Change SSLerror() back to taking two args, with the first one being an SSL *.

Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
author: beck <beck@openbsd.org> 2017-02-07 02:08:38 +0000
committer: beck <beck@openbsd.org> 2017-02-07 02:08:38 +0000
commit: c9d7abb729ab657a1b8a3ce173cfa0bd7ee58fd6 (patch)
tree: 09c29c4af2291abaaf82756a54ccbd954a6d15c0 /lib/libssl/s3_lib.c
parent: whitespace fixes. no functional change. (diff)
download: wireguard-openbsd-c9d7abb729ab657a1b8a3ce173cfa0bd7ee58fd6.tar.xz
wireguard-openbsd-c9d7abb729ab657a1b8a3ce173cfa0bd7ee58fd6.zip
1 files changed, 24 insertions, 24 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index fbc2d511d3a..d18a2388c34 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.134 2017/02/05 15:06:05 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.135 2017/02/07 02:08:38 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1980,7 +1980,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 
 	if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
 		if (!ssl_cert_inst(&s->cert)) {
-			SSLerror(ERR_R_MALLOC_FAILURE);
+			SSLerror(s, ERR_R_MALLOC_FAILURE);
 			return (0);
 		}
 	}
@@ -2009,17 +2009,17 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		break;
 	case SSL_CTRL_SET_TMP_RSA:
 	case SSL_CTRL_SET_TMP_RSA_CB:
-		SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		break;
 	case SSL_CTRL_SET_TMP_DH:
 		{
 			DH *dh = (DH *)parg;
 			if (dh == NULL) {
-				SSLerror(ERR_R_PASSED_NULL_PARAMETER);
+				SSLerror(s, ERR_R_PASSED_NULL_PARAMETER);
 				return (ret);
 			}
 			if ((dh = DHparams_dup(dh)) == NULL) {
-				SSLerror(ERR_R_DH_LIB);
+				SSLerror(s, ERR_R_DH_LIB);
 				return (ret);
 			}
 			DH_free(s->cert->dh_tmp);
@@ -2029,7 +2029,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		break;
 
 	case SSL_CTRL_SET_TMP_DH_CB:
-		SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return (ret);
 
 	case SSL_CTRL_SET_DH_AUTO:
@@ -2041,18 +2041,18 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 			EC_KEY *ecdh = NULL;
 
 			if (parg == NULL) {
-				SSLerror(ERR_R_PASSED_NULL_PARAMETER);
+				SSLerror(s, ERR_R_PASSED_NULL_PARAMETER);
 				return (ret);
 			}
 			if (!EC_KEY_up_ref((EC_KEY *)parg)) {
-				SSLerror(ERR_R_ECDH_LIB);
+				SSLerror(s, ERR_R_ECDH_LIB);
 				return (ret);
 			}
 			ecdh = (EC_KEY *)parg;
 			if (!(s->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
 				if (!EC_KEY_generate_key(ecdh)) {
 					EC_KEY_free(ecdh);
-					SSLerror(ERR_R_ECDH_LIB);
+					SSLerror(s, ERR_R_ECDH_LIB);
 					return (ret);
 				}
 			}
@@ -2063,7 +2063,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		break;
 	case SSL_CTRL_SET_TMP_ECDH_CB:
 		{
-			SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+			SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 			return (ret);
 		}
 		break;
@@ -2076,16 +2076,16 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 			if (parg == NULL)
 				break;
 			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
-				SSLerror(SSL_R_SSL3_EXT_INVALID_SERVERNAME);
+				SSLerror(s, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
 				return 0;
 			}
 			if ((s->tlsext_hostname = strdup((char *)parg))
 			    == NULL) {
-				SSLerror(ERR_R_INTERNAL_ERROR);
+				SSLerror(s, ERR_R_INTERNAL_ERROR);
 				return 0;
 			}
 		} else {
-			SSLerror(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
+			SSLerror(s, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
 			return 0;
 		}
 		break;
@@ -2173,14 +2173,14 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
 
 	if (cmd == SSL_CTRL_SET_TMP_DH_CB) {
 		if (!ssl_cert_inst(&s->cert)) {
-			SSLerror(ERR_R_MALLOC_FAILURE);
+			SSLerror(s, ERR_R_MALLOC_FAILURE);
 			return (0);
 		}
 	}
 
 	switch (cmd) {
 	case SSL_CTRL_SET_TMP_RSA_CB:
-		SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		break;
 	case SSL_CTRL_SET_TMP_DH_CB:
 		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
@@ -2210,7 +2210,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		return (0);
 	case SSL_CTRL_SET_TMP_RSA:
 	case SSL_CTRL_SET_TMP_RSA_CB:
-		SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return (0);
 	case SSL_CTRL_SET_TMP_DH:
 		{
@@ -2218,7 +2218,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 
 			dh = (DH *)parg;
 			if ((new = DHparams_dup(dh)) == NULL) {
-				SSLerror(ERR_R_DH_LIB);
+				SSLerrorx(ERR_R_DH_LIB);
 				return 0;
 			}
 			DH_free(cert->dh_tmp);
@@ -2228,7 +2228,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		/*break; */
 
 	case SSL_CTRL_SET_TMP_DH_CB:
-		SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return (0);
 
 	case SSL_CTRL_SET_DH_AUTO:
@@ -2240,18 +2240,18 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 			EC_KEY *ecdh = NULL;
 
 			if (parg == NULL) {
-				SSLerror(ERR_R_ECDH_LIB);
+				SSLerrorx(ERR_R_ECDH_LIB);
 				return 0;
 			}
 			ecdh = EC_KEY_dup((EC_KEY *)parg);
 			if (ecdh == NULL) {
-				SSLerror(ERR_R_EC_LIB);
+				SSLerrorx(ERR_R_EC_LIB);
 				return 0;
 			}
 			if (!(ctx->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
 				if (!EC_KEY_generate_key(ecdh)) {
 					EC_KEY_free(ecdh);
-					SSLerror(ERR_R_ECDH_LIB);
+					SSLerrorx(ERR_R_ECDH_LIB);
 					return 0;
 				}
 			}
@@ -2263,7 +2263,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		/* break; */
 	case SSL_CTRL_SET_TMP_ECDH_CB:
 		{
-			SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+			SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 			return (0);
 		}
 		break;
@@ -2277,7 +2277,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 			if (!keys)
 				return 48;
 			if (larg != 48) {
-				SSLerror(SSL_R_INVALID_TICKET_KEYS_LENGTH);
+				SSLerrorx(SSL_R_INVALID_TICKET_KEYS_LENGTH);
 				return 0;
 			}
 			if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
@@ -2356,7 +2356,7 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
 
 	switch (cmd) {
 	case SSL_CTRL_SET_TMP_RSA_CB:
-		SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return (0);
 	case SSL_CTRL_SET_TMP_DH_CB:
 		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
author	beck <beck@openbsd.org>	2017-02-07 02:08:38 +0000
committer	beck <beck@openbsd.org>	2017-02-07 02:08:38 +0000
commit	c9d7abb729ab657a1b8a3ce173cfa0bd7ee58fd6 (patch)
tree	09c29c4af2291abaaf82756a54ccbd954a6d15c0 /lib/libssl/s3_lib.c
parent	whitespace fixes. no functional change. (diff)
download	wireguard-openbsd-c9d7abb729ab657a1b8a3ce173cfa0bd7ee58fd6.tar.xz wireguard-openbsd-c9d7abb729ab657a1b8a3ce173cfa0bd7ee58fd6.zip