diff options
| author | Matt Caswell <matt@openssl.org> | 2016-12-07 23:50:55 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-12-08 17:21:21 +0000 |
| commit | 7fe97c077b4571a71be3f6cb963c414216371a7c (patch) | |
| tree | 704e4daf9a7e8613ce8eb97fb1f40504be4883e9 /ssl | |
| parent | ecc2f938cf1cf7425be37156ecb216cdc6db257f (diff) | |
Fix make update issues
Various functions got renamed. We need to rename the error codes too.
Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich
Salz
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_err.c | 137 | ||||
| -rw-r--r-- | ssl/statem/extensions.c | 8 | ||||
| -rw-r--r-- | ssl/statem/extensions_clnt.c | 110 | ||||
| -rw-r--r-- | ssl/statem/extensions_srvr.c | 68 |
4 files changed, 165 insertions, 158 deletions
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index ca96c72bb5..1b3e40907f 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -49,6 +49,9 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE), "dtls_get_reassembled_message"}, {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"}, + {ERR_FUNC(SSL_F_FINAL_EC_PT_FORMATS), "final_ec_pt_formats"}, + {ERR_FUNC(SSL_F_FINAL_EMS), "final_ems"}, + {ERR_FUNC(SSL_F_FINAL_RENEGOTIATE), "final_renegotiate"}, {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL), "OPENSSL_init_ssl"}, {ERR_FUNC(SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION), "ossl_statem_client13_read_transition"}, @@ -265,42 +268,48 @@ static ERR_STRING_DATA SSL_str_functs[] = { "tls_construct_cke_psk_preamble"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_RSA), "tls_construct_cke_rsa"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_SRP), "tls_construct_cke_srp"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_ALPN), "tls_construct_client_alpn"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE), "tls_construct_client_certificate"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_EC_PT_FORMATS), - "tls_construct_client_ec_pt_formats"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_EMS), "tls_construct_client_ems"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_ETM), "tls_construct_client_etm"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO), "tls_construct_client_hello"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE), "tls_construct_client_key_exchange"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_SHARE), - "tls_construct_client_key_share"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_NPN), "tls_construct_client_npn"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_PADDING), - "tls_construct_client_padding"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_RENEGOTIATE), - "tls_construct_client_renegotiate"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_SCT), "tls_construct_client_sct"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_SERVER_NAME), - "tls_construct_client_server_name"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_SESSION_TICKET), - "tls_construct_client_session_ticket"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_SIG_ALGS), - "tls_construct_client_sig_algs"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_SRP), "tls_construct_client_srp"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_STATUS_REQUEST), - "tls_construct_client_status_request"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_GROUPS), - "tls_construct_client_supported_groups"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_VERSIONS), - "tls_construct_client_supported_versions"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_USE_SRTP), - "tls_construct_client_use_srtp"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY), "tls_construct_client_verify"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_ALPN), "tls_construct_ctos_alpn"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE), + "TLS_CONSTRUCT_CTOS_CERTIFICATE"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS), + "tls_construct_ctos_ec_pt_formats"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EMS), "tls_construct_ctos_ems"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_ETM), "tls_construct_ctos_etm"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_HELLO), "TLS_CONSTRUCT_CTOS_HELLO"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE), + "TLS_CONSTRUCT_CTOS_KEY_EXCHANGE"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE), + "tls_construct_ctos_key_share"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_NPN), "tls_construct_ctos_npn"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_PADDING), + "tls_construct_ctos_padding"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE), + "tls_construct_ctos_renegotiate"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SCT), "tls_construct_ctos_sct"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME), + "tls_construct_ctos_server_name"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET), + "tls_construct_ctos_session_ticket"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS), + "tls_construct_ctos_sig_algs"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SRP), "tls_construct_ctos_srp"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST), + "tls_construct_ctos_status_request"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS), + "tls_construct_ctos_supported_groups"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS), + "tls_construct_ctos_supported_versions"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP), + "tls_construct_ctos_use_srtp"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_VERIFY), "TLS_CONSTRUCT_CTOS_VERIFY"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS), "tls_construct_encrypted_extensions"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_EXTENSIONS), "tls_construct_extensions"}, @@ -310,53 +319,51 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET), "tls_construct_new_session_ticket"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_NEXT_PROTO), "tls_construct_next_proto"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_ALPN), "tls_construct_server_alpn"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE), "tls_construct_server_certificate"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_CRYPTOPRO_BUG), - "tls_construct_server_cryptopro_bug"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_DONE), "tls_construct_server_done"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_EC_PT_FORMATS), - "tls_construct_server_ec_pt_formats"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_EMS), "tls_construct_server_ems"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_ETM), "tls_construct_server_etm"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_HELLO), "tls_construct_server_hello"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE), "tls_construct_server_key_exchange"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_KEY_SHARE), - "tls_construct_server_key_share"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_NEXT_PROTO_NEG), - "tls_construct_server_next_proto_neg"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_RENEGOTIATE), - "tls_construct_server_renegotiate"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_SERVER_NAME), - "tls_construct_server_server_name"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_SESSION_TICKET), - "tls_construct_server_session_ticket"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_STATUS_REQUEST), - "tls_construct_server_status_request"}, - {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_USE_SRTP), - "tls_construct_server_use_srtp"}, - {ERR_FUNC(SSL_F_TLS_EXT_FINAL_), "tls_ext_final_ems"}, - {ERR_FUNC(SSL_F_TLS_EXT_FINAL_EC_PT_FORMATS), - "tls_ext_final_ec_pt_formats"}, - {ERR_FUNC(SSL_F_TLS_EXT_FINAL_EMS), "tls_ext_final_ems"}, - {ERR_FUNC(SSL_F_TLS_EXT_FINAL_RENEGOTIATE), "tls_ext_final_renegotiate"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_ALPN), "tls_construct_stoc_alpn"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE), + "TLS_CONSTRUCT_STOC_CERTIFICATE"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG), + "tls_construct_stoc_cryptopro_bug"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_DONE), "TLS_CONSTRUCT_STOC_DONE"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS), + "tls_construct_stoc_ec_pt_formats"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EMS), "tls_construct_stoc_ems"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_ETM), "tls_construct_stoc_etm"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_HELLO), "TLS_CONSTRUCT_STOC_HELLO"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE), + "TLS_CONSTRUCT_STOC_KEY_EXCHANGE"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE), + "tls_construct_stoc_key_share"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG), + "tls_construct_stoc_next_proto_neg"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE), + "tls_construct_stoc_renegotiate"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME), + "tls_construct_stoc_server_name"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET), + "tls_construct_stoc_session_ticket"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST), + "tls_construct_stoc_status_request"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP), + "tls_construct_stoc_use_srtp"}, {ERR_FUNC(SSL_F_TLS_GET_MESSAGE_BODY), "tls_get_message_body"}, {ERR_FUNC(SSL_F_TLS_GET_MESSAGE_HEADER), "tls_get_message_header"}, {ERR_FUNC(SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT), "tls_parse_clienthello_tlsext"}, - {ERR_FUNC(SSL_F_TLS_PARSE_CLIENT_KEY_SHARE), - "tls_parse_client_key_share"}, - {ERR_FUNC(SSL_F_TLS_PARSE_CLIENT_RENEGOTIATE), - "tls_parse_client_renegotiate"}, - {ERR_FUNC(SSL_F_TLS_PARSE_CLIENT_USE_SRTP), "tls_parse_client_use_srtp"}, - {ERR_FUNC(SSL_F_TLS_PARSE_SERVER_KEY_SHARE), - "tls_parse_server_key_share"}, - {ERR_FUNC(SSL_F_TLS_PARSE_SERVER_RENEGOTIATE), - "tls_parse_server_renegotiate"}, - {ERR_FUNC(SSL_F_TLS_PARSE_SERVER_USE_SRTP), "tls_parse_server_use_srtp"}, + {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_KEY_SHARE), "tls_parse_ctos_key_share"}, + {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_RENEGOTIATE), + "tls_parse_ctos_renegotiate"}, + {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_USE_SRTP), "tls_parse_ctos_use_srtp"}, + {ERR_FUNC(SSL_F_TLS_PARSE_STOC_KEY_SHARE), "tls_parse_stoc_key_share"}, + {ERR_FUNC(SSL_F_TLS_PARSE_STOC_RENEGOTIATE), + "tls_parse_stoc_renegotiate"}, + {ERR_FUNC(SSL_F_TLS_PARSE_STOC_USE_SRTP), "tls_parse_stoc_use_srtp"}, {ERR_FUNC(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO), "tls_post_process_client_hello"}, {ERR_FUNC(SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE), diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 61576cc551..760b150a61 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -652,7 +652,7 @@ static int final_renegotiate(SSL *s, unsigned int context, int sent, && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) && !sent) { *al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_TLS_EXT_FINAL_RENEGOTIATE, + SSLerr(SSL_F_FINAL_RENEGOTIATE, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); return 0; } @@ -665,7 +665,7 @@ static int final_renegotiate(SSL *s, unsigned int context, int sent, && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) && !sent) { *al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_TLS_EXT_FINAL_RENEGOTIATE, + SSLerr(SSL_F_FINAL_RENEGOTIATE, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); return 0; } @@ -745,7 +745,7 @@ static int final_ec_pt_formats(SSL *s, unsigned int context, int sent, break; } if (i == s->session->tlsext_ecpointformatlist_length) { - SSLerr(SSL_F_TLS_EXT_FINAL_EC_PT_FORMATS, + SSLerr(SSL_F_FINAL_EC_PT_FORMATS, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); return 0; } @@ -889,7 +889,7 @@ static int final_ems(SSL *s, unsigned int context, int sent, int *al) if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) != !(s->session->flags & SSL_SESS_FLAG_EXTMS)) { *al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_TLS_EXT_FINAL_EMS, SSL_R_INCONSISTENT_EXTMS); + SSLerr(SSL_F_FINAL_EMS, SSL_R_INCONSISTENT_EXTMS); return 0; } } diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 71187f6656..70d90e7b4f 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -23,7 +23,7 @@ int tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, int *al) || !WPACKET_sub_memcpy_u8(pkt, s->s3->previous_client_finished, s->s3->previous_client_finished_len) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_RENEGOTIATE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE, ERR_R_INTERNAL_ERROR); return 0; } @@ -46,7 +46,7 @@ int tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, int *al) strlen(s->tlsext_hostname)) || !WPACKET_close(pkt) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SERVER_NAME, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME, ERR_R_INTERNAL_ERROR); return 0; } @@ -70,7 +70,7 @@ int tls_construct_ctos_srp(SSL *s, WPACKET *pkt, int *al) strlen(s->srp_ctx.login)) || !WPACKET_close(pkt) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SRP, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SRP, ERR_R_INTERNAL_ERROR); return 0; } @@ -121,7 +121,7 @@ int tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt, int *al) || !WPACKET_start_sub_packet_u16(pkt) || !WPACKET_sub_memcpy_u8(pkt, pformats, num_formats) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR); return 0; } @@ -143,7 +143,7 @@ int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, int *al) /* TODO(TLS1.3): Add support for DHE groups */ pcurves = s->tlsext_supportedgroupslist; if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_GROUPS, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS, ERR_R_INTERNAL_ERROR); return 0; } @@ -153,7 +153,7 @@ int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, int *al) /* Sub-packet for supported_groups extension */ || !WPACKET_start_sub_packet_u16(pkt) || !WPACKET_start_sub_packet_u16(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_GROUPS, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS, ERR_R_INTERNAL_ERROR); return 0; } @@ -162,14 +162,14 @@ int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, int *al) if (tls_curve_allowed(s, pcurves, SSL_SECOP_CURVE_SUPPORTED)) { if (!WPACKET_put_bytes_u8(pkt, pcurvestmp[0]) || !WPACKET_put_bytes_u8(pkt, pcurvestmp[1])) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_GROUPS, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS, ERR_R_INTERNAL_ERROR); return 0; } } } if (!WPACKET_close(pkt) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_GROUPS, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS, ERR_R_INTERNAL_ERROR); return 0; } @@ -193,7 +193,7 @@ int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, int *al) ticklen = s->tlsext_session_ticket->length; s->session->tlsext_tick = OPENSSL_malloc(ticklen); if (s->session->tlsext_tick == NULL) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SESSION_TICKET, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET, ERR_R_INTERNAL_ERROR); return 0; } @@ -210,7 +210,7 @@ int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, int *al) if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_session_ticket) || !WPACKET_sub_memcpy_u16(pkt, s->session->tlsext_tick, ticklen)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SESSION_TICKET, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET, ERR_R_INTERNAL_ERROR); return 0; } @@ -234,7 +234,7 @@ int tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt, int *al) || !tls12_copy_sigalgs(s, pkt, salg, salglen) || !WPACKET_close(pkt) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SIG_ALGS, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS, ERR_R_INTERNAL_ERROR); return 0; } @@ -255,7 +255,7 @@ int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, int *al) || !WPACKET_put_bytes_u8(pkt, TLSEXT_STATUSTYPE_ocsp) /* Sub-packet for the ids */ || !WPACKET_start_sub_packet_u16(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); return 0; } for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) { @@ -267,14 +267,14 @@ int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, int *al) /* Sub-packet for an individual id */ || !WPACKET_sub_allocate_bytes_u16(pkt, idlen, &idbytes) || i2d_OCSP_RESPID(id, &idbytes) != idlen) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_STATUS_REQUEST, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); return 0; } } if (!WPACKET_close(pkt) || !WPACKET_start_sub_packet_u16(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); return 0; } if (s->tlsext_ocsp_exts) { @@ -282,20 +282,20 @@ int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, int *al) int extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL); if (extlen < 0) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_STATUS_REQUEST, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); return 0; } if (!WPACKET_allocate_bytes(pkt, extlen, &extbytes) || i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &extbytes) != extlen) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_STATUS_REQUEST, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); return 0; } } if (!WPACKET_close(pkt) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); return 0; } @@ -315,7 +315,7 @@ int tls_construct_ctos_npn(SSL *s, WPACKET *pkt, int *al) */ if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_next_proto_neg) || !WPACKET_put_bytes_u16(pkt, 0)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_NPN, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_NPN, ERR_R_INTERNAL_ERROR); return 0; } @@ -341,7 +341,7 @@ int tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, int *al) || !WPACKET_sub_memcpy_u16(pkt, s->alpn_client_proto_list, s->alpn_client_proto_list_len) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_ALPN, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_ALPN, ERR_R_INTERNAL_ERROR); return 0; } s->s3->alpn_sent = 1; @@ -364,7 +364,7 @@ int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, int *al) || !WPACKET_start_sub_packet_u16(pkt) /* Sub-packet for the protection profile list */ || !WPACKET_start_sub_packet_u16(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_USE_SRTP, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP, ERR_R_INTERNAL_ERROR); return 0; } @@ -374,7 +374,7 @@ int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, int *al) sk_SRTP_PROTECTION_PROFILE_value(clnt, i); if (prof == NULL || !WPACKET_put_bytes_u16(pkt, prof->id)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_USE_SRTP, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP, ERR_R_INTERNAL_ERROR); return 0; } } @@ -382,7 +382,7 @@ int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, int *al) /* Add an empty use_mki value */ || !WPACKET_put_bytes_u8(pkt, 0) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_USE_SRTP, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP, ERR_R_INTERNAL_ERROR); return 0; } @@ -397,7 +397,7 @@ int tls_construct_ctos_etm(SSL *s, WPACKET *pkt, int *al) if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_encrypt_then_mac) || !WPACKET_put_bytes_u16(pkt, 0)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_ETM, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_ETM, ERR_R_INTERNAL_ERROR); return 0; } @@ -412,7 +412,7 @@ int tls_construct_ctos_sct(SSL *s, WPACKET *pkt, int *al) if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_signed_certificate_timestamp) || !WPACKET_put_bytes_u16(pkt, 0)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SCT, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SCT, ERR_R_INTERNAL_ERROR); return 0; } @@ -424,7 +424,7 @@ int tls_construct_ctos_ems(SSL *s, WPACKET *pkt, int *al) { if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_extended_master_secret) || !WPACKET_put_bytes_u16(pkt, 0)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_EMS, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_EMS, ERR_R_INTERNAL_ERROR); return 0; } @@ -438,14 +438,14 @@ int tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt, int *al) if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_versions) || !WPACKET_start_sub_packet_u16(pkt) || !WPACKET_start_sub_packet_u8(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_VERSIONS, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS, ERR_R_INTERNAL_ERROR); return 0; } reason = ssl_get_client_min_max_version(s, &min_version, &max_version); if (reason != 0) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_VERSIONS, reason); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS, reason); return 0; } @@ -458,18 +458,18 @@ int tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt, int *al) /* TODO(TLS1.3): Remove this first if clause prior to release!! */ if (currv == TLS1_3_VERSION) { if (!WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_VERSIONS, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS, ERR_R_INTERNAL_ERROR); return 0; } } else if (!WPACKET_put_bytes_u16(pkt, currv)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_VERSIONS, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS, ERR_R_INTERNAL_ERROR); return 0; } } if (!WPACKET_close(pkt) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_SUPPORTED_VERSIONS, + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS, ERR_R_INTERNAL_ERROR); return 0; } @@ -489,13 +489,13 @@ int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al) || !WPACKET_start_sub_packet_u16(pkt) /* KeyShare list sub-packet */ || !WPACKET_start_sub_packet_u16(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR); return 0; } pcurves = s->tlsext_supportedgroupslist; if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR); return 0; } @@ -514,7 +514,7 @@ int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al) if (s->s3->tmp.pkey != NULL) { /* Shouldn't happen! */ - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR); return 0; } @@ -522,7 +522,7 @@ int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al) curve_id = (pcurves[0] << 8) | pcurves[1]; key_share_key = ssl_generate_pkey_curve(curve_id); if (key_share_key == NULL) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_SHARE, ERR_R_EVP_LIB); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_EVP_LIB); return 0; } @@ -530,7 +530,7 @@ int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al) encodedlen = EVP_PKEY_get1_tls_encodedpoint(key_share_key, &encodedPoint); if (encodedlen == 0) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_SHARE, ERR_R_EC_LIB); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_EC_LIB); EVP_PKEY_free(key_share_key); return 0; } @@ -538,7 +538,7 @@ int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al) /* Create KeyShareEntry */ if (!WPACKET_put_bytes_u16(pkt, curve_id) || !WPACKET_sub_memcpy_u16(pkt, encodedPoint, encodedlen)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR); EVP_PKEY_free(key_share_key); OPENSSL_free(encodedPoint); return 0; @@ -556,7 +556,7 @@ int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al) } if (!WPACKET_close(pkt) || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR); return 0; } @@ -581,7 +581,7 @@ int tls_construct_ctos_padding(SSL *s, WPACKET *pkt, int *al) * appear last. */ if (!WPACKET_get_total_written(pkt, &hlen)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_PADDING, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_PADDING, ERR_R_INTERNAL_ERROR); return 0; } @@ -600,7 +600,7 @@ int tls_construct_ctos_padding(SSL *s, WPACKET *pkt, int *al) if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_padding) || !WPACKET_sub_allocate_bytes_u16(pkt, hlen, &padbytes)) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_PADDING, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_PADDING, ERR_R_INTERNAL_ERROR); return 0; } memset(padbytes, 0, hlen); @@ -625,7 +625,7 @@ int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, int *al) /* Parse the length byte */ if (!PACKET_get_1_len(pkt, &ilen)) { - SSLerr(SSL_F_TLS_PARSE_SERVER_RENEGOTIATE, + SSLerr(SSL_F_TLS_PARSE_STOC_RENEGOTIATE, SSL_R_RENEGOTIATION_ENCODING_ERR); *al = SSL_AD_ILLEGAL_PARAMETER; return 0; @@ -633,7 +633,7 @@ int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, int *al) /* Consistency check */ if (PACKET_remaining(pkt) != ilen) { - SSLerr(SSL_F_TLS_PARSE_SERVER_RENEGOTIATE, + SSLerr(SSL_F_TLS_PARSE_STOC_RENEGOTIATE, SSL_R_RENEGOTIATION_ENCODING_ERR); *al = SSL_AD_ILLEGAL_PARAMETER; return 0; @@ -641,7 +641,7 @@ int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, int *al) /* Check that the extension matches */ if (ilen != expected_len) { - SSLerr(SSL_F_TLS_PARSE_SERVER_RENEGOTIATE, + SSLerr(SSL_F_TLS_PARSE_STOC_RENEGOTIATE, SSL_R_RENEGOTIATION_MISMATCH); *al = SSL_AD_HANDSHAKE_FAILURE; return 0; @@ -650,7 +650,7 @@ int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, int *al) if (!PACKET_get_bytes(pkt, &data, s->s3->previous_client_finished_len) || memcmp(data, s->s3->previous_client_finished, s->s3->previous_client_finished_len) != 0) { - SSLerr(SSL_F_TLS_PARSE_SERVER_RENEGOTIATE, + SSLerr(SSL_F_TLS_PARSE_STOC_RENEGOTIATE, SSL_R_RENEGOTIATION_MISMATCH); *al = SSL_AD_HANDSHAKE_FAILURE; return 0; @@ -659,7 +659,7 @@ int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, int *al) if (!PACKET_get_bytes(pkt, &data, s->s3->previous_server_finished_len) || memcmp(data, s->s3->previous_server_finished, s->s3->previous_server_finished_len) != 0) { - SSLerr(SSL_F_TLS_PARSE_SERVER_RENEGOTIATE, + SSLerr(SSL_F_TLS_PARSE_STOC_RENEGOTIATE, SSL_R_RENEGOTIATION_MISMATCH); *al = SSL_AD_ILLEGAL_PARAMETER; return 0; @@ -919,7 +919,7 @@ int tls_parse_stoc_use_srtp(SSL *s, PACKET *pkt, int *al) || !PACKET_get_net_2(pkt, &id) || !PACKET_get_1(pkt, &mki) || PACKET_remaining(pkt) != 0) { - SSLerr(SSL_F_TLS_PARSE_SERVER_USE_SRTP, + SSLerr(SSL_F_TLS_PARSE_STOC_USE_SRTP, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 0; @@ -927,7 +927,7 @@ int tls_parse_stoc_use_srtp(SSL *s, PACKET *pkt, int *al) if (mki != 0) { /* Must be no MKI, since we never offer one */ - SSLerr(SSL_F_TLS_PARSE_SERVER_USE_SRTP, SSL_R_BAD_SRTP_MKI_VALUE); + SSLerr(SSL_F_TLS_PARSE_STOC_USE_SRTP, SSL_R_BAD_SRTP_MKI_VALUE); *al = SSL_AD_ILLEGAL_PARAMETER; return 0; } @@ -935,7 +935,7 @@ int tls_parse_stoc_use_srtp(SSL *s, PACKET *pkt, int *al) /* Throw an error if the server gave us an unsolicited extension */ clnt = SSL_get_srtp_profiles(s); if (clnt == NULL) { - SSLerr(SSL_F_TLS_PARSE_SERVER_USE_SRTP, SSL_R_NO_SRTP_PROFILES); + SSLerr(SSL_F_TLS_PARSE_STOC_USE_SRTP, SSL_R_NO_SRTP_PROFILES); *al = SSL_AD_DECODE_ERROR; return 0; } @@ -954,7 +954,7 @@ int tls_parse_stoc_use_srtp(SSL *s, PACKET *pkt, int *al) } } - SSLerr(SSL_F_TLS_PARSE_SERVER_USE_SRTP, + SSLerr(SSL_F_TLS_PARSE_STOC_USE_SRTP, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 0; @@ -990,13 +990,13 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, int *al) /* Sanity check */ if (ckey == NULL) { *al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PARSE_SERVER_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR); return 0; } if (!PACKET_get_net_2(pkt, &group_id)) { *al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_TLS_PARSE_SERVER_KEY_SHARE, SSL_R_LENGTH_MISMATCH); + SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_LENGTH_MISMATCH); return 0; } @@ -1006,33 +1006,33 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, int *al) * key_share! */ *al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_TLS_PARSE_SERVER_KEY_SHARE, SSL_R_BAD_KEY_SHARE); + SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_BAD_KEY_SHARE); return 0; } if (!PACKET_as_length_prefixed_2(pkt, &encoded_pt) || PACKET_remaining(&encoded_pt) == 0) { *al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_TLS_PARSE_SERVER_KEY_SHARE, SSL_R_LENGTH_MISMATCH); + SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_LENGTH_MISMATCH); return 0; } skey = ssl_generate_pkey(ckey); if (skey == NULL) { *al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PARSE_SERVER_KEY_SHARE, ERR_R_MALLOC_FAILURE); + SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, ERR_R_MALLOC_FAILURE); return 0; } if (!EVP_PKEY_set1_tls_encodedpoint(skey, PACKET_data(&encoded_pt), PACKET_remaining(&encoded_pt))) { *al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_TLS_PARSE_SERVER_KEY_SHARE, SSL_R_BAD_ECPOINT); + SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_BAD_ECPOINT); return 0; } if (ssl_derive(s, ckey, skey, 1) == 0) { *al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PARSE_SERVER_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR); EVP_PKEY_free(skey); return 0; } diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index bf569d280a..987621234d 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -22,7 +22,7 @@ int tls_parse_ctos_renegotiate(SSL *s, PACKET *pkt, int *al) /* Parse the length byte */ if (!PACKET_get_1(pkt, &ilen) || !PACKET_get_bytes(pkt, &data, ilen)) { - SSLerr(SSL_F_TLS_PARSE_CLIENT_RENEGOTIATE, + SSLerr(SSL_F_TLS_PARSE_CTOS_RENEGOTIATE, SSL_R_RENEGOTIATION_ENCODING_ERR); *al = SSL_AD_ILLEGAL_PARAMETER; return 0; @@ -30,7 +30,7 @@ int tls_parse_ctos_renegotiate(SSL *s, PACKET *pkt, int *al) /* Check that the extension matches */ if (ilen != s->s3->previous_client_finished_len) { - SSLerr(SSL_F_TLS_PARSE_CLIENT_RENEGOTIATE, + SSLerr(SSL_F_TLS_PARSE_CTOS_RENEGOTIATE, SSL_R_RENEGOTIATION_MISMATCH); *al = SSL_AD_HANDSHAKE_FAILURE; return 0; @@ -38,7 +38,7 @@ int tls_parse_ctos_renegotiate(SSL *s, PACKET *pkt, int *al) if (memcmp(data, s->s3->previous_client_finished, s->s3->previous_client_finished_len)) { - SSLerr(SSL_F_TLS_PARSE_CLIENT_RENEGOTIATE, + SSLerr(SSL_F_TLS_PARSE_CTOS_RENEGOTIATE, SSL_R_RENEGOTIATION_MISMATCH); *al = SSL_AD_HANDSHAKE_FAILURE; return 0; @@ -387,7 +387,7 @@ int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, int *al) /* Pull off the length of the cipher suite list and check it is even */ if (!PACKET_get_net_2(pkt, &ct) || (ct & 1) != 0 || !PACKET_get_sub_packet(pkt, &subpkt, ct)) { - SSLerr(SSL_F_TLS_PARSE_CLIENT_USE_SRTP, + SSLerr(SSL_F_TLS_PARSE_CTOS_USE_SRTP, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 0; @@ -400,7 +400,7 @@ int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, int *al) while (PACKET_remaining(&subpkt)) { if (!PACKET_get_net_2(&subpkt, &id)) { - SSLerr(SSL_F_TLS_PARSE_CLIENT_USE_SRTP, + SSLerr(SSL_F_TLS_PARSE_CTOS_USE_SRTP, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 0; @@ -426,7 +426,7 @@ int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, int *al) /* Now extract the MKI value as a sanity check, but discard it for now */ if (!PACKET_get_1(pkt, &mki_len)) { - SSLerr(SSL_F_TLS_PARSE_CLIENT_USE_SRTP, + SSLerr(SSL_F_TLS_PARSE_CTOS_USE_SRTP, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 0; @@ -434,7 +434,7 @@ int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, int *al) if (!PACKET_forward(pkt, mki_len) || PACKET_remaining(pkt)) { - SSLerr(SSL_F_TLS_PARSE_CLIENT_USE_SRTP, SSL_R_BAD_SRTP_MKI_VALUE); + SSLerr(SSL_F_TLS_PARSE_CTOS_USE_SRTP, SSL_R_BAD_SRTP_MKI_VALUE); *al = SSL_AD_DECODE_ERROR; return 0; } @@ -500,20 +500,20 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, int *al) /* Sanity check */ if (s->s3->peer_tmp != NULL) { *al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PARSE_CLIENT_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR); return 0; } if (!PACKET_as_length_prefixed_2(pkt, &key_share_list)) { *al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_TLS_PARSE_CLIENT_KEY_SHARE, SSL_R_LENGTH_MISMATCH); + SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_LENGTH_MISMATCH); return 0; } /* Get our list of supported curves */ if (!tls1_get_curvelist(s, 0, &srvrcurves, &srvr_num_curves)) { *al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PARSE_CLIENT_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR); return 0; } @@ -524,7 +524,7 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, int *al) */ if (!tls1_get_curvelist(s, 1, &clntcurves, &clnt_num_curves)) { *al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PARSE_CLIENT_KEY_SHARE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR); return 0; } @@ -533,7 +533,7 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, int *al) || !PACKET_get_length_prefixed_2(&key_share_list, &encoded_pt) || PACKET_remaining(&encoded_pt) == 0) { *al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_TLS_PARSE_CLIENT_KEY_SHARE, + |