From db9592c1f723841586960912c387a925e4547a26 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 22 May 2020 14:11:43 +0100 Subject: Provider a better error message if we fail to copy parameters If EVP_PKEY_copy_parameters() failed in libssl we did not provide a very helpful error message. We provide a better one. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/11914) --- ssl/statem/extensions_clnt.c | 2 +- ssl/statem/statem_srvr.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'ssl/statem') diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index c83e18e84d..dbdedad1ab 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -1907,7 +1907,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, skey = EVP_PKEY_new(); if (skey == NULL || EVP_PKEY_copy_parameters(skey, ckey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_KEY_SHARE, - ERR_R_MALLOC_FAILURE); + SSL_R_COPY_PARAMETERS_FAILED); return 0; } diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 036bfadbe5..d3913e1b7d 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -3147,7 +3147,7 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt) ckey = EVP_PKEY_new(); if (ckey == NULL || EVP_PKEY_copy_parameters(ckey, skey) == 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_DHE, - SSL_R_BN_LIB); + SSL_R_COPY_PARAMETERS_FAILED); goto err; } @@ -3216,7 +3216,7 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt) ckey = EVP_PKEY_new(); if (ckey == NULL || EVP_PKEY_copy_parameters(ckey, skey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE, - ERR_R_EVP_LIB); + SSL_R_COPY_PARAMETERS_FAILED); goto err; } -- cgit v1.2.3