diff options
| author | Richard Levitte <levitte@openssl.org> | 2020-11-04 14:39:57 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-11-11 12:12:23 +0100 |
| commit | c48ffbcca1d0213c6bcbe85de7bb5dd23c76438d (patch) | |
| tree | bcc8cd093087c7c10c681f343e4b072588430416 /ssl/tls_srp.c | |
| parent | SSL: refactor ossl_statem_fatal() and SSLfatal() (diff) | |
| download | openssl-c48ffbcca1d0213c6bcbe85de7bb5dd23c76438d.tar.xz openssl-c48ffbcca1d0213c6bcbe85de7bb5dd23c76438d.zip | |
SSL: refactor all SSLfatal() calls
Since SSLfatal() doesn't take a function code any more, we drop that
argument everywhere. Also, we convert all combinations of SSLfatal()
and ERR_add_data() to an SSLfatal_data() call.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
Diffstat (limited to 'ssl/tls_srp.c')
| -rw-r--r-- | ssl/tls_srp.c | 28 |
1 files changed, 9 insertions, 19 deletions
diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index 7ba29adeb1..69aef0c8d5 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -264,8 +264,7 @@ int srp_generate_server_master_secret(SSL *s) tmp_len = BN_num_bytes(K); if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, - SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); goto err; } BN_bn2bin(K, tmp); @@ -293,16 +292,13 @@ int srp_generate_client_master_secret(SSL *s) s->ctx->libctx, s->ctx->propq)) == NULL || s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, - SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, ERR_R_INTERNAL_ERROR); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; } if ((passwd = s->srp_ctx.SRP_give_srp_client_pwd_callback(s, s->srp_ctx.SRP_cb_arg)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, - SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, - SSL_R_CALLBACK_FAILED); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_CALLBACK_FAILED); goto err; } if ((x = SRP_Calc_x_ex(s->srp_ctx.s, s->srp_ctx.login, passwd, @@ -312,15 +308,13 @@ int srp_generate_client_master_secret(SSL *s) s->srp_ctx.a, u, s->ctx->libctx, s->ctx->propq)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, - SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, ERR_R_INTERNAL_ERROR); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; } tmp_len = BN_num_bytes(K); if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, - SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); goto err; } BN_bn2bin(K, tmp); @@ -344,26 +338,22 @@ int srp_verify_server_param(SSL *s) */ if (BN_ucmp(srp->g, srp->N) >= 0 || BN_ucmp(srp->B, srp->N) >= 0 || BN_is_zero(srp->B)) { - SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SRP_VERIFY_SERVER_PARAM, - SSL_R_BAD_DATA); + SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_DATA); return 0; } if (BN_num_bits(srp->N) < srp->strength) { - SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_F_SRP_VERIFY_SERVER_PARAM, - SSL_R_INSUFFICIENT_SECURITY); + SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_R_INSUFFICIENT_SECURITY); return 0; } if (srp->SRP_verify_param_callback) { if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0) { - SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, - SSL_F_SRP_VERIFY_SERVER_PARAM, - SSL_R_CALLBACK_FAILED); + SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_R_CALLBACK_FAILED); return 0; } } else if (!SRP_check_known_gN_param(srp->g, srp->N)) { - SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_F_SRP_VERIFY_SERVER_PARAM, + SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_R_INSUFFICIENT_SECURITY); return 0; } |