summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_clnt.c')
-rw-r--r--src/lib/libssl/ssl_clnt.c262
1 files changed, 131 insertions, 131 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 6f2edf5d90..7f4d6582da 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.4 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.5 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -211,7 +211,7 @@ ssl3_connect(SSL *s)
211 cb(s, SSL_CB_HANDSHAKE_START, 1); 211 cb(s, SSL_CB_HANDSHAKE_START, 1);
212 212
213 if ((s->version & 0xff00 ) != 0x0300) { 213 if ((s->version & 0xff00 ) != 0x0300) {
214 SSLerror(ERR_R_INTERNAL_ERROR); 214 SSLerror(s, ERR_R_INTERNAL_ERROR);
215 ret = -1; 215 ret = -1;
216 goto end; 216 goto end;
217 } 217 }
@@ -550,7 +550,7 @@ ssl3_connect(SSL *s)
550 /* break; */ 550 /* break; */
551 551
552 default: 552 default:
553 SSLerror(SSL_R_UNKNOWN_STATE); 553 SSLerror(s, SSL_R_UNKNOWN_STATE);
554 ret = -1; 554 ret = -1;
555 goto end; 555 goto end;
556 /* break; */ 556 /* break; */
@@ -595,7 +595,7 @@ ssl3_client_hello(SSL *s)
595 SSL_SESSION *sess = s->session; 595 SSL_SESSION *sess = s->session;
596 596
597 if (ssl_supported_version_range(s, NULL, &max_version) != 1) { 597 if (ssl_supported_version_range(s, NULL, &max_version) != 1) {
598 SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE); 598 SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
599 return (-1); 599 return (-1);
600 } 600 }
601 s->client_version = s->version = max_version; 601 s->client_version = s->version = max_version;
@@ -665,7 +665,7 @@ ssl3_client_hello(SSL *s)
665 *(p++) = i; 665 *(p++) = i;
666 if (i != 0) { 666 if (i != 0) {
667 if (i > (int)sizeof(s->session->session_id)) { 667 if (i > (int)sizeof(s->session->session_id)) {
668 SSLerror(ERR_R_INTERNAL_ERROR); 668 SSLerror(s, ERR_R_INTERNAL_ERROR);
669 goto err; 669 goto err;
670 } 670 }
671 memcpy(p, s->session->session_id, i); 671 memcpy(p, s->session->session_id, i);
@@ -675,7 +675,7 @@ ssl3_client_hello(SSL *s)
675 /* DTLS Cookie. */ 675 /* DTLS Cookie. */
676 if (SSL_IS_DTLS(s)) { 676 if (SSL_IS_DTLS(s)) {
677 if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) { 677 if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) {
678 SSLerror(ERR_R_INTERNAL_ERROR); 678 SSLerror(s, ERR_R_INTERNAL_ERROR);
679 goto err; 679 goto err;
680 } 680 }
681 *(p++) = D1I(s)->cookie_len; 681 *(p++) = D1I(s)->cookie_len;
@@ -688,7 +688,7 @@ ssl3_client_hello(SSL *s)
688 bufend - &p[2], &outlen)) 688 bufend - &p[2], &outlen))
689 goto err; 689 goto err;
690 if (outlen == 0) { 690 if (outlen == 0) {
691 SSLerror(SSL_R_NO_CIPHERS_AVAILABLE); 691 SSLerror(s, SSL_R_NO_CIPHERS_AVAILABLE);
692 goto err; 692 goto err;
693 } 693 }
694 s2n(outlen, p); 694 s2n(outlen, p);
@@ -700,7 +700,7 @@ ssl3_client_hello(SSL *s)
700 700
701 /* TLS extensions*/ 701 /* TLS extensions*/
702 if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) { 702 if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
703 SSLerror(ERR_R_INTERNAL_ERROR); 703 SSLerror(s, ERR_R_INTERNAL_ERROR);
704 goto err; 704 goto err;
705 } 705 }
706 706
@@ -752,7 +752,7 @@ ssl3_get_server_hello(SSL *s)
752 } else { 752 } else {
753 /* Already sent a cookie. */ 753 /* Already sent a cookie. */
754 al = SSL_AD_UNEXPECTED_MESSAGE; 754 al = SSL_AD_UNEXPECTED_MESSAGE;
755 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 755 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
756 goto f_err; 756 goto f_err;
757 } 757 }
758 } 758 }
@@ -760,7 +760,7 @@ ssl3_get_server_hello(SSL *s)
760 760
761 if (S3I(s)->tmp.message_type != SSL3_MT_SERVER_HELLO) { 761 if (S3I(s)->tmp.message_type != SSL3_MT_SERVER_HELLO) {
762 al = SSL_AD_UNEXPECTED_MESSAGE; 762 al = SSL_AD_UNEXPECTED_MESSAGE;
763 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 763 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
764 goto f_err; 764 goto f_err;
765 } 765 }
766 766
@@ -768,12 +768,12 @@ ssl3_get_server_hello(SSL *s)
768 goto truncated; 768 goto truncated;
769 769
770 if (ssl_supported_version_range(s, &min_version, &max_version) != 1) { 770 if (ssl_supported_version_range(s, &min_version, &max_version) != 1) {
771 SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE); 771 SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
772 goto err; 772 goto err;
773 } 773 }
774 774
775 if (server_version < min_version || server_version > max_version) { 775 if (server_version < min_version || server_version > max_version) {
776 SSLerror(SSL_R_WRONG_SSL_VERSION); 776 SSLerror(s, SSL_R_WRONG_SSL_VERSION);
777 s->version = (s->version & 0xff00) | (server_version & 0xff); 777 s->version = (s->version & 0xff00) | (server_version & 0xff);
778 al = SSL_AD_PROTOCOL_VERSION; 778 al = SSL_AD_PROTOCOL_VERSION;
779 goto f_err; 779 goto f_err;
@@ -783,7 +783,7 @@ ssl3_get_server_hello(SSL *s)
783 if ((method = tls1_get_client_method(server_version)) == NULL) 783 if ((method = tls1_get_client_method(server_version)) == NULL)
784 method = dtls1_get_client_method(server_version); 784 method = dtls1_get_client_method(server_version);
785 if (method == NULL) { 785 if (method == NULL) {
786 SSLerror(ERR_R_INTERNAL_ERROR); 786 SSLerror(s, ERR_R_INTERNAL_ERROR);
787 goto err; 787 goto err;
788 } 788 }
789 s->method = method; 789 s->method = method;
@@ -802,7 +802,7 @@ ssl3_get_server_hello(SSL *s)
802 if ((CBS_len(&session_id) > sizeof(s->session->session_id)) || 802 if ((CBS_len(&session_id) > sizeof(s->session->session_id)) ||
803 (CBS_len(&session_id) > SSL3_SESSION_ID_SIZE)) { 803 (CBS_len(&session_id) > SSL3_SESSION_ID_SIZE)) {
804 al = SSL_AD_ILLEGAL_PARAMETER; 804 al = SSL_AD_ILLEGAL_PARAMETER;
805 SSLerror(SSL_R_SSL3_SESSION_ID_TOO_LONG); 805 SSLerror(s, SSL_R_SSL3_SESSION_ID_TOO_LONG);
806 goto f_err; 806 goto f_err;
807 } 807 }
808 808
@@ -834,7 +834,7 @@ ssl3_get_server_hello(SSL *s)
834 s->sid_ctx, s->sid_ctx_length) != 0) { 834 s->sid_ctx, s->sid_ctx_length) != 0) {
835 /* actually a client application bug */ 835 /* actually a client application bug */
836 al = SSL_AD_ILLEGAL_PARAMETER; 836 al = SSL_AD_ILLEGAL_PARAMETER;
837 SSLerror(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); 837 SSLerror(s, SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
838 goto f_err; 838 goto f_err;
839 } 839 }
840 s->s3->flags |= SSL3_FLAGS_CCS_OK; 840 s->s3->flags |= SSL3_FLAGS_CCS_OK;
@@ -866,7 +866,7 @@ ssl3_get_server_hello(SSL *s)
866 866
867 if ((cipher = ssl3_get_cipher_by_value(cipher_suite)) == NULL) { 867 if ((cipher = ssl3_get_cipher_by_value(cipher_suite)) == NULL) {
868 al = SSL_AD_ILLEGAL_PARAMETER; 868 al = SSL_AD_ILLEGAL_PARAMETER;
869 SSLerror(SSL_R_UNKNOWN_CIPHER_RETURNED); 869 SSLerror(s, SSL_R_UNKNOWN_CIPHER_RETURNED);
870 goto f_err; 870 goto f_err;
871 } 871 }
872 872
@@ -874,7 +874,7 @@ ssl3_get_server_hello(SSL *s)
874 if ((cipher->algorithm_ssl & SSL_TLSV1_2) && 874 if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
875 (TLS1_get_version(s) < TLS1_2_VERSION)) { 875 (TLS1_get_version(s) < TLS1_2_VERSION)) {
876 al = SSL_AD_ILLEGAL_PARAMETER; 876 al = SSL_AD_ILLEGAL_PARAMETER;
877 SSLerror(SSL_R_WRONG_CIPHER_RETURNED); 877 SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
878 goto f_err; 878 goto f_err;
879 } 879 }
880 880
@@ -883,7 +883,7 @@ ssl3_get_server_hello(SSL *s)
883 if (i < 0) { 883 if (i < 0) {
884 /* we did not say we would use this cipher */ 884 /* we did not say we would use this cipher */
885 al = SSL_AD_ILLEGAL_PARAMETER; 885 al = SSL_AD_ILLEGAL_PARAMETER;
886 SSLerror(SSL_R_WRONG_CIPHER_RETURNED); 886 SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
887 goto f_err; 887 goto f_err;
888 } 888 }
889 889
@@ -896,7 +896,7 @@ ssl3_get_server_hello(SSL *s)
896 s->session->cipher_id = s->session->cipher->id; 896 s->session->cipher_id = s->session->cipher->id;
897 if (s->internal->hit && (s->session->cipher_id != cipher->id)) { 897 if (s->internal->hit && (s->session->cipher_id != cipher->id)) {
898 al = SSL_AD_ILLEGAL_PARAMETER; 898 al = SSL_AD_ILLEGAL_PARAMETER;
899 SSLerror(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); 899 SSLerror(s, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
900 goto f_err; 900 goto f_err;
901 } 901 }
902 S3I(s)->tmp.new_cipher = cipher; 902 S3I(s)->tmp.new_cipher = cipher;
@@ -917,7 +917,7 @@ ssl3_get_server_hello(SSL *s)
917 917
918 if (compression_method != 0) { 918 if (compression_method != 0) {
919 al = SSL_AD_ILLEGAL_PARAMETER; 919 al = SSL_AD_ILLEGAL_PARAMETER;
920 SSLerror(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); 920 SSLerror(s, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
921 goto f_err; 921 goto f_err;
922 } 922 }
923 923
@@ -925,11 +925,11 @@ ssl3_get_server_hello(SSL *s)
925 p = (unsigned char *)CBS_data(&cbs); 925 p = (unsigned char *)CBS_data(&cbs);
926 if (!ssl_parse_serverhello_tlsext(s, &p, CBS_len(&cbs), &al)) { 926 if (!ssl_parse_serverhello_tlsext(s, &p, CBS_len(&cbs), &al)) {
927 /* 'al' set by ssl_parse_serverhello_tlsext */ 927 /* 'al' set by ssl_parse_serverhello_tlsext */
928 SSLerror(SSL_R_PARSE_TLSEXT); 928 SSLerror(s, SSL_R_PARSE_TLSEXT);
929 goto f_err; 929 goto f_err;
930 } 930 }
931 if (ssl_check_serverhello_tlsext(s) <= 0) { 931 if (ssl_check_serverhello_tlsext(s) <= 0) {
932 SSLerror(SSL_R_SERVERHELLO_TLSEXT); 932 SSLerror(s, SSL_R_SERVERHELLO_TLSEXT);
933 goto err; 933 goto err;
934 } 934 }
935 935
@@ -942,7 +942,7 @@ ssl3_get_server_hello(SSL *s)
942truncated: 942truncated:
943 /* wrong packet length */ 943 /* wrong packet length */
944 al = SSL_AD_DECODE_ERROR; 944 al = SSL_AD_DECODE_ERROR;
945 SSLerror(SSL_R_BAD_PACKET_LENGTH); 945 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
946f_err: 946f_err:
947 ssl3_send_alert(s, SSL3_AL_FATAL, al); 947 ssl3_send_alert(s, SSL3_AL_FATAL, al);
948err: 948err:
@@ -974,13 +974,13 @@ ssl3_get_server_certificate(SSL *s)
974 974
975 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { 975 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) {
976 al = SSL_AD_UNEXPECTED_MESSAGE; 976 al = SSL_AD_UNEXPECTED_MESSAGE;
977 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 977 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
978 goto f_err; 978 goto f_err;
979 } 979 }
980 980
981 981
982 if ((sk = sk_X509_new_null()) == NULL) { 982 if ((sk = sk_X509_new_null()) == NULL) {
983 SSLerror(ERR_R_MALLOC_FAILURE); 983 SSLerror(s, ERR_R_MALLOC_FAILURE);
984 goto err; 984 goto err;
985 } 985 }
986 986
@@ -994,7 +994,7 @@ ssl3_get_server_certificate(SSL *s)
994 if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) || 994 if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) ||
995 CBS_len(&cbs) != 0) { 995 CBS_len(&cbs) != 0) {
996 al = SSL_AD_DECODE_ERROR; 996 al = SSL_AD_DECODE_ERROR;
997 SSLerror(SSL_R_LENGTH_MISMATCH); 997 SSLerror(s, SSL_R_LENGTH_MISMATCH);
998 goto f_err; 998 goto f_err;
999 } 999 }
1000 1000
@@ -1005,7 +1005,7 @@ ssl3_get_server_certificate(SSL *s)
1005 goto truncated; 1005 goto truncated;
1006 if (!CBS_get_u24_length_prefixed(&cert_list, &cert)) { 1006 if (!CBS_get_u24_length_prefixed(&cert_list, &cert)) {
1007 al = SSL_AD_DECODE_ERROR; 1007 al = SSL_AD_DECODE_ERROR;
1008 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 1008 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
1009 goto f_err; 1009 goto f_err;
1010 } 1010 }
1011 1011
@@ -1013,16 +1013,16 @@ ssl3_get_server_certificate(SSL *s)
1013 x = d2i_X509(NULL, &q, CBS_len(&cert)); 1013 x = d2i_X509(NULL, &q, CBS_len(&cert));
1014 if (x == NULL) { 1014 if (x == NULL) {
1015 al = SSL_AD_BAD_CERTIFICATE; 1015 al = SSL_AD_BAD_CERTIFICATE;
1016 SSLerror(ERR_R_ASN1_LIB); 1016 SSLerror(s, ERR_R_ASN1_LIB);
1017 goto f_err; 1017 goto f_err;
1018 } 1018 }
1019 if (q != CBS_data(&cert) + CBS_len(&cert)) { 1019 if (q != CBS_data(&cert) + CBS_len(&cert)) {
1020 al = SSL_AD_DECODE_ERROR; 1020 al = SSL_AD_DECODE_ERROR;
1021 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 1021 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
1022 goto f_err; 1022 goto f_err;
1023 } 1023 }
1024 if (!sk_X509_push(sk, x)) { 1024 if (!sk_X509_push(sk, x)) {
1025 SSLerror(ERR_R_MALLOC_FAILURE); 1025 SSLerror(s, ERR_R_MALLOC_FAILURE);
1026 goto err; 1026 goto err;
1027 } 1027 }
1028 x = NULL; 1028 x = NULL;
@@ -1031,7 +1031,7 @@ ssl3_get_server_certificate(SSL *s)
1031 i = ssl_verify_cert_chain(s, sk); 1031 i = ssl_verify_cert_chain(s, sk);
1032 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) { 1032 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1033 al = ssl_verify_alarm_type(s->verify_result); 1033 al = ssl_verify_alarm_type(s->verify_result);
1034 SSLerror(SSL_R_CERTIFICATE_VERIFY_FAILED); 1034 SSLerror(s, SSL_R_CERTIFICATE_VERIFY_FAILED);
1035 goto f_err; 1035 goto f_err;
1036 1036
1037 } 1037 }
@@ -1057,7 +1057,7 @@ ssl3_get_server_certificate(SSL *s)
1057 if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) { 1057 if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) {
1058 x = NULL; 1058 x = NULL;
1059 al = SSL3_AL_FATAL; 1059 al = SSL3_AL_FATAL;
1060 SSLerror(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); 1060 SSLerror(s, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
1061 goto f_err; 1061 goto f_err;
1062 } 1062 }
1063 1063
@@ -1065,7 +1065,7 @@ ssl3_get_server_certificate(SSL *s)
1065 if (i < 0) { 1065 if (i < 0) {
1066 x = NULL; 1066 x = NULL;
1067 al = SSL3_AL_FATAL; 1067 al = SSL3_AL_FATAL;
1068 SSLerror(SSL_R_UNKNOWN_CERTIFICATE_TYPE); 1068 SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
1069 goto f_err; 1069 goto f_err;
1070 } 1070 }
1071 1071
@@ -1091,7 +1091,7 @@ ssl3_get_server_certificate(SSL *s)
1091truncated: 1091truncated:
1092 /* wrong packet length */ 1092 /* wrong packet length */
1093 al = SSL_AD_DECODE_ERROR; 1093 al = SSL_AD_DECODE_ERROR;
1094 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1094 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1095f_err: 1095f_err:
1096 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1096 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1097 } 1097 }
@@ -1122,21 +1122,21 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1122 CBS_init(&cbs, *pp, *nn); 1122 CBS_init(&cbs, *pp, *nn);
1123 1123
1124 if ((dh = DH_new()) == NULL) { 1124 if ((dh = DH_new()) == NULL) {
1125 SSLerror(ERR_R_DH_LIB); 1125 SSLerror(s, ERR_R_DH_LIB);
1126 goto err; 1126 goto err;
1127 } 1127 }
1128 1128
1129 if (!CBS_get_u16_length_prefixed(&cbs, &dhp)) 1129 if (!CBS_get_u16_length_prefixed(&cbs, &dhp))
1130 goto truncated; 1130 goto truncated;
1131 if ((dh->p = BN_bin2bn(CBS_data(&dhp), CBS_len(&dhp), NULL)) == NULL) { 1131 if ((dh->p = BN_bin2bn(CBS_data(&dhp), CBS_len(&dhp), NULL)) == NULL) {
1132 SSLerror(ERR_R_BN_LIB); 1132 SSLerror(s, ERR_R_BN_LIB);
1133 goto err; 1133 goto err;
1134 } 1134 }
1135 1135
1136 if (!CBS_get_u16_length_prefixed(&cbs, &dhg)) 1136 if (!CBS_get_u16_length_prefixed(&cbs, &dhg))
1137 goto truncated; 1137 goto truncated;
1138 if ((dh->g = BN_bin2bn(CBS_data(&dhg), CBS_len(&dhg), NULL)) == NULL) { 1138 if ((dh->g = BN_bin2bn(CBS_data(&dhg), CBS_len(&dhg), NULL)) == NULL) {
1139 SSLerror(ERR_R_BN_LIB); 1139 SSLerror(s, ERR_R_BN_LIB);
1140 goto err; 1140 goto err;
1141 } 1141 }
1142 1142
@@ -1144,7 +1144,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1144 goto truncated; 1144 goto truncated;
1145 if ((dh->pub_key = BN_bin2bn(CBS_data(&dhpk), CBS_len(&dhpk), 1145 if ((dh->pub_key = BN_bin2bn(CBS_data(&dhpk), CBS_len(&dhpk),
1146 NULL)) == NULL) { 1146 NULL)) == NULL) {
1147 SSLerror(ERR_R_BN_LIB); 1147 SSLerror(s, ERR_R_BN_LIB);
1148 goto err; 1148 goto err;
1149 } 1149 }
1150 1150
@@ -1153,7 +1153,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1153 * Discard keys weaker than 1024 bits. 1153 * Discard keys weaker than 1024 bits.
1154 */ 1154 */
1155 if (DH_size(dh) < 1024 / 8) { 1155 if (DH_size(dh) < 1024 / 8) {
1156 SSLerror(SSL_R_BAD_DH_P_LENGTH); 1156 SSLerror(s, SSL_R_BAD_DH_P_LENGTH);
1157 goto err; 1157 goto err;
1158 } 1158 }
1159 1159
@@ -1174,7 +1174,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1174 1174
1175 truncated: 1175 truncated:
1176 al = SSL_AD_DECODE_ERROR; 1176 al = SSL_AD_DECODE_ERROR;
1177 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1177 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1178 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1178 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1179 1179
1180 err: 1180 err:
@@ -1199,16 +1199,16 @@ ssl3_get_server_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1199 */ 1199 */
1200 1200
1201 if ((ecdh = EC_KEY_new()) == NULL) { 1201 if ((ecdh = EC_KEY_new()) == NULL) {
1202 SSLerror(ERR_R_MALLOC_FAILURE); 1202 SSLerror(s, ERR_R_MALLOC_FAILURE);
1203 goto err; 1203 goto err;
1204 } 1204 }
1205 1205
1206 if ((ngroup = EC_GROUP_new_by_curve_name(nid)) == NULL) { 1206 if ((ngroup = EC_GROUP_new_by_curve_name(nid)) == NULL) {
1207 SSLerror(ERR_R_EC_LIB); 1207 SSLerror(s, ERR_R_EC_LIB);
1208 goto err; 1208 goto err;
1209 } 1209 }
1210 if (EC_KEY_set_group(ecdh, ngroup) == 0) { 1210 if (EC_KEY_set_group(ecdh, ngroup) == 0) {
1211 SSLerror(ERR_R_EC_LIB); 1211 SSLerror(s, ERR_R_EC_LIB);
1212 goto err; 1212 goto err;
1213 } 1213 }
1214 1214
@@ -1216,13 +1216,13 @@ ssl3_get_server_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1216 1216
1217 if ((point = EC_POINT_new(group)) == NULL || 1217 if ((point = EC_POINT_new(group)) == NULL ||
1218 (bn_ctx = BN_CTX_new()) == NULL) { 1218 (bn_ctx = BN_CTX_new()) == NULL) {
1219 SSLerror(ERR_R_MALLOC_FAILURE); 1219 SSLerror(s, ERR_R_MALLOC_FAILURE);
1220 goto err; 1220 goto err;
1221 } 1221 }
1222 1222
1223 if (EC_POINT_oct2point(group, point, CBS_data(public), 1223 if (EC_POINT_oct2point(group, point, CBS_data(public),
1224 CBS_len(public), bn_ctx) == 0) { 1224 CBS_len(public), bn_ctx) == 0) {
1225 SSLerror(SSL_R_BAD_ECPOINT); 1225 SSLerror(s, SSL_R_BAD_ECPOINT);
1226 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1226 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1227 goto err; 1227 goto err;
1228 } 1228 }
@@ -1248,18 +1248,18 @@ ssl3_get_server_kex_ecdhe_ecx(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1248 size_t outlen; 1248 size_t outlen;
1249 1249
1250 if (nid != NID_X25519) { 1250 if (nid != NID_X25519) {
1251 SSLerror(ERR_R_INTERNAL_ERROR); 1251 SSLerror(s, ERR_R_INTERNAL_ERROR);
1252 goto err; 1252 goto err;
1253 } 1253 }
1254 1254
1255 if (CBS_len(public) != X25519_KEY_LENGTH) { 1255 if (CBS_len(public) != X25519_KEY_LENGTH) {
1256 SSLerror(SSL_R_BAD_ECPOINT); 1256 SSLerror(s, SSL_R_BAD_ECPOINT);
1257 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1257 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1258 goto err; 1258 goto err;
1259 } 1259 }
1260 1260
1261 if (!CBS_stow(public, &sc->peer_x25519_tmp, &outlen)) { 1261 if (!CBS_stow(public, &sc->peer_x25519_tmp, &outlen)) {
1262 SSLerror(ERR_R_MALLOC_FAILURE); 1262 SSLerror(s, ERR_R_MALLOC_FAILURE);
1263 goto err; 1263 goto err;
1264 } 1264 }
1265 1265
@@ -1293,7 +1293,7 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1293 curve_type != NAMED_CURVE_TYPE || 1293 curve_type != NAMED_CURVE_TYPE ||
1294 !CBS_get_u16(&cbs, &curve_id)) { 1294 !CBS_get_u16(&cbs, &curve_id)) {
1295 al = SSL_AD_DECODE_ERROR; 1295 al = SSL_AD_DECODE_ERROR;
1296 SSLerror(SSL_R_LENGTH_TOO_SHORT); 1296 SSLerror(s, SSL_R_LENGTH_TOO_SHORT);
1297 goto f_err; 1297 goto f_err;
1298 } 1298 }
1299 1299
@@ -1303,13 +1303,13 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1303 */ 1303 */
1304 if (tls1_check_curve(s, curve_id) != 1) { 1304 if (tls1_check_curve(s, curve_id) != 1) {
1305 al = SSL_AD_DECODE_ERROR; 1305 al = SSL_AD_DECODE_ERROR;
1306 SSLerror(SSL_R_WRONG_CURVE); 1306 SSLerror(s, SSL_R_WRONG_CURVE);
1307 goto f_err; 1307 goto f_err;
1308 } 1308 }
1309 1309
1310 if ((nid = tls1_ec_curve_id2nid(curve_id)) == 0) { 1310 if ((nid = tls1_ec_curve_id2nid(curve_id)) == 0) {
1311 al = SSL_AD_INTERNAL_ERROR; 1311 al = SSL_AD_INTERNAL_ERROR;
1312 SSLerror(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); 1312 SSLerror(s, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
1313 goto f_err; 1313 goto f_err;
1314 } 1314 }
1315 1315
@@ -1344,7 +1344,7 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1344 1344
1345 truncated: 1345 truncated:
1346 al = SSL_AD_DECODE_ERROR; 1346 al = SSL_AD_DECODE_ERROR;
1347 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1347 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1348 1348
1349 f_err: 1349 f_err:
1350 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1350 ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1385,7 +1385,7 @@ ssl3_get_server_key_exchange(SSL *s)
1385 * ephemeral keys. 1385 * ephemeral keys.
1386 */ 1386 */
1387 if (alg_k & (SSL_kDHE|SSL_kECDHE)) { 1387 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
1388 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 1388 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
1389 al = SSL_AD_UNEXPECTED_MESSAGE; 1389 al = SSL_AD_UNEXPECTED_MESSAGE;
1390 goto f_err; 1390 goto f_err;
1391 } 1391 }
@@ -1421,7 +1421,7 @@ ssl3_get_server_key_exchange(SSL *s)
1421 goto err; 1421 goto err;
1422 } else if (alg_k != 0) { 1422 } else if (alg_k != 0) {
1423 al = SSL_AD_UNEXPECTED_MESSAGE; 1423 al = SSL_AD_UNEXPECTED_MESSAGE;
1424 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 1424 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
1425 goto f_err; 1425 goto f_err;
1426 } 1426 }
1427 1427
@@ -1433,7 +1433,7 @@ ssl3_get_server_key_exchange(SSL *s)
1433 int sigalg = tls12_get_sigid(pkey); 1433 int sigalg = tls12_get_sigid(pkey);
1434 /* Should never happen */ 1434 /* Should never happen */
1435 if (sigalg == -1) { 1435 if (sigalg == -1) {
1436 SSLerror(ERR_R_INTERNAL_ERROR); 1436 SSLerror(s, ERR_R_INTERNAL_ERROR);
1437 goto err; 1437 goto err;
1438 } 1438 }
1439 /* 1439 /*
@@ -1443,13 +1443,13 @@ ssl3_get_server_key_exchange(SSL *s)
1443 if (2 > n) 1443 if (2 > n)
1444 goto truncated; 1444 goto truncated;
1445 if (sigalg != (int)p[1]) { 1445 if (sigalg != (int)p[1]) {
1446 SSLerror(SSL_R_WRONG_SIGNATURE_TYPE); 1446 SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
1447 al = SSL_AD_DECODE_ERROR; 1447 al = SSL_AD_DECODE_ERROR;
1448 goto f_err; 1448 goto f_err;
1449 } 1449 }
1450 md = tls12_get_hash(p[0]); 1450 md = tls12_get_hash(p[0]);
1451 if (md == NULL) { 1451 if (md == NULL) {
1452 SSLerror(SSL_R_UNKNOWN_DIGEST); 1452 SSLerror(s, SSL_R_UNKNOWN_DIGEST);
1453 al = SSL_AD_DECODE_ERROR; 1453 al = SSL_AD_DECODE_ERROR;
1454 goto f_err; 1454 goto f_err;
1455 } 1455 }
@@ -1467,7 +1467,7 @@ ssl3_get_server_key_exchange(SSL *s)
1467 if (i != n || n > j) { 1467 if (i != n || n > j) {
1468 /* wrong packet length */ 1468 /* wrong packet length */
1469 al = SSL_AD_DECODE_ERROR; 1469 al = SSL_AD_DECODE_ERROR;
1470 SSLerror(SSL_R_WRONG_SIGNATURE_LENGTH); 1470 SSLerror(s, SSL_R_WRONG_SIGNATURE_LENGTH);
1471 goto f_err; 1471 goto f_err;
1472 } 1472 }
1473 1473
@@ -1499,13 +1499,13 @@ ssl3_get_server_key_exchange(SSL *s)
1499 p, n, pkey->pkey.rsa); 1499 p, n, pkey->pkey.rsa);
1500 if (i < 0) { 1500 if (i < 0) {
1501 al = SSL_AD_DECRYPT_ERROR; 1501 al = SSL_AD_DECRYPT_ERROR;
1502 SSLerror(SSL_R_BAD_RSA_DECRYPT); 1502 SSLerror(s, SSL_R_BAD_RSA_DECRYPT);
1503 goto f_err; 1503 goto f_err;
1504 } 1504 }
1505 if (i == 0) { 1505 if (i == 0) {
1506 /* bad signature */ 1506 /* bad signature */
1507 al = SSL_AD_DECRYPT_ERROR; 1507 al = SSL_AD_DECRYPT_ERROR;
1508 SSLerror(SSL_R_BAD_SIGNATURE); 1508 SSLerror(s, SSL_R_BAD_SIGNATURE);
1509 goto f_err; 1509 goto f_err;
1510 } 1510 }
1511 } else { 1511 } else {
@@ -1518,20 +1518,20 @@ ssl3_get_server_key_exchange(SSL *s)
1518 if (EVP_VerifyFinal(&md_ctx, p,(int)n, pkey) <= 0) { 1518 if (EVP_VerifyFinal(&md_ctx, p,(int)n, pkey) <= 0) {
1519 /* bad signature */ 1519 /* bad signature */
1520 al = SSL_AD_DECRYPT_ERROR; 1520 al = SSL_AD_DECRYPT_ERROR;
1521 SSLerror(SSL_R_BAD_SIGNATURE); 1521 SSLerror(s, SSL_R_BAD_SIGNATURE);
1522 goto f_err; 1522 goto f_err;
1523 } 1523 }
1524 } 1524 }
1525 } else { 1525 } else {
1526 /* aNULL does not need public keys. */ 1526 /* aNULL does not need public keys. */
1527 if (!(alg_a & SSL_aNULL)) { 1527 if (!(alg_a & SSL_aNULL)) {
1528 SSLerror(ERR_R_INTERNAL_ERROR); 1528 SSLerror(s, ERR_R_INTERNAL_ERROR);
1529 goto err; 1529 goto err;
1530 } 1530 }
1531 /* still data left over */ 1531 /* still data left over */
1532 if (n != 0) { 1532 if (n != 0) {
1533 al = SSL_AD_DECODE_ERROR; 1533 al = SSL_AD_DECODE_ERROR;
1534 SSLerror(SSL_R_EXTRA_DATA_IN_MESSAGE); 1534 SSLerror(s, SSL_R_EXTRA_DATA_IN_MESSAGE);
1535 goto f_err; 1535 goto f_err;
1536 } 1536 }
1537 } 1537 }
@@ -1544,7 +1544,7 @@ ssl3_get_server_key_exchange(SSL *s)
1544 truncated: 1544 truncated:
1545 /* wrong packet length */ 1545 /* wrong packet length */
1546 al = SSL_AD_DECODE_ERROR; 1546 al = SSL_AD_DECODE_ERROR;
1547 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1547 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1548 1548
1549 f_err: 1549 f_err:
1550 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1550 ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1591,14 +1591,14 @@ ssl3_get_certificate_request(SSL *s)
1591 1591
1592 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) { 1592 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
1593 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); 1593 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1594 SSLerror(SSL_R_WRONG_MESSAGE_TYPE); 1594 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE);
1595 goto err; 1595 goto err;
1596 } 1596 }
1597 1597
1598 /* TLS does not like anon-DH with client cert */ 1598 /* TLS does not like anon-DH with client cert */
1599 if (S3I(s)->tmp.new_cipher->algorithm_auth & SSL_aNULL) { 1599 if (S3I(s)->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
1600 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); 1600 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1601 SSLerror(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); 1601 SSLerror(s, SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
1602 goto err; 1602 goto err;
1603 } 1603 }
1604 1604
@@ -1607,7 +1607,7 @@ ssl3_get_certificate_request(SSL *s)
1607 CBS_init(&cert_request, s->internal->init_msg, n); 1607 CBS_init(&cert_request, s->internal->init_msg, n);
1608 1608
1609 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) { 1609 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
1610 SSLerror(ERR_R_MALLOC_FAILURE); 1610 SSLerror(s, ERR_R_MALLOC_FAILURE);
1611 goto err; 1611 goto err;
1612 } 1612 }
1613 1613
@@ -1620,7 +1620,7 @@ ssl3_get_certificate_request(SSL *s)
1620 if (!CBS_get_bytes(&cert_request, &ctypes, ctype_num) || 1620 if (!CBS_get_bytes(&cert_request, &ctypes, ctype_num) ||
1621 !CBS_write_bytes(&ctypes, (uint8_t *)S3I(s)->tmp.ctype, 1621 !CBS_write_bytes(&ctypes, (uint8_t *)S3I(s)->tmp.ctype,
1622 sizeof(S3I(s)->tmp.ctype), NULL)) { 1622 sizeof(S3I(s)->tmp.ctype), NULL)) {
1623 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1623 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1624 goto err; 1624 goto err;
1625 } 1625 }
1626 1626
@@ -1628,7 +1628,7 @@ ssl3_get_certificate_request(SSL *s)
1628 CBS sigalgs; 1628 CBS sigalgs;
1629 1629
1630 if (CBS_len(&cert_request) < 2) { 1630 if (CBS_len(&cert_request) < 2) {
1631 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1631 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1632 goto err; 1632 goto err;
1633 } 1633 }
1634 1634
@@ -1637,28 +1637,28 @@ ssl3_get_certificate_request(SSL *s)
1637 */ 1637 */
1638 if (!CBS_get_u16_length_prefixed(&cert_request, &sigalgs)) { 1638 if (!CBS_get_u16_length_prefixed(&cert_request, &sigalgs)) {
1639 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1639 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1640 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1640 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1641 goto err; 1641 goto err;
1642 } 1642 }
1643 if ((CBS_len(&sigalgs) & 1) || 1643 if ((CBS_len(&sigalgs) & 1) ||
1644 !tls1_process_sigalgs(s, CBS_data(&sigalgs), 1644 !tls1_process_sigalgs(s, CBS_data(&sigalgs),
1645 CBS_len(&sigalgs))) { 1645 CBS_len(&sigalgs))) {
1646 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1646 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1647 SSLerror(SSL_R_SIGNATURE_ALGORITHMS_ERROR); 1647 SSLerror(s, SSL_R_SIGNATURE_ALGORITHMS_ERROR);
1648 goto err; 1648 goto err;
1649 } 1649 }
1650 } 1650 }
1651 1651
1652 /* get the CA RDNs */ 1652 /* get the CA RDNs */
1653 if (CBS_len(&cert_request) < 2) { 1653 if (CBS_len(&cert_request) < 2) {
1654 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1654 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1655 goto err; 1655 goto err;
1656 } 1656 }
1657 1657
1658 if (!CBS_get_u16_length_prefixed(&cert_request, &rdn_list) || 1658 if (!CBS_get_u16_length_prefixed(&cert_request, &rdn_list) ||
1659 CBS_len(&cert_request) != 0) { 1659 CBS_len(&cert_request) != 0) {
1660 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1660 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1661 SSLerror(SSL_R_LENGTH_MISMATCH); 1661 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1662 goto err; 1662 goto err;
1663 } 1663 }
1664 1664
@@ -1666,13 +1666,13 @@ ssl3_get_certificate_request(SSL *s)
1666 CBS rdn; 1666 CBS rdn;
1667 1667
1668 if (CBS_len(&rdn_list) < 2) { 1668 if (CBS_len(&rdn_list) < 2) {
1669 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1669 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1670 goto err; 1670 goto err;
1671 } 1671 }
1672 1672
1673 if (!CBS_get_u16_length_prefixed(&rdn_list, &rdn)) { 1673 if (!CBS_get_u16_length_prefixed(&rdn_list, &rdn)) {
1674 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1674 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1675 SSLerror(SSL_R_CA_DN_TOO_LONG); 1675 SSLerror(s, SSL_R_CA_DN_TOO_LONG);
1676 goto err; 1676 goto err;
1677 } 1677 }
1678 1678
@@ -1680,17 +1680,17 @@ ssl3_get_certificate_request(SSL *s)
1680 if ((xn = d2i_X509_NAME(NULL, &q, CBS_len(&rdn))) == NULL) { 1680 if ((xn = d2i_X509_NAME(NULL, &q, CBS_len(&rdn))) == NULL) {
1681 ssl3_send_alert(s, SSL3_AL_FATAL, 1681 ssl3_send_alert(s, SSL3_AL_FATAL,
1682 SSL_AD_DECODE_ERROR); 1682 SSL_AD_DECODE_ERROR);
1683 SSLerror(ERR_R_ASN1_LIB); 1683 SSLerror(s, ERR_R_ASN1_LIB);
1684 goto err; 1684 goto err;
1685 } 1685 }
1686 1686
1687 if (q != CBS_data(&rdn) + CBS_len(&rdn)) { 1687 if (q != CBS_data(&rdn) + CBS_len(&rdn)) {
1688 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1688 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1689 SSLerror(SSL_R_CA_DN_LENGTH_MISMATCH); 1689 SSLerror(s, SSL_R_CA_DN_LENGTH_MISMATCH);
1690 goto err; 1690 goto err;
1691 } 1691 }
1692 if (!sk_X509_NAME_push(ca_sk, xn)) { 1692 if (!sk_X509_NAME_push(ca_sk, xn)) {
1693 SSLerror(ERR_R_MALLOC_FAILURE); 1693 SSLerror(s, ERR_R_MALLOC_FAILURE);
1694 goto err; 1694 goto err;
1695 } 1695 }
1696 xn = NULL; /* avoid free in err block */ 1696 xn = NULL; /* avoid free in err block */
@@ -1706,7 +1706,7 @@ ssl3_get_certificate_request(SSL *s)
1706 ret = 1; 1706 ret = 1;
1707 if (0) { 1707 if (0) {
1708truncated: 1708truncated:
1709 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1709 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1710 } 1710 }
1711err: 1711err:
1712 X509_NAME_free(xn); 1712 X509_NAME_free(xn);
@@ -1739,13 +1739,13 @@ ssl3_get_new_session_ticket(SSL *s)
1739 } 1739 }
1740 if (S3I(s)->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) { 1740 if (S3I(s)->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) {
1741 al = SSL_AD_UNEXPECTED_MESSAGE; 1741 al = SSL_AD_UNEXPECTED_MESSAGE;
1742 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 1742 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
1743 goto f_err; 1743 goto f_err;
1744 } 1744 }
1745 1745
1746 if (n < 0) { 1746 if (n < 0) {
1747 al = SSL_AD_DECODE_ERROR; 1747 al = SSL_AD_DECODE_ERROR;
1748 SSLerror(SSL_R_LENGTH_MISMATCH); 1748 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1749 goto f_err; 1749 goto f_err;
1750 } 1750 }
1751 1751
@@ -1757,14 +1757,14 @@ ssl3_get_new_session_ticket(SSL *s)
1757 !CBS_get_u16_length_prefixed(&cbs, &session_ticket) || 1757 !CBS_get_u16_length_prefixed(&cbs, &session_ticket) ||
1758 CBS_len(&cbs) != 0) { 1758 CBS_len(&cbs) != 0) {
1759 al = SSL_AD_DECODE_ERROR; 1759 al = SSL_AD_DECODE_ERROR;
1760 SSLerror(SSL_R_LENGTH_MISMATCH); 1760 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1761 goto f_err; 1761 goto f_err;
1762 } 1762 }
1763 s->session->tlsext_tick_lifetime_hint = (long)lifetime_hint; 1763 s->session->tlsext_tick_lifetime_hint = (long)lifetime_hint;
1764 1764
1765 if (!CBS_stow(&session_ticket, &s->session->tlsext_tick, 1765 if (!CBS_stow(&session_ticket, &s->session->tlsext_tick,
1766 &s->session->tlsext_ticklen)) { 1766 &s->session->tlsext_ticklen)) {
1767 SSLerror(ERR_R_MALLOC_FAILURE); 1767 SSLerror(s, ERR_R_MALLOC_FAILURE);
1768 goto err; 1768 goto err;
1769 } 1769 }
1770 1770
@@ -1814,7 +1814,7 @@ ssl3_get_cert_status(SSL *s)
1814 if (n < 0) { 1814 if (n < 0) {
1815 /* need at least status type + length */ 1815 /* need at least status type + length */
1816 al = SSL_AD_DECODE_ERROR; 1816 al = SSL_AD_DECODE_ERROR;
1817 SSLerror(SSL_R_LENGTH_MISMATCH); 1817 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1818 goto f_err; 1818 goto f_err;
1819 } 1819 }
1820 1820
@@ -1823,20 +1823,20 @@ ssl3_get_cert_status(SSL *s)
1823 CBS_len(&cert_status) < 3) { 1823 CBS_len(&cert_status) < 3) {
1824 /* need at least status type + length */ 1824 /* need at least status type + length */
1825 al = SSL_AD_DECODE_ERROR; 1825 al = SSL_AD_DECODE_ERROR;
1826 SSLerror(SSL_R_LENGTH_MISMATCH); 1826 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1827 goto f_err; 1827 goto f_err;
1828 } 1828 }
1829 1829
1830 if (status_type != TLSEXT_STATUSTYPE_ocsp) { 1830 if (status_type != TLSEXT_STATUSTYPE_ocsp) {
1831 al = SSL_AD_DECODE_ERROR; 1831 al = SSL_AD_DECODE_ERROR;
1832 SSLerror(SSL_R_UNSUPPORTED_STATUS_TYPE); 1832 SSLerror(s, SSL_R_UNSUPPORTED_STATUS_TYPE);
1833 goto f_err; 1833 goto f_err;
1834 } 1834 }
1835 1835
1836 if (!CBS_get_u24_length_prefixed(&cert_status, &response) || 1836 if (!CBS_get_u24_length_prefixed(&cert_status, &response) ||
1837 CBS_len(&cert_status) != 0) { 1837 CBS_len(&cert_status) != 0) {
1838 al = SSL_AD_DECODE_ERROR; 1838 al = SSL_AD_DECODE_ERROR;
1839 SSLerror(SSL_R_LENGTH_MISMATCH); 1839 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1840 goto f_err; 1840 goto f_err;
1841 } 1841 }
1842 1842
@@ -1844,7 +1844,7 @@ ssl3_get_cert_status(SSL *s)
1844 &stow_len) || stow_len > INT_MAX) { 1844 &stow_len) || stow_len > INT_MAX) {
1845 s->internal->tlsext_ocsp_resplen = 0; 1845 s->internal->tlsext_ocsp_resplen = 0;
1846 al = SSL_AD_INTERNAL_ERROR; 1846 al = SSL_AD_INTERNAL_ERROR;
1847 SSLerror(ERR_R_MALLOC_FAILURE); 1847 SSLerror(s, ERR_R_MALLOC_FAILURE);
1848 goto f_err; 1848 goto f_err;
1849 } 1849 }
1850 s->internal->tlsext_ocsp_resplen = (int)stow_len; 1850 s->internal->tlsext_ocsp_resplen = (int)stow_len;
@@ -1855,12 +1855,12 @@ ssl3_get_cert_status(SSL *s)
1855 s->ctx->internal->tlsext_status_arg); 1855 s->ctx->internal->tlsext_status_arg);
1856 if (ret == 0) { 1856 if (ret == 0) {
1857 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; 1857 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
1858 SSLerror(SSL_R_INVALID_STATUS_RESPONSE); 1858 SSLerror(s, SSL_R_INVALID_STATUS_RESPONSE);
1859 goto f_err; 1859 goto f_err;
1860 } 1860 }
1861 if (ret < 0) { 1861 if (ret < 0) {
1862 al = SSL_AD_INTERNAL_ERROR; 1862 al = SSL_AD_INTERNAL_ERROR;
1863 SSLerror(ERR_R_MALLOC_FAILURE); 1863 SSLerror(s, ERR_R_MALLOC_FAILURE);
1864 goto f_err; 1864 goto f_err;
1865 } 1865 }
1866 } 1866 }
@@ -1885,7 +1885,7 @@ ssl3_get_server_done(SSL *s)
1885 if (n > 0) { 1885 if (n > 0) {
1886 /* should contain no data */ 1886 /* should contain no data */
1887 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1887 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1888 SSLerror(SSL_R_LENGTH_MISMATCH); 1888 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1889 return (-1); 1889 return (-1);
1890 } 1890 }
1891 ret = 1; 1891 ret = 1;
@@ -1909,7 +1909,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1909 pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); 1909 pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1910 if (pkey == NULL || pkey->type != EVP_PKEY_RSA || 1910 if (pkey == NULL || pkey->type != EVP_PKEY_RSA ||
1911 pkey->pkey.rsa == NULL) { 1911 pkey->pkey.rsa == NULL) {
1912 SSLerror(ERR_R_INTERNAL_ERROR); 1912 SSLerror(s, ERR_R_INTERNAL_ERROR);
1913 goto err; 1913 goto err;
1914 } 1914 }
1915 1915
@@ -1918,14 +1918,14 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1918 arc4random_buf(&pms[2], sizeof(pms) - 2); 1918 arc4random_buf(&pms[2], sizeof(pms) - 2);
1919 1919
1920 if ((enc_pms = malloc(RSA_size(pkey->pkey.rsa))) == NULL) { 1920 if ((enc_pms = malloc(RSA_size(pkey->pkey.rsa))) == NULL) {
1921 SSLerror(ERR_R_MALLOC_FAILURE); 1921 SSLerror(s, ERR_R_MALLOC_FAILURE);
1922 goto err; 1922 goto err;
1923 } 1923 }
1924 1924
1925 enc_len = RSA_public_encrypt(sizeof(pms), pms, enc_pms, pkey->pkey.rsa, 1925 enc_len = RSA_public_encrypt(sizeof(pms), pms, enc_pms, pkey->pkey.rsa,
1926 RSA_PKCS1_PADDING); 1926 RSA_PKCS1_PADDING);
1927 if (enc_len <= 0) { 1927 if (enc_len <= 0) {
1928 SSLerror(SSL_R_BAD_RSA_ENCRYPT); 1928 SSLerror(s, SSL_R_BAD_RSA_ENCRYPT);
1929 goto err; 1929 goto err;
1930 } 1930 }
1931 1931
@@ -1963,28 +1963,28 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1963 /* Ensure that we have an ephemeral key for DHE. */ 1963 /* Ensure that we have an ephemeral key for DHE. */
1964 if (sess_cert->peer_dh_tmp == NULL) { 1964 if (sess_cert->peer_dh_tmp == NULL) {
1965 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); 1965 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1966 SSLerror(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS); 1966 SSLerror(s, SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
1967 goto err; 1967 goto err;
1968 } 1968 }
1969 dh_srvr = sess_cert->peer_dh_tmp; 1969 dh_srvr = sess_cert->peer_dh_tmp;
1970 1970
1971 /* Generate a new random key. */ 1971 /* Generate a new random key. */
1972 if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) { 1972 if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
1973 SSLerror(ERR_R_DH_LIB); 1973 SSLerror(s, ERR_R_DH_LIB);
1974 goto err; 1974 goto err;
1975 } 1975 }
1976 if (!DH_generate_key(dh_clnt)) { 1976 if (!DH_generate_key(dh_clnt)) {
1977 SSLerror(ERR_R_DH_LIB); 1977 SSLerror(s, ERR_R_DH_LIB);
1978 goto err; 1978 goto err;
1979 } 1979 }
1980 key_size = DH_size(dh_clnt); 1980 key_size = DH_size(dh_clnt);
1981 if ((key = malloc(key_size)) == NULL) { 1981 if ((key = malloc(key_size)) == NULL) {
1982 SSLerror(ERR_R_MALLOC_FAILURE); 1982 SSLerror(s, ERR_R_MALLOC_FAILURE);
1983 goto err; 1983 goto err;
1984 } 1984 }
1985 key_len = DH_compute_key(key, dh_srvr->pub_key, dh_clnt); 1985 key_len = DH_compute_key(key, dh_srvr->pub_key, dh_clnt);
1986 if (key_len <= 0) { 1986 if (key_len <= 0) {
1987 SSLerror(ERR_R_DH_LIB); 1987 SSLerror(s, ERR_R_DH_LIB);
1988 goto err; 1988 goto err;
1989 } 1989 }
1990 1990
@@ -2028,35 +2028,35 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
2028 2028
2029 if ((group = EC_KEY_get0_group(sc->peer_ecdh_tmp)) == NULL || 2029 if ((group = EC_KEY_get0_group(sc->peer_ecdh_tmp)) == NULL ||
2030 (point = EC_KEY_get0_public_key(sc->peer_ecdh_tmp)) == NULL) { 2030 (point = EC_KEY_get0_public_key(sc->peer_ecdh_tmp)) == NULL) {
2031 SSLerror(ERR_R_INTERNAL_ERROR); 2031 SSLerror(s, ERR_R_INTERNAL_ERROR);
2032 goto err; 2032 goto err;
2033 } 2033 }
2034 2034
2035 if ((ecdh = EC_KEY_new()) == NULL) { 2035 if ((ecdh = EC_KEY_new()) == NULL) {
2036 SSLerror(ERR_R_MALLOC_FAILURE); 2036 SSLerror(s, ERR_R_MALLOC_FAILURE);
2037 goto err; 2037 goto err;
2038 } 2038 }
2039 2039
2040 if (!EC_KEY_set_group(ecdh, group)) { 2040 if (!EC_KEY_set_group(ecdh, group)) {
2041 SSLerror(ERR_R_EC_LIB); 2041 SSLerror(s, ERR_R_EC_LIB);
2042 goto err; 2042 goto err;
2043 } 2043 }
2044 2044
2045 /* Generate a new ECDH key pair. */ 2045 /* Generate a new ECDH key pair. */
2046 if (!(EC_KEY_generate_key(ecdh))) { 2046 if (!(EC_KEY_generate_key(ecdh))) {
2047 SSLerror(ERR_R_ECDH_LIB); 2047 SSLerror(s, ERR_R_ECDH_LIB);
2048 goto err; 2048 goto err;
2049 } 2049 }
2050 if ((key_size = ECDH_size(ecdh)) <= 0) { 2050 if ((key_size = ECDH_size(ecdh)) <= 0) {
2051 SSLerror(ERR_R_ECDH_LIB); 2051 SSLerror(s, ERR_R_ECDH_LIB);
2052 goto err; 2052 goto err;
2053 } 2053 }
2054 if ((key = malloc(key_size)) == NULL) { 2054 if ((key = malloc(key_size)) == NULL) {
2055 SSLerror(ERR_R_MALLOC_FAILURE); 2055 SSLerror(s, ERR_R_MALLOC_FAILURE);
2056 } 2056 }
2057 key_len = ECDH_compute_key(key, key_size, point, ecdh, NULL); 2057 key_len = ECDH_compute_key(key, key_size, point, ecdh, NULL);
2058 if (key_len <= 0) { 2058 if (key_len <= 0) {
2059 SSLerror(ERR_R_ECDH_LIB); 2059 SSLerror(s, ERR_R_ECDH_LIB);
2060 goto err; 2060 goto err;
2061 } 2061 }
2062 2062
@@ -2068,12 +2068,12 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
2068 encoded_len = EC_POINT_point2oct(group, EC_KEY_get0_public_key(ecdh), 2068 encoded_len = EC_POINT_point2oct(group, EC_KEY_get0_public_key(ecdh),
2069 POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); 2069 POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
2070 if (encoded_len == 0) { 2070 if (encoded_len == 0) {
2071 SSLerror(ERR_R_ECDH_LIB); 2071 SSLerror(s, ERR_R_ECDH_LIB);
2072 goto err; 2072 goto err;
2073 } 2073 }
2074 2074
2075 if ((bn_ctx = BN_CTX_new()) == NULL) { 2075 if ((bn_ctx = BN_CTX_new()) == NULL) {
2076 SSLerror(ERR_R_MALLOC_FAILURE); 2076 SSLerror(s, ERR_R_MALLOC_FAILURE);
2077 goto err; 2077 goto err;
2078 } 2078 }
2079 2079
@@ -2159,7 +2159,7 @@ ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb)
2159 goto err; 2159 goto err;
2160 } else { 2160 } else {
2161 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); 2161 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
2162 SSLerror(ERR_R_INTERNAL_ERROR); 2162 SSLerror(s, ERR_R_INTERNAL_ERROR);
2163 goto err; 2163 goto err;
2164 } 2164 }
2165 2165
@@ -2186,7 +2186,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2186 /* Get server sertificate PKEY and create ctx from it */ 2186 /* Get server sertificate PKEY and create ctx from it */
2187 peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509; 2187 peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509;
2188 if (peer_cert == NULL) { 2188 if (peer_cert == NULL) {
2189 SSLerror(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); 2189 SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
2190 goto err; 2190 goto err;
2191 } 2191 }
2192 2192
@@ -2222,7 +2222,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2222 */ 2222 */
2223 ukm_hash = EVP_MD_CTX_create(); 2223 ukm_hash = EVP_MD_CTX_create();
2224 if (ukm_hash == NULL) { 2224 if (ukm_hash == NULL) {
2225 SSLerror(ERR_R_MALLOC_FAILURE); 2225 SSLerror(s, ERR_R_MALLOC_FAILURE);
2226 goto err; 2226 goto err;
2227 } 2227 }
2228 2228
@@ -2238,7 +2238,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2238 EVP_MD_CTX_destroy(ukm_hash); 2238 EVP_MD_CTX_destroy(ukm_hash);
2239 if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, 2239 if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT,
2240 EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) { 2240 EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) {
2241 SSLerror(SSL_R_LIBRARY_BUG); 2241 SSLerror(s, SSL_R_LIBRARY_BUG);
2242 goto err; 2242 goto err;
2243 } 2243 }
2244 2244
@@ -2248,7 +2248,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2248 msglen = 255; 2248 msglen = 255;
2249 if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 2249 if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret,
2250 32) < 0) { 2250 32) < 0) {
2251 SSLerror(SSL_R_LIBRARY_BUG); 2251 SSLerror(s, SSL_R_LIBRARY_BUG);
2252 goto err; 2252 goto err;
2253 } 2253 }
2254 2254
@@ -2294,7 +2294,7 @@ ssl3_send_client_key_exchange(SSL *s)
2294 if ((sess_cert = SSI(s)->sess_cert) == NULL) { 2294 if ((sess_cert = SSI(s)->sess_cert) == NULL) {
2295 ssl3_send_alert(s, SSL3_AL_FATAL, 2295 ssl3_send_alert(s, SSL3_AL_FATAL,
2296 SSL_AD_UNEXPECTED_MESSAGE); 2296 SSL_AD_UNEXPECTED_MESSAGE);
2297 SSLerror(ERR_R_INTERNAL_ERROR); 2297 SSLerror(s, ERR_R_INTERNAL_ERROR);
2298 goto err; 2298 goto err;
2299 } 2299 }
2300 2300
@@ -2317,7 +2317,7 @@ ssl3_send_client_key_exchange(SSL *s)
2317 } else { 2317 } else {
2318 ssl3_send_alert(s, SSL3_AL_FATAL, 2318 ssl3_send_alert(s, SSL3_AL_FATAL,
2319 SSL_AD_HANDSHAKE_FAILURE); 2319 SSL_AD_HANDSHAKE_FAILURE);
2320 SSLerror(ERR_R_INTERNAL_ERROR); 2320 SSLerror(s, ERR_R_INTERNAL_ERROR);
2321 goto err; 2321 goto err;
2322 } 2322 }
2323 2323
@@ -2379,14 +2379,14 @@ ssl3_send_client_verify(SSL *s)
2379 &hdata); 2379 &hdata);
2380 if (hdatalen <= 0 || 2380 if (hdatalen <= 0 ||
2381 !tls12_get_sigandhash(p, pkey, md)) { 2381 !tls12_get_sigandhash(p, pkey, md)) {
2382 SSLerror(ERR_R_INTERNAL_ERROR); 2382 SSLerror(s, ERR_R_INTERNAL_ERROR);
2383 goto err; 2383 goto err;
2384 } 2384 }
2385 p += 2; 2385 p += 2;
2386 if (!EVP_SignInit_ex(&mctx, md, NULL) || 2386 if (!EVP_SignInit_ex(&mctx, md, NULL) ||
2387 !EVP_SignUpdate(&mctx, hdata, hdatalen) || 2387 !EVP_SignUpdate(&mctx, hdata, hdatalen) ||
2388 !EVP_SignFinal(&mctx, p + 2, &u, pkey)) { 2388 !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
2389 SSLerror(ERR_R_EVP_LIB); 2389 SSLerror(s, ERR_R_EVP_LIB);
2390 goto err; 2390 goto err;
2391 } 2391 }
2392 s2n(u, p); 2392 s2n(u, p);
@@ -2399,7 +2399,7 @@ ssl3_send_client_verify(SSL *s)
2399 if (RSA_sign(NID_md5_sha1, data, 2399 if (RSA_sign(NID_md5_sha1, data,
2400 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]), 2400 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]),
2401 &u, pkey->pkey.rsa) <= 0 ) { 2401 &u, pkey->pkey.rsa) <= 0 ) {
2402 SSLerror(ERR_R_RSA_LIB); 2402 SSLerror(s, ERR_R_RSA_LIB);
2403 goto err; 2403 goto err;
2404 } 2404 }
2405 s2n(u, p); 2405 s2n(u, p);
@@ -2409,7 +2409,7 @@ ssl3_send_client_verify(SSL *s)
2409 &(data[MD5_DIGEST_LENGTH]), 2409 &(data[MD5_DIGEST_LENGTH]),
2410 SHA_DIGEST_LENGTH, &(p[2]), 2410 SHA_DIGEST_LENGTH, &(p[2]),
2411 (unsigned int *)&j, pkey->pkey.dsa)) { 2411 (unsigned int *)&j, pkey->pkey.dsa)) {
2412 SSLerror(ERR_R_DSA_LIB); 2412 SSLerror(s, ERR_R_DSA_LIB);
2413 goto err; 2413 goto err;
2414 } 2414 }
2415 s2n(j, p); 2415 s2n(j, p);
@@ -2419,7 +2419,7 @@ ssl3_send_client_verify(SSL *s)
2419 &(data[MD5_DIGEST_LENGTH]), 2419 &(data[MD5_DIGEST_LENGTH]),
2420 SHA_DIGEST_LENGTH, &(p[2]), 2420 SHA_DIGEST_LENGTH, &(p[2]),
2421 (unsigned int *)&j, pkey->pkey.ec)) { 2421 (unsigned int *)&j, pkey->pkey.ec)) {
2422 SSLerror(ERR_R_ECDSA_LIB); 2422 SSLerror(s, ERR_R_ECDSA_LIB);
2423 goto err; 2423 goto err;
2424 } 2424 }
2425 s2n(j, p); 2425 s2n(j, p);
@@ -2436,12 +2436,12 @@ ssl3_send_client_verify(SSL *s)
2436 2436
2437 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2437 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2438 if (hdatalen <= 0) { 2438 if (hdatalen <= 0) {
2439 SSLerror(ERR_R_INTERNAL_ERROR); 2439 SSLerror(s, ERR_R_INTERNAL_ERROR);
2440 goto err; 2440 goto err;
2441 } 2441 }
2442 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || 2442 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) ||
2443 !(md = EVP_get_digestbynid(nid))) { 2443 !(md = EVP_get_digestbynid(nid))) {
2444 SSLerror(ERR_R_EVP_LIB); 2444 SSLerror(s, ERR_R_EVP_LIB);
2445 goto err; 2445 goto err;
2446 } 2446 }
2447 if (!EVP_DigestInit_ex(&mctx, md, NULL) || 2447 if (!EVP_DigestInit_ex(&mctx, md, NULL) ||
@@ -2454,7 +2454,7 @@ ssl3_send_client_verify(SSL *s)
2454 NULL) <= 0) || 2454 NULL) <= 0) ||
2455 (EVP_PKEY_sign(pctx, &(p[2]), &sigsize, 2455 (EVP_PKEY_sign(pctx, &(p[2]), &sigsize,
2456 signbuf, u) <= 0)) { 2456 signbuf, u) <= 0)) {
2457 SSLerror(ERR_R_EVP_LIB); 2457 SSLerror(s, ERR_R_EVP_LIB);
2458 goto err; 2458 goto err;
2459 } 2459 }
2460 if (!tls1_digest_cached_records(s)) 2460 if (!tls1_digest_cached_records(s))
@@ -2464,7 +2464,7 @@ ssl3_send_client_verify(SSL *s)
2464 n = j + 2; 2464 n = j + 2;
2465#endif 2465#endif
2466 } else { 2466 } else {
2467 SSLerror(ERR_R_INTERNAL_ERROR); 2467 SSLerror(s, ERR_R_INTERNAL_ERROR);
2468 goto err; 2468 goto err;
2469 } 2469 }
2470 2470
@@ -2522,7 +2522,7 @@ ssl3_send_client_certificate(SSL *s)
2522 i = 0; 2522 i = 0;
2523 } else if (i == 1) { 2523 } else if (i == 1) {
2524 i = 0; 2524 i = 0;
2525 SSLerror(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); 2525 SSLerror(s, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
2526 } 2526 }
2527 2527
2528 X509_free(x509); 2528 X509_free(x509);
@@ -2576,7 +2576,7 @@ ssl3_check_cert_and_algorithm(SSL *s)
2576 2576
2577 sc = SSI(s)->sess_cert; 2577 sc = SSI(s)->sess_cert;
2578 if (sc == NULL) { 2578 if (sc == NULL) {
2579 SSLerror(ERR_R_INTERNAL_ERROR); 2579 SSLerror(s, ERR_R_INTERNAL_ERROR);
2580 goto err; 2580 goto err;
2581 } 2581 }
2582 dh = SSI(s)->sess_cert->peer_dh_tmp; 2582 dh = SSI(s)->sess_cert->peer_dh_tmp;
@@ -2588,7 +2588,7 @@ ssl3_check_cert_and_algorithm(SSL *s)
2588 if (ssl_check_srvr_ecc_cert_and_alg( 2588 if (ssl_check_srvr_ecc_cert_and_alg(
2589 sc->peer_pkeys[idx].x509, s) == 0) { 2589 sc->peer_pkeys[idx].x509, s) == 0) {
2590 /* check failed */ 2590 /* check failed */
2591 SSLerror(SSL_R_BAD_ECC_CERT); 2591 SSLerror(s, SSL_R_BAD_ECC_CERT);
2592 goto f_err; 2592 goto f_err;
2593 } else { 2593 } else {
2594 return (1); 2594 return (1);
@@ -2600,21 +2600,21 @@ ssl3_check_cert_and_algorithm(SSL *s)
2600 2600
2601 /* Check that we have a certificate if we require one. */ 2601 /* Check that we have a certificate if we require one. */
2602 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) { 2602 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) {
2603 SSLerror(SSL_R_MISSING_RSA_SIGNING_CERT); 2603 SSLerror(s, SSL_R_MISSING_RSA_SIGNING_CERT);
2604 goto f_err; 2604 goto f_err;
2605 } else if ((alg_a & SSL_aDSS) && 2605 } else if ((alg_a & SSL_aDSS) &&
2606 !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) { 2606 !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) {
2607 SSLerror(SSL_R_MISSING_DSA_SIGNING_CERT); 2607 SSLerror(s, SSL_R_MISSING_DSA_SIGNING_CERT);
2608 goto f_err; 2608 goto f_err;
2609 } 2609 }
2610 if ((alg_k & SSL_kRSA) && 2610 if ((alg_k & SSL_kRSA) &&
2611 !has_bits(i, EVP_PK_RSA|EVP_PKT_ENC)) { 2611 !has_bits(i, EVP_PK_RSA|EVP_PKT_ENC)) {
2612 SSLerror(SSL_R_MISSING_RSA_ENCRYPTING_CERT); 2612 SSLerror(s, SSL_R_MISSING_RSA_ENCRYPTING_CERT);
2613 goto f_err; 2613 goto f_err;
2614 } 2614 }
2615 if ((alg_k & SSL_kDHE) && 2615 if ((alg_k & SSL_kDHE) &&
2616 !(has_bits(i, EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) { 2616 !(has_bits(i, EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) {
2617 SSLerror(SSL_R_MISSING_DH_KEY); 2617 SSLerror(s, SSL_R_MISSING_DH_KEY);
2618 goto f_err; 2618 goto f_err;
2619 } 2619 }
2620 2620
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 13:04:51 +0000