, p);
@@ -401,7 +401,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL s, const unsigned char d, int len, int
401	CBS cbs, profile_ids, mki;	401	CBS cbs, profile_ids, mki;
402		402
403	if (len < 0) {	403	if (len < 0) {
404	SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);	404	SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
405	*al = SSL_AD_DECODE_ERROR;	405	*al = SSL_AD_DECODE_ERROR;
406	return 1;	406	return 1;
407	}	407	}
@@ -414,14 +414,14 @@ ssl_parse_serverhello_use_srtp_ext(SSL s, const unsigned char d, int len, int
414	*/	414	*/
415	if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) \|\|	415	if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) \|\|
416	!CBS_get_u16(&profile_ids, &id) \|\| CBS_len(&profile_ids) != 0) {	416	!CBS_get_u16(&profile_ids, &id) \|\| CBS_len(&profile_ids) != 0) {
417	SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);	417	SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
418	*al = SSL_AD_DECODE_ERROR;	418	*al = SSL_AD_DECODE_ERROR;
419	return 1;	419	return 1;
420	}	420	}
421		421
422	/* Must be no MKI, since we never offer one. */	422	/* Must be no MKI, since we never offer one. */
423	if (!CBS_get_u8_length_prefixed(&cbs, &mki) \|\| CBS_len(&mki) != 0) {	423	if (!CBS_get_u8_length_prefixed(&cbs, &mki) \|\| CBS_len(&mki) != 0) {
424	SSLerror(SSL_R_BAD_SRTP_MKI_VALUE);	424	SSLerror(s, SSL_R_BAD_SRTP_MKI_VALUE);
425	*al = SSL_AD_ILLEGAL_PARAMETER;	425	*al = SSL_AD_ILLEGAL_PARAMETER;
426	return 1;	426	return 1;
427	}	427	}
@@ -430,7 +430,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL s, const unsigned char d, int len, int
430		430
431	/* Throw an error if the server gave us an unsolicited extension. */	431	/* Throw an error if the server gave us an unsolicited extension. */
432	if (clnt == NULL) {	432	if (clnt == NULL) {
433	SSLerror(SSL_R_NO_SRTP_PROFILES);	433	SSLerror(s, SSL_R_NO_SRTP_PROFILES);
434	*al = SSL_AD_DECODE_ERROR;	434	*al = SSL_AD_DECODE_ERROR;
435	return 1;	435	return 1;
436	}	436	}
@@ -449,7 +449,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL s, const unsigned char d, int len, int
449	}	449	}
450	}	450	}
451		451
452	SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);	452	SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
453	*al = SSL_AD_DECODE_ERROR;	453	*al = SSL_AD_DECODE_ERROR;
454	return 1;	454	return 1;
455	}	455	}