diff options
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/d1_both.c | 30 | ||||
-rw-r--r-- | ssl/d1_clnt.c | 6 | ||||
-rw-r--r-- | ssl/d1_lib.c | 2 | ||||
-rw-r--r-- | ssl/d1_pkt.c | 32 | ||||
-rw-r--r-- | ssl/d1_srtp.c | 36 | ||||
-rw-r--r-- | ssl/d1_srvr.c | 6 | ||||
-rw-r--r-- | ssl/s3_both.c | 24 | ||||
-rw-r--r-- | ssl/s3_clnt.c | 257 | ||||
-rw-r--r-- | ssl/s3_enc.c | 23 | ||||
-rw-r--r-- | ssl/s3_lib.c | 24 | ||||
-rw-r--r-- | ssl/s3_pkt.c | 75 | ||||
-rw-r--r-- | ssl/s3_srvr.c | 248 | ||||
-rw-r--r-- | ssl/ssl_aead_ctx.c | 20 | ||||
-rw-r--r-- | ssl/ssl_asn1.c | 83 | ||||
-rw-r--r-- | ssl/ssl_cert.c | 34 | ||||
-rw-r--r-- | ssl/ssl_cipher.c | 20 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 98 | ||||
-rw-r--r-- | ssl/ssl_rsa.c | 92 | ||||
-rw-r--r-- | ssl/ssl_sess.c | 27 | ||||
-rw-r--r-- | ssl/ssl_txt.c | 2 | ||||
-rw-r--r-- | ssl/t1_enc.c | 26 | ||||
-rw-r--r-- | ssl/t1_lib.c | 72 |
22 files changed, 532 insertions, 705 deletions
diff --git a/ssl/d1_both.c b/ssl/d1_both.c index 74fc2011..9a778a32 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -155,14 +155,14 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len, frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment)); if (frag == NULL) { - OPENSSL_PUT_ERROR(SSL, dtls1_hm_fragment_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return NULL; } if (frag_len) { buf = (uint8_t *)OPENSSL_malloc(frag_len); if (buf == NULL) { - OPENSSL_PUT_ERROR(SSL, dtls1_hm_fragment_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(frag); return NULL; } @@ -174,13 +174,13 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len, /* Initialize reassembly bitmask if necessary */ if (reassembly && frag_len > 0) { if (frag_len + 7 < frag_len) { - OPENSSL_PUT_ERROR(SSL, dtls1_hm_fragment_new, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); return NULL; } size_t bitmask_len = (frag_len + 7) / 8; bitmask = (uint8_t *)OPENSSL_malloc(bitmask_len); if (bitmask == NULL) { - OPENSSL_PUT_ERROR(SSL, dtls1_hm_fragment_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); if (buf != NULL) { OPENSSL_free(buf); } @@ -326,7 +326,7 @@ int dtls1_do_write(SSL *s, int type, enum dtls1_use_epoch_t use_epoch) { if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) { /* To make forward progress, the MTU must, at minimum, fit the handshake * header and one byte of handshake body. */ - OPENSSL_PUT_ERROR(SSL, dtls1_do_write, SSL_R_MTU_TOO_SMALL); + OPENSSL_PUT_ERROR(SSL, SSL_R_MTU_TOO_SMALL); return -1; } @@ -344,7 +344,7 @@ int dtls1_do_write(SSL *s, int type, enum dtls1_use_epoch_t use_epoch) { assert(type == SSL3_RT_CHANGE_CIPHER_SPEC); /* ChangeCipherSpec cannot be fragmented. */ if (s->init_num > curr_mtu) { - OPENSSL_PUT_ERROR(SSL, dtls1_do_write, SSL_R_MTU_TOO_SMALL); + OPENSSL_PUT_ERROR(SSL, SSL_R_MTU_TOO_SMALL); return -1; } len = s->init_num; @@ -450,8 +450,7 @@ static hm_fragment *dtls1_get_buffered_message( frag->msg_header.msg_len != msg_hdr->msg_len) { /* The new fragment must be compatible with the previous fragments from * this message. */ - OPENSSL_PUT_ERROR(SSL, dtls1_get_buffered_message, - SSL_R_FRAGMENT_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_FRAGMENT_MISMATCH); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER); return NULL; } @@ -481,7 +480,7 @@ static int dtls1_process_fragment(SSL *s) { return ret; } if (ret != DTLS1_HM_HEADER_LENGTH) { - OPENSSL_PUT_ERROR(SSL, dtls1_process_fragment, SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); return -1; } @@ -499,8 +498,7 @@ static int dtls1_process_fragment(SSL *s) { frag_off + frag_len > msg_len || msg_len > dtls1_max_handshake_message_len(s) || frag_len > s->s3->rrec.length) { - OPENSSL_PUT_ERROR(SSL, dtls1_process_fragment, - SSL_R_EXCESSIVE_MESSAGE_SIZE); + OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER); return -1; } @@ -534,7 +532,7 @@ static int dtls1_process_fragment(SSL *s) { ret = dtls1_read_bytes(s, SSL3_RT_HANDSHAKE, frag->fragment + frag_off, frag_len, 0); if (ret != frag_len) { - OPENSSL_PUT_ERROR(SSL, dtls1_process_fragment, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); return -1; } @@ -562,7 +560,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int msg_type, long max, s->s3->tmp.reuse_message = 0; if (msg_type >= 0 && s->s3->tmp.message_type != msg_type) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, dtls1_get_message, SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } *ok = 1; @@ -588,7 +586,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int msg_type, long max, assert(frag->reassembly == NULL); if (frag->msg_header.msg_len > (size_t)max) { - OPENSSL_PUT_ERROR(SSL, dtls1_get_message, SSL_R_EXCESSIVE_MESSAGE_SIZE); + OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE); goto err; } @@ -608,7 +606,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int msg_type, long max, !CBB_add_bytes(&cbb, frag->fragment, frag->msg_header.msg_len) || !CBB_finish(&cbb, NULL, &len)) { CBB_cleanup(&cbb); - OPENSSL_PUT_ERROR(SSL, dtls1_get_message, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } assert(len == (size_t)frag->msg_header.msg_len + DTLS1_HM_HEADER_LENGTH); @@ -624,7 +622,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int msg_type, long max, if (msg_type >= 0 && s->s3->tmp.message_type != msg_type) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, dtls1_get_message, SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } if (hash_message == ssl_hash_message && !ssl3_hash_current_message(s)) { diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 7ccb68eb..2a692f68 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -190,7 +190,7 @@ int dtls1_connect(SSL *s) { /* every DTLS ClientHello resets Finished MAC */ if (!ssl3_init_finished_mac(s)) { - OPENSSL_PUT_ERROR(SSL, dtls1_connect, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ret = -1; goto end; } @@ -476,7 +476,7 @@ int dtls1_connect(SSL *s) { goto end; default: - OPENSSL_PUT_ERROR(SSL, dtls1_connect, SSL_R_UNKNOWN_STATE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_STATE); ret = -1; goto end; } @@ -531,7 +531,7 @@ static int dtls1_get_hello_verify(SSL *s) { !CBS_get_u8_length_prefixed(&hello_verify_request, &cookie) || CBS_len(&hello_verify_request) != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, dtls1_get_hello_verify, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index ef7a9c94..5b58d73c 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -262,7 +262,7 @@ int dtls1_check_timeout_num(SSL *s) { if (s->d1->num_timeouts > DTLS1_MAX_TIMEOUTS) { /* fail the connection, enough alerts have been sent */ - OPENSSL_PUT_ERROR(SSL, dtls1_check_timeout_num, SSL_R_READ_TIMEOUT_EXPIRED); + OPENSSL_PUT_ERROR(SSL, SSL_R_READ_TIMEOUT_EXPIRED); return -1; } diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 553499f2..8cee4e12 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -194,8 +194,7 @@ static int dtls1_process_record(SSL *s) { /* check is not needed I believe */ if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) { al = SSL_AD_RECORD_OVERFLOW; - OPENSSL_PUT_ERROR(SSL, dtls1_process_record, - SSL_R_ENCRYPTED_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_ENCRYPTED_LENGTH_TOO_LONG); goto f_err; } @@ -226,7 +225,7 @@ static int dtls1_process_record(SSL *s) { if (plaintext_len > SSL3_RT_MAX_PLAIN_LENGTH) { al = SSL_AD_RECORD_OVERFLOW; - OPENSSL_PUT_ERROR(SSL, dtls1_process_record, SSL_R_DATA_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG); goto f_err; } assert(plaintext_len < (1u << 16)); @@ -433,7 +432,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) { if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) || (peek && (type != SSL3_RT_APPLICATION_DATA))) { - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -444,7 +443,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) { return i; } if (i == 0) { - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, SSL_R_SSL_HANDSHAKE_FAILURE); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; } } @@ -507,7 +506,7 @@ start: /* TODO(davidben): Is this check redundant with the handshake_func * check? */ al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, SSL_R_APP_DATA_IN_HANDSHAKE); + OPENSSL_PUT_ERROR(SSL, SSL_R_APP_DATA_IN_HANDSHAKE); goto f_err; } @@ -542,7 +541,7 @@ start: /* Alerts may not be fragmented. */ if (rr->length < 2) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, SSL_R_BAD_ALERT); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_ALERT); goto f_err; } @@ -576,8 +575,7 @@ start: s->rwstate = SSL_NOTHING; s->s3->fatal_alert = alert_descr; - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, - SSL_AD_REASON_OFFSET + alert_descr); + OPENSSL_PUT_ERROR(SSL, SSL_AD_REASON_OFFSET + alert_descr); BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; @@ -585,7 +583,7 @@ start: return 0; } else { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, SSL_R_UNKNOWN_ALERT_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_ALERT_TYPE); goto f_err; } @@ -604,7 +602,7 @@ start: * record payload has to look like */ if (rr->length != 1 || rr->off != 0 || rr->data[0] != SSL3_MT_CCS) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, SSL_R_BAD_CHANGE_CIPHER_SPEC); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_CHANGE_CIPHER_SPEC); goto f_err; } @@ -641,7 +639,7 @@ start: if (rr->type == SSL3_RT_HANDSHAKE && !s->in_handshake) { if (rr->length < DTLS1_HM_HEADER_LENGTH) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, SSL_R_BAD_HANDSHAKE_RECORD); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_HANDSHAKE_RECORD); goto f_err; } struct hm_header_st msg_hdr; @@ -669,7 +667,7 @@ start: assert(rr->type != SSL3_RT_CHANGE_CIPHER_SPEC && rr->type != SSL3_RT_ALERT); al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, dtls1_read_bytes, SSL_R_UNEXPECTED_RECORD); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD); f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -686,13 +684,13 @@ int dtls1_write_app_data(SSL *s, const void *buf_, int len) { return i; } if (i == 0) { - OPENSSL_PUT_ERROR(SSL, dtls1_write_app_data, SSL_R_SSL_HANDSHAKE_FAILURE); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; } } if (len > SSL3_RT_MAX_PLAIN_LENGTH) { - OPENSSL_PUT_ERROR(SSL, dtls1_write_app_data, SSL_R_DTLS_MESSAGE_TOO_BIG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DTLS_MESSAGE_TOO_BIG); return -1; } @@ -721,7 +719,7 @@ static int dtls1_seal_record(SSL *s, uint8_t *out, size_t *out_len, size_t max_out, uint8_t type, const uint8_t *in, size_t in_len, enum dtls1_use_epoch_t use_epoch) { if (max_out < DTLS1_RT_HEADER_LENGTH) { - OPENSSL_PUT_ERROR(SSL, dtls1_seal_record, SSL_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL); return 0; } @@ -757,7 +755,7 @@ static int dtls1_seal_record(SSL *s, uint8_t *out, size_t *out_len, } if (ciphertext_len >= 1 << 16) { - OPENSSL_PUT_ERROR(SSL, dtls1_seal_record, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); return 0; } out[11] = ciphertext_len >> 8; diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index 5928fc89..a698b105 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -178,8 +178,7 @@ static int ssl_ctx_make_profiles(const char *profiles_string, profiles = sk_SRTP_PROTECTION_PROFILE_new_null(); if (profiles == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_ctx_make_profiles, - SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); + OPENSSL_PUT_ERROR(SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); return 0; } @@ -190,8 +189,7 @@ static int ssl_ctx_make_profiles(const char *profiles_string, if (find_profile_by_name(ptr, &p, col ? col - ptr : strlen(ptr))) { sk_SRTP_PROTECTION_PROFILE_push(profiles, p); } else { - OPENSSL_PUT_ERROR(SSL, ssl_ctx_make_profiles, - SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); + OPENSSL_PUT_ERROR(SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); return 0; } @@ -255,14 +253,12 @@ int ssl_add_clienthello_use_srtp_ext(SSL *s, uint8_t *p, int *len, int maxlen) { if (p) { if (ct == 0) { - OPENSSL_PUT_ERROR(SSL, ssl_add_clienthello_use_srtp_ext, - SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST); + OPENSSL_PUT_ERROR(SSL, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST); return 0; } if (2 + ct * 2 + 1 > maxlen) { - OPENSSL_PUT_ERROR(SSL, ssl_add_clienthello_use_srtp_ext, - SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); return 0; } @@ -293,16 +289,14 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, CBS *cbs, int *out_alert) { CBS_len(&profile_ids) < 2 || !CBS_get_u8_length_prefixed(cbs, &srtp_mki) || CBS_len(cbs) != 0) { - OPENSSL_PUT_ERROR(SSL, ssl_parse_clienthello_use_srtp_ext, - SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *out_alert = SSL_AD_DECODE_ERROR; goto done; } client_profiles = sk_SRTP_PROTECTION_PROFILE_new_null(); if (client_profiles == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_parse_clienthello_use_srtp_ext, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); *out_alert = SSL_AD_INTERNAL_ERROR; goto done; } @@ -353,14 +347,12 @@ int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) { if (p) { if (maxlen < 5) { - OPENSSL_PUT_ERROR(SSL, ssl_add_serverhello_use_srtp_ext, - SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); return 0; } if (s->srtp_profile == 0) { - OPENSSL_PUT_ERROR(SSL, ssl_add_serverhello_use_srtp_ext, - SSL_R_USE_SRTP_NOT_NEGOTIATED); + OPENSSL_PUT_ERROR(SSL, SSL_R_USE_SRTP_NOT_NEGOTIATED); return 0; } @@ -389,16 +381,14 @@ int ssl_parse_serverhello_use_srtp_ext(SSL *s, CBS *cbs, int *out_alert) { if (!CBS_get_u16_length_prefixed(cbs, &profile_ids) || !CBS_get_u16(&profile_ids, &profile_id) || CBS_len(&profile_ids) != 0 || !CBS_get_u8_length_prefixed(cbs, &srtp_mki) || CBS_len(cbs) != 0) { - OPENSSL_PUT_ERROR(SSL, ssl_parse_serverhello_use_srtp_ext, - SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *out_alert = SSL_AD_DECODE_ERROR; return 0; } if (CBS_len(&srtp_mki) != 0) { /* Must be no MKI, since we never offer one. */ - OPENSSL_PUT_ERROR(SSL, ssl_parse_serverhello_use_srtp_ext, - SSL_R_BAD_SRTP_MKI_VALUE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_MKI_VALUE); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } @@ -407,8 +397,7 @@ int ssl_parse_serverhello_use_srtp_ext(SSL *s, CBS *cbs, int *out_alert) { /* Throw an error if the server gave us an unsolicited extension */ if (client_profiles == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_parse_serverhello_use_srtp_ext, - SSL_R_NO_SRTP_PROFILES); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SRTP_PROFILES); *out_alert = SSL_AD_DECODE_ERROR; return 0; } @@ -425,8 +414,7 @@ int ssl_parse_serverhello_use_srtp_ext(SSL *s, CBS *cbs, int *out_alert) { } } - OPENSSL_PUT_ERROR(SSL, ssl_parse_serverhello_use_srtp_ext, - SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index e49a3f0a..32aa5910 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -151,7 +151,7 @@ int dtls1_accept(SSL *s) { s->in_handshake++; if (s->cert == NULL) { - OPENSSL_PUT_ERROR(SSL, dtls1_accept, SSL_R_NO_CERTIFICATE_SET); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_SET); return -1; } @@ -182,7 +182,7 @@ int dtls1_accept(SSL *s) { } if (!ssl3_init_finished_mac(s)) { - OPENSSL_PUT_ERROR(SSL, dtls1_accept, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ret = -1; goto end; } @@ -439,7 +439,7 @@ int dtls1_accept(SSL *s) { goto end; default: - OPENSSL_PUT_ERROR(SSL, dtls1_accept, SSL_R_UNKNOWN_STATE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_STATE); ret = -1; goto end; } diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 017bda48..7a2236aa 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -242,7 +242,7 @@ int ssl3_get_finished(SSL *s, int a, int b) { * TODO(davidben): Is this check now redundant with SSL3_FLAGS_EXPECT_CCS? */ if (!s->s3->change_cipher_spec) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_finished, SSL_R_GOT_A_FIN_BEFORE_A_CCS); + OPENSSL_PUT_ERROR(SSL, SSL_R_GOT_A_FIN_BEFORE_A_CCS); goto f_err; } s->s3->change_cipher_spec = 0; @@ -252,13 +252,13 @@ int ssl3_get_finished(SSL *s, int a, int b) { if (finished_len != message_len) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_finished, SSL_R_BAD_DIGEST_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_DIGEST_LENGTH); goto f_err; } if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, finished_len) != 0) { al = SSL_AD_DECRYPT_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_finished, SSL_R_DIGEST_CHECK_FAILED); + OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED); goto f_err; } @@ -334,7 +334,7 @@ long ssl3_get_message(SSL *s, int header_state, int body_state, int msg_type, s->s3->tmp.reuse_message = 0; if (msg_type >= 0 && s->s3->tmp.message_type != msg_type) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_message, SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } *ok = 1; @@ -380,7 +380,7 @@ long ssl3_get_message(SSL *s, int header_state, int body_state, int msg_type, if (msg_type >= 0 && *p != msg_type) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_message, SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } s->s3->tmp.message_type = *(p++); @@ -388,12 +388,12 @@ long ssl3_get_message(SSL *s, int header_state, int body_state, int msg_type, n2l3(p, l); if (l > (unsigned long)max) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_message, SSL_R_EXCESSIVE_MESSAGE_SIZE); + OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE); goto f_err; } if (l && !BUF_MEM_grow_clean(s->init_buf, l + 4)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_message, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto err; } s->s3->tmp.message_size = l; @@ -462,14 +462,14 @@ int ssl3_cert_verify_hash(SSL *s, uint8_t *out, size_t *out_len, unsigned len; if (!BIO_mem_contents(s->s3->handshake_buffer, &hdata, &hdatalen)) { - OPENSSL_PUT_ERROR(SSL, ssl3_cert_verify_hash, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } EVP_MD_CTX_init(&mctx); if (!EVP_DigestInit_ex(&mctx, *out_md, NULL) || !EVP_DigestUpdate(&mctx, hdata, hdatalen) || !EVP_DigestFinal(&mctx, out, &len)) { - OPENSSL_PUT_ERROR(SSL, ssl3_cert_verify_hash, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_EVP_LIB); EVP_MD_CTX_cleanup(&mctx); return 0; } @@ -489,7 +489,7 @@ int ssl3_cert_verify_hash(SSL *s, uint8_t *out, size_t *out_len, *out_len = SHA_DIGEST_LENGTH; *out_md = EVP_sha1(); } else { - OPENSSL_PUT_ERROR(SSL, ssl3_cert_verify_hash, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -596,7 +596,7 @@ int ssl3_setup_read_buffer(SSL *s) { return 1; err: - OPENSSL_PUT_ERROR(SSL, ssl3_setup_read_buffer, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } @@ -633,7 +633,7 @@ int ssl3_setup_write_buffer(SSL *s) { return 1; err: - OPENSSL_PUT_ERROR(SSL, ssl3_setup_write_buffer, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index d004f2b7..229a3158 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -221,7 +221,7 @@ int ssl3_connect(SSL *s) { /* don't push the buffering BIO quite yet */ if (!ssl3_init_finished_mac(s)) { - OPENSSL_PUT_ERROR(SSL, ssl3_connect, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ret = -1; goto end; } @@ -554,7 +554,7 @@ int ssl3_connect(SSL *s) { goto end; default: - OPENSSL_PUT_ERROR(SSL, ssl3_connect, SSL_R_UNKNOWN_STATE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_STATE); ret = -1; goto end; } @@ -590,7 +590,7 @@ int ssl3_send_client_hello(SSL *s) { uint16_t max_version = ssl3_get_max_client_version(s); /* Disabling all versions is silly: return an error. */ if (max_version == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_hello, SSL_R_WRONG_SSL_VERSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SSL_VERSION); goto err; } s->version = max_version; @@ -663,7 +663,7 @@ int ssl3_send_client_hello(SSL *s) { *(p++) = i; if (i != 0) { if (i > (int)sizeof(s->session->session_id)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_hello, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } memcpy(p, s->session->session_id, i); @@ -673,7 +673,7 @@ int ssl3_send_client_hello(SSL *s) { /* cookie stuff for DTLS */ if (SSL_IS_DTLS(s)) { if (s->d1->cookie_len > sizeof(s->d1->cookie)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_hello, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } *(p++) = s->d1->cookie_len; @@ -684,8 +684,7 @@ int ssl3_send_client_hello(SSL *s) { /* Ciphers supported */ i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); if (i == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_hello, - SSL_R_NO_CIPHERS_AVAILABLE); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHERS_AVAILABLE); goto err; } s2n(i, p); @@ -697,14 +696,14 @@ int ssl3_send_client_hello(SSL *s) { /* TLS extensions*/ if (ssl_prepare_clienthello_tlsext(s) <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_hello, SSL_R_CLIENTHELLO_TLSEXT); + OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_TLSEXT); goto err; } p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH, p - buf); if (p == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_hello, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } @@ -748,8 +747,7 @@ int ssl3_get_server_hello(SSL *s) { * parameters. Note: this error code comes after the original one. * * See https://crbug.com/446505. */ - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, - SSL_R_HANDSHAKE_FAILURE_ON_CLIENT_HELLO); + OPENSSL_PUT_ERROR(SSL, SSL_R_HANDSHAKE_FAILURE_ON_CLIENT_HELLO); } return n; } @@ -763,14 +761,14 @@ int ssl3_get_server_hello(SSL *s) { !CBS_get_u16(&server_hello, &cipher_suite) || !CBS_get_u8(&server_hello, &compression_method)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } assert(s->s3->have_version == s->s3->initial_handshake_complete); if (!s->s3->have_version) { if (!ssl3_is_version_enabled(s, server_version)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, SSL_R_UNSUPPORTED_PROTOCOL); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_PROTOCOL); s->version = server_version; /* Mark the version as fixed so the record-layer version is not clamped * to TLS 1.0. */ @@ -785,7 +783,7 @@ int ssl3_get_server_hello(SSL *s) { * fixed. Begin enforcing the record-layer version. */ s->s3->have_version = 1; } else if (server_version != s->version) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, SSL_R_WRONG_SSL_VERSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SSL_VERSION); al = SSL_AD_PROTOCOL_VERSION; goto f_err; } @@ -801,7 +799,7 @@ int ssl3_get_server_hello(SSL *s) { memcmp(s->session->sid_ctx, s->sid_ctx, s->sid_ctx_length)) { /* actually a client application bug */ al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, + OPENSSL_PUT_ERROR(SSL, SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); goto f_err; } @@ -822,8 +820,7 @@ int ssl3_get_server_hello(SSL *s) { if (c == NULL) { /* unknown cipher */ al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, - SSL_R_UNKNOWN_CIPHER_RETURNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CIPHER_RETURNED); goto f_err; } /* ct->mask_ssl was computed from client capabilities. Now @@ -839,7 +836,7 @@ int ssl3_get_server_hello(SSL *s) { (c->algorithm_mkey & ct->mask_k) || (c->algorithm_auth & ct->mask_a)) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, SSL_R_WRONG_CIPHER_RETURNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CIPHER_RETURNED); goto f_err; } @@ -847,21 +844,19 @@ int ssl3_get_server_hello(SSL *s) { if (!sk_SSL_CIPHER_find(sk, NULL, c)) { /* we did not say we would use this cipher */ al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, SSL_R_WRONG_CIPHER_RETURNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CIPHER_RETURNED); goto f_err; } if (s->hit) { if (s->session->cipher != c) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, - SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); goto f_err; } if (s->session->ssl_version != s->version) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, - SSL_R_OLD_SESSION_VERSION_NOT_RETURNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_OLD_SESSION_VERSION_NOT_RETURNED); goto f_err; } } @@ -878,14 +873,13 @@ int ssl3_get_server_hello(SSL *s) { /* Only the NULL compression algorithm is supported. */ if (compression_method != 0) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, - SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); goto f_err; } /* TLS extensions */ if (!ssl_parse_serverhello_tlsext(s, &server_hello)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, SSL_R_PARSE_TLSEXT); + OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT); goto err; } @@ -893,7 +887,7 @@ int ssl3_get_server_hello(SSL *s) { if (CBS_len(&server_hello) != 0) { /* wrong packet length */ al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, SSL_R_BAD_PACKET_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_PACKET_LENGTH); goto f_err; } @@ -901,11 +895,9 @@ int ssl3_get_server_hello(SSL *s) { s->s3->tmp.extended_master_secret != s->session->extended_master_secret) { al = SSL_AD_HANDSHAKE_FAILURE; if (s->session->extended_master_secret) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, - SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION); } else { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, - SSL_R_RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION); } goto f_err; } @@ -933,8 +925,7 @@ static int ssl3_check_certificate_for_cipher(X509 *leaf, int expected_type = ssl_cipher_get_key_type(cipher); assert(expected_type != EVP_PKEY_NONE); if (pkey->type != expected_type) { - OPENSSL_PUT_ERROR(SSL, ssl3_check_certificate_for_cipher, - SSL_R_WRONG_CERTIFICATE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CERTIFICATE_TYPE); goto err; } @@ -945,8 +936,7 @@ static int ssl3_check_certificate_for_cipher(X509 *leaf, X509_check_purpose(leaf, -1, 0); if ((leaf->ex_flags & EXFLAG_KUSAGE) && !(leaf->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE)) { - OPENSSL_PUT_ERROR(SSL, ssl3_check_certificate_for_cipher, - SSL_R_ECC_CERT_NOT_FOR_SIGNING); + OPENSSL_PUT_ERROR(SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING); goto err; } } @@ -980,7 +970,7 @@ int ssl3_get_server_certificate(SSL *s) { sk = sk_X509_new_null(); if (sk == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_certificate, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -988,7 +978,7 @@ int ssl3_get_server_certificate(SSL *s) { CBS_len(&certificate_list) == 0 || CBS_len(&cbs) != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_certificate, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } @@ -996,25 +986,23 @@ int ssl3_get_server_certificate(SSL *s) { CBS certificate; if (!CBS_get_u24_length_prefixed(&certificate_list, &certificate)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_certificate, - SSL_R_CERT_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_LENGTH_MISMATCH); goto f_err; } data = CBS_data(&certificate); x = d2i_X509(NULL, &data, CBS_len(&certificate)); if (x == NULL) { al = SSL_AD_BAD_CERTIFICATE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_certificate, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); goto f_err; } if (data != CBS_data(&certificate) + CBS_len(&certificate)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_certificate, - SSL_R_CERT_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_LENGTH_MISMATCH); goto f_err; } if (!sk_X509_push(sk, x)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_certificate, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } x = NULL; @@ -1023,8 +1011,7 @@ int ssl3_get_server_certificate(SSL *s) { i = ssl_verify_cert_chain(s, sk); if (s->verify_mode != SSL_VERIFY_NONE && i <= 0) { al = ssl_verify_alarm_type(s->verify_result); - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_certificate, - SSL_R_CERTIFICATE_VERIFY_FAILED); + OPENSSL_PUT_ERROR(SSL, SSL_R_CERTIFICATE_VERIFY_FAILED); goto f_err; } ERR_clear_error(); /* but we keep s->verify_result */ @@ -1094,8 +1081,7 @@ int ssl3_get_server_key_exchange(SSL *s) { if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) { if (ssl_cipher_requires_server_key_exchange(s->s3->tmp.new_cipher)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); return -1; } @@ -1149,7 +1135,7 @@ int ssl3_get_server_key_exchange(SSL *s) { if (!CBS_get_u16_length_prefixed(&server_key_exchange, &psk_identity_hint)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } @@ -1163,16 +1149,14 @@ int ssl3_get_server_key_exchange(SSL *s) { if (CBS_len(&psk_identity_hint) > PSK_MAX_IDENTITY_LEN || CBS_contains_zero_byte(&psk_identity_hint)) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - SSL_R_DATA_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG); goto f_err; } /* Save the identity hint as a C string. */ if (!CBS_strdup(&psk_identity_hint, &s->s3->tmp.peer_psk_identity_hint)) { al = SSL_AD_INTERNAL_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto f_err; } } @@ -1187,13 +1171,13 @@ int ssl3_get_server_key_exchange(SSL *s) { !CBS_get_u16_length_prefixed(&server_key_exchange, &dh_Ys) || CBS_len(&dh_Ys) == 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } dh = DH_new(); if (dh == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); goto err; } @@ -1201,13 +1185,12 @@ int ssl3_get_server_key_exchange(SSL *s) { (dh->g = BN_bin2bn(CBS_data(&dh_g), CBS_len(&dh_g), NULL)) == NULL || (dh->pub_key = BN_bin2bn(CBS_data(&dh_Ys), CBS_len(&dh_Ys), NULL)) == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BN_LIB); goto err; } if (DH_num_bits(dh) < 1024) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - SSL_R_BAD_DH_P_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_DH_P_LENGTH); goto err; } s->session->sess_cert->peer_dh_tmp = dh; @@ -1223,22 +1206,20 @@ int ssl3_get_server_key_exchange(SSL *s) { * invalid curve. */ if (!tls1_check_curve(s, &server_key_exchange, &curve_id)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, SSL_R_WRONG_CURVE); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE); goto f_err; } curve_nid = tls1_ec_curve_id2nid(curve_id); if (curve_nid == 0) { al = SSL_AD_INTERNAL_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); goto f_err; } ecdh = EC_KEY_new_by_curve_name(curve_nid); if (ecdh == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_EC_LIB); goto err; } @@ -1247,21 +1228,20 @@ int ssl3_get_server_key_exchange(SSL *s) { /* Next, get the encoded ECPoint */ if (!CBS_get_u8_length_prefixed(&server_key_exchange, &point)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) || ((bn_ctx = BN_CTX_new()) == NULL)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_oct2point(group, srvr_ecpoint, CBS_data(&point), CBS_len(&point), bn_ctx)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, SSL_R_BAD_ECPOINT); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_ECPOINT); goto f_err; } EC_KEY_set_public_key(ecdh, srvr_ecpoint); @@ -1273,8 +1253,7 @@ int ssl3_get_server_key_exchange(SSL *s) { srvr_ecpoint = NULL; } else if (!(alg_k & SSL_kPSK)) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } @@ -1306,7 +1285,7 @@ int ssl3_get_server_key_exchange(SSL *s) { if (!CBS_get_u16_length_prefixed(&server_key_exchange, &signature) || CBS_len(&server_key_exchange) != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } @@ -1321,7 +1300,7 @@ int ssl3_get_server_key_exchange(SSL *s) { CBS_len(&signature))) { /* bad signature */ al = SSL_AD_DECRYPT_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, SSL_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE); goto f_err; } } else { @@ -1330,8 +1309,7 @@ int ssl3_get_server_key_exchange(SSL *s) { if (CBS_len(&server_key_exchange) > 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, - SSL_R_EXTRA_DATA_IN_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_EXTRA_DATA_IN_MESSAGE); goto f_err; } } @@ -1389,8 +1367,7 @@ int ssl3_get_certificate_request(SSL *s) { if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, - SSL_R_WRONG_MESSAGE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_MESSAGE_TYPE); goto err; } @@ -1398,14 +1375,14 @@ int ssl3_get_certificate_request(SSL *s) { ca_sk = sk_X509_NAME_new(ca_dn_cmp); if (ca_sk == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } /* get the certificate types */ if (!CBS_get_u8_length_prefixed(&cbs, &certificate_types)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto err; } @@ -1419,14 +1396,13 @@ int ssl3_get_certificate_request(SSL *s) { CBS supported_signature_algorithms; if (!CBS_get_u16_length_prefixed(&cbs, &supported_signature_algorithms)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto err; } if (!tls1_process_sigalgs(s, &supported_signature_algorithms)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, - SSL_R_SIGNATURE_ALGORITHMS_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_SIGNATURE_ALGORITHMS_ERROR); goto err; } } @@ -1434,7 +1410,7 @@ int ssl3_get_certificate_request(SSL *s) { /* get the CA RDNs */ if (!CBS_get_u16_length_prefixed(&cbs, &certificate_authorities)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, SSL_R_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_LENGTH_MISMATCH); goto err; } @@ -1443,8 +1419,7 @@ int ssl3_get_certificate_request(SSL *s) { if (!CBS_get_u16_length_prefixed(&certificate_authorities, &distinguished_name)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, - SSL_R_CA_DN_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_CA_DN_TOO_LONG); goto err; } @@ -1453,26 +1428,24 @@ int ssl3_get_certificate_request(SSL *s) { xn = d2i_X509_NAME(NULL, &data, CBS_len(&distinguished_name)); if (xn == NULL) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); goto err; } if (!CBS_skip(&distinguished_name, data - CBS_data(&distinguished_name))) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } if (CBS_len(&distinguished_name) != 0) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, - SSL_R_CA_DN_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_CA_DN_LENGTH_MISMATCH); goto err; } if (!sk_X509_NAME_push(ca_sk, xn)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_certificate_request, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -1516,7 +1489,7 @@ int ssl3_get_new_session_ticket(SSL *s) { OPENSSL_free(bytes); if (new_session == NULL) { /* This should never happen. */ - OPENSSL_PUT_ERROR(SSL, ssl3_get_new_session_ticket, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } if (s->session->sess_cert != NULL) { @@ -1540,13 +1513,13 @@ int ssl3_get_new_session_ticket(SSL *s) { !CBS_get_u16_length_prefixed(&new_session_ticket, &ticket) || CBS_len(&new_session_ticket) != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_new_session_ticket, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } if (!CBS_stow(&ticket, &s->session->tlsext_tick, &s->session->tlsext_ticklen)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_new_session_ticket, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1594,14 +1567,14 @@ int ssl3_get_cert_status(SSL *s) { CBS_len(&ocsp_response) == 0 || CBS_len(&certificate_status) != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_cert_status, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } if (!CBS_stow(&ocsp_response, &s->session->ocsp_response, &s->session->ocsp_response_length)) { al = SSL_AD_INTERNAL_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_cert_status, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto f_err; } return 1; @@ -1627,7 +1600,7 @@ int ssl3_get_server_done(SSL *s) { if (n > 0) { /* should contain no data */ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); - OPENSSL_PUT_ERROR(SSL, ssl3_get_server_done, SSL_R_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_LENGTH_MISMATCH); return -1; } @@ -1665,8 +1638,7 @@ int ssl3_send_client_key_exchange(SSL *s) { size_t identity_len; if (s->psk_client_callback == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - SSL_R_PSK_NO_CLIENT_CB); + OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_NO_CLIENT_CB); goto err; } @@ -1675,28 +1647,24 @@ int ssl3_send_client_key_exchange(SSL *s) { s->psk_client_callback(s, s->s3->tmp.peer_psk_identity_hint, identity, sizeof(identity), psk, sizeof(psk)); if (psk_len > PSK_MAX_PSK_LEN) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } else if (psk_len == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - SSL_R_PSK_IDENTITY_NOT_FOUND); + OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_NOT_FOUND); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); goto err; } identity_len = OPENSSL_strnlen(identity, sizeof(identity)); if (identity_len > PSK_MAX_IDENTITY_LEN) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } OPENSSL_free(s->session->psk_identity); s->session->psk_identity = BUF_strdup(identity); if (s->session->psk_identity == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1715,15 +1683,13 @@ int ssl3_send_client_key_exchange(SSL *s) { pms_len = SSL_MAX_MASTER_KEY_LENGTH; pms = OPENSSL_malloc(pms_len); if (pms == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } if (s->session->sess_cert == NULL) { /* We should always have a server certificate with SSL_kRSA. */ - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } @@ -1731,8 +1697,7 @@ int ssl3_send_client_key_exchange(SSL *s) { if (pkey == NULL || pkey->type != EVP_PKEY_RSA || pkey->pkey.rsa == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); EVP_PKEY_free(pkey); goto err; } @@ -1756,8 +1721,7 @@ int ssl3_send_client_key_exchange(SSL *s) { } if (!RSA_encrypt(rsa, &enc_pms_len, p, RSA_size(rsa), pms, pms_len, RSA_PKCS1_PADDING)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - SSL_R_BAD_RSA_ENCRYPT); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_RSA_ENCRYPT); goto err; } n += enc_pms_len; @@ -1780,14 +1744,12 @@ int ssl3_send_client_key_exchange(SSL *s) { if (scert == NULL) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); goto err; } if (scert->peer_dh_tmp == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } dh_srvr = scert->peer_dh_tmp; @@ -1795,11 +1757,11 @@ int ssl3_send_client_key_exchange(SSL *s) { /* generate a new random key */ dh_clnt = DHparams_dup(dh_srvr); if (dh_clnt == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); goto err; } if (!DH_generate_key(dh_clnt)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); DH_free(dh_clnt); goto err; } @@ -1807,15 +1769,14 @@ int ssl3_send_client_key_exchange(SSL *s) { pms_len = DH_size(dh_clnt); pms = OPENSSL_malloc(pms_len); if (pms == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); DH_free(dh_clnt); goto err; } dh_len = DH_compute_key(pms, dh_srvr->pub_key, dh_clnt); if (dh_len <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); DH_free(dh_clnt); goto err; } @@ -1835,14 +1796,12 @@ int ssl3_send_client_key_exchange(SSL *s) { if (s->session->sess_cert == NULL) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - SSL_R_UNEXPECTED_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE); goto err; } if (s->session->sess_cert->peer_ecdh_tmp == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } @@ -1851,46 +1810,43 @@ int ssl3_send_client_key_exchange(SSL *s) { srvr_group = EC_KEY_get0_group(tkey); srvr_ecpoint = EC_KEY_get0_public_key(tkey); if (srvr_group == NULL || srvr_ecpoint == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } clnt_ecdh = EC_KEY_new(); if (clnt_ecdh == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_EC_LIB); goto err; } /* Generate a new ECDH key pair */ if (!EC_KEY_generate_key(clnt_ecdh)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, ERR_R_ECDH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ECDH_LIB); goto err; } field_size = EC_GROUP_get_degree(srvr_group); if (field_size <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, ERR_R_ECDH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ECDH_LIB); goto err; } pms_len = (field_size + 7) / 8; pms = OPENSSL_malloc(pms_len); if (pms == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } ecdh_len = ECDH_compute_key(pms, pms_len, srvr_ecpoint, clnt_ecdh, NULL); if (ecdh_len <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, ERR_R_ECDH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ECDH_LIB); goto err; } pms_len = ecdh_len; @@ -1904,8 +1860,7 @@ int ssl3_send_client_key_exchange(SSL *s) { (uint8_t *)OPENSSL_malloc(encoded_pt_len * sizeof(uint8_t)); bn_ctx = BN_CTX_new(); if (encodedPoint == NULL || bn_ctx == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1938,15 +1893,13 @@ int ssl3_send_client_key_exchange(SSL *s) { pms_len = psk_len; pms = OPENSSL_malloc(pms_len); if (pms == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } memset(pms, 0, pms_len); } else { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } @@ -1965,8 +1918,7 @@ int ssl3_send_client_key_exchange(SSL *s) { !CBB_add_bytes(&child, psk, psk_len) || !CBB_finish(&cbb, &new_pms, &new_pms_len)) { CBB_cleanup(&cbb); - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } OPENSSL_cleanse(pms, pms_len); @@ -2026,7 +1978,7 @@ int ssl3_send_cert_verify(SSL *s) { if (SSL_USE_SIGALGS(s)) { md = tls1_choose_signing_digest(s); if (!tls12_get_sigandhash(s, p, md)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_cert_verify, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } p += 2; @@ -2048,8 +2000,7 @@ int ssl3_send_cert_verify(SSL *s) { /* Sign the digest. */ signature_length = ssl_private_key_max_signature_len(s); if (p + 2 + signature_length > buf + SSL3_RT_MAX_PLAIN_LENGTH) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_cert_verify, - SSL_R_DATA_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG); return -1; } @@ -2141,8 +2092,7 @@ int ssl3_send_client_certificate(SSL *s) { } } else if (i == 1) { i = 0; - OPENSSL_PUT_ERROR(SSL, ssl3_send_client_certificate, - SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); } X509_free(x509); @@ -2240,7 +2190,7 @@ int ssl3_send_channel_id(SSL *s) { s->rwstate = SSL_NOTHING; if (EVP_PKEY_id(s->tlsext_channel_id_private) != EVP_PKEY_EC) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_channel_id, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } EC_KEY *ec_key = s->tlsext_channel_id_private->pkey.ec; @@ -2257,8 +2207,7 @@ int ssl3_send_channel_id(SSL *s) { public_key_len = i2o_ECPublicKey(ec_key, NULL); if (public_key_len <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_channel_id, - SSL_R_CANNOT_SERIALIZE_PUBLIC_KEY); + OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_SERIALIZE_PUBLIC_KEY); goto err; } @@ -2266,12 +2215,12 @@ int ssl3_send_channel_id(SSL *s) { * P-256 key, is 0x04 (meaning uncompressed) followed by the x and y * field elements as 32-byte, big-endian numbers. */ if (public_key_len != 65) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_channel_id, SSL_R_CHANNEL_ID_NOT_P256); + OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_NOT_P256); goto err; } public_key = OPENSSL_malloc(public_key_len); if (!public_key) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_channel_id, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -2296,7 +2245,7 @@ int ssl3_send_channel_id(SSL *s) { d += 64; if (!BN_bn2bin_padded(d, 32, sig->r) || !BN_bn2bin_padded(d + 32, 32, sig->s)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_channel_id, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index fbe68da9..458c0609 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -180,7 +180,7 @@ int ssl3_prf(SSL *s, uint8_t *out, size_t out_len, const uint8_t *secret, k++; if (k > sizeof(buf)) { /* bug: 'buf' is too small for this ciphersuite */ - OPENSSL_PUT_ERROR(SSL, ssl3_prf, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -189,7 +189,7 @@ int ssl3_prf(SSL *s, uint8_t *out, size_t out_len, const uint8_t *secret, } c++; if (!EVP_DigestInit_ex(&sha1, EVP_sha1(), NULL)) { - OPENSSL_PUT_ERROR(SSL, ssl3_prf, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP); return 0; } EVP_DigestUpdate(&sha1, buf, k); @@ -204,7 +204,7 @@ int ssl3_prf(SSL *s, uint8_t *out, size_t out_len, const uint8_t *secret, EVP_DigestFinal_ex(&sha1, smd, NULL); if (!EVP_DigestInit_ex(&md5, EVP_md5(), NULL)) { - OPENSSL_PUT_ERROR(SSL, ssl3_prf, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP); return 0; } EVP_DigestUpdate(&md5, secret, secret_len); @@ -288,14 +288,13 @@ int ssl3_digest_cached_records( ssl3_free_digest_list(s); s->s3->handshake_dgst = OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *)); if (s->s3->handshake_dgst == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_digest_cached_records, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } memset(s->s3->handshake_dgst, 0, SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *)); if (!BIO_mem_contents(s->s3->handshake_buffer, &hdata, &hdatalen)) { - OPENSSL_PUT_ERROR(SSL, ssl3_digest_cached_records, - SSL_R_BAD_HANDSHAKE_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_HANDSHAKE_LENGTH); return 0; } @@ -304,13 +303,13 @@ int ssl3_digest_cached_records( if ((mask & ssl_get_algorithm2(s)) && md) { s->s3->handshake_dgst[i] = EVP_MD_CTX_create(); if (s->s3->handshake_dgst[i] == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_digest_cached_records, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP); return 0; } if (!EVP_DigestInit_ex(s->s3->handshake_dgst[i], md, NULL)) { EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]); s->s3->handshake_dgst[i] = NULL; - OPENSSL_PUT_ERROR(SSL, ssl3_digest_cached_records, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP); return 0; } EVP_DigestUpdate(s->s3->handshake_dgst[i], hdata, hdatalen); @@ -373,14 +372,14 @@ static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len, } if (!d) { - OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, SSL_R_NO_REQUIRED_DIGEST); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_REQUIRED_DIGEST); return 0; } EVP_MD_CTX_init(&ctx); if (!EVP_MD_CTX_copy_ex(&ctx, d)) { EVP_MD_CTX_cleanup(&ctx); - OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP); return 0; } @@ -399,7 +398,7 @@ static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len, if (!EVP_DigestInit_ex(&ctx, EVP_MD_CTX_md(&ctx), NULL)) { EVP_MD_CTX_cleanup(&ctx); - OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP); return 0; } EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length); @@ -420,7 +419,7 @@ int ssl3_record_sequence_update(uint8_t *seq, size_t seq_len) { return 1; } } - OPENSSL_PUT_ERROR(SSL, ssl3_record_sequence_update, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); return 0; } diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 7acbd23b..f9041e07 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -274,7 +274,7 @@ int SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh) { DH_free(ctx->cert->dh_tmp); ctx->cert->dh_tmp = DHparams_dup(dh); if (ctx->cert->dh_tmp == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_tmp_dh, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); return 0; } return 1; @@ -284,7 +284,7 @@ int SSL_set_tmp_dh(SSL *ssl, const DH *dh) { DH_free(ssl->cert->dh_tmp); ssl->cert->dh_tmp = DHparams_dup(dh); if (ssl->cert->dh_tmp == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_set_tmp_dh, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); return 0; } return 1; @@ -292,7 +292,7 @@ int SSL_set_tmp_dh(SSL *ssl, const DH *dh) { int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key) { if (ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_tmp_ecdh, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } ctx->cert->ecdh_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key)); @@ -301,7 +301,7 @@ int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key) { int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key) { if (ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_set_tmp_ecdh, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } ssl->cert->ecdh_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key)); @@ -322,8 +322,7 @@ int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) { ctx->tlsext_channel_id_enabled = 1; if (EVP_PKEY_id(private_key) != EVP_PKEY_EC || EVP_PKEY_bits(private_key) != 256) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_set1_tls_channel_id, - SSL_R_CHANNEL_ID_NOT_P256); + OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_NOT_P256); return 0; } EVP_PKEY_free(ctx->tlsext_channel_id_private); @@ -335,7 +334,7 @@ int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key) { ssl->tlsext_channel_id_enabled = 1; if (EVP_PKEY_id(private_key) != EVP_PKEY_EC || EVP_PKEY_bits(private_key) != 256) { - OPENSSL_PUT_ERROR(SSL, SSL_set1_tls_channel_id, SSL_R_CHANNEL_ID_NOT_P256); + OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_NOT_P256); return 0; } EVP_PKEY_free(ssl->tlsext_channel_id_private); @@ -359,13 +358,12 @@ int SSL_set_tlsext_host_name(SSL *ssl, const char *name) { return 1; } if (strlen(name) > TLSEXT_MAXLEN_host_name) { - OPENSSL_PUT_ERROR(SSL, SSL_set_tlsext_host_name, - SSL_R_SSL3_EXT_INVALID_SERVERNAME); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); return 0; } ssl->tlsext_hostname = BUF_strdup(name); if (ssl->tlsext_hostname == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_set_tlsext_host_name, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } return 1; @@ -485,8 +483,7 @@ int SSL_CTX_get_tlsext_ticket_keys(SSL_CTX *ctx, void *out, size_t len) { return 48; } if (len != 48) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_get_tlsext_ticket_keys, - SSL_R_INVALID_TICKET_KEYS_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH); return 0; } uint8_t *out_bytes = out; @@ -501,8 +498,7 @@ int SSL_CTX_set_tlsext_ticket_keys(SSL_CTX *ctx, const void *in, size_t len) { return 48; } if (len != 48) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_tlsext_ticket_keys, - SSL_R_INVALID_TICKET_KEYS_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH); return 0; } const uint8_t *in_bytes = in; diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index bfe7f4a7..c1dfb91f 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -206,7 +206,7 @@ int ssl3_read_n(SSL *s, int n, int extend) { } if (n > (int)(rb->len - rb->offset)) { - OPENSSL_PUT_ERROR(SSL, ssl3_read_n, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -223,7 +223,7 @@ int ssl3_read_n(SSL *s, int n, int extend) { s->rwstate = SSL_READING; i = BIO_read(s->rbio, pkt + len + left, max - left); } else { - OPENSSL_PUT_ERROR(SSL, ssl3_read_n, SSL_R_READ_BIO_NOT_SET); + OPENSSL_PUT_ERROR(SSL, SSL_R_READ_BIO_NOT_SET); i = -1; } @@ -305,19 +305,19 @@ again: n2s(p, rr->length); if (s->s3->have_version && version != s->version) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_record, SSL_R_WRONG_VERSION_NUMBER); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_VERSION_NUMBER); al = SSL_AD_PROTOCOL_VERSION; goto f_err; } if ((version >> 8) != SSL3_VERSION_MAJOR) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_record, SSL_R_WRONG_VERSION_NUMBER); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_VERSION_NUMBER); goto err; } if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH + extra) { al = SSL_AD_RECORD_OVERFLOW; - OPENSSL_PUT_ERROR(SSL, ssl3_get_record, SSL_R_ENCRYPTED_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_ENCRYPTED_LENGTH_TOO_LONG); goto f_err; } @@ -357,8 +357,7 @@ again: rr->type, s->version, s->s3->read_sequence, rr->data, rr->length)) { al = SSL_AD_BAD_RECORD_MAC; - OPENSSL_PUT_ERROR(SSL, ssl3_get_record, - SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); goto f_err; } if (!ssl3_record_sequence_update(s->s3->read_sequence, 8)) { @@ -366,7 +365,7 @@ again: } if (plaintext_len > SSL3_RT_MAX_PLAIN_LENGTH + extra) { al = SSL_AD_RECORD_OVERFLOW; - OPENSSL_PUT_ERROR(SSL, ssl3_get_record, SSL_R_DATA_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG); goto f_err; } assert(plaintext_len <= (1u << 16)); @@ -387,7 +386,7 @@ again: s->s3->empty_record_count++; if (s->s3->empty_record_count > kMaxEmptyRecords) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_record, SSL_R_TOO_MANY_EMPTY_FRAGMENTS); + OPENSSL_PUT_ERROR(SSL, SSL_R_TOO_MANY_EMPTY_FRAGMENTS); goto f_err; } goto again; @@ -424,7 +423,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) { return i; } if (i == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_write_bytes, SSL_R_SSL_HANDSHAKE_FAILURE); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; } } @@ -437,7 +436,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) { * beyond the end of the users buffer ... so we trap and report the error in * a way the user will notice. */ if (len < 0 || (size_t)len < tot) { - OPENSSL_PUT_ERROR(SSL, ssl3_write_bytes, SSL_R_BAD_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_LENGTH); return -1; } @@ -487,7 +486,7 @@ static int ssl3_seal_record(SSL *s, uint8_t *out, size_t *out_len, size_t max_out, uint8_t type, const uint8_t *in, size_t in_len) { if (max_out < SSL3_RT_HEADER_LENGTH) { - OPENSSL_PUT_ERROR(SSL, ssl3_seal_record, SSL_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL); return 0; } @@ -512,7 +511,7 @@ static int ssl3_seal_record(SSL *s, uint8_t *out, size_t *out_len, } if (ciphertext_len >= 1 << 16) { - OPENSSL_PUT_ERROR(SSL, ssl3_seal_record, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); return 0; } out[3] = ciphertext_len >> 8; @@ -624,7 +623,7 @@ int ssl3_write_pending(SSL *s, int type, const uint8_t *buf, unsigned int len) { (s->s3->wpend_buf != buf && !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) || s->s3->wpend_type != type) { - OPENSSL_PUT_ERROR(SSL, ssl3_write_pending, SSL_R_BAD_WRITE_RETRY); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_WRITE_RETRY); return -1; } @@ -635,7 +634,7 @@ int ssl3_write_pending(SSL *s, int type, const uint8_t *buf, unsigned int len) { i = BIO_write(s->wbio, (char *)&(wb->buf[wb->offset]), (unsigned int)wb->left); } else { - OPENSSL_PUT_ERROR(SSL, ssl3_write_pending, SSL_R_BIO_NOT_SET); + OPENSSL_PUT_ERROR(SSL, SSL_R_BIO_NOT_SET); i = -1; } if (i == wb->left) { @@ -666,8 +665,7 @@ int ssl3_write_pending(SSL *s, int type, const uint8_t *buf, unsigned int len) { * function returns zero. Otherwise, the function returns one. */ int ssl3_expect_change_cipher_spec(SSL *s) { if (s->s3->handshake_fragment_len > 0 || s->s3->tmp.reuse_message) { - OPENSSL_PUT_ERROR(SSL, ssl3_expect_change_cipher_spec, - SSL_R_UNPROCESSED_HANDSHAKE_DATA); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNPROCESSED_HANDSHAKE_DATA); return 0; } @@ -718,7 +716,7 @@ int ssl3_read_bytes(SSL *s, int type, uint8_t *buf, int len, int peek) { if ((type && type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_HANDSHAKE) || (peek && type != SSL3_RT_APPLICATION_DATA)) { - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -757,7 +755,7 @@ int ssl3_read_bytes(SSL *s, int type, uint8_t *buf, int len, int peek) { return i; } if (i == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_SSL_HANDSHAKE_FAILURE); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; } } @@ -786,8 +784,7 @@ start: if (s->s3->change_cipher_spec && rr->type != SSL3_RT_HANDSHAKE && rr->type != SSL3_RT_ALERT) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, - SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); + OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); goto f_err; } @@ -795,7 +792,7 @@ start: * Handshake record. */ if (rr->type == SSL3_RT_HANDSHAKE && (s->s3->flags & SSL3_FLAGS_EXPECT_CCS)) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_HANDSHAKE_RECORD_BEFORE_CCS); + OPENSSL_PUT_ERROR(SSL, SSL_R_HANDSHAKE_RECORD_BEFORE_CCS); goto f_err; } @@ -818,7 +815,7 @@ start: /* TODO(davidben): Is this check redundant with the handshake_func * check? */ al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_APP_DATA_IN_HANDSHAKE); + OPENSSL_PUT_ERROR(SSL, SSL_R_APP_DATA_IN_HANDSHAKE); goto f_err; } @@ -855,7 +852,7 @@ start: * are fatal. Renegotiations as a server are never supported. */ if (!s->accept_peer_renegotiations || s->server) { al = SSL_AD_NO_RENEGOTIATION; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_NO_RENEGOTIATION); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_RENEGOTIATION); goto f_err; } @@ -878,7 +875,7 @@ start: s->s3->handshake_fragment[2] != 0 || s->s3->handshake_fragment[3] != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_BAD_HELLO_REQUEST); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_HELLO_REQUEST); goto f_err; } s->s3->handshake_fragment_len = 0; @@ -892,7 +889,7 @@ start: /* This cannot happen. If a handshake is in progress, |type| must be * |SSL3_RT_HANDSHAKE|. */ assert(0); - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } @@ -902,7 +899,7 @@ start: * record while an application_data record is being written. */ if (s->s3->wbuf.left != 0 || s->s3->rbuf.left != 0) { al = SSL_AD_NO_RENEGOTIATION; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_NO_RENEGOTIATION); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_RENEGOTIATION); goto f_err; } @@ -913,7 +910,7 @@ start: return i; } if (i == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_SSL_HANDSHAKE_FAILURE); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; } @@ -927,7 +924,7 @@ start: /* Alerts may not be fragmented. */ if (rr->length < 2) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_BAD_ALERT); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_ALERT); goto f_err; } @@ -966,14 +963,14 @@ start: * peer refused it where we carry on. */ else if (alert_descr == SSL_AD_NO_RENEGOTIATION) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_NO_RENEGOTIATION); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_RENEGOTIATION); goto f_err; } s->s3->warning_alert_count++; if (s->s3->warning_alert_count > kMaxWarningAlerts) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_TOO_MANY_WARNING_ALERTS); + OPENSSL_PUT_ERROR(SSL, SSL_R_TOO_MANY_WARNING_ALERTS); goto f_err; } } else if (alert_level == SSL3_AL_FATAL) { @@ -981,8 +978,7 @@ start: s->rwstate = SSL_NOTHING; s->s3->fatal_alert = alert_descr; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, - SSL_AD_REASON_OFFSET + alert_descr); + OPENSSL_PUT_ERROR(SSL, SSL_AD_REASON_OFFSET + alert_descr); BIO_snprintf(tmp, sizeof(tmp), "%d", alert_descr); ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; @@ -990,7 +986,7 @@ start: return 0; } else { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_UNKNOWN_ALERT_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_ALERT_TYPE); goto f_err; } @@ -1009,20 +1005,20 @@ start: * record payload has to look like */ if (rr->length != 1 || rr->off != 0 || rr->data[0] != SSL3_MT_CCS) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_BAD_CHANGE_CIPHER_SPEC); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_CHANGE_CIPHER_SPEC); goto f_err; } /* Check we have a cipher to change to */ if (s->s3->tmp.new_cipher == NULL) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_CCS_RECEIVED_EARLY); + OPENSSL_PUT_ERROR(SSL, SSL_R_CCS_RECEIVED_EARLY); goto f_err; } if (!(s->s3->flags & SSL3_FLAGS_EXPECT_CCS)) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_CCS_RECEIVED_EARLY); + OPENSSL_PUT_ERROR(SSL, SSL_R_CCS_RECEIVED_EARLY); goto f_err; } @@ -1048,7 +1044,7 @@ start: rr->type != SSL3_RT_HANDSHAKE); al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_UNEXPECTED_RECORD); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD); f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -1068,8 +1064,7 @@ int ssl3_do_change_cipher_spec(SSL *s) { if (s->s3->tmp.key_block == NULL) { if (s->session == NULL || s->session->master_key_length == 0) { /* might happen if dtls1_read_bytes() calls this */ - OPENSSL_PUT_ERROR(SSL, ssl3_do_change_cipher_spec, - SSL_R_CCS_RECEIVED_EARLY); + OPENSSL_PUT_ERROR(SSL, SSL_R_CCS_RECEIVED_EARLY); return 0; } diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index ceab0aec..cb2e6088 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -199,7 +199,7 @@ int ssl3_accept(SSL *s) { s->in_handshake++; if (s->cert == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_accept, SSL_R_NO_CERTIFICATE_SET); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_SET); return -1; } @@ -231,7 +231,7 @@ int ssl3_accept(SSL *s) { } if (!ssl3_init_finished_mac(s)) { - OPENSSL_PUT_ERROR(SSL, ssl3_accept, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ret = -1; goto end; } @@ -564,7 +564,7 @@ int ssl3_accept(SSL *s) { goto end; default: - OPENSSL_PUT_ERROR(SSL, ssl3_accept, SSL_R_UNKNOWN_STATE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_STATE); ret = -1; goto end; } @@ -631,11 +631,11 @@ int ssl3_get_initial_bytes(SSL *s) { strncmp("POST ", (const char *)p, 5) == 0 || strncmp("HEAD ", (const char *)p, 5) == 0 || strncmp("PUT ", (const char *)p, 4) == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_initial_bytes, SSL_R_HTTP_REQUEST); + OPENSSL_PUT_ERROR(SSL, SSL_R_HTTP_REQUEST); return -1; } if (strncmp("CONNECT ", (const char *)p, 8) == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_initial_bytes, SSL_R_HTTPS_PROXY_REQUEST); + OPENSSL_PUT_ERROR(SSL, SSL_R_HTTPS_PROXY_REQUEST); return -1; } @@ -669,7 +669,7 @@ int ssl3_get_initial_bytes(SSL *s) { return 1; } - OPENSSL_PUT_ERROR(SSL, ssl3_get_initial_bytes, SSL_R_UNKNOWN_PROTOCOL); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_PROTOCOL); return -1; } @@ -689,15 +689,14 @@ int ssl3_get_v2_client_hello(SSL *s) { p = (const uint8_t *)s->s3->sniff_buffer->data; msg_length = ((p[0] & 0x7f) << 8) | p[1]; if (msg_length > (1024 * 4)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_v2_client_hello, SSL_R_RECORD_TOO_LARGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE); return -1; } if (msg_length < INITIAL_SNIFF_BUFFER_SIZE - 2) { /* Reject lengths that are too short early. We have already read 8 bytes, * so we should not attempt to process an (invalid) V2ClientHello which * would be shorter than that. */ - OPENSSL_PUT_ERROR(SSL, ssl3_get_v2_client_hello, - SSL_R_RECORD_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_LENGTH_MISMATCH); return -1; } @@ -729,7 +728,7 @@ int ssl3_get_v2_client_hello(SSL *s) { !CBS_get_bytes(&v2_client_hello, &session_id, session_id_length) || !CBS_get_bytes(&v2_client_hello, &challenge, challenge_length) || CBS_len(&v2_client_hello) != 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_v2_client_hello, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); return -1; } @@ -758,7 +757,7 @@ int ssl3_get_v2_client_hello(SSL *s) { !CBB_add_u8(&hello_body, 0) || !CBB_add_u16_length_prefixed(&hello_body, &cipher_suites)) { CBB_cleanup(&client_hello); - OPENSSL_PUT_ERROR(SSL, ssl3_get_v2_client_hello, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return -1; } @@ -767,7 +766,7 @@ int ssl3_get_v2_client_hello(SSL *s) { uint32_t cipher_spec; if (!CBS_get_u24(&cipher_specs, &cipher_spec)) { CBB_cleanup(&client_hello); - OPENSSL_PUT_ERROR(SSL, ssl3_get_v2_client_hello, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); return -1; } @@ -777,7 +776,7 @@ int ssl3_get_v2_client_hello(SSL *s) { } if (!CBB_add_u16(&cipher_suites, cipher_spec)) { CBB_cleanup(&client_hello); - OPENSSL_PUT_ERROR(SSL, ssl3_get_v2_client_hello, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } } @@ -786,7 +785,7 @@ int ssl3_get_v2_client_hello(SSL *s) { if (!CBB_add_u8(&hello_body, 1) || !CBB_add_u8(&hello_body, 0) || !CBB_finish(&client_hello, NULL, &len)) { CBB_cleanup(&client_hello); - OPENSSL_PUT_ERROR(SSL, ssl3_get_v2_client_hello, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -846,8 +845,7 @@ int ssl3_get_client_hello(SSL *s) { early_ctx.client_hello_len = n; if (!ssl_early_callback_init(&early_ctx)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, - SSL_R_CLIENTHELLO_PARSE_FAILED); + OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED); goto f_err; } @@ -862,8 +860,7 @@ int ssl3_get_client_hello(SSL *s) { case -1: /* Connection rejected. */ al = SSL_AD_ACCESS_DENIED; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, - SSL_R_CONNECTION_REJECTED); + OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_REJECTED); goto f_err; default: @@ -874,7 +871,7 @@ int ssl3_get_client_hello(SSL *s) { break; default: - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_UNKNOWN_STATE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_STATE); return -1; } @@ -884,7 +881,7 @@ int ssl3_get_client_hello(SSL *s) { !CBS_get_u8_length_prefixed(&client_hello, &session_id) || CBS_len(&session_id) > SSL_MAX_SSL_SESSION_ID_LENGTH) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } @@ -901,7 +898,7 @@ int ssl3_get_client_hello(SSL *s) { if (!CBS_get_u8_length_prefixed(&client_hello, &cookie) || CBS_len(&cookie) > DTLS1_COOKIE_LENGTH) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } } @@ -915,7 +912,7 @@ int ssl3_get_client_hello(SSL *s) { /* Select version to use */ uint16_t version = ssl3_get_mutual_version(s, client_version); if (version == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_UNSUPPORTED_PROTOCOL); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_PROTOCOL); s->version = s->client_version; al = SSL_AD_PROTOCOL_VERSION; goto f_err; @@ -928,7 +925,7 @@ int ssl3_get_client_hello(SSL *s) { s->s3->have_version = 1; } else if (SSL_IS_DTLS(s) ? (s->client_version > s->version) : (s->client_version < s->version)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_WRONG_VERSION_NUMBER); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_VERSION_NUMBER); al = SSL_AD_PROTOCOL_VERSION; goto f_err; } @@ -965,8 +962,7 @@ int ssl3_get_client_hello(SSL *s) { /* A ClientHello without EMS that attempts to resume a session with EMS * is fatal to the connection. */ al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, - SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION); goto f_err; } @@ -993,7 +989,7 @@ int ssl3_get_client_hello(SSL *s) { if (s->ctx->dos_protection_cb != NULL && s->ctx->dos_protection_cb(&early_ctx) == 0) { /* Connection rejected for DOS reasons. */ al = SSL_AD_ACCESS_DENIED; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_CONNECTION_REJECTED); + OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_REJECTED); goto f_err; } @@ -1003,7 +999,7 @@ int ssl3_get_client_hello(SSL *s) { !CBS_get_u8_length_prefixed(&client_hello, &compression_methods) || CBS_len(&compression_methods) == 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } @@ -1030,8 +1026,7 @@ int ssl3_get_client_hello(SSL *s) { /* we need to have the cipher in the cipher list if we are asked to reuse * it */ al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, - SSL_R_REQUIRED_CIPHER_MISSING); + OPENSSL_PUT_ERROR(SSL, SSL_R_REQUIRED_CIPHER_MISSING); goto f_err; } } @@ -1040,15 +1035,14 @@ int ssl3_get_client_hello(SSL *s) { if (memchr(CBS_data(&compression_methods), 0, CBS_len(&compression_methods)) == NULL) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, - SSL_R_NO_COMPRESSION_SPECIFIED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMPRESSION_SPECIFIED); goto f_err; } /* TLS extensions. */ if (s->version >= SSL3_VERSION && !ssl_parse_clienthello_tlsext(s, &client_hello)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_PARSE_TLSEXT); + OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT); goto err; } @@ -1056,13 +1050,13 @@ int ssl3_get_client_hello(SSL *s) { if (CBS_len(&client_hello) != 0) { /* wrong packet length */ al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_BAD_PACKET_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_PACKET_LENGTH); goto f_err; } if (have_extended_master_secret != s->s3->tmp.extended_master_secret) { al = SSL_AD_INTERNAL_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_EMS_STATE_INCONSISTENT); + OPENSSL_PUT_ERROR(SSL, SSL_R_EMS_STATE_INCONSISTENT); goto f_err; } @@ -1070,7 +1064,7 @@ int ssl3_get_client_hello(SSL *s) { if (!s->hit) { if (ciphers == NULL) { al = SSL_AD_ILLEGAL_PARAMETER; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_NO_CIPHERS_PASSED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHERS_PASSED); goto f_err; } @@ -1079,7 +1073,7 @@ int ssl3_get_client_hello(SSL *s) { int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg); if (rv == 0) { al = SSL_AD_INTERNAL_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_CERT_CB_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_CB_ERROR); goto f_err; } if (rv < 0) { @@ -1092,7 +1086,7 @@ int ssl3_get_client_hello(SSL *s) { if (c == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_NO_SHARED_CIPHER); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_CIPHER); goto f_err; } s->s3->tmp.new_cipher = c; @@ -1178,7 +1172,7 @@ int ssl3_send_server_hello(SSL *s) { /* Random stuff */ if (!ssl_fill_hello_random(s->s3->server_random, SSL3_RANDOM_SIZE, 1 /* server */)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_hello, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE); @@ -1202,7 +1196,7 @@ int ssl3_send_server_hello(SSL *s) { sl = s->session->session_id_length; if (sl > (int)sizeof(s->session->session_id)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_hello, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } *(p++) = sl; @@ -1215,12 +1209,12 @@ int ssl3_send_server_hello(SSL *s) { /* put the compression method */ *(p++) = 0; if (ssl_prepare_serverhello_tlsext(s) <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_hello, SSL_R_SERVERHELLO_TLSEXT); + OPENSSL_PUT_ERROR(SSL, SSL_R_SERVERHELLO_TLSEXT); return -1; } p = ssl_add_serverhello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH); if (p == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_hello, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -1297,25 +1291,23 @@ int ssl3_send_server_key_exchange(SSL *s) { } if (dhp == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, - SSL_R_MISSING_TMP_DH_KEY); + OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_TMP_DH_KEY); goto f_err; } if (s->s3->tmp.dh != NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } dh = DHparams_dup(dhp); if (dh == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); goto err; } s->s3->tmp.dh = dh; if (!DH_generate_key(dh)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); goto err; } @@ -1339,14 +1331,12 @@ int ssl3_send_server_key_exchange(SSL *s) { } if (nid == NID_undef) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, - SSL_R_MISSING_TMP_ECDH_KEY); + OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_TMP_ECDH_KEY); goto f_err; } if (s->s3->tmp.ecdh != NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } ecdh = EC_KEY_new_by_curve_name(nid); @@ -1356,15 +1346,14 @@ int ssl3_send_server_key_exchange(SSL *s) { s->s3->tmp.ecdh = ecdh; if (!EC_KEY_generate_key(ecdh)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, ERR_R_ECDH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ECDH_LIB); goto err; } /* We only support ephemeral ECDH keys over named (not generic) curves. */ const EC_GROUP *group = EC_KEY_get0_group(ecdh); if (!tls1_ec_nid2curve_id(&curve_id, EC_GROUP_get_curve_name(group))) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, - SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); goto err; } @@ -1377,8 +1366,7 @@ int ssl3_send_server_key_exchange(SSL *s) { encodedPoint = (uint8_t *)OPENSSL_malloc(encodedlen * sizeof(uint8_t)); bn_ctx = BN_CTX_new(); if (encodedPoint == NULL || bn_ctx == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1387,7 +1375,7 @@ int ssl3_send_server_key_exchange(SSL *s) { encodedPoint, encodedlen, bn_ctx); if (encodedlen == 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, ERR_R_ECDH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ECDH_LIB); goto err; } @@ -1407,8 +1395,7 @@ int ssl3_send_server_key_exchange(SSL *s) { r[3] = NULL; } else if (!(alg_k & SSL_kPSK)) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, - SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); goto f_err; } @@ -1430,7 +1417,7 @@ int ssl3_send_server_key_exchange(SSL *s) { } if (!BUF_MEM_grow_clean(buf, n + SSL_HM_HEADER_LENGTH(s) + kn)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, ERR_LIB_BUF); + OPENSSL_PUT_ERROR(SSL, ERR_LIB_BUF); goto err; } d = p = ssl_handshake_start(s); @@ -1482,8 +1469,7 @@ int ssl3_send_server_key_exchange(SSL *s) { if (!tls12_get_sigandhash(s, p, md)) { /* Should never happen */ al = SSL_AD_INTERNAL_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto f_err; } p += 2; @@ -1500,7 +1486,7 @@ int ssl3_send_server_key_exchange(SSL *s) { SSL3_RANDOM_SIZE) || !EVP_DigestSignUpdate(&md_ctx, d, n) || !EVP_DigestSignFinal(&md_ctx, &p[2], &sig_len)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_server_key_exchange, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP); goto err; } @@ -1569,7 +1555,7 @@ int ssl3_send_certificate_request(SSL *s) { name = sk_X509_NAME_value(sk, i); j = i2d_X509_NAME(name, NULL); if (!BUF_MEM_grow_clean(buf, SSL_HM_HEADER_LENGTH(s) + n + j + 2)) { - OPENSSL_PUT_ERROR(SSL, ssl3_send_certificate_request, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto err; } p = ssl_handshake_start(s) + n; @@ -1640,30 +1626,27 @@ int ssl3_get_client_key_exchange(SSL *s) { * then this is the only field in the message. */ if (!CBS_get_u16_length_prefixed(&client_key_exchange, &psk_identity) || ((alg_k & SSL_kPSK) && CBS_len(&client_key_exchange) != 0)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); al = SSL_AD_DECODE_ERROR; goto f_err; } if (s->psk_server_callback == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_PSK_NO_SERVER_CB); + OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_NO_SERVER_CB); al = SSL_AD_INTERNAL_ERROR; goto f_err; } if (CBS_len(&psk_identity) > PSK_MAX_IDENTITY_LEN || CBS_contains_zero_byte(&psk_identity)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_DATA_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG); al = SSL_AD_ILLEGAL_PARAMETER; goto f_err; } if (!CBS_strdup(&psk_identity, &s->session->psk_identity)) { al = SSL_AD_INTERNAL_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto f_err; } @@ -1671,14 +1654,12 @@ int ssl3_get_client_key_exchange(SSL *s) { psk_len = s->psk_server_callback(s, s->session->psk_identity, psk, sizeof(psk)); if (psk_len > PSK_MAX_PSK_LEN) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); al = SSL_AD_INTERNAL_ERROR; goto f_err; } else if (psk_len == 0) { /* PSK related to the given identity not found */ - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_PSK_IDENTITY_NOT_FOUND); + OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_NOT_FOUND); al = SSL_AD_UNKNOWN_PSK_IDENTITY; goto f_err; } @@ -1695,8 +1676,7 @@ int ssl3_get_client_key_exchange(SSL *s) { pkey = s->cert->privatekey; if (pkey == NULL || pkey->type != EVP_PKEY_RSA || pkey->pkey.rsa == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_MISSING_RSA_CERTIFICATE); + OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_RSA_CERTIFICATE); goto f_err; } rsa = pkey->pkey.rsa; @@ -1709,8 +1689,7 @@ int ssl3_get_client_key_exchange(SSL *s) { CBS_len(&client_key_exchange) != 0) { if (!(s->options & SSL_OP_TLS_D5_BUG)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); goto f_err; } else { encrypted_premaster_secret = copy; @@ -1727,8 +1706,7 @@ int ssl3_get_client_key_exchange(SSL *s) { rsa_size = RSA_size(rsa); if (rsa_size < SSL_MAX_MASTER_KEY_LENGTH) { al = SSL_AD_DECRYPT_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_DECRYPTION_FAILED); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECRYPTION_FAILED); goto f_err; } @@ -1744,8 +1722,7 @@ int ssl3_get_client_key_exchange(SSL *s) { /* Allocate a buffer large enough for an RSA decryption. */ decrypt_buf = OPENSSL_malloc(rsa_size); if (decrypt_buf == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1759,8 +1736,7 @@ int ssl3_get_client_key_exchange(SSL *s) { if (decrypt_len != rsa_size) { /* This should never happen, but do a check so we do not read * uninitialized memory. */ - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } @@ -1783,8 +1759,7 @@ int ssl3_get_client_key_exchange(SSL *s) { BUF_memdup(decrypt_buf + (rsa_size - SSL_MAX_MASTER_KEY_LENGTH), SSL_MAX_MASTER_KEY_LENGTH); if (premaster_secret == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } OPENSSL_free(decrypt_buf); @@ -1815,38 +1790,35 @@ int ssl3_get_client_key_exchange(SSL *s) { if (!CBS_get_u16_length_prefixed(&client_key_exchange, &dh_Yc) || CBS_len(&dh_Yc) == 0 || CBS_len(&client_key_exchange) != 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); al = SSL_R_DECODE_ERROR; goto f_err; } if (s->s3->tmp.dh == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_MISSING_TMP_DH_KEY); + OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_TMP_DH_KEY); goto f_err; } dh_srvr = s->s3->tmp.dh; pub = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL); if (pub == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, SSL_R_BN_LIB); + OPENSSL_PUT_ERROR(SSL, SSL_R_BN_LIB); goto err; } /* Allocate a buffer for the premaster secret. */ premaster_secret = OPENSSL_malloc(DH_size(dh_srvr)); if (premaster_secret == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); BN_clear_free(pub); goto err; } dh_len = DH_compute_key(premaster_secret, pub, dh_srvr); if (dh_len <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); BN_clear_free(pub); goto err; } @@ -1867,8 +1839,7 @@ int ssl3_get_client_key_exchange(SSL *s) { /* initialize structures for server's ECDH key pair */ srvr_ecdh = EC_KEY_new(); if (srvr_ecdh == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1881,15 +1852,14 @@ int ssl3_get_client_key_exchange(SSL *s) { if (!EC_KEY_set_group(srvr_ecdh, group) || !EC_KEY_set_private_key(srvr_ecdh, priv_key)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_EC_LIB); goto err; } /* Let's get client's public key */ clnt_ecpoint = EC_POINT_new(group); if (clnt_ecpoint == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1898,35 +1868,33 @@ int ssl3_get_client_key_exchange(SSL *s) { if (!CBS_get_u8_length_prefixed(&client_key_exchange, &ecdh_Yc) || CBS_len(&client_key_exchange) != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } bn_ctx = BN_CTX_new(); if (bn_ctx == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_oct2point(group, clnt_ecpoint, CBS_data(&ecdh_Yc), CBS_len(&ecdh_Yc), bn_ctx)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_EC_LIB); goto err; } /* Allocate a buffer for both the secret and the PSK. */ field_size = EC_GROUP_get_degree(group); if (field_size <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, ERR_R_ECDH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ECDH_LIB); goto err; } ecdh_len = (field_size + 7) / 8; premaster_secret = OPENSSL_malloc(ecdh_len); if (premaster_secret == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1934,7 +1902,7 @@ int ssl3_get_client_key_exchange(SSL *s) { ecdh_len = ECDH_compute_key(premaster_secret, ecdh_len, clnt_ecpoint, srvr_ecdh, NULL); if (ecdh_len <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, ERR_R_ECDH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ECDH_LIB); goto err; } @@ -1956,15 +1924,13 @@ int ssl3_get_client_key_exchange(SSL *s) { premaster_secret_len = psk_len; premaster_secret = OPENSSL_malloc(premaster_secret_len); if (premaster_secret == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } memset(premaster_secret, 0, premaster_secret_len); } else { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - SSL_R_UNKNOWN_CIPHER_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CIPHER_TYPE); goto f_err; } @@ -1982,8 +1948,7 @@ int ssl3_get_client_key_exchange(SSL *s) { !CBB_add_u16_length_prefixed(&new_premaster, &child) || !CBB_add_bytes(&child, psk, psk_len) || !CBB_finish(&new_premaster, &new_data, &new_len)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); CBB_cleanup(&new_premaster); goto err; } @@ -2063,8 +2028,7 @@ int ssl3_get_cert_verify(SSL *s) { if (!(X509_certificate_type(peer, pkey) & EVP_PKT_SIGN) || (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_EC)) { al = SSL_AD_UNSUPPORTED_CERTIFICATE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_cert_verify, - SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE); goto f_err; } @@ -2095,7 +2059,7 @@ int ssl3_get_cert_verify(SSL *s) { if (!CBS_get_u16_length_prefixed(&certificate_verify, &signature) || CBS_len(&certificate_verify) != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_cert_verify, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } @@ -2108,7 +2072,7 @@ int ssl3_get_cert_verify(SSL *s) { !EVP_PKEY_verify(pctx, CBS_data(&signature), CBS_len(&signature), digest, digest_length)) { al = SSL_AD_DECRYPT_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_cert_verify, SSL_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE); goto f_err; } @@ -2145,15 +2109,14 @@ int ssl3_get_client_certificate(SSL *s) { if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) { if ((s->verify_mode & SSL_VERIFY_PEER) && (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, - SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); + OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); al = SSL_AD_HANDSHAKE_FAILURE; goto f_err; } /* If tls asked for a client cert, the client must return a 0 list */ if (s->version > SSL3_VERSION && s->s3->tmp.cert_request) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, + OPENSSL_PUT_ERROR(SSL, SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST); al = SSL_AD_UNEXPECTED_MESSAGE; goto f_err; @@ -2165,8 +2128,7 @@ int ssl3_get_client_certificate(SSL *s) { if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) { al = SSL_AD_UNEXPECTED_MESSAGE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, - SSL_R_WRONG_MESSAGE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_MESSAGE_TYPE); goto f_err; } @@ -2174,14 +2136,14 @@ int ssl3_get_client_certificate(SSL *s) { sk = sk_X509_new_null(); if (sk == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } if (!CBS_get_u24_length_prefixed(&certificate_msg, &certificate_list) || CBS_len(&certificate_msg) != 0) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } @@ -2191,7 +2153,7 @@ int ssl3_get_client_certificate(SSL *s) { if (!CBS_get_u24_length_prefixed(&certificate_list, &certificate)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto f_err; } @@ -2209,17 +2171,16 @@ int ssl3_get_client_certificate(SSL *s) { x = d2i_X509(NULL, &data, CBS_len(&certificate)); if (x == NULL) { al = SSL_AD_BAD_CERTIFICATE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); goto f_err; } if (data != CBS_data(&certificate) + CBS_len(&certificate)) { al = SSL_AD_DECODE_ERROR; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, - SSL_R_CERT_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_LENGTH_MISMATCH); goto f_err; } if (!sk_X509_push(sk, x)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } x = NULL; @@ -2229,15 +2190,13 @@ int ssl3_get_client_certificate(SSL *s) { /* TLS does not mind 0 certs returned */ if (s->version == SSL3_VERSION) { al = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, - SSL_R_NO_CERTIFICATES_RETURNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATES_RETURNED); goto f_err; } /* Fail for TLS only if we required a certificate */ else if ((s->verify_mode & SSL_VERIFY_PEER) && (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, - SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); + OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); al = SSL_AD_HANDSHAKE_FAILURE; goto f_err; } @@ -2251,8 +2210,7 @@ int ssl3_get_client_certificate(SSL *s) { i = ssl_verify_cert_chain(s, sk); if (i <= 0) { al = ssl_verify_alarm_type(s->verify_result); - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, - SSL_R_CERTIFICATE_VERIFY_FAILED); + OPENSSL_PUT_ERROR(SSL, SSL_R_CERTIFICATE_VERIFY_FAILED); goto f_err; } } @@ -2266,7 +2224,7 @@ int ssl3_get_client_certificate(SSL *s) { if (s->session->sess_cert == NULL) { s->session->sess_cert = ssl_sess_cert_new(); if (s->session->sess_cert == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_client_certificate, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -2443,8 +2401,7 @@ int ssl3_get_next_proto(SSL *s) { /* Clients cannot send a NextProtocol message if we didn't see the extension * in their ClientHello */ if (!s->s3->next_proto_neg_seen) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_next_proto, - SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION); return -1; } @@ -2464,8 +2421,7 @@ int ssl3_get_next_proto(SSL *s) { * TODO(davidben): Is this check now redundant with * SSL3_FLAGS_EXPECT_CCS? */ if (!s->s3->change_cipher_spec) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_next_proto, - SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS); + OPENSSL_PUT_ERROR(SSL, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS); return -1; } @@ -2535,8 +2491,7 @@ int ssl3_get_channel_id(SSL *s) { * * TODO(davidben): Is this check now redundant with SSL3_FLAGS_EXPECT_CCS? */ if (!s->s3->change_cipher_spec) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_channel_id, - SSL_R_GOT_CHANNEL_ID_BEFORE_A_CCS); + OPENSSL_PUT_ERROR(SSL, SSL_R_GOT_CHANNEL_ID_BEFORE_A_CCS); return -1; } @@ -2563,13 +2518,13 @@ int ssl3_get_channel_id(SSL *s) { CBS_len(&encrypted_extensions) != 0 || extension_type != expected_extension_type || CBS_len(&extension) != TLSEXT_CHANNEL_ID_SIZE) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_channel_id, SSL_R_INVALID_MESSAGE); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_MESSAGE); return -1; } p256 = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1); if (!p256) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_channel_id, SSL_R_NO_P256_SUPPORT); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_P256_SUPPORT); return -1; } @@ -2603,8 +2558,7 @@ int ssl3_get_channel_id(SSL *s) { /* We stored the handshake hash in |tlsext_channel_id| the first time that we * were called. */ if (!ECDSA_do_verify(channel_id_hash, channel_id_hash_len, &sig, key)) { - OPENSSL_PUT_ERROR(SSL, ssl3_get_channel_id, - SSL_R_CHANNEL_ID_SIGNATURE_INVALID); + OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID); s->s3->tlsext_channel_id_valid = 0; goto err; } diff --git a/ssl/ssl_aead_ctx.c b/ssl/ssl_aead_ctx.c index c2fba1dc..f2110c68 100644 --- a/ssl/ssl_aead_ctx.c +++ b/ssl/ssl_aead_ctx.c @@ -34,7 +34,7 @@ SSL_AEAD_CTX *SSL_AEAD_CTX_new(enum evp_aead_direction_t direction, const EVP_AEAD *aead; size_t discard; if (!ssl_cipher_get_evp_aead(&aead, &discard, &discard, cipher, version)) { - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_new, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -43,7 +43,7 @@ SSL_AEAD_CTX *SSL_AEAD_CTX_new(enum evp_aead_direction_t direction, /* This is a "stateful" AEAD (for compatibility with pre-AEAD cipher * suites). */ if (mac_key_len + enc_key_len + fixed_iv_len > sizeof(merged_key)) { - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_new, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } memcpy(merged_key, mac_key, mac_key_len); @@ -56,7 +56,7 @@ SSL_AEAD_CTX *SSL_AEAD_CTX_new(enum evp_aead_direction_t direction, SSL_AEAD_CTX *aead_ctx = (SSL_AEAD_CTX *)OPENSSL_malloc(sizeof(SSL_AEAD_CTX)); if (aead_ctx == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return NULL; } memset(aead_ctx, 0, sizeof(SSL_AEAD_CTX)); @@ -76,7 +76,7 @@ SSL_AEAD_CTX *SSL_AEAD_CTX_new(enum evp_aead_direction_t direction, if (fixed_iv_len > sizeof(aead_ctx->fixed_nonce) || fixed_iv_len > aead_ctx->variable_nonce_len) { SSL_AEAD_CTX_free(aead_ctx); - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_new, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } aead_ctx->variable_nonce_len -= fixed_iv_len; @@ -146,7 +146,7 @@ int SSL_AEAD_CTX_open(SSL_AEAD_CTX *aead, uint8_t *out, size_t *out_len, if (aead == NULL) { /* Handle the initial NULL cipher. */ if (in_len > max_out) { - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_open, SSL_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL); return 0; } memmove(out, in, in_len); @@ -161,7 +161,7 @@ int SSL_AEAD_CTX_open(SSL_AEAD_CTX *aead, uint8_t *out, size_t *out_len, size_t overhead = SSL_AEAD_CTX_max_overhead(aead); if (in_len < overhead) { /* Publicly invalid. */ - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_open, SSL_R_BAD_PACKET_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_PACKET_LENGTH); return 0; } plaintext_len = in_len - overhead; @@ -178,7 +178,7 @@ int SSL_AEAD_CTX_open(SSL_AEAD_CTX *aead, uint8_t *out, size_t *out_len, if (aead->variable_nonce_included_in_record) { if (in_len < aead->variable_nonce_len) { /* Publicly invalid. */ - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_open, SSL_R_BAD_PACKET_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_PACKET_LENGTH); return 0; } memcpy(nonce + nonce_len, in, aead->variable_nonce_len); @@ -201,7 +201,7 @@ int SSL_AEAD_CTX_seal(SSL_AEAD_CTX *aead, uint8_t *out, size_t *out_len, if (aead == NULL) { /* Handle the initial NULL cipher. */ if (in_len > max_out) { - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_seal, SSL_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL); return 0; } memmove(out, in, in_len); @@ -235,11 +235,11 @@ int SSL_AEAD_CTX_seal(SSL_AEAD_CTX *aead, uint8_t *out, size_t *out_len, size_t extra_len = 0; if (aead->variable_nonce_included_in_record) { if (max_out < aead->variable_nonce_len) { - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_seal, SSL_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL); return 0; } if (out < in + in_len && in < out + aead->variable_nonce_len) { - OPENSSL_PUT_ERROR(SSL, SSL_AEAD_CTX_seal, SSL_R_OUTPUT_ALIASES_INPUT); + OPENSSL_PUT_ERROR(SSL, SSL_R_OUTPUT_ALIASES_INPUT); return 0; } memcpy(out, nonce + aead->fixed_nonce_len, aead->variable_nonce_len); diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index 531e0d5a..a2b6879e 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -176,14 +176,14 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, for_ticket ? 0 : in->session_id_length) || !CBB_add_asn1(&session, &child, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child, in->master_key, in->master_key_length)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } if (in->time != 0) { if (!CBB_add_asn1(&session, &child, kTimeTag) || !CBB_add_asn1_uint64(&child, in->time)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -191,7 +191,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, if (in->timeout != 0) { if (!CBB_add_asn1(&session, &child, kTimeoutTag) || !CBB_add_asn1_uint64(&child, in->timeout)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -206,7 +206,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, } if (!CBB_add_asn1(&session, &child, kPeerTag) || !CBB_add_space(&child, &buf, len)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } if (buf != NULL && i2d_X509(in->peer, &buf) < 0) { @@ -219,14 +219,14 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, if (!CBB_add_asn1(&session, &child, kSessionIDContextTag) || !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child2, in->sid_ctx, in->sid_ctx_length)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } if (in->verify_result != X509_V_OK) { if (!CBB_add_asn1(&session, &child, kVerifyResultTag) || !CBB_add_asn1_uint64(&child, in->verify_result)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -236,7 +236,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child2, (const uint8_t *)in->tlsext_hostname, strlen(in->tlsext_hostname))) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -246,7 +246,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child2, (const uint8_t *)in->psk_identity, strlen(in->psk_identity))) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -254,7 +254,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, if (in->tlsext_tick_lifetime_hint > 0) { if (!CBB_add_asn1(&session, &child, kTicketLifetimeHintTag) || !CBB_add_asn1_uint64(&child, in->tlsext_tick_lifetime_hint)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -263,7 +263,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, if (!CBB_add_asn1(&session, &child, kTicketTag) || !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child2, in->tlsext_tick, in->tlsext_ticklen)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -272,7 +272,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, if (!CBB_add_asn1(&session, &child, kPeerSHA256Tag) || !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child2, in->peer_sha256, sizeof(in->peer_sha256))) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -282,7 +282,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child2, in->original_handshake_hash, in->original_handshake_hash_len)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -292,7 +292,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child2, in->tlsext_signed_cert_timestamp_list, in->tlsext_signed_cert_timestamp_list_length)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -301,7 +301,7 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, if (!CBB_add_asn1(&session, &child, kOCSPResponseTag) || !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) || !CBB_add_bytes(&child2, in->ocsp_response, in->ocsp_response_length)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -310,13 +310,13 @@ static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data, if (!CBB_add_asn1(&session, &child, kExtendedMasterSecretTag) || !CBB_add_asn1(&child, &child2, CBS_ASN1_BOOLEAN) || !CBB_add_u8(&child2, 0xff)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } if (!CBB_finish(&cbb, out_data, out_len)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_to_bytes_full, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } return 1; @@ -345,7 +345,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, uint8_t **pp) { if (len > INT_MAX) { OPENSSL_free(out); - OPENSSL_PUT_ERROR(SSL, i2d_SSL_SESSION, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); return -1; } @@ -368,17 +368,16 @@ static int SSL_SESSION_parse_string(CBS *cbs, char **out, unsigned tag) { CBS value; int present; if (!CBS_get_optional_asn1_octet_string(cbs, &value, &present, tag)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse_string, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); return 0; } if (present) { if (CBS_contains_zero_byte(&value)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse_string, - SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); return 0; } if (!CBS_strdup(&value, out)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse_string, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -398,13 +397,11 @@ static int SSL_SESSION_parse_octet_string(CBS *cbs, uint8_t **out_ptr, size_t *out_len, unsigned tag) { CBS value; if (!CBS_get_optional_asn1_octet_string(cbs, &value, NULL, tag)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse_octet_string, - SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); return 0; } if (!CBS_stow(&value, out_ptr, out_len)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse_octet_string, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } return 1; @@ -437,7 +434,7 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { kSessionIDContextTag) || !CBS_get_optional_asn1_uint64(&session, &verify_result, kVerifyResultTag, X509_V_OK)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } if (!SSL_SESSION_parse_string(&session, &ret->tlsext_hostname, @@ -448,7 +445,7 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { } if (!CBS_get_optional_asn1_uint64(&session, &ticket_lifetime_hint, kTicketLifetimeHintTag, 0)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } if (!SSL_SESSION_parse_octet_string(&session, &ret->tlsext_tick, @@ -459,7 +456,7 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { &has_peer_sha256, kPeerSHA256Tag) || !CBS_get_optional_asn1_octet_string(&session, &original_handshake_hash, NULL, kOriginalHandshakeHashTag)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } if (!SSL_SESSION_parse_octet_string( @@ -475,44 +472,44 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { kExtendedMasterSecretTag, 0 /* default to false */) || CBS_len(&session) != 0) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } ret->extended_master_secret = extended_master_secret; if (version != SSL_SESSION_ASN1_VERSION) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } /* Only support SSLv3/TLS and DTLS. */ if ((ssl_version >> 8) != SSL3_VERSION_MAJOR && (ssl_version >> 8) != (DTLS1_VERSION >> 8)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_UNKNOWN_SSL_VERSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_SSL_VERSION); goto err; } ret->ssl_version = ssl_version; uint16_t cipher_value; if (!CBS_get_u16(&cipher, &cipher_value) || CBS_len(&cipher) != 0) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_CIPHER_CODE_WRONG_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_CIPHER_CODE_WRONG_LENGTH); goto err; } ret->cipher = SSL_get_cipher_by_value(cipher_value); if (ret->cipher == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_CIPHER); goto err; } if (CBS_len(&session_id) > SSL3_MAX_SSL_SESSION_ID_LENGTH) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } memcpy(ret->session_id, CBS_data(&session_id), CBS_len(&session_id)); ret->session_id_length = CBS_len(&session_id); if (CBS_len(&master_key) > SSL_MAX_MASTER_KEY_LENGTH) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } memcpy(ret->master_key, CBS_data(&master_key), CBS_len(&master_key)); @@ -520,7 +517,7 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { if (session_time > LONG_MAX || timeout > LONG_MAX) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } ret->time = session_time; @@ -536,13 +533,13 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { goto err; } if (ptr != CBS_data(&peer) + CBS_len(&peer)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } } if (CBS_len(&sid_ctx) > sizeof(ret->sid_ctx)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } memcpy(ret->sid_ctx, CBS_data(&sid_ctx), CBS_len(&sid_ctx)); @@ -550,7 +547,7 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { if (verify_result > LONG_MAX || ticket_lifetime_hint > 0xffffffff) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } ret->verify_result = verify_result; @@ -558,7 +555,7 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { if (has_peer_sha256) { if (CBS_len(&peer_sha256) != sizeof(ret->peer_sha256)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } memcpy(ret->peer_sha256, CBS_data(&peer_sha256), sizeof(ret->peer_sha256)); @@ -569,7 +566,7 @@ static SSL_SESSION *SSL_SESSION_parse(CBS *cbs) { if (CBS_len(&original_handshake_hash) > sizeof(ret->original_handshake_hash)) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_parse, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); goto err; } memcpy(ret->original_handshake_hash, CBS_data(&original_handshake_hash), @@ -591,7 +588,7 @@ SSL_SESSION *SSL_SESSION_from_bytes(const uint8_t *in, size_t in_len) { return NULL; } if (CBS_len(&cbs) != 0) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_from_bytes, SSL_R_INVALID_SSL_SESSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); SSL_SESSION_free(ret); return NULL; } @@ -600,7 +597,7 @@ SSL_SESSION *SSL_SESSION_from_bytes(const uint8_t *in, size_t in_len) { SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const uint8_t **pp, long length) { if (length < 0) { - OPENSSL_PUT_ERROR(SSL, d2i_SSL_SESSION, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 50842e7a..6273bcbc 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -151,7 +151,7 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void) { CERT *ssl_cert_new(void) { CERT *ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); if (ret == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_cert_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(CERT)); @@ -162,7 +162,7 @@ CERT *ssl_cert_new(void) { CERT *ssl_cert_dup(CERT *cert) { CERT *ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); if (ret == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(CERT)); @@ -173,13 +173,13 @@ CERT *ssl_cert_dup(CERT *cert) { if (cert->dh_tmp != NULL) { ret->dh_tmp = DHparams_dup(cert->dh_tmp); if (ret->dh_tmp == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_DH_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB); goto err; } if (cert->dh_tmp->priv_key) { BIGNUM *b = BN_dup(cert->dh_tmp->priv_key); if (!b) { - OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BN_LIB); goto err; } ret->dh_tmp->priv_key = b; @@ -187,7 +187,7 @@ CERT *ssl_cert_dup(CERT *cert) { if (cert->dh_tmp->pub_key) { BIGNUM *b = BN_dup(cert->dh_tmp->pub_key); if (!b) { - OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BN_LIB); goto err; } ret->dh_tmp->pub_key = b; @@ -209,7 +209,7 @@ CERT *ssl_cert_dup(CERT *cert) { if (cert->chain) { ret->chain = X509_chain_up_ref(cert->chain); if (!ret->chain) { - OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -351,7 +351,7 @@ SESS_CERT *ssl_sess_cert_new(void) { ret = OPENSSL_malloc(sizeof *ret); if (ret == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_sess_cert_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -418,7 +418,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) { x = sk_X509_value(sk, 0); if (!X509_STORE_CTX_init(&ctx, verify_store, x, sk)) { - OPENSSL_PUT_ERROR(SSL, ssl_verify_cert_chain, ERR_R_X509_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB); return 0; } X509_STORE_CTX_set_ex_data(&ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s); @@ -553,7 +553,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) { in = BIO_new(BIO_s_file()); if (sk == NULL || in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_load_client_CA_file, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -568,7 +568,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) { if (ret == NULL) { ret = sk_X509_NAME_new_null(); if (ret == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_load_client_CA_file, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -624,8 +624,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, in = BIO_new(BIO_s_file()); if (in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_add_file_cert_subjects_to_stack, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -688,8 +687,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, int r; if (strlen(dir) + strlen(filename) + 2 > sizeof(buf)) { - OPENSSL_PUT_ERROR(SSL, SSL_add_dir_cert_subjects_to_stack, - SSL_R_PATH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_PATH_TOO_LONG); goto err; } @@ -701,7 +699,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, } if (errno) { - OPENSSL_PUT_ERROR(SSL, SSL_add_dir_cert_subjects_to_stack, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); ERR_add_error_data(3, "OPENSSL_DIR_read(&ctx, '", dir, "')"); goto err; } @@ -722,7 +720,7 @@ static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) { n = i2d_X509(x, NULL); if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) { - OPENSSL_PUT_ERROR(SSL, ssl_add_cert_to_buf, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); return 0; } p = (uint8_t *)&(buf->data[*l]); @@ -745,7 +743,7 @@ int ssl_add_cert_chain(SSL *ssl, unsigned long *l) { X509_STORE *chain_store; if (x == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_add_cert_chain, SSL_R_NO_CERTIFICATE_SET); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_SET); return 0; } @@ -774,7 +772,7 @@ int ssl_add_cert_chain(SSL *ssl, unsigned long *l) { X509_STORE_CTX xs_ctx; if (!X509_STORE_CTX_init(&xs_ctx, chain_store, x, NULL)) { - OPENSSL_PUT_ERROR(SSL, ssl_add_cert_chain, ERR_R_X509_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB); return 0; } X509_verify_cert(&xs_ctx); diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c index ca0807fc..deecce73 100644 --- a/ssl/ssl_cipher.c +++ b/ssl/ssl_cipher.c @@ -975,7 +975,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); if (!number_uses) { - OPENSSL_PUT_ERROR(SSL, ssl_cipher_strength_sort, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int)); @@ -1037,8 +1037,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, continue; } else if (!(ch >= 'a' && ch <= 'z') && !(ch >= 'A' && ch <= 'Z') && !(ch >= '0' && ch <= '9')) { - OPENSSL_PUT_ERROR(SSL, ssl_cipher_process_rulestr, - SSL_R_UNEXPECTED_OPERATOR_IN_GROUP); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_OPERATOR_IN_GROUP); retval = in_group = 0; break; } else { @@ -1058,7 +1057,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, l++; } else if (ch == '[') { if (in_group) { - OPENSSL_PUT_ERROR(SSL, ssl_cipher_process_rulestr, SSL_R_NESTED_GROUP); + OPENSSL_PUT_ERROR(SSL, SSL_R_NESTED_GROUP); retval = in_group = 0; break; } @@ -1073,8 +1072,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, /* If preference groups are enabled, the only legal operator is +. * Otherwise the in_group bits will get mixed up. */ if (has_group && rule != CIPHER_ADD) { - OPENSSL_PUT_ERROR(SSL, ssl_cipher_process_rulestr, - SSL_R_MIXED_SPECIAL_OPERATOR_WITH_GROUPS); + OPENSSL_PUT_ERROR(SSL, SSL_R_MIXED_SPECIAL_OPERATOR_WITH_GROUPS); retval = in_group = 0; break; } @@ -1106,8 +1104,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, if (buf_len == 0) { /* We hit something we cannot deal with, it is no command or separator * nor alphanumeric, so we call this an error. */ - OPENSSL_PUT_ERROR(SSL, ssl_cipher_process_rulestr, - SSL_R_INVALID_COMMAND); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND); retval = in_group = 0; l++; break; @@ -1161,8 +1158,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, if (buf_len == 8 && !strncmp(buf, "STRENGTH", 8)) { ok = ssl_cipher_strength_sort(head_p, tail_p); } else { - OPENSSL_PUT_ERROR(SSL, ssl_cipher_process_rulestr, - SSL_R_INVALID_COMMAND); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND); } if (ok == 0) { @@ -1182,7 +1178,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, } if (in_group) { - OPENSSL_PUT_ERROR(SSL, ssl_cipher_process_rulestr, SSL_R_INVALID_COMMAND); + OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND); retval = 0; } @@ -1212,7 +1208,7 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method, * allocation. */ co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * kCiphersLen); if (co_list == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_create_cipher_list, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 29f82778..aa621e1c 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -169,7 +169,7 @@ static CRYPTO_EX_DATA_CLASS g_ex_data_class_ssl_ctx = CRYPTO_EX_DATA_CLASS_INIT; int SSL_clear(SSL *ssl) { if (ssl->method == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_clear, SSL_R_NO_METHOD_SPECIFIED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_METHOD_SPECIFIED); return 0; } @@ -244,11 +244,11 @@ SSL *SSL_new(SSL_CTX *ctx) { SSL *s; if (ctx == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_new, SSL_R_NULL_SSL_CTX); + OPENSSL_PUT_ERROR(SSL, SSL_R_NULL_SSL_CTX); return NULL; } if (ctx->method == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_new, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); return NULL; } @@ -358,7 +358,7 @@ SSL *SSL_new(SSL_CTX *ctx) { err: SSL_free(s); - OPENSSL_PUT_ERROR(SSL, SSL_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -366,8 +366,7 @@ err: int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const uint8_t *sid_ctx, unsigned int sid_ctx_len) { if (sid_ctx_len > sizeof ctx->sid_ctx) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_session_id_context, - SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); return 0; } ctx->sid_ctx_length = sid_ctx_len; @@ -379,8 +378,7 @@ int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const uint8_t *sid_ctx, int SSL_set_session_id_context(SSL *ssl, const uint8_t *sid_ctx, unsigned int sid_ctx_len) { if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { - OPENSSL_PUT_ERROR(SSL, SSL_set_session_id_context, - SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); return 0; } ssl->sid_ctx_length = sid_ctx_len; @@ -630,7 +628,7 @@ int SSL_set_fd(SSL *s, int fd) { bio = BIO_new(BIO_s_fd()); if (bio == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_set_fd, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto err; } BIO_set_fd(bio, fd, BIO_NOCLOSE); @@ -650,7 +648,7 @@ int SSL_set_wfd(SSL *s, int fd) { bio = BIO_new(BIO_s_fd()); if (bio == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_set_wfd, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto err; } BIO_set_fd(bio, fd, BIO_NOCLOSE); @@ -674,7 +672,7 @@ int SSL_set_rfd(SSL *s, int fd) { bio = BIO_new(BIO_s_fd()); if (bio == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_set_rfd, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto err; } BIO_set_fd(bio, fd, BIO_NOCLOSE); @@ -800,14 +798,12 @@ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s) { /* Fix this so it checks all the valid key/cert options */ int SSL_CTX_check_private_key(const SSL_CTX *ctx) { if (ctx == NULL || ctx->cert == NULL || ctx->cert->x509 == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_check_private_key, - SSL_R_NO_CERTIFICATE_ASSIGNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); return 0; } if (ctx->cert->privatekey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_check_private_key, - SSL_R_NO_PRIVATE_KEY_ASSIGNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED); return 0; } @@ -817,25 +813,22 @@ int SSL_CTX_check_private_key(const SSL_CTX *ctx) { /* Fix this function so that it takes an optional type parameter */ int SSL_check_private_key(const SSL *ssl) { if (ssl == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_check_private_key, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ssl->cert == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_check_private_key, - SSL_R_NO_CERTIFICATE_ASSIGNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); return 0; } if (ssl->cert->x509 == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_check_private_key, - SSL_R_NO_CERTIFICATE_ASSIGNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); return 0; } if (ssl->cert->privatekey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_check_private_key, - SSL_R_NO_PRIVATE_KEY_ASSIGNED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED); return 0; } @@ -849,7 +842,7 @@ int SSL_accept(SSL *s) { } if (s->handshake_func != s->method->ssl_accept) { - OPENSSL_PUT_ERROR(SSL, SSL_accept, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -863,7 +856,7 @@ int SSL_connect(SSL *s) { } if (s->handshake_func != s->method->ssl_connect) { - OPENSSL_PUT_ERROR(SSL, SSL_connect, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -876,7 +869,7 @@ long SSL_get_default_timeout(const SSL *s) { int SSL_read(SSL *s, void *buf, int num) { if (s->handshake_func == 0) { - OPENSSL_PUT_ERROR(SSL, SSL_read, SSL_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED); return -1; } @@ -891,7 +884,7 @@ int SSL_read(SSL *s, void *buf, int num) { int SSL_peek(SSL *s, void *buf, int num) { if (s->handshake_func == 0) { - OPENSSL_PUT_ERROR(SSL, SSL_peek, SSL_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED); return -1; } @@ -905,13 +898,13 @@ int SSL_peek(SSL *s, void *buf, int num) { int SSL_write(SSL *s, const void *buf, int num) { if (s->handshake_func == 0) { - OPENSSL_PUT_ERROR(SSL, SSL_write, SSL_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED); return -1; } if (s->shutdown & SSL_SENT_SHUTDOWN) { s->rwstate = SSL_NOTHING; - OPENSSL_PUT_ERROR(SSL, SSL_write, SSL_R_PROTOCOL_IS_SHUTDOWN); + OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN); return -1; } @@ -926,7 +919,7 @@ int SSL_shutdown(SSL *s) { * ssl3_shutdown). */ if (s->handshake_func == 0) { - OPENSSL_PUT_ERROR(SSL, SSL_shutdown, SSL_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED); return -1; } @@ -976,7 +969,7 @@ int SSL_shutdown(SSL *s) { int SSL_renegotiate(SSL *ssl) { /* Caller-initiated renegotiation is not supported. */ - OPENSSL_PUT_ERROR(SSL, SSL_renegotiate, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -1197,7 +1190,7 @@ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) { if (sk == NULL) { return 0; } else if (sk_SSL_CIPHER_num(sk) == 0) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_cipher_list, SSL_R_NO_CIPHER_MATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHER_MATCH); return 0; } @@ -1211,8 +1204,7 @@ int SSL_CTX_set_cipher_list_tls11(SSL_CTX *ctx, const char *str) { if (sk == NULL) { return 0; } else if (sk_SSL_CIPHER_num(sk) == 0) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_cipher_list_tls11, - SSL_R_NO_CIPHER_MATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHER_MATCH); return 0; } @@ -1230,7 +1222,7 @@ int SSL_set_cipher_list(SSL *s, const char *str) { if (sk == NULL) { return 0; } else if (sk_SSL_CIPHER_num(sk) == 0) { - OPENSSL_PUT_ERROR(SSL, SSL_set_cipher_list, SSL_R_NO_CIPHER_MATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHER_MATCH); return 0; } @@ -1292,14 +1284,13 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs) { } if (CBS_len(&cipher_suites) % 2 != 0) { - OPENSSL_PUT_ERROR(SSL, ssl_bytes_to_cipher_list, - SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); + OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); return NULL; } sk = sk_SSL_CIPHER_new_null(); if (sk == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_bytes_to_cipher_list, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -1307,7 +1298,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs) { uint16_t cipher_suite; if (!CBS_get_u16(&cipher_suites, &cipher_suite)) { - OPENSSL_PUT_ERROR(SSL, ssl_bytes_to_cipher_list, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); goto err; } @@ -1315,8 +1306,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs) { if (s->s3 && cipher_suite == (SSL3_CK_SCSV & 0xffff)) { /* SCSV is fatal if renegotiating. */ if (s->s3->initial_handshake_complete) { - OPENSSL_PUT_ERROR(SSL, ssl_bytes_to_cipher_list, - SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); + OPENSSL_PUT_ERROR(SSL, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); goto err; } @@ -1329,8 +1319,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs) { uint16_t max_version = ssl3_get_max_server_version(s); if (SSL_IS_DTLS(s) ? (uint16_t)s->version > max_version : (uint16_t)s->version < max_version) { - OPENSSL_PUT_ERROR(SSL, ssl_bytes_to_cipher_list, - SSL_R_INAPPROPRIATE_FALLBACK); + OPENSSL_PUT_ERROR(SSL, SSL_R_INAPPROPRIATE_FALLBACK); ssl3_send_alert(s, SSL3_AL_FATAL, SSL3_AD_INAPPROPRIATE_FALLBACK); goto err; } @@ -1339,7 +1328,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs) { c = SSL_get_cipher_by_value(cipher_suite); if (c != NULL && !sk_SSL_CIPHER_push(sk, c)) { - OPENSSL_PUT_ERROR(SSL, ssl_bytes_to_cipher_list, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -1628,12 +1617,12 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method) { SSL_CTX *ret = NULL; if (method == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_new, SSL_R_NULL_SSL_METHOD_PASSED); + OPENSSL_PUT_ERROR(SSL, SSL_R_NULL_SSL_METHOD_PASSED); return NULL; } if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_new, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); + OPENSSL_PUT_ERROR(SSL, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); goto err; } @@ -1698,7 +1687,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method) { &ret->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST); if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list->ciphers) <= 0) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_new, SSL_R_LIBRARY_HAS_NO_CIPHERS); + OPENSSL_PUT_ERROR(SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS); goto err2; } @@ -1745,7 +1734,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method) { return ret; err: - OPENSSL_PUT_ERROR(SSL, SSL_CTX_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); err2: SSL_CTX_free(ret); return NULL; @@ -2048,7 +2037,7 @@ int SSL_do_handshake(SSL *s) { int ret = 1; if (s->handshake_func == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_do_handshake, SSL_R_CONNECTION_TYPE_NOT_SET); + OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_TYPE_NOT_SET); return -1; } @@ -2177,7 +2166,7 @@ int ssl_init_wbio_buffer(SSL *s, int push) { BIO_reset(bbio); if (!BIO_set_read_buffer_size(bbio, 1)) { - OPENSSL_PUT_ERROR(SSL, ssl_init_wbio_buffer, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); return 0; } @@ -2360,8 +2349,7 @@ void SSL_set_tmp_ecdh_callback(SSL *ssl, int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint) { if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_psk_identity_hint, - SSL_R_DATA_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG); return 0; } @@ -2385,8 +2373,7 @@ int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint) { } if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { - OPENSSL_PUT_ERROR(SSL, SSL_use_psk_identity_hint, - SSL_R_DATA_LENGTH_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG); return 0; } @@ -2521,8 +2508,7 @@ int ssl_ctx_log_rsa_client_key_exchange(SSL_CTX *ctx, } if (encrypted_premaster_len < 8) { - OPENSSL_PUT_ERROR(SSL, ssl_ctx_log_rsa_client_key_exchange, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -2562,7 +2548,7 @@ int ssl_ctx_log_master_secret(SSL_CTX *ctx, const uint8_t *client_random, } if (client_random_len != 32) { - OPENSSL_PUT_ERROR(SSL, ssl_ctx_log_master_secret, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 3c16d8a3..7b6cd753 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -75,7 +75,7 @@ static int is_key_type_supported(int key_type) { int SSL_use_certificate(SSL *ssl, X509 *x) { if (x == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_certificate, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } return ssl_set_cert(ssl->cert, x); @@ -89,12 +89,12 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) { in = BIO_new(BIO_s_file()); if (in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_certificate_file, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - OPENSSL_PUT_ERROR(SSL, SSL_use_certificate_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); goto end; } @@ -106,12 +106,12 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) { x = PEM_read_bio_X509(in, NULL, ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata); } else { - OPENSSL_PUT_ERROR(SSL, SSL_use_certificate_file, SSL_R_BAD_SSL_FILETYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (x == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_certificate_file, reason_code); + OPENSSL_PUT_ERROR(SSL, reason_code); goto end; } @@ -130,7 +130,7 @@ int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *d, int len) { x = d2i_X509(NULL, &d, (long)len); if (x == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_certificate_ASN1, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); return 0; } @@ -144,13 +144,13 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) { int ret; if (rsa == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } pkey = EVP_PKEY_new(); if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_EVP_LIB); return 0; } @@ -165,7 +165,7 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) { static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) { if (!is_key_type_supported(pkey->type)) { - OPENSSL_PUT_ERROR(SSL, ssl_set_pkey, SSL_R_UNKNOWN_CERTIFICATE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); return 0; } @@ -193,12 +193,12 @@ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) { in = BIO_new(BIO_s_file()); if (in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey_file, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); goto end; } @@ -211,12 +211,12 @@ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) { PEM_read_bio_RSAPrivateKey(in, NULL, ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata); } else { - OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey_file, SSL_R_BAD_SSL_FILETYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (rsa == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey_file, reason_code); + OPENSSL_PUT_ERROR(SSL, reason_code); goto end; } ret = SSL_use_RSAPrivateKey(ssl, rsa); @@ -230,7 +230,7 @@ end: int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const uint8_t *der, size_t der_len) { RSA *rsa = RSA_private_key_from_bytes(der, der_len); if (rsa == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey_ASN1, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); return 0; } @@ -243,7 +243,7 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) { int ret; if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_PrivateKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -258,12 +258,12 @@ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) { in = BIO_new(BIO_s_file()); if (in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_PrivateKey_file, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - OPENSSL_PUT_ERROR(SSL, SSL_use_PrivateKey_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); goto end; } @@ -275,12 +275,12 @@ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) { reason_code = ERR_R_ASN1_LIB; pkey = d2i_PrivateKey_bio(in, NULL); } else { - OPENSSL_PUT_ERROR(SSL, SSL_use_PrivateKey_file, SSL_R_BAD_SSL_FILETYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_PrivateKey_file, reason_code); + OPENSSL_PUT_ERROR(SSL, reason_code); goto end; } ret = SSL_use_PrivateKey(ssl, pkey); @@ -299,7 +299,7 @@ int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const uint8_t *d, long len) { p = d; pkey = d2i_PrivateKey(type, NULL, &p, (long)len); if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_use_PrivateKey_ASN1, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); return 0; } @@ -310,8 +310,7 @@ int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const uint8_t *d, long len) { int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) { if (x == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate, - ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -321,12 +320,12 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) { static int ssl_set_cert(CERT *c, X509 *x) { EVP_PKEY *pkey = X509_get_pubkey(x); if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_set_cert, SSL_R_X509_LIB); + OPENSSL_PUT_ERROR(SSL, SSL_R_X509_LIB); return 0; } if (!is_key_type_supported(pkey->type)) { - OPENSSL_PUT_ERROR(SSL, ssl_set_cert, SSL_R_UNKNOWN_CERTIFICATE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); EVP_PKEY_free(pkey); return 0; } @@ -362,12 +361,12 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) { in = BIO_new(BIO_s_file()); if (in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate_file, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); goto end; } @@ -379,13 +378,12 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) { x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata); } else { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate_file, - SSL_R_BAD_SSL_FILETYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (x == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate_file, reason_code); + OPENSSL_PUT_ERROR(SSL, reason_code); goto end; } @@ -403,7 +401,7 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const uint8_t *d) { x = d2i_X509(NULL, &d, (long)len); if (x == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate_ASN1, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); return 0; } @@ -417,14 +415,13 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) { EVP_PKEY *pkey; if (rsa == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey, - ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } pkey = EVP_PKEY_new(); if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_EVP_LIB); return 0; } @@ -443,12 +440,12 @@ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) { in = BIO_new(BIO_s_file()); if (in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey_file, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); goto end; } @@ -460,13 +457,12 @@ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) { rsa = PEM_read_bio_RSAPrivateKey(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata); } else { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey_file, - SSL_R_BAD_SSL_FILETYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (rsa == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey_file, reason_code); + OPENSSL_PUT_ERROR(SSL, reason_code); goto end; } ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa); @@ -481,7 +477,7 @@ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const uint8_t *der, size_t der_len) { RSA *rsa = RSA_private_key_from_bytes(der, der_len); if (rsa == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey_ASN1, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); return 0; } @@ -492,7 +488,7 @@ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const uint8_t *der, int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) { if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_PrivateKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -506,12 +502,12 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) { in = BIO_new(BIO_s_file()); if (in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_PrivateKey_file, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_PrivateKey_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); goto end; } @@ -523,12 +519,12 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) { reason_code = ERR_R_ASN1_LIB; pkey = d2i_PrivateKey_bio(in, NULL); } else { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_PrivateKey_file, SSL_R_BAD_SSL_FILETYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_PrivateKey_file, reason_code); + OPENSSL_PUT_ERROR(SSL, reason_code); goto end; } ret = SSL_CTX_use_PrivateKey(ctx, pkey); @@ -548,7 +544,7 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const uint8_t *d, p = d; pkey = d2i_PrivateKey(type, NULL, &p, (long)len); if (pkey == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_PrivateKey_ASN1, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); return 0; } @@ -570,19 +566,19 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) { in = BIO_new(BIO_s_file()); if (in == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate_chain_file, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate_chain_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); goto end; } x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata); if (x == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate_chain_file, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_PEM_LIB); goto end; } diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 99f6340b..62b5c727 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -196,7 +196,7 @@ SSL_SESSION *SSL_SESSION_new(void) { ss = (SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION)); if (ss == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } memset(ss, 0, sizeof(SSL_SESSION)); @@ -258,8 +258,7 @@ int ssl_get_new_session(SSL *s, int session) { GEN_SESSION_CB cb = def_generate_session_id; if (s->mode & SSL_MODE_NO_SESSION_CREATION) { - OPENSSL_PUT_ERROR(SSL, ssl_get_new_session, - SSL_R_SESSION_MAY_NOT_BE_CREATED); + OPENSSL_PUT_ERROR(SSL, SSL_R_SESSION_MAY_NOT_BE_CREATED); return 0; } @@ -283,8 +282,7 @@ int ssl_get_new_session(SSL *s, int session) { ss->ssl_version = s->version; ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; } else { - OPENSSL_PUT_ERROR(SSL, ssl_get_new_session, - SSL_R_UNSUPPORTED_SSL_VERSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_SSL_VERSION); SSL_SESSION_free(ss); return 0; } @@ -306,8 +304,7 @@ int ssl_get_new_session(SSL *s, int session) { tmp = ss->session_id_length; if (!cb(s, ss->session_id, &tmp)) { /* The callback failed */ - OPENSSL_PUT_ERROR(SSL, ssl_get_new_session, - SSL_R_SSL_SESSION_ID_CALLBACK_FAILED); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED); SSL_SESSION_free(ss); return 0; } @@ -316,8 +313,7 @@ int ssl_get_new_session(SSL *s, int session) { * higher than it was. */ if (!tmp || tmp > ss->session_id_length) { /* The callback set an illegal length */ - OPENSSL_PUT_ERROR(SSL, ssl_get_new_session, - SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH); SSL_SESSION_free(ss); return 0; } @@ -325,8 +321,7 @@ int ssl_get_new_session(SSL *s, int session) { ss->session_id_length = tmp; /* Finally, check for a conflict */ if (SSL_has_matching_session_id(s, ss->session_id, ss->session_id_length)) { - OPENSSL_PUT_ERROR(SSL, ssl_get_new_session, - SSL_R_SSL_SESSION_ID_CONFLICT); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_SESSION_ID_CONFLICT); SSL_SESSION_free(ss); return 0; } @@ -335,7 +330,7 @@ int ssl_get_new_session(SSL *s, int session) { if (s->tlsext_hostname) { ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname); if (ss->tlsext_hostname == NULL) { - OPENSSL_PUT_ERROR(SSL, ssl_get_new_session, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); SSL_SESSION_free(ss); return 0; } @@ -345,7 +340,7 @@ int ssl_get_new_session(SSL *s, int session) { } if (s->sid_ctx_length > sizeof(ss->sid_ctx)) { - OPENSSL_PUT_ERROR(SSL, ssl_get_new_session, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); SSL_SESSION_free(ss); return 0; } @@ -471,8 +466,7 @@ enum ssl_session_result_t ssl_get_prev_session( * like a cache miss (otherwise it would be easy for applications to * effectively disable the session cache by accident without anyone * noticing). */ - OPENSSL_PUT_ERROR(SSL, ssl_get_prev_session, - SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); + OPENSSL_PUT_ERROR(SSL, SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); goto fatal_error; } @@ -674,8 +668,7 @@ X509 *SSL_SESSION_get0_peer(SSL_SESSION *s) { return s->peer; } int SSL_SESSION_set1_id_context(SSL_SESSION *s, const uint8_t *sid_ctx, unsigned int sid_ctx_len) { if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_set1_id_context, - SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); + OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); return 0; } diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c index 2275f16f..8a0b4740 100644 --- a/ssl/ssl_txt.c +++ b/ssl/ssl_txt.c @@ -96,7 +96,7 @@ int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x) { b = BIO_new(BIO_s_file()); if (b == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_SESSION_print_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); return 0; } diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 6bd80c3b..93eb717e 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -238,7 +238,7 @@ int tls1_prf(SSL *s, uint8_t *out, size_t out_len, const uint8_t *secret, /* Allocate a temporary buffer. */ tmp = OPENSSL_malloc(out_len); if (tmp == NULL) { - OPENSSL_PUT_ERROR(SSL, tls1_prf, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } @@ -317,7 +317,7 @@ int tls1_change_cipher_state(SSL *s, int which) { iv_len = s->s3->tmp.new_fixed_iv_len; if (aead == NULL) { - OPENSSL_PUT_ERROR(SSL, tls1_change_cipher_state, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -327,7 +327,7 @@ int tls1_change_cipher_state(SSL *s, int which) { * suites) the key length reported by |EVP_AEAD_key_length| will * include the MAC and IV key bytes. */ if (key_len < mac_secret_len + iv_len) { - OPENSSL_PUT_ERROR(SSL, tls1_change_cipher_state, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } key_len -= mac_secret_len + iv_len; @@ -358,7 +358,7 @@ int tls1_change_cipher_state(SSL *s, int which) { } if (key_data - s->s3->tmp.key_block != s->s3->tmp.key_block_length) { - OPENSSL_PUT_ERROR(SSL, tls1_change_cipher_state, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -406,14 +406,14 @@ int tls1_setup_key_block(SSL *s) { * key length reported by |EVP_AEAD_key_length| will include the MAC key * bytes and initial implicit IV. */ if (key_len < mac_secret_len + fixed_iv_len) { - OPENSSL_PUT_ERROR(SSL, tls1_setup_key_block, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } key_len -= mac_secret_len + fixed_iv_len; } else { /* The nonce is split into a fixed portion and a variable portion. */ if (variable_iv_len < fixed_iv_len) { - OPENSSL_PUT_ERROR(SSL, tls1_setup_key_block, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } variable_iv_len -= fixed_iv_len; @@ -435,7 +435,7 @@ int tls1_setup_key_block(SSL *s) { p = (uint8_t *)OPENSSL_malloc(key_block_len); if (p == NULL) { - OPENSSL_PUT_ERROR(SSL, tls1_setup_key_block, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -464,8 +464,7 @@ err: return ret; cipher_unavailable_err: - OPENSSL_PUT_ERROR(SSL, tls1_setup_key_block, - SSL_R_CIPHER_OR_HASH_UNAVAILABLE); + OPENSSL_PUT_ERROR(SSL, SSL_R_CIPHER_OR_HASH_UNAVAILABLE); return 0; } @@ -488,7 +487,7 @@ int tls1_cert_verify_mac(SSL *s, int md_nid, uint8_t *out) { } if (!d) { - OPENSSL_PUT_ERROR(SSL, tls1_cert_verify_mac, SSL_R_NO_REQUIRED_DIGEST); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_REQUIRED_DIGEST); return 0; } @@ -630,22 +629,21 @@ int tls1_export_keying_material(SSL *s, uint8_t *out, size_t out_len, const uint8_t *context, size_t context_len, int use_context) { if (!s->s3->have_version || s->version == SSL3_VERSION) { - OPENSSL_PUT_ERROR(SSL, tls1_export_keying_material, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } size_t seed_len = 2 * SSL3_RANDOM_SIZE; if (use_context) { if (context_len >= 1u << 16) { - OPENSSL_PUT_ERROR(SSL, tls1_export_keying_material, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); return 0; } seed_len += 2 + context_len; } uint8_t *seed = OPENSSL_malloc(seed_len); if (seed == NULL) { - OPENSSL_PUT_ERROR(SSL, tls1_export_keying_material, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 0503e136..3e4cc295 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -211,8 +211,7 @@ static int tls1_check_duplicate_extensions(const CBS *cbs) { extension_types = (uint16_t *)OPENSSL_malloc(sizeof(uint16_t) * num_extensions); if (extension_types == NULL) { - OPENSSL_PUT_ERROR(SSL, tls1_check_duplicate_extensions, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto done; } @@ -684,21 +683,21 @@ int tls12_check_peer_sigalg(const EVP_MD **out_md, int *out_alert, SSL *s, /* Should never happen */ if (sigalg == -1) { - OPENSSL_PUT_ERROR(SSL, tls12_check_peer_sigalg, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); *out_alert = SSL_AD_INTERNAL_ERROR; return 0; } if (!CBS_get_u8(cbs, &hash) || !CBS_get_u8(cbs, &signature)) { - OPENSSL_PUT_ERROR(SSL, tls12_check_peer_sigalg, SSL_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); *out_alert = SSL_AD_DECODE_ERROR; return 0; } /* Check key type is consistent with signature */ if (sigalg != signature) { - OPENSSL_PUT_ERROR(SSL, tls12_check_peer_sigalg, SSL_R_WRONG_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SIGNATURE_TYPE); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } @@ -714,7 +713,7 @@ int tls12_check_peer_sigalg(const EVP_MD **out_md, int *out_alert, SSL *s, if (s->server && (!tls1_check_curve_id(s, curve_id) || !tls1_check_point_format(s, comp_id))) { - OPENSSL_PUT_ERROR(SSL, tls12_check_peer_sigalg, SSL_R_WRONG_CURVE); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } @@ -730,14 +729,14 @@ int tls12_check_peer_sigalg(const EVP_MD **out_md, int *out_alert, SSL *s, /* Allow fallback to SHA-1. */ if (i == sent_sigslen && hash != TLSEXT_hash_sha1) { - OPENSSL_PUT_ERROR(SSL, tls12_check_peer_sigalg, SSL_R_WRONG_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SIGNATURE_TYPE); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } *out_md = tls12_get_hash(hash); if (*out_md == NULL) { - OPENSSL_PUT_ERROR(SSL, tls12_check_peer_sigalg, SSL_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_DIGEST); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } @@ -1009,8 +1008,7 @@ static int ext_ri_parse_serverhello(SSL *ssl, uint8_t *out_alert, } *out_alert = SSL_AD_HANDSHAKE_FAILURE; - OPENSSL_PUT_ERROR(SSL, ext_ri_parse_serverhello, - SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); return 0; } @@ -1025,16 +1023,14 @@ static int ext_ri_parse_serverhello(SSL *ssl, uint8_t *out_alert, CBS renegotiated_connection; if (!CBS_get_u8_length_prefixed(contents, &renegotiated_connection) || CBS_len(contents) != 0) { - OPENSSL_PUT_ERROR(SSL, ext_ri_parse_serverhello, - SSL_R_RENEGOTIATION_ENCODING_ERR); + OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_ENCODING_ERR); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } /* Check that the extension matches. */ if (CBS_len(&renegotiated_connection) != expected_len) { - OPENSSL_PUT_ERROR(SSL, ext_ri_parse_serverhello, - SSL_R_RENEGOTIATION_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH); *out_alert = SSL_AD_HANDSHAKE_FAILURE; return 0; } @@ -1042,8 +1038,7 @@ static int ext_ri_parse_serverhello(SSL *ssl, uint8_t *out_alert, const uint8_t *d = CBS_data(&renegotiated_connection); if (CRYPTO_memcmp(d, ssl->s3->previous_client_finished, ssl->s3->previous_client_finished_len)) { - OPENSSL_PUT_ERROR(SSL, ext_ri_parse_serverhello, - SSL_R_RENEGOTIATION_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH); *out_alert = SSL_AD_HANDSHAKE_FAILURE; return 0; } @@ -1051,8 +1046,7 @@ static int ext_ri_parse_serverhello(SSL *ssl, uint8_t *out_alert, if (CRYPTO_memcmp(d, ssl->s3->previous_server_finished, ssl->s3->previous_server_finished_len)) { - OPENSSL_PUT_ERROR(SSL, ext_ri_parse_serverhello, - SSL_R_RENEGOTIATION_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } @@ -1088,16 +1082,14 @@ static int ext_ri_parse_clienthello(SSL *ssl, uint8_t *out_alert, if (!CBS_get_u8_length_prefixed(contents, &renegotiated_connection) || CBS_len(contents) != 0) { - OPENSSL_PUT_ERROR(SSL, ext_ri_parse_clienthello, - SSL_R_RENEGOTIATION_ENCODING_ERR); + OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_ENCODING_ERR); return 0; } /* Check that the extension matches */ if (!CBS_mem_equal(&renegotiated_connection, ssl->s3->previous_client_finished, ssl->s3->previous_client_finished_len)) { - OPENSSL_PUT_ERROR(SSL, ext_ri_parse_clienthello, - SSL_R_RENEGOTIATION_MISMATCH); + OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH); *out_alert = SSL_AD_HANDSHAKE_FAILURE; return 0; } @@ -1294,8 +1286,7 @@ static int ext_sigalgs_parse_serverhello(SSL *ssl, uint8_t *out_alert, if (contents != NULL) { /* Servers MUST NOT send this extension. */ *out_alert = SSL_AD_UNSUPPORTED_EXTENSION; - OPENSSL_PUT_ERROR(SSL, ext_sigalgs_parse_serverhello, - SSL_R_SIGNATURE_ALGORITHMS_EXTENSION_SENT_BY_SERVER); + OPENSSL_PUT_ERROR(SSL, SSL_R_SIGNATURE_ALGORITHMS_EXTENSION_SENT_BY_SERVER); return 0; } @@ -1333,8 +1324,7 @@ static int ext_sigalgs_parse_clienthello(SSL *ssl, uint8_t *out_alert, /* It's a fatal error if the signature_algorithms extension is received and * there are no shared algorithms. */ if (ssl->cert->peer_sigalgs && !ssl->cert->shared_sigalgs) { - OPENSSL_PUT_ERROR(SSL, ext_sigalgs_parse_clienthello, - SSL_R_NO_SHARED_SIGATURE_ALGORITHMS); + OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_SIGATURE_ALGORITHMS); *out_alert = SSL_AD_ILLEGAL_PARAMETER; return 0; } @@ -1655,7 +1645,7 @@ uint8_t *ssl_add_clienthello_tlsext(SSL *s, uint8_t *const buf, CBB cbb; if (!CBB_init_fixed(&cbb, ret, limit - ret)) { - OPENSSL_PUT_ERROR(SSL, ssl_add_clienthello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } @@ -1663,7 +1653,7 @@ uint8_t *ssl_add_clienthello_tlsext(SSL *s, uint8_t *const buf, const size_t len_before = CBB_len(&cbb); if (!kExtensions[i].add_clienthello(s, &cbb)) { CBB_cleanup(&cbb); - OPENSSL_PUT_ERROR(SSL, ssl_add_clienthello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } const size_t len_after = CBB_len(&cbb); @@ -1724,7 +1714,7 @@ uint8_t *ssl_add_clienthello_tlsext(SSL *s, uint8_t *const buf, s2n(el, ret); if (!ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) { - OPENSSL_PUT_ERROR(SSL, ssl_add_clienthello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } ret += el; @@ -1747,7 +1737,7 @@ uint8_t *ssl_add_clienthello_tlsext(SSL *s, uint8_t *const buf, return NULL; } if (formats_len > 255) { - OPENSSL_PUT_ERROR(SSL, ssl_add_clienthello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } @@ -1768,7 +1758,7 @@ uint8_t *ssl_add_clienthello_tlsext(SSL *s, uint8_t *const buf, return NULL; } if (curves_len * 2 > 65532) { - OPENSSL_PUT_ERROR(SSL, ssl_add_clienthello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } @@ -1854,7 +1844,7 @@ uint8_t *ssl_add_serverhello_tlsext(SSL *s, uint8_t *const buf, CBB cbb; if (!CBB_init_fixed(&cbb, ret, limit - ret)) { - OPENSSL_PUT_ERROR(SSL, ssl_add_serverhello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } @@ -1867,7 +1857,7 @@ uint8_t *ssl_add_serverhello_tlsext(SSL *s, uint8_t *const buf, if (!kExtensions[i].add_serverhello(s, &cbb)) { CBB_cleanup(&cbb); - OPENSSL_PUT_ERROR(SSL, ssl_add_serverhello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } } @@ -1891,7 +1881,7 @@ uint8_t *ssl_add_serverhello_tlsext(SSL *s, uint8_t *const buf, return NULL; } if (plistlen > 255) { - OPENSSL_PUT_ERROR(SSL, ssl_add_serverhello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } @@ -1916,7 +1906,7 @@ uint8_t *ssl_add_serverhello_tlsext(SSL *s, uint8_t *const buf, s2n(el, ret); if (!ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) { - OPENSSL_PUT_ERROR(SSL, ssl_add_serverhello_tlsext, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return NULL; } ret += el; @@ -2191,8 +2181,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, CBS *cbs) { } if (ssl_check_clienthello_tlsext(s) <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl_parse_clienthello_tlsext, - SSL_R_CLIENTHELLO_TLSEXT); + OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_TLSEXT); return 0; } @@ -2252,8 +2241,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, CBS *cbs, int *out_alert) { if (ext != NULL) { if (!(s->s3->tmp.extensions.sent & (1u << ext_index))) { /* Received an extension that was never sent. */ - OPENSSL_PUT_ERROR(SSL, ssl_scan_serverhello_tlsext, - SSL_R_UNEXPECTED_EXTENSION); + OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION); ERR_add_error_dataf("ext:%u", (unsigned) type); *out_alert = SSL_AD_DECODE_ERROR; return 0; @@ -2411,8 +2399,7 @@ static int ssl_check_serverhello_tlsext(SSL *s) { uint32_t alg_a = s->s3->tmp.new_cipher->algorithm_auth; if (((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA)) && !tls1_check_point_format(s, TLSEXT_ECPOINTFORMAT_uncompressed)) { - OPENSSL_PUT_ERROR(SSL, ssl_check_serverhello_tlsext, - SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); + OPENSSL_PUT_ERROR(SSL, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); return -1; } ret = SSL_TLSEXT_ERR_OK; @@ -2452,8 +2439,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, CBS *cbs) { } if (ssl_check_serverhello_tlsext(s) <= 0) { - OPENSSL_PUT_ERROR(SSL, ssl_parse_serverhello_tlsext, - SSL_R_SERVERHELLO_TLSEXT); + OPENSSL_PUT_ERROR(SSL, SSL_R_SERVERHELLO_TLSEXT); return 0; } |