1 files changed, 49 insertions, 49 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 898fdbc479..7e752ae0d0 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.155 2017/01/26 12:16:13 beck Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.156 2017/02/07 02:08:38 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -163,7 +163,7 @@ int
 SSL_clear(SSL *s)
 {
        if (s->method == NULL) {
-                SSLerror(SSL_R_NO_METHOD_SPECIFIED);
+                SSLerror(s, SSL_R_NO_METHOD_SPECIFIED);
                return (0);
        }
@@ -177,7 +177,7 @@ SSL_clear(SSL *s)
        s->internal->shutdown = 0;
        if (s->internal->renegotiate) {
-                SSLerror(ERR_R_INTERNAL_ERROR);
+                SSLerror(s, ERR_R_INTERNAL_ERROR);
                return (0);
        }
@@ -226,7 +226,7 @@ SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
        sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
            &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
        if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
-                SSLerror(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
+                SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
                return (0);
        }
        return (1);
@@ -238,21 +238,21 @@ SSL_new(SSL_CTX *ctx)
        SSL     *s;
        if (ctx == NULL) {
-                SSLerror(SSL_R_NULL_SSL_CTX);
+                SSLerrorx(SSL_R_NULL_SSL_CTX);
                return (NULL);
        }
        if (ctx->method == NULL) {
-                SSLerror(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
+                SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
                return (NULL);
        }
        if ((s = calloc(1, sizeof(*s))) == NULL) {
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
        if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
                free(s);
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
@@ -371,7 +371,7 @@ SSL_new(SSL_CTX *ctx)
 err:
        SSL_free(s);
-        SSLerror(ERR_R_MALLOC_FAILURE);
+        SSLerrorx(ERR_R_MALLOC_FAILURE);
        return (NULL);
 }
@@ -380,7 +380,7 @@ SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
    unsigned int sid_ctx_len)
 {
        if (sid_ctx_len > sizeof ctx->sid_ctx) {
-                SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+                SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
                return (0);
        }
        ctx->sid_ctx_length = sid_ctx_len;
@@ -394,7 +394,7 @@ SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
    unsigned int sid_ctx_len)
 {
        if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-                SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+                SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
                return (0);
        }
        ssl->sid_ctx_length = sid_ctx_len;
@@ -631,7 +631,7 @@ SSL_set_fd(SSL *s, int fd)
        bio = BIO_new(BIO_s_socket());
        if (bio == NULL) {
-                SSLerror(ERR_R_BUF_LIB);
+                SSLerror(s, ERR_R_BUF_LIB);
                goto err;
        }
        BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -652,7 +652,7 @@ SSL_set_wfd(SSL *s, int fd)
                bio = BIO_new(BIO_s_socket());
                if (bio == NULL) {
-                        SSLerror(ERR_R_BUF_LIB);
+                        SSLerror(s, ERR_R_BUF_LIB);
                        goto err;
                }
                BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -675,7 +675,7 @@ SSL_set_rfd(SSL *s, int fd)
                bio = BIO_new(BIO_s_socket());
                if (bio == NULL) {
-                        SSLerror(ERR_R_BUF_LIB);
+                        SSLerror(s, ERR_R_BUF_LIB);
                        goto err;
                }
                BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -870,11 +870,11 @@ SSL_CTX_check_private_key(const SSL_CTX *ctx)
 {
        if ((ctx == NULL) || (ctx->internal->cert == NULL) ||
            (ctx->internal->cert->key->x509 == NULL)) {
-                SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED);
+                SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED);
                return (0);
        }
        if (ctx->internal->cert->key->privatekey == NULL) {
-                SSLerror(SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+                SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED);
                return (0);
        }
        return (X509_check_private_key(ctx->internal->cert->key->x509,
@@ -886,19 +886,19 @@ int
 SSL_check_private_key(const SSL *ssl)
 {
        if (ssl == NULL) {
-                SSLerror(ERR_R_PASSED_NULL_PARAMETER);
+                SSLerror(ssl, ERR_R_PASSED_NULL_PARAMETER);
                return (0);
        }
        if (ssl->cert == NULL) {
-                SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED);
+                SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
                return (0);
        }
        if (ssl->cert->key->x509 == NULL) {
-                SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED);
+                SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
                return (0);
        }
        if (ssl->cert->key->privatekey == NULL) {
-                SSLerror(SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+                SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
                return (0);
        }
        return (X509_check_private_key(ssl->cert->key->x509,
@@ -933,7 +933,7 @@ int
 SSL_read(SSL *s, void *buf, int num)
 {
        if (s->internal->handshake_func == NULL) {
-                SSLerror(SSL_R_UNINITIALIZED);
+                SSLerror(s, SSL_R_UNINITIALIZED);
                return (-1);
        }
@@ -948,7 +948,7 @@ int
 SSL_peek(SSL *s, void *buf, int num)
 {
        if (s->internal->handshake_func == NULL) {
-                SSLerror(SSL_R_UNINITIALIZED);
+                SSLerror(s, SSL_R_UNINITIALIZED);
                return (-1);
        }
@@ -962,13 +962,13 @@ int
 SSL_write(SSL *s, const void *buf, int num)
 {
        if (s->internal->handshake_func == NULL) {
-                SSLerror(SSL_R_UNINITIALIZED);
+                SSLerror(s, SSL_R_UNINITIALIZED);
                return (-1);
        }
        if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
                s->internal->rwstate = SSL_NOTHING;
-                SSLerror(SSL_R_PROTOCOL_IS_SHUTDOWN);
+                SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN);
                return (-1);
        }
        return (s->method->internal->ssl_write(s, buf, num));
@@ -985,7 +985,7 @@ SSL_shutdown(SSL *s)
         */
        if (s->internal->handshake_func == NULL) {
-                SSLerror(SSL_R_UNINITIALIZED);
+                SSLerror(s, SSL_R_UNINITIALIZED);
                return (-1);
        }
@@ -1297,7 +1297,7 @@ SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
        if (sk == NULL)
                return (0);
        else if (sk_SSL_CIPHER_num(sk) == 0) {
-                SSLerror(SSL_R_NO_CIPHER_MATCH);
+                SSLerrorx(SSL_R_NO_CIPHER_MATCH);
                return (0);
        }
        return (1);
@@ -1315,7 +1315,7 @@ SSL_set_cipher_list(SSL *s, const char *str)
        if (sk == NULL)
                return (0);
        else if (sk_SSL_CIPHER_num(sk) == 0) {
-                SSLerror(SSL_R_NO_CIPHER_MATCH);
+                SSLerror(s, SSL_R_NO_CIPHER_MATCH);
                return (0);
        }
        return (1);
@@ -1419,19 +1419,19 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
         * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].
         */
        if (num < 2 || num > 0x10000 - 2) {
-                SSLerror(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
+                SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
                return (NULL);
        }
        if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerror(s, ERR_R_MALLOC_FAILURE);
                goto err;
        }
        CBS_init(&cbs, p, num);
        while (CBS_len(&cbs) > 0) {
                if (!CBS_get_u16(&cbs, &cipher_value)) {
-                        SSLerror(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
+                        SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
                        goto err;
                }
@@ -1443,7 +1443,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
                         * renegotiating.
                         */
                        if (s->internal->renegotiate) {
-                                SSLerror(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
+                                SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
                                ssl3_send_alert(s, SSL3_AL_FATAL,
                                    SSL_AD_HANDSHAKE_FAILURE);
@@ -1462,7 +1462,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
                         */
                        max_version = ssl_max_server_version(s);
                        if (max_version == 0 || s->version < max_version) {
-                                SSLerror(SSL_R_INAPPROPRIATE_FALLBACK);
+                                SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
                                if (s->s3 != NULL)
                                        ssl3_send_alert(s, SSL3_AL_FATAL,
                                            SSL_AD_INAPPROPRIATE_FALLBACK);
@@ -1473,7 +1473,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
                if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
                        if (!sk_SSL_CIPHER_push(sk, c)) {
-                                SSLerror(ERR_R_MALLOC_FAILURE);
+                                SSLerror(s, ERR_R_MALLOC_FAILURE);
                                goto err;
                        }
                }
@@ -1783,22 +1783,22 @@ SSL_CTX_new(const SSL_METHOD *meth)
        SSL_CTX *ret;
        if (meth == NULL) {
-                SSLerror(SSL_R_NULL_SSL_METHOD_PASSED);
+                SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED);
                return (NULL);
        }
        if ((ret = calloc(1, sizeof(*ret))) == NULL) {
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
        if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
                free(ret);
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
        if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
-                SSLerror(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
+                SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
                goto err;
        }
@@ -1857,7 +1857,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
            &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
        if (ret->cipher_list == NULL ||
            sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
-                SSLerror(SSL_R_LIBRARY_HAS_NO_CIPHERS);
+                SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS);
                goto err2;
        }
@@ -1866,11 +1866,11 @@ SSL_CTX_new(const SSL_METHOD *meth)
                goto err;
        if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
-                SSLerror(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
+                SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
                goto err2;
        }
        if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
-                SSLerror(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
+                SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
                goto err2;
        }
@@ -1925,7 +1925,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
        return (ret);
 err:
-        SSLerror(ERR_R_MALLOC_FAILURE);
+        SSLerrorx(ERR_R_MALLOC_FAILURE);
 err2:
        SSL_CTX_free(ret);
        return (NULL);
@@ -2109,7 +2109,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
                /* Key usage, if present, must allow signing. */
                if ((x->ex_flags & EXFLAG_KUSAGE) &&
                    ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {
-                        SSLerror(SSL_R_ECC_CERT_NOT_FOR_SIGNING);
+                        SSLerror(s, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
                        return (0);
                }
        }
@@ -2141,7 +2141,7 @@ ssl_get_server_send_pkey(const SSL *s)
        } else if (alg_a & SSL_aGOST01) {
                i = SSL_PKEY_GOST01;
        } else { /* if (alg_a & SSL_aNULL) */
-                SSLerror(ERR_R_INTERNAL_ERROR);
+                SSLerror(s, ERR_R_INTERNAL_ERROR);
                return (NULL);
        }
@@ -2181,7 +2181,7 @@ ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
            (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
                idx = SSL_PKEY_ECC;
        if (idx == -1) {
-                SSLerror(ERR_R_INTERNAL_ERROR);
+                SSLerror(s, ERR_R_INTERNAL_ERROR);
                return (NULL);
        }
        if (pmd)
@@ -2385,7 +2385,7 @@ SSL_do_handshake(SSL *s)
        int     ret = 1;
        if (s->internal->handshake_func == NULL) {
-                SSLerror(SSL_R_CONNECTION_TYPE_NOT_SET);
+                SSLerror(s, SSL_R_CONNECTION_TYPE_NOT_SET);
                return (-1);
        }
@@ -2430,21 +2430,21 @@ SSL_set_connect_state(SSL *s)
 int
 ssl_undefined_function(SSL *s)
 {
-        SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return (0);
 }
 int
 ssl_undefined_void_function(void)
 {
-        SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return (0);
 }
 int
 ssl_undefined_const_function(const SSL *s)
 {
-        SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return (0);
 }
@@ -2679,7 +2679,7 @@ ssl_init_wbio_buffer(SSL *s, int push)
        (void)BIO_reset(bbio);
 /*      if (!BIO_set_write_buffer_size(bbio,16*1024)) */
        if (!BIO_set_read_buffer_size(bbio, 1)) {
-                SSLerror(ERR_R_BUF_LIB);
+                SSLerror(s, ERR_R_BUF_LIB);
                return (0);
        }
        if (push) {

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 898fdbc479..7e752ae0d0 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.155 2017/01/26 12:16:13 beck Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.156 2017/02/07 02:08:38 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -163,7 +163,7 @@ int
163	SSL_clear(SSL *s)	163	SSL_clear(SSL *s)
164	{	164	{
165	if (s->method == NULL) {	165	if (s->method == NULL) {
166	SSLerror(SSL_R_NO_METHOD_SPECIFIED);	166	SSLerror(s, SSL_R_NO_METHOD_SPECIFIED);
167	return (0);	167	return (0);
168	}	168	}
169		169
@@ -177,7 +177,7 @@ SSL_clear(SSL *s)
177	s->internal->shutdown = 0;	177	s->internal->shutdown = 0;
178		178
179	if (s->internal->renegotiate) {	179	if (s->internal->renegotiate) {
180	SSLerror(ERR_R_INTERNAL_ERROR);	180	SSLerror(s, ERR_R_INTERNAL_ERROR);
181	return (0);	181	return (0);
182	}	182	}
183		183
@@ -226,7 +226,7 @@ SSL_CTX_set_ssl_version(SSL_CTX ctx, const SSL_METHOD meth)
226	sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),	226	sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
227	&(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);	227	&(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
228	if ((sk == NULL) \|\| (sk_SSL_CIPHER_num(sk) <= 0)) {	228	if ((sk == NULL) \|\| (sk_SSL_CIPHER_num(sk) <= 0)) {
229	SSLerror(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);	229	SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
230	return (0);	230	return (0);
231	}	231	}
232	return (1);	232	return (1);
@@ -238,21 +238,21 @@ SSL_new(SSL_CTX *ctx)
238	SSL *s;	238	SSL *s;
239		239
240	if (ctx == NULL) {	240	if (ctx == NULL) {
241	SSLerror(SSL_R_NULL_SSL_CTX);	241	SSLerrorx(SSL_R_NULL_SSL_CTX);
242	return (NULL);	242	return (NULL);
243	}	243	}
244	if (ctx->method == NULL) {	244	if (ctx->method == NULL) {
245	SSLerror(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);	245	SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
246	return (NULL);	246	return (NULL);
247	}	247	}
248		248
249	if ((s = calloc(1, sizeof(*s))) == NULL) {	249	if ((s = calloc(1, sizeof(*s))) == NULL) {
250	SSLerror(ERR_R_MALLOC_FAILURE);	250	SSLerrorx(ERR_R_MALLOC_FAILURE);
251	return (NULL);	251	return (NULL);
252	}	252	}
253	if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {	253	if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
254	free(s);	254	free(s);
255	SSLerror(ERR_R_MALLOC_FAILURE);	255	SSLerrorx(ERR_R_MALLOC_FAILURE);
256	return (NULL);	256	return (NULL);
257	}	257	}
258		258
@@ -371,7 +371,7 @@ SSL_new(SSL_CTX *ctx)
371		371
372	err:	372	err:
373	SSL_free(s);	373	SSL_free(s);
374	SSLerror(ERR_R_MALLOC_FAILURE);	374	SSLerrorx(ERR_R_MALLOC_FAILURE);
375	return (NULL);	375	return (NULL);
376	}	376	}
377		377
@@ -380,7 +380,7 @@ SSL_CTX_set_session_id_context(SSL_CTX ctx, const unsigned char sid_ctx,
380	unsigned int sid_ctx_len)	380	unsigned int sid_ctx_len)
381	{	381	{
382	if (sid_ctx_len > sizeof ctx->sid_ctx) {	382	if (sid_ctx_len > sizeof ctx->sid_ctx) {
383	SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);	383	SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
384	return (0);	384	return (0);
385	}	385	}
386	ctx->sid_ctx_length = sid_ctx_len;	386	ctx->sid_ctx_length = sid_ctx_len;
@@ -394,7 +394,7 @@ SSL_set_session_id_context(SSL ssl, const unsigned char sid_ctx,
394	unsigned int sid_ctx_len)	394	unsigned int sid_ctx_len)
395	{	395	{
396	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {	396	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
397	SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);	397	SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
398	return (0);	398	return (0);
399	}	399	}
400	ssl->sid_ctx_length = sid_ctx_len;	400	ssl->sid_ctx_length = sid_ctx_len;
@@ -631,7 +631,7 @@ SSL_set_fd(SSL *s, int fd)
631	bio = BIO_new(BIO_s_socket());	631	bio = BIO_new(BIO_s_socket());
632		632
633	if (bio == NULL) {	633	if (bio == NULL) {
634	SSLerror(ERR_R_BUF_LIB);	634	SSLerror(s, ERR_R_BUF_LIB);
635	goto err;	635	goto err;
636	}	636	}
637	BIO_set_fd(bio, fd, BIO_NOCLOSE);	637	BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -652,7 +652,7 @@ SSL_set_wfd(SSL *s, int fd)
652	bio = BIO_new(BIO_s_socket());	652	bio = BIO_new(BIO_s_socket());
653		653
654	if (bio == NULL) {	654	if (bio == NULL) {
655	SSLerror(ERR_R_BUF_LIB);	655	SSLerror(s, ERR_R_BUF_LIB);
656	goto err;	656	goto err;
657	}	657	}
658	BIO_set_fd(bio, fd, BIO_NOCLOSE);	658	BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -675,7 +675,7 @@ SSL_set_rfd(SSL *s, int fd)
675	bio = BIO_new(BIO_s_socket());	675	bio = BIO_new(BIO_s_socket());
676		676
677	if (bio == NULL) {	677	if (bio == NULL) {
678	SSLerror(ERR_R_BUF_LIB);	678	SSLerror(s, ERR_R_BUF_LIB);
679	goto err;	679	goto err;
680	}	680	}
681	BIO_set_fd(bio, fd, BIO_NOCLOSE);	681	BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -870,11 +870,11 @@ SSL_CTX_check_private_key(const SSL_CTX *ctx)
870	{	870	{
871	if ((ctx == NULL) \|\| (ctx->internal->cert == NULL) \|\|	871	if ((ctx == NULL) \|\| (ctx->internal->cert == NULL) \|\|
872	(ctx->internal->cert->key->x509 == NULL)) {	872	(ctx->internal->cert->key->x509 == NULL)) {
873	SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED);	873	SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED);
874	return (0);	874	return (0);
875	}	875	}
876	if (ctx->internal->cert->key->privatekey == NULL) {	876	if (ctx->internal->cert->key->privatekey == NULL) {
877	SSLerror(SSL_R_NO_PRIVATE_KEY_ASSIGNED);	877	SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED);
878	return (0);	878	return (0);
879	}	879	}
880	return (X509_check_private_key(ctx->internal->cert->key->x509,	880	return (X509_check_private_key(ctx->internal->cert->key->x509,
@@ -886,19 +886,19 @@ int
886	SSL_check_private_key(const SSL *ssl)	886	SSL_check_private_key(const SSL *ssl)
887	{	887	{
888	if (ssl == NULL) {	888	if (ssl == NULL) {
889	SSLerror(ERR_R_PASSED_NULL_PARAMETER);	889	SSLerror(ssl, ERR_R_PASSED_NULL_PARAMETER);
890	return (0);	890	return (0);
891	}	891	}
892	if (ssl->cert == NULL) {	892	if (ssl->cert == NULL) {
893	SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED);	893	SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
894	return (0);	894	return (0);
895	}	895	}
896	if (ssl->cert->key->x509 == NULL) {	896	if (ssl->cert->key->x509 == NULL) {
897	SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED);	897	SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
898	return (0);	898	return (0);
899	}	899	}
900	if (ssl->cert->key->privatekey == NULL) {	900	if (ssl->cert->key->privatekey == NULL) {
901	SSLerror(SSL_R_NO_PRIVATE_KEY_ASSIGNED);	901	SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
902	return (0);	902	return (0);
903	}	903	}
904	return (X509_check_private_key(ssl->cert->key->x509,	904	return (X509_check_private_key(ssl->cert->key->x509,
@@ -933,7 +933,7 @@ int
933	SSL_read(SSL s, void buf, int num)	933	SSL_read(SSL s, void buf, int num)
934	{	934	{
935	if (s->internal->handshake_func == NULL) {	935	if (s->internal->handshake_func == NULL) {
936	SSLerror(SSL_R_UNINITIALIZED);	936	SSLerror(s, SSL_R_UNINITIALIZED);
937	return (-1);	937	return (-1);
938	}	938	}
939		939
@@ -948,7 +948,7 @@ int
948	SSL_peek(SSL s, void buf, int num)	948	SSL_peek(SSL s, void buf, int num)
949	{	949	{
950	if (s->internal->handshake_func == NULL) {	950	if (s->internal->handshake_func == NULL) {
951	SSLerror(SSL_R_UNINITIALIZED);	951	SSLerror(s, SSL_R_UNINITIALIZED);
952	return (-1);	952	return (-1);
953	}	953	}
954		954
@@ -962,13 +962,13 @@ int
962	SSL_write(SSL s, const void buf, int num)	962	SSL_write(SSL s, const void buf, int num)
963	{	963	{
964	if (s->internal->handshake_func == NULL) {	964	if (s->internal->handshake_func == NULL) {
965	SSLerror(SSL_R_UNINITIALIZED);	965	SSLerror(s, SSL_R_UNINITIALIZED);
966	return (-1);	966	return (-1);
967	}	967	}
968		968
969	if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {	969	if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
970	s->internal->rwstate = SSL_NOTHING;	970	s->internal->rwstate = SSL_NOTHING;
971	SSLerror(SSL_R_PROTOCOL_IS_SHUTDOWN);	971	SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN);
972	return (-1);	972	return (-1);
973	}	973	}
974	return (s->method->internal->ssl_write(s, buf, num));	974	return (s->method->internal->ssl_write(s, buf, num));
@@ -985,7 +985,7 @@ SSL_shutdown(SSL *s)
985	*/	985	*/
986		986
987	if (s->internal->handshake_func == NULL) {	987	if (s->internal->handshake_func == NULL) {
988	SSLerror(SSL_R_UNINITIALIZED);	988	SSLerror(s, SSL_R_UNINITIALIZED);
989	return (-1);	989	return (-1);
990	}	990	}
991		991
@@ -1297,7 +1297,7 @@ SSL_CTX_set_cipher_list(SSL_CTX ctx, const char str)
1297	if (sk == NULL)	1297	if (sk == NULL)
1298	return (0);	1298	return (0);
1299	else if (sk_SSL_CIPHER_num(sk) == 0) {	1299	else if (sk_SSL_CIPHER_num(sk) == 0) {
1300	SSLerror(SSL_R_NO_CIPHER_MATCH);	1300	SSLerrorx(SSL_R_NO_CIPHER_MATCH);
1301	return (0);	1301	return (0);
1302	}	1302	}
1303	return (1);	1303	return (1);
@@ -1315,7 +1315,7 @@ SSL_set_cipher_list(SSL s, const char str)
1315	if (sk == NULL)	1315	if (sk == NULL)
1316	return (0);	1316	return (0);
1317	else if (sk_SSL_CIPHER_num(sk) == 0) {	1317	else if (sk_SSL_CIPHER_num(sk) == 0) {
1318	SSLerror(SSL_R_NO_CIPHER_MATCH);	1318	SSLerror(s, SSL_R_NO_CIPHER_MATCH);
1319	return (0);	1319	return (0);
1320	}	1320	}
1321	return (1);	1321	return (1);
@@ -1419,19 +1419,19 @@ ssl_bytes_to_cipher_list(SSL s, const unsigned char p, int num)
1419	* RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].	1419	* RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].
1420	*/	1420	*/
1421	if (num < 2 \|\| num > 0x10000 - 2) {	1421	if (num < 2 \|\| num > 0x10000 - 2) {
1422	SSLerror(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);	1422	SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1423	return (NULL);	1423	return (NULL);
1424	}	1424	}
1425		1425
1426	if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {	1426	if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {
1427	SSLerror(ERR_R_MALLOC_FAILURE);	1427	SSLerror(s, ERR_R_MALLOC_FAILURE);
1428	goto err;	1428	goto err;
1429	}	1429	}
1430		1430
1431	CBS_init(&cbs, p, num);	1431	CBS_init(&cbs, p, num);
1432	while (CBS_len(&cbs) > 0) {	1432	while (CBS_len(&cbs) > 0) {
1433	if (!CBS_get_u16(&cbs, &cipher_value)) {	1433	if (!CBS_get_u16(&cbs, &cipher_value)) {
1434	SSLerror(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);	1434	SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1435	goto err;	1435	goto err;
1436	}	1436	}
1437		1437
@@ -1443,7 +1443,7 @@ ssl_bytes_to_cipher_list(SSL s, const unsigned char p, int num)
1443	* renegotiating.	1443	* renegotiating.
1444	*/	1444	*/
1445	if (s->internal->renegotiate) {	1445	if (s->internal->renegotiate) {
1446	SSLerror(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);	1446	SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1447	ssl3_send_alert(s, SSL3_AL_FATAL,	1447	ssl3_send_alert(s, SSL3_AL_FATAL,
1448	SSL_AD_HANDSHAKE_FAILURE);	1448	SSL_AD_HANDSHAKE_FAILURE);
1449		1449
@@ -1462,7 +1462,7 @@ ssl_bytes_to_cipher_list(SSL s, const unsigned char p, int num)
1462	*/	1462	*/
1463	max_version = ssl_max_server_version(s);	1463	max_version = ssl_max_server_version(s);
1464	if (max_version == 0 \|\| s->version < max_version) {	1464	if (max_version == 0 \|\| s->version < max_version) {
1465	SSLerror(SSL_R_INAPPROPRIATE_FALLBACK);	1465	SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
1466	if (s->s3 != NULL)	1466	if (s->s3 != NULL)
1467	ssl3_send_alert(s, SSL3_AL_FATAL,	1467	ssl3_send_alert(s, SSL3_AL_FATAL,
1468	SSL_AD_INAPPROPRIATE_FALLBACK);	1468	SSL_AD_INAPPROPRIATE_FALLBACK);
@@ -1473,7 +1473,7 @@ ssl_bytes_to_cipher_list(SSL s, const unsigned char p, int num)
1473		1473
1474	if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {	1474	if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
1475	if (!sk_SSL_CIPHER_push(sk, c)) {	1475	if (!sk_SSL_CIPHER_push(sk, c)) {
1476	SSLerror(ERR_R_MALLOC_FAILURE);	1476	SSLerror(s, ERR_R_MALLOC_FAILURE);
1477	goto err;	1477	goto err;
1478	}	1478	}
1479	}	1479	}
@@ -1783,22 +1783,22 @@ SSL_CTX_new(const SSL_METHOD *meth)
1783	SSL_CTX *ret;	1783	SSL_CTX *ret;
1784		1784
1785	if (meth == NULL) {	1785	if (meth == NULL) {
1786	SSLerror(SSL_R_NULL_SSL_METHOD_PASSED);	1786	SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED);
1787	return (NULL);	1787	return (NULL);
1788	}	1788	}
1789		1789
1790	if ((ret = calloc(1, sizeof(*ret))) == NULL) {	1790	if ((ret = calloc(1, sizeof(*ret))) == NULL) {
1791	SSLerror(ERR_R_MALLOC_FAILURE);	1791	SSLerrorx(ERR_R_MALLOC_FAILURE);
1792	return (NULL);	1792	return (NULL);
1793	}	1793	}
1794	if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {	1794	if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
1795	free(ret);	1795	free(ret);
1796	SSLerror(ERR_R_MALLOC_FAILURE);	1796	SSLerrorx(ERR_R_MALLOC_FAILURE);
1797	return (NULL);	1797	return (NULL);
1798	}	1798	}
1799		1799
1800	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {	1800	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1801	SSLerror(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);	1801	SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1802	goto err;	1802	goto err;
1803	}	1803	}
1804		1804
@@ -1857,7 +1857,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
1857	&ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);	1857	&ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
1858	if (ret->cipher_list == NULL \|\|	1858	if (ret->cipher_list == NULL \|\|
1859	sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {	1859	sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1860	SSLerror(SSL_R_LIBRARY_HAS_NO_CIPHERS);	1860	SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS);
1861	goto err2;	1861	goto err2;
1862	}	1862	}
1863		1863
@@ -1866,11 +1866,11 @@ SSL_CTX_new(const SSL_METHOD *meth)
1866	goto err;	1866	goto err;
1867		1867
1868	if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {	1868	if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
1869	SSLerror(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);	1869	SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1870	goto err2;	1870	goto err2;
1871	}	1871	}
1872	if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {	1872	if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
1873	SSLerror(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);	1873	SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1874	goto err2;	1874	goto err2;
1875	}	1875	}
1876		1876
@@ -1925,7 +1925,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
1925		1925
1926	return (ret);	1926	return (ret);
1927	err:	1927	err:
1928	SSLerror(ERR_R_MALLOC_FAILURE);	1928	SSLerrorx(ERR_R_MALLOC_FAILURE);
1929	err2:	1929	err2:
1930	SSL_CTX_free(ret);	1930	SSL_CTX_free(ret);
1931	return (NULL);	1931	return (NULL);
@@ -2109,7 +2109,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s)
2109	/* Key usage, if present, must allow signing. */	2109	/* Key usage, if present, must allow signing. */
2110	if ((x->ex_flags & EXFLAG_KUSAGE) &&	2110	if ((x->ex_flags & EXFLAG_KUSAGE) &&
2111	((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {	2111	((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {
2112	SSLerror(SSL_R_ECC_CERT_NOT_FOR_SIGNING);	2112	SSLerror(s, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2113	return (0);	2113	return (0);
2114	}	2114	}
2115	}	2115	}
@@ -2141,7 +2141,7 @@ ssl_get_server_send_pkey(const SSL *s)
2141	} else if (alg_a & SSL_aGOST01) {	2141	} else if (alg_a & SSL_aGOST01) {
2142	i = SSL_PKEY_GOST01;	2142	i = SSL_PKEY_GOST01;
2143	} else { /* if (alg_a & SSL_aNULL) */	2143	} else { /* if (alg_a & SSL_aNULL) */
2144	SSLerror(ERR_R_INTERNAL_ERROR);	2144	SSLerror(s, ERR_R_INTERNAL_ERROR);
2145	return (NULL);	2145	return (NULL);
2146	}	2146	}
2147		2147
@@ -2181,7 +2181,7 @@ ssl_get_sign_pkey(SSL s, const SSL_CIPHER cipher, const EVP_MD **pmd)
2181	(c->pkeys[SSL_PKEY_ECC].privatekey != NULL))	2181	(c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2182	idx = SSL_PKEY_ECC;	2182	idx = SSL_PKEY_ECC;
2183	if (idx == -1) {	2183	if (idx == -1) {
2184	SSLerror(ERR_R_INTERNAL_ERROR);	2184	SSLerror(s, ERR_R_INTERNAL_ERROR);
2185	return (NULL);	2185	return (NULL);
2186	}	2186	}
2187	if (pmd)	2187	if (pmd)
@@ -2385,7 +2385,7 @@ SSL_do_handshake(SSL *s)
2385	int ret = 1;	2385	int ret = 1;
2386		2386
2387	if (s->internal->handshake_func == NULL) {	2387	if (s->internal->handshake_func == NULL) {
2388	SSLerror(SSL_R_CONNECTION_TYPE_NOT_SET);	2388	SSLerror(s, SSL_R_CONNECTION_TYPE_NOT_SET);
2389	return (-1);	2389	return (-1);
2390	}	2390	}
2391		2391
@@ -2430,21 +2430,21 @@ SSL_set_connect_state(SSL *s)
2430	int	2430	int
2431	ssl_undefined_function(SSL *s)	2431	ssl_undefined_function(SSL *s)
2432	{	2432	{
2433	SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);	2433	SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2434	return (0);	2434	return (0);
2435	}	2435	}
2436		2436
2437	int	2437	int
2438	ssl_undefined_void_function(void)	2438	ssl_undefined_void_function(void)
2439	{	2439	{
2440	SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);	2440	SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2441	return (0);	2441	return (0);
2442	}	2442	}
2443		2443
2444	int	2444	int
2445	ssl_undefined_const_function(const SSL *s)	2445	ssl_undefined_const_function(const SSL *s)
2446	{	2446	{
2447	SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);	2447	SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2448	return (0);	2448	return (0);
2449	}	2449	}
2450		2450
@@ -2679,7 +2679,7 @@ ssl_init_wbio_buffer(SSL *s, int push)
2679	(void)BIO_reset(bbio);	2679	(void)BIO_reset(bbio);
2680	/* if (!BIO_set_write_buffer_size(bbio,161024)) /	2680	/* if (!BIO_set_write_buffer_size(bbio,161024)) /
2681	if (!BIO_set_read_buffer_size(bbio, 1)) {	2681	if (!BIO_set_read_buffer_size(bbio, 1)) {
2682	SSLerror(ERR_R_BUF_LIB);	2682	SSLerror(s, ERR_R_BUF_LIB);
2683	return (0);	2683	return (0);
2684	}	2684	}
2685	if (push) {	2685	if (push) {