From fe3a329117dbb04a17ca2cb9fc9e3493dc7f03ab Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 5 Oct 2015 10:39:54 +0100 Subject: [PATCH 1/1] Change statem prefix to ossl_statem Change various state machine functions to use the prefix ossl_statem instead. Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte --- ssl/d1_lib.c | 2 +- ssl/d1_msg.c | 2 +- ssl/methods.c | 68 +++++++++++++++++++------------------ ssl/record/rec_layer_d1.c | 8 ++--- ssl/record/rec_layer_s3.c | 4 +-- ssl/s3_lib.c | 2 +- ssl/ssl_lib.c | 6 ++-- ssl/ssl_stat.c | 4 +-- ssl/statem/statem.c | 24 +++++++------- ssl/statem/statem.h | 20 +++++------ ssl/statem/statem_clnt.c | 38 ++++++++++----------- ssl/statem/statem_lib.c | 8 ++--- ssl/statem/statem_srvr.c | 70 +++++++++++++++++++-------------------- 13 files changed, 130 insertions(+), 126 deletions(-) diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 2f9609affb..087d6d2667 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -873,7 +873,7 @@ int dtls1_listen(SSL *s, struct sockaddr *client) SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE); /* Put us into the "init" state so that we don't get our state cleared */ - statem_set_in_init(s, 1); + ossl_statem_set_in_init(s, 1); if(BIO_dgram_get_peer(rbio, client) <= 0) { SSLerr(SSL_F_DTLS1_LISTEN, ERR_R_INTERNAL_ERROR); diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c index e35c9356a4..40152c28d2 100644 --- a/ssl/d1_msg.c +++ b/ssl/d1_msg.c @@ -127,7 +127,7 @@ int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len) */ if ((SSL_in_init(s) && !s->in_handshake) || (BIO_dgram_is_sctp(SSL_get_wbio(s)) && - statem_in_sctp_read_sock(s))) + ossl_statem_in_sctp_read_sock(s))) #else if (SSL_in_init(s) && !s->in_handshake) #endif diff --git a/ssl/methods.c b/ssl/methods.c index 4e7093ed3c..3319119fc3 100644 --- a/ssl/methods.c +++ b/ssl/methods.c @@ -136,24 +136,24 @@ static const SSL_METHOD *tls1_get_method(int ver) } IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, TLS_method, - statem_accept, - statem_connect, tls1_get_method, TLSv1_2_enc_data) + ossl_statem_accept, + ossl_statem_connect, tls1_get_method, TLSv1_2_enc_data) IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_method, - statem_accept, - statem_connect, tls1_get_method, TLSv1_2_enc_data) + ossl_statem_accept, + ossl_statem_connect, tls1_get_method, TLSv1_2_enc_data) IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_method, - statem_accept, - statem_connect, tls1_get_method, TLSv1_1_enc_data) + ossl_statem_accept, + ossl_statem_connect, tls1_get_method, TLSv1_1_enc_data) IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_method, - statem_accept, - statem_connect, tls1_get_method, TLSv1_enc_data) + ossl_statem_accept, + ossl_statem_connect, tls1_get_method, TLSv1_enc_data) #ifndef OPENSSL_NO_SSL3_METHOD -IMPLEMENT_ssl3_meth_func(SSLv3_method, - statem_accept, statem_connect, tls1_get_method) +IMPLEMENT_ssl3_meth_func(SSLv3_method, ossl_statem_accept, ossl_statem_connect, + tls1_get_method) #endif @@ -179,28 +179,28 @@ static const SSL_METHOD *tls1_get_server_method(int ver) } IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, TLS_server_method, - statem_accept, + ossl_statem_accept, ssl_undefined_function, tls1_get_server_method, TLSv1_2_enc_data) IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_server_method, - statem_accept, + ossl_statem_accept, ssl_undefined_function, tls1_get_server_method, TLSv1_2_enc_data) IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_server_method, - statem_accept, + ossl_statem_accept, ssl_undefined_function, tls1_get_server_method, TLSv1_1_enc_data) IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_server_method, - statem_accept, + ossl_statem_accept, ssl_undefined_function, tls1_get_server_method, TLSv1_enc_data) #ifndef OPENSSL_NO_SSL3_METHOD IMPLEMENT_ssl3_meth_func(SSLv3_server_method, - statem_accept, + ossl_statem_accept, ssl_undefined_function, tls1_get_server_method) #endif @@ -228,27 +228,28 @@ static const SSL_METHOD *tls1_get_client_method(int ver) IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, TLS_client_method, ssl_undefined_function, - statem_connect, + ossl_statem_connect, tls1_get_client_method, TLSv1_2_enc_data) IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_client_method, ssl_undefined_function, - statem_connect, + ossl_statem_connect, tls1_get_client_method, TLSv1_2_enc_data) IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_client_method, ssl_undefined_function, - statem_connect, + ossl_statem_connect, tls1_get_client_method, TLSv1_1_enc_data) IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_client_method, ssl_undefined_function, - statem_connect, tls1_get_client_method, TLSv1_enc_data) + ossl_statem_connect, + tls1_get_client_method, TLSv1_enc_data) #ifndef OPENSSL_NO_SSL3_METHOD IMPLEMENT_ssl3_meth_func(SSLv3_client_method, ssl_undefined_function, - statem_connect, tls1_get_client_method) + ossl_statem_connect, tls1_get_client_method) #endif @@ -267,18 +268,21 @@ static const SSL_METHOD *dtls1_get_method(int ver) IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, DTLSv1_method, - statem_accept, - statem_connect, dtls1_get_method, DTLSv1_enc_data) + ossl_statem_accept, + ossl_statem_connect, + dtls1_get_method, DTLSv1_enc_data) IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, DTLSv1_2_method, - statem_accept, - statem_connect, dtls1_get_method, DTLSv1_2_enc_data) + ossl_statem_accept, + ossl_statem_connect, + dtls1_get_method, DTLSv1_2_enc_data) IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, DTLS_method, - statem_accept, - statem_connect, dtls1_get_method, DTLSv1_2_enc_data) + ossl_statem_accept, + ossl_statem_connect, + dtls1_get_method, DTLSv1_2_enc_data) /* @@ -297,19 +301,19 @@ static const SSL_METHOD *dtls1_get_server_method(int ver) IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, DTLSv1_server_method, - statem_accept, + ossl_statem_accept, ssl_undefined_function, dtls1_get_server_method, DTLSv1_enc_data) IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, DTLSv1_2_server_method, - statem_accept, + ossl_statem_accept, ssl_undefined_function, dtls1_get_server_method, DTLSv1_2_enc_data) IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, DTLS_server_method, - statem_accept, + ossl_statem_accept, ssl_undefined_function, dtls1_get_server_method, DTLSv1_2_enc_data) @@ -331,17 +335,17 @@ static const SSL_METHOD *dtls1_get_client_method(int ver) IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, DTLSv1_client_method, ssl_undefined_function, - statem_connect, + ossl_statem_connect, dtls1_get_client_method, DTLSv1_enc_data) IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, DTLSv1_2_client_method, ssl_undefined_function, - statem_connect, + ossl_statem_connect, dtls1_get_client_method, DTLSv1_2_enc_data) IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, DTLS_client_method, ssl_undefined_function, - statem_connect, + ossl_statem_connect, dtls1_get_client_method, DTLSv1_2_enc_data) diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 64e1f7441d..1bfdd28552 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -441,7 +441,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, */ if ((!s->in_handshake && SSL_in_init(s)) || (BIO_dgram_is_sctp(SSL_get_rbio(s)) - && statem_in_sctp_read_sock(s) + && ossl_statem_in_sctp_read_sock(s) && s->s3->in_read_app_data != 2)) #else if (!s->in_handshake && SSL_in_init(s)) @@ -585,7 +585,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, */ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) && SSL3_RECORD_get_type(rr) == SSL3_RT_APPLICATION_DATA && - statem_in_sctp_read_sock(s)) { + ossl_statem_in_sctp_read_sock(s)) { s->rwstate = SSL_READING; BIO_clear_retry_flags(SSL_get_rbio(s)); BIO_set_retry_read(SSL_get_rbio(s)); @@ -903,7 +903,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, if (SSL_is_init_finished(s) && !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { - statem_set_in_init(s, 1); + ossl_statem_set_in_init(s, 1); s->renegotiate = 1; s->new_session = 1; } @@ -966,7 +966,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, */ if (s->s3->in_read_app_data && (s->s3->total_renegotiations != 0) && - statem_app_data_allowed(s)) { + ossl_statem_app_data_allowed(s)) { s->s3->in_read_app_data = 2; return (-1); } else { diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index c224fe5e04..36df000725 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1386,7 +1386,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, if ((s->rlayer.handshake_fragment_len >= 4) && !s->in_handshake) { if (SSL_is_init_finished(s) && !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { - statem_set_in_init(s, 1); + ossl_statem_set_in_init(s, 1); s->renegotiate = 1; s->new_session = 1; } @@ -1450,7 +1450,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, * application data at this point (session renegotiation not yet * started), we will indulge it. */ - if (statem_app_data_allowed(s)) { + if (ossl_statem_app_data_allowed(s)) { s->s3->in_read_app_data = 2; return (-1); } else { diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 2111d18aee..dca9fbfe61 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -5131,7 +5131,7 @@ int ssl3_renegotiate_check(SSL *s) * message, we need to set the state machine into the renegotiate * state. */ - statem_set_renegotiate(s); + ossl_statem_set_renegotiate(s); s->s3->renegotiate = 0; s->s3->num_renegotiations++; s->s3->total_renegotiations++; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index cb303c419d..ad590e5116 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -215,7 +215,7 @@ int SSL_clear(SSL *s) return 0; } - statem_clear(s); + ossl_statem_clear(s); s->version = s->method->version; s->client_version = s->version; @@ -2396,7 +2396,7 @@ void SSL_set_accept_state(SSL *s) { s->server = 1; s->shutdown = 0; - statem_clear(s); + ossl_statem_clear(s); s->handshake_func = s->method->ssl_accept; clear_ciphers(s); } @@ -2405,7 +2405,7 @@ void SSL_set_connect_state(SSL *s) { s->server = 0; s->shutdown = 0; - statem_clear(s); + ossl_statem_clear(s); s->handshake_func = s->method->ssl_connect; clear_ciphers(s); } diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c index d64ea1866c..8b7257a06f 100644 --- a/ssl/ssl_stat.c +++ b/ssl/ssl_stat.c @@ -89,7 +89,7 @@ const char *SSL_state_string_long(const SSL *s) { const char *str; - if (statem_in_error(s)) { + if (ossl_statem_in_error(s)) { return "error"; } @@ -204,7 +204,7 @@ const char *SSL_state_string(const SSL *s) { const char *str; - if (statem_in_error(s)) { + if (ossl_statem_in_error(s)) { return "SSLERR"; } diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c index 1df669bc33..6ff60eaccd 100644 --- a/ssl/statem/statem.c +++ b/ssl/statem/statem.c @@ -150,7 +150,7 @@ int SSL_in_before(SSL *s) /* * Clear the state machine state and reset back to MSG_FLOW_UNINITED */ -void statem_clear(SSL *s) +void ossl_statem_clear(SSL *s) { s->statem.state = MSG_FLOW_UNINITED; s->statem.hand_state = TLS_ST_BEFORE; @@ -160,7 +160,7 @@ void statem_clear(SSL *s) /* * Set the state machine up ready for a renegotiation handshake */ -void statem_set_renegotiate(SSL *s) +void ossl_statem_set_renegotiate(SSL *s) { s->statem.state = MSG_FLOW_RENEGOTIATE; s->statem.in_init = 1; @@ -170,7 +170,7 @@ void statem_set_renegotiate(SSL *s) * Put the state machine into an error state. This is a permanent error for * the current connection. */ -void statem_set_error(SSL *s) +void ossl_statem_set_error(SSL *s) { s->statem.state = MSG_FLOW_ERROR; } @@ -182,7 +182,7 @@ void statem_set_error(SSL *s) * 1: Yes * 0: No */ -int statem_in_error(const SSL *s) +int ossl_statem_in_error(const SSL *s) { if (s->statem.state == MSG_FLOW_ERROR) return 1; @@ -190,16 +190,16 @@ int statem_in_error(const SSL *s) return 0; } -void statem_set_in_init(SSL *s, int init) +void ossl_statem_set_in_init(SSL *s, int init) { s->statem.in_init = init; } -int statem_connect(SSL *s) { +int ossl_statem_connect(SSL *s) { return state_machine(s, 0); } -int statem_accept(SSL *s) +int ossl_statem_accept(SSL *s) { return state_machine(s, 1); } @@ -374,7 +374,7 @@ static int state_machine(SSL *s, int server) { SSLerr(SSL_F_STATE_MACHINE, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); - statem_set_error(s); + ossl_statem_set_error(s); goto end; } else { /* @@ -425,7 +425,7 @@ static int state_machine(SSL *s, int server) { } } else { /* Error */ - statem_set_error(s); + ossl_statem_set_error(s); goto end; } } @@ -629,7 +629,7 @@ static enum SUB_STATE_RETURN read_state_machine(SSL *s) { /* Shouldn't happen */ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); SSLerr(SSL_F_READ_STATE_MACHINE, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return SUB_STATE_ERROR; } } @@ -817,7 +817,7 @@ int statem_flush(SSL *s) * 1: Yes (application data allowed) * 0: No (application data not allowed) */ -int statem_app_data_allowed(SSL *s) +int ossl_statem_app_data_allowed(SSL *s) { STATEM *st = &s->statem; @@ -851,7 +851,7 @@ int statem_app_data_allowed(SSL *s) /* * Set flag used by SCTP to determine whether we are in the read sock state */ -void statem_set_sctp_read_sock(SSL *s, int read_sock) +void ossl_statem_set_sctp_read_sock(SSL *s, int read_sock) { s->statem.in_sctp_read_sock = read_sock; } diff --git a/ssl/statem/statem.h b/ssl/statem/statem.h index 44c1dd45bc..fcc6163863 100644 --- a/ssl/statem/statem.h +++ b/ssl/statem/statem.h @@ -150,17 +150,17 @@ typedef struct statem_st STATEM; * * *****************************************************************************/ -__owur int statem_accept(SSL *s); -__owur int statem_connect(SSL *s); -void statem_clear(SSL *s); -void statem_set_renegotiate(SSL *s); -void statem_set_error(SSL *s); -int statem_in_error(const SSL *s); -void statem_set_in_init(SSL *s, int init); -__owur int statem_app_data_allowed(SSL *s); +__owur int ossl_statem_accept(SSL *s); +__owur int ossl_statem_connect(SSL *s); +void ossl_statem_clear(SSL *s); +void ossl_statem_set_renegotiate(SSL *s); +void ossl_statem_set_error(SSL *s); +int ossl_statem_in_error(const SSL *s); +void ossl_statem_set_in_init(SSL *s, int init); +__owur int ossl_statem_app_data_allowed(SSL *s); #ifndef OPENSSL_NO_SCTP -void statem_set_sctp_read_sock(SSL *s, int read_sock); -__owur int statem_in_sctp_read_sock(SSL *s); +void ossl_statem_set_sctp_read_sock(SSL *s, int read_sock); +__owur int ossl_statem_in_sctp_read_sock(SSL *s); #endif diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index c74ee82c1a..a2bb55813b 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -469,7 +469,7 @@ enum WRITE_TRAN client_write_transition(SSL *s) case TLS_ST_CW_FINISHED: if (s->hit) { st->hand_state = TLS_ST_OK; - statem_set_in_init(s, 0); + ossl_statem_set_in_init(s, 0); return WRITE_TRAN_CONTINUE; } else { return WRITE_TRAN_FINISHED; @@ -481,7 +481,7 @@ enum WRITE_TRAN client_write_transition(SSL *s) return WRITE_TRAN_CONTINUE; } else { st->hand_state = TLS_ST_OK; - statem_set_in_init(s, 0); + ossl_statem_set_in_init(s, 0); return WRITE_TRAN_CONTINUE; } @@ -793,10 +793,10 @@ enum WORK_STATE client_post_process_message(SSL *s, enum WORK_STATE wst) s->rwstate = SSL_READING; BIO_clear_retry_flags(SSL_get_rbio(s)); BIO_set_retry_read(SSL_get_rbio(s)); - statem_set_sctp_read_sock(s, 1); + ossl_statem_set_sctp_read_sock(s, 1); return WORK_MORE_A; } - statem_set_sctp_read_sock(s, 0); + ossl_statem_set_sctp_read_sock(s, 0); return WORK_FINISHED_STOP; #endif @@ -1089,7 +1089,7 @@ int tls_construct_client_hello(SSL *s) return 1; err: - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -1123,7 +1123,7 @@ enum MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt) return MSG_PROCESS_FINISHED_READING; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -1463,7 +1463,7 @@ enum MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); err: - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -1582,7 +1582,7 @@ enum MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); err: - statem_set_error(s); + ossl_statem_set_error(s); done: EVP_PKEY_free(pkey); X509_free(x); @@ -2041,7 +2041,7 @@ enum MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) EC_KEY_free(ecdh); #endif EVP_MD_CTX_cleanup(&md_ctx); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -2157,7 +2157,7 @@ enum MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt) ret = MSG_PROCESS_CONTINUE_READING; goto done; err: - statem_set_error(s); + ossl_statem_set_error(s); done: sk_X509_NAME_pop_free(ca_sk, X509_NAME_free); return ret; @@ -2251,7 +2251,7 @@ enum MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); err: - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -2303,7 +2303,7 @@ enum MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt) return MSG_PROCESS_CONTINUE_READING; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -2313,7 +2313,7 @@ enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt) /* should contain no data */ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); SSLerr(SSL_F_TLS_PROCESS_SERVER_DONE, SSL_R_LENGTH_MISMATCH); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -2322,7 +2322,7 @@ enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt) if (SRP_Calc_A_param(s) <= 0) { SSLerr(SSL_F_TLS_PROCESS_SERVER_DONE, SSL_R_SRP_A_CALC); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } } @@ -2334,7 +2334,7 @@ enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt) */ if (!ssl3_check_cert_and_algorithm(s)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -2919,7 +2919,7 @@ psk_err: OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen); s->s3->tmp.psk = NULL; #endif - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -3170,7 +3170,7 @@ enum WORK_STATE tls_prepare_client_certificate(SSL *s, enum WORK_STATE wst) } if (i == 0) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } s->rwstate = SSL_NOTHING; @@ -3216,7 +3216,7 @@ enum WORK_STATE tls_prepare_client_certificate(SSL *s, enum WORK_STATE wst) s->s3->tmp.cert_req = 2; if (!ssl3_digest_cached_records(s, 0)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } } @@ -3236,7 +3236,7 @@ int tls_construct_client_certificate(SSL *s) 2) ? NULL : s->cert->key)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 0f548d469b..dbfe278a5f 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -288,7 +288,7 @@ enum MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt) return MSG_PROCESS_CONTINUE_READING; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -334,7 +334,7 @@ enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt) return MSG_PROCESS_CONTINUE_PROCESSING; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -411,13 +411,13 @@ enum WORK_STATE tls_finish_handshake(SSL *s, enum WORK_STATE wst) ssl_update_cache(s, SSL_SESS_CACHE_SERVER); s->ctx->stats.sess_accept_good++; - s->handshake_func = statem_accept; + s->handshake_func = ossl_statem_accept; } else { ssl_update_cache(s, SSL_SESS_CACHE_CLIENT); if (s->hit) s->ctx->stats.sess_hit++; - s->handshake_func = statem_connect; + s->handshake_func = ossl_statem_connect; s->ctx->stats.sess_connect_good++; } diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index f0b79f037f..b940280e5b 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -418,7 +418,7 @@ enum WRITE_TRAN server_write_transition(SSL *s) case TLS_ST_SW_HELLO_REQ: st->hand_state = TLS_ST_OK; - statem_set_in_init(s, 0); + ossl_statem_set_in_init(s, 0); return WRITE_TRAN_CONTINUE; case TLS_ST_SR_CLNT_HELLO: @@ -485,7 +485,7 @@ enum WRITE_TRAN server_write_transition(SSL *s) case TLS_ST_SR_FINISHED: if (s->hit) { st->hand_state = TLS_ST_OK; - statem_set_in_init(s, 0); + ossl_statem_set_in_init(s, 0); return WRITE_TRAN_CONTINUE; } else if (s->tlsext_ticket_expected) { st->hand_state = TLS_ST_SW_SESSION_TICKET; @@ -507,7 +507,7 @@ enum WRITE_TRAN server_write_transition(SSL *s) return WRITE_TRAN_FINISHED; } st->hand_state = TLS_ST_OK; - statem_set_in_init(s, 0); + ossl_statem_set_in_init(s, 0); return WRITE_TRAN_CONTINUE; default: @@ -570,7 +570,7 @@ enum WORK_STATE server_pre_work(SSL *s, enum WORK_STATE wst) case TLS_ST_SW_CHANGE: s->session->cipher = s->s3->tmp.new_cipher; if (!s->method->ssl3_enc->setup_key_block(s)) { - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR; } if (SSL_IS_DTLS(s)) { @@ -641,7 +641,7 @@ enum WORK_STATE server_post_work(SSL *s, enum WORK_STATE wst) if (SSL_export_keying_material(s, sctpauthkey, sizeof(sctpauthkey), labelbuffer, sizeof(labelbuffer), NULL, 0, 0) <= 0) { - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR; } @@ -664,7 +664,7 @@ enum WORK_STATE server_post_work(SSL *s, enum WORK_STATE wst) #endif if (!s->method->ssl3_enc->change_cipher_state(s, SSL3_CHANGE_CIPHER_SERVER_WRITE)) { - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR; } @@ -871,7 +871,7 @@ enum WORK_STATE server_post_process_message(SSL *s, enum WORK_STATE wst) statem_set_sctp_read_sock(s, 1); return WORK_MORE_A; } else { - statem_set_sctp_read_sock(s, 0); + ossl_ossl_statem_set_sctp_read_sock(s, 0); } #endif return WORK_FINISHED_CONTINUE; @@ -918,7 +918,7 @@ int tls_construct_hello_request(SSL *s) { if (!ssl_set_handshake_header(s, SSL3_MT_HELLO_REQUEST, 0)) { SSLerr(SSL_F_TLS_CONSTRUCT_HELLO_REQUEST, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -958,7 +958,7 @@ int dtls_construct_hello_verify_request(SSL *s) s->d1->cookie_len > 255) { SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST, SSL_R_COOKIE_GEN_CALLBACK_FAILURE); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -1508,7 +1508,7 @@ enum MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); err: - statem_set_error(s); + ossl_statem_set_error(s); sk_SSL_CIPHER_free(ciphers); return MSG_PROCESS_ERROR; @@ -1610,7 +1610,7 @@ enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst) return WORK_FINISHED_STOP; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR; } @@ -1661,7 +1661,7 @@ int tls_construct_server_hello(SSL *s) sl = s->session->session_id_length; if (sl > (int)sizeof(s->session->session_id)) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } *(p++) = sl; @@ -1684,7 +1684,7 @@ int tls_construct_server_hello(SSL *s) if (ssl_prepare_serverhello_tlsext(s) <= 0) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } if ((p = @@ -1692,7 +1692,7 @@ int tls_construct_server_hello(SSL *s) &al)) == NULL) { ssl3_send_alert(s, SSL3_AL_FATAL, al); SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -1700,7 +1700,7 @@ int tls_construct_server_hello(SSL *s) l = (p - d); if (!ssl_set_handshake_header(s, SSL3_MT_SERVER_HELLO, l)) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -1711,13 +1711,13 @@ int tls_construct_server_done(SSL *s) { if (!ssl_set_handshake_header(s, SSL3_MT_SERVER_DONE, 0)) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_DONE, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } if (!s->s3->tmp.cert_request) { if (!ssl3_digest_cached_records(s, 0)) { - statem_set_error(s); + ossl_statem_set_error(s); } } @@ -2187,7 +2187,7 @@ int tls_construct_server_key_exchange(SSL *s) BN_CTX_free(bn_ctx); #endif EVP_MD_CTX_cleanup(&md_ctx); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -2259,7 +2259,7 @@ int tls_construct_certificate_request(SSL *s) return 1; err: - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -2886,7 +2886,7 @@ enum MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen); s->s3->tmp.psk = NULL; #endif - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -2908,7 +2908,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s, if (SSL_export_keying_material(s, sctpauthkey, sizeof(sctpauthkey), labelbuffer, sizeof(labelbuffer), NULL, 0, 0) <= 0) { - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR;; } @@ -2933,7 +2933,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s, statem_set_sctp_read_sock(s, 1); return WORK_MORE_B; } else { - statem_set_sctp_read_sock(s, 0); + ossl_statem_set_sctp_read_sock(s, 0); } #endif @@ -2950,7 +2950,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s, if (!s->s3->handshake_buffer) { SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR; } /* @@ -2958,7 +2958,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s, * extms we've done this already so this is a no-op */ if (!ssl3_digest_cached_records(s, 1)) { - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR; } } else { @@ -2972,7 +2972,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s, * step */ if (!ssl3_digest_cached_records(s, 0)) { - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR; } for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++) { @@ -2990,7 +2990,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s, dgst_size = EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]); if (dgst_size < 0) { - statem_set_error(s); + ossl_statem_set_error(s); return WORK_ERROR; } offset += dgst_size; @@ -3168,7 +3168,7 @@ enum MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) if (0) { f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); } BIO_free(s->s3->handshake_buffer); s->s3->handshake_buffer = NULL; @@ -3289,7 +3289,7 @@ enum MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); done: X509_free(x); sk_X509_pop_free(sk, X509_free); @@ -3303,13 +3303,13 @@ int tls_construct_server_certificate(SSL *s) cpk = ssl_get_server_send_pkey(s); if (cpk == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } if (!ssl3_output_cert_chain(s, cpk)) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -3337,12 +3337,12 @@ int tls_construct_new_session_ticket(SSL *s) * long */ if (slen_full == 0 || slen_full > 0xFF00) { - statem_set_error(s); + ossl_statem_set_error(s); return 0; } senc = OPENSSL_malloc(slen_full); if (!senc) { - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -3456,7 +3456,7 @@ int tls_construct_new_session_ticket(SSL *s) OPENSSL_free(senc); EVP_CIPHER_CTX_cleanup(&ctx); HMAC_CTX_cleanup(&hctx); - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -3470,7 +3470,7 @@ int tls_construct_cert_status(SSL *s) * + (ocsp response) */ if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen)) { - statem_set_error(s); + ossl_statem_set_error(s); return 0; } @@ -3527,7 +3527,7 @@ enum MSG_PROCESS_RETURN tls_process_next_proto(SSL *s, PACKET *pkt) return MSG_PROCESS_CONTINUE_READING; err: - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } #endif -- 2.34.1