1 files changed, 15 insertions, 15 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 5477e9a168..5d80e58196 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.69 2017/01/26 12:16:13 beck Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.70 2017/02/07 02:08:38 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -200,12 +200,12 @@ SSL_SESSION_new(void)
        SSL_SESSION *ss;
        if ((ss = calloc(1, sizeof(*ss))) == NULL) {
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
        if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {
                free(ss);
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
@@ -312,7 +312,7 @@ ssl_get_new_session(SSL *s, int session)
                        ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
                        break;
                default:
-                        SSLerror(SSL_R_UNSUPPORTED_SSL_VERSION);
+                        SSLerror(s, SSL_R_UNSUPPORTED_SSL_VERSION);
                        SSL_SESSION_free(ss);
                        return (0);
                }
@@ -335,7 +335,7 @@ ssl_get_new_session(SSL *s, int session)
                tmp = ss->session_id_length;
                if (!cb(s, ss->session_id, &tmp)) {
                        /* The callback failed */
-                        SSLerror(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
+                        SSLerror(s, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
                        SSL_SESSION_free(ss);
                        return (0);
                }
@@ -346,7 +346,7 @@ ssl_get_new_session(SSL *s, int session)
                 */
                if (!tmp || (tmp > ss->session_id_length)) {
                        /* The callback set an illegal length */
-                        SSLerror(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
+                        SSLerror(s, SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
                        SSL_SESSION_free(ss);
                        return (0);
                }
@@ -355,7 +355,7 @@ ssl_get_new_session(SSL *s, int session)
                /* Finally, check for a conflict. */
                if (SSL_has_matching_session_id(s, ss->session_id,
                        ss->session_id_length)) {
-                        SSLerror(SSL_R_SSL_SESSION_ID_CONFLICT);
+                        SSLerror(s, SSL_R_SSL_SESSION_ID_CONFLICT);
                        SSL_SESSION_free(ss);
                        return (0);
                }
@@ -364,7 +364,7 @@ sess_id_done:
                if (s->tlsext_hostname) {
                        ss->tlsext_hostname = strdup(s->tlsext_hostname);
                        if (ss->tlsext_hostname == NULL) {
-                                SSLerror(ERR_R_INTERNAL_ERROR);
+                                SSLerror(s, ERR_R_INTERNAL_ERROR);
                                SSL_SESSION_free(ss);
                                return 0;
                        }
@@ -374,7 +374,7 @@ sess_id_done:
        }
        if (s->sid_ctx_length > sizeof ss->sid_ctx) {
-                SSLerror(ERR_R_INTERNAL_ERROR);
+                SSLerror(s, ERR_R_INTERNAL_ERROR);
                SSL_SESSION_free(ss);
                return 0;
        }
@@ -523,7 +523,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
                 * applications to effectively disable the session cache by
                 * accident without anyone noticing).
                 */
-                SSLerror(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
+                SSLerror(s, SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
                fatal = 1;
                goto err;
        }
@@ -723,7 +723,7 @@ SSL_set_session(SSL *s, SSL_SESSION *session)
                if (meth == NULL)
                        meth = s->method->internal->get_ssl_method(session->ssl_version);
                if (meth == NULL) {
-                        SSLerror(SSL_R_UNABLE_TO_FIND_SSL_METHOD);
+                        SSLerror(s, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
                        return (0);
                }
@@ -803,7 +803,7 @@ SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
    unsigned int sid_ctx_len)
 {
        if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-                SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+                SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
                return 0;
        }
        s->sid_ctx_length = sid_ctx_len;
@@ -864,7 +864,7 @@ SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
                s->internal->tlsext_session_ticket =
                    malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
                if (!s->internal->tlsext_session_ticket) {
-                        SSLerror(ERR_R_MALLOC_FAILURE);
+                        SSLerror(s, ERR_R_MALLOC_FAILURE);
                        return 0;
                }
@@ -1071,11 +1071,11 @@ int
 SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
 {
        if (!ENGINE_init(e)) {
-                SSLerror(ERR_R_ENGINE_LIB);
+                SSLerrorx(ERR_R_ENGINE_LIB);
                return 0;
        }
        if (!ENGINE_get_ssl_client_cert_function(e)) {
-                SSLerror(SSL_R_NO_CLIENT_CERT_METHOD);
+                SSLerrorx(SSL_R_NO_CLIENT_CERT_METHOD);
                ENGINE_finish(e);
                return 0;
        }

diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 5477e9a168..5d80e58196 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sess.c,v 1.69 2017/01/26 12:16:13 beck Exp $ */	1	/* $OpenBSD: ssl_sess.c,v 1.70 2017/02/07 02:08:38 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -200,12 +200,12 @@ SSL_SESSION_new(void)
200	SSL_SESSION *ss;	200	SSL_SESSION *ss;
201		201
202	if ((ss = calloc(1, sizeof(*ss))) == NULL) {	202	if ((ss = calloc(1, sizeof(*ss))) == NULL) {
203	SSLerror(ERR_R_MALLOC_FAILURE);	203	SSLerrorx(ERR_R_MALLOC_FAILURE);
204	return (NULL);	204	return (NULL);
205	}	205	}
206	if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {	206	if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {
207	free(ss);	207	free(ss);
208	SSLerror(ERR_R_MALLOC_FAILURE);	208	SSLerrorx(ERR_R_MALLOC_FAILURE);
209	return (NULL);	209	return (NULL);
210	}	210	}
211		211
@@ -312,7 +312,7 @@ ssl_get_new_session(SSL *s, int session)
312	ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;	312	ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
313	break;	313	break;
314	default:	314	default:
315	SSLerror(SSL_R_UNSUPPORTED_SSL_VERSION);	315	SSLerror(s, SSL_R_UNSUPPORTED_SSL_VERSION);
316	SSL_SESSION_free(ss);	316	SSL_SESSION_free(ss);
317	return (0);	317	return (0);
318	}	318	}
@@ -335,7 +335,7 @@ ssl_get_new_session(SSL *s, int session)
335	tmp = ss->session_id_length;	335	tmp = ss->session_id_length;
336	if (!cb(s, ss->session_id, &tmp)) {	336	if (!cb(s, ss->session_id, &tmp)) {
337	/* The callback failed */	337	/* The callback failed */
338	SSLerror(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);	338	SSLerror(s, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
339	SSL_SESSION_free(ss);	339	SSL_SESSION_free(ss);
340	return (0);	340	return (0);
341	}	341	}
@@ -346,7 +346,7 @@ ssl_get_new_session(SSL *s, int session)
346	*/	346	*/
347	if (!tmp \|\| (tmp > ss->session_id_length)) {	347	if (!tmp \|\| (tmp > ss->session_id_length)) {
348	/* The callback set an illegal length */	348	/* The callback set an illegal length */
349	SSLerror(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);	349	SSLerror(s, SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
350	SSL_SESSION_free(ss);	350	SSL_SESSION_free(ss);
351	return (0);	351	return (0);
352	}	352	}
@@ -355,7 +355,7 @@ ssl_get_new_session(SSL *s, int session)
355	/* Finally, check for a conflict. */	355	/* Finally, check for a conflict. */
356	if (SSL_has_matching_session_id(s, ss->session_id,	356	if (SSL_has_matching_session_id(s, ss->session_id,
357	ss->session_id_length)) {	357	ss->session_id_length)) {
358	SSLerror(SSL_R_SSL_SESSION_ID_CONFLICT);	358	SSLerror(s, SSL_R_SSL_SESSION_ID_CONFLICT);
359	SSL_SESSION_free(ss);	359	SSL_SESSION_free(ss);
360	return (0);	360	return (0);
361	}	361	}
@@ -364,7 +364,7 @@ sess_id_done:
364	if (s->tlsext_hostname) {	364	if (s->tlsext_hostname) {
365	ss->tlsext_hostname = strdup(s->tlsext_hostname);	365	ss->tlsext_hostname = strdup(s->tlsext_hostname);
366	if (ss->tlsext_hostname == NULL) {	366	if (ss->tlsext_hostname == NULL) {
367	SSLerror(ERR_R_INTERNAL_ERROR);	367	SSLerror(s, ERR_R_INTERNAL_ERROR);
368	SSL_SESSION_free(ss);	368	SSL_SESSION_free(ss);
369	return 0;	369	return 0;
370	}	370	}
@@ -374,7 +374,7 @@ sess_id_done:
374	}	374	}
375		375
376	if (s->sid_ctx_length > sizeof ss->sid_ctx) {	376	if (s->sid_ctx_length > sizeof ss->sid_ctx) {
377	SSLerror(ERR_R_INTERNAL_ERROR);	377	SSLerror(s, ERR_R_INTERNAL_ERROR);
378	SSL_SESSION_free(ss);	378	SSL_SESSION_free(ss);
379	return 0;	379	return 0;
380	}	380	}
@@ -523,7 +523,7 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
523	* applications to effectively disable the session cache by	523	* applications to effectively disable the session cache by
524	* accident without anyone noticing).	524	* accident without anyone noticing).
525	*/	525	*/
526	SSLerror(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);	526	SSLerror(s, SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
527	fatal = 1;	527	fatal = 1;
528	goto err;	528	goto err;
529	}	529	}
@@ -723,7 +723,7 @@ SSL_set_session(SSL s, SSL_SESSION session)
723	if (meth == NULL)	723	if (meth == NULL)
724	meth = s->method->internal->get_ssl_method(session->ssl_version);	724	meth = s->method->internal->get_ssl_method(session->ssl_version);
725	if (meth == NULL) {	725	if (meth == NULL) {
726	SSLerror(SSL_R_UNABLE_TO_FIND_SSL_METHOD);	726	SSLerror(s, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
727	return (0);	727	return (0);
728	}	728	}
729		729
@@ -803,7 +803,7 @@ SSL_SESSION_set1_id_context(SSL_SESSION s, const unsigned char sid_ctx,
803	unsigned int sid_ctx_len)	803	unsigned int sid_ctx_len)
804	{	804	{
805	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {	805	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
806	SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);	806	SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
807	return 0;	807	return 0;
808	}	808	}
809	s->sid_ctx_length = sid_ctx_len;	809	s->sid_ctx_length = sid_ctx_len;
@@ -864,7 +864,7 @@ SSL_set_session_ticket_ext(SSL s, void ext_data, int ext_len)
864	s->internal->tlsext_session_ticket =	864	s->internal->tlsext_session_ticket =
865	malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);	865	malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
866	if (!s->internal->tlsext_session_ticket) {	866	if (!s->internal->tlsext_session_ticket) {
867	SSLerror(ERR_R_MALLOC_FAILURE);	867	SSLerror(s, ERR_R_MALLOC_FAILURE);
868	return 0;	868	return 0;
869	}	869	}
870		870
@@ -1071,11 +1071,11 @@ int
1071	SSL_CTX_set_client_cert_engine(SSL_CTX ctx, ENGINE e)	1071	SSL_CTX_set_client_cert_engine(SSL_CTX ctx, ENGINE e)
1072	{	1072	{
1073	if (!ENGINE_init(e)) {	1073	if (!ENGINE_init(e)) {
1074	SSLerror(ERR_R_ENGINE_LIB);	1074	SSLerrorx(ERR_R_ENGINE_LIB);
1075	return 0;	1075	return 0;
1076	}	1076	}
1077	if (!ENGINE_get_ssl_client_cert_function(e)) {	1077	if (!ENGINE_get_ssl_client_cert_function(e)) {
1078	SSLerror(SSL_R_NO_CLIENT_CERT_METHOD);	1078	SSLerrorx(SSL_R_NO_CLIENT_CERT_METHOD);
1079	ENGINE_finish(e);	1079	ENGINE_finish(e);
1080	return 0;	1080	return 0;
1081	}	1081	}