1 files changed, 49 insertions, 49 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 6d5d5c468b..605fc428ad 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.153 2017/01/26 06:32:58 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.154 2017/01/26 10:40:21 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -163,7 +163,7 @@ int
 SSL_clear(SSL *s)
 {
        if (s->method == NULL) {
-                SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
+                SSLerror(SSL_R_NO_METHOD_SPECIFIED);
                return (0);
        }
@@ -177,7 +177,7 @@ SSL_clear(SSL *s)
        s->internal->shutdown = 0;
        if (s->internal->renegotiate) {
-                SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
+                SSLerror(ERR_R_INTERNAL_ERROR);
                return (0);
        }
@@ -226,7 +226,7 @@ SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
        sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
            &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
        if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
-                SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
+                SSLerror(
                    SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
                return (0);
        }
@@ -239,21 +239,21 @@ SSL_new(SSL_CTX *ctx)
        SSL     *s;
        if (ctx == NULL) {
-                SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
+                SSLerror(SSL_R_NULL_SSL_CTX);
                return (NULL);
        }
        if (ctx->method == NULL) {
-                SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
+                SSLerror(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
                return (NULL);
        }
        if ((s = calloc(1, sizeof(*s))) == NULL) {
-                SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+                SSLerror(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
        if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
                free(s);
-                SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+                SSLerror(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
@@ -372,7 +372,7 @@ SSL_new(SSL_CTX *ctx)
 err:
        SSL_free(s);
-        SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+        SSLerror(ERR_R_MALLOC_FAILURE);
        return (NULL);
 }
@@ -381,7 +381,7 @@ SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
    unsigned int sid_ctx_len)
 {
        if (sid_ctx_len > sizeof ctx->sid_ctx) {
-                SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
+                SSLerror(
                    SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
                return (0);
        }
@@ -396,7 +396,7 @@ SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
    unsigned int sid_ctx_len)
 {
        if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-                SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
+                SSLerror(
                    SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
                return (0);
        }
@@ -634,7 +634,7 @@ SSL_set_fd(SSL *s, int fd)
        bio = BIO_new(BIO_s_socket());
        if (bio == NULL) {
-                SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
+                SSLerror(ERR_R_BUF_LIB);
                goto err;
        }
        BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -655,7 +655,7 @@ SSL_set_wfd(SSL *s, int fd)
                bio = BIO_new(BIO_s_socket());
                if (bio == NULL) {
-                        SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
+                        SSLerror(ERR_R_BUF_LIB);
                        goto err;
                }
                BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -678,7 +678,7 @@ SSL_set_rfd(SSL *s, int fd)
                bio = BIO_new(BIO_s_socket());
                if (bio == NULL) {
-                        SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
+                        SSLerror(ERR_R_BUF_LIB);
                        goto err;
                }
                BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -873,12 +873,12 @@ SSL_CTX_check_private_key(const SSL_CTX *ctx)
 {
        if ((ctx == NULL) || (ctx->internal->cert == NULL) ||
            (ctx->internal->cert->key->x509 == NULL)) {
-                SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
+                SSLerror(
                    SSL_R_NO_CERTIFICATE_ASSIGNED);
                return (0);
        }
        if (ctx->internal->cert->key->privatekey == NULL) {
-                SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
+                SSLerror(
                    SSL_R_NO_PRIVATE_KEY_ASSIGNED);
                return (0);
        }
@@ -891,22 +891,22 @@ int
 SSL_check_private_key(const SSL *ssl)
 {
        if (ssl == NULL) {
-                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
+                SSLerror(
                    ERR_R_PASSED_NULL_PARAMETER);
                return (0);
        }
        if (ssl->cert == NULL) {
-                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
+                SSLerror(
                    SSL_R_NO_CERTIFICATE_ASSIGNED);
                return (0);
        }
        if (ssl->cert->key->x509 == NULL) {
-                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
+                SSLerror(
                    SSL_R_NO_CERTIFICATE_ASSIGNED);
                return (0);
        }
        if (ssl->cert->key->privatekey == NULL) {
-                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
+                SSLerror(
                    SSL_R_NO_PRIVATE_KEY_ASSIGNED);
                return (0);
        }
@@ -942,7 +942,7 @@ int
 SSL_read(SSL *s, void *buf, int num)
 {
        if (s->internal->handshake_func == NULL) {
-                SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+                SSLerror(SSL_R_UNINITIALIZED);
                return (-1);
        }
@@ -957,7 +957,7 @@ int
 SSL_peek(SSL *s, void *buf, int num)
 {
        if (s->internal->handshake_func == NULL) {
-                SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
+                SSLerror(SSL_R_UNINITIALIZED);
                return (-1);
        }
@@ -971,13 +971,13 @@ int
 SSL_write(SSL *s, const void *buf, int num)
 {
        if (s->internal->handshake_func == NULL) {
-                SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
+                SSLerror(SSL_R_UNINITIALIZED);
                return (-1);
        }
        if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
                s->internal->rwstate = SSL_NOTHING;
-                SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
+                SSLerror(SSL_R_PROTOCOL_IS_SHUTDOWN);
                return (-1);
        }
        return (s->method->internal->ssl_write(s, buf, num));
@@ -994,7 +994,7 @@ SSL_shutdown(SSL *s)
         */
        if (s->internal->handshake_func == NULL) {
-                SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
+                SSLerror(SSL_R_UNINITIALIZED);
                return (-1);
        }
@@ -1306,7 +1306,7 @@ SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
        if (sk == NULL)
                return (0);
        else if (sk_SSL_CIPHER_num(sk) == 0) {
-                SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+                SSLerror(SSL_R_NO_CIPHER_MATCH);
                return (0);
        }
        return (1);
@@ -1324,7 +1324,7 @@ SSL_set_cipher_list(SSL *s, const char *str)
        if (sk == NULL)
                return (0);
        else if (sk_SSL_CIPHER_num(sk) == 0) {
-                SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+                SSLerror(SSL_R_NO_CIPHER_MATCH);
                return (0);
        }
        return (1);
@@ -1428,20 +1428,20 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
         * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].
         */
        if (num < 2 || num > 0x10000 - 2) {
-                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+                SSLerror(
                    SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
                return (NULL);
        }
        if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {
-                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+                SSLerror(ERR_R_MALLOC_FAILURE);
                goto err;
        }
        CBS_init(&cbs, p, num);
        while (CBS_len(&cbs) > 0) {
                if (!CBS_get_u16(&cbs, &cipher_value)) {
-                        SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+                        SSLerror(
                            SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
                        goto err;
                }
@@ -1454,7 +1454,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
                         * renegotiating.
                         */
                        if (s->internal->renegotiate) {
-                                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+                                SSLerror(
                                    SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
                                ssl3_send_alert(s, SSL3_AL_FATAL,
                                    SSL_AD_HANDSHAKE_FAILURE);
@@ -1474,7 +1474,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
                         */
                        max_version = ssl_max_server_version(s);
                        if (max_version == 0 || s->version < max_version) {
-                                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+                                SSLerror(
                                    SSL_R_INAPPROPRIATE_FALLBACK);
                                if (s->s3 != NULL)
                                        ssl3_send_alert(s, SSL3_AL_FATAL,
@@ -1486,7 +1486,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
                if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
                        if (!sk_SSL_CIPHER_push(sk, c)) {
-                                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+                                SSLerror(
                                    ERR_R_MALLOC_FAILURE);
                                goto err;
                        }
@@ -1797,22 +1797,22 @@ SSL_CTX_new(const SSL_METHOD *meth)
        SSL_CTX *ret;
        if (meth == NULL) {
-                SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
+                SSLerror(SSL_R_NULL_SSL_METHOD_PASSED);
                return (NULL);
        }
        if ((ret = calloc(1, sizeof(*ret))) == NULL) {
-                SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+                SSLerror(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
        if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
                free(ret);
-                SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+                SSLerror(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
        if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
-                SSLerr(SSL_F_SSL_CTX_NEW,
+                SSLerror(
                    SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
                goto err;
        }
@@ -1872,7 +1872,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
            &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
        if (ret->cipher_list == NULL ||
            sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
-                SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
+                SSLerror(SSL_R_LIBRARY_HAS_NO_CIPHERS);
                goto err2;
        }
@@ -1881,12 +1881,12 @@ SSL_CTX_new(const SSL_METHOD *meth)
                goto err;
        if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
-                SSLerr(SSL_F_SSL_CTX_NEW,
+                SSLerror(
                    SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
                goto err2;
        }
        if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
-                SSLerr(SSL_F_SSL_CTX_NEW,
+                SSLerror(
                    SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
                goto err2;
        }
@@ -1942,7 +1942,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
        return (ret);
 err:
-        SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+        SSLerror(ERR_R_MALLOC_FAILURE);
 err2:
        SSL_CTX_free(ret);
        return (NULL);
@@ -2126,7 +2126,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
                /* Key usage, if present, must allow signing. */
                if ((x->ex_flags & EXFLAG_KUSAGE) &&
                    ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {
-                        SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+                        SSLerror(
                            SSL_R_ECC_CERT_NOT_FOR_SIGNING);
                        return (0);
                }
@@ -2159,7 +2159,7 @@ ssl_get_server_send_pkey(const SSL *s)
        } else if (alg_a & SSL_aGOST01) {
                i = SSL_PKEY_GOST01;
        } else { /* if (alg_a & SSL_aNULL) */
-                SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
+                SSLerror(ERR_R_INTERNAL_ERROR);
                return (NULL);
        }
@@ -2199,7 +2199,7 @@ ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
            (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
                idx = SSL_PKEY_ECC;
        if (idx == -1) {
-                SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
+                SSLerror(ERR_R_INTERNAL_ERROR);
                return (NULL);
        }
        if (pmd)
@@ -2403,7 +2403,7 @@ SSL_do_handshake(SSL *s)
        int     ret = 1;
        if (s->internal->handshake_func == NULL) {
-                SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
+                SSLerror(SSL_R_CONNECTION_TYPE_NOT_SET);
                return (-1);
        }
@@ -2448,7 +2448,7 @@ SSL_set_connect_state(SSL *s)
 int
 ssl_undefined_function(SSL *s)
 {
-        SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,
+        SSLerror(
            ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return (0);
 }
@@ -2456,7 +2456,7 @@ ssl_undefined_function(SSL *s)
 int
 ssl_undefined_void_function(void)
 {
-        SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
+        SSLerror(
            ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return (0);
 }
@@ -2464,7 +2464,7 @@ ssl_undefined_void_function(void)
 int
 ssl_undefined_const_function(const SSL *s)
 {
-        SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
+        SSLerror(
            ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return (0);
 }
@@ -2700,7 +2700,7 @@ ssl_init_wbio_buffer(SSL *s, int push)
        (void)BIO_reset(bbio);
 /*      if (!BIO_set_write_buffer_size(bbio,16*1024)) */
        if (!BIO_set_read_buffer_size(bbio, 1)) {
-                SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
+                SSLerror(ERR_R_BUF_LIB);
                return (0);
        }
        if (push) {

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 6d5d5c468b..605fc428ad 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.153 2017/01/26 06:32:58 jsing Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.154 2017/01/26 10:40:21 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -163,7 +163,7 @@ int
163	SSL_clear(SSL *s)	163	SSL_clear(SSL *s)
164	{	164	{
165	if (s->method == NULL) {	165	if (s->method == NULL) {
166	SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);	166	SSLerror(SSL_R_NO_METHOD_SPECIFIED);
167	return (0);	167	return (0);
168	}	168	}
169		169
@@ -177,7 +177,7 @@ SSL_clear(SSL *s)
177	s->internal->shutdown = 0;	177	s->internal->shutdown = 0;
178		178
179	if (s->internal->renegotiate) {	179	if (s->internal->renegotiate) {
180	SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);	180	SSLerror(ERR_R_INTERNAL_ERROR);
181	return (0);	181	return (0);
182	}	182	}
183		183
@@ -226,7 +226,7 @@ SSL_CTX_set_ssl_version(SSL_CTX ctx, const SSL_METHOD meth)
226	sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),	226	sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
227	&(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);	227	&(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
228	if ((sk == NULL) \|\| (sk_SSL_CIPHER_num(sk) <= 0)) {	228	if ((sk == NULL) \|\| (sk_SSL_CIPHER_num(sk) <= 0)) {
229	SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,	229	SSLerror(
230	SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);	230	SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
231	return (0);	231	return (0);
232	}	232	}
@@ -239,21 +239,21 @@ SSL_new(SSL_CTX *ctx)
239	SSL *s;	239	SSL *s;
240		240
241	if (ctx == NULL) {	241	if (ctx == NULL) {
242	SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);	242	SSLerror(SSL_R_NULL_SSL_CTX);
243	return (NULL);	243	return (NULL);
244	}	244	}
245	if (ctx->method == NULL) {	245	if (ctx->method == NULL) {
246	SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);	246	SSLerror(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
247	return (NULL);	247	return (NULL);
248	}	248	}
249		249
250	if ((s = calloc(1, sizeof(*s))) == NULL) {	250	if ((s = calloc(1, sizeof(*s))) == NULL) {
251	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);	251	SSLerror(ERR_R_MALLOC_FAILURE);
252	return (NULL);	252	return (NULL);
253	}	253	}
254	if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {	254	if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
255	free(s);	255	free(s);
256	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);	256	SSLerror(ERR_R_MALLOC_FAILURE);
257	return (NULL);	257	return (NULL);
258	}	258	}
259		259
@@ -372,7 +372,7 @@ SSL_new(SSL_CTX *ctx)
372		372
373	err:	373	err:
374	SSL_free(s);	374	SSL_free(s);
375	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);	375	SSLerror(ERR_R_MALLOC_FAILURE);
376	return (NULL);	376	return (NULL);
377	}	377	}
378		378
@@ -381,7 +381,7 @@ SSL_CTX_set_session_id_context(SSL_CTX ctx, const unsigned char sid_ctx,
381	unsigned int sid_ctx_len)	381	unsigned int sid_ctx_len)
382	{	382	{
383	if (sid_ctx_len > sizeof ctx->sid_ctx) {	383	if (sid_ctx_len > sizeof ctx->sid_ctx) {
384	SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,	384	SSLerror(
385	SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);	385	SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
386	return (0);	386	return (0);
387	}	387	}
@@ -396,7 +396,7 @@ SSL_set_session_id_context(SSL ssl, const unsigned char sid_ctx,
396	unsigned int sid_ctx_len)	396	unsigned int sid_ctx_len)
397	{	397	{
398	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {	398	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
399	SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,	399	SSLerror(
400	SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);	400	SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
401	return (0);	401	return (0);
402	}	402	}
@@ -634,7 +634,7 @@ SSL_set_fd(SSL *s, int fd)
634	bio = BIO_new(BIO_s_socket());	634	bio = BIO_new(BIO_s_socket());
635		635
636	if (bio == NULL) {	636	if (bio == NULL) {
637	SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);	637	SSLerror(ERR_R_BUF_LIB);
638	goto err;	638	goto err;
639	}	639	}
640	BIO_set_fd(bio, fd, BIO_NOCLOSE);	640	BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -655,7 +655,7 @@ SSL_set_wfd(SSL *s, int fd)
655	bio = BIO_new(BIO_s_socket());	655	bio = BIO_new(BIO_s_socket());
656		656
657	if (bio == NULL) {	657	if (bio == NULL) {
658	SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);	658	SSLerror(ERR_R_BUF_LIB);
659	goto err;	659	goto err;
660	}	660	}
661	BIO_set_fd(bio, fd, BIO_NOCLOSE);	661	BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -678,7 +678,7 @@ SSL_set_rfd(SSL *s, int fd)
678	bio = BIO_new(BIO_s_socket());	678	bio = BIO_new(BIO_s_socket());
679		679
680	if (bio == NULL) {	680	if (bio == NULL) {
681	SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);	681	SSLerror(ERR_R_BUF_LIB);
682	goto err;	682	goto err;
683	}	683	}
684	BIO_set_fd(bio, fd, BIO_NOCLOSE);	684	BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -873,12 +873,12 @@ SSL_CTX_check_private_key(const SSL_CTX *ctx)
873	{	873	{
874	if ((ctx == NULL) \|\| (ctx->internal->cert == NULL) \|\|	874	if ((ctx == NULL) \|\| (ctx->internal->cert == NULL) \|\|
875	(ctx->internal->cert->key->x509 == NULL)) {	875	(ctx->internal->cert->key->x509 == NULL)) {
876	SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,	876	SSLerror(
877	SSL_R_NO_CERTIFICATE_ASSIGNED);	877	SSL_R_NO_CERTIFICATE_ASSIGNED);
878	return (0);	878	return (0);
879	}	879	}
880	if (ctx->internal->cert->key->privatekey == NULL) {	880	if (ctx->internal->cert->key->privatekey == NULL) {
881	SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,	881	SSLerror(
882	SSL_R_NO_PRIVATE_KEY_ASSIGNED);	882	SSL_R_NO_PRIVATE_KEY_ASSIGNED);
883	return (0);	883	return (0);
884	}	884	}
@@ -891,22 +891,22 @@ int
891	SSL_check_private_key(const SSL *ssl)	891	SSL_check_private_key(const SSL *ssl)
892	{	892	{
893	if (ssl == NULL) {	893	if (ssl == NULL) {
894	SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,	894	SSLerror(
895	ERR_R_PASSED_NULL_PARAMETER);	895	ERR_R_PASSED_NULL_PARAMETER);
896	return (0);	896	return (0);
897	}	897	}
898	if (ssl->cert == NULL) {	898	if (ssl->cert == NULL) {
899	SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,	899	SSLerror(
900	SSL_R_NO_CERTIFICATE_ASSIGNED);	900	SSL_R_NO_CERTIFICATE_ASSIGNED);
901	return (0);	901	return (0);
902	}	902	}
903	if (ssl->cert->key->x509 == NULL) {	903	if (ssl->cert->key->x509 == NULL) {
904	SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,	904	SSLerror(
905	SSL_R_NO_CERTIFICATE_ASSIGNED);	905	SSL_R_NO_CERTIFICATE_ASSIGNED);
906	return (0);	906	return (0);
907	}	907	}
908	if (ssl->cert->key->privatekey == NULL) {	908	if (ssl->cert->key->privatekey == NULL) {
909	SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,	909	SSLerror(
910	SSL_R_NO_PRIVATE_KEY_ASSIGNED);	910	SSL_R_NO_PRIVATE_KEY_ASSIGNED);
911	return (0);	911	return (0);
912	}	912	}
@@ -942,7 +942,7 @@ int
942	SSL_read(SSL s, void buf, int num)	942	SSL_read(SSL s, void buf, int num)
943	{	943	{
944	if (s->internal->handshake_func == NULL) {	944	if (s->internal->handshake_func == NULL) {
945	SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);	945	SSLerror(SSL_R_UNINITIALIZED);
946	return (-1);	946	return (-1);
947	}	947	}
948		948
@@ -957,7 +957,7 @@ int
957	SSL_peek(SSL s, void buf, int num)	957	SSL_peek(SSL s, void buf, int num)
958	{	958	{
959	if (s->internal->handshake_func == NULL) {	959	if (s->internal->handshake_func == NULL) {
960	SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);	960	SSLerror(SSL_R_UNINITIALIZED);
961	return (-1);	961	return (-1);
962	}	962	}
963		963
@@ -971,13 +971,13 @@ int
971	SSL_write(SSL s, const void buf, int num)	971	SSL_write(SSL s, const void buf, int num)
972	{	972	{
973	if (s->internal->handshake_func == NULL) {	973	if (s->internal->handshake_func == NULL) {
974	SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);	974	SSLerror(SSL_R_UNINITIALIZED);
975	return (-1);	975	return (-1);
976	}	976	}
977		977
978	if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {	978	if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
979	s->internal->rwstate = SSL_NOTHING;	979	s->internal->rwstate = SSL_NOTHING;
980	SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);	980	SSLerror(SSL_R_PROTOCOL_IS_SHUTDOWN);
981	return (-1);	981	return (-1);
982	}	982	}
983	return (s->method->internal->ssl_write(s, buf, num));	983	return (s->method->internal->ssl_write(s, buf, num));
@@ -994,7 +994,7 @@ SSL_shutdown(SSL *s)
994	*/	994	*/
995		995
996	if (s->internal->handshake_func == NULL) {	996	if (s->internal->handshake_func == NULL) {
997	SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);	997	SSLerror(SSL_R_UNINITIALIZED);
998	return (-1);	998	return (-1);
999	}	999	}
1000		1000
@@ -1306,7 +1306,7 @@ SSL_CTX_set_cipher_list(SSL_CTX ctx, const char str)
1306	if (sk == NULL)	1306	if (sk == NULL)
1307	return (0);	1307	return (0);
1308	else if (sk_SSL_CIPHER_num(sk) == 0) {	1308	else if (sk_SSL_CIPHER_num(sk) == 0) {
1309	SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);	1309	SSLerror(SSL_R_NO_CIPHER_MATCH);
1310	return (0);	1310	return (0);
1311	}	1311	}
1312	return (1);	1312	return (1);
@@ -1324,7 +1324,7 @@ SSL_set_cipher_list(SSL s, const char str)
1324	if (sk == NULL)	1324	if (sk == NULL)
1325	return (0);	1325	return (0);
1326	else if (sk_SSL_CIPHER_num(sk) == 0) {	1326	else if (sk_SSL_CIPHER_num(sk) == 0) {
1327	SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);	1327	SSLerror(SSL_R_NO_CIPHER_MATCH);
1328	return (0);	1328	return (0);
1329	}	1329	}
1330	return (1);	1330	return (1);
@@ -1428,20 +1428,20 @@ ssl_bytes_to_cipher_list(SSL s, const unsigned char p, int num)
1428	* RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].	1428	* RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].
1429	*/	1429	*/
1430	if (num < 2 \|\| num > 0x10000 - 2) {	1430	if (num < 2 \|\| num > 0x10000 - 2) {
1431	SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,	1431	SSLerror(
1432	SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);	1432	SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1433	return (NULL);	1433	return (NULL);
1434	}	1434	}
1435		1435
1436	if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {	1436	if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {
1437	SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);	1437	SSLerror(ERR_R_MALLOC_FAILURE);
1438	goto err;	1438	goto err;
1439	}	1439	}
1440		1440
1441	CBS_init(&cbs, p, num);	1441	CBS_init(&cbs, p, num);
1442	while (CBS_len(&cbs) > 0) {	1442	while (CBS_len(&cbs) > 0) {
1443	if (!CBS_get_u16(&cbs, &cipher_value)) {	1443	if (!CBS_get_u16(&cbs, &cipher_value)) {
1444	SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,	1444	SSLerror(
1445	SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);	1445	SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1446	goto err;	1446	goto err;
1447	}	1447	}
@@ -1454,7 +1454,7 @@ ssl_bytes_to_cipher_list(SSL s, const unsigned char p, int num)
1454	* renegotiating.	1454	* renegotiating.
1455	*/	1455	*/
1456	if (s->internal->renegotiate) {	1456	if (s->internal->renegotiate) {
1457	SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,	1457	SSLerror(
1458	SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);	1458	SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1459	ssl3_send_alert(s, SSL3_AL_FATAL,	1459	ssl3_send_alert(s, SSL3_AL_FATAL,
1460	SSL_AD_HANDSHAKE_FAILURE);	1460	SSL_AD_HANDSHAKE_FAILURE);
@@ -1474,7 +1474,7 @@ ssl_bytes_to_cipher_list(SSL s, const unsigned char p, int num)
1474	*/	1474	*/
1475	max_version = ssl_max_server_version(s);	1475	max_version = ssl_max_server_version(s);
1476	if (max_version == 0 \|\| s->version < max_version) {	1476	if (max_version == 0 \|\| s->version < max_version) {
1477	SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,	1477	SSLerror(
1478	SSL_R_INAPPROPRIATE_FALLBACK);	1478	SSL_R_INAPPROPRIATE_FALLBACK);
1479	if (s->s3 != NULL)	1479	if (s->s3 != NULL)
1480	ssl3_send_alert(s, SSL3_AL_FATAL,	1480	ssl3_send_alert(s, SSL3_AL_FATAL,
@@ -1486,7 +1486,7 @@ ssl_bytes_to_cipher_list(SSL s, const unsigned char p, int num)
1486		1486
1487	if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {	1487	if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
1488	if (!sk_SSL_CIPHER_push(sk, c)) {	1488	if (!sk_SSL_CIPHER_push(sk, c)) {
1489	SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,	1489	SSLerror(
1490	ERR_R_MALLOC_FAILURE);	1490	ERR_R_MALLOC_FAILURE);
1491	goto err;	1491	goto err;
1492	}	1492	}
@@ -1797,22 +1797,22 @@ SSL_CTX_new(const SSL_METHOD *meth)
1797	SSL_CTX *ret;	1797	SSL_CTX *ret;
1798		1798
1799	if (meth == NULL) {	1799	if (meth == NULL) {
1800	SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);	1800	SSLerror(SSL_R_NULL_SSL_METHOD_PASSED);
1801	return (NULL);	1801	return (NULL);
1802	}	1802	}
1803		1803
1804	if ((ret = calloc(1, sizeof(*ret))) == NULL) {	1804	if ((ret = calloc(1, sizeof(*ret))) == NULL) {
1805	SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);	1805	SSLerror(ERR_R_MALLOC_FAILURE);
1806	return (NULL);	1806	return (NULL);
1807	}	1807	}
1808	if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {	1808	if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
1809	free(ret);	1809	free(ret);
1810	SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);	1810	SSLerror(ERR_R_MALLOC_FAILURE);
1811	return (NULL);	1811	return (NULL);
1812	}	1812	}
1813		1813
1814	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {	1814	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1815	SSLerr(SSL_F_SSL_CTX_NEW,	1815	SSLerror(
1816	SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);	1816	SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1817	goto err;	1817	goto err;
1818	}	1818	}
@@ -1872,7 +1872,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
1872	&ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);	1872	&ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
1873	if (ret->cipher_list == NULL \|\|	1873	if (ret->cipher_list == NULL \|\|
1874	sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {	1874	sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1875	SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);	1875	SSLerror(SSL_R_LIBRARY_HAS_NO_CIPHERS);
1876	goto err2;	1876	goto err2;
1877	}	1877	}
1878		1878
@@ -1881,12 +1881,12 @@ SSL_CTX_new(const SSL_METHOD *meth)
1881	goto err;	1881	goto err;
1882		1882
1883	if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {	1883	if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
1884	SSLerr(SSL_F_SSL_CTX_NEW,	1884	SSLerror(
1885	SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);	1885	SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1886	goto err2;	1886	goto err2;
1887	}	1887	}
1888	if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {	1888	if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
1889	SSLerr(SSL_F_SSL_CTX_NEW,	1889	SSLerror(
1890	SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);	1890	SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1891	goto err2;	1891	goto err2;
1892	}	1892	}
@@ -1942,7 +1942,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
1942		1942
1943	return (ret);	1943	return (ret);
1944	err:	1944	err:
1945	SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);	1945	SSLerror(ERR_R_MALLOC_FAILURE);
1946	err2:	1946	err2:
1947	SSL_CTX_free(ret);	1947	SSL_CTX_free(ret);
1948	return (NULL);	1948	return (NULL);
@@ -2126,7 +2126,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s)
2126	/* Key usage, if present, must allow signing. */	2126	/* Key usage, if present, must allow signing. */
2127	if ((x->ex_flags & EXFLAG_KUSAGE) &&	2127	if ((x->ex_flags & EXFLAG_KUSAGE) &&
2128	((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {	2128	((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {
2129	SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,	2129	SSLerror(
2130	SSL_R_ECC_CERT_NOT_FOR_SIGNING);	2130	SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2131	return (0);	2131	return (0);
2132	}	2132	}
@@ -2159,7 +2159,7 @@ ssl_get_server_send_pkey(const SSL *s)
2159	} else if (alg_a & SSL_aGOST01) {	2159	} else if (alg_a & SSL_aGOST01) {
2160	i = SSL_PKEY_GOST01;	2160	i = SSL_PKEY_GOST01;
2161	} else { /* if (alg_a & SSL_aNULL) */	2161	} else { /* if (alg_a & SSL_aNULL) */
2162	SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);	2162	SSLerror(ERR_R_INTERNAL_ERROR);
2163	return (NULL);	2163	return (NULL);
2164	}	2164	}
2165		2165
@@ -2199,7 +2199,7 @@ ssl_get_sign_pkey(SSL s, const SSL_CIPHER cipher, const EVP_MD **pmd)
2199	(c->pkeys[SSL_PKEY_ECC].privatekey != NULL))	2199	(c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2200	idx = SSL_PKEY_ECC;	2200	idx = SSL_PKEY_ECC;
2201	if (idx == -1) {	2201	if (idx == -1) {
2202	SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);	2202	SSLerror(ERR_R_INTERNAL_ERROR);
2203	return (NULL);	2203	return (NULL);
2204	}	2204	}
2205	if (pmd)	2205	if (pmd)
@@ -2403,7 +2403,7 @@ SSL_do_handshake(SSL *s)
2403	int ret = 1;	2403	int ret = 1;
2404		2404
2405	if (s->internal->handshake_func == NULL) {	2405	if (s->internal->handshake_func == NULL) {
2406	SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);	2406	SSLerror(SSL_R_CONNECTION_TYPE_NOT_SET);
2407	return (-1);	2407	return (-1);
2408	}	2408	}
2409		2409
@@ -2448,7 +2448,7 @@ SSL_set_connect_state(SSL *s)
2448	int	2448	int
2449	ssl_undefined_function(SSL *s)	2449	ssl_undefined_function(SSL *s)
2450	{	2450	{
2451	SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,	2451	SSLerror(
2452	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);	2452	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2453	return (0);	2453	return (0);
2454	}	2454	}
@@ -2456,7 +2456,7 @@ ssl_undefined_function(SSL *s)
2456	int	2456	int
2457	ssl_undefined_void_function(void)	2457	ssl_undefined_void_function(void)
2458	{	2458	{
2459	SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,	2459	SSLerror(
2460	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);	2460	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2461	return (0);	2461	return (0);
2462	}	2462	}
@@ -2464,7 +2464,7 @@ ssl_undefined_void_function(void)
2464	int	2464	int
2465	ssl_undefined_const_function(const SSL *s)	2465	ssl_undefined_const_function(const SSL *s)
2466	{	2466	{
2467	SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,	2467	SSLerror(
2468	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);	2468	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2469	return (0);	2469	return (0);
2470	}	2470	}
@@ -2700,7 +2700,7 @@ ssl_init_wbio_buffer(SSL *s, int push)
2700	(void)BIO_reset(bbio);	2700	(void)BIO_reset(bbio);
2701	/* if (!BIO_set_write_buffer_size(bbio,161024)) /	2701	/* if (!BIO_set_write_buffer_size(bbio,161024)) /
2702	if (!BIO_set_read_buffer_size(bbio, 1)) {	2702	if (!BIO_set_read_buffer_size(bbio, 1)) {
2703	SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);	2703	SSLerror(ERR_R_BUF_LIB);
2704	return (0);	2704	return (0);
2705	}	2705	}
2706	if (push) {	2706	if (push) {