diff options
| author | joshua <joshua@cvs.openbsd.org> | 2024-03-28 06:55:03 +0000 |
|---|---|---|
| committer | joshua <joshua@cvs.openbsd.org> | 2024-03-28 06:55:03 +0000 |
| commit | fe7d0cac3b1ee1387992e51dcca9fbe3b2675889 (patch) | |
| tree | 9a7878fe6a92ed19be9db228ef4953eeed191d2a /lib | |
| parent | 6b9ad3ecabdc3641ffcd625b6aed2de88ea95a1a (diff) | |
Use TLS_ERROR_INVALID_ARGUMENT for "too large" and "too small" errors
ok beck tb
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libtls/tls_config.c | 11 | ||||
| -rw-r--r-- | lib/libtls/tls_signer.c | 6 |
2 files changed, 9 insertions, 8 deletions
diff --git a/lib/libtls/tls_config.c b/lib/libtls/tls_config.c index 645562e838b..10dc5003cbc 100644 --- a/lib/libtls/tls_config.c +++ b/lib/libtls/tls_config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_config.c,v 1.69 2024/03/27 07:35:30 joshua Exp $ */ +/* $OpenBSD: tls_config.c,v 1.70 2024/03/28 06:55:02 joshua Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -301,7 +301,8 @@ tls_config_parse_alpn(struct tls_config *config, const char *alpn, *alpn_len = 0; if ((buf_len = strlen(alpn) + 1) > 65535) { - tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, "alpn too large"); + tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT, + "alpn too large"); goto err; } @@ -865,7 +866,7 @@ tls_config_set_session_id(struct tls_config *config, const unsigned char *session_id, size_t len) { if (len > TLS_MAX_SESSION_ID_LENGTH) { - tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, + tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT, "session ID too large"); return (-1); } @@ -878,12 +879,12 @@ int tls_config_set_session_lifetime(struct tls_config *config, int lifetime) { if (lifetime > TLS_MAX_SESSION_TIMEOUT) { - tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, + tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT, "session lifetime too large"); return (-1); } if (lifetime != 0 && lifetime < TLS_MIN_SESSION_TIMEOUT) { - tls_config_set_errorx(config, TLS_ERROR_UNKNOWN, + tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT, "session lifetime too small"); return (-1); } diff --git a/lib/libtls/tls_signer.c b/lib/libtls/tls_signer.c index 95a3640d7af..d423b3b1c82 100644 --- a/lib/libtls/tls_signer.c +++ b/lib/libtls/tls_signer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_signer.c,v 1.11 2024/03/28 02:08:24 joshua Exp $ */ +/* $OpenBSD: tls_signer.c,v 1.12 2024/03/28 06:55:02 joshua Exp $ */ /* * Copyright (c) 2021 Eric Faurot <eric@openbsd.org> * @@ -204,7 +204,7 @@ tls_sign_rsa(struct tls_signer *signer, struct tls_signer_key *skey, } if (input_len > INT_MAX) { - tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN, + tls_error_setx(&signer->error, TLS_ERROR_INVALID_ARGUMENT, "input too large"); return (-1); } @@ -252,7 +252,7 @@ tls_sign_ecdsa(struct tls_signer *signer, struct tls_signer_key *skey, } if (input_len > INT_MAX) { - tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN, + tls_error_setx(&signer->error, TLS_ERROR_INVALID_ARGUMENT, "digest too large"); return (-1); } |