diff options
| -rw-r--r-- | ssl/bio_ssl.c | 2 | ||||
| -rw-r--r-- | ssl/d1_lib.c | 40 | ||||
| -rw-r--r-- | ssl/d1_msg.c | 5 | ||||
| -rw-r--r-- | ssl/d1_srtp.c | 12 | ||||
| -rw-r--r-- | ssl/pqueue.c | 4 | ||||
| -rw-r--r-- | ssl/record/rec_layer_d1.c | 2 | ||||
| -rw-r--r-- | ssl/s3_lib.c | 42 | ||||
| -rw-r--r-- | ssl/s3_msg.c | 2 | ||||
| -rw-r--r-- | ssl/ssl_asn1.c | 8 | ||||
| -rw-r--r-- | ssl/ssl_cert.c | 52 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 36 | ||||
| -rw-r--r-- | ssl/ssl_conf.c | 6 | ||||
| -rw-r--r-- | ssl/ssl_init.c | 2 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 224 | ||||
| -rw-r--r-- | ssl/ssl_mcnf.c | 8 | ||||
| -rw-r--r-- | ssl/ssl_rsa.c | 157 | ||||
| -rw-r--r-- | ssl/ssl_sess.c | 14 | ||||
| -rw-r--r-- | ssl/ssl_txt.c | 2 | ||||
| -rw-r--r-- | ssl/statem/statem.c | 2 | ||||
| -rw-r--r-- | ssl/statem/statem_clnt.c | 5 | ||||
| -rw-r--r-- | ssl/statem/statem_dtls.c | 6 | ||||
| -rw-r--r-- | ssl/statem/statem_lib.c | 6 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 8 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 48 | ||||
| -rw-r--r-- | ssl/tls13_enc.c | 6 | ||||
| -rw-r--r-- | ssl/tls_depr.c | 5 | ||||
| -rw-r--r-- | ssl/tls_srp.c | 6 |
27 files changed, 340 insertions, 370 deletions
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c index ce8d148cb9..033781fcf5 100644 --- a/ssl/bio_ssl.c +++ b/ssl/bio_ssl.c @@ -58,7 +58,7 @@ static int ssl_new(BIO *bi) BIO_SSL *bs = OPENSSL_zalloc(sizeof(*bs)); if (bs == NULL) { - BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); return 0; } BIO_set_init(bi, 0); diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index f30a685150..75a251b303 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -471,7 +471,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) wbio = SSL_get_wbio(s); if (!rbio || !wbio) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BIO_NOT_SET); + ERR_raise(ERR_LIB_SSL, SSL_R_BIO_NOT_SET); return -1; } @@ -483,7 +483,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * SSL_accept) */ if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNSUPPORTED_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_UNSUPPORTED_SSL_VERSION); return -1; } @@ -522,7 +522,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) } if (!PACKET_buf_init(&pkt, buf, n)) { - SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return -1; } @@ -537,7 +537,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) /* this packet contained a partial record, dump it */ if (n < DTLS1_RT_HEADER_LENGTH) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_RECORD_TOO_SMALL); + ERR_raise(ERR_LIB_SSL, SSL_R_RECORD_TOO_SMALL); goto end; } @@ -548,12 +548,12 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) /* Get the record header */ if (!PACKET_get_1(&pkt, &rectype) || !PACKET_get_1(&pkt, &versmajor)) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } if (rectype != SSL3_RT_HANDSHAKE) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE); goto end; } @@ -562,7 +562,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * the same. */ if (versmajor != DTLS1_VERSION_MAJOR) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BAD_PROTOCOL_VERSION_NUMBER); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_PROTOCOL_VERSION_NUMBER); goto end; } @@ -570,7 +570,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) /* Save the sequence number: 64 bits, with top 2 bytes = epoch */ || !PACKET_copy_bytes(&pkt, seq, SEQ_NUM_SIZE) || !PACKET_get_length_prefixed_2(&pkt, &msgpkt)) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } reclen = PACKET_remaining(&msgpkt); @@ -581,7 +581,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) /* This is an initial ClientHello so the epoch has to be 0 */ if (seq[0] != 0 || seq[1] != 0) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE); goto end; } @@ -596,18 +596,18 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) || !PACKET_get_net_3_len(&msgpkt, &fraglen) || !PACKET_get_sub_packet(&msgpkt, &msgpayload, fraglen) || PACKET_remaining(&msgpkt) != 0) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } if (msgtype != SSL3_MT_CLIENT_HELLO) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE); goto end; } /* Message sequence number can only be 0 or 1 */ if (msgseq > 2) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_INVALID_SEQUENCE_NUMBER); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SEQUENCE_NUMBER); goto end; } @@ -620,7 +620,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) */ if (fragoff != 0 || fraglen > msglen) { /* Non initial ClientHello fragment (or bad fragment) */ - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_FRAGMENTED_CLIENT_HELLO); + ERR_raise(ERR_LIB_SSL, SSL_R_FRAGMENTED_CLIENT_HELLO); goto end; } @@ -630,7 +630,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) s->msg_callback_arg); if (!PACKET_get_net_2(&msgpayload, &clientvers)) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } @@ -639,7 +639,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) */ if (DTLS_VERSION_LT(clientvers, (unsigned int)s->method->version) && s->method->version != DTLS_ANY_VERSION) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_WRONG_VERSION_NUMBER); + ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_VERSION_NUMBER); goto end; } @@ -650,7 +650,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * Could be malformed or the cookie does not fit within the initial * ClientHello fragment. Either way we can't handle it. */ - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH); goto end; } @@ -665,7 +665,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * We have a cookie, so lets check it. */ if (s->ctx->app_verify_cookie_cb == NULL) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_NO_VERIFY_COOKIE_CALLBACK); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_VERIFY_COOKIE_CALLBACK); /* This is fatal */ return -1; } @@ -697,7 +697,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) if (s->ctx->app_gen_cookie_cb == NULL || s->ctx->app_gen_cookie_cb(s, cookie, &cookielen) == 0 || cookielen > 255) { - SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_COOKIE_GEN_CALLBACK_FAILURE); + ERR_raise(ERR_LIB_SSL, SSL_R_COOKIE_GEN_CALLBACK_FAILURE); /* This is fatal */ return -1; } @@ -760,7 +760,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) || !WPACKET_close(&wpkt) || !WPACKET_get_total_written(&wpkt, &wreclen) || !WPACKET_finish(&wpkt)) { - SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); WPACKET_cleanup(&wpkt); /* This is fatal */ return -1; @@ -782,7 +782,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) DTLS1_RT_HEADER_LENGTH, s, s->msg_callback_arg); if ((tmpclient = BIO_ADDR_new()) == NULL) { - SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto end; } diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c index 96741efd7c..b215fee3a5 100644 --- a/ssl/d1_msg.c +++ b/ssl/d1_msg.c @@ -19,14 +19,13 @@ int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, size_t len, if (i < 0) return i; if (i == 0) { - SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, - SSL_R_SSL_HANDSHAKE_FAILURE); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; } } if (len > SSL3_RT_MAX_PLAIN_LENGTH) { - SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, SSL_R_DTLS_MESSAGE_TOO_BIG); + ERR_raise(ERR_LIB_SSL, SSL_R_DTLS_MESSAGE_TOO_BIG); return -1; } diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index 87fb4a243d..2300753382 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -68,8 +68,7 @@ static int ssl_ctx_make_profiles(const char *profiles_string, SRTP_PROTECTION_PROFILE *p; if ((profiles = sk_SRTP_PROTECTION_PROFILE_new_null()) == NULL) { - SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, - SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); + ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); return 1; } @@ -79,19 +78,16 @@ static int ssl_ctx_make_profiles(const char *profiles_string, if (!find_profile_by_name(ptr, &p, col ? (size_t)(col - ptr) : strlen(ptr))) { if (sk_SRTP_PROTECTION_PROFILE_find(profiles, p) >= 0) { - SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, - SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); goto err; } if (!sk_SRTP_PROTECTION_PROFILE_push(profiles, p)) { - SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, - SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); + ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); goto err; } } else { - SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, - SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); + ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); goto err; } diff --git a/ssl/pqueue.c b/ssl/pqueue.c index 2e9ceeccd9..53f295feaa 100644 --- a/ssl/pqueue.c +++ b/ssl/pqueue.c @@ -20,7 +20,7 @@ pitem *pitem_new(unsigned char *prio64be, void *data) pitem *item = OPENSSL_malloc(sizeof(*item)); if (item == NULL) { - SSLerr(SSL_F_PITEM_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -40,7 +40,7 @@ pqueue *pqueue_new(void) pqueue *pq = OPENSSL_zalloc(sizeof(*pq)); if (pq == NULL) - SSLerr(SSL_F_PQUEUE_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return pq; } diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 605afb7db6..ca9029f071 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -21,7 +21,7 @@ int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl) DTLS_RECORD_LAYER *d; if ((d = OPENSSL_malloc(sizeof(*d))) == NULL) { - SSLerr(SSL_F_DTLS_RECORD_LAYER_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 073fae49b0..f74b0dcf74 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3457,17 +3457,17 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) DH *dh = (DH *)parg; EVP_PKEY *pkdh = NULL; if (dh == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } pkdh = ssl_dh_to_pkey(dh); if (pkdh == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(pkdh), 0, pkdh)) { - SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL); + ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL); EVP_PKEY_free(pkdh); return 0; } @@ -3478,7 +3478,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) break; case SSL_CTRL_SET_TMP_DH_CB: { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return ret; } case SSL_CTRL_SET_DH_AUTO: @@ -3492,12 +3492,12 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) int nid; if (parg == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } group = EC_KEY_get0_group((const EC_KEY *)parg); if (group == NULL) { - SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS); + ERR_raise(ERR_LIB_SSL, EC_R_MISSING_PARAMETERS); return 0; } nid = EC_GROUP_get_curve_name(group); @@ -3530,15 +3530,15 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) break; len = strlen((char *)parg); if (len == 0 || len > TLSEXT_MAXLEN_host_name) { - SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); return 0; } if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } } else { - SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); return 0; } break; @@ -3808,17 +3808,17 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) DH *dh = (DH *)parg; EVP_PKEY *pkdh = NULL; if (dh == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } pkdh = ssl_dh_to_pkey(dh); if (pkdh == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(pkdh), 0, pkdh)) { - SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); + ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL); EVP_PKEY_free(pkdh); return 0; } @@ -3828,7 +3828,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) } case SSL_CTRL_SET_TMP_DH_CB: { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } case SSL_CTRL_SET_DH_AUTO: @@ -3842,12 +3842,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) int nid; if (parg == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } group = EC_KEY_get0_group((const EC_KEY *)parg); if (group == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS); + ERR_raise(ERR_LIB_SSL, EC_R_MISSING_PARAMETERS); return 0; } nid = EC_GROUP_get_curve_name(group); @@ -3871,7 +3871,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) if (keys == NULL) return tick_keylen; if (larg != tick_keylen) { - SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH); return 0; } if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { @@ -3925,11 +3925,11 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) if (parg == NULL) break; if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) { - SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME); return 0; } if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } break; @@ -3939,7 +3939,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) if (ctx->srp_ctx.info != NULL) OPENSSL_free(ctx->srp_ctx.info); if ((ctx->srp_ctx.info = OPENSSL_strdup((char *)parg)) == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } break; @@ -3993,12 +3993,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_EXTRA_CHAIN_CERT: if (ctx->extra_certs == NULL) { if ((ctx->extra_certs = sk_X509_new_null()) == NULL) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } } if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } break; diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c index 7c021c175a..68ae520067 100644 --- a/ssl/s3_msg.c +++ b/ssl/s3_msg.c @@ -21,7 +21,7 @@ int ssl3_do_change_cipher_spec(SSL *s) if (s->s3.tmp.key_block == NULL) { if (s->session == NULL || s->session->master_key_length == 0) { /* might happen if dtls1_read_bytes() calls this */ - SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY); + ERR_raise(ERR_LIB_SSL, SSL_R_CCS_RECEIVED_EARLY); return 0; } diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index b5c6654e92..d4cb6d4ddf 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -259,21 +259,21 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, } if (as->version != SSL_SESSION_ASN1_VERSION) { - SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_SSL_VERSION); goto err; } if ((as->ssl_version >> 8) != SSL3_VERSION_MAJOR && (as->ssl_version >> 8) != DTLS1_VERSION_MAJOR && as->ssl_version != DTLS1_BAD_VER) { - SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_UNSUPPORTED_SSL_VERSION); goto err; } ret->ssl_version = (int)as->ssl_version; if (as->cipher->length != 2) { - SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_CIPHER_CODE_WRONG_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_CIPHER_CODE_WRONG_LENGTH); goto err; } @@ -339,7 +339,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, #ifndef OPENSSL_NO_COMP if (as->comp_id) { if (as->comp_id->length != 1) { - SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); goto err; } ret->compress_meth = as->comp_id->data[0]; diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index c1e26bd3b4..f851fa67ee 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -53,7 +53,7 @@ CERT *ssl_cert_new(void) CERT *ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { - SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -64,7 +64,7 @@ CERT *ssl_cert_new(void) ret->sec_ex = NULL; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(ret); return NULL; } @@ -78,7 +78,7 @@ CERT *ssl_cert_dup(CERT *cert) int i; if (ret == NULL) { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -86,7 +86,7 @@ CERT *ssl_cert_dup(CERT *cert) ret->key = &ret->pkeys[cert->key - cert->pkeys]; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(ret); return NULL; } @@ -115,7 +115,7 @@ CERT *ssl_cert_dup(CERT *cert) if (cpk->chain) { rpk->chain = X509_chain_up_ref(cpk->chain); if (!rpk->chain) { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -124,7 +124,7 @@ CERT *ssl_cert_dup(CERT *cert) ret->pkeys[i].serverinfo = OPENSSL_malloc(cert->pkeys[i].serverinfo_length); if (ret->pkeys[i].serverinfo == NULL) { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } ret->pkeys[i].serverinfo_length = cert->pkeys[i].serverinfo_length; @@ -262,7 +262,7 @@ int ssl_cert_set0_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain) r = ssl_security_cert(s, ctx, x, 0, 0); if (r != 1) { - SSLerr(SSL_F_SSL_CERT_SET0_CHAIN, r); + ERR_raise(ERR_LIB_SSL, r); return 0; } } @@ -294,7 +294,7 @@ int ssl_cert_add0_chain_cert(SSL *s, SSL_CTX *ctx, X509 *x) return 0; r = ssl_security_cert(s, ctx, x, 0, 0); if (r != 1) { - SSLerr(SSL_F_SSL_CERT_ADD0_CHAIN_CERT, r); + ERR_raise(ERR_LIB_SSL, r); return 0; } if (!cpk->chain) @@ -382,13 +382,13 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) ctx = X509_STORE_CTX_new_ex(s->ctx->libctx, s->ctx->propq); if (ctx == NULL) { - SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } x = sk_X509_value(sk, 0); if (!X509_STORE_CTX_init(ctx, verify_store, x, sk)) { - SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_X509_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto end; } param = X509_STORE_CTX_get0_param(ctx); @@ -436,7 +436,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) if (X509_STORE_CTX_get0_chain(ctx) != NULL) { s->verified_chain = X509_STORE_CTX_get1_chain(ctx); if (s->verified_chain == NULL) { - SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); i = 0; } } @@ -465,13 +465,13 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk) ret = sk_X509_NAME_new_reserve(NULL, num); if (ret == NULL) { - SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } for (i = 0; i < num; i++) { name = X509_NAME_dup(sk_X509_NAME_value(sk, i)); if (name == NULL) { - SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); sk_X509_NAME_pop_free(ret, X509_NAME_free); return NULL; } @@ -617,13 +617,13 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, OSSL_LIB_CTX *prev_libctx = NULL; if ((name_hash == NULL) || (in == NULL)) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } x = X509_new_ex(libctx, propq); if (x == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } if (!BIO_read_filename(in, file)) @@ -637,7 +637,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, if (ret == NULL) { ret = sk_X509_NAME_new_null(); if (ret == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -693,7 +693,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -743,8 +743,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, int r; if (strlen(dir) + strlen(filename) + 2 > sizeof(buf)) { - SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, - SSL_R_PATH_TOO_LONG); + ERR_raise(ERR_LIB_SSL, SSL_R_PATH_TOO_LONG); goto err; } #ifdef OPENSSL_SYS_VMS @@ -760,9 +759,8 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, if (errno) { ERR_raise_data(ERR_LIB_SYS, get_last_sys_error(), - "calling OPENSSL_dir_read(%s)", - dir); - SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB); + "calling OPENSSL_dir_read(%s)", dir); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto err; } @@ -853,7 +851,7 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) int i, rv = 0; if (!cpk->x509) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, SSL_R_NO_CERTIFICATE_SET); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_SET); goto err; } /* Rearranging and check the chain: add everything to a store */ @@ -883,11 +881,11 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) xs_ctx = X509_STORE_CTX_new_ex(real_ctx->libctx, ctx->propq); if (xs_ctx == NULL) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } if (!X509_STORE_CTX_init(xs_ctx, chain_store, cpk->x509, untrusted)) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_X509_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; } /* Set suite B flags if needed */ @@ -904,7 +902,7 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) if (i > 0) chain = X509_STORE_CTX_get1_chain(xs_ctx); if (i <= 0) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, SSL_R_CERTIFICATE_VERIFY_FAILED); + ERR_raise(ERR_LIB_SSL, SSL_R_CERTIFICATE_VERIFY_FAILED); i = X509_STORE_CTX_get_error(xs_ctx); ERR_add_error_data(2, "Verify error:", X509_verify_cert_error_string(i)); @@ -932,7 +930,7 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) x = sk_X509_value(chain, i); rv = ssl_security_cert(s, ctx, x, 0, 0); if (rv != 1) { - SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, rv); + ERR_raise(ERR_LIB_SSL, rv); sk_X509_pop_free(chain, X509_free); rv = 0; goto err; diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 984578c05b..ee1cba034c 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -947,7 +947,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, number_uses = OPENSSL_zalloc(sizeof(int) * (max_strength_bits + 1)); if (number_uses == NULL) { - SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } @@ -1044,7 +1044,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str, * it is no command or separator nor * alphanumeric, so we call this an error. */ - SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_COMMAND); retval = found = 0; l++; break; @@ -1202,14 +1202,13 @@ static int ssl_cipher_process_rulestr(const char *rule_str, } else if (buflen == 10 && strncmp(buf, "SECLEVEL=", 9) == 0) { int level = buf[9] - '0'; if (level < 0 || level > 5) { - SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, - SSL_R_INVALID_COMMAND); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_COMMAND); } else { c->sec_level = level; ok = 1; } } else { - SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_COMMAND); } if (ok == 0) retval = 0; @@ -1265,8 +1264,7 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c, /* Check version: if TLS 1.2 ciphers allowed we can use Suite B */ if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)) { - SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, - SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE); + ERR_raise(ERR_LIB_SSL, SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE); return 0; } # ifndef OPENSSL_NO_EC @@ -1287,7 +1285,7 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c, } return 1; # else - SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE); + ERR_raise(ERR_LIB_SSL, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE); return 0; # endif } @@ -1301,7 +1299,7 @@ static int ciphersuite_cb(const char *elem, int len, void *arg) char name[80]; if (len > (int)(sizeof(name) - 1)) { - SSLerr(SSL_F_CIPHERSUITE_CB, SSL_R_NO_CIPHER_MATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH); return 0; } @@ -1310,12 +1308,12 @@ static int ciphersuite_cb(const char *elem, int len, void *arg) cipher = ssl3_get_cipher_by_std_name(name); if (cipher == NULL) { - SSLerr(SSL_F_CIPHERSUITE_CB, SSL_R_NO_CIPHER_MATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH); return 0; } if (!sk_SSL_CIPHER_push(ciphersuites, cipher)) { - SSLerr(SSL_F_CIPHERSUITE_CB, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -1462,7 +1460,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers); if (co_list == NULL) { - SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; /* Failure */ } @@ -1576,7 +1574,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max); if (ca_list == NULL) { OPENSSL_free(co_list); - SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; /* Failure */ } ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, @@ -1675,7 +1673,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) if (buf == NULL) { len = 128; if ((buf = OPENSSL_malloc(len)) == NULL) { - SSLerr(SSL_F_SSL_CIPHER_DESCRIPTION, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } } else if (len < 128) { @@ -2014,14 +2012,13 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) * 193 to 255: reserved for private use */ if (id < 193 || id > 255) { - SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, - SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); + ERR_raise(ERR_LIB_SSL, SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); return 1; } comp = OPENSSL_malloc(sizeof(*comp)); if (comp == NULL) { - SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 1; } @@ -2030,13 +2027,12 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) load_builtin_compressions(); if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) { OPENSSL_free(comp); - SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, - SSL_R_DUPLICATE_COMPRESSION_ID); + ERR_raise(ERR_LIB_SSL, SSL_R_DUPLICATE_COMPRESSION_ID); return 1; } if (ssl_comp_methods == NULL || !sk_SSL_COMP_push(ssl_comp_methods, comp)) { OPENSSL_free(comp); - SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 1; } return 0; diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 8151213938..13fcb074d5 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -851,7 +851,7 @@ int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value) { const ssl_conf_cmd_tbl *runcmd; if (cmd == NULL) { - SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_INVALID_NULL_CMD_NAME); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_NULL_CMD_NAME); return 0; } @@ -873,14 +873,14 @@ int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value) if (rv == -2) return -2; if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) { - SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_BAD_VALUE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_VALUE); ERR_add_error_data(4, "cmd=", cmd, ", value=", value); } return 0; } if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) { - SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_UNKNOWN_CMD_NAME); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_CMD_NAME); ERR_add_error_data(2, "cmd=", cmd); } diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c index c48a17b546..73b0ce2b4d 100644 --- a/ssl/ssl_init.c +++ b/ssl/ssl_init.c @@ -111,7 +111,7 @@ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS * settings) * sets an error etc */ stoperrset = 1; - SSLerr(SSL_F_OPENSSL_INIT_SSL, ERR_R_INIT_FAIL); + ERR_raise(ERR_LIB_SSL, ERR_R_INIT_FAIL); } return 0; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 2c6b28aacf..039a9b9713 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -126,7 +126,7 @@ static int dane_ctx_enable(struct dane_ctx_st *dctx) if (mdord == NULL || mdevp == NULL) { OPENSSL_free(mdord); OPENSSL_free(mdevp); - SSLerr(SSL_F_DANE_CTX_ENABLE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } @@ -200,7 +200,7 @@ static int ssl_dane_dup(SSL *to, SSL *from) to->dane.trecs = sk_danetls_record_new_reserve(NULL, num); if (to->dane.trecs == NULL) { - SSLerr(SSL_F_SSL_DANE_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } @@ -220,7 +220,7 @@ static int dane_mtype_set(struct dane_ctx_st *dctx, int i; if (mtype == DANETLS_MATCHING_FULL && md != NULL) { - SSLerr(SSL_F_DANE_MTYPE_SET, SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL); return 0; } @@ -231,14 +231,14 @@ static int dane_mtype_set(struct dane_ctx_st *dctx, mdevp = OPENSSL_realloc(dctx->mdevp, n * sizeof(*mdevp)); if (mdevp == NULL) { - SSLerr(SSL_F_DANE_MTYPE_SET, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return -1; } dctx->mdevp = mdevp; mdord = OPENSSL_realloc(dctx->mdord, n * sizeof(*mdord)); if (mdord == NULL) { - SSLerr(SSL_F_DANE_MTYPE_SET, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return -1; } dctx->mdord = mdord; @@ -278,44 +278,44 @@ static int dane_tlsa_add(SSL_DANE *dane, int num; if (dane->trecs == NULL) { - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_NOT_ENABLED); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_NOT_ENABLED); return -1; } if (ilen < 0 || dlen != (size_t)ilen) { - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_BAD_DATA_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DATA_LENGTH); return 0; } if (usage > DANETLS_USAGE_LAST) { - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE); return 0; } if (selector > DANETLS_SELECTOR_LAST) { - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_BAD_SELECTOR); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_SELECTOR); return 0; } if (mtype != DANETLS_MATCHING_FULL) { md = tlsa_md_get(dane, mtype); if (md == NULL) { - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_BAD_MATCHING_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_MATCHING_TYPE); return 0; } } if (md != NULL && dlen != (size_t)EVP_MD_size(md)) { - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH); return 0; } if (!data) { - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_NULL_DATA); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_NULL_DATA); return 0; } if ((t = OPENSSL_zalloc(sizeof(*t))) == NULL) { - SSLerr(SSL_F_DANE_TLSA_ADD, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return -1; } @@ -325,7 +325,7 @@ static int dane_tlsa_add(SSL_DANE *dane, t->data = OPENSSL_malloc(dlen); if (t->data == NULL) { tlsa_free(t); - SSLerr(SSL_F_DANE_TLSA_ADD, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return -1; } memcpy(t->data, data, dlen); @@ -342,12 +342,12 @@ static int dane_tlsa_add(SSL_DANE *dane, if (!d2i_X509(&cert, &p, ilen) || p < data || dlen != (size_t)(p - data)) { tlsa_free(t); - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_BAD_CERTIFICATE); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE); return 0; } if (X509_get0_pubkey(cert) == NULL) { tlsa_free(t); - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_BAD_CERTIFICATE); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE); return 0; } @@ -366,7 +366,7 @@ static int dane_tlsa_add(SSL_DANE *dane, if ((dane->certs == NULL && (dane->certs = sk_X509_new_null()) == NULL) || !sk_X509_push(dane->certs, cert)) { - SSLerr(SSL_F_DANE_TLSA_ADD, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); X509_free(cert); tlsa_free(t); return -1; @@ -377,7 +377,7 @@ static int dane_tlsa_add(SSL_DANE *dane, if (!d2i_PUBKEY(&pkey, &p, ilen) || p < data || dlen != (size_t)(p - data)) { tlsa_free(t); - SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_TLSA_BAD_PUBLIC_KEY); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_PUBLIC_KEY); return 0; } @@ -427,7 +427,7 @@ static int dane_tlsa_add(SSL_DANE *dane, if (!sk_danetls_record_insert(dane->trecs, t, i)) { tlsa_free(t); - SSLerr(SSL_F_DANE_TLSA_ADD, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return -1; } dane->umask |= DANETLS_USAGE_BIT(usage); @@ -569,7 +569,7 @@ static void clear_ciphers(SSL *s) int SSL_clear(SSL *s) { if (s->method == NULL) { - SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_METHOD_SPECIFIED); return 0; } @@ -590,7 +590,7 @@ int SSL_clear(SSL *s) s->shutdown = 0; if (s->renegotiate) { - SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -653,7 +653,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) ctx->method = meth; if (!SSL_CTX_set_ciphersuites(ctx, OSSL_default_ciphersuites())) { - SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); return 0; } sk = ssl_create_cipher_list(ctx->method, @@ -662,7 +662,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) &(ctx->cipher_list_by_id), OSSL_default_cipher_list(), ctx->cert); if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { - SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); return 0; } return 1; @@ -674,11 +674,11 @@ SSL *SSL_new(SSL_CTX *ctx) SSL *s; if (ctx == NULL) { - SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX); + ERR_raise(ERR_LIB_SSL, SSL_R_NULL_SSL_CTX); return NULL; } if (ctx->method == NULL) { - SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); return NULL; } @@ -846,7 +846,7 @@ SSL *SSL_new(SSL_CTX *ctx) return s; err: SSL_free(s); - SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -871,8 +871,7 @@ int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, unsigned int sid_ctx_len) { if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { - SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, - SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); return 0; } ctx->sid_ctx_length = sid_ctx_len; @@ -885,8 +884,7 @@ int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, unsigned int sid_ctx_len) { if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { - SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT, - SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); return 0; } ssl->sid_ctx_length = sid_ctx_len; @@ -1031,11 +1029,11 @@ int SSL_dane_enable(SSL *s, const char *basedomain) SSL_DANE *dane = &s->dane; if (s->ctx->dane.mdmax == 0) { - SSLerr(SSL_F_SSL_DANE_ENABLE, SSL_R_CONTEXT_NOT_DANE_ENABLED); + ERR_raise(ERR_LIB_SSL, SSL_R_CONTEXT_NOT_DANE_ENABLED); return 0; } if (dane->trecs != NULL) { - SSLerr(SSL_F_SSL_DANE_ENABLE, SSL_R_DANE_ALREADY_ENABLED); + ERR_raise(ERR_LIB_SSL, SSL_R_DANE_ALREADY_ENABLED); return 0; } @@ -1046,14 +1044,14 @@ int SSL_dane_enable(SSL *s, const char *basedomain) */ if (s->ext.hostname == NULL) { if (!SSL_set_tlsext_host_name(s, basedomain)) { - SSLerr(SSL_F_SSL_DANE_ENABLE, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN); + ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN); return -1; } } /* Primary RFC6125 reference identifier */ if (!X509_VERIFY_PARAM_set1_host(s->param, basedomain, 0)) { - SSLerr(SSL_F_SSL_DANE_ENABLE, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN); + ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN); return -1; } @@ -1063,7 +1061,7 @@ int SSL_dane_enable(SSL *s, const char *basedomain) dane->trecs = sk_danetls_record_new_null(); if (dane->trecs == NULL) { - SSLerr(SSL_F_SSL_DANE_ENABLE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return -1; } return 1; @@ -1379,7 +1377,7 @@ int SSL_set_fd(SSL *s, int fd) bio = BIO_new(BIO_s_socket()); if (bio == NULL) { - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto err; } BIO_set_fd(bio, fd, BIO_NOCLOSE); @@ -1407,7 +1405,7 @@ int SSL_set_wfd(SSL *s, int fd) BIO *bio = BIO_new(BIO_s_socket()); if (bio == NULL) { - SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); return 0; } BIO_set_fd(bio, fd, BIO_NOCLOSE); @@ -1437,7 +1435,7 @@ int SSL_set_rfd(SSL *s, int fd) BIO *bio = BIO_new(BIO_s_socket()); if (bio == NULL) { - SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); return 0; } BIO_set_fd(bio, fd, BIO_NOCLOSE); @@ -1630,11 +1628,11 @@ int SSL_copy_session_id(SSL *t, const SSL *f) int SSL_CTX_check_private_key(const SSL_CTX *ctx) { if ((ctx == NULL) || (ctx->cert->key->x509 == NULL)) { - SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); return 0; } if (ctx->cert->key->privatekey == NULL) { - SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED); return 0; } return X509_check_private_key @@ -1645,15 +1643,15 @@ int SSL_CTX_check_private_key(const SSL_CTX *ctx) int SSL_check_private_key(const SSL *ssl) { if (ssl == NULL) { - SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ssl->cert->key->x509 == NULL) { - SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); return 0; } if (ssl->cert->key->privatekey == NULL) { - SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED); return 0; } return X509_check_private_key(ssl->cert->key->x509, @@ -1771,7 +1769,7 @@ static int ssl_start_async_job(SSL *s, struct ssl_async_args *args, sizeof(struct ssl_async_args))) { case ASYNC_ERR: s->rwstate = SSL_NOTHING; - SSLerr(SSL_F_SSL_START_ASYNC_JOB, SSL_R_FAILED_TO_INIT_ASYNC); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_INIT_ASYNC); return -1; case ASYNC_PAUSE: s->rwstate = SSL_ASYNC_PAUSED; @@ -1784,7 +1782,7 @@ static int ssl_start_async_job(SSL *s, struct ssl_async_args *args, return ret; default: s->rwstate = SSL_NOTHING; - SSLerr(SSL_F_SSL_START_ASYNC_JOB, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); /* Shouldn't happen */ return -1; } @@ -1815,7 +1813,7 @@ static int ssl_io_intern(void *vargs) int ssl_read_internal(SSL *s, void *buf, size_t num, size_t *readbytes) { if (s->handshake_func == NULL) { - SSLerr(SSL_F_SSL_READ_INTERNAL, SSL_R_UNINITIALIZED); + ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); return -1; } @@ -1826,7 +1824,7 @@ int ssl_read_internal(SSL *s, void *buf, size_t num, size_t *readbytes) if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY || s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY) { - SSLerr(SSL_F_SSL_READ_INTERNAL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } /* @@ -1859,7 +1857,7 @@ int SSL_read(SSL *s, void *buf, int num) size_t readbytes; if (num < 0) { - SSLerr(SSL_F_SSL_READ, SSL_R_BAD_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); return -1; } @@ -1889,15 +1887,14 @@ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes) int ret; if (!s->server) { - SSLerr(SSL_F_SSL_READ_EARLY_DATA, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return SSL_READ_EARLY_DATA_ERROR; } switch (s->early_data_state) { case SSL_EARLY_DATA_NONE: if (!SSL_in_before(s)) { - SSLerr(SSL_F_SSL_READ_EARLY_DATA, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return SSL_READ_EARLY_DATA_ERROR; } /* fall through */ @@ -1934,7 +1931,7 @@ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes) return SSL_READ_EARLY_DATA_FINISH; default: - SSLerr(SSL_F_SSL_READ_EARLY_DATA, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return SSL_READ_EARLY_DATA_ERROR; } } @@ -1947,7 +1944,7 @@ int SSL_get_early_data_status(const SSL *s) static int ssl_peek_internal(SSL *s, void *buf, size_t num, size_t *readbytes) { if (s->handshake_func == NULL) { - SSLerr(SSL_F_SSL_PEEK_INTERNAL, SSL_R_UNINITIALIZED); + ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); return -1; } @@ -1978,7 +1975,7 @@ int SSL_peek(SSL *s, void *buf, int num) size_t readbytes; if (num < 0) { - SSLerr(SSL_F_SSL_PEEK, SSL_R_BAD_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); return -1; } @@ -2007,20 +2004,20 @@ int SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *readbytes) int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written) { if (s->handshake_func == NULL) { - SSLerr(SSL_F_SSL_WRITE_INTERNAL, SSL_R_UNINITIALIZED); + ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); return -1; } if (s->shutdown & SSL_SENT_SHUTDOWN) { s->rwstate = SSL_NOTHING; - SSLerr(SSL_F_SSL_WRITE_INTERNAL, SSL_R_PROTOCOL_IS_SHUTDOWN); + ERR_raise(ERR_LIB_SSL, SSL_R_PROTOCOL_IS_SHUTDOWN); return -1; } if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY || s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY || s->early_data_state == SSL_EARLY_DATA_READ_RETRY) { - SSLerr(SSL_F_SSL_WRITE_INTERNAL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } /* If we are a client and haven't sent the Finished we better do that */ @@ -2049,18 +2046,18 @@ ossl_ssize_t SSL_sendfile(SSL *s, int fd, off_t offset, size_t size, int flags) ossl_ssize_t ret; if (s->handshake_func == NULL) { - SSLerr(SSL_F_SSL_SENDFILE, SSL_R_UNINITIALIZED); + ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); return -1; } if (s->shutdown & SSL_SENT_SHUTDOWN) { s->rwstate = SSL_NOTHING; - SSLerr(SSL_F_SSL_SENDFILE, SSL_R_PROTOCOL_IS_SHUTDOWN); + ERR_raise(ERR_LIB_SSL, SSL_R_PROTOCOL_IS_SHUTDOWN); return -1; } if (!BIO_get_ktls_send(s->wbio)) { - SSLerr(SSL_F_SSL_SENDFILE, SSL_R_UNINITIALIZED); + ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); return -1; } @@ -2100,7 +2097,7 @@ ossl_ssize_t SSL_sendfile(SSL *s, int fd, off_t offset, size_t size, int flags) BIO_set_retry_write(s->wbio); else #endif - SSLerr(SSL_F_SSL_SENDFILE, SSL_R_UNINITIALIZED); + ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); return ret; } s->rwstate = SSL_NOTHING; @@ -2114,7 +2111,7 @@ int SSL_write(SSL *s, const void *buf, int num) size_t written; if (num < 0) { - SSLerr(SSL_F_SSL_WRITE, SSL_R_BAD_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); return -1; } @@ -2151,8 +2148,7 @@ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written) || !SSL_in_before(s) || ((s->session == NULL || s->session->ext.max_early_data == 0) && (s->psk_use_session_cb == NULL))) { - SSLerr(SSL_F_SSL_WRITE_EARLY_DATA, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } /* fall through */ @@ -2206,7 +2202,7 @@ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written) return ret; default: - SSLerr(SSL_F_SSL_WRITE_EARLY_DATA, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } } @@ -2221,7 +2217,7 @@ int SSL_shutdown(SSL *s) */ if (s->handshake_func == NULL) { - SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED); + ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); return -1; } @@ -2238,7 +2234,7 @@ int SSL_shutdown(SSL *s) return s->method->ssl_shutdown(s); } } else { - SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_SHUTDOWN_WHILE_IN_INIT); + ERR_raise(ERR_LIB_SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT); return -1; } } @@ -2251,18 +2247,18 @@ int SSL_key_update(SSL *s, int updatetype) * of SSL_renegotiate(). */ if (!SSL_IS_TLS13(s)) { - SSLerr(SSL_F_SSL_KEY_UPDATE, SSL_R_WRONG_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); return 0; } if (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED && updatetype != SSL_KEY_UPDATE_REQUESTED) { - SSLerr(SSL_F_SSL_KEY_UPDATE, SSL_R_INVALID_KEY_UPDATE_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_KEY_UPDATE_TYPE); return 0; } if (!SSL_is_init_finished(s)) { - SSLerr(SSL_F_SSL_KEY_UPDATE, SSL_R_STILL_IN_INIT); + ERR_raise(ERR_LIB_SSL, SSL_R_STILL_IN_INIT); return 0; } @@ -2279,12 +2275,12 @@ int SSL_get_key_update_type(const SSL *s) int SSL_renegotiate(SSL *s) { if (SSL_IS_TLS13(s)) { - SSLerr(SSL_F_SSL_RENEGOTIATE, SSL_R_WRONG_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); return 0; } if ((s->options & SSL_OP_NO_RENEGOTIATION)) { - SSLerr(SSL_F_SSL_RENEGOTIATE, SSL_R_NO_RENEGOTIATION); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION); return 0; } @@ -2297,12 +2293,12 @@ int SSL_renegotiate(SSL *s) int SSL_renegotiate_abbreviated(SSL *s) { if (SSL_IS_TLS13(s)) { - SSLerr(SSL_F_SSL_RENEGOTIATE_ABBREVIATED, SSL_R_WRONG_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); return 0; } if ((s->options & SSL_OP_NO_RENEGOTIATION)) { - SSLerr(SSL_F_SSL_RENEGOTIATE_ABBREVIATED, SSL_R_NO_RENEGOTIATION); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION); return 0; } @@ -2718,7 +2714,7 @@ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) if (sk == NULL) return 0; else if (cipher_list_tls12_num(sk) == 0) { - SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH); return 0; } return 1; @@ -2736,7 +2732,7 @@ int SSL_set_cipher_list(SSL *s, const char *str) if (sk == NULL) return 0; else if (cipher_list_tls12_num(sk) == 0) { - SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH); return 0; } return 1; @@ -2995,7 +2991,7 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, OPENSSL_free(ctx->ext.alpn); ctx->ext.alpn = OPENSSL_memdup(protos, protos_len); if (ctx->ext.alpn == NULL) { - SSLerr(SSL_F_SSL_CTX_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 1; } ctx->ext.alpn_len = protos_len; @@ -3014,7 +3010,7 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, OPENSSL_free(ssl->ext.alpn); ssl->ext.alpn = OPENSSL_memdup(protos, protos_len); if (ssl->ext.alpn == NULL) { - SSLerr(SSL_F_SSL_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 1; } ssl->ext.alpn_len = protos_len; @@ -3126,7 +3122,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, SSL_CTX *ret = NULL; if (meth == NULL) { - SSLerr(0, SSL_R_NULL_SSL_METHOD_PASSED); + ERR_raise(ERR_LIB_SSL, SSL_R_NULL_SSL_METHOD_PASSED); return NULL; } @@ -3134,7 +3130,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, return NULL; if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { - SSLerr(0, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); + ERR_raise(ERR_LIB_SSL, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); goto err; } ret = OPENSSL_zalloc(sizeof(*ret)); @@ -3159,7 +3155,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(ret); return NULL; } @@ -3199,7 +3195,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, &ret->cipher_list, &ret->cipher_list_by_id, OSSL_default_cipher_list(), ret->cert) || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { - SSLerr(0, SSL_R_LIBRARY_HAS_NO_CIPHERS); + ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS); goto err2; } @@ -3320,7 +3316,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, return ret; err: - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); err2: SSL_CTX_free(ret); return NULL; @@ -3616,8 +3612,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA) { /* key usage, if present, must allow signing */ if (!(X509_get_key_usage(x) & X509v3_KU_DIGITAL_SIGNATURE)) { - SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, - SSL_R_ECC_CERT_NOT_FOR_SIGNING); + ERR_raise(ERR_LIB_SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING); return 0; } } @@ -3843,7 +3838,7 @@ int SSL_do_handshake(SSL *s) int ret = 1; if (s->handshake_func == NULL) { - SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET); + ERR_raise(ERR_LIB_SSL, SSL_R_CONNECTION_TYPE_NOT_SET); return -1; } @@ -3885,14 +3880,13 @@ void SSL_set_connect_state(SSL *s) int ssl_undefined_function(SSL *s) { - SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } int ssl_undefined_void_function(void) { - SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -3903,7 +3897,7 @@ int ssl_undefined_const_function(const SSL *s) const SSL_METHOD *ssl_bad_method(int ver) { - SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } @@ -4171,7 +4165,7 @@ int ssl_init_wbio_buffer(SSL *s) bbio = BIO_new(BIO_f_buffer()); if (bbio == NULL || !BIO_set_read_buffer_size(bbio, 1)) { BIO_free(bbio); - SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); return 0; } s->bbio = bbio; @@ -4512,7 +4506,7 @@ void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export, int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint) { if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { - SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG); + ERR_raise(ERR_LIB_SSL, SSL_R_DATA_LENGTH_TOO_LONG); return 0; } OPENSSL_free(ctx->cert->psk_identity_hint); @@ -4531,7 +4525,7 @@ int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint) return 0; if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { - SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG); + ERR_raise(ERR_LIB_SSL, SSL_R_DATA_LENGTH_TOO_LONG); return 0; } OPENSSL_free(s->cert->psk_identity_hint); @@ -4934,7 +4928,7 @@ static int ct_move_scts(STACK_OF(SCT) **dst, STACK_OF(SCT) *src, if (*dst == NULL) { *dst = sk_SCT_new_null(); if (*dst == NULL) { - SSLerr(SSL_F_CT_MOVE_SCTS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -5091,7 +5085,7 @@ static int ct_strict(const CT_POLICY_EVAL_CTX * ctx, if (status == SCT_VALIDATION_STATUS_VALID) return 1; } - SSLerr(SSL_F_CT_STRICT, SSL_R_NO_VALID_SCTS); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_VALID_SCTS); return 0; } @@ -5105,8 +5099,7 @@ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback, if (callback != NULL && SSL_CTX_has_client_custom_ext(s->ctx, TLSEXT_TYPE_signed_certificate_timestamp)) { - SSLerr(SSL_F_SSL_SET_CT_VALIDATION_CALLBACK, - SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED); + ERR_raise(ERR_LIB_SSL, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED); return 0; } @@ -5134,8 +5127,7 @@ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx, if (callback != NULL && SSL_CTX_has_client_custom_ext(ctx, TLSEXT_TYPE_signed_certificate_timestamp)) { - SSLerr(SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK, - SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED); + ERR_raise(ERR_LIB_SSL, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED); return 0; } @@ -5260,7 +5252,7 @@ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode) { switch (validation_mode) { default: - SSLerr(SSL_F_SSL_CTX_ENABLE_CT, SSL_R_INVALID_CT_VALIDATION_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CT_VALIDATION_TYPE); return 0; case SSL_CT_VALIDATION_PERMISSIVE: return SSL_CTX_set_ct_validation_callback(ctx, ct_permissive, NULL); @@ -5273,7 +5265,7 @@ int SSL_enable_ct(SSL *s, int validation_mode) { switch (validation_mode) { default: - SSLerr(SSL_F_SSL_ENABLE_CT, SSL_R_INVALID_CT_VALIDATION_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CT_VALIDATION_TYPE); return 0; case SSL_CT_VALIDATION_PERMISSIVE: return SSL_set_ct_validation_callback(s, ct_permissive, NULL); @@ -5381,8 +5373,7 @@ int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen) return 1; } if ((present = OPENSSL_malloc(sizeof(*present) * num)) == NULL) { - SSLerr(SSL_F_SSL_CLIENT_HELLO_GET1_EXTENSIONS_PRESENT, - ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } for (i = 0; i < s->clienthello->pre_proc_exts_len; i++) { @@ -5638,7 +5629,7 @@ int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites, SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_BYTES_TO_CIPHER_LIST, SSL_R_NO_CIPHERS_SPECIFIED); else - SSLerr(SSL_F_BYTES_TO_CIPHER_LIST, SSL_R_NO_CIPHERS_SPECIFIED); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHERS_SPECIFIED); return 0; } @@ -5647,8 +5638,7 @@ int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites, SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_BYTES_TO_CIPHER_LIST, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); else - SSLerr(SSL_F_BYTES_TO_CIPHER_LIST, - SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); + ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); return 0; } @@ -5659,7 +5649,7 @@ int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites, SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); else - SSLerr(SSL_F_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } @@ -5681,7 +5671,7 @@ int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites, SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); else - SSLerr(SSL_F_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } } @@ -5691,7 +5681,7 @@ int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites, SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_BYTES_TO_CIPHER_LIST, SSL_R_BAD_LENGTH); else - SSLerr(SSL_F_BYTES_TO_CIPHER_LIST, SSL_R_BAD_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); goto err; } @@ -5819,34 +5809,34 @@ void SSL_set_post_handshake_auth(SSL *ssl, int val) int SSL_verify_client_post_handshake(SSL *ssl) { if (!SSL_IS_TLS13(ssl)) { - SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_WRONG_SSL_VERSION); + ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); return 0; } if (!ssl->server) { - SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_NOT_SERVER); + ERR_raise(ERR_LIB_SSL, SSL_R_NOT_SERVER); return 0; } if (!SSL_is_init_finished(ssl)) { - SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_STILL_IN_INIT); + ERR_raise(ERR_LIB_SSL, SSL_R_STILL_IN_INIT); return 0; } switch (ssl->post_handshake_auth) { case SSL_PHA_NONE: - SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_EXTENSION_NOT_RECEIVED); + ERR_raise(ERR_LIB_SSL, SSL_R_EXTENSION_NOT_RECEIVED); return 0; default: case SSL_PHA_EXT_SENT: - SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; case SSL_PHA_EXT_RECEIVED: break; case SSL_PHA_REQUEST_PENDING: - SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_REQUEST_PENDING); + ERR_raise(ERR_LIB_SSL, SSL_R_REQUEST_PENDING); return 0; case SSL_PHA_REQUESTED: - SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_REQUEST_SENT); + ERR_raise(ERR_LIB_SSL, SSL_R_REQUEST_SENT); return 0; } @@ -5855,7 +5845,7 @@ int SSL_verify_client_post_handshake(SSL *ssl) /* checks verify_mode and algorithm_auth */ if (!send_certificate_request(ssl)) { ssl->post_handshake_auth = SSL_PHA_EXT_RECEIVED; /* restore on error */ - SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_INVALID_CONFIG); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CONFIG); return 0; } diff --git a/ssl/ssl_mcnf.c b/ssl/ssl_mcnf.c index 82003ba69e..2b8ef12592 100644 --- a/ssl/ssl_mcnf.c +++ b/ssl/ssl_mcnf.c @@ -32,7 +32,7 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) OSSL_LIB_CTX *libctx = NULL; if (s == NULL && ctx == NULL) { - SSLerr(SSL_F_SSL_DO_CONFIG, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); goto err; } @@ -40,7 +40,7 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) name = "system_default"; if (!conf_ssl_name_find(name, &idx)) { if (!system) { - SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_INVALID_CONFIGURATION_NAME); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CONFIGURATION_NAME); ERR_add_error_data(2, "name=", name); } goto err; @@ -74,9 +74,9 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) rv = SSL_CONF_cmd(cctx, cmdstr, arg); if (rv <= 0) { if (rv == -2) - SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_UNKNOWN_COMMAND); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_COMMAND); else - SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_BAD_VALUE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_VALUE); ERR_add_error_data(6, "section=", name, ", cmd=", cmdstr, ", arg=", arg); goto err; diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 51604b8a87..17e10eef6a 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -29,13 +29,13 @@ int SSL_use_certificate(SSL *ssl, X509 *x) { int rv; if (x == NULL) { - SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } rv = ssl_security_cert(ssl, NULL, x, 0, 1); if (rv != 1) { - SSLerr(SSL_F_SSL_USE_CERTIFICATE, rv); + ERR_raise(ERR_LIB_SSL, rv); return 0; } @@ -51,22 +51,22 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto end; } if (type != SSL_FILETYPE_ASN1 && type != SSL_FILETYPE_PEM) { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq); if (x == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto end; } if (type == SSL_FILETYPE_ASN1) { @@ -77,12 +77,12 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) cert = PEM_read_bio_X509(in, &x, ssl->default_passwd_callback, ssl->default_passwd_callback_userdata); } else { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (cert == NULL) { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j); + ERR_raise(ERR_LIB_SSL, j); goto end; } @@ -100,13 +100,13 @@ int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq); if (x == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } if (d2i_X509(&x, &d, (long)len)== NULL) { X509_free(x); - SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); return 0; } @@ -122,11 +122,11 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) int ret; if (rsa == NULL) { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } if ((pkey = EVP_PKEY_new()) == NULL) { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_EVP_LIB); return 0; } @@ -148,7 +148,7 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) size_t i; if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) { - SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); return 0; } @@ -156,7 +156,7 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) EVP_PKEY *pktmp; pktmp = X509_get0_pubkey(c->pkeys[i].x509); if (pktmp == NULL) { - SSLerr(SSL_F_SSL_SET_PKEY, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } /* @@ -189,12 +189,12 @@ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto end; } if (type == SSL_FILETYPE_ASN1) { @@ -206,11 +206,11 @@ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) ssl->default_passwd_callback, ssl->default_passwd_callback_userdata); } else { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (rsa == NULL) { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j); + ERR_raise(ERR_LIB_SSL, j); goto end; } ret = SSL_use_RSAPrivateKey(ssl, rsa); @@ -228,7 +228,7 @@ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len) p = d; if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); return 0; } @@ -243,7 +243,7 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) int ret; if (pkey == NULL) { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } ret = ssl_set_pkey(ssl->cert, pkey); @@ -258,12 +258,12 @@ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto end; } if (type == SSL_FILETYPE_PEM) { @@ -278,11 +278,11 @@ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) pkey = d2i_PrivateKey_ex_bio(in, NULL, ssl->ctx->libctx, ssl->ctx->propq); } else { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (pkey == NULL) { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j); + ERR_raise(ERR_LIB_SSL, j); goto end; } ret = SSL_use_PrivateKey(ssl, pkey); @@ -302,7 +302,7 @@ int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, p = d; if ((pkey = d2i_PrivateKey_ex(type, NULL, &p, (long)len, ssl->ctx->libctx, ssl->ctx->propq)) == NULL) { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); return 0; } @@ -315,13 +315,13 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) { int rv; if (x == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } rv = ssl_security_cert(NULL, ctx, x, 0, 1); if (rv != 1) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, rv); + ERR_raise(ERR_LIB_SSL, rv); return 0; } return ssl_set_cert(ctx->cert, x); @@ -334,17 +334,17 @@ static int ssl_set_cert(CERT *c, X509 *x) pkey = X509_get0_pubkey(x); if (pkey == NULL) { - SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB); + ERR_raise(ERR_LIB_SSL, SSL_R_X509_LIB); return 0; } if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) { - SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); return 0; } #ifndef OPENSSL_NO_EC if (i == SSL_PKEY_ECC && !EVP_PKEY_can_sign(pkey)) { - SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING); + ERR_raise(ERR_LIB_SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING); return 0; } #endif @@ -386,21 +386,21 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto end; } if (type != SSL_FILETYPE_ASN1 && type != SSL_FILETYPE_PEM) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } x = X509_new_ex(ctx->libctx, ctx->propq); if (x == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto end; } if (type == SSL_FILETYPE_ASN1) { @@ -412,7 +412,7 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) ctx->default_passwd_callback_userdata); } if (cert == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j); + ERR_raise(ERR_LIB_SSL, j); goto end; } @@ -430,13 +430,13 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) x = X509_new_ex(ctx->libctx, ctx->propq); if (x == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } if (d2i_X509(&x, &d, (long)len) == NULL) { X509_free(x); - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); return 0; } @@ -452,11 +452,11 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) EVP_PKEY *pkey; if (rsa == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } if ((pkey = EVP_PKEY_new()) == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_EVP_LIB); return 0; } @@ -480,12 +480,12 @@ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto end; } if (type == SSL_FILETYPE_ASN1) { @@ -497,11 +497,11 @@ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) ctx->default_passwd_callback, ctx->default_passwd_callback_userdata); } else { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (rsa == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j); + ERR_raise(ERR_LIB_SSL, j); goto end; } ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa); @@ -520,7 +520,7 @@ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, p = d; if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); return 0; } @@ -533,7 +533,7 @@ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) { if (pkey == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } return ssl_set_pkey(ctx->cert, pkey); @@ -547,12 +547,12 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto end; } if (type == SSL_FILETYPE_PEM) { @@ -565,11 +565,11 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) j = ERR_R_ASN1_LIB; pkey = d2i_PrivateKey_ex_bio(in, NULL, ctx->libctx, ctx->propq); } else { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE); goto end; } if (pkey == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j); + ERR_raise(ERR_LIB_SSL, j); goto end; } ret = SSL_CTX_use_PrivateKey(ctx, pkey); @@ -589,7 +589,7 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, p = d; if ((pkey = d2i_PrivateKey_ex(type, NULL, &p, (long)len, ctx->libctx, ctx->propq)) == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); return 0; } @@ -625,23 +625,23 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) in = BIO_new(BIO_s_file()); if (in == NULL) { - SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { - SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto end; } x = X509_new_ex(real_ctx->libctx, real_ctx->propq); if (x == NULL) { - SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto end; } if (PEM_read_bio_X509_AUX(in, &x, passwd_callback, passwd_callback_userdata) == NULL) { - SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_PEM_LIB); goto end; } @@ -675,7 +675,7 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) while (1) { ca = X509_new_ex(real_ctx->libctx, real_ctx->propq); if (ca == NULL) { - SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto end; } if (PEM_read_bio_X509(in, &ca, passwd_callback, @@ -895,22 +895,22 @@ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version, unsigned char *new_serverinfo; if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length, NULL)) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SERVERINFO_DATA); return 0; } if (ctx->cert->key == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo, serverinfo_length); if (new_serverinfo == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } ctx->cert->key->serverinfo = new_serverinfo; @@ -923,7 +923,7 @@ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version, */ if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length, ctx)) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA); + ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SERVERINFO_DATA); return 0; } return 1; @@ -953,17 +953,17 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) size_t num_extensions = 0, contextoff = 0; if (ctx == NULL || file == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); goto end; } bin = BIO_new(BIO_s_file()); if (bin == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(bin, file) <= 0) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_SYS_LIB); goto end; } @@ -976,8 +976,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) * There must be at least one extension in this file */ if (num_extensions == 0) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, - SSL_R_NO_PEM_EXTENSIONS); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_PEM_EXTENSIONS); goto end; } else /* End of file, we're done */ break; @@ -985,20 +984,18 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */ name_len = strlen(name); if (name_len < sizeof(namePrefix1) - 1) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT); + ERR_raise(ERR_LIB_SSL, SSL_R_PEM_NAME_TOO_SHORT); goto end; } if (strncmp(name, namePrefix1, sizeof(namePrefix1) - 1) == 0) { version = SSL_SERVERINFOV1; } else { if (name_len < sizeof(namePrefix2) - 1) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, - SSL_R_PEM_NAME_TOO_SHORT); + ERR_raise(ERR_LIB_SSL, SSL_R_PEM_NAME_TOO_SHORT); goto end; } if (strncmp(name, namePrefix2, sizeof(namePrefix2) - 1) != 0) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, - SSL_R_PEM_NAME_BAD_PREFIX); + ERR_raise(ERR_LIB_SSL, SSL_R_PEM_NAME_BAD_PREFIX); goto end; } version = SSL_SERVERINFOV2; @@ -1011,7 +1008,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) if (extension_length < 4 || (extension[2] << 8) + extension[3] != extension_length - 4) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_DATA); goto end; } /* @@ -1024,7 +1021,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) if (extension_length < 8 || (extension[6] << 8) + extension[7] != extension_length - 8) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_DATA); goto end; } } @@ -1032,7 +1029,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) tmp = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length + contextoff); if (tmp == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto end; } serverinfo = tmp; @@ -1083,13 +1080,13 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr /* Do all security checks before anything else */ rv = ssl_security_cert(ssl, ctx, x509, 0, 1); if (rv != 1) { - SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv); + ERR_raise(ERR_LIB_SSL, rv); goto out; } for (j = 0; j < sk_X509_num(chain); j++) { rv = ssl_security_cert(ssl, ctx, sk_X509_value(chain, j), 0, 0); if (rv != 1) { - SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv); + ERR_raise(ERR_LIB_SSL, rv); goto out; } } @@ -1104,7 +1101,7 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr if (EVP_PKEY_missing_parameters(privatekey)) { if (EVP_PKEY_missing_parameters(pubkey)) { /* nobody has parameters? - error */ - SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_MISSING_PARAMETERS); + ERR_raise(ERR_LIB_SSL, SSL_R_MISSING_PARAMETERS); goto out; } else { /* copy to privatekey from pubkey */ @@ -1117,12 +1114,12 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr /* check that key <-> cert match */ if (EVP_PKEY_eq(pubkey, privatekey) != 1) { - SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_PRIVATE_KEY_MISMATCH); + ERR_raise(ERR_LIB_SSL, SSL_R_PRIVATE_KEY_MISMATCH); goto out; } } if (ssl_cert_lookup_by_pkey(pubkey, &i) == NULL) { - SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); goto out; } @@ -1130,14 +1127,14 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr || c->pkeys[i].privatekey != NULL || c->pkeys[i].chain != NULL)) { /* No override, and something already there */ - SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_NOT_REPLACING_CERTIFICATE); + ERR_raise(ERR_LIB_SSL, SSL_R_NOT_REPLACING_CERTIFICATE); goto out; } if (chain != NULL) { dup_chain = X509_chain_up_ref(chain); if (dup_chain == NULL) { - SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto out; } } diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index a10b1de071..5c9dd83087 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -71,7 +71,7 @@ SSL_SESSION *SSL_SESSION_new(void) ss = OPENSSL_zalloc(sizeof(*ss)); if (ss == NULL) { - SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -81,7 +81,7 @@ SSL_SESSION *SSL_SESSION_new(void) ss->time = (unsigned long)time(NULL); ss->lock = CRYPTO_THREAD_lock_new(); if (ss->lock == NULL) { - SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(ss); return NULL; } @@ -218,7 +218,7 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) return dest; err: - SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); SSL_SESSION_free(dest); return NULL; } @@ -811,8 +811,7 @@ int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, unsigned int sid_len) { if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) { - SSLerr(SSL_F_SSL_SESSION_SET1_ID, - SSL_R_SSL_SESSION_ID_TOO_LONG); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_TOO_LONG); return 0; } s->session_id_length = sid_len; @@ -956,8 +955,7 @@ int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len) { if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { - SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT, - SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); return 0; } s->sid_ctx_length = sid_ctx_len; @@ -1023,7 +1021,7 @@ int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) s->ext.session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); if (s->ext.session_ticket == NULL) { - SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c index d3b41d14f9..8dc418ca48 100644 --- a/ssl/ssl_txt.c +++ b/ssl/ssl_txt.c @@ -19,7 +19,7 @@ int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x) int ret; if ((b = BIO_new(BIO_s_file())) == NULL) { - SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); return 0; } BIO_set_fp(b, fp, BIO_NOCLOSE); diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c index 697e33e2b5..ac09e5f2eb 100644 --- a/ssl/statem/statem.c +++ b/ssl/statem/statem.c @@ -454,7 +454,7 @@ static int state_machine(SSL *s, int server) } else { /* Error */ check_fatal(s, SSL_F_STATE_MACHINE); - SSLerr(SSL_F_STATE_MACHINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); goto end; } } diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index f896e19d40..43b5f2513d 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1855,7 +1855,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) if (x == NULL) { SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE); - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } if (d2i_X509(&x, (const unsigned char **)&certbytes, @@ -3654,8 +3654,7 @@ WORK_STATE tls_prepare_client_certificate(SSL *s, WORK_STATE wst) i = 0; } else if (i == 1) { i = 0; - SSLerr(SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE, - SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); } X509_free(x509); diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 8f7ec0c695..382f285d45 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -60,13 +60,13 @@ static hm_fragment *dtls1_hm_fragment_new(size_t frag_len, int reassembly) unsigned char *bitmask = NULL; if ((frag = OPENSSL_malloc(sizeof(*frag))) == NULL) { - SSLerr(SSL_F_DTLS1_HM_FRAGMENT_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } if (frag_len) { if ((buf = OPENSSL_malloc(frag_len)) == NULL) { - SSLerr(SSL_F_DTLS1_HM_FRAGMENT_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(frag); return NULL; } @@ -79,7 +79,7 @@ static hm_fragment *dtls1_hm_fragment_new(size_t frag_len, int reassembly) if (reassembly) { bitmask = OPENSSL_zalloc(RSMBLY_BITMASK_SIZE(frag_len)); if (bitmask == NULL) { - SSLerr(SSL_F_DTLS1_HM_FRAGMENT_NEW, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(buf); OPENSSL_free(frag); return NULL; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 422c631838..ae3afcf061 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1028,9 +1028,9 @@ static int ssl_add_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk) if (i != 1) { #if 0 /* Dummy error calls so mkerr generates them */ - SSLerr(SSL_F_SSL_ADD_CERT_CHAIN, SSL_R_EE_KEY_TOO_SMALL); - SSLerr(SSL_F_SSL_ADD_CERT_CHAIN, SSL_R_CA_KEY_TOO_SMALL); - SSLerr(SSL_F_SSL_ADD_CERT_CHAIN, SSL_R_CA_MD_TOO_WEAK); + ERR_raise(ERR_LIB_SSL, SSL_R_EE_KEY_TOO_SMALL); + ERR_raise(ERR_LIB_SSL, SSL_R_CA_KEY_TOO_SMALL); + ERR_raise(ERR_LIB_SSL, SSL_R_CA_MD_TOO_WEAK); #endif X509_STORE_CTX_free(xs_ctx); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_CHAIN, i); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 91c3904723..8ba202031e 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -43,7 +43,7 @@ static int tls1_PRF(SSL *s, SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR); else - SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } kdf = EVP_KDF_fetch(s->ctx->libctx, OSSL_KDF_NAME_TLS1_PRF, s->ctx->propq); @@ -81,7 +81,7 @@ static int tls1_PRF(SSL *s, SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR); else - SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); EVP_KDF_CTX_free(kctx); return 0; } @@ -795,11 +795,11 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, goto ret; err1: - SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); + ERR_raise(ERR_LIB_SSL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); rv = 0; goto ret; err2: - SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); rv = 0; ret: OPENSSL_clear_free(val, vallen); diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 8836069097..4d47566dbf 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -261,7 +261,7 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) + TLS_GROUP_LIST_MALLOC_BLOCK_SIZE) * sizeof(TLS_GROUP_INFO)); if (tmp == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } ctx->group_list = tmp; @@ -275,78 +275,78 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_NAME); if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } ginf->tlsname = OPENSSL_strdup(p->data); if (ginf->tlsname == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL); if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } ginf->realname = OPENSSL_strdup(p->data); if (ginf->realname == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_ID); if (p == NULL || !OSSL_PARAM_get_uint(p, &gid) || gid > UINT16_MAX) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } ginf->group_id = (uint16_t)gid; p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_ALG); if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } ginf->algorithm = OPENSSL_strdup(p->data); if (ginf->algorithm == NULL) { - SSLerr(0, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS); if (p == NULL || !OSSL_PARAM_get_uint(p, &ginf->secbits)) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_IS_KEM); if (p != NULL && (!OSSL_PARAM_get_uint(p, &is_kem) || is_kem > 1)) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } ginf->is_kem = 1 & is_kem; p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_MIN_TLS); if (p == NULL || !OSSL_PARAM_get_int(p, &ginf->mintls)) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_MAX_TLS); if (p == NULL || !OSSL_PARAM_get_int(p, &ginf->maxtls)) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS); if (p == NULL || !OSSL_PARAM_get_int(p, &ginf->mindtls)) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS); if (p == NULL || !OSSL_PARAM_get_int(p, &ginf->maxdtls)) { - SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } /* @@ -655,11 +655,11 @@ int tls1_set_groups(uint16_t **pext, size_t *pextlen, unsigned long dup_list_dhgrp = 0; if (ngroups == 0) { - SSLerr(SSL_F_TLS1_SET_GROUPS, SSL_R_BAD_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); return 0; } if ((glist = OPENSSL_malloc(ngroups * sizeof(*glist))) == NULL) { - SSLerr(SSL_F_TLS1_SET_GROUPS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } for (i = 0; i < ngroups; i++) { @@ -2169,7 +2169,7 @@ int tls12_copy_sigalgs(SSL *s, WPACKET *pkt, rv = 1; } if (rv == 0) - SSLerr(SSL_F_TLS12_COPY_SIGALGS, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); return rv; } @@ -2234,7 +2234,7 @@ static int tls1_set_shared_sigalgs(SSL *s) nmatch = tls12_shared_sigalgs(s, NULL, pref, preflen, allow, allowlen); if (nmatch) { if ((salgs = OPENSSL_malloc(nmatch * sizeof(*salgs))) == NULL) { - SSLerr(SSL_F_TLS1_SET_SHARED_SIGALGS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } nmatch = tls12_shared_sigalgs(s, salgs, pref, preflen, allow, allowlen); @@ -2261,7 +2261,7 @@ int tls1_save_u16(PACKET *pkt, uint16_t **pdest, size_t *pdestlen) size >>= 1; if ((buf = OPENSSL_malloc(size * sizeof(*buf))) == NULL) { - SSLerr(SSL_F_TLS1_SAVE_U16, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } for (i = 0; i < size && PACKET_get_net_2(pkt, &stmp); i++) @@ -2491,7 +2491,7 @@ int tls1_set_raw_sigalgs(CERT *c, const uint16_t *psigs, size_t salglen, uint16_t *sigalgs; if ((sigalgs = OPENSSL_malloc(salglen * sizeof(*sigalgs))) == NULL) { - SSLerr(SSL_F_TLS1_SET_RAW_SIGALGS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } memcpy(sigalgs, psigs, salglen * sizeof(*sigalgs)); @@ -2517,7 +2517,7 @@ int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen, int client) if (salglen & 1) return 0; if ((sigalgs = OPENSSL_malloc((salglen / 2) * sizeof(*sigalgs))) == NULL) { - SSLerr(SSL_F_TLS1_SET_SIGALGS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } for (i = 0, sptr = sigalgs; i < salglen; i += 2) { @@ -3344,8 +3344,7 @@ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode) { if (mode != TLSEXT_max_fragment_length_DISABLED && !IS_MAX_FRAGMENT_LENGTH_EXT_VALID(mode)) { - SSLerr(SSL_F_SSL_CTX_SET_TLSEXT_MAX_FRAGMENT_LENGTH, - SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH); return 0; } @@ -3357,8 +3356,7 @@ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode) { if (mode != TLSEXT_max_fragment_length_DISABLED && !IS_MAX_FRAGMENT_LENGTH_EXT_VALID(mode)) { - SSLerr(SSL_F_SSL_SET_TLSEXT_MAX_FRAGMENT_LENGTH, - SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH); return 0; } diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 829a6e9be1..628ec63efe 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -71,7 +71,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, * Probably we have been called from SSL_export_keying_material(), * or SSL_export_keying_material_early(). */ - SSLerr(SSL_F_TLS13_HKDF_EXPAND, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); + ERR_raise(ERR_LIB_SSL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); } EVP_KDF_CTX_free(kctx); return 0; @@ -94,7 +94,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR); else - SSLerr(SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; } @@ -117,7 +117,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR); else - SSLerr(SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); } return ret == 0; diff --git a/ssl/tls_depr.c b/ssl/tls_depr.c index df630915d0..3fcc5b6740 100644 --- a/ssl/tls_depr.c +++ b/ssl/tls_depr.c @@ -74,12 +74,11 @@ int tls_engine_load_ssl_client_cert(SSL *s, X509 **px509, EVP_PKEY **ppkey) int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e) { if (!ENGINE_init(e)) { - SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_ENGINE_LIB); return 0; } if (!ENGINE_get_ssl_client_cert_function(e)) { - SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, - SSL_R_NO_CLIENT_CERT_METHOD); + ERR_raise(ERR_LIB_SSL, SSL_R_NO_CLIENT_CERT_METHOD); ENGINE_finish(e); return 0; } diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index c30d263b5f..7ba29adeb1 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -95,17 +95,17 @@ int SSL_SRP_CTX_init(struct ssl_st *s) ((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) || ((ctx->srp_ctx.b != NULL) && ((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL))) { - SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_BN_LIB); + ERR_raise(ERR_LIB_SSL, ERR_R_BN_LIB); goto err; } if ((ctx->srp_ctx.login != NULL) && ((s->srp_ctx.login = OPENSSL_strdup(ctx->srp_ctx.login)) == NULL)) { - SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); goto err; } if ((ctx->srp_ctx.info != NULL) && ((s->srp_ctx.info = OPENSSL_strdup(ctx->srp_ctx.info)) == NULL)) { - SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_INTERNAL_ERROR); + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); goto err; } s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask; |