Loading apps/s_server.c +3 −0 Original line number Diff line number Diff line Loading @@ -1865,7 +1865,10 @@ bad: goto end; if (s_serverinfo_file != NULL && !SSL_CTX_use_serverinfo_file(ctx, s_serverinfo_file)) { ERR_print_errors(bio_err); goto end; } #endif #ifndef OPENSSL_NO_TLSEXT if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2, NULL, build_chain)) Loading ssl/ssl.h +4 −0 Original line number Diff line number Diff line Loading @@ -2654,6 +2654,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_AUTHENTICATION_TYPE 102 #define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 #define SSL_R_BAD_CHECKSUM 104 #define SSL_R_BAD_DATA 390 #define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 #define SSL_R_BAD_DECOMPRESSION 107 #define SSL_R_BAD_DH_G_LENGTH 108 Loading Loading @@ -2804,6 +2805,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_NO_COMPRESSION_SPECIFIED 187 #define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330 #define SSL_R_NO_METHOD_SPECIFIED 188 #define SSL_R_NO_PEM_EXTENSIONS 389 #define SSL_R_NO_PRIVATEKEY 189 #define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 #define SSL_R_NO_PROTOCOLS_AVAILABLE 191 Loading Loading @@ -2831,6 +2833,8 @@ void ERR_load_SSL_strings(void); #define SSL_R_PEER_ERROR_NO_CERTIFICATE 202 #define SSL_R_PEER_ERROR_NO_CIPHER 203 #define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204 #define SSL_R_PEM_NAME_BAD_PREFIX 391 #define SSL_R_PEM_NAME_TOO_SHORT 392 #define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205 #define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206 #define SSL_R_PROTOCOL_IS_SHUTDOWN 207 Loading ssl/ssl_err.c +4 −0 Original line number Diff line number Diff line Loading @@ -319,6 +319,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE),"bad authentication type"}, {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC),"bad change cipher spec"}, {ERR_REASON(SSL_R_BAD_CHECKSUM) ,"bad checksum"}, {ERR_REASON(SSL_R_BAD_DATA) ,"bad data"}, {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),"bad data returned by callback"}, {ERR_REASON(SSL_R_BAD_DECOMPRESSION) ,"bad decompression"}, {ERR_REASON(SSL_R_BAD_DH_G_LENGTH) ,"bad dh g length"}, Loading Loading @@ -469,6 +470,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"}, {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),"Peer haven't sent GOST certificate, required for selected ciphersuite"}, {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) ,"no method specified"}, {ERR_REASON(SSL_R_NO_PEM_EXTENSIONS) ,"no pem extensions"}, {ERR_REASON(SSL_R_NO_PRIVATEKEY) ,"no privatekey"}, {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"}, {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"}, Loading Loading @@ -496,6 +498,8 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),"peer error no certificate"}, {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER) ,"peer error no cipher"}, {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),"peer error unsupported certificate type"}, {ERR_REASON(SSL_R_PEM_NAME_BAD_PREFIX) ,"pem name bad prefix"}, {ERR_REASON(SSL_R_PEM_NAME_TOO_SHORT) ,"pem name too short"}, {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG),"pre mac length too long"}, {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),"problems mapping cipher functions"}, {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN) ,"protocol is shutdown"}, Loading ssl/ssl_rsa.c +4 −4 Original line number Diff line number Diff line Loading @@ -1236,7 +1236,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) /* There must be at least one extension in this file */ if (num_extensions == 0) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_NO_PEM_EXTENSIONS); goto end; } else /* End of file, we're done */ Loading @@ -1245,18 +1245,18 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */ if (strlen(name) < strlen(namePrefix)) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT); goto end; } if (strncmp(name, namePrefix, strlen(namePrefix)) != 0) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_BAD_PREFIX); goto end; } /* Check that the decoded PEM data is plausible (valid length field) */ if (extension_length < 4 || (extension[2] << 8) + extension[3] != extension_length - 4) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA); goto end; } /* Append the decoded extension to the serverinfo buffer */ Loading Loading
apps/s_server.c +3 −0 Original line number Diff line number Diff line Loading @@ -1865,7 +1865,10 @@ bad: goto end; if (s_serverinfo_file != NULL && !SSL_CTX_use_serverinfo_file(ctx, s_serverinfo_file)) { ERR_print_errors(bio_err); goto end; } #endif #ifndef OPENSSL_NO_TLSEXT if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2, NULL, build_chain)) Loading
ssl/ssl.h +4 −0 Original line number Diff line number Diff line Loading @@ -2654,6 +2654,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_AUTHENTICATION_TYPE 102 #define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 #define SSL_R_BAD_CHECKSUM 104 #define SSL_R_BAD_DATA 390 #define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 #define SSL_R_BAD_DECOMPRESSION 107 #define SSL_R_BAD_DH_G_LENGTH 108 Loading Loading @@ -2804,6 +2805,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_NO_COMPRESSION_SPECIFIED 187 #define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330 #define SSL_R_NO_METHOD_SPECIFIED 188 #define SSL_R_NO_PEM_EXTENSIONS 389 #define SSL_R_NO_PRIVATEKEY 189 #define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 #define SSL_R_NO_PROTOCOLS_AVAILABLE 191 Loading Loading @@ -2831,6 +2833,8 @@ void ERR_load_SSL_strings(void); #define SSL_R_PEER_ERROR_NO_CERTIFICATE 202 #define SSL_R_PEER_ERROR_NO_CIPHER 203 #define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204 #define SSL_R_PEM_NAME_BAD_PREFIX 391 #define SSL_R_PEM_NAME_TOO_SHORT 392 #define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205 #define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206 #define SSL_R_PROTOCOL_IS_SHUTDOWN 207 Loading
ssl/ssl_err.c +4 −0 Original line number Diff line number Diff line Loading @@ -319,6 +319,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE),"bad authentication type"}, {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC),"bad change cipher spec"}, {ERR_REASON(SSL_R_BAD_CHECKSUM) ,"bad checksum"}, {ERR_REASON(SSL_R_BAD_DATA) ,"bad data"}, {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),"bad data returned by callback"}, {ERR_REASON(SSL_R_BAD_DECOMPRESSION) ,"bad decompression"}, {ERR_REASON(SSL_R_BAD_DH_G_LENGTH) ,"bad dh g length"}, Loading Loading @@ -469,6 +470,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"}, {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),"Peer haven't sent GOST certificate, required for selected ciphersuite"}, {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) ,"no method specified"}, {ERR_REASON(SSL_R_NO_PEM_EXTENSIONS) ,"no pem extensions"}, {ERR_REASON(SSL_R_NO_PRIVATEKEY) ,"no privatekey"}, {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"}, {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"}, Loading Loading @@ -496,6 +498,8 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),"peer error no certificate"}, {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER) ,"peer error no cipher"}, {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),"peer error unsupported certificate type"}, {ERR_REASON(SSL_R_PEM_NAME_BAD_PREFIX) ,"pem name bad prefix"}, {ERR_REASON(SSL_R_PEM_NAME_TOO_SHORT) ,"pem name too short"}, {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG),"pre mac length too long"}, {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),"problems mapping cipher functions"}, {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN) ,"protocol is shutdown"}, Loading
ssl/ssl_rsa.c +4 −4 Original line number Diff line number Diff line Loading @@ -1236,7 +1236,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) /* There must be at least one extension in this file */ if (num_extensions == 0) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_NO_PEM_EXTENSIONS); goto end; } else /* End of file, we're done */ Loading @@ -1245,18 +1245,18 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */ if (strlen(name) < strlen(namePrefix)) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT); goto end; } if (strncmp(name, namePrefix, strlen(namePrefix)) != 0) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_BAD_PREFIX); goto end; } /* Check that the decoded PEM data is plausible (valid length field) */ if (extension_length < 4 || (extension[2] << 8) + extension[3] != extension_length - 4) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA); goto end; } /* Append the decoded extension to the serverinfo buffer */ Loading
