Commit d4d2f3a4 authored by Matt Caswell's avatar Matt Caswell
Browse files

Convert more functions in ssl/statem/statem.c to use SSLfatal() 



Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4778)
parent 3ec8d113

crypto/err/openssl.txt

+1 −0
Original line number Diff line number Diff line
@@ -1195,6 +1195,7 @@ SSL_F_STATE_MACHINE:353:state_machine 
SSL_F_TLS12_CHECK_PEER_SIGALG:333:tls12_check_peer_sigalg

SSL_F_TLS12_COPY_SIGALGS:533:tls12_copy_sigalgs

SSL_F_TLS13_CHANGE_CIPHER_STATE:440:tls13_change_cipher_state

SSL_F_TLS13_FINAL_FINISH_MAC:605:tls13_final_finish_mac

SSL_F_TLS13_GENERATE_SECRET:591:tls13_generate_secret

SSL_F_TLS13_HKDF_EXPAND:561:tls13_hkdf_expand

SSL_F_TLS13_SETUP_KEY_BLOCK:441:tls13_setup_key_block

include/openssl/sslerr.h

+1 −0
Original line number Diff line number Diff line
@@ -247,6 +247,7 @@ int ERR_load_SSL_strings(void); 
# define SSL_F_TLS12_CHECK_PEER_SIGALG                    333

# define SSL_F_TLS12_COPY_SIGALGS                         533

# define SSL_F_TLS13_CHANGE_CIPHER_STATE                  440

# define SSL_F_TLS13_FINAL_FINISH_MAC                     605

# define SSL_F_TLS13_GENERATE_SECRET                      591

# define SSL_F_TLS13_HKDF_EXPAND                          561

# define SSL_F_TLS13_SETUP_KEY_BLOCK                      441

ssl/s3_enc.c

+30 −10
Original line number Diff line number Diff line
@@ -30,7 +30,8 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) 
    m5 = EVP_MD_CTX_new();

    s1 = EVP_MD_CTX_new();

    if (m5 == NULL || s1 == NULL) {

        SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_MALLOC_FAILURE);

        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_GENERATE_KEY_BLOCK,

                 ERR_R_MALLOC_FAILURE);

        goto err;

    }

    EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
@@ -38,7 +39,8 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) 
        k++;

        if (k > sizeof(buf)) {

            /* bug: 'buf' is too small for this ciphersuite */

            SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);

            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_GENERATE_KEY_BLOCK,

                     ERR_R_INTERNAL_ERROR);

            goto err;

        }
@@ -55,16 +57,25 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) 
            || !EVP_DigestInit_ex(m5, EVP_md5(), NULL)

            || !EVP_DigestUpdate(m5, s->session->master_key,

                                 s->session->master_key_length)

            || !EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH))

            || !EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH)) {

            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_GENERATE_KEY_BLOCK,

                     ERR_R_INTERNAL_ERROR);

            goto err;

        }

        if ((int)(i + MD5_DIGEST_LENGTH) > num) {

            if (!EVP_DigestFinal_ex(m5, smd, NULL))

            if (!EVP_DigestFinal_ex(m5, smd, NULL)) {

                SSLfatal(s, SSL_AD_INTERNAL_ERROR,

                         SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);

                goto err;

            }

            memcpy(km, smd, (num - i));

        } else {

            if (!EVP_DigestFinal_ex(m5, km, NULL))

            if (!EVP_DigestFinal_ex(m5, km, NULL)) {

                SSLfatal(s, SSL_AD_INTERNAL_ERROR,

                         SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);

                goto err;

            }

        }



        km += MD5_DIGEST_LENGTH;

    }
@@ -279,6 +290,7 @@ int ssl3_setup_key_block(SSL *s) 
    s->s3->tmp.key_block_length = num;

    s->s3->tmp.key_block = p;



    /* Calls SSLfatal() as required */

    ret = ssl3_generate_key_block(s, p, num);



    if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) {
@@ -408,26 +420,33 @@ size_t ssl3_final_finish_mac(SSL *s, const char *sender, size_t len, 
    int ret;

    EVP_MD_CTX *ctx = NULL;



    if (!ssl3_digest_cached_records(s, 0))

    if (!ssl3_digest_cached_records(s, 0)) {

        /* SSLfatal() already called */

        return 0;

    }



    if (EVP_MD_CTX_type(s->s3->handshake_dgst) != NID_md5_sha1) {

        SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, SSL_R_NO_REQUIRED_DIGEST);

        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC,

                 SSL_R_NO_REQUIRED_DIGEST);

        return 0;

    }



    ctx = EVP_MD_CTX_new();

    if (ctx == NULL) {

        SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE);

        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC,

                 ERR_R_MALLOC_FAILURE);

        return 0;

    }

    if (!EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst)) {

        SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);

        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC,

                 ERR_R_INTERNAL_ERROR);

        return 0;

    }



    ret = EVP_MD_CTX_size(ctx);

    if (ret < 0) {

        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC,

                 ERR_R_INTERNAL_ERROR);

        EVP_MD_CTX_reset(ctx);

        return 0;

    }
@@ -437,7 +456,8 @@ size_t ssl3_final_finish_mac(SSL *s, const char *sender, size_t len, 
                           (int)s->session->master_key_length,

                           s->session->master_key) <= 0

        || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) {

        SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);

        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC,

                 ERR_R_INTERNAL_ERROR);

        ret = 0;

    }

ssl/ssl_err.c

+2 −0
Original line number Diff line number Diff line
@@ -358,6 +358,8 @@ static const ERR_STRING_DATA SSL_str_functs[] = { 
    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS12_COPY_SIGALGS, 0), "tls12_copy_sigalgs"},

    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_CHANGE_CIPHER_STATE, 0),

     "tls13_change_cipher_state"},

    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_FINAL_FINISH_MAC, 0),

     "tls13_final_finish_mac"},

    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_GENERATE_SECRET, 0),

     "tls13_generate_secret"},

    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_HKDF_EXPAND, 0), "tls13_hkdf_expand"},

ssl/statem/statem.c

+9 −3
Original line number Diff line number Diff line
@@ -324,18 +324,24 @@ static int state_machine(SSL *s, int server) 
        if (SSL_IS_DTLS(s)) {

            if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00) &&

                (server || (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00))) {

                SSLerr(SSL_F_STATE_MACHINE, ERR_R_INTERNAL_ERROR);

                /* We've failed to even initialise so no alert sent */

                SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,

                         ERR_R_INTERNAL_ERROR);

                goto end;

            }

        } else {

            if ((s->version >> 8) != SSL3_VERSION_MAJOR) {

                SSLerr(SSL_F_STATE_MACHINE, ERR_R_INTERNAL_ERROR);

                /* We've failed to even initialise so no alert sent */

                SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,

                         ERR_R_INTERNAL_ERROR);

                goto end;

            }

        }



        if (!ssl_security(s, SSL_SECOP_VERSION, 0, s->version, NULL)) {

            SSLerr(SSL_F_STATE_MACHINE, SSL_R_VERSION_TOO_LOW);

            /* We've failed to even initialise so no alert sent */

            SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,

                     ERR_R_INTERNAL_ERROR);

            goto end;

        }