Replace some usage of SSLerr with SSLfatal()

This is an initial step towards using SSLfatal() everywhere. Initially in this commit and in subsequent commits we focus on the state machine code. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4778)
author: Matt Caswell <matt@openssl.org> 2017-11-23 16:25:05 +0000
committer: Matt Caswell <matt@openssl.org> 2017-12-04 13:31:48 +0000
commit: 4752c5deb20cae92a7146c4b89ad41045a041970 (patch)
tree: c83fce04d1abd189ec50f687afb8f8d1a9ad6a4c /ssl
parent: 1f359471f9eebab29fe2b0e8bf0e0f7b93f3bc26 (diff)
2 files changed, 8 insertions, 8 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 02e0598dc2..f080f8a64e 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -298,7 +298,8 @@ int ssl3_init_finished_mac(SSL *s)
     BIO *buf = BIO_new(BIO_s_mem());
 
     if (buf == NULL) {
-        SSLerr(SSL_F_SSL3_INIT_FINISHED_MAC, ERR_R_MALLOC_FAILURE);
+        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_INIT_FINISHED_MAC,
+                 ERR_R_MALLOC_FAILURE);
         return 0;
     }
     ssl3_free_digest_list(s);
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index cb1fb7d3dc..cc6dbd6e8d 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -86,8 +86,8 @@ int tls_setup_handshake(SSL *s)
          * ClientHello.
          */
         if (ssl_get_min_max_version(s, &ver_min, &ver_max) != 0) {
-            SSLerr(SSL_F_TLS_SETUP_HANDSHAKE, ERR_R_INTERNAL_ERROR);
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_SETUP_HANDSHAKE,
+                     ERR_R_INTERNAL_ERROR);
             return 0;
         }
         for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
@@ -104,10 +104,10 @@ int tls_setup_handshake(SSL *s)
                 break;
         }
         if (!ok) {
-            SSLerr(SSL_F_TLS_SETUP_HANDSHAKE, SSL_R_NO_CIPHERS_AVAILABLE);
+            SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
+                     SSL_R_NO_CIPHERS_AVAILABLE);
             ERR_add_error_data(1, "No ciphers enabled for max supported "
                                   "SSL/TLS version");
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
             return 0;
         }
         if (SSL_IS_FIRST_HANDSHAKE(s)) {
@@ -125,9 +125,8 @@ int tls_setup_handshake(SSL *s)
              * Server attempting to renegotiate with client that doesn't
              * support secure renegotiation.
              */
-            SSLerr(SSL_F_TLS_SETUP_HANDSHAKE,
-                   SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+            SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
+                     SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
             return 0;
         } else {
             /* N.B. s->ctx may not equal s->session_ctx */
author	Matt Caswell <matt@openssl.org>	2017-11-23 16:25:05 +0000
committer	Matt Caswell <matt@openssl.org>	2017-12-04 13:31:48 +0000
commit	4752c5deb20cae92a7146c4b89ad41045a041970 (patch)
tree	c83fce04d1abd189ec50f687afb8f8d1a9ad6a4c /ssl
parent	1f359471f9eebab29fe2b0e8bf0e0f7b93f3bc26 (diff)