diff options
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 53 |
1 files changed, 18 insertions, 35 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 6287f6cbc6..108cc9f71e 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.132 2017/01/26 10:40:21 beck Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.133 2017/01/26 12:16:13 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1980,8 +1980,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 1980 | 1980 | ||
| 1981 | if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) { | 1981 | if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) { |
| 1982 | if (!ssl_cert_inst(&s->cert)) { | 1982 | if (!ssl_cert_inst(&s->cert)) { |
| 1983 | SSLerror( | 1983 | SSLerror(ERR_R_MALLOC_FAILURE); |
| 1984 | ERR_R_MALLOC_FAILURE); | ||
| 1985 | return (0); | 1984 | return (0); |
| 1986 | } | 1985 | } |
| 1987 | } | 1986 | } |
| @@ -2016,13 +2015,11 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 2016 | { | 2015 | { |
| 2017 | DH *dh = (DH *)parg; | 2016 | DH *dh = (DH *)parg; |
| 2018 | if (dh == NULL) { | 2017 | if (dh == NULL) { |
| 2019 | SSLerror( | 2018 | SSLerror(ERR_R_PASSED_NULL_PARAMETER); |
| 2020 | ERR_R_PASSED_NULL_PARAMETER); | ||
| 2021 | return (ret); | 2019 | return (ret); |
| 2022 | } | 2020 | } |
| 2023 | if ((dh = DHparams_dup(dh)) == NULL) { | 2021 | if ((dh = DHparams_dup(dh)) == NULL) { |
| 2024 | SSLerror( | 2022 | SSLerror(ERR_R_DH_LIB); |
| 2025 | ERR_R_DH_LIB); | ||
| 2026 | return (ret); | 2023 | return (ret); |
| 2027 | } | 2024 | } |
| 2028 | DH_free(s->cert->dh_tmp); | 2025 | DH_free(s->cert->dh_tmp); |
| @@ -2044,21 +2041,18 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 2044 | EC_KEY *ecdh = NULL; | 2041 | EC_KEY *ecdh = NULL; |
| 2045 | 2042 | ||
| 2046 | if (parg == NULL) { | 2043 | if (parg == NULL) { |
| 2047 | SSLerror( | 2044 | SSLerror(ERR_R_PASSED_NULL_PARAMETER); |
| 2048 | ERR_R_PASSED_NULL_PARAMETER); | ||
| 2049 | return (ret); | 2045 | return (ret); |
| 2050 | } | 2046 | } |
| 2051 | if (!EC_KEY_up_ref((EC_KEY *)parg)) { | 2047 | if (!EC_KEY_up_ref((EC_KEY *)parg)) { |
| 2052 | SSLerror( | 2048 | SSLerror(ERR_R_ECDH_LIB); |
| 2053 | ERR_R_ECDH_LIB); | ||
| 2054 | return (ret); | 2049 | return (ret); |
| 2055 | } | 2050 | } |
| 2056 | ecdh = (EC_KEY *)parg; | 2051 | ecdh = (EC_KEY *)parg; |
| 2057 | if (!(s->internal->options & SSL_OP_SINGLE_ECDH_USE)) { | 2052 | if (!(s->internal->options & SSL_OP_SINGLE_ECDH_USE)) { |
| 2058 | if (!EC_KEY_generate_key(ecdh)) { | 2053 | if (!EC_KEY_generate_key(ecdh)) { |
| 2059 | EC_KEY_free(ecdh); | 2054 | EC_KEY_free(ecdh); |
| 2060 | SSLerror( | 2055 | SSLerror(ERR_R_ECDH_LIB); |
| 2061 | ERR_R_ECDH_LIB); | ||
| 2062 | return (ret); | 2056 | return (ret); |
| 2063 | } | 2057 | } |
| 2064 | } | 2058 | } |
| @@ -2069,8 +2063,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 2069 | break; | 2063 | break; |
| 2070 | case SSL_CTRL_SET_TMP_ECDH_CB: | 2064 | case SSL_CTRL_SET_TMP_ECDH_CB: |
| 2071 | { | 2065 | { |
| 2072 | SSLerror( | 2066 | SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 2073 | ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | ||
| 2074 | return (ret); | 2067 | return (ret); |
| 2075 | } | 2068 | } |
| 2076 | break; | 2069 | break; |
| @@ -2083,19 +2076,16 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 2083 | if (parg == NULL) | 2076 | if (parg == NULL) |
| 2084 | break; | 2077 | break; |
| 2085 | if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { | 2078 | if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { |
| 2086 | SSLerror( | 2079 | SSLerror(SSL_R_SSL3_EXT_INVALID_SERVERNAME); |
| 2087 | SSL_R_SSL3_EXT_INVALID_SERVERNAME); | ||
| 2088 | return 0; | 2080 | return 0; |
| 2089 | } | 2081 | } |
| 2090 | if ((s->tlsext_hostname = strdup((char *)parg)) | 2082 | if ((s->tlsext_hostname = strdup((char *)parg)) |
| 2091 | == NULL) { | 2083 | == NULL) { |
| 2092 | SSLerror( | 2084 | SSLerror(ERR_R_INTERNAL_ERROR); |
| 2093 | ERR_R_INTERNAL_ERROR); | ||
| 2094 | return 0; | 2085 | return 0; |
| 2095 | } | 2086 | } |
| 2096 | } else { | 2087 | } else { |
| 2097 | SSLerror( | 2088 | SSLerror(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); |
| 2098 | SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); | ||
| 2099 | return 0; | 2089 | return 0; |
| 2100 | } | 2090 | } |
| 2101 | break; | 2091 | break; |
| @@ -2177,8 +2167,7 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) | |||
| 2177 | 2167 | ||
| 2178 | if (cmd == SSL_CTRL_SET_TMP_DH_CB) { | 2168 | if (cmd == SSL_CTRL_SET_TMP_DH_CB) { |
| 2179 | if (!ssl_cert_inst(&s->cert)) { | 2169 | if (!ssl_cert_inst(&s->cert)) { |
| 2180 | SSLerror( | 2170 | SSLerror(ERR_R_MALLOC_FAILURE); |
| 2181 | ERR_R_MALLOC_FAILURE); | ||
| 2182 | return (0); | 2171 | return (0); |
| 2183 | } | 2172 | } |
| 2184 | } | 2173 | } |
| @@ -2223,8 +2212,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) | |||
| 2223 | 2212 | ||
| 2224 | dh = (DH *)parg; | 2213 | dh = (DH *)parg; |
| 2225 | if ((new = DHparams_dup(dh)) == NULL) { | 2214 | if ((new = DHparams_dup(dh)) == NULL) { |
| 2226 | SSLerror( | 2215 | SSLerror(ERR_R_DH_LIB); |
| 2227 | ERR_R_DH_LIB); | ||
| 2228 | return 0; | 2216 | return 0; |
| 2229 | } | 2217 | } |
| 2230 | DH_free(cert->dh_tmp); | 2218 | DH_free(cert->dh_tmp); |
| @@ -2246,21 +2234,18 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) | |||
| 2246 | EC_KEY *ecdh = NULL; | 2234 | EC_KEY *ecdh = NULL; |
| 2247 | 2235 | ||
| 2248 | if (parg == NULL) { | 2236 | if (parg == NULL) { |
| 2249 | SSLerror( | 2237 | SSLerror(ERR_R_ECDH_LIB); |
| 2250 | ERR_R_ECDH_LIB); | ||
| 2251 | return 0; | 2238 | return 0; |
| 2252 | } | 2239 | } |
| 2253 | ecdh = EC_KEY_dup((EC_KEY *)parg); | 2240 | ecdh = EC_KEY_dup((EC_KEY *)parg); |
| 2254 | if (ecdh == NULL) { | 2241 | if (ecdh == NULL) { |
| 2255 | SSLerror( | 2242 | SSLerror(ERR_R_EC_LIB); |
| 2256 | ERR_R_EC_LIB); | ||
| 2257 | return 0; | 2243 | return 0; |
| 2258 | } | 2244 | } |
| 2259 | if (!(ctx->internal->options & SSL_OP_SINGLE_ECDH_USE)) { | 2245 | if (!(ctx->internal->options & SSL_OP_SINGLE_ECDH_USE)) { |
| 2260 | if (!EC_KEY_generate_key(ecdh)) { | 2246 | if (!EC_KEY_generate_key(ecdh)) { |
| 2261 | EC_KEY_free(ecdh); | 2247 | EC_KEY_free(ecdh); |
| 2262 | SSLerror( | 2248 | SSLerror(ERR_R_ECDH_LIB); |
| 2263 | ERR_R_ECDH_LIB); | ||
| 2264 | return 0; | 2249 | return 0; |
| 2265 | } | 2250 | } |
| 2266 | } | 2251 | } |
| @@ -2272,8 +2257,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) | |||
| 2272 | /* break; */ | 2257 | /* break; */ |
| 2273 | case SSL_CTRL_SET_TMP_ECDH_CB: | 2258 | case SSL_CTRL_SET_TMP_ECDH_CB: |
| 2274 | { | 2259 | { |
| 2275 | SSLerror( | 2260 | SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 2276 | ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | ||
| 2277 | return (0); | 2261 | return (0); |
| 2278 | } | 2262 | } |
| 2279 | break; | 2263 | break; |
| @@ -2287,8 +2271,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) | |||
| 2287 | if (!keys) | 2271 | if (!keys) |
| 2288 | return 48; | 2272 | return 48; |
| 2289 | if (larg != 48) { | 2273 | if (larg != 48) { |
| 2290 | SSLerror( | 2274 | SSLerror(SSL_R_INVALID_TICKET_KEYS_LENGTH); |
| 2291 | SSL_R_INVALID_TICKET_KEYS_LENGTH); | ||
| 2292 | return 0; | 2275 | return 0; |
| 2293 | } | 2276 | } |
| 2294 | if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { | 2277 | if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { |