QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-03 13:09:38 +00:00
Code Issues Projects Releases Wiki Activity

SSL: refactor ossl_statem_fatal() and SSLfatal()

Browse Source 
ossl_statem_fatal() is refactored to be an extended ERR_set_error(),
and SSLfatal() is refactored to work like ERR_raise().  We also add
SSLfatal_data() to work like ERR_raise_data().

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
This commit is contained in:
Richard Levitte 2020-11-04 14:36:38 +01:00
parent 6849b73ccc
commit e92519b5a6
2 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ssl/statem/statem.c
View File

@ -112,14 +112,19 @@ void ossl_statem_set_renegotiate(SSL *s)
} }
/* /*
* Put the state machine into an error state and send an alert if appropriate. * Error reporting building block that's used instead of ERR_set_error().
* In addition to what ERR_set_error() does, this puts the state machine
* into an error state and sends an alert if appropriate.
* This is a permanent error for the current connection. * This is a permanent error for the current connection.
*/ */
void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file, void ossl_statem_fatal(SSL *s, int al, int reason, const char *fmt, ...)
int line)
{ {
ERR_raise(ERR_LIB_SSL, reason); va_list args;
ERR_set_debug(file, line, NULL); /* Override what ERR_raise set */
va_start(args, fmt);
ERR_vset_error(ERR_LIB_SSL, reason, fmt, args);
va_end(args);
/* We shouldn't call SSLfatal() twice. Once is enough */ /* We shouldn't call SSLfatal() twice. Once is enough */
if (s->statem.in_init && s->statem.state == MSG_FLOW_ERROR) if (s->statem.in_init && s->statem.state == MSG_FLOW_ERROR)
return; return;

14
ssl/statem/statem.h
View File

@ -132,15 +132,13 @@ __owur int ossl_statem_accept(SSL *s);
__owur int ossl_statem_connect(SSL *s); __owur int ossl_statem_connect(SSL *s);
void ossl_statem_clear(SSL *s); void ossl_statem_clear(SSL *s);
void ossl_statem_set_renegotiate(SSL *s); void ossl_statem_set_renegotiate(SSL *s);
void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file, void ossl_statem_fatal(SSL *s, int al, int reason, const char *fmt, ...);
int line);
# define SSL_AD_NO_ALERT -1 # define SSL_AD_NO_ALERT -1
# ifndef OPENSSL_NO_ERR # define SSLfatal(s, al, r) SSLfatal_data((s), (al), (r), NULL)
# define SSLfatal(s, al, f, r) ossl_statem_fatal((s), (al), (0), (r), \ # define SSLfatal_data \
OPENSSL_FILE, OPENSSL_LINE) (ERR_new(), \
# else ERR_set_debug(OPENSSL_FILE, OPENSSL_LINE, OPENSSL_FUNC), \
# define SSLfatal(s, al, f, r) ossl_statem_fatal((s), (al), (0), (r), NULL, 0) ossl_statem_fatal)
# endif
int ossl_statem_in_error(const SSL *s); int ossl_statem_in_error(const SSL *s);
void ossl_statem_set_in_init(SSL *s, int init); void ossl_statem_set_in_init(SSL *s, int init);