diff options
author | Richard Levitte <levitte@openssl.org> | 2020-11-04 12:18:33 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-11-11 12:12:11 +0100 |
commit | 6849b73ccc38ea95e4b9d50b01e1c94f5ce8bca7 (patch) | |
tree | 2e5ab6caac3ebc00a6b9fba694aefd666d439799 /ssl | |
parent | 9787b5b81fd9ca41427fa7b89de4d9518e988f6a (diff) |
Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/bio_ssl.c | 2 | ||||
-rw-r--r-- | ssl/d1_lib.c | 40 | ||||
-rw-r--r-- | ssl/d1_msg.c | 5 | ||||
-rw-r--r-- | ssl/d1_srtp.c | 12 | ||||
-rw-r--r-- | ssl/pqueue.c | 4 | ||||
-rw-r--r-- | ssl/record/rec_layer_d1.c | 2 | ||||
-rw-r--r-- | ssl/s3_lib.c | 42 | ||||
-rw-r--r-- | ssl/s3_msg.c | 2 | ||||
-rw-r--r-- | ssl/ssl_asn1.c | 8 | ||||
-rw-r--r-- | ssl/ssl_cert.c | 52 | ||||
-rw-r--r-- | ssl/ssl_ciph.c | 36 | ||||
-rw-r--r-- | ssl/ssl_conf.c | 6 | ||||
-rw-r--r-- | ssl/ssl_init.c | 2 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 224 | ||||
-rw-r--r-- | ssl/ssl_mcnf.c | 8 | ||||
-rw-r--r-- | ssl/ssl_rsa.c | 157 | ||||
-rw-r--r-- | ssl/ssl_sess.c | 14 | ||||
-rw-r--r-- | ssl/ssl_txt.c | 2 | ||||
-rw-r--r-- | ssl/statem/statem.c | 2 | ||||
-rw-r--r-- | ssl/statem/statem_clnt.c | 5 | ||||
-rw-r--r-- | ssl/statem/statem_dtls.c | 6 | ||||
-rw-r--r-- | ssl/statem/statem_lib.c | 6 | ||||
-rw-r--r-- | ssl/t1_enc.c | 8 | ||||
-rw-r--r-- | ssl/t1_lib.c | 48 | ||||
-rw-r--r-- | ssl/tls13_enc.c | 6 | ||||
-rw-r--r-- | ssl/tls_depr.c | 5 | ||||
-rw-r--r-- | ssl/tls_srp.c | 6 |
27 files changed, 340 insertions, 370 deletions
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c index ce8d148cb9..033781fcf5 100644 --- a/ssl/bio_ssl.c +++ b/ssl/bio_ssl.c @@ -58,7 +58,7 @@ static int ssl_new(BIO *bi) BIO_SSL *bs = OPENSSL_zalloc(sizeof(*bs)); if (bs == NULL) { - BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); return 0; } BIO_set_init(bi, 0); diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index f30a685150..75a251b303 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -471,7 +471,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) wbio = SSL_get_wbio(s); if (!rbio || !wbio) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BIO_NOT_SET); + ERR_raise(ERR_LIB_SSL, SSL_R_BIO_NOT_SET); return -1; } @@ -483,7 +483,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * SSL_accept) */ if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNSUPPORTED_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_UNSUPPORTED_SSL_VERSION); return -1; } @@ -522,7 +522,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) } if (!PACKET_buf_init(&pkt, buf, n)) { - SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -537,7 +537,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) /* this packet contained a partial record, dump it */ if (n < DTLS1_RT_HEADER_LENGTH) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_RECORD_TOO_SMALL); + ERR_raise(ERR_LIB_SSL, SSL_R_RECORD_TOO_SMALL); goto end; } @@ -548,12 +548,12 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) /* Get the record header */ if (!PACKET_get_1(&pkt, &rectype) || !PACKET_get_1(&pkt, &versmajor)) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } if (rectype != SSL3_RT_HANDSHAKE) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE); goto end; } @@ -562,7 +562,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * the same. */ if (versmajor != DTLS1_VERSION_MAJOR) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BAD_PROTOCOL_VERSION_NUMBER); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_PROTOCOL_VERSION_NUMBER); goto end; } @@ -570,7 +570,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) /* Save the sequence number: 64 bits, with top 2 bytes = epoch */ || !PACKET_copy_bytes(&pkt, seq, SEQ_NUM_SIZE) || !PACKET_get_length_prefixed_2(&pkt, &msgpkt)) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } reclen = PACKET_remaining(&msgpkt); @@ -581,7 +581,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) /* This is an initial ClientHello so the epoch has to be 0 */ if (seq[0] != 0 || seq[1] != 0) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE); goto end; } @@ -596,18 +596,18 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) || !PACKET_get_net_3_len(&msgpkt, &fraglen) || !PACKET_get_sub_packet(&msgpkt, &msgpayload, fraglen) || PACKET_remaining(&msgpkt) != 0) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } if (msgtype != SSL3_MT_CLIENT_HELLO) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE); goto end; } /* Message sequence number can only be 0 or 1 */ if (msgseq > 2) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_INVALID_SEQUENCE_NUMBER); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SEQUENCE_NUMBER); goto end; } @@ -620,7 +620,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) */ if (fragoff != 0 || fraglen > msglen) { /* Non initial ClientHello fragment (or bad fragment) */ - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_FRAGMENTED_CLIENT_HELLO); + ERR_raise(ERR_LIB_SSL, SSL_R_FRAGMENTED_CLIENT_HELLO); goto end; } @@ -630,7 +630,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) s->msg_callback_arg); if (!PACKET_get_net_2(&msgpayload, &clientvers)) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } @@ -639,7 +639,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) */ if (DTLS_VERSION_LT(clientvers, (unsigned int)s->method->version) && s->method->version != DTLS_ANY_VERSION) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_WRONG_VERSION_NUMBER); + ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_VERSION_NUMBER); goto end; } @@ -650,7 +650,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * Could be malformed or the cookie does not fit within the initial * ClientHello fragment. Either way we can't handle it. */ - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } @@ -665,7 +665,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * We have a cookie, so lets check it. */ if (s->ctx->app_verify_cookie_cb == NULL) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_NO_VERIFY_COOKIE_CALLBACK); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_VERIFY_COOKIE_CALLBACK); /* This is fatal */ return -1; } @@ -697,7 +697,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) if (s->ctx->app_gen_cookie_cb == NULL || s->ctx->app_gen_cookie_cb(s, cookie, &cookielen) == 0 || cookielen > 255) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_COOKIE_GEN_CALLBACK_FAILURE); + ERR_raise(ERR_LIB_SSL, SSL_R_COOKIE_GEN_CALLBACK_FAILURE); /* This is fatal */ return -1; } @@ -760,7 +760,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) || !WPACKET_close(&wpkt) || !WPACKET_get_total_written(&wpkt, &wreclen) || !WPACKET_finish(&wpkt)) { - SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); WPACKET_cleanup(&wpkt); /* This is fatal */ return -1; @@ -782,7 +782,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) DTLS1_RT_HEADER_LENGTH, s, s->msg_callback_arg); if ((tmpclient = BIO_ADDR_new()) == NULL) { - SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto end; } diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c index 96741efd7c..b215fee3a5 100644 --- a/ssl/d1_msg.c +++ b/ssl/d1_msg.c @@ -19,14 +19,13 @@ int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, size_t len, if (i < 0) return i; if (i == 0) { - SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, - SSL_R_SSL_HANDSHAKE_FAILURE); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; } } if (len > SSL3_RT_MAX_PLAIN_LENGTH) { - SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, SSL_R_DTLS_MESSAGE_TOO_BIG); + ERR_raise(ERR_LIB_SSL, SSL_R_DTLS_MESSAGE_TOO_BIG); return -1; } diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index 87fb4a243d..2300753382 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -68,8 +68,7 @@ static int ssl_ctx_make_profiles(const char *profiles_string, SRTP_PROTECTION_PROFILE *p; if ((profiles = sk_SRTP_PROTECTION_PROFILE_new_null()) == NULL) { - SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, - SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); + ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); return 1; } @@ -79,19 +78,16 @@ static int ssl_ctx_make_profiles(const char *profiles_string, if (!find_profile_by_name(ptr, &p, col ? (size_t)(col - ptr) : strlen(ptr))) { if (sk_SRTP_PROTECTION_PROFILE_find(profiles, p) >= 0) { - SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, - SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); goto err; } if (!sk_SRTP_PROTECTION_PROFILE_push(profiles, p)) { - SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, - SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); + ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); goto err; } } else { - SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, - SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); + ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); goto err; } diff --git a/ssl/pqueue.c b/ssl/pqueue.c index 2e9ceeccd9..53f295feaa 100644 --- a/ssl/pqueue.c +++ b/ssl/pqueue.c @@ -20,7 +20,7 @@ pitem *pitem_new(unsigned char *prio64be, void *data) pitem *item = OPENSSL_malloc(sizeof(*item)); if (item == NULL) { - SSLerr(SSL_F_PITEM_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -40,7 +40,7 @@ pqueue *pqueue_new(void) pqueue *pq = OPENSSL_zalloc(sizeof(*pq)); if (pq == NULL) - SSLerr(SSL_F_PQUEUE_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return pq; } diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 605afb7db6..ca9029f071 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -21,7 +21,7 @@ int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl) DTLS_RECORD_LAYER *d; if ((d = OPENSSL_malloc(sizeof(*d))) == NULL) { - SSLerr(SSL_F_DTLS_RECORD_LAYER_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 073fae49b0..f74b0dcf74 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3457,17 +3457,17 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) DH *dh = (DH *)parg; EVP_PKEY *pkdh = NULL; if (dh == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } pkdh = ssl_dh_to_pkey(dh); if (pkdh == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(pkdh), 0, pkdh)) { - SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL); + ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL); EVP_PKEY_free(pkdh); return 0; } @@ -3478,7 +3478,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) break; case SSL_CTRL_SET_TMP_DH_CB: { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return ret; } case SSL_CTRL_SET_DH_AUTO: @@ -3492,12 +3492,12 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) int nid; if (parg == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } group = EC_KEY_get0_group((const EC_KEY *)parg); if (group == NULL) { - SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS); + ERR_raise(ERR_LIB_SSL, EC_R_MISSING_PARAMETERS); return 0; } nid = EC_GROUP_get_curve_name(group); @@ -3530,15 +3530,15 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) break; len = strlen((char *)parg); if (len == 0 || len > TLSEXT_MAXLEN_host_name) { - SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); return 0; } if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } } else { - SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); return 0; } break; @@ -3808,17 +3808,17 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) DH *dh = (DH *)parg; EVP_PKEY *pkdh = NULL; if (dh == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } pkdh = ssl_dh_to_pkey(dh); if (pkdh == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(pkdh), 0, pkdh)) { - SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); + ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL); EVP_PKEY_free(pkdh); return 0; } @@ -3828,7 +3828,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) } case SSL_CTRL_SET_TMP_DH_CB: { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } case SSL_CTRL_SET_DH_AUTO: @@ -3842,12 +3842,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) int nid; if (parg == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } group = EC_KEY_get0_group((const EC_KEY *)parg); if (group == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS); + ERR_raise(ERR_LIB_SSL, EC_R_MISSING_PARAMETERS); return 0; } nid = EC_GROUP_get_curve_name(group); @@ -3871,7 +3871,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) if (keys == NULL) return tick_keylen; if (larg != tick_keylen) { - SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH); return 0; } if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { @@ -3925,11 +3925,11 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) if (parg == NULL) break; if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) { - SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME); return 0; } if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } break; @@ -3939,7 +3939,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) if (ctx->srp_ctx.info != NULL) OPENSSL_free(ctx->srp_ctx.info); if ((ctx->srp_ctx.info = OPENSSL_strdup((char *)parg)) == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } break; @@ -3993,12 +3993,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_EXTRA_CHAIN_CERT: if (ctx->extra_certs == NULL) { if ((ctx->extra_certs = sk_X509_new_null()) == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } } if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } break; diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c index 7c021c175a..68ae520067 100644 --- a/ssl/s3_msg.c +++ b/ssl/s3_msg.c @@ -21,7 +21,7 @@ int ssl3_do_change_cipher_spec(SSL *s) if (s->s3.tmp.key_block == NULL) { if (s->session == NULL || s->session->master_key_length == 0) { /* might happen if dtls1_read_bytes() calls this */ - SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY); + ERR_raise(ERR_LIB_SSL, SSL_R_CCS_RECEIVED_EARLY); return 0; } diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index b5c6654e92..d4cb6d4ddf 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -259,21 +259,21 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, } if (as->version != SSL_SESSION_ASN1_VERSION) { - SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_SSL_VERSION); goto err; } if ((as->ssl_version >> 8) != SSL3_VERSION_MAJOR && (as->ssl_version >> 8) != DTLS1_VERSION_MAJOR && as->ssl_version != DTLS1_BAD_VER) { - SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_UNSUPPORTED_SSL_VERSION); goto err; } ret->ssl_version = (int)as->ssl_version; if (as->cipher->length != 2) { - SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_CIPHER_CODE_WRONG_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_CIPHER_CODE_WRONG_LENGTH); goto err; } @@ -339,7 +339,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, #ifndef OPENSSL_NO_COMP if (as->comp_id) { if (as->comp_id->length != 1) { - SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); goto err; } ret->compress_meth = as->comp_id->data[0]; diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index c1e26bd3b4..f851fa67ee 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -53,7 +53,7 @@ CERT *ssl_cert_new(void) CERT *ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { - SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -64,7 +64,7 @@ CERT *ssl_cert_new(void) ret->sec_ex = NULL; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(ret); return NULL; } @@ -78,7 +78,7 @@ CERT *ssl_cert_dup(CERT *cert) int i; if (ret == NULL) { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -86,7 +86,7 @@ CERT *ssl_cert_dup(CERT *cert) ret->key = &ret->pkeys[cert->key - cert->pkeys]; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(ret); return NULL; } @@ -115,7 +115,7 @@ CERT *ssl_cert_dup(CERT *cert) if (cpk->chain) { rpk->chain = X509_chain_up_ref(cpk->chain); if (!rpk->chain) { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -124,7 +124,7 @@ CERT *ssl_cert_dup(CERT *cert) ret->pkeys[i].serverinfo = OPENSSL_malloc(cert->pkeys[i].serverinfo_length); if (ret->pkeys[i].serverinfo == NULL) { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } ret->pkeys[i].serverinfo_length = cert->pkeys[i].serverinfo_length; @@ -262,7 +262,7 @@ int ssl_cert_set0_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain) r = ssl_security_cert(s, ctx, x, 0, 0); if (r != 1) { - SSLerr(SSL_F_SSL_CERT_SET0_CHAIN, r); + ERR_raise(ERR_LIB_SSL, r); return 0; } } @@ -294,7 +294,7 @@ int ssl_cert_add0_chain_cert(SSL *s, SSL_CTX *ctx, X509 *x) return 0; r = ssl_security_cert(s, ctx, x, 0, 0); if (r != 1) { - SSLerr(SSL_F_SSL_CERT_ADD0_CHAIN_CERT, r); + ERR_raise(ERR_LIB_SSL, r); return 0; } if (!cpk->chain) @@ -382,13 +382,13 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) ctx = X509_STORE_CTX_new_ex(s->ctx->libctx, s->ctx->propq); if (ctx == NULL) { - SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } x = sk_X509_value(sk, 0); if (!X509_STORE_CTX_init(ctx, verify_store, x, sk)) { - SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_X509_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto end; } param = X509_STORE_CTX_get0_param(ctx); @@ -436,7 +436,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) if (X509_STORE_CTX_get0_chain(ctx) != NULL) { s->verified_chain = X509_STORE_CTX_get1_chain(ctx); if (s->verified_chain == NULL) { - SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); i = 0; } } @@ -465,13 +465,13 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk) ret = sk_X509_NAME_new_reserve(NULL, num); if (ret == NULL) { - SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } for (i = 0; i < num; i++) { name = X509_NAME_dup(sk_X509_NAME_value(sk, i)); if (name == NULL) { - SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); sk_X509_NAME_pop_free(ret, X509_NAME_free); return NULL; } @@ -617,13 +617,13 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, OSSL_LIB_CTX *prev_libctx = NULL; if ((name_hash == NULL) || (in == NULL)) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } x = X509_new_ex(libctx, propq); if (x == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } if (!BIO_read_filename(in, file)) @@ -637,7 +637,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, if (ret == NULL) { ret = sk_X509_NAME_new_null(); if (ret == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -693,7 +693,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -743,8 +743,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, int r; if (strlen(dir) + strlen(filename) + 2 > sizeof(buf)) { - SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, - SSL_R_PATH_TOO_LONG); + ERR_raise(ERR_LIB_SSL, SSL_R_PATH_TOO_LONG); goto err; } #ifdef OPENSSL_SYS_VMS @@ -760,9 +759,8 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, if (errno) { ERR_raise_data(ERR_LIB_SYS, get_last_sys_error(), - "calling OPENSSL_dir_read(%s)", - dir); - SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB); + "calling OPENSSL_dir_read(%s)", dir); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto err; } @@ -853,7 +851,7 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) int i, rv = 0; if (!cpk->x509) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, SSL_R_NO_CERTIFICATE_SET); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_SET); goto err; } /* Rearranging and check the chain: add everything to a store */ @@ -883,11 +881,11 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) xs_ctx = X509_STORE_CTX_new_ex(real_ctx->libctx, ctx->propq); if (xs_ctx == NULL) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } if (!X509_STORE_CTX_init(xs_ctx, chain_store, cpk->x509, untrusted)) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_X509_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; } /* Set suite B flags if needed */ @@ -904,7 +902,7 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) if (i > 0) chain = X509_STORE_CTX_get1_chain(xs_ctx); if (i <= 0) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, SSL_R_CERTIFICATE_VERIFY_FAILED); + ERR_raise(ERR_LIB_SSL, SSL_R_CERTIFICATE_VERIFY_FAILED); i = X509_STORE_CTX_get_error(xs_ctx); ERR_add_error_data(2, "Verify error:", X509_verify_cert_error_string(i)); @@ -932,7 +930,7 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) x = sk_X509_value(chain, i); rv = ssl_security_cert(s, ctx, x, 0, 0); if (rv != 1) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, rv); + ERR_raise(ERR_LIB_SSL, rv); sk_X509_pop_free(chain, X509_free); rv = 0; goto err; diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 984578c05b..ee1cba034c 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -947,7 +947,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, number_uses = OPENSSL_zalloc(sizeof(int) * (max_strength_bits + 1)); if (number_uses == NULL) { - SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return |