Change statem prefix to ossl_statem

Change various state machine functions to use the prefix ossl_statem
instead.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

ssl/d1_lib.c

@@ -873,7 +873,7 @@ int dtls1_listen(SSL *s, struct sockaddr *client)
     SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
 
     /* Put us into the "init" state so that we don't get our state cleared */
-    statem_set_in_init(s, 1);
+    ossl_statem_set_in_init(s, 1);
 
     if(BIO_dgram_get_peer(rbio, client) <= 0) {
         SSLerr(SSL_F_DTLS1_LISTEN, ERR_R_INTERNAL_ERROR);

ssl/d1_msg.c

@@ -127,7 +127,7 @@ int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
      */
     if ((SSL_in_init(s) && !s->in_handshake) ||
         (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-         statem_in_sctp_read_sock(s)))
+         ossl_statem_in_sctp_read_sock(s)))
 #else
     if (SSL_in_init(s) && !s->in_handshake)
 #endif

ssl/methods.c

@@ -136,24 +136,24 @@ static const SSL_METHOD *tls1_get_method(int ver)
 }
 
 IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, TLS_method,
-                        statem_accept,
-                        statem_connect, tls1_get_method, TLSv1_2_enc_data)
+                        ossl_statem_accept,
+                        ossl_statem_connect, tls1_get_method, TLSv1_2_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_method,
-                        statem_accept,
-                        statem_connect, tls1_get_method, TLSv1_2_enc_data)
+                        ossl_statem_accept,
+                        ossl_statem_connect, tls1_get_method, TLSv1_2_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_method,
-                        statem_accept,
-                        statem_connect, tls1_get_method, TLSv1_1_enc_data)
+                        ossl_statem_accept,
+                        ossl_statem_connect, tls1_get_method, TLSv1_1_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_method,
-                        statem_accept,
-                        statem_connect, tls1_get_method, TLSv1_enc_data)
+                        ossl_statem_accept,
+                        ossl_statem_connect, tls1_get_method, TLSv1_enc_data)
 
 #ifndef OPENSSL_NO_SSL3_METHOD
-IMPLEMENT_ssl3_meth_func(SSLv3_method,
-                         statem_accept, statem_connect, tls1_get_method)
+IMPLEMENT_ssl3_meth_func(SSLv3_method, ossl_statem_accept, ossl_statem_connect,
+                         tls1_get_method)
 #endif
 
 
@@ -179,28 +179,28 @@ static const SSL_METHOD *tls1_get_server_method(int ver)
 }
 
 IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, TLS_server_method,
-                        statem_accept,
+                        ossl_statem_accept,
                         ssl_undefined_function,
                         tls1_get_server_method, TLSv1_2_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_server_method,
-                        statem_accept,
+                        ossl_statem_accept,
                         ssl_undefined_function,
                         tls1_get_server_method, TLSv1_2_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_server_method,
-                        statem_accept,
+                        ossl_statem_accept,
                         ssl_undefined_function,
                         tls1_get_server_method, TLSv1_1_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_server_method,
-                        statem_accept,
+                        ossl_statem_accept,
                         ssl_undefined_function,
                         tls1_get_server_method, TLSv1_enc_data)
 
 #ifndef OPENSSL_NO_SSL3_METHOD
 IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
-                         statem_accept,
+                         ossl_statem_accept,
                          ssl_undefined_function, tls1_get_server_method)
 #endif
 
@@ -228,27 +228,28 @@ static const SSL_METHOD *tls1_get_client_method(int ver)
 
 IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, TLS_client_method,
                         ssl_undefined_function,
-                        statem_connect,
+                        ossl_statem_connect,
                         tls1_get_client_method, TLSv1_2_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_client_method,
                         ssl_undefined_function,
-                        statem_connect,
+                        ossl_statem_connect,
                         tls1_get_client_method, TLSv1_2_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_client_method,
                         ssl_undefined_function,
-                        statem_connect,
+                        ossl_statem_connect,
                         tls1_get_client_method, TLSv1_1_enc_data)
 
 IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_client_method,
                         ssl_undefined_function,
-                        statem_connect, tls1_get_client_method, TLSv1_enc_data)
+                        ossl_statem_connect,
+                        tls1_get_client_method, TLSv1_enc_data)
 
 #ifndef OPENSSL_NO_SSL3_METHOD
 IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
                          ssl_undefined_function,
-                         statem_connect, tls1_get_client_method)
+                         ossl_statem_connect, tls1_get_client_method)
 #endif
 
 
@@ -267,18 +268,21 @@ static const SSL_METHOD *dtls1_get_method(int ver)
 
 IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
                           DTLSv1_method,
-                          statem_accept,
-                          statem_connect, dtls1_get_method, DTLSv1_enc_data)
+                          ossl_statem_accept,
+                          ossl_statem_connect,
+                          dtls1_get_method, DTLSv1_enc_data)
 
 IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
                           DTLSv1_2_method,
-                          statem_accept,
-                          statem_connect, dtls1_get_method, DTLSv1_2_enc_data)
+                          ossl_statem_accept,
+                          ossl_statem_connect,
+                          dtls1_get_method, DTLSv1_2_enc_data)
 
 IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
                           DTLS_method,
-                          statem_accept,
-                          statem_connect, dtls1_get_method, DTLSv1_2_enc_data)
+                          ossl_statem_accept,
+                          ossl_statem_connect,
+                          dtls1_get_method, DTLSv1_2_enc_data)
 
 
 /*
@@ -297,19 +301,19 @@ static const SSL_METHOD *dtls1_get_server_method(int ver)
 
 IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
                           DTLSv1_server_method,
-                          statem_accept,
+                          ossl_statem_accept,
                           ssl_undefined_function,
                           dtls1_get_server_method, DTLSv1_enc_data)
 
 IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
                           DTLSv1_2_server_method,
-                          statem_accept,
+                          ossl_statem_accept,
                           ssl_undefined_function,
                           dtls1_get_server_method, DTLSv1_2_enc_data)
 
 IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
                           DTLS_server_method,
-                          statem_accept,
+                          ossl_statem_accept,
                           ssl_undefined_function,
                           dtls1_get_server_method, DTLSv1_2_enc_data)
 
@@ -331,17 +335,17 @@ static const SSL_METHOD *dtls1_get_client_method(int ver)
 IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
                           DTLSv1_client_method,
                           ssl_undefined_function,
-                          statem_connect,
+                          ossl_statem_connect,
                           dtls1_get_client_method, DTLSv1_enc_data)
 
 IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
                           DTLSv1_2_client_method,
                           ssl_undefined_function,
-                          statem_connect,
+                          ossl_statem_connect,
                           dtls1_get_client_method, DTLSv1_2_enc_data)
 
 IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
                           DTLS_client_method,
                           ssl_undefined_function,
-                          statem_connect,
+                          ossl_statem_connect,
                           dtls1_get_client_method, DTLSv1_2_enc_data)

ssl/record/rec_layer_d1.c

@@ -441,7 +441,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
      */
     if ((!s->in_handshake && SSL_in_init(s)) ||
         (BIO_dgram_is_sctp(SSL_get_rbio(s))
-         && statem_in_sctp_read_sock(s)
+         && ossl_statem_in_sctp_read_sock(s)
          && s->s3->in_read_app_data != 2))
 #else
     if (!s->in_handshake && SSL_in_init(s))
@@ -585,7 +585,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
          */
         if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
             SSL3_RECORD_get_type(rr) == SSL3_RT_APPLICATION_DATA &&
-            statem_in_sctp_read_sock(s)) {
+            ossl_statem_in_sctp_read_sock(s)) {
             s->rwstate = SSL_READING;
             BIO_clear_retry_flags(SSL_get_rbio(s));
             BIO_set_retry_read(SSL_get_rbio(s));
@@ -903,7 +903,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
 
         if (SSL_is_init_finished(s) &&
             !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
-            statem_set_in_init(s, 1);
+            ossl_statem_set_in_init(s, 1);
             s->renegotiate = 1;
             s->new_session = 1;
         }
@@ -966,7 +966,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
          */
         if (s->s3->in_read_app_data &&
             (s->s3->total_renegotiations != 0) &&
-            statem_app_data_allowed(s)) {
+            ossl_statem_app_data_allowed(s)) {
             s->s3->in_read_app_data = 2;
             return (-1);
         } else {

ssl/record/rec_layer_s3.c

@@ -1386,7 +1386,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
     if ((s->rlayer.handshake_fragment_len >= 4) && !s->in_handshake) {
         if (SSL_is_init_finished(s) &&
             !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
-            statem_set_in_init(s, 1);
+            ossl_statem_set_in_init(s, 1);
             s->renegotiate = 1;
             s->new_session = 1;
         }
@@ -1450,7 +1450,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
          * application data at this point (session renegotiation not yet
          * started), we will indulge it.
          */
-        if (statem_app_data_allowed(s)) {
+        if (ossl_statem_app_data_allowed(s)) {
             s->s3->in_read_app_data = 2;
             return (-1);
         } else {

ssl/s3_lib.c

@@ -5131,7 +5131,7 @@ int ssl3_renegotiate_check(SSL *s)
              * message, we need to set the state machine into the renegotiate
              * state.
              */
-            statem_set_renegotiate(s);
+            ossl_statem_set_renegotiate(s);
             s->s3->renegotiate = 0;
             s->s3->num_renegotiations++;
             s->s3->total_renegotiations++;

ssl/ssl_lib.c

@@ -215,7 +215,7 @@ int SSL_clear(SSL *s)
         return 0;
     }
 
-    statem_clear(s);
+    ossl_statem_clear(s);
 
     s->version = s->method->version;
     s->client_version = s->version;
@@ -2396,7 +2396,7 @@ void SSL_set_accept_state(SSL *s)
 {
     s->server = 1;
     s->shutdown = 0;
-    statem_clear(s);
+    ossl_statem_clear(s);
     s->handshake_func = s->method->ssl_accept;
     clear_ciphers(s);
 }
@@ -2405,7 +2405,7 @@ void SSL_set_connect_state(SSL *s)
 {
     s->server = 0;
     s->shutdown = 0;
-    statem_clear(s);
+    ossl_statem_clear(s);
     s->handshake_func = s->method->ssl_connect;
     clear_ciphers(s);
 }

ssl/ssl_stat.c

@@ -89,7 +89,7 @@ const char *SSL_state_string_long(const SSL *s)
 {
     const char *str;
 
-    if (statem_in_error(s)) {
+    if (ossl_statem_in_error(s)) {
         return "error";
     }
 
@@ -204,7 +204,7 @@ const char *SSL_state_string(const SSL *s)
 {
     const char *str;
 
-    if (statem_in_error(s)) {
+    if (ossl_statem_in_error(s)) {
         return "SSLERR";
     }
 

ssl/statem/statem.c

@@ -150,7 +150,7 @@ int SSL_in_before(SSL *s)
 /*
  * Clear the state machine state and reset back to MSG_FLOW_UNINITED
  */
-void statem_clear(SSL *s)
+void ossl_statem_clear(SSL *s)
 {
     s->statem.state = MSG_FLOW_UNINITED;
     s->statem.hand_state = TLS_ST_BEFORE;
@@ -160,7 +160,7 @@ void statem_clear(SSL *s)
 /*
  * Set the state machine up ready for a renegotiation handshake
  */
-void statem_set_renegotiate(SSL *s)
+void ossl_statem_set_renegotiate(SSL *s)
 {
     s->statem.state = MSG_FLOW_RENEGOTIATE;
     s->statem.in_init = 1;
@@ -170,7 +170,7 @@ void statem_set_renegotiate(SSL *s)
  * Put the state machine into an error state. This is a permanent error for
  * the current connection.
  */
-void statem_set_error(SSL *s)
+void ossl_statem_set_error(SSL *s)
 {
     s->statem.state = MSG_FLOW_ERROR;
 }
@@ -182,7 +182,7 @@ void statem_set_error(SSL *s)
  *   1: Yes
  *   0: No
  */
-int statem_in_error(const SSL *s)
+int ossl_statem_in_error(const SSL *s)
 {
     if (s->statem.state == MSG_FLOW_ERROR)
         return 1;
@@ -190,16 +190,16 @@ int statem_in_error(const SSL *s)
     return 0;
 }
 
-void statem_set_in_init(SSL *s, int init)
+void ossl_statem_set_in_init(SSL *s, int init)
 {
     s->statem.in_init = init;
 }
 
-int statem_connect(SSL *s) {
+int ossl_statem_connect(SSL *s) {
     return state_machine(s, 0);
 }
 
-int statem_accept(SSL *s)
+int ossl_statem_accept(SSL *s)
 {
     return state_machine(s, 1);
 }
@@ -374,7 +374,7 @@ static int state_machine(SSL *s, int server) {
                 SSLerr(SSL_F_STATE_MACHINE,
                        SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
                 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-                statem_set_error(s);
+                ossl_statem_set_error(s);
                 goto end;
             } else {
                 /*
@@ -425,7 +425,7 @@ static int state_machine(SSL *s, int server) {
             }
         } else {
             /* Error */
-            statem_set_error(s);
+            ossl_statem_set_error(s);
             goto end;
         }
     }
@@ -629,7 +629,7 @@ static enum SUB_STATE_RETURN read_state_machine(SSL *s) {
             /* Shouldn't happen */
             ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
             SSLerr(SSL_F_READ_STATE_MACHINE, ERR_R_INTERNAL_ERROR);
-            statem_set_error(s);
+            ossl_statem_set_error(s);
             return SUB_STATE_ERROR;
         }
     }
@@ -817,7 +817,7 @@ int statem_flush(SSL *s)
  *   1: Yes (application data allowed)
  *   0: No (application data not allowed)
  */
-int statem_app_data_allowed(SSL *s)
+int ossl_statem_app_data_allowed(SSL *s)
 {
     STATEM *st = &s->statem;
 
@@ -851,7 +851,7 @@ int statem_app_data_allowed(SSL *s)
 /*
  * Set flag used by SCTP to determine whether we are in the read sock state
  */
-void statem_set_sctp_read_sock(SSL *s, int read_sock)
+void ossl_statem_set_sctp_read_sock(SSL *s, int read_sock)
 {
     s->statem.in_sctp_read_sock = read_sock;
 }

ssl/statem/statem.h

@@ -150,17 +150,17 @@ typedef struct statem_st STATEM;
  *                                                                           *
  *****************************************************************************/
 
-__owur int statem_accept(SSL *s);
-__owur int statem_connect(SSL *s);
-void statem_clear(SSL *s);
-void statem_set_renegotiate(SSL *s);
-void statem_set_error(SSL *s);
-int statem_in_error(const SSL *s);
-void statem_set_in_init(SSL *s, int init);
-__owur int statem_app_data_allowed(SSL *s);
+__owur int ossl_statem_accept(SSL *s);
+__owur int ossl_statem_connect(SSL *s);
+void ossl_statem_clear(SSL *s);
+void ossl_statem_set_renegotiate(SSL *s);
+void ossl_statem_set_error(SSL *s);
+int ossl_statem_in_error(const SSL *s);
+void ossl_statem_set_in_init(SSL *s, int init);
+__owur int ossl_statem_app_data_allowed(SSL *s);
 #ifndef OPENSSL_NO_SCTP
-void statem_set_sctp_read_sock(SSL *s, int read_sock);
-__owur int statem_in_sctp_read_sock(SSL *s);
+void ossl_statem_set_sctp_read_sock(SSL *s, int read_sock);
+__owur int ossl_statem_in_sctp_read_sock(SSL *s);
 #endif
 
 

ssl/statem/statem_clnt.c

@@ -469,7 +469,7 @@ enum WRITE_TRAN client_write_transition(SSL *s)
         case TLS_ST_CW_FINISHED:
             if (s->hit) {
                 st->hand_state = TLS_ST_OK;
-                statem_set_in_init(s, 0);
+                ossl_statem_set_in_init(s, 0);
                 return WRITE_TRAN_CONTINUE;
             } else {
                 return WRITE_TRAN_FINISHED;
@@ -481,7 +481,7 @@ enum WRITE_TRAN client_write_transition(SSL *s)
                 return WRITE_TRAN_CONTINUE;
             } else {
                 st->hand_state = TLS_ST_OK;
-                statem_set_in_init(s, 0);
+                ossl_statem_set_in_init(s, 0);
                 return WRITE_TRAN_CONTINUE;
             }
 
@@ -793,10 +793,10 @@ enum WORK_STATE client_post_process_message(SSL *s, enum WORK_STATE wst)
             s->rwstate = SSL_READING;
             BIO_clear_retry_flags(SSL_get_rbio(s));
             BIO_set_retry_read(SSL_get_rbio(s));
-            statem_set_sctp_read_sock(s, 1);
+            ossl_statem_set_sctp_read_sock(s, 1);
             return WORK_MORE_A;
         }
-        statem_set_sctp_read_sock(s, 0);
+        ossl_statem_set_sctp_read_sock(s, 0);
         return WORK_FINISHED_STOP;
 #endif
 
@@ -1089,7 +1089,7 @@ int tls_construct_client_hello(SSL *s)
 
     return 1;
  err:
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return 0;
 }
 
@@ -1123,7 +1123,7 @@ enum MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt)
     return MSG_PROCESS_FINISHED_READING;
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 
@@ -1463,7 +1463,7 @@ enum MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt)
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
  err:
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 
@@ -1582,7 +1582,7 @@ enum MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
  err:
-    statem_set_error(s);
+    ossl_statem_set_error(s);
  done:
     EVP_PKEY_free(pkey);
     X509_free(x);
@@ -2041,7 +2041,7 @@ enum MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
     EC_KEY_free(ecdh);
 #endif
     EVP_MD_CTX_cleanup(&md_ctx);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 
@@ -2157,7 +2157,7 @@ enum MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
     ret = MSG_PROCESS_CONTINUE_READING;
     goto done;
  err:
-    statem_set_error(s);
+    ossl_statem_set_error(s);
  done:
     sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
     return ret;
@@ -2251,7 +2251,7 @@ enum MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt)
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
  err:
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 
@@ -2303,7 +2303,7 @@ enum MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt)
     return MSG_PROCESS_CONTINUE_READING;
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 
@@ -2313,7 +2313,7 @@ enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt)
         /* should contain no data */
         ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
         SSLerr(SSL_F_TLS_PROCESS_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return MSG_PROCESS_ERROR;
     }
 
@@ -2322,7 +2322,7 @@ enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt)
         if (SRP_Calc_A_param(s) <= 0) {
             SSLerr(SSL_F_TLS_PROCESS_SERVER_DONE, SSL_R_SRP_A_CALC);
             ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-            statem_set_error(s);
+            ossl_statem_set_error(s);
             return MSG_PROCESS_ERROR;
         }
     }
@@ -2334,7 +2334,7 @@ enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt)
      */
     if (!ssl3_check_cert_and_algorithm(s)) {
         ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return MSG_PROCESS_ERROR;
     }
 
@@ -2919,7 +2919,7 @@ psk_err:
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
 #endif
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return 0;
 }
 
@@ -3170,7 +3170,7 @@ enum WORK_STATE tls_prepare_client_certificate(SSL *s, enum WORK_STATE wst)
             }
             if (i == 0) {
                 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-                statem_set_error(s);
+                ossl_statem_set_error(s);
                 return 0;
             }
             s->rwstate = SSL_NOTHING;
@@ -3216,7 +3216,7 @@ enum WORK_STATE tls_prepare_client_certificate(SSL *s, enum WORK_STATE wst)
                 s->s3->tmp.cert_req = 2;
                 if (!ssl3_digest_cached_records(s, 0)) {
                     ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-                    statem_set_error(s);
+                    ossl_statem_set_error(s);
                     return 0;
                 }
             }
@@ -3236,7 +3236,7 @@ int tls_construct_client_certificate(SSL *s)
                                  2) ? NULL : s->cert->key)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
         ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 

ssl/statem/statem_lib.c

@@ -288,7 +288,7 @@ enum MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt)
     return MSG_PROCESS_CONTINUE_READING;
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 
@@ -334,7 +334,7 @@ enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
     return MSG_PROCESS_CONTINUE_PROCESSING;
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 
@@ -411,13 +411,13 @@ enum WORK_STATE tls_finish_handshake(SSL *s, enum WORK_STATE wst)
             ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
 
             s->ctx->stats.sess_accept_good++;
-            s->handshake_func = statem_accept;
+            s->handshake_func = ossl_statem_accept;
         } else {
             ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
             if (s->hit)
                 s->ctx->stats.sess_hit++;
 
-            s->handshake_func = statem_connect;
+            s->handshake_func = ossl_statem_connect;
             s->ctx->stats.sess_connect_good++;
         }
 

ssl/statem/statem_srvr.c

@@ -418,7 +418,7 @@ enum WRITE_TRAN server_write_transition(SSL *s)
 
         case TLS_ST_SW_HELLO_REQ:
             st->hand_state = TLS_ST_OK;
-            statem_set_in_init(s, 0);
+            ossl_statem_set_in_init(s, 0);
             return WRITE_TRAN_CONTINUE;
 
         case TLS_ST_SR_CLNT_HELLO:
@@ -485,7 +485,7 @@ enum WRITE_TRAN server_write_transition(SSL *s)
         case TLS_ST_SR_FINISHED:
             if (s->hit) {
                 st->hand_state = TLS_ST_OK;
-                statem_set_in_init(s, 0);
+                ossl_statem_set_in_init(s, 0);
                 return WRITE_TRAN_CONTINUE;
             } else if (s->tlsext_ticket_expected) {
                 st->hand_state = TLS_ST_SW_SESSION_TICKET;
@@ -507,7 +507,7 @@ enum WRITE_TRAN server_write_transition(SSL *s)
                 return WRITE_TRAN_FINISHED;
             }
             st->hand_state = TLS_ST_OK;
-            statem_set_in_init(s, 0);
+            ossl_statem_set_in_init(s, 0);
             return WRITE_TRAN_CONTINUE;
 
         default:
@@ -570,7 +570,7 @@ enum WORK_STATE server_pre_work(SSL *s, enum WORK_STATE wst)
     case TLS_ST_SW_CHANGE:
         s->session->cipher = s->s3->tmp.new_cipher;
         if (!s->method->ssl3_enc->setup_key_block(s)) {
-            statem_set_error(s);
+            ossl_statem_set_error(s);
             return WORK_ERROR;
         }
         if (SSL_IS_DTLS(s)) {
@@ -641,7 +641,7 @@ enum WORK_STATE server_post_work(SSL *s, enum WORK_STATE wst)
             if (SSL_export_keying_material(s, sctpauthkey,
                     sizeof(sctpauthkey), labelbuffer,
                     sizeof(labelbuffer), NULL, 0, 0) <= 0) {
-                statem_set_error(s);
+                ossl_statem_set_error(s);
                 return WORK_ERROR;
             }
 
@@ -664,7 +664,7 @@ enum WORK_STATE server_post_work(SSL *s, enum WORK_STATE wst)
 #endif
         if (!s->method->ssl3_enc->change_cipher_state(s,
                 SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
-            statem_set_error(s);
+            ossl_statem_set_error(s);
             return WORK_ERROR;
         }
 
@@ -871,7 +871,7 @@ enum WORK_STATE server_post_process_message(SSL *s, enum WORK_STATE wst)
             statem_set_sctp_read_sock(s, 1);
             return WORK_MORE_A;
         } else {
-            statem_set_sctp_read_sock(s, 0);
+            ossl_ossl_statem_set_sctp_read_sock(s, 0);
         }
 #endif
         return WORK_FINISHED_CONTINUE;
@@ -918,7 +918,7 @@ int tls_construct_hello_request(SSL *s)
 {
     if (!ssl_set_handshake_header(s, SSL3_MT_HELLO_REQUEST, 0)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_HELLO_REQUEST, ERR_R_INTERNAL_ERROR);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
@@ -958,7 +958,7 @@ int dtls_construct_hello_verify_request(SSL *s)
         s->d1->cookie_len > 255) {
         SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
                SSL_R_COOKIE_GEN_CALLBACK_FAILURE);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
@@ -1508,7 +1508,7 @@ enum MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
  err:
-    statem_set_error(s);
+    ossl_statem_set_error(s);
 
     sk_SSL_CIPHER_free(ciphers);
     return MSG_PROCESS_ERROR;
@@ -1610,7 +1610,7 @@ enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst)
     return WORK_FINISHED_STOP;
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return WORK_ERROR;
 }
 
@@ -1661,7 +1661,7 @@ int tls_construct_server_hello(SSL *s)
     sl = s->session->session_id_length;
     if (sl > (int)sizeof(s->session->session_id)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
     *(p++) = sl;
@@ -1684,7 +1684,7 @@ int tls_construct_server_hello(SSL *s)
 
     if (ssl_prepare_serverhello_tlsext(s) <= 0) {
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
     if ((p =
@@ -1692,7 +1692,7 @@ int tls_construct_server_hello(SSL *s)
                                     &al)) == NULL) {
         ssl3_send_alert(s, SSL3_AL_FATAL, al);
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
@@ -1700,7 +1700,7 @@ int tls_construct_server_hello(SSL *s)
     l = (p - d);
     if (!ssl_set_handshake_header(s, SSL3_MT_SERVER_HELLO, l)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
@@ -1711,13 +1711,13 @@ int tls_construct_server_done(SSL *s)
 {
     if (!ssl_set_handshake_header(s, SSL3_MT_SERVER_DONE, 0)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_DONE, ERR_R_INTERNAL_ERROR);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
     if (!s->s3->tmp.cert_request) {
         if (!ssl3_digest_cached_records(s, 0)) {
-            statem_set_error(s);
+            ossl_statem_set_error(s);
         }
     }
 
@@ -2187,7 +2187,7 @@ int tls_construct_server_key_exchange(SSL *s)
     BN_CTX_free(bn_ctx);
 #endif
     EVP_MD_CTX_cleanup(&md_ctx);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return 0;
 }
 
@@ -2259,7 +2259,7 @@ int tls_construct_certificate_request(SSL *s)
 
     return 1;
  err:
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return 0;
 }
 
@@ -2886,7 +2886,7 @@ enum MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
     OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
     s->s3->tmp.psk = NULL;
 #endif
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 
@@ -2908,7 +2908,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
             if (SSL_export_keying_material(s, sctpauthkey,
                                        sizeof(sctpauthkey), labelbuffer,
                                        sizeof(labelbuffer), NULL, 0, 0) <= 0) {
-                statem_set_error(s);
+                ossl_statem_set_error(s);
                 return WORK_ERROR;;
             }
 
@@ -2933,7 +2933,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
         statem_set_sctp_read_sock(s, 1);
         return WORK_MORE_B;
     } else {
-        statem_set_sctp_read_sock(s, 0);
+        ossl_statem_set_sctp_read_sock(s, 0);
     }
 #endif
 
@@ -2950,7 +2950,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
         if (!s->s3->handshake_buffer) {
             SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE,
                    ERR_R_INTERNAL_ERROR);
-            statem_set_error(s);
+            ossl_statem_set_error(s);
             return WORK_ERROR;
         }
         /*
@@ -2958,7 +2958,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
          * extms we've done this already so this is a no-op
          */
         if (!ssl3_digest_cached_records(s, 1)) {
-            statem_set_error(s);
+            ossl_statem_set_error(s);
             return WORK_ERROR;
         }
     } else {
@@ -2972,7 +2972,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
          * step
          */
         if (!ssl3_digest_cached_records(s, 0)) {
-            statem_set_error(s);
+            ossl_statem_set_error(s);
             return WORK_ERROR;
         }
         for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++) {
@@ -2990,7 +2990,7 @@ enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
                 dgst_size =
                     EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
                 if (dgst_size < 0) {
-                    statem_set_error(s);
+                    ossl_statem_set_error(s);
                 return WORK_ERROR;
                 }
                 offset += dgst_size;
@@ -3168,7 +3168,7 @@ enum MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
     if (0) {
  f_err:
         ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
     }
     BIO_free(s->s3->handshake_buffer);
     s->s3->handshake_buffer = NULL;
@@ -3289,7 +3289,7 @@ enum MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
 
  f_err:
     ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
  done:
     X509_free(x);
     sk_X509_pop_free(sk, X509_free);
@@ -3303,13 +3303,13 @@ int tls_construct_server_certificate(SSL *s)
     cpk = ssl_get_server_send_pkey(s);
     if (cpk == NULL) {
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
     if (!ssl3_output_cert_chain(s, cpk)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
@@ -3337,12 +3337,12 @@ int tls_construct_new_session_ticket(SSL *s)
      * long
      */
     if (slen_full == 0 || slen_full > 0xFF00) {
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
     senc = OPENSSL_malloc(slen_full);
     if (!senc) {
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
@@ -3456,7 +3456,7 @@ int tls_construct_new_session_ticket(SSL *s)
     OPENSSL_free(senc);
     EVP_CIPHER_CTX_cleanup(&ctx);
     HMAC_CTX_cleanup(&hctx);
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return 0;
 }
 
@@ -3470,7 +3470,7 @@ int tls_construct_cert_status(SSL *s)
      * + (ocsp response)
      */
     if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen)) {
-        statem_set_error(s);
+        ossl_statem_set_error(s);
         return 0;
     }
 
@@ -3527,7 +3527,7 @@ enum MSG_PROCESS_RETURN tls_process_next_proto(SSL *s, PACKET *pkt)
 
     return MSG_PROCESS_CONTINUE_READING;
 err:
-    statem_set_error(s);
+    ossl_statem_set_error(s);
     return MSG_PROCESS_ERROR;
 }
 #endif