summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_srvr.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_srvr.c')
-rw-r--r--src/lib/libssl/ssl_srvr.c212
1 files changed, 106 insertions, 106 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 217ecafeec..bb43ec74e2 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.5 2017/01/26 12:28:00 jsing Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.6 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -189,7 +189,7 @@ ssl3_accept(SSL *s)
189 SSL_clear(s); 189 SSL_clear(s);
190 190
191 if (s->cert == NULL) { 191 if (s->cert == NULL) {
192 SSLerror(SSL_R_NO_CERTIFICATE_SET); 192 SSLerror(s, SSL_R_NO_CERTIFICATE_SET);
193 ret = -1; 193 ret = -1;
194 goto end; 194 goto end;
195 } 195 }
@@ -212,7 +212,7 @@ ssl3_accept(SSL *s)
212 cb(s, SSL_CB_HANDSHAKE_START, 1); 212 cb(s, SSL_CB_HANDSHAKE_START, 1);
213 213
214 if ((s->version >> 8) != 3) { 214 if ((s->version >> 8) != 3) {
215 SSLerror(ERR_R_INTERNAL_ERROR); 215 SSLerror(s, ERR_R_INTERNAL_ERROR);
216 ret = -1; 216 ret = -1;
217 goto end; 217 goto end;
218 } 218 }
@@ -253,7 +253,7 @@ ssl3_accept(SSL *s)
253 * client that doesn't support secure 253 * client that doesn't support secure
254 * renegotiation. 254 * renegotiation.
255 */ 255 */
256 SSLerror(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); 256 SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
257 ssl3_send_alert(s, SSL3_AL_FATAL, 257 ssl3_send_alert(s, SSL3_AL_FATAL,
258 SSL_AD_HANDSHAKE_FAILURE); 258 SSL_AD_HANDSHAKE_FAILURE);
259 ret = -1; 259 ret = -1;
@@ -483,7 +483,7 @@ ssl3_accept(SSL *s)
483 * at this point and digest cached records. 483 * at this point and digest cached records.
484 */ 484 */
485 if (!S3I(s)->handshake_buffer) { 485 if (!S3I(s)->handshake_buffer) {
486 SSLerror(ERR_R_INTERNAL_ERROR); 486 SSLerror(s, ERR_R_INTERNAL_ERROR);
487 ret = -1; 487 ret = -1;
488 goto end; 488 goto end;
489 } 489 }
@@ -671,7 +671,7 @@ ssl3_accept(SSL *s)
671 /* break; */ 671 /* break; */
672 672
673 default: 673 default:
674 SSLerror(SSL_R_UNKNOWN_STATE); 674 SSLerror(s, SSL_R_UNKNOWN_STATE);
675 ret = -1; 675 ret = -1;
676 goto end; 676 goto end;
677 /* break; */ 677 /* break; */
@@ -770,7 +770,7 @@ ssl3_get_client_hello(SSL *s)
770 goto truncated; 770 goto truncated;
771 771
772 if (ssl_max_shared_version(s, client_version, &shared_version) != 1) { 772 if (ssl_max_shared_version(s, client_version, &shared_version) != 1) {
773 SSLerror(SSL_R_WRONG_VERSION_NUMBER); 773 SSLerror(s, SSL_R_WRONG_VERSION_NUMBER);
774 if ((s->client_version >> 8) == SSL3_VERSION_MAJOR && 774 if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
775 !s->internal->enc_write_ctx && !s->internal->write_hash) { 775 !s->internal->enc_write_ctx && !s->internal->write_hash) {
776 /* 776 /*
@@ -788,7 +788,7 @@ ssl3_get_client_hello(SSL *s)
788 if ((method = tls1_get_server_method(shared_version)) == NULL) 788 if ((method = tls1_get_server_method(shared_version)) == NULL)
789 method = dtls1_get_server_method(shared_version); 789 method = dtls1_get_server_method(shared_version);
790 if (method == NULL) { 790 if (method == NULL) {
791 SSLerror(ERR_R_INTERNAL_ERROR); 791 SSLerror(s, ERR_R_INTERNAL_ERROR);
792 goto err; 792 goto err;
793 } 793 }
794 s->method = method; 794 s->method = method;
@@ -861,7 +861,7 @@ ssl3_get_client_hello(SSL *s)
861 */ 861 */
862 if (CBS_len(&cookie) > sizeof(D1I(s)->rcvd_cookie)) { 862 if (CBS_len(&cookie) > sizeof(D1I(s)->rcvd_cookie)) {
863 al = SSL_AD_DECODE_ERROR; 863 al = SSL_AD_DECODE_ERROR;
864 SSLerror(SSL_R_COOKIE_MISMATCH); 864 SSLerror(s, SSL_R_COOKIE_MISMATCH);
865 goto f_err; 865 goto f_err;
866 } 866 }
867 867
@@ -879,7 +879,7 @@ ssl3_get_client_hello(SSL *s)
879 if (s->ctx->internal->app_verify_cookie_cb(s, 879 if (s->ctx->internal->app_verify_cookie_cb(s,
880 D1I(s)->rcvd_cookie, cookie_len) == 0) { 880 D1I(s)->rcvd_cookie, cookie_len) == 0) {
881 al = SSL_AD_HANDSHAKE_FAILURE; 881 al = SSL_AD_HANDSHAKE_FAILURE;
882 SSLerror(SSL_R_COOKIE_MISMATCH); 882 SSLerror(s, SSL_R_COOKIE_MISMATCH);
883 goto f_err; 883 goto f_err;
884 } 884 }
885 /* else cookie verification succeeded */ 885 /* else cookie verification succeeded */
@@ -888,7 +888,7 @@ ssl3_get_client_hello(SSL *s)
888 D1I(s)->cookie, D1I(s)->cookie_len) != 0) { 888 D1I(s)->cookie, D1I(s)->cookie_len) != 0) {
889 /* default verification */ 889 /* default verification */
890 al = SSL_AD_HANDSHAKE_FAILURE; 890 al = SSL_AD_HANDSHAKE_FAILURE;
891 SSLerror(SSL_R_COOKIE_MISMATCH); 891 SSLerror(s, SSL_R_COOKIE_MISMATCH);
892 goto f_err; 892 goto f_err;
893 } 893 }
894 ret = 2; 894 ret = 2;
@@ -902,7 +902,7 @@ ssl3_get_client_hello(SSL *s)
902 if (CBS_len(&cipher_suites) == 0 && CBS_len(&session_id) != 0) { 902 if (CBS_len(&cipher_suites) == 0 && CBS_len(&session_id) != 0) {
903 /* we need a cipher if we are not resuming a session */ 903 /* we need a cipher if we are not resuming a session */
904 al = SSL_AD_ILLEGAL_PARAMETER; 904 al = SSL_AD_ILLEGAL_PARAMETER;
905 SSLerror(SSL_R_NO_CIPHERS_SPECIFIED); 905 SSLerror(s, SSL_R_NO_CIPHERS_SPECIFIED);
906 goto f_err; 906 goto f_err;
907 } 907 }
908 908
@@ -930,7 +930,7 @@ ssl3_get_client_hello(SSL *s)
930 * list if we are asked to reuse it 930 * list if we are asked to reuse it
931 */ 931 */
932 al = SSL_AD_ILLEGAL_PARAMETER; 932 al = SSL_AD_ILLEGAL_PARAMETER;
933 SSLerror(SSL_R_REQUIRED_CIPHER_MISSING); 933 SSLerror(s, SSL_R_REQUIRED_CIPHER_MISSING);
934 goto f_err; 934 goto f_err;
935 } 935 }
936 } 936 }
@@ -947,7 +947,7 @@ ssl3_get_client_hello(SSL *s)
947 } 947 }
948 if (comp_null == 0) { 948 if (comp_null == 0) {
949 al = SSL_AD_DECODE_ERROR; 949 al = SSL_AD_DECODE_ERROR;
950 SSLerror(SSL_R_NO_COMPRESSION_SPECIFIED); 950 SSLerror(s, SSL_R_NO_COMPRESSION_SPECIFIED);
951 goto f_err; 951 goto f_err;
952 } 952 }
953 953
@@ -956,11 +956,11 @@ ssl3_get_client_hello(SSL *s)
956 /* TLS extensions*/ 956 /* TLS extensions*/
957 if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { 957 if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) {
958 /* 'al' set by ssl_parse_clienthello_tlsext */ 958 /* 'al' set by ssl_parse_clienthello_tlsext */
959 SSLerror(SSL_R_PARSE_TLSEXT); 959 SSLerror(s, SSL_R_PARSE_TLSEXT);
960 goto f_err; 960 goto f_err;
961 } 961 }
962 if (ssl_check_clienthello_tlsext_early(s) <= 0) { 962 if (ssl_check_clienthello_tlsext_early(s) <= 0) {
963 SSLerror(SSL_R_CLIENTHELLO_TLSEXT); 963 SSLerror(s, SSL_R_CLIENTHELLO_TLSEXT);
964 goto err; 964 goto err;
965 } 965 }
966 966
@@ -991,7 +991,7 @@ ssl3_get_client_hello(SSL *s)
991 SSL_get_ciphers(s)); 991 SSL_get_ciphers(s));
992 if (pref_cipher == NULL) { 992 if (pref_cipher == NULL) {
993 al = SSL_AD_HANDSHAKE_FAILURE; 993 al = SSL_AD_HANDSHAKE_FAILURE;
994 SSLerror(SSL_R_NO_SHARED_CIPHER); 994 SSLerror(s, SSL_R_NO_SHARED_CIPHER);
995 goto f_err; 995 goto f_err;
996 } 996 }
997 997
@@ -1016,7 +1016,7 @@ ssl3_get_client_hello(SSL *s)
1016 s->session->ciphers = ciphers; 1016 s->session->ciphers = ciphers;
1017 if (ciphers == NULL) { 1017 if (ciphers == NULL) {
1018 al = SSL_AD_ILLEGAL_PARAMETER; 1018 al = SSL_AD_ILLEGAL_PARAMETER;
1019 SSLerror(SSL_R_NO_CIPHERS_PASSED); 1019 SSLerror(s, SSL_R_NO_CIPHERS_PASSED);
1020 goto f_err; 1020 goto f_err;
1021 } 1021 }
1022 ciphers = NULL; 1022 ciphers = NULL;
@@ -1025,7 +1025,7 @@ ssl3_get_client_hello(SSL *s)
1025 1025
1026 if (c == NULL) { 1026 if (c == NULL) {
1027 al = SSL_AD_HANDSHAKE_FAILURE; 1027 al = SSL_AD_HANDSHAKE_FAILURE;
1028 SSLerror(SSL_R_NO_SHARED_CIPHER); 1028 SSLerror(s, SSL_R_NO_SHARED_CIPHER);
1029 goto f_err; 1029 goto f_err;
1030 } 1030 }
1031 S3I(s)->tmp.new_cipher = c; 1031 S3I(s)->tmp.new_cipher = c;
@@ -1056,7 +1056,7 @@ ssl3_get_client_hello(SSL *s)
1056 1056
1057 /* Handles TLS extensions that we couldn't check earlier */ 1057 /* Handles TLS extensions that we couldn't check earlier */
1058 if (ssl_check_clienthello_tlsext_late(s) <= 0) { 1058 if (ssl_check_clienthello_tlsext_late(s) <= 0) {
1059 SSLerror(SSL_R_CLIENTHELLO_TLSEXT); 1059 SSLerror(s, SSL_R_CLIENTHELLO_TLSEXT);
1060 goto err; 1060 goto err;
1061 } 1061 }
1062 1062
@@ -1065,7 +1065,7 @@ ssl3_get_client_hello(SSL *s)
1065 if (0) { 1065 if (0) {
1066truncated: 1066truncated:
1067 al = SSL_AD_DECODE_ERROR; 1067 al = SSL_AD_DECODE_ERROR;
1068 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1068 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1069f_err: 1069f_err:
1070 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1070 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1071 } 1071 }
@@ -1124,7 +1124,7 @@ ssl3_send_server_hello(SSL *s)
1124 1124
1125 sl = s->session->session_id_length; 1125 sl = s->session->session_id_length;
1126 if (sl > (int)sizeof(s->session->session_id)) { 1126 if (sl > (int)sizeof(s->session->session_id)) {
1127 SSLerror(ERR_R_INTERNAL_ERROR); 1127 SSLerror(s, ERR_R_INTERNAL_ERROR);
1128 goto err; 1128 goto err;
1129 } 1129 }
1130 1130
@@ -1147,7 +1147,7 @@ ssl3_send_server_hello(SSL *s)
1147 1147
1148 if ((p = ssl_add_serverhello_tlsext(s, p + outlen, 1148 if ((p = ssl_add_serverhello_tlsext(s, p + outlen,
1149 bufend)) == NULL) { 1149 bufend)) == NULL) {
1150 SSLerror(ERR_R_INTERNAL_ERROR); 1150 SSLerror(s, ERR_R_INTERNAL_ERROR);
1151 goto err; 1151 goto err;
1152 } 1152 }
1153 1153
@@ -1188,7 +1188,7 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb)
1188 if (s->cert->dh_tmp_auto != 0) { 1188 if (s->cert->dh_tmp_auto != 0) {
1189 if ((dhp = ssl_get_auto_dh(s)) == NULL) { 1189 if ((dhp = ssl_get_auto_dh(s)) == NULL) {
1190 al = SSL_AD_INTERNAL_ERROR; 1190 al = SSL_AD_INTERNAL_ERROR;
1191 SSLerror(ERR_R_INTERNAL_ERROR); 1191 SSLerror(s, ERR_R_INTERNAL_ERROR);
1192 goto f_err; 1192 goto f_err;
1193 } 1193 }
1194 } else 1194 } else
@@ -1200,24 +1200,24 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb)
1200 1200
1201 if (dhp == NULL) { 1201 if (dhp == NULL) {
1202 al = SSL_AD_HANDSHAKE_FAILURE; 1202 al = SSL_AD_HANDSHAKE_FAILURE;
1203 SSLerror(SSL_R_MISSING_TMP_DH_KEY); 1203 SSLerror(s, SSL_R_MISSING_TMP_DH_KEY);
1204 goto f_err; 1204 goto f_err;
1205 } 1205 }
1206 1206
1207 if (S3I(s)->tmp.dh != NULL) { 1207 if (S3I(s)->tmp.dh != NULL) {
1208 SSLerror(ERR_R_INTERNAL_ERROR); 1208 SSLerror(s, ERR_R_INTERNAL_ERROR);
1209 goto err; 1209 goto err;
1210 } 1210 }
1211 1211
1212 if (s->cert->dh_tmp_auto != 0) { 1212 if (s->cert->dh_tmp_auto != 0) {
1213 dh = dhp; 1213 dh = dhp;
1214 } else if ((dh = DHparams_dup(dhp)) == NULL) { 1214 } else if ((dh = DHparams_dup(dhp)) == NULL) {
1215 SSLerror(ERR_R_DH_LIB); 1215 SSLerror(s, ERR_R_DH_LIB);
1216 goto err; 1216 goto err;
1217 } 1217 }
1218 S3I(s)->tmp.dh = dh; 1218 S3I(s)->tmp.dh = dh;
1219 if (!DH_generate_key(dh)) { 1219 if (!DH_generate_key(dh)) {
1220 SSLerror(ERR_R_DH_LIB); 1220 SSLerror(s, ERR_R_DH_LIB);
1221 goto err; 1221 goto err;
1222 } 1222 }
1223 1223
@@ -1276,12 +1276,12 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1276 } 1276 }
1277 if (ecdhp == NULL) { 1277 if (ecdhp == NULL) {
1278 al = SSL_AD_HANDSHAKE_FAILURE; 1278 al = SSL_AD_HANDSHAKE_FAILURE;
1279 SSLerror(SSL_R_MISSING_TMP_ECDH_KEY); 1279 SSLerror(s, SSL_R_MISSING_TMP_ECDH_KEY);
1280 goto f_err; 1280 goto f_err;
1281 } 1281 }
1282 1282
1283 if (S3I(s)->tmp.ecdh != NULL) { 1283 if (S3I(s)->tmp.ecdh != NULL) {
1284 SSLerror(ERR_R_INTERNAL_ERROR); 1284 SSLerror(s, ERR_R_INTERNAL_ERROR);
1285 goto err; 1285 goto err;
1286 } 1286 }
1287 1287
@@ -1289,7 +1289,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1289 if (s->cert->ecdh_tmp_auto != 0) { 1289 if (s->cert->ecdh_tmp_auto != 0) {
1290 ecdh = ecdhp; 1290 ecdh = ecdhp;
1291 } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) { 1291 } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
1292 SSLerror(ERR_R_ECDH_LIB); 1292 SSLerror(s, ERR_R_ECDH_LIB);
1293 goto err; 1293 goto err;
1294 } 1294 }
1295 S3I(s)->tmp.ecdh = ecdh; 1295 S3I(s)->tmp.ecdh = ecdh;
@@ -1298,7 +1298,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1298 (EC_KEY_get0_private_key(ecdh) == NULL) || 1298 (EC_KEY_get0_private_key(ecdh) == NULL) ||
1299 (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) { 1299 (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
1300 if (!EC_KEY_generate_key(ecdh)) { 1300 if (!EC_KEY_generate_key(ecdh)) {
1301 SSLerror(ERR_R_ECDH_LIB); 1301 SSLerror(s, ERR_R_ECDH_LIB);
1302 goto err; 1302 goto err;
1303 } 1303 }
1304 } 1304 }
@@ -1306,7 +1306,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1306 if (((group = EC_KEY_get0_group(ecdh)) == NULL) || 1306 if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
1307 (EC_KEY_get0_public_key(ecdh) == NULL) || 1307 (EC_KEY_get0_public_key(ecdh) == NULL) ||
1308 (EC_KEY_get0_private_key(ecdh) == NULL)) { 1308 (EC_KEY_get0_private_key(ecdh) == NULL)) {
1309 SSLerror(ERR_R_ECDH_LIB); 1309 SSLerror(s, ERR_R_ECDH_LIB);
1310 goto err; 1310 goto err;
1311 } 1311 }
1312 1312
@@ -1316,7 +1316,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1316 */ 1316 */
1317 if ((curve_id = tls1_ec_nid2curve_id( 1317 if ((curve_id = tls1_ec_nid2curve_id(
1318 EC_GROUP_get_curve_name(group))) == 0) { 1318 EC_GROUP_get_curve_name(group))) == 0) {
1319 SSLerror(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); 1319 SSLerror(s, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
1320 goto err; 1320 goto err;
1321 } 1321 }
1322 1322
@@ -1331,7 +1331,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1331 1331
1332 bn_ctx = BN_CTX_new(); 1332 bn_ctx = BN_CTX_new();
1333 if ((encodedPoint == NULL) || (bn_ctx == NULL)) { 1333 if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
1334 SSLerror(ERR_R_MALLOC_FAILURE); 1334 SSLerror(s, ERR_R_MALLOC_FAILURE);
1335 goto err; 1335 goto err;
1336 } 1336 }
1337 1337
@@ -1339,7 +1339,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1339 POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx); 1339 POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx);
1340 1340
1341 if (encodedlen == 0) { 1341 if (encodedlen == 0) {
1342 SSLerror(ERR_R_ECDH_LIB); 1342 SSLerror(s, ERR_R_ECDH_LIB);
1343 goto err; 1343 goto err;
1344 } 1344 }
1345 1345
@@ -1391,7 +1391,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb)
1391 1391
1392 /* Generate an X25519 key pair. */ 1392 /* Generate an X25519 key pair. */
1393 if (S3I(s)->tmp.x25519 != NULL) { 1393 if (S3I(s)->tmp.x25519 != NULL) {
1394 SSLerror(ERR_R_INTERNAL_ERROR); 1394 SSLerror(s, ERR_R_INTERNAL_ERROR);
1395 goto err; 1395 goto err;
1396 } 1396 }
1397 if ((S3I(s)->tmp.x25519 = malloc(X25519_KEY_LENGTH)) == NULL) 1397 if ((S3I(s)->tmp.x25519 = malloc(X25519_KEY_LENGTH)) == NULL)
@@ -1402,7 +1402,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb)
1402 1402
1403 /* Serialize public key. */ 1403 /* Serialize public key. */
1404 if ((curve_id = tls1_ec_nid2curve_id(nid)) == 0) { 1404 if ((curve_id = tls1_ec_nid2curve_id(nid)) == 0) {
1405 SSLerror(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); 1405 SSLerror(s, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
1406 goto err; 1406 goto err;
1407 } 1407 }
1408 1408
@@ -1477,7 +1477,7 @@ ssl3_send_server_key_exchange(SSL *s)
1477 goto err; 1477 goto err;
1478 } else { 1478 } else {
1479 al = SSL_AD_HANDSHAKE_FAILURE; 1479 al = SSL_AD_HANDSHAKE_FAILURE;
1480 SSLerror(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); 1480 SSLerror(s, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1481 goto f_err; 1481 goto f_err;
1482 } 1482 }
1483 1483
@@ -1498,7 +1498,7 @@ ssl3_send_server_key_exchange(SSL *s)
1498 1498
1499 if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) + 1499 if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) +
1500 params_len + kn)) { 1500 params_len + kn)) {
1501 SSLerror(ERR_LIB_BUF); 1501 SSLerror(s, ERR_LIB_BUF);
1502 goto err; 1502 goto err;
1503 } 1503 }
1504 1504
@@ -1541,7 +1541,7 @@ ssl3_send_server_key_exchange(SSL *s)
1541 } 1541 }
1542 if (RSA_sign(NID_md5_sha1, md_buf, j, 1542 if (RSA_sign(NID_md5_sha1, md_buf, j,
1543 &(p[2]), &u, pkey->pkey.rsa) <= 0) { 1543 &(p[2]), &u, pkey->pkey.rsa) <= 0) {
1544 SSLerror(ERR_R_RSA_LIB); 1544 SSLerror(s, ERR_R_RSA_LIB);
1545 goto err; 1545 goto err;
1546 } 1546 }
1547 s2n(u, p); 1547 s2n(u, p);
@@ -1552,7 +1552,7 @@ ssl3_send_server_key_exchange(SSL *s)
1552 if (!tls12_get_sigandhash(p, pkey, md)) { 1552 if (!tls12_get_sigandhash(p, pkey, md)) {
1553 /* Should never happen */ 1553 /* Should never happen */
1554 al = SSL_AD_INTERNAL_ERROR; 1554 al = SSL_AD_INTERNAL_ERROR;
1555 SSLerror(ERR_R_INTERNAL_ERROR); 1555 SSLerror(s, ERR_R_INTERNAL_ERROR);
1556 goto f_err; 1556 goto f_err;
1557 } 1557 }
1558 p += 2; 1558 p += 2;
@@ -1567,7 +1567,7 @@ ssl3_send_server_key_exchange(SSL *s)
1567 EVP_SignUpdate(&md_ctx, d, n); 1567 EVP_SignUpdate(&md_ctx, d, n);
1568 if (!EVP_SignFinal(&md_ctx, &p[2], 1568 if (!EVP_SignFinal(&md_ctx, &p[2],
1569 (unsigned int *)&i, pkey)) { 1569 (unsigned int *)&i, pkey)) {
1570 SSLerror(ERR_R_EVP_LIB); 1570 SSLerror(s, ERR_R_EVP_LIB);
1571 goto err; 1571 goto err;
1572 } 1572 }
1573 s2n(i, p); 1573 s2n(i, p);
@@ -1577,7 +1577,7 @@ ssl3_send_server_key_exchange(SSL *s)
1577 } else { 1577 } else {
1578 /* Is this error check actually needed? */ 1578 /* Is this error check actually needed? */
1579 al = SSL_AD_HANDSHAKE_FAILURE; 1579 al = SSL_AD_HANDSHAKE_FAILURE;
1580 SSLerror(SSL_R_UNKNOWN_PKEY_TYPE); 1580 SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
1581 goto f_err; 1581 goto f_err;
1582 } 1582 }
1583 } 1583 }
@@ -1643,7 +1643,7 @@ ssl3_send_certificate_request(SSL *s)
1643 if (!BUF_MEM_grow_clean(buf, 1643 if (!BUF_MEM_grow_clean(buf,
1644 ssl3_handshake_msg_hdr_len(s) + n + j 1644 ssl3_handshake_msg_hdr_len(s) + n + j
1645 + 2)) { 1645 + 2)) {
1646 SSLerror(ERR_R_BUF_LIB); 1646 SSLerror(s, ERR_R_BUF_LIB);
1647 goto err; 1647 goto err;
1648 } 1648 }
1649 p = ssl3_handshake_msg_start(s, 1649 p = ssl3_handshake_msg_start(s,
@@ -1689,7 +1689,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1689 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || 1689 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) ||
1690 (pkey->pkey.rsa == NULL)) { 1690 (pkey->pkey.rsa == NULL)) {
1691 al = SSL_AD_HANDSHAKE_FAILURE; 1691 al = SSL_AD_HANDSHAKE_FAILURE;
1692 SSLerror(SSL_R_MISSING_RSA_CERTIFICATE); 1692 SSLerror(s, SSL_R_MISSING_RSA_CERTIFICATE);
1693 goto f_err; 1693 goto f_err;
1694 } 1694 }
1695 rsa = pkey->pkey.rsa; 1695 rsa = pkey->pkey.rsa;
@@ -1698,7 +1698,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1698 goto truncated; 1698 goto truncated;
1699 n2s(p, i); 1699 n2s(p, i);
1700 if (n != i + 2) { 1700 if (n != i + 2) {
1701 SSLerror(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); 1701 SSLerror(s, SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
1702 goto err; 1702 goto err;
1703 } else 1703 } else
1704 n = i; 1704 n = i;
@@ -1711,7 +1711,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1711 1711
1712 if (i != SSL_MAX_MASTER_KEY_LENGTH) { 1712 if (i != SSL_MAX_MASTER_KEY_LENGTH) {
1713 al = SSL_AD_DECODE_ERROR; 1713 al = SSL_AD_DECODE_ERROR;
1714 /* SSLerror(SSL_R_BAD_RSA_DECRYPT); */ 1714 /* SSLerror(s, SSL_R_BAD_RSA_DECRYPT); */
1715 } 1715 }
1716 1716
1717 if (p - d + 2 > n) /* needed in the SSL3 case */ 1717 if (p - d + 2 > n) /* needed in the SSL3 case */
@@ -1733,7 +1733,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1733 (p[0] == (s->version >> 8)) && 1733 (p[0] == (s->version >> 8)) &&
1734 (p[1] == (s->version & 0xff)))) { 1734 (p[1] == (s->version & 0xff)))) {
1735 al = SSL_AD_DECODE_ERROR; 1735 al = SSL_AD_DECODE_ERROR;
1736 /* SSLerror(SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */ 1736 /* SSLerror(s, SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
1737 1737
1738 /* 1738 /*
1739 * The Klima-Pokorny-Rosa extension of 1739 * The Klima-Pokorny-Rosa extension of
@@ -1771,7 +1771,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1771 return (1); 1771 return (1);
1772truncated: 1772truncated:
1773 al = SSL_AD_DECODE_ERROR; 1773 al = SSL_AD_DECODE_ERROR;
1774 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1774 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1775f_err: 1775f_err:
1776 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1776 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1777err: 1777err:
@@ -1799,19 +1799,19 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n)
1799 1799
1800 if (S3I(s)->tmp.dh == NULL) { 1800 if (S3I(s)->tmp.dh == NULL) {
1801 al = SSL_AD_HANDSHAKE_FAILURE; 1801 al = SSL_AD_HANDSHAKE_FAILURE;
1802 SSLerror(SSL_R_MISSING_TMP_DH_KEY); 1802 SSLerror(s, SSL_R_MISSING_TMP_DH_KEY);
1803 goto f_err; 1803 goto f_err;
1804 } 1804 }
1805 dh = S3I(s)->tmp.dh; 1805 dh = S3I(s)->tmp.dh;
1806 1806
1807 if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) { 1807 if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) {
1808 SSLerror(SSL_R_BN_LIB); 1808 SSLerror(s, SSL_R_BN_LIB);
1809 goto err; 1809 goto err;
1810 } 1810 }
1811 1811
1812 key_size = DH_compute_key(p, bn, dh); 1812 key_size = DH_compute_key(p, bn, dh);
1813 if (key_size <= 0) { 1813 if (key_size <= 0) {
1814 SSLerror(ERR_R_DH_LIB); 1814 SSLerror(s, ERR_R_DH_LIB);
1815 BN_clear_free(bn); 1815 BN_clear_free(bn);
1816 goto err; 1816 goto err;
1817 } 1817 }
@@ -1831,7 +1831,7 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n)
1831 1831
1832 truncated: 1832 truncated:
1833 al = SSL_AD_DECODE_ERROR; 1833 al = SSL_AD_DECODE_ERROR;
1834 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1834 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1835 f_err: 1835 f_err:
1836 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1836 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1837 err: 1837 err:
@@ -1855,7 +1855,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1855 1855
1856 /* Initialize structures for server's ECDH key pair. */ 1856 /* Initialize structures for server's ECDH key pair. */
1857 if ((srvr_ecdh = EC_KEY_new()) == NULL) { 1857 if ((srvr_ecdh = EC_KEY_new()) == NULL) {
1858 SSLerror(ERR_R_MALLOC_FAILURE); 1858 SSLerror(s, ERR_R_MALLOC_FAILURE);
1859 goto err; 1859 goto err;
1860 } 1860 }
1861 1861
@@ -1870,13 +1870,13 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1870 1870
1871 if (!EC_KEY_set_group(srvr_ecdh, group) || 1871 if (!EC_KEY_set_group(srvr_ecdh, group) ||
1872 !EC_KEY_set_private_key(srvr_ecdh, priv_key)) { 1872 !EC_KEY_set_private_key(srvr_ecdh, priv_key)) {
1873 SSLerror(ERR_R_EC_LIB); 1873 SSLerror(s, ERR_R_EC_LIB);
1874 goto err; 1874 goto err;
1875 } 1875 }
1876 1876
1877 /* Let's get client's public key */ 1877 /* Let's get client's public key */
1878 if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) { 1878 if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) {
1879 SSLerror(ERR_R_MALLOC_FAILURE); 1879 SSLerror(s, ERR_R_MALLOC_FAILURE);
1880 goto err; 1880 goto err;
1881 } 1881 }
1882 1882
@@ -1898,14 +1898,14 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1898 * group. 1898 * group.
1899 */ 1899 */
1900 al = SSL_AD_HANDSHAKE_FAILURE; 1900 al = SSL_AD_HANDSHAKE_FAILURE;
1901 SSLerror(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS); 1901 SSLerror(s, SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
1902 goto f_err; 1902 goto f_err;
1903 } 1903 }
1904 1904
1905 if (EC_POINT_copy(clnt_ecpoint, 1905 if (EC_POINT_copy(clnt_ecpoint,
1906 EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec)) 1906 EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec))
1907 == 0) { 1907 == 0) {
1908 SSLerror(ERR_R_EC_LIB); 1908 SSLerror(s, ERR_R_EC_LIB);
1909 goto err; 1909 goto err;
1910 } 1910 }
1911 ret = 2; /* Skip certificate verify processing */ 1911 ret = 2; /* Skip certificate verify processing */
@@ -1915,7 +1915,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1915 * in the ClientKeyExchange message. 1915 * in the ClientKeyExchange message.
1916 */ 1916 */
1917 if ((bn_ctx = BN_CTX_new()) == NULL) { 1917 if ((bn_ctx = BN_CTX_new()) == NULL) {
1918 SSLerror(ERR_R_MALLOC_FAILURE); 1918 SSLerror(s, ERR_R_MALLOC_FAILURE);
1919 goto err; 1919 goto err;
1920 } 1920 }
1921 1921
@@ -1924,12 +1924,12 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1924 1924
1925 p += 1; 1925 p += 1;
1926 if (n != 1 + i) { 1926 if (n != 1 + i) {
1927 SSLerror(ERR_R_EC_LIB); 1927 SSLerror(s, ERR_R_EC_LIB);
1928 goto err; 1928 goto err;
1929 } 1929 }
1930 if (EC_POINT_oct2point(group, 1930 if (EC_POINT_oct2point(group,
1931 clnt_ecpoint, p, i, bn_ctx) == 0) { 1931 clnt_ecpoint, p, i, bn_ctx) == 0) {
1932 SSLerror(ERR_R_EC_LIB); 1932 SSLerror(s, ERR_R_EC_LIB);
1933 goto err; 1933 goto err;
1934 } 1934 }
1935 /* 1935 /*
@@ -1942,13 +1942,13 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1942 /* Compute the shared pre-master secret */ 1942 /* Compute the shared pre-master secret */
1943 key_size = ECDH_size(srvr_ecdh); 1943 key_size = ECDH_size(srvr_ecdh);
1944 if (key_size <= 0) { 1944 if (key_size <= 0) {
1945 SSLerror(ERR_R_ECDH_LIB); 1945 SSLerror(s, ERR_R_ECDH_LIB);
1946 goto err; 1946 goto err;
1947 } 1947 }
1948 i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh, 1948 i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh,
1949 NULL); 1949 NULL);
1950 if (i <= 0) { 1950 if (i <= 0) {
1951 SSLerror(ERR_R_ECDH_LIB); 1951 SSLerror(s, ERR_R_ECDH_LIB);
1952 goto err; 1952 goto err;
1953 } 1953 }
1954 1954
@@ -2065,14 +2065,14 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n)
2065 if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag, 2065 if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag,
2066 &Tclass, n) != V_ASN1_CONSTRUCTED || 2066 &Tclass, n) != V_ASN1_CONSTRUCTED ||
2067 Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) { 2067 Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) {
2068 SSLerror(SSL_R_DECRYPTION_FAILED); 2068 SSLerror(s, SSL_R_DECRYPTION_FAILED);
2069 goto gerr; 2069 goto gerr;
2070 } 2070 }
2071 start = p; 2071 start = p;
2072 inlen = Tlen; 2072 inlen = Tlen;
2073 if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, 2073 if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen,
2074 start, inlen) <=0) { 2074 start, inlen) <=0) {
2075 SSLerror(SSL_R_DECRYPTION_FAILED); 2075 SSLerror(s, SSL_R_DECRYPTION_FAILED);
2076 goto gerr; 2076 goto gerr;
2077 } 2077 }
2078 /* Generate master secret */ 2078 /* Generate master secret */
@@ -2095,7 +2095,7 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n)
2095 2095
2096 truncated: 2096 truncated:
2097 al = SSL_AD_DECODE_ERROR; 2097 al = SSL_AD_DECODE_ERROR;
2098 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2098 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2099 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2099 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2100 err: 2100 err:
2101 return (-1); 2101 return (-1);
@@ -2133,7 +2133,7 @@ ssl3_get_client_key_exchange(SSL *s)
2133 goto err; 2133 goto err;
2134 } else { 2134 } else {
2135 al = SSL_AD_HANDSHAKE_FAILURE; 2135 al = SSL_AD_HANDSHAKE_FAILURE;
2136 SSLerror(SSL_R_UNKNOWN_CIPHER_TYPE); 2136 SSLerror(s, SSL_R_UNKNOWN_CIPHER_TYPE);
2137 goto f_err; 2137 goto f_err;
2138 } 2138 }
2139 2139
@@ -2176,7 +2176,7 @@ ssl3_get_cert_verify(SSL *s)
2176 S3I(s)->tmp.reuse_message = 1; 2176 S3I(s)->tmp.reuse_message = 1;
2177 if (peer != NULL) { 2177 if (peer != NULL) {
2178 al = SSL_AD_UNEXPECTED_MESSAGE; 2178 al = SSL_AD_UNEXPECTED_MESSAGE;
2179 SSLerror(SSL_R_MISSING_VERIFY_MESSAGE); 2179 SSLerror(s, SSL_R_MISSING_VERIFY_MESSAGE);
2180 goto f_err; 2180 goto f_err;
2181 } 2181 }
2182 ret = 1; 2182 ret = 1;
@@ -2184,19 +2184,19 @@ ssl3_get_cert_verify(SSL *s)
2184 } 2184 }
2185 2185
2186 if (peer == NULL) { 2186 if (peer == NULL) {
2187 SSLerror(SSL_R_NO_CLIENT_CERT_RECEIVED); 2187 SSLerror(s, SSL_R_NO_CLIENT_CERT_RECEIVED);
2188 al = SSL_AD_UNEXPECTED_MESSAGE; 2188 al = SSL_AD_UNEXPECTED_MESSAGE;
2189 goto f_err; 2189 goto f_err;
2190 } 2190 }
2191 2191
2192 if (!(type & EVP_PKT_SIGN)) { 2192 if (!(type & EVP_PKT_SIGN)) {
2193 SSLerror(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE); 2193 SSLerror(s, SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
2194 al = SSL_AD_ILLEGAL_PARAMETER; 2194 al = SSL_AD_ILLEGAL_PARAMETER;
2195 goto f_err; 2195 goto f_err;
2196 } 2196 }
2197 2197
2198 if (S3I(s)->change_cipher_spec) { 2198 if (S3I(s)->change_cipher_spec) {
2199 SSLerror(SSL_R_CCS_RECEIVED_EARLY); 2199 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
2200 al = SSL_AD_UNEXPECTED_MESSAGE; 2200 al = SSL_AD_UNEXPECTED_MESSAGE;
2201 goto f_err; 2201 goto f_err;
2202 } 2202 }
@@ -2217,7 +2217,7 @@ ssl3_get_cert_verify(SSL *s)
2217 int sigalg = tls12_get_sigid(pkey); 2217 int sigalg = tls12_get_sigid(pkey);
2218 /* Should never happen */ 2218 /* Should never happen */
2219 if (sigalg == -1) { 2219 if (sigalg == -1) {
2220 SSLerror(ERR_R_INTERNAL_ERROR); 2220 SSLerror(s, ERR_R_INTERNAL_ERROR);
2221 al = SSL_AD_INTERNAL_ERROR; 2221 al = SSL_AD_INTERNAL_ERROR;
2222 goto f_err; 2222 goto f_err;
2223 } 2223 }
@@ -2225,13 +2225,13 @@ ssl3_get_cert_verify(SSL *s)
2225 goto truncated; 2225 goto truncated;
2226 /* Check key type is consistent with signature */ 2226 /* Check key type is consistent with signature */
2227 if (sigalg != (int)p[1]) { 2227 if (sigalg != (int)p[1]) {
2228 SSLerror(SSL_R_WRONG_SIGNATURE_TYPE); 2228 SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
2229 al = SSL_AD_DECODE_ERROR; 2229 al = SSL_AD_DECODE_ERROR;
2230 goto f_err; 2230 goto f_err;
2231 } 2231 }
2232 md = tls12_get_hash(p[0]); 2232 md = tls12_get_hash(p[0]);
2233 if (md == NULL) { 2233 if (md == NULL) {
2234 SSLerror(SSL_R_UNKNOWN_DIGEST); 2234 SSLerror(s, SSL_R_UNKNOWN_DIGEST);
2235 al = SSL_AD_DECODE_ERROR; 2235 al = SSL_AD_DECODE_ERROR;
2236 goto f_err; 2236 goto f_err;
2237 } 2237 }
@@ -2247,7 +2247,7 @@ ssl3_get_cert_verify(SSL *s)
2247 } 2247 }
2248 j = EVP_PKEY_size(pkey); 2248 j = EVP_PKEY_size(pkey);
2249 if ((i > j) || (n > j) || (n <= 0)) { 2249 if ((i > j) || (n > j) || (n <= 0)) {
2250 SSLerror(SSL_R_WRONG_SIGNATURE_SIZE); 2250 SSLerror(s, SSL_R_WRONG_SIGNATURE_SIZE);
2251 al = SSL_AD_DECODE_ERROR; 2251 al = SSL_AD_DECODE_ERROR;
2252 goto f_err; 2252 goto f_err;
2253 } 2253 }
@@ -2257,20 +2257,20 @@ ssl3_get_cert_verify(SSL *s)
2257 void *hdata; 2257 void *hdata;
2258 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2258 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2259 if (hdatalen <= 0) { 2259 if (hdatalen <= 0) {
2260 SSLerror(ERR_R_INTERNAL_ERROR); 2260 SSLerror(s, ERR_R_INTERNAL_ERROR);
2261 al = SSL_AD_INTERNAL_ERROR; 2261 al = SSL_AD_INTERNAL_ERROR;
2262 goto f_err; 2262 goto f_err;
2263 } 2263 }
2264 if (!EVP_VerifyInit_ex(&mctx, md, NULL) || 2264 if (!EVP_VerifyInit_ex(&mctx, md, NULL) ||
2265 !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) { 2265 !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
2266 SSLerror(ERR_R_EVP_LIB); 2266 SSLerror(s, ERR_R_EVP_LIB);
2267 al = SSL_AD_INTERNAL_ERROR; 2267 al = SSL_AD_INTERNAL_ERROR;
2268 goto f_err; 2268 goto f_err;
2269 } 2269 }
2270 2270
2271 if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) { 2271 if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
2272 al = SSL_AD_DECRYPT_ERROR; 2272 al = SSL_AD_DECRYPT_ERROR;
2273 SSLerror(SSL_R_BAD_SIGNATURE); 2273 SSLerror(s, SSL_R_BAD_SIGNATURE);
2274 goto f_err; 2274 goto f_err;
2275 } 2275 }
2276 } else 2276 } else
@@ -2280,12 +2280,12 @@ ssl3_get_cert_verify(SSL *s)
2280 pkey->pkey.rsa); 2280 pkey->pkey.rsa);
2281 if (i < 0) { 2281 if (i < 0) {
2282 al = SSL_AD_DECRYPT_ERROR; 2282 al = SSL_AD_DECRYPT_ERROR;
2283 SSLerror(SSL_R_BAD_RSA_DECRYPT); 2283 SSLerror(s, SSL_R_BAD_RSA_DECRYPT);
2284 goto f_err; 2284 goto f_err;
2285 } 2285 }
2286 if (i == 0) { 2286 if (i == 0) {
2287 al = SSL_AD_DECRYPT_ERROR; 2287 al = SSL_AD_DECRYPT_ERROR;
2288 SSLerror(SSL_R_BAD_RSA_SIGNATURE); 2288 SSLerror(s, SSL_R_BAD_RSA_SIGNATURE);
2289 goto f_err; 2289 goto f_err;
2290 } 2290 }
2291 } else 2291 } else
@@ -2296,7 +2296,7 @@ ssl3_get_cert_verify(SSL *s)
2296 if (j <= 0) { 2296 if (j <= 0) {
2297 /* bad signature */ 2297 /* bad signature */
2298 al = SSL_AD_DECRYPT_ERROR; 2298 al = SSL_AD_DECRYPT_ERROR;
2299 SSLerror(SSL_R_BAD_DSA_SIGNATURE); 2299 SSLerror(s, SSL_R_BAD_DSA_SIGNATURE);
2300 goto f_err; 2300 goto f_err;
2301 } 2301 }
2302 } else 2302 } else
@@ -2307,7 +2307,7 @@ ssl3_get_cert_verify(SSL *s)
2307 if (j <= 0) { 2307 if (j <= 0) {
2308 /* bad signature */ 2308 /* bad signature */
2309 al = SSL_AD_DECRYPT_ERROR; 2309 al = SSL_AD_DECRYPT_ERROR;
2310 SSLerror(SSL_R_BAD_ECDSA_SIGNATURE); 2310 SSLerror(s, SSL_R_BAD_ECDSA_SIGNATURE);
2311 goto f_err; 2311 goto f_err;
2312 } 2312 }
2313 } else 2313 } else
@@ -2323,19 +2323,19 @@ ssl3_get_cert_verify(SSL *s)
2323 2323
2324 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2324 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2325 if (hdatalen <= 0) { 2325 if (hdatalen <= 0) {
2326 SSLerror(ERR_R_INTERNAL_ERROR); 2326 SSLerror(s, ERR_R_INTERNAL_ERROR);
2327 al = SSL_AD_INTERNAL_ERROR; 2327 al = SSL_AD_INTERNAL_ERROR;
2328 goto f_err; 2328 goto f_err;
2329 } 2329 }
2330 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || 2330 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) ||
2331 !(md = EVP_get_digestbynid(nid))) { 2331 !(md = EVP_get_digestbynid(nid))) {
2332 SSLerror(ERR_R_EVP_LIB); 2332 SSLerror(s, ERR_R_EVP_LIB);
2333 al = SSL_AD_INTERNAL_ERROR; 2333 al = SSL_AD_INTERNAL_ERROR;
2334 goto f_err; 2334 goto f_err;
2335 } 2335 }
2336 pctx = EVP_PKEY_CTX_new(pkey, NULL); 2336 pctx = EVP_PKEY_CTX_new(pkey, NULL);
2337 if (!pctx) { 2337 if (!pctx) {
2338 SSLerror(ERR_R_EVP_LIB); 2338 SSLerror(s, ERR_R_EVP_LIB);
2339 al = SSL_AD_INTERNAL_ERROR; 2339 al = SSL_AD_INTERNAL_ERROR;
2340 goto f_err; 2340 goto f_err;
2341 } 2341 }
@@ -2348,7 +2348,7 @@ ssl3_get_cert_verify(SSL *s)
2348 EVP_PKEY_CTRL_GOST_SIG_FORMAT, 2348 EVP_PKEY_CTRL_GOST_SIG_FORMAT,
2349 GOST_SIG_FORMAT_RS_LE, 2349 GOST_SIG_FORMAT_RS_LE,
2350 NULL) <= 0)) { 2350 NULL) <= 0)) {
2351 SSLerror(ERR_R_EVP_LIB); 2351 SSLerror(s, ERR_R_EVP_LIB);
2352 al = SSL_AD_INTERNAL_ERROR; 2352 al = SSL_AD_INTERNAL_ERROR;
2353 EVP_PKEY_CTX_free(pctx); 2353 EVP_PKEY_CTX_free(pctx);
2354 goto f_err; 2354 goto f_err;
@@ -2356,7 +2356,7 @@ ssl3_get_cert_verify(SSL *s)
2356 2356
2357 if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) { 2357 if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) {
2358 al = SSL_AD_DECRYPT_ERROR; 2358 al = SSL_AD_DECRYPT_ERROR;
2359 SSLerror(SSL_R_BAD_SIGNATURE); 2359 SSLerror(s, SSL_R_BAD_SIGNATURE);
2360 EVP_PKEY_CTX_free(pctx); 2360 EVP_PKEY_CTX_free(pctx);
2361 goto f_err; 2361 goto f_err;
2362 } 2362 }
@@ -2365,7 +2365,7 @@ ssl3_get_cert_verify(SSL *s)
2365 } else 2365 } else
2366#endif 2366#endif
2367 { 2367 {
2368 SSLerror(ERR_R_INTERNAL_ERROR); 2368 SSLerror(s, ERR_R_INTERNAL_ERROR);
2369 al = SSL_AD_UNSUPPORTED_CERTIFICATE; 2369 al = SSL_AD_UNSUPPORTED_CERTIFICATE;
2370 goto f_err; 2370 goto f_err;
2371 } 2371 }
@@ -2375,7 +2375,7 @@ ssl3_get_cert_verify(SSL *s)
2375 if (0) { 2375 if (0) {
2376truncated: 2376truncated:
2377 al = SSL_AD_DECODE_ERROR; 2377 al = SSL_AD_DECODE_ERROR;
2378 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2378 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2379f_err: 2379f_err:
2380 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2380 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2381 } 2381 }
@@ -2409,7 +2409,7 @@ ssl3_get_client_certificate(SSL *s)
2409 if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) { 2409 if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
2410 if ((s->verify_mode & SSL_VERIFY_PEER) && 2410 if ((s->verify_mode & SSL_VERIFY_PEER) &&
2411 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { 2411 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
2412 SSLerror(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); 2412 SSLerror(s, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
2413 al = SSL_AD_HANDSHAKE_FAILURE; 2413 al = SSL_AD_HANDSHAKE_FAILURE;
2414 goto f_err; 2414 goto f_err;
2415 } 2415 }
@@ -2418,7 +2418,7 @@ ssl3_get_client_certificate(SSL *s)
2418 * the client must return a 0 list. 2418 * the client must return a 0 list.
2419 */ 2419 */
2420 if (S3I(s)->tmp.cert_request) { 2420 if (S3I(s)->tmp.cert_request) {
2421 SSLerror(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 2421 SSLerror(s, SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST
2422 ); 2422 );
2423 al = SSL_AD_UNEXPECTED_MESSAGE; 2423 al = SSL_AD_UNEXPECTED_MESSAGE;
2424 goto f_err; 2424 goto f_err;
@@ -2429,7 +2429,7 @@ ssl3_get_client_certificate(SSL *s)
2429 2429
2430 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { 2430 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) {
2431 al = SSL_AD_UNEXPECTED_MESSAGE; 2431 al = SSL_AD_UNEXPECTED_MESSAGE;
2432 SSLerror(SSL_R_WRONG_MESSAGE_TYPE); 2432 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE);
2433 goto f_err; 2433 goto f_err;
2434 } 2434 }
2435 2435
@@ -2439,7 +2439,7 @@ ssl3_get_client_certificate(SSL *s)
2439 CBS_init(&cbs, s->internal->init_msg, n); 2439 CBS_init(&cbs, s->internal->init_msg, n);
2440 2440
2441 if ((sk = sk_X509_new_null()) == NULL) { 2441 if ((sk = sk_X509_new_null()) == NULL) {
2442 SSLerror(ERR_R_MALLOC_FAILURE); 2442 SSLerror(s, ERR_R_MALLOC_FAILURE);
2443 goto err; 2443 goto err;
2444 } 2444 }
2445 2445
@@ -2452,23 +2452,23 @@ ssl3_get_client_certificate(SSL *s)
2452 2452
2453 if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) { 2453 if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) {
2454 al = SSL_AD_DECODE_ERROR; 2454 al = SSL_AD_DECODE_ERROR;
2455 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 2455 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
2456 goto f_err; 2456 goto f_err;
2457 } 2457 }
2458 2458
2459 q = CBS_data(&cert); 2459 q = CBS_data(&cert);
2460 x = d2i_X509(NULL, &q, CBS_len(&cert)); 2460 x = d2i_X509(NULL, &q, CBS_len(&cert));
2461 if (x == NULL) { 2461 if (x == NULL) {
2462 SSLerror(ERR_R_ASN1_LIB); 2462 SSLerror(s, ERR_R_ASN1_LIB);
2463 goto err; 2463 goto err;
2464 } 2464 }
2465 if (q != CBS_data(&cert) + CBS_len(&cert)) { 2465 if (q != CBS_data(&cert) + CBS_len(&cert)) {
2466 al = SSL_AD_DECODE_ERROR; 2466 al = SSL_AD_DECODE_ERROR;
2467 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 2467 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
2468 goto f_err; 2468 goto f_err;
2469 } 2469 }
2470 if (!sk_X509_push(sk, x)) { 2470 if (!sk_X509_push(sk, x)) {
2471 SSLerror(ERR_R_MALLOC_FAILURE); 2471 SSLerror(s, ERR_R_MALLOC_FAILURE);
2472 goto err; 2472 goto err;
2473 } 2473 }
2474 x = NULL; 2474 x = NULL;
@@ -2481,7 +2481,7 @@ ssl3_get_client_certificate(SSL *s)
2481 */ 2481 */
2482 if ((s->verify_mode & SSL_VERIFY_PEER) && 2482 if ((s->verify_mode & SSL_VERIFY_PEER) &&
2483 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { 2483 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
2484 SSLerror(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); 2484 SSLerror(s, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
2485 al = SSL_AD_HANDSHAKE_FAILURE; 2485 al = SSL_AD_HANDSHAKE_FAILURE;
2486 goto f_err; 2486 goto f_err;
2487 } 2487 }
@@ -2494,7 +2494,7 @@ ssl3_get_client_certificate(SSL *s)
2494 i = ssl_verify_cert_chain(s, sk); 2494 i = ssl_verify_cert_chain(s, sk);
2495 if (i <= 0) { 2495 if (i <= 0) {
2496 al = ssl_verify_alarm_type(s->verify_result); 2496 al = ssl_verify_alarm_type(s->verify_result);
2497 SSLerror(SSL_R_NO_CERTIFICATE_RETURNED); 2497 SSLerror(s, SSL_R_NO_CERTIFICATE_RETURNED);
2498 goto f_err; 2498 goto f_err;
2499 } 2499 }
2500 } 2500 }
@@ -2510,7 +2510,7 @@ ssl3_get_client_certificate(SSL *s)
2510 if (SSI(s)->sess_cert == NULL) { 2510 if (SSI(s)->sess_cert == NULL) {
2511 SSI(s)->sess_cert = ssl_sess_cert_new(); 2511 SSI(s)->sess_cert = ssl_sess_cert_new();
2512 if (SSI(s)->sess_cert == NULL) { 2512 if (SSI(s)->sess_cert == NULL) {
2513 SSLerror(ERR_R_MALLOC_FAILURE); 2513 SSLerror(s, ERR_R_MALLOC_FAILURE);
2514 goto err; 2514 goto err;
2515 } 2515 }
2516 } 2516 }
@@ -2528,7 +2528,7 @@ ssl3_get_client_certificate(SSL *s)
2528 if (0) { 2528 if (0) {
2529truncated: 2529truncated:
2530 al = SSL_AD_DECODE_ERROR; 2530 al = SSL_AD_DECODE_ERROR;
2531 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2531 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2532f_err: 2532f_err:
2533 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2533 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2534 } 2534 }
@@ -2553,7 +2553,7 @@ ssl3_send_server_certificate(SSL *s)
2553 2553
2554 if (s->internal->state == SSL3_ST_SW_CERT_A) { 2554 if (s->internal->state == SSL3_ST_SW_CERT_A) {
2555 if ((x = ssl_get_server_send_cert(s)) == NULL) { 2555 if ((x = ssl_get_server_send_cert(s)) == NULL) {
2556 SSLerror(ERR_R_INTERNAL_ERROR); 2556 SSLerror(s, ERR_R_INTERNAL_ERROR);
2557 return (0); 2557 return (0);
2558 } 2558 }
2559 2559
@@ -2771,7 +2771,7 @@ ssl3_get_next_proto(SSL *s)
2771 * extension in their ClientHello 2771 * extension in their ClientHello
2772 */ 2772 */
2773 if (!S3I(s)->next_proto_neg_seen) { 2773 if (!S3I(s)->next_proto_neg_seen) {
2774 SSLerror(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION); 2774 SSLerror(s, SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
2775 return (-1); 2775 return (-1);
2776 } 2776 }
2777 2777
@@ -2787,7 +2787,7 @@ ssl3_get_next_proto(SSL *s)
2787 * by ssl3_get_finished). 2787 * by ssl3_get_finished).
2788 */ 2788 */
2789 if (!S3I(s)->change_cipher_spec) { 2789 if (!S3I(s)->change_cipher_spec) {
2790 SSLerror(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS); 2790 SSLerror(s, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
2791 return (-1); 2791 return (-1);
2792 } 2792 }
2793 2793
@@ -2817,7 +2817,7 @@ ssl3_get_next_proto(SSL *s)
2817 s->internal->next_proto_negotiated_len = 0; 2817 s->internal->next_proto_negotiated_len = 0;
2818 2818
2819 if (!CBS_stow(&proto, &s->internal->next_proto_negotiated, &len)) { 2819 if (!CBS_stow(&proto, &s->internal->next_proto_negotiated, &len)) {
2820 SSLerror(ERR_R_MALLOC_FAILURE); 2820 SSLerror(s, ERR_R_MALLOC_FAILURE);
2821 return (0); 2821 return (0);
2822 } 2822 }
2823 s->internal->next_proto_negotiated_len = (uint8_t)len; 2823 s->internal->next_proto_negotiated_len = (uint8_t)len;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 12:59:08 +0000