Convert remaining functions in statem_clnt.c to use SSLfatal()

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4778)
This commit is contained in:
Matt Caswell 2017-11-22 17:18:39 +00:00
parent f63a17d66d
commit a2c2e00050
8 changed files with 337 additions and 210 deletions

View file

@ -996,6 +996,7 @@ SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST:385:\
dtls_construct_hello_verify_request
SSL_F_DTLS_GET_REASSEMBLED_MESSAGE:370:dtls_get_reassembled_message
SSL_F_DTLS_PROCESS_HELLO_VERIFY:386:dtls_process_hello_verify
SSL_F_DTLS_WAIT_FOR_DRY:592:dtls_wait_for_dry
SSL_F_EARLY_DATA_COUNT_OK:532:early_data_count_ok
SSL_F_FINAL_EARLY_DATA:556:final_early_data
SSL_F_FINAL_EC_PT_FORMATS:485:final_ec_pt_formats
@ -1009,8 +1010,15 @@ SSL_F_GET_CERT_VERIFY_TBS_DATA:588:get_cert_verify_tbs_data
SSL_F_NSS_KEYLOG_INT:500:nss_keylog_int
SSL_F_OPENSSL_INIT_SSL:342:OPENSSL_init_ssl
SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION:436:*
SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION:598:\
ossl_statem_client13_write_transition
SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE:430:*
SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE:593:\
ossl_statem_client_post_process_message
SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE:594:ossl_statem_client_process_message
SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION:417:ossl_statem_client_read_transition
SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION:599:\
ossl_statem_client_write_transition
SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION:437:*
SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE:431:*
SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION:418:ossl_statem_server_read_transition
@ -1018,7 +1026,9 @@ SSL_F_PARSE_CA_NAMES:541:parse_ca_names
SSL_F_PROCESS_KEY_SHARE_EXT:439:*
SSL_F_READ_STATE_MACHINE:352:read_state_machine
SSL_F_SET_CLIENT_CIPHERSUITE:540:set_client_ciphersuite
SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET:595:srp_generate_client_master_secret
SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET:589:srp_generate_server_master_secret
SSL_F_SRP_VERIFY_SERVER_PARAM:596:srp_verify_server_param
SSL_F_SSL3_CHANGE_CIPHER_STATE:129:ssl3_change_cipher_state
SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM:130:ssl3_check_cert_and_algorithm
SSL_F_SSL3_CTRL:213:ssl3_ctrl
@ -1272,6 +1282,7 @@ SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS:544:\
SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP:462:tls_construct_stoc_use_srtp
SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO:521:\
tls_early_post_process_client_hello
SSL_F_TLS_FINISH_HANDSHAKE:597:tls_finish_handshake
SSL_F_TLS_GET_MESSAGE_BODY:351:tls_get_message_body
SSL_F_TLS_GET_MESSAGE_HEADER:387:tls_get_message_header
SSL_F_TLS_HANDLE_ALPN:562:tls_handle_alpn
@ -2423,6 +2434,7 @@ SSL_R_INCONSISTENT_COMPRESSION:340:inconsistent compression
SSL_R_INCONSISTENT_EARLY_DATA_ALPN:222:inconsistent early data alpn
SSL_R_INCONSISTENT_EARLY_DATA_SNI:231:inconsistent early data sni
SSL_R_INCONSISTENT_EXTMS:104:inconsistent extms
SSL_R_INSUFFICIENT_SECURITY:241:insufficient security
SSL_R_INVALID_ALERT:205:invalid alert
SSL_R_INVALID_CERTIFICATE_OR_ALG:238:invalid certificate or alg
SSL_R_INVALID_COMMAND:280:invalid command

View file

@ -56,6 +56,7 @@ int ERR_load_SSL_strings(void);
# define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST 385
# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 370
# define SSL_F_DTLS_PROCESS_HELLO_VERIFY 386
# define SSL_F_DTLS_WAIT_FOR_DRY 592
# define SSL_F_EARLY_DATA_COUNT_OK 532
# define SSL_F_FINAL_EARLY_DATA 556
# define SSL_F_FINAL_EC_PT_FORMATS 485
@ -69,8 +70,12 @@ int ERR_load_SSL_strings(void);
# define SSL_F_NSS_KEYLOG_INT 500
# define SSL_F_OPENSSL_INIT_SSL 342
# define SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION 436
# define SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION 598
# define SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE 430
# define SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE 593
# define SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE 594
# define SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION 417
# define SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION 599
# define SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION 437
# define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE 431
# define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION 418
@ -78,7 +83,9 @@ int ERR_load_SSL_strings(void);
# define SSL_F_PROCESS_KEY_SHARE_EXT 439
# define SSL_F_READ_STATE_MACHINE 352
# define SSL_F_SET_CLIENT_CIPHERSUITE 540
# define SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET 595
# define SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET 589
# define SSL_F_SRP_VERIFY_SERVER_PARAM 596
# define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
# define SSL_F_SSL3_CTRL 213
@ -325,6 +332,7 @@ int ERR_load_SSL_strings(void);
# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS 544
# define SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP 462
# define SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO 521
# define SSL_F_TLS_FINISH_HANDSHAKE 597
# define SSL_F_TLS_GET_MESSAGE_BODY 351
# define SSL_F_TLS_GET_MESSAGE_HEADER 387
# define SSL_F_TLS_HANDLE_ALPN 562
@ -510,6 +518,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_INCONSISTENT_EARLY_DATA_ALPN 222
# define SSL_R_INCONSISTENT_EARLY_DATA_SNI 231
# define SSL_R_INCONSISTENT_EXTMS 104
# define SSL_R_INSUFFICIENT_SECURITY 241
# define SSL_R_INVALID_ALERT 205
# define SSL_R_INVALID_CERTIFICATE_OR_ALG 238
# define SSL_R_INVALID_COMMAND 280

View file

@ -64,6 +64,7 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
"dtls_get_reassembled_message"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_PROCESS_HELLO_VERIFY, 0),
"dtls_process_hello_verify"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_WAIT_FOR_DRY, 0), "dtls_wait_for_dry"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_EARLY_DATA_COUNT_OK, 0),
"early_data_count_ok"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_EARLY_DATA, 0), "final_early_data"},
@ -81,9 +82,17 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
{ERR_PACK(ERR_LIB_SSL, SSL_F_NSS_KEYLOG_INT, 0), "nss_keylog_int"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OPENSSL_INIT_SSL, 0), "OPENSSL_init_ssl"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION, 0), ""},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION, 0),
"ossl_statem_client13_write_transition"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE, 0), ""},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE, 0),
"ossl_statem_client_post_process_message"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE, 0),
"ossl_statem_client_process_message"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION, 0),
"ossl_statem_client_read_transition"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION, 0),
"ossl_statem_client_write_transition"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION, 0), ""},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE, 0), ""},
{ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION, 0),
@ -93,8 +102,12 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
{ERR_PACK(ERR_LIB_SSL, SSL_F_READ_STATE_MACHINE, 0), "read_state_machine"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SET_CLIENT_CIPHERSUITE, 0),
"set_client_ciphersuite"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, 0),
"srp_generate_client_master_secret"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET, 0),
"srp_generate_server_master_secret"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SRP_VERIFY_SERVER_PARAM, 0),
"srp_verify_server_param"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_CHANGE_CIPHER_STATE, 0),
"ssl3_change_cipher_state"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 0),
@ -497,6 +510,8 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
"tls_construct_stoc_use_srtp"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, 0),
"tls_early_post_process_client_hello"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_FINISH_HANDSHAKE, 0),
"tls_finish_handshake"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_GET_MESSAGE_BODY, 0),
"tls_get_message_body"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_GET_MESSAGE_HEADER, 0),
@ -810,6 +825,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INCONSISTENT_EARLY_DATA_SNI),
"inconsistent early data sni"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INCONSISTENT_EXTMS), "inconsistent extms"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INSUFFICIENT_SECURITY),
"insufficient security"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_ALERT), "invalid alert"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_CERTIFICATE_OR_ALG),
"invalid certificate or alg"},

View file

@ -2507,7 +2507,7 @@ __owur int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
__owur int srp_generate_server_master_secret(SSL *s);
__owur int srp_generate_client_master_secret(SSL *s);
__owur int srp_verify_server_param(SSL *s, int *al);
__owur int srp_verify_server_param(SSL *s);
/* statem/extensions_cust.c */

File diff suppressed because it is too large Load diff

View file

@ -903,8 +903,11 @@ WORK_STATE dtls_wait_for_dry(SSL *s)
/* read app data until dry event */
ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
if (ret < 0)
if (ret < 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS_WAIT_FOR_DRY,
ERR_R_INTERNAL_ERROR);
return WORK_ERROR;
}
if (ret == 0) {
s->s3->in_read_app_data = 2;

View file

@ -1018,8 +1018,11 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs)
BUF_MEM_free(s->init_buf);
s->init_buf = NULL;
}
if (!ssl_free_wbio_buffer(s))
if (!ssl_free_wbio_buffer(s)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_FINISH_HANDSHAKE,
ERR_R_INTERNAL_ERROR);
return WORK_ERROR;
}
s->init_num = 0;
}

View file

@ -282,26 +282,39 @@ int srp_generate_client_master_secret(SSL *s)
/*
* Checks if b % n == 0
*/
if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0)
if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0
|| (u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N))
== NULL
|| s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, ERR_R_INTERNAL_ERROR);
goto err;
if ((u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)) == NULL)
}
if ((passwd = s->srp_ctx.SRP_give_srp_client_pwd_callback(s,
s->srp_ctx.SRP_cb_arg))
== NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET,
SSL_R_CALLBACK_FAILED);
goto err;
if (s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL)
goto err;
if (!
(passwd =
s->srp_ctx.SRP_give_srp_client_pwd_callback(s, s->srp_ctx.SRP_cb_arg)))
goto err;
if ((x = SRP_Calc_x(s->srp_ctx.s, s->srp_ctx.login, passwd)) == NULL)
goto err;
if ((K = SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B, s->srp_ctx.g, x,
s->srp_ctx.a, u)) == NULL)
}
if ((x = SRP_Calc_x(s->srp_ctx.s, s->srp_ctx.login, passwd)) == NULL
|| (K = SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B,
s->srp_ctx.g, x,
s->srp_ctx.a, u)) == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, ERR_R_INTERNAL_ERROR);
goto err;
}
tmp_len = BN_num_bytes(K);
if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, ERR_R_MALLOC_FAILURE);
goto err;
}
BN_bn2bin(K, tmp);
/* Calls SSLfatal() as required */
ret = ssl_generate_master_secret(s, tmp, tmp_len, 1);
err:
BN_clear_free(K);
@ -312,7 +325,7 @@ int srp_generate_client_master_secret(SSL *s)
return ret;
}
int srp_verify_server_param(SSL *s, int *al)
int srp_verify_server_param(SSL *s)
{
SRP_CTX *srp = &s->srp_ctx;
/*
@ -321,22 +334,27 @@ int srp_verify_server_param(SSL *s, int *al)
*/
if (BN_ucmp(srp->g, srp->N) >= 0 || BN_ucmp(srp->B, srp->N) >= 0
|| BN_is_zero(srp->B)) {
*al = SSL3_AD_ILLEGAL_PARAMETER;
SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SRP_VERIFY_SERVER_PARAM,
SSL_R_BAD_DATA);
return 0;
}
if (BN_num_bits(srp->N) < srp->strength) {
*al = TLS1_AD_INSUFFICIENT_SECURITY;
SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_F_SRP_VERIFY_SERVER_PARAM,
SSL_R_INSUFFICIENT_SECURITY);
return 0;
}
if (srp->SRP_verify_param_callback) {
if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0) {
*al = TLS1_AD_INSUFFICIENT_SECURITY;
SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY,
SSL_F_SRP_VERIFY_SERVER_PARAM,
SSL_R_CALLBACK_FAILED);
return 0;
}
} else if (!SRP_check_known_gN_param(srp->g, srp->N)) {
*al = TLS1_AD_INSUFFICIENT_SECURITY;
SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_F_SRP_VERIFY_SERVER_PARAM,
SSL_R_INSUFFICIENT_SECURITY);
return 0;
}