From 91c389f89015a024212e73f5ec6e24166955ab6e Mon Sep 17 00:00:00 2001
From: beck <>
Date: Tue, 7 Feb 2017 02:08:38 +0000
Subject: Change SSLerror() back to taking two args, with the first one being
 an SSL *. Make a table of "function codes" which maps the internal state of
 the SSL * to something like a useful name so in a typical error in the
 connection you know in what sort of place in the handshake things happened.
 (instead of by arcane function name). Add SSLerrorx() for when we don't have
 an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not
 terrible

---
 src/lib/libssl/d1_both.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'src/lib/libssl/d1_both.c')

diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 0e4317653d..9aba4b85f8 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.48 2017/01/26 12:16:13 beck Exp $ */
+/* $OpenBSD: d1_both.c,v 1.49 2017/02/07 02:08:38 beck Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -410,7 +410,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
 		S3I(s)->tmp.reuse_message = 0;
 		if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) {
 			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerror(SSL_R_UNEXPECTED_MESSAGE);
+			SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
 			goto f_err;
 		}
 		*ok = 1;
@@ -475,12 +475,12 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
 
 	/* sanity checking */
 	if ((frag_off + frag_len) > msg_len) {
-		SSLerror(SSL_R_EXCESSIVE_MESSAGE_SIZE);
+		SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE);
 		return SSL_AD_ILLEGAL_PARAMETER;
 	}
 
 	if ((frag_off + frag_len) > (unsigned long)max) {
-		SSLerror(SSL_R_EXCESSIVE_MESSAGE_SIZE);
+		SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE);
 		return SSL_AD_ILLEGAL_PARAMETER;
 	}
 
@@ -492,7 +492,7 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
 		 */
 		if (!BUF_MEM_grow_clean(s->internal->init_buf,
 		    msg_len + DTLS1_HM_HEADER_LENGTH)) {
-			SSLerror(ERR_R_BUF_LIB);
+			SSLerror(s, ERR_R_BUF_LIB);
 			return SSL_AD_INTERNAL_ERROR;
 		}
 
@@ -506,7 +506,7 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
 		 * They must be playing with us! BTW, failure to enforce
 		 * upper limit would open possibility for buffer overrun.
 		 */
-		SSLerror(SSL_R_EXCESSIVE_MESSAGE_SIZE);
+		SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE);
 		return SSL_AD_ILLEGAL_PARAMETER;
 	}
 
@@ -799,7 +799,7 @@ again:
 	    /* parse the message fragment header */
 	    dtls1_get_message_header(wire, &msg_hdr) == 0) {
 		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerror(SSL_R_UNEXPECTED_MESSAGE);
+		SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
 		goto f_err;
 	}
 
@@ -841,7 +841,7 @@ again:
 		else /* Incorrectly formated Hello request */
 		{
 			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerror(SSL_R_UNEXPECTED_MESSAGE);
+			SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
 			goto f_err;
 		}
 	}
@@ -872,7 +872,7 @@ again:
 	 */
 	if (i != (int)frag_len) {
 		al = SSL3_AD_ILLEGAL_PARAMETER;
-		SSLerror(SSL3_AD_ILLEGAL_PARAMETER);
+		SSLerror(s, SSL3_AD_ILLEGAL_PARAMETER);
 		goto f_err;
 	}
 
-- 
cgit v1.2.3-55-g6feb