From 0d62016eab9c94cf7e9178860d6d3857adf3bc52 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Fri, 11 Nov 2016 14:02:24 +0000 Subject: Change the return value of tls_config_set_protocols() and tls_config_set_verify_depth() from void to int. This makes them consistent with all other tls_config_set_* functions and will allow for call time validation to be implemented. Rides libtls major bump. ok beck@ --- src/lib/libtls/tls.h | 6 +++--- src/lib/libtls/tls_config.c | 16 +++++++++++----- src/lib/libtls/tls_init.3 | 8 ++++---- 3 files changed, 18 insertions(+), 12 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libtls/tls.h b/src/lib/libtls/tls.h index 2f8c721a15..edf7343f2f 100644 --- a/src/lib/libtls/tls.h +++ b/src/lib/libtls/tls.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.h,v 1.41 2016/11/05 15:13:26 beck Exp $ */ +/* $OpenBSD: tls.h,v 1.42 2016/11/11 14:02:24 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -108,8 +108,8 @@ int tls_config_set_keypair_mem(struct tls_config *_config, const uint8_t *_cert, size_t _cert_len, const uint8_t *_key, size_t _key_len); int tls_config_set_ocsp_staple_mem(struct tls_config *_config, char *_staple, size_t _len); int tls_config_set_ocsp_staple_file(struct tls_config *_config, const char *_staple_file); -void tls_config_set_protocols(struct tls_config *_config, uint32_t _protocols); -void tls_config_set_verify_depth(struct tls_config *_config, int _verify_depth); +int tls_config_set_protocols(struct tls_config *_config, uint32_t _protocols); +int tls_config_set_verify_depth(struct tls_config *_config, int _verify_depth); void tls_config_prefer_ciphers_client(struct tls_config *_config); void tls_config_prefer_ciphers_server(struct tls_config *_config); diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c index 3ac674e597..5bc671fc99 100644 --- a/src/lib/libtls/tls_config.c +++ b/src/lib/libtls/tls_config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_config.c,v 1.32 2016/11/05 15:13:26 beck Exp $ */ +/* $OpenBSD: tls_config.c,v 1.33 2016/11/11 14:02:24 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -194,8 +194,10 @@ tls_config_new(void) if (tls_config_set_ciphers(config, "secure") != 0) goto err; - tls_config_set_protocols(config, TLS_PROTOCOLS_DEFAULT); - tls_config_set_verify_depth(config, 6); + if (tls_config_set_protocols(config, TLS_PROTOCOLS_DEFAULT) != 0) + goto err; + if (tls_config_set_verify_depth(config, 6) != 0) + goto err; tls_config_prefer_ciphers_server(config); @@ -575,16 +577,20 @@ tls_config_set_keypair_mem(struct tls_config *config, const uint8_t *cert, return (0); } -void +int tls_config_set_protocols(struct tls_config *config, uint32_t protocols) { config->protocols = protocols; + + return (0); } -void +int tls_config_set_verify_depth(struct tls_config *config, int verify_depth) { config->verify_depth = verify_depth; + + return (0); } void diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index dd167faa54..4e8c4a6627 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_init.3,v 1.80 2016/11/05 18:30:02 bcook Exp $ +.\" $OpenBSD: tls_init.3,v 1.81 2016/11/11 14:02:24 jsing Exp $ .\" .\" Copyright (c) 2014 Ted Unangst .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: November 5 2016 $ +.Dd $Mdocdate: November 11 2016 $ .Dt TLS_INIT 3 .Os .Sh NAME @@ -140,9 +140,9 @@ .Fn tls_config_set_ocsp_staple_mem "struct tls_config *config" "const char *staple" "size_t len" .Ft "int" .Fn tls_config_set_ocsp_staple_file "struct tls_config *config" "const char *staple_file" -.Ft "void" +.Ft "int" .Fn tls_config_set_protocols "struct tls_config *config" "uint32_t protocols" -.Ft "void" +.Ft "int" .Fn tls_config_set_verify_depth "struct tls_config *config" "int verify_depth" .Ft "void" .Fn tls_config_prefer_ciphers_client "struct tls_config *config" -- cgit v1.2.3-55-g6feb