Browse Source

Use OCSP-specific error code for clarity

Fixes #12735

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/xxxxx)
master
Dmitry Belyavskiy 1 year ago
parent
commit
c0f4400c40
4 changed files with 6 additions and 1 deletions
  1. +1
    -0
      crypto/err/openssl.txt
  2. +1
    -0
      include/openssl/sslerr.h
  3. +2
    -0
      ssl/ssl_err.c
  4. +2
    -1
      ssl/statem/statem_clnt.c

+ 1
- 0
crypto/err/openssl.txt View File

@ -1409,6 +1409,7 @@ SSL_R_NO_VALID_SCTS:216:no valid scts
SSL_R_NO_VERIFY_COOKIE_CALLBACK:403:no verify cookie callback
SSL_R_NULL_SSL_CTX:195:null ssl ctx
SSL_R_NULL_SSL_METHOD_PASSED:196:null ssl method passed
SSL_R_OCSP_CALLBACK_FAILURE:305:ocsp callback failure
SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED:197:old session cipher not returned
SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED:344:\
old session compression algorithm not returned


+ 1
- 0
include/openssl/sslerr.h View File

@ -203,6 +203,7 @@
# define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
# define SSL_R_NULL_SSL_CTX 195
# define SSL_R_NULL_SSL_METHOD_PASSED 196
# define SSL_R_OCSP_CALLBACK_FAILURE 305
# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
# define SSL_R_OVERFLOW_ERROR 237


+ 2
- 0
ssl/ssl_err.c View File

@ -312,6 +312,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_CTX), "null ssl ctx"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_METHOD_PASSED),
"null ssl method passed"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OCSP_CALLBACK_FAILURE),
"ocsp callback failure"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
"old session cipher not returned"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),


+ 2
- 1
ssl/statem/statem_clnt.c View File

@ -2699,7 +2699,8 @@ int tls_process_initial_server_flight(SSL *s)
return 0;
}
if (ret < 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_R_OCSP_CALLBACK_FAILURE);
return 0;
}
}


Loading…
Cancel
Save