Clean away extraneous library specific FETCH_FAILED reason codes

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13467)

4 files changed, 19 insertions, 10 deletions

diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index 009f370f97..a70f8bc53c 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -111,6 +111,18 @@ void ossl_statem_set_renegotiate(SSL *s)
     s->statem.request_state = TLS_ST_SW_HELLO_REQ;
 }
 
+void ossl_statem_send_fatal(SSL *s, int al)
+{
+    /* We shouldn't call SSLfatal() twice. Once is enough */
+    if (s->statem.in_init && s->statem.state == MSG_FLOW_ERROR)
+      return;
+    s->statem.in_init = 1;
+    s->statem.state = MSG_FLOW_ERROR;
+    if (al != SSL_AD_NO_ALERT
+            && s->statem.enc_write_state != ENC_WRITE_STATE_INVALID)
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+}
+
 /*
  * Error reporting building block that's used instead of ERR_set_error().
  * In addition to what ERR_set_error() does, this puts the state machine
@@ -125,14 +137,7 @@ void ossl_statem_fatal(SSL *s, int al, int reason, const char *fmt, ...)
     ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
     va_end(args);
 
-    /* We shouldn't call SSLfatal() twice. Once is enough */
-    if (s->statem.in_init && s->statem.state == MSG_FLOW_ERROR)
-      return;
-    s->statem.in_init = 1;
-    s->statem.state = MSG_FLOW_ERROR;
-    if (al != SSL_AD_NO_ALERT
-            && s->statem.enc_write_state != ENC_WRITE_STATE_INVALID)
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    ossl_statem_send_fatal(s, al);
 }
 
 /*
diff --git a/ssl/statem/statem.h b/ssl/statem/statem.h
index 72d10dffcf..d435cfe704 100644
--- a/ssl/statem/statem.h
+++ b/ssl/statem/statem.h
@@ -132,8 +132,10 @@ __owur int ossl_statem_accept(SSL *s);
 __owur int ossl_statem_connect(SSL *s);
 void ossl_statem_clear(SSL *s);
 void ossl_statem_set_renegotiate(SSL *s);
+void ossl_statem_send_fatal(SSL *s, int al);
 void ossl_statem_fatal(SSL *s, int al, int reason, const char *fmt, ...);
 # define SSL_AD_NO_ALERT    -1
+# define SSLfatal_alert(s, al) ossl_statem_send_fatal((s), (al))
 # define SSLfatal(s, al, r) SSLfatal_data((s), (al), (r), NULL)
 # define SSLfatal_data                                          \
     (ERR_new(),                                                 \
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 875ea59589..045db8265e 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2557,7 +2557,8 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt)
      */
     sha256 = EVP_MD_fetch(s->ctx->libctx, "SHA2-256", s->ctx->propq);
     if (sha256 == NULL) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_ALGORITHM_FETCH_FAILED);
+        /* Error is already recorded */
+        SSLfatal_alert(s, SSL_AD_INTERNAL_ERROR);
         goto err;
     }
     /*
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index cc09a23960..597456ae83 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3776,7 +3776,8 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
                                               s->ctx->propq);
 
         if (cipher == NULL) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_ALGORITHM_FETCH_FAILED);
+            /* Error is already recorded */
+            SSLfatal_alert(s, SSL_AD_INTERNAL_ERROR);
             goto err;
         }