From: Bodo Möller Date: Tue, 24 Apr 2007 01:06:19 +0000 (+0000) Subject: fix function codes for error X-Git-Tag: OpenSSL_0_9_8k^2~871 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a291745eebe4ea0f4490bf4354988cdc15cd0a5b;p=oweals%2Fopenssl.git fix function codes for error --- diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index dd321c503a..9ad1448bf7 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -350,7 +350,7 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) *sk=sk_X509_CRL_new_null(); if (*sk == NULL) { - PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,ERR_R_MALLOC_FAILURE); + PKCS7err(PKCS7_F_PKCS7_ADD_CRL,ERR_R_MALLOC_FAILURE); return 0; } diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c index e01e936679..211534d87a 100644 --- a/crypto/pkcs7/pk7_mime.c +++ b/crypto/pkcs7/pk7_mime.c @@ -121,7 +121,7 @@ int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags) bio = BIO_new_PKCS7(out, p7); if (!bio) { - PKCS7err(PKCS7_F_B64_WRITE_PKCS7,ERR_R_MALLOC_FAILURE); + PKCS7err(PKCS7_F_PKCS7_BIO_STREAM,ERR_R_MALLOC_FAILURE); return 0; } SMIME_crlf_copy(in, bio, flags); diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h index 3c014b2696..61c689b713 100644 --- a/crypto/pkcs7/pkcs7.h +++ b/crypto/pkcs7/pkcs7.h @@ -409,6 +409,7 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_F_PKCS7_ADD_SIGNATURE 131 #define PKCS7_F_PKCS7_ADD_SIGNER 103 #define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125 +#define PKCS7_F_PKCS7_BIO_STREAM 140 #define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138 #define PKCS7_F_PKCS7_CTRL 104 #define PKCS7_F_PKCS7_DATADECODE 112 diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c index 4109ccd2bd..b857de1bcb 100644 --- a/crypto/pkcs7/pkcs7err.c +++ b/crypto/pkcs7/pkcs7err.c @@ -1,6 +1,6 @@ /* crypto/pkcs7/pkcs7err.c */ /* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -81,6 +81,7 @@ static ERR_STRING_DATA PKCS7_str_functs[]= {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE), "PKCS7_add_signature"}, {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"}, {ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST), "PKCS7_BIO_ADD_DIGEST"}, +{ERR_FUNC(PKCS7_F_PKCS7_BIO_STREAM), "PKCS7_BIO_STREAM"}, {ERR_FUNC(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST), "PKCS7_COPY_EXISTING_DIGEST"}, {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"}, {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"}, diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 1878ffe1ed..0be4ec7fb0 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -197,7 +197,7 @@ int int_rsa_verify(int dtype, const unsigned char *m, /* Excess data can be used to create forgeries */ if(p != s+i) { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); goto err; } @@ -206,7 +206,7 @@ int int_rsa_verify(int dtype, const unsigned char *m, if(sig->algor->parameter && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); goto err; } diff --git a/crypto/ts/ts.h b/crypto/ts/ts.h index 67e90e91e3..190e8a1bf2 100644 --- a/crypto/ts/ts.h +++ b/crypto/ts/ts.h @@ -772,6 +772,7 @@ void ERR_load_TS_strings(void); #define TS_F_ESS_ADD_SIGNING_CERT 112 #define TS_F_ESS_CERT_ID_NEW_INIT 113 #define TS_F_ESS_SIGNING_CERT_NEW_INIT 114 +#define TS_F_INT_TS_RESP_VERIFY_TOKEN 149 #define TS_F_PKCS7_TO_TS_TST_INFO 148 #define TS_F_TS_ACCURACY_SET_MICROS 115 #define TS_F_TS_ACCURACY_SET_MILLIS 116 @@ -802,6 +803,7 @@ void ERR_load_TS_strings(void); #define TS_F_TS_RESP_GET_POLICY 133 #define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134 #define TS_F_TS_RESP_SET_STATUS_INFO 135 +#define TS_F_TS_RESP_SET_TST_INFO 150 #define TS_F_TS_RESP_SIGN 136 #define TS_F_TS_RESP_VERIFY_SIGNATURE 106 #define TS_F_TS_RESP_VERIFY_TOKEN 107 diff --git a/crypto/ts/ts_asn1.c b/crypto/ts/ts_asn1.c index 86d78dc472..40b730c5e2 100644 --- a/crypto/ts/ts_asn1.c +++ b/crypto/ts/ts_asn1.c @@ -187,18 +187,18 @@ static int ts_resp_set_tst_info(TS_RESP *a) if (a->token) { if (status != 0 && status != 1) { - TSerr(TS_F_D2I_TS_RESP, TS_R_TOKEN_PRESENT); + TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_PRESENT); return 0; } if (a->tst_info != NULL) TS_TST_INFO_free(a->tst_info); a->tst_info = PKCS7_to_TS_TST_INFO(a->token); if (!a->tst_info) { - TSerr(TS_F_D2I_TS_RESP, TS_R_PKCS7_TO_TS_TST_INFO_FAILED); + TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_PKCS7_TO_TS_TST_INFO_FAILED); return 0; } } else if (status == 0 || status == 1) { - TSerr(TS_F_D2I_TS_RESP, TS_R_TOKEN_NOT_PRESENT); + TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_NOT_PRESENT); return 0; } diff --git a/crypto/ts/ts_err.c b/crypto/ts/ts_err.c index cc9881eae6..a08b0ffa23 100644 --- a/crypto/ts/ts_err.c +++ b/crypto/ts/ts_err.c @@ -1,6 +1,6 @@ /* crypto/ts/ts_err.c */ /* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -76,6 +76,7 @@ static ERR_STRING_DATA TS_str_functs[]= {ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT), "ESS_ADD_SIGNING_CERT"}, {ERR_FUNC(TS_F_ESS_CERT_ID_NEW_INIT), "ESS_CERT_ID_NEW_INIT"}, {ERR_FUNC(TS_F_ESS_SIGNING_CERT_NEW_INIT), "ESS_SIGNING_CERT_NEW_INIT"}, +{ERR_FUNC(TS_F_INT_TS_RESP_VERIFY_TOKEN), "INT_TS_RESP_VERIFY_TOKEN"}, {ERR_FUNC(TS_F_PKCS7_TO_TS_TST_INFO), "PKCS7_to_TS_TST_INFO"}, {ERR_FUNC(TS_F_TS_ACCURACY_SET_MICROS), "TS_ACCURACY_set_micros"}, {ERR_FUNC(TS_F_TS_ACCURACY_SET_MILLIS), "TS_ACCURACY_set_millis"}, @@ -106,6 +107,7 @@ static ERR_STRING_DATA TS_str_functs[]= {ERR_FUNC(TS_F_TS_RESP_GET_POLICY), "TS_RESP_GET_POLICY"}, {ERR_FUNC(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION), "TS_RESP_SET_GENTIME_WITH_PRECISION"}, {ERR_FUNC(TS_F_TS_RESP_SET_STATUS_INFO), "TS_RESP_set_status_info"}, +{ERR_FUNC(TS_F_TS_RESP_SET_TST_INFO), "TS_RESP_set_tst_info"}, {ERR_FUNC(TS_F_TS_RESP_SIGN), "TS_RESP_SIGN"}, {ERR_FUNC(TS_F_TS_RESP_VERIFY_SIGNATURE), "TS_RESP_verify_signature"}, {ERR_FUNC(TS_F_TS_RESP_VERIFY_TOKEN), "TS_RESP_verify_token"}, diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c index 2491bbb4f9..6acacac6c1 100644 --- a/crypto/ts/ts_rsp_verify.c +++ b/crypto/ts/ts_rsp_verify.c @@ -70,7 +70,7 @@ static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si, STACK_OF(X509) *chain); static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si); static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert); static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo); -static int _TS_RESP_verify_token(TS_VERIFY_CTX *ctx, +static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token, TS_TST_INFO *tst_info); static int TS_check_status_info(TS_RESP *response); static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text); @@ -369,7 +369,7 @@ int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response) if (!TS_check_status_info(response)) goto err; /* Check the contents of the time stamp token. */ - if (!_TS_RESP_verify_token(ctx, token, tst_info)) + if (!int_TS_RESP_verify_token(ctx, token, tst_info)) goto err; ret = 1; @@ -379,7 +379,7 @@ int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response) /* * Tries to extract a TS_TST_INFO structure from the PKCS7 token and - * calls the internal _TS_RESP_verify_token function for verifying it. + * calls the internal int_TS_RESP_verify_token function for verifying it. */ int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token) { @@ -387,7 +387,7 @@ int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token) int ret = 0; if (tst_info) { - ret = _TS_RESP_verify_token(ctx, token, tst_info); + ret = int_TS_RESP_verify_token(ctx, token, tst_info); TS_TST_INFO_free(tst_info); } return ret; @@ -405,7 +405,7 @@ int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token) * - Check if the TSA name matches the signer. * - Check if the TSA name is the expected TSA. */ -static int _TS_RESP_verify_token(TS_VERIFY_CTX *ctx, +static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token, TS_TST_INFO *tst_info) { X509 *signer = NULL; @@ -425,7 +425,7 @@ static int _TS_RESP_verify_token(TS_VERIFY_CTX *ctx, if ((ctx->flags & TS_VFY_VERSION) && TS_TST_INFO_get_version(tst_info) != 1) { - TSerr(TS_F_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION); + TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION); goto err; } @@ -456,7 +456,7 @@ static int _TS_RESP_verify_token(TS_VERIFY_CTX *ctx, if ((ctx->flags & TS_VFY_SIGNER) && tsa_name && !TS_check_signer_name(tsa_name, signer)) { - TSerr(TS_F_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH); + TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH); goto err; } @@ -464,7 +464,7 @@ static int _TS_RESP_verify_token(TS_VERIFY_CTX *ctx, if ((ctx->flags & TS_VFY_TSA_NAME) && !TS_check_signer_name(ctx->tsa_name, signer)) { - TSerr(TS_F_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED); + TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED); goto err; } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 980dd79288..adc8738377 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -833,7 +833,7 @@ int ssl3_get_server_hello(SSL *s) } if (ssl_check_serverhello_tlsext(s) <= 0) { - SSLerr(SSL_F_SSL3_CONNECT,SSL_R_SERVERHELLO_TLSEXT); + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT); goto err; } } diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index e7452dc633..7f6df69164 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -944,7 +944,7 @@ int ssl3_get_client_hello(SSL *s) } } if (ssl_check_clienthello_tlsext(s) <= 0) { - SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_CLIENTHELLO_TLSEXT); + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); goto err; } #endif diff --git a/ssl/ssl.h b/ssl/ssl.h index 28b553df73..abc3342dbe 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -1770,6 +1770,7 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL_CERT_INSTANTIATE 214 #define SSL_F_SSL_CERT_NEW 162 #define SSL_F_SSL_CHECK_PRIVATE_KEY 163 +#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280 #define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279 #define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230 #define SSL_F_SSL_CIPHER_STRENGTH_SORT 231 @@ -1804,6 +1805,8 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 #define SSL_F_SSL_NEW 186 #define SSL_F_SSL_PEEK 270 +#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281 +#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282 #define SSL_F_SSL_READ 223 #define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 #define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index cb26f19a5c..52df85ad0a 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -1,6 +1,6 @@ /* ssl/ssl_err.c */ /* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -177,6 +177,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"}, {ERR_FUNC(SSL_F_SSL_CERT_NEW), "SSL_CERT_NEW"}, {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"}, +{ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT), "SSL_CHECK_SERVERHELLO_TLSEXT"}, {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG), "SSL_CHECK_SRVR_ECC_CERT_AND_ALG"}, {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR), "SSL_CIPHER_PROCESS_RULESTR"}, {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"}, @@ -211,6 +212,8 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"}, {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"}, {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"}, +{ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT), "SSL_PREPARE_CLIENTHELLO_TLSEXT"}, +{ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT), "SSL_PREPARE_SERVERHELLO_TLSEXT"}, {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"}, {ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"}, {ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"}, diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index bf6aac1c5a..e0ca4ac307 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -702,7 +702,7 @@ int ssl_prepare_clienthello_tlsext(SSL *s) if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist); if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) { - SSLerr(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); + SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); return -1; } s->tlsext_ecpointformatlist_length = 3; @@ -716,7 +716,7 @@ int ssl_prepare_clienthello_tlsext(SSL *s) if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) { s->tlsext_ellipticcurvelist_length = 0; - SSLerr(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); + SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); return -1; } for (i = 1, j = s->tlsext_ellipticcurvelist; i <= sizeof(nid_list)/sizeof(nid_list[0]); i++) @@ -744,7 +744,7 @@ int ssl_prepare_serverhello_tlsext(SSL *s) if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist); if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) { - SSLerr(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); + SSLerr(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT,ERR_R_MALLOC_FAILURE); return -1; } s->tlsext_ecpointformatlist_length = 3; @@ -812,7 +812,7 @@ int ssl_check_serverhello_tlsext(SSL *s) int found_uncompressed = 0; if ((s->session->tlsext_ecpointformatlist == NULL) || (s->session->tlsext_ecpointformatlist_length == 0)) { - SSLerr(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT,SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); + SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); return -1; } list = s->session->tlsext_ecpointformatlist; @@ -826,7 +826,7 @@ int ssl_check_serverhello_tlsext(SSL *s) } if (!found_uncompressed) { - SSLerr(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT,SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); + SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); return -1; } }