From 460496e02df69c7c7be18c9b45a095914ee59be4 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Tue, 21 Jan 2020 05:19:02 +0000
Subject: Provide SSL_R_UNKNOWN.

This allows us to indicate that the cause of the failure is unknown, rather
than implying that it was an internal error when it was not.

ok beck@
---
 src/lib/libssl/ssl.h       | 3 ++-
 src/lib/libssl/ssl_err.c   | 5 +++--
 src/lib/libssl/tls13_lib.c | 4 ++--
 3 files changed, 7 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 521fb537de..8ac05ca70f 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.167 2020/01/02 06:37:13 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.168 2020/01/21 05:19:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2162,6 +2162,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_X509_LIB					 268
 #define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS		 269
 #define SSL_R_PEER_BEHAVING_BADLY			 666
+#define SSL_R_UNKNOWN					 999
 
 /*
  * OpenSSL compatible OPENSSL_INIT options
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
index 250a9eef6b..cbc2898234 100644
--- a/src/lib/libssl/ssl_err.c
+++ b/src/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_err.c,v 1.36 2018/03/20 15:28:12 tb Exp $ */
+/* $OpenBSD: ssl_err.c,v 1.37 2020/01/21 05:19:02 jsing Exp $ */
 /* ====================================================================
  * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -462,7 +462,8 @@ static ERR_STRING_DATA SSL_str_reasons[]= {
 	{ERR_REASON(SSL_R_WRONG_VERSION_NUMBER)  , "wrong version number"},
 	{ERR_REASON(SSL_R_X509_LIB)              , "x509 lib"},
 	{ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS), "x509 verification setup problems"},
-	{ERR_REASON(SSL_R_PEER_BEHAVING_BADLY)   ,"peer is doing strange or hostile things"},
+	{ERR_REASON(SSL_R_PEER_BEHAVING_BADLY), "peer is doing strange or hostile things"},
+	{ERR_REASON(SSL_R_UNKNOWN), "unknown failure occurred"},
 	{0, NULL}
 };
 
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index fbd7a9a83a..451e798cb8 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_lib.c,v 1.15 2020/01/21 04:45:18 tb Exp $ */
+/*	$OpenBSD: tls13_lib.c,v 1.16 2020/01/21 05:19:02 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -346,7 +346,7 @@ static void
 tls13_legacy_error(SSL *ssl)
 {
 	struct tls13_ctx *ctx = ssl->internal->tls13;
-	int reason = ERR_R_INTERNAL_ERROR;
+	int reason = SSL_R_UNKNOWN;
 
 	switch (ctx->error.code) {
 	case TLS13_ERR_VERIFY_FAILED:
-- 
cgit v1.2.3-55-g6feb