Use OCSP-specific error code for clarity

Fixes #12735 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/xxxxx)
2024-11-24 02:23:51 +08:00 · 2021-04-30 11:27:19 +02:00 · 2021-04-30 11:27:19 +02:00 · c0f4400c40
commit c0f4400c40
parent 39da327294
4 changed files with 6 additions and 1 deletions
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@ -1409,6 +1409,7 @@ SSL_R_NO_VALID_SCTS:216:no valid scts
 SSL_R_NO_VERIFY_COOKIE_CALLBACK:403:no verify cookie callback
 SSL_R_NULL_SSL_CTX:195:null ssl ctx
 SSL_R_NULL_SSL_METHOD_PASSED:196:null ssl method passed
+SSL_R_OCSP_CALLBACK_FAILURE:305:ocsp callback failure
 SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED:197:old session cipher not returned
 SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED:344:\
 	old session compression algorithm not returned
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@ -203,6 +203,7 @@
 # define SSL_R_NO_VERIFY_COOKIE_CALLBACK                  403
 # define SSL_R_NULL_SSL_CTX                               195
 # define SSL_R_NULL_SSL_METHOD_PASSED                     196
+# define SSL_R_OCSP_CALLBACK_FAILURE                      305
 # define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED            197
 # define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
 # define SSL_R_OVERFLOW_ERROR                             237
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@ -312,6 +312,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_CTX), "null ssl ctx"},
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_METHOD_PASSED),
    "null ssl method passed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OCSP_CALLBACK_FAILURE),
+    "ocsp callback failure"},
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
    "old session cipher not returned"},
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@ -2699,7 +2699,8 @@ int tls_process_initial_server_flight(SSL *s)
            return 0;
        }
        if (ret < 0) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+                     SSL_R_OCSP_CALLBACK_FAILURE);
            return 0;
        }
    }