Replace some usage of SSLerr with SSLfatal()

This is an initial step towards using SSLfatal() everywhere. Initially in this commit and in subsequent commits we focus on the state machine code. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4778)
2025-02-23 14:42:15 +08:00 · 2017-11-23 16:25:05 +00:00 · 2017-11-23 16:25:05 +00:00 · 4752c5deb2
commit 4752c5deb2
parent 1f359471f9
2 changed files with 8 additions and 8 deletions
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@ -298,7 +298,8 @@ int ssl3_init_finished_mac(SSL *s)
    BIO *buf = BIO_new(BIO_s_mem());

    if (buf == NULL) {
-        SSLerr(SSL_F_SSL3_INIT_FINISHED_MAC, ERR_R_MALLOC_FAILURE);
+        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_INIT_FINISHED_MAC,
+                 ERR_R_MALLOC_FAILURE);
        return 0;
    }
    ssl3_free_digest_list(s);
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@ -86,8 +86,8 @@ int tls_setup_handshake(SSL *s)
         * ClientHello.
         */
        if (ssl_get_min_max_version(s, &ver_min, &ver_max) != 0) {
-            SSLerr(SSL_F_TLS_SETUP_HANDSHAKE, ERR_R_INTERNAL_ERROR);
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_SETUP_HANDSHAKE,
+                     ERR_R_INTERNAL_ERROR);
            return 0;
        }
        for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
@ -104,10 +104,10 @@ int tls_setup_handshake(SSL *s)
                break;
        }
        if (!ok) {
-            SSLerr(SSL_F_TLS_SETUP_HANDSHAKE, SSL_R_NO_CIPHERS_AVAILABLE);
+            SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
+                     SSL_R_NO_CIPHERS_AVAILABLE);
            ERR_add_error_data(1, "No ciphers enabled for max supported "
                                  "SSL/TLS version");
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
            return 0;
        }
        if (SSL_IS_FIRST_HANDSHAKE(s)) {
@ -125,9 +125,8 @@ int tls_setup_handshake(SSL *s)
             * Server attempting to renegotiate with client that doesn't
             * support secure renegotiation.
             */
-            SSLerr(SSL_F_TLS_SETUP_HANDSHAKE,
-                   SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+            SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
+                     SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
            return 0;
        } else {
            /* N.B. s->ctx may not equal s->session_ctx */