|
@@ -101,8 +101,7 @@ int tls_setup_handshake(SSL *s)
|
|
|
memset(s->ext.extflags, 0, sizeof(s->ext.extflags));
|
|
|
|
|
|
if (ssl_get_min_max_version(s, &ver_min, &ver_max, NULL) != 0) {
|
|
|
- SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_F_TLS_SETUP_HANDSHAKE,
|
|
|
- SSL_R_NO_PROTOCOLS_AVAILABLE);
|
|
|
+ SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_R_NO_PROTOCOLS_AVAILABLE);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -119,12 +118,12 @@ int tls_setup_handshake(SSL *s)
|
|
|
md5sha1_needed = 1;
|
|
|
}
|
|
|
if (md5sha1_needed) {
|
|
|
- SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
|
|
|
- SSL_R_NO_SUITABLE_DIGEST_ALGORITHM);
|
|
|
- ERR_add_error_data(1, "The max supported SSL/TLS version needs the"
|
|
|
- " MD5-SHA1 digest but it is not available"
|
|
|
- " in the loaded providers. Use (D)TLSv1.2 or"
|
|
|
- " above, or load different providers");
|
|
|
+ SSLfatal_data(s, SSL_AD_HANDSHAKE_FAILURE,
|
|
|
+ SSL_R_NO_SUITABLE_DIGEST_ALGORITHM,
|
|
|
+ "The max supported SSL/TLS version needs the"
|
|
|
+ " MD5-SHA1 digest but it is not available"
|
|
|
+ " in the loaded providers. Use (D)TLSv1.2 or"
|
|
|
+ " above, or load different providers");
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -139,8 +138,7 @@ int tls_setup_handshake(SSL *s)
|
|
|
}
|
|
|
if (!ok) {
|
|
|
/* Shouldn't happen */
|
|
|
- SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
}
|
|
@@ -169,10 +167,10 @@ int tls_setup_handshake(SSL *s)
|
|
|
break;
|
|
|
}
|
|
|
if (!ok) {
|
|
|
- SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
|
|
|
- SSL_R_NO_CIPHERS_AVAILABLE);
|
|
|
- ERR_add_error_data(1, "No ciphers enabled for max supported "
|
|
|
- "SSL/TLS version");
|
|
|
+ SSLfatal_data(s, SSL_AD_HANDSHAKE_FAILURE,
|
|
|
+ SSL_R_NO_CIPHERS_AVAILABLE,
|
|
|
+ "No ciphers enabled for max supported "
|
|
|
+ "SSL/TLS version");
|
|
|
return 0;
|
|
|
}
|
|
|
if (SSL_IS_FIRST_HANDSHAKE(s)) {
|
|
@@ -262,8 +260,7 @@ static int get_cert_verify_tbs_data(SSL *s, unsigned char *tls13tbs,
|
|
|
|
|
|
retlen = retlen_l = BIO_get_mem_data(s->s3.handshake_buffer, hdata);
|
|
|
if (retlen_l <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_GET_CERT_VERIFY_TBS_DATA,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
*hdatalen = retlen;
|
|
@@ -285,22 +282,19 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
|
|
|
const SIGALG_LOOKUP *lu = s->s3.tmp.sigalg;
|
|
|
|
|
|
if (lu == NULL || s->s3.tmp.cert == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
goto err;
|
|
|
}
|
|
|
pkey = s->s3.tmp.cert->privatekey;
|
|
|
|
|
|
if (pkey == NULL || !tls1_lookup_md(s->ctx, lu, &md)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
|
mctx = EVP_MD_CTX_new();
|
|
|
if (mctx == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_MALLOC_FAILURE);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
@@ -311,15 +305,13 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
|
|
|
}
|
|
|
|
|
|
if (SSL_USE_SIGALGS(s) && !WPACKET_put_bytes_u16(pkt, lu->sigalg)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
|
if (EVP_DigestSignInit_ex(mctx, &pctx, md == NULL ? NULL : EVP_MD_name(md),
|
|
|
s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
@@ -327,8 +319,7 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
|
|
|
if (EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) <= 0
|
|
|
|| EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx,
|
|
|
RSA_PSS_SALTLEN_DIGEST) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
}
|
|
@@ -347,15 +338,13 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
|
|
|
s->session->master_key) <= 0
|
|
|
|| EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0) {
|
|
|
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
sig = OPENSSL_malloc(siglen);
|
|
|
if (sig == NULL
|
|
|
|| EVP_DigestSignFinal(mctx, sig, &siglen) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
} else {
|
|
@@ -364,15 +353,13 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
|
|
|
* support streaming via EVP_DigestSignUpdate/EVP_DigestSignFinal
|
|
|
*/
|
|
|
if (EVP_DigestSign(mctx, NULL, &siglen, hdata, hdatalen) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
sig = OPENSSL_malloc(siglen);
|
|
|
if (sig == NULL
|
|
|
|| EVP_DigestSign(mctx, sig, &siglen, hdata, hdatalen) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
}
|
|
@@ -389,8 +376,7 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
|
|
|
#endif
|
|
|
|
|
|
if (!WPACKET_sub_memcpy_u16(pkt, sig, siglen)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
@@ -428,21 +414,19 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
|
|
|
EVP_PKEY_CTX *pctx = NULL;
|
|
|
|
|
|
if (mctx == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- ERR_R_MALLOC_FAILURE);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
|
peer = s->session->peer;
|
|
|
pkey = X509_get0_pubkey(peer);
|
|
|
if (pkey == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
|
if (ssl_cert_lookup_by_pkey(pkey, NULL) == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
+ SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
|
|
|
SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
|
|
|
goto err;
|
|
|
}
|
|
@@ -451,8 +435,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
|
|
|
unsigned int sigalg;
|
|
|
|
|
|
if (!PACKET_get_net_2(pkt, &sigalg)) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- SSL_R_BAD_PACKET);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_PACKET);
|
|
|
goto err;
|
|
|
}
|
|
|
if (tls12_check_peer_sigalg(s, sigalg, pkey) <= 0) {
|
|
@@ -460,14 +443,12 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
|
|
|
goto err;
|
|
|
}
|
|
|
} else if (!tls1_set_peer_legacy_sigalg(s, pkey)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
|
if (!tls1_lookup_md(s->ctx, s->s3.tmp.peer_sigalg, &md)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
@@ -491,14 +472,12 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
|
|
|
} else
|
|
|
#endif
|
|
|
if (!PACKET_get_net_2(pkt, &len)) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- SSL_R_LENGTH_MISMATCH);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_MISMATCH);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
|
if (!PACKET_get_bytes(pkt, &data, len)) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- SSL_R_LENGTH_MISMATCH);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_MISMATCH);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
@@ -513,8 +492,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
|
|
|
if (EVP_DigestVerifyInit_ex(mctx, &pctx,
|
|
|
md == NULL ? NULL : EVP_MD_name(md),
|
|
|
s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
#ifndef OPENSSL_NO_GOST
|
|
@@ -524,8 +502,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
|
|
|
|| pktype == NID_id_GostR3410_2012_256
|
|
|
|| pktype == NID_id_GostR3410_2012_512) {
|
|
|
if ((gost_data = OPENSSL_malloc(len)) == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
|
|
- SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_MALLOC_FAILURE);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
|
|
|
goto err;
|
|
|
}
|
|
|
BUF_reverse(gost_data, data, len);
|
|
@@ -538,8 +515,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
|
|
|
if (EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) <= 0
|
|
|
|| EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx,
|
|
|
RSA_PSS_SALTLEN_DIGEST) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
}
|
|
@@ -552,20 +528,17 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
|
|
|
|| EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
|
|
|
(int)s->session->master_key_length,
|
|
|
s->session->master_key) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- ERR_R_EVP_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
if (EVP_DigestVerifyFinal(mctx, data, len) <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_DECRYPT_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- SSL_R_BAD_SIGNATURE);
|
|
|
+ SSLfatal(s, SSL_AD_DECRYPT_ERROR, SSL_R_BAD_SIGNATURE);
|
|
|
goto err;
|
|
|
}
|
|
|
} else {
|
|
|
j = EVP_DigestVerify(mctx, data, len, hdata, hdatalen);
|
|
|
if (j <= 0) {
|
|
|
- SSLfatal(s, SSL_AD_DECRYPT_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
|
|
|
- SSL_R_BAD_SIGNATURE);
|
|
|
+ SSLfatal(s, SSL_AD_DECRYPT_ERROR, SSL_R_BAD_SIGNATURE);
|
|
|
goto err;
|
|
|
}
|
|
|
}
|
|
@@ -634,8 +607,7 @@ int tls_construct_finished(SSL *s, WPACKET *pkt)
|
|
|
s->s3.tmp.finish_md_len = finish_md_len;
|
|
|
|
|
|
if (!WPACKET_memcpy(pkt, s->s3.tmp.finish_md, finish_md_len)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_FINISHED,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -654,8 +626,7 @@ int tls_construct_finished(SSL *s, WPACKET *pkt)
|
|
|
* Copy the finished so we can use it for renegotiation checks
|
|
|
*/
|
|
|
if (!ossl_assert(finish_md_len <= EVP_MAX_MD_SIZE)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_FINISHED,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
if (!s->server) {
|
|
@@ -674,8 +645,7 @@ int tls_construct_finished(SSL *s, WPACKET *pkt)
|
|
|
int tls_construct_key_update(SSL *s, WPACKET *pkt)
|
|
|
{
|
|
|
if (!WPACKET_put_bytes_u8(pkt, s->key_update)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_KEY_UPDATE,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -692,15 +662,13 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
|
|
|
* be on a record boundary.
|
|
|
*/
|
|
|
if (RECORD_LAYER_processed_read_pending(&s->rlayer)) {
|
|
|
- SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_TLS_PROCESS_KEY_UPDATE,
|
|
|
- SSL_R_NOT_ON_RECORD_BOUNDARY);
|
|
|
+ SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_NOT_ON_RECORD_BOUNDARY);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
|
|
|
if (!PACKET_get_1(pkt, &updatetype)
|
|
|
|| PACKET_remaining(pkt) != 0) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_KEY_UPDATE,
|
|
|
- SSL_R_BAD_KEY_UPDATE);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_KEY_UPDATE);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
|
|
@@ -710,8 +678,7 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
|
|
|
*/
|
|
|
if (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED
|
|
|
&& updatetype != SSL_KEY_UPDATE_REQUESTED) {
|
|
|
- SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PROCESS_KEY_UPDATE,
|
|
|
- SSL_R_BAD_KEY_UPDATE);
|
|
|
+ SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_UPDATE);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
|
|
@@ -775,31 +742,25 @@ MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt)
|
|
|
&& remain != DTLS1_CCS_HEADER_LENGTH + 1)
|
|
|
|| (s->version != DTLS1_BAD_VER
|
|
|
&& remain != DTLS1_CCS_HEADER_LENGTH - 1)) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR,
|
|
|
- SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC,
|
|
|
- SSL_R_BAD_CHANGE_CIPHER_SPEC);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_CHANGE_CIPHER_SPEC);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
} else {
|
|
|
if (remain != 0) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR,
|
|
|
- SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC,
|
|
|
- SSL_R_BAD_CHANGE_CIPHER_SPEC);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_CHANGE_CIPHER_SPEC);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
}
|
|
|
|
|
|
/* Check we have a cipher to change to */
|
|
|
if (s->s3.tmp.new_cipher == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE,
|
|
|
- SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY);
|
|
|
+ SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_CCS_RECEIVED_EARLY);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
|
|
|
s->s3.change_cipher_spec = 1;
|
|
|
if (!ssl3_do_change_cipher_spec(s)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
|
|
@@ -848,15 +809,13 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
|
|
|
* message must be on a record boundary.
|
|
|
*/
|
|
|
if (SSL_IS_TLS13(s) && RECORD_LAYER_processed_read_pending(&s->rlayer)) {
|
|
|
- SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_TLS_PROCESS_FINISHED,
|
|
|
- SSL_R_NOT_ON_RECORD_BOUNDARY);
|
|
|
+ SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_NOT_ON_RECORD_BOUNDARY);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
|
|
|
/* If this occurs, we have missed a message */
|
|
|
if (!SSL_IS_TLS13(s) && !s->s3.change_cipher_spec) {
|
|
|
- SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_TLS_PROCESS_FINISHED,
|
|
|
- SSL_R_GOT_A_FIN_BEFORE_A_CCS);
|
|
|
+ SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
s->s3.change_cipher_spec = 0;
|
|
@@ -864,15 +823,13 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
|
|
|
md_len = s->s3.tmp.peer_finish_md_len;
|
|
|
|
|
|
if (md_len != PACKET_remaining(pkt)) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_FINISHED,
|
|
|
- SSL_R_BAD_DIGEST_LENGTH);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_DIGEST_LENGTH);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
|
|
|
if (CRYPTO_memcmp(PACKET_data(pkt), s->s3.tmp.peer_finish_md,
|
|
|
md_len) != 0) {
|
|
|
- SSLfatal(s, SSL_AD_DECRYPT_ERROR, SSL_F_TLS_PROCESS_FINISHED,
|
|
|
- SSL_R_DIGEST_CHECK_FAILED);
|
|
|
+ SSLfatal(s, SSL_AD_DECRYPT_ERROR, SSL_R_DIGEST_CHECK_FAILED);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
|
|
@@ -880,8 +837,7 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
|
|
|
* Copy the finished so we can use it for renegotiation checks
|
|
|
*/
|
|
|
if (!ossl_assert(md_len <= EVP_MAX_MD_SIZE)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_FINISHED,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return MSG_PROCESS_ERROR;
|
|
|
}
|
|
|
if (s->server) {
|
|
@@ -933,8 +889,7 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
|
|
|
int tls_construct_change_cipher_spec(SSL *s, WPACKET *pkt)
|
|
|
{
|
|
|
if (!WPACKET_put_bytes_u8(pkt, SSL3_MT_CCS)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
|
|
- SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -949,14 +904,12 @@ static int ssl_add_cert_to_wpacket(SSL *s, WPACKET *pkt, X509 *x, int chain)
|
|
|
|
|
|
len = i2d_X509(x, NULL);
|
|
|
if (len < 0) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_TO_WPACKET,
|
|
|
- ERR_R_BUF_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_BUF_LIB);
|
|
|
return 0;
|
|
|
}
|
|
|
if (!WPACKET_sub_allocate_bytes_u24(pkt, len, &outbytes)
|
|
|
|| i2d_X509(x, &outbytes) != len) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_TO_WPACKET,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -1004,14 +957,12 @@ static int ssl_add_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk)
|
|
|
s->ctx->propq);
|
|
|
|
|
|
if (xs_ctx == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_CHAIN,
|
|
|
- ERR_R_MALLOC_FAILURE);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
|
|
|
return 0;
|
|
|
}
|
|
|
if (!X509_STORE_CTX_init(xs_ctx, chain_store, x, NULL)) {
|
|
|
X509_STORE_CTX_free(xs_ctx);
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_CHAIN,
|
|
|
- ERR_R_X509_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_X509_LIB);
|
|
|
return 0;
|
|
|
}
|
|
|
/*
|
|
@@ -1033,7 +984,7 @@ static int ssl_add_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk)
|
|
|
ERR_raise(ERR_LIB_SSL, SSL_R_CA_MD_TOO_WEAK);
|
|
|
#endif
|
|
|
X509_STORE_CTX_free(xs_ctx);
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_CHAIN, i);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, i);
|
|
|
return 0;
|
|
|
}
|
|
|
chain_count = sk_X509_num(chain);
|
|
@@ -1050,7 +1001,7 @@ static int ssl_add_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk)
|
|
|
} else {
|
|
|
i = ssl_security_cert_chain(s, extra_certs, x, 0);
|
|
|
if (i != 1) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_CHAIN, i);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, i);
|
|
|
return 0;
|
|
|
}
|
|
|
if (!ssl_add_cert_to_wpacket(s, pkt, x, 0)) {
|
|
@@ -1071,8 +1022,7 @@ static int ssl_add_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk)
|
|
|
unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk)
|
|
|
{
|
|
|
if (!WPACKET_start_sub_packet_u24(pkt)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_OUTPUT_CERT_CHAIN,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -1080,8 +1030,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk)
|
|
|
return 0;
|
|
|
|
|
|
if (!WPACKET_close(pkt)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_OUTPUT_CERT_CHAIN,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -1119,8 +1068,7 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop)
|
|
|
}
|
|
|
|
|
|
if (!ssl_free_wbio_buffer(s)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_FINISH_HANDSHAKE,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return WORK_ERROR;
|
|
|
}
|
|
|
s->init_num = 0;
|
|
@@ -1236,7 +1184,6 @@ int tls_get_message_header(SSL *s, int *mt)
|
|
|
*/
|
|
|
if (s->init_num != 0 || readbytes != 1 || p[0] != SSL3_MT_CCS) {
|
|
|
SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE,
|
|
|
- SSL_F_TLS_GET_MESSAGE_HEADER,
|
|
|
SSL_R_BAD_CHANGE_CIPHER_SPEC);
|
|
|
return 0;
|
|
|
}
|
|
@@ -1258,7 +1205,6 @@ int tls_get_message_header(SSL *s, int *mt)
|
|
|
return 1;
|
|
|
} else if (recvd_type != SSL3_RT_HANDSHAKE) {
|
|
|
SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE,
|
|
|
- SSL_F_TLS_GET_MESSAGE_HEADER,
|
|
|
SSL_R_CCS_RECEIVED_EARLY);
|
|
|
return 0;
|
|
|
}
|
|
@@ -1308,7 +1254,7 @@ int tls_get_message_header(SSL *s, int *mt)
|
|
|
n2l3(p, l);
|
|
|
/* BUF_MEM_grow takes an 'int' parameter */
|
|
|
if (l > (INT_MAX - SSL3_HM_HEADER_LENGTH)) {
|
|
|
- SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_GET_MESSAGE_HEADER,
|
|
|
+ SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
|
|
|
SSL_R_EXCESSIVE_MESSAGE_SIZE);
|
|
|
return 0;
|
|
|
}
|
|
@@ -1964,8 +1910,7 @@ int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions)
|
|
|
if (s->hello_retry_request != SSL_HRR_NONE
|
|
|
&& s->version != TLS1_3_VERSION) {
|
|
|
s->version = origv;
|
|
|
- SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_F_SSL_CHOOSE_CLIENT_VERSION,
|
|
|
- SSL_R_WRONG_SSL_VERSION);
|
|
|
+ SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_R_WRONG_SSL_VERSION);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -1973,9 +1918,7 @@ int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions)
|
|
|
default:
|
|
|
if (s->version != s->method->version) {
|
|
|
s->version = origv;
|
|
|
- SSLfatal(s, SSL_AD_PROTOCOL_VERSION,
|
|
|
- SSL_F_SSL_CHOOSE_CLIENT_VERSION,
|
|
|
- SSL_R_WRONG_SSL_VERSION);
|
|
|
+ SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_R_WRONG_SSL_VERSION);
|
|
|
return 0;
|
|
|
}
|
|
|
/*
|
|
@@ -1997,21 +1940,18 @@ int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions)
|
|
|
ret = ssl_get_min_max_version(s, &ver_min, &ver_max, &real_max);
|
|
|
if (ret != 0) {
|
|
|
s->version = origv;
|
|
|
- SSLfatal(s, SSL_AD_PROTOCOL_VERSION,
|
|
|
- SSL_F_SSL_CHOOSE_CLIENT_VERSION, ret);
|
|
|
+ SSLfatal(s, SSL_AD_PROTOCOL_VERSION, ret);
|
|
|
return 0;
|
|
|
}
|
|
|
if (SSL_IS_DTLS(s) ? DTLS_VERSION_LT(s->version, ver_min)
|
|
|
: s->version < ver_min) {
|
|
|
s->version = origv;
|
|
|
- SSLfatal(s, SSL_AD_PROTOCOL_VERSION,
|
|
|
- SSL_F_SSL_CHOOSE_CLIENT_VERSION, SSL_R_UNSUPPORTED_PROTOCOL);
|
|
|
+ SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_R_UNSUPPORTED_PROTOCOL);
|
|
|
return 0;
|
|
|
} else if (SSL_IS_DTLS(s) ? DTLS_VERSION_GT(s->version, ver_max)
|
|
|
: s->version > ver_max) {
|
|
|
s->version = origv;
|
|
|
- SSLfatal(s, SSL_AD_PROTOCOL_VERSION,
|
|
|
- SSL_F_SSL_CHOOSE_CLIENT_VERSION, SSL_R_UNSUPPORTED_PROTOCOL);
|
|
|
+ SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_R_UNSUPPORTED_PROTOCOL);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -2026,7 +1966,6 @@ int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions)
|
|
|
sizeof(tls12downgrade)) == 0) {
|
|
|
s->version = origv;
|
|
|
SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
|
|
|
- SSL_F_SSL_CHOOSE_CLIENT_VERSION,
|
|
|
SSL_R_INAPPROPRIATE_FALLBACK);
|
|
|
return 0;
|
|
|
}
|
|
@@ -2039,7 +1978,6 @@ int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions)
|
|
|
sizeof(tls11downgrade)) == 0) {
|
|
|
s->version = origv;
|
|
|
SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
|
|
|
- SSL_F_SSL_CHOOSE_CLIENT_VERSION,
|
|
|
SSL_R_INAPPROPRIATE_FALLBACK);
|
|
|
return 0;
|
|
|
}
|
|
@@ -2054,8 +1992,7 @@ int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions)
|
|
|
}
|
|
|
|
|
|
s->version = origv;
|
|
|
- SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_F_SSL_CHOOSE_CLIENT_VERSION,
|
|
|
- SSL_R_UNSUPPORTED_PROTOCOL);
|
|
|
+ SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_R_UNSUPPORTED_PROTOCOL);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -2307,14 +2244,12 @@ int parse_ca_names(SSL *s, PACKET *pkt)
|
|
|
PACKET cadns;
|
|
|
|
|
|
if (ca_sk == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_PARSE_CA_NAMES,
|
|
|
- ERR_R_MALLOC_FAILURE);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
|
|
|
goto err;
|
|
|
}
|
|
|
/* get the CA RDNs */
|
|
|
if (!PACKET_get_length_prefixed_2(pkt, &cadns)) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR,SSL_F_PARSE_CA_NAMES,
|
|
|
- SSL_R_LENGTH_MISMATCH);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_MISMATCH);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
@@ -2324,26 +2259,22 @@ int parse_ca_names(SSL *s, PACKET *pkt)
|
|
|
|
|
|
if (!PACKET_get_net_2(&cadns, &name_len)
|
|
|
|| !PACKET_get_bytes(&cadns, &namebytes, name_len)) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_PARSE_CA_NAMES,
|
|
|
- SSL_R_LENGTH_MISMATCH);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_MISMATCH);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
|
namestart = namebytes;
|
|
|
if ((xn = d2i_X509_NAME(NULL, &namebytes, name_len)) == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_PARSE_CA_NAMES,
|
|
|
- ERR_R_ASN1_LIB);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, ERR_R_ASN1_LIB);
|
|
|
goto err;
|
|
|
}
|
|
|
if (namebytes != (namestart + name_len)) {
|
|
|
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_PARSE_CA_NAMES,
|
|
|
- SSL_R_CA_DN_LENGTH_MISMATCH);
|
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_CA_DN_LENGTH_MISMATCH);
|
|
|
goto err;
|
|
|
}
|
|
|
|
|
|
if (!sk_X509_NAME_push(ca_sk, xn)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_PARSE_CA_NAMES,
|
|
|
- ERR_R_MALLOC_FAILURE);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
|
|
|
goto err;
|
|
|
}
|
|
|
xn = NULL;
|
|
@@ -2380,8 +2311,7 @@ int construct_ca_names(SSL *s, const STACK_OF(X509_NAME) *ca_sk, WPACKET *pkt)
|
|
|
{
|
|
|
/* Start sub-packet for client CA list */
|
|
|
if (!WPACKET_start_sub_packet_u16(pkt)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CONSTRUCT_CA_NAMES,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -2398,16 +2328,14 @@ int construct_ca_names(SSL *s, const STACK_OF(X509_NAME) *ca_sk, WPACKET *pkt)
|
|
|
|| !WPACKET_sub_allocate_bytes_u16(pkt, namelen,
|
|
|
&namebytes)
|
|
|
|| i2d_X509_NAME(name, &namebytes) != namelen) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CONSTRUCT_CA_NAMES,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
|
|
|
if (!WPACKET_close(pkt)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CONSTRUCT_CA_NAMES,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -2422,8 +2350,7 @@ size_t construct_key_exchange_tbs(SSL *s, unsigned char **ptbs,
|
|
|
unsigned char *tbs = OPENSSL_malloc(tbslen);
|
|
|
|
|
|
if (tbs == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS,
|
|
|
- ERR_R_MALLOC_FAILURE);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
|
|
|
return 0;
|
|
|
}
|
|
|
memcpy(tbs, s->s3.client_random, SSL3_RANDOM_SIZE);
|
|
@@ -2448,16 +2375,12 @@ int tls13_save_handshake_digest_for_pha(SSL *s)
|
|
|
|
|
|
s->pha_dgst = EVP_MD_CTX_new();
|
|
|
if (s->pha_dgst == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
|
|
- SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
if (!EVP_MD_CTX_copy_ex(s->pha_dgst,
|
|
|
s->s3.handshake_dgst)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
|
|
- SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
}
|
|
@@ -2471,16 +2394,12 @@ int tls13_save_handshake_digest_for_pha(SSL *s)
|
|
|
int tls13_restore_handshake_digest_for_pha(SSL *s)
|
|
|
{
|
|
|
if (s->pha_dgst == NULL) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
|
|
- SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
if (!EVP_MD_CTX_copy_ex(s->s3.handshake_dgst,
|
|
|
s->pha_dgst)) {
|
|
|
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
|
|
- SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA,
|
|
|
- ERR_R_INTERNAL_ERROR);
|
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
|
return 0;
|
|
|
}
|
|
|
return 1;
|