about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--LIBTLS_VERSION2
-rw-r--r--VERSION2
-rw-r--r--configure.ac16
-rwxr-xr-xinclude/compat/pthread.h8
-rw-r--r--m4/check-os-options.m415
-rw-r--r--man/Makefile.am20
-rw-r--r--man/tls_config_set_protocols.376
-rw-r--r--tls.c139
-rw-r--r--tls.sym1
-rw-r--r--tls_config.c17
-rw-r--r--tls_conninfo.c5
-rw-r--r--tls_internal.h4
-rw-r--r--tls_keypair.c6
-rw-r--r--tls_ocsp.c4
14 files changed, 234 insertions, 81 deletions
diff --git a/LIBTLS_VERSION b/LIBTLS_VERSION
index 77c98b5..2a9f52a 100644
--- a/LIBTLS_VERSION
+++ b/LIBTLS_VERSION
@@ -1 +1 @@
-20:1:0
+20:3:0
diff --git a/VERSION b/VERSION
index acb9a46..1582f86 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-3.3.1p1
+3.3.2
 
diff --git a/configure.ac b/configure.ac
index f2a27a9..150a6d6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -54,9 +54,6 @@ int main() {return 0;}
    AC_MSG_RESULT(no)
 ])
 
-# Check if time_t is sized correctly
-AC_CHECK_SIZEOF([time_t], [time.h])
-
 AX_CHECK_OPENSSL([], [AC_MSG_ERROR([unable to find OpenSSL])])
 
 AC_CONFIG_FILES([
@@ -66,17 +63,4 @@ AC_CONFIG_FILES([
 	libtls.pc
 ])
 
-AM_CONDITIONAL([SMALL_TIME_T], [test "$ac_cv_sizeof_time_t" = "4"])
-if test "$ac_cv_sizeof_time_t" = "4"; then
-    AC_DEFINE([SMALL_TIME_T])
-    echo " ** Warning, this system is unable to represent times past 2038"
-    echo " ** It will behave incorrectly when handling valid RFC5280 dates"
-
-    if test "$host_os" = "mingw32" ; then
-        echo " **"
-        echo " ** You can solve this by adjusting the build flags in your"
-        echo " ** mingw-w64 toolchain. Refer to README.windows for details."
-    fi
-fi
-
 AC_OUTPUT
diff --git a/include/compat/pthread.h b/include/compat/pthread.h
index 1527d3c..1ab011c 100755
--- a/include/compat/pthread.h
+++ b/include/compat/pthread.h
@@ -102,6 +102,14 @@ pthread_mutex_unlock(pthread_mutex_t *mutex)
 	return 0;
 }
 
+static inline int
+pthread_mutex_destroy(pthread_mutex_t *mutex)
+{
+	DeleteCriticalSection(mutex->lock);
+	free(mutex->lock);
+	return 0;
+}
+
 #else
 #include_next <pthread.h>
 #endif
diff --git a/m4/check-os-options.m4 b/m4/check-os-options.m4
index a4f1faa..644bf71 100644
--- a/m4/check-os-options.m4
+++ b/m4/check-os-options.m4
@@ -123,6 +123,21 @@ char buf[1]; getentropy(buf, 1);
 	*) ;;
 esac
 
+# Check if time_t is sized correctly
+AC_CHECK_SIZEOF([time_t], [time.h])
+AM_CONDITIONAL([SMALL_TIME_T], [test "$ac_cv_sizeof_time_t" = "4"])
+if test "$ac_cv_sizeof_time_t" = "4"; then
+    AC_DEFINE([SMALL_TIME_T])
+    echo " ** Warning, this system is unable to represent times past 2038"
+    echo " ** It will behave incorrectly when handling valid RFC5280 dates"
+
+    if test "$host_os" = "mingw32" ; then
+        echo " **"
+        echo " ** You can solve this by adjusting the build flags in your"
+        echo " ** mingw-w64 toolchain. Refer to README.windows for details."
+    fi
+fi
+
 AM_CONDITIONAL([HOST_AIX],     [test x$HOST_OS = xaix])
 AM_CONDITIONAL([HOST_CYGWIN],  [test x$HOST_OS = xcygwin])
 AM_CONDITIONAL([HOST_DARWIN],  [test x$HOST_OS = xdarwin])
diff --git a/man/Makefile.am b/man/Makefile.am
index b6d3b54..5b39dc7 100644
--- a/man/Makefile.am
+++ b/man/Makefile.am
@@ -89,6 +89,16 @@ install-data-hook:
 	ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_handshake.3"
 	ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_reset.3"
 	ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_write.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_chain.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_depth.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_string.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_free.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_new.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_intermediates.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_chains.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_depth.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_signatures.3"
+	ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_purpose.3"
 
 uninstall-local:
 	-rm -f "$(DESTDIR)$(mandir)/man3/tls_accept_cbs.3"
@@ -168,3 +178,13 @@ uninstall-local:
 	-rm -f "$(DESTDIR)$(mandir)/man3/tls_handshake.3"
 	-rm -f "$(DESTDIR)$(mandir)/man3/tls_reset.3"
 	-rm -f "$(DESTDIR)$(mandir)/man3/tls_write.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_chain.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_depth.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_string.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_free.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_new.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_intermediates.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_chains.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_depth.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_signatures.3"
+	-rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_purpose.3"
diff --git a/man/tls_config_set_protocols.3 b/man/tls_config_set_protocols.3
index 0aed5b9..7c62493 100644
--- a/man/tls_config_set_protocols.3
+++ b/man/tls_config_set_protocols.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: tls_config_set_protocols.3,v 1.8 2020/01/22 06:46:34 beck Exp $
+.\" $OpenBSD: tls_config_set_protocols.3,v 1.11 2021/01/02 19:58:44 schwarze Exp $
 .\"
 .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
 .\" Copyright (c) 2015, 2016 Joel Sing <jsing@openbsd.org>
@@ -16,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: January 22 2020 $
+.Dd $Mdocdate: January 2 2021 $
 .Dt TLS_CONFIG_SET_PROTOCOLS 3
 .Os
 .Sh NAME
@@ -74,11 +74,15 @@ otherwise.
 specifies which versions of the TLS protocol may be used.
 Possible values are the bitwise OR of:
 .Pp
-.Bl -tag -width "TLS_PROTOCOL_TLSv1_2" -offset indent -compact
-.It Dv TLS_PROTOCOL_TLSv1_0
-.It Dv TLS_PROTOCOL_TLSv1_1
-.It Dv TLS_PROTOCOL_TLSv1_2
-.It Dv TLS_PROTOCOL_TLSv1_3
+.Bl -item -offset indent -compact
+.It
+.Dv TLS_PROTOCOL_TLSv1_0
+.It
+.Dv TLS_PROTOCOL_TLSv1_1
+.It
+.Dv TLS_PROTOCOL_TLSv1_2
+.It
+.Dv TLS_PROTOCOL_TLSv1_3
 .El
 .Pp
 Additionally, the values
@@ -99,9 +103,23 @@ This value can then be passed to the
 .Fn tls_config_set_protocols
 function.
 The protocol string is a comma or colon separated list of keywords.
-Valid keywords are tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3, all (all supported
-protocols), default (an alias for secure), legacy (an alias for all) and
-secure (currently TLSv1.2 and TLSv1.3).
+Valid keywords are:
+.Pp
+.Bl -tag -width "tlsv1.3" -offset indent -compact
+.It Dv tlsv1.0
+.It Dv tlsv1.1
+.It Dv tlsv1.2
+.It Dv tlsv1.3
+.It Dv all
+.Pq all supported protocols
+.It Dv default
+.Pq an alias for Dv secure
+.It Dv legacy
+.Pq an alias for Dv all
+.It Dv secure
+.Pq currently TLSv1.2 and TLSv1.3
+.El
+.Pp
 If a value has a negative prefix (in the form of a leading exclamation mark)
 then it is removed from the list of available protocols, rather than being
 added to it.
@@ -115,11 +133,15 @@ sets the list of ciphers that may be used.
 Lists of ciphers are specified by name, and the
 permitted names are:
 .Pp
-.Bl -tag -width "insecure" -offset indent -compact
-.It Dv "secure" (or alias "default")
-.It Dv "compat"
-.It Dv "legacy"
-.It Dv "insecure" (or alias "all")
+.Bl -item -offset indent -compact
+.It
+.Dv secure Pq or alias Dv default
+.It
+.Dv compat
+.It
+.Dv legacy
+.It
+.Dv insecure Pq or alias Dv all
 .El
 .Pp
 Alternatively, libssl cipher strings can be specified.
@@ -130,11 +152,27 @@ for further information.
 .Fn tls_config_set_dheparams
 specifies the parameters that will be used during Diffie-Hellman Ephemeral
 (DHE) key exchange.
-Possible values are "none", "auto" and "legacy".
-In "auto" mode, the key size for the ephemeral key is automatically selected
+Possible values are:
+.Pp
+.Bl -item -offset indent -compact
+.It
+.Dv none
+.It
+.Dv auto
+.It
+.Dv legacy
+.El
+.Pp
+In
+.Dv auto
+mode, the key size for the ephemeral key is automatically selected
 based on the size of the private key being used for signing.
-In "legacy" mode, 1024 bit ephemeral keys are used.
-The default value is "none", which disables DHE key exchange.
+In
+.Dv legacy
+mode, 1024 bit ephemeral keys are used.
+The default value is
+.Dv none ,
+which disables DHE key exchange.
 .Pp
 .Fn tls_config_set_ecdhecurves
 specifies the names of the elliptic curves that may be used during Elliptic
diff --git a/tls.c b/tls.c
index 26adb2b..91f20cf 100644
--- a/tls.c
+++ b/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.85 2020/05/24 15:12:54 jsing Exp $ */
+/* $OpenBSD: tls.c,v 1.89 2021/02/01 15:35:41 tb Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -387,12 +387,113 @@ use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
 	return (ret);
 }
 
+static int
+tls_keypair_to_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY **pkey)
+{
+	BIO *bio = NULL;
+	X509 *x509 = NULL;
+	char *mem;
+	size_t len;
+	int ret = -1;
+
+	*pkey = NULL;
+
+	if (ctx->config->use_fake_private_key) {
+		mem = keypair->cert_mem;
+		len = keypair->cert_len;
+	} else {
+		mem = keypair->key_mem;
+		len = keypair->key_len;
+	}
+
+	if (mem == NULL)
+		return (0);
+
+	if (len > INT_MAX) {
+		tls_set_errorx(ctx, ctx->config->use_fake_private_key ?
+		    "cert too long" : "key too long");
+		goto err;
+	}
+
+	if ((bio = BIO_new_mem_buf(mem, len)) == NULL) {
+		tls_set_errorx(ctx, "failed to create buffer");
+		goto err;
+	}
+
+	if (ctx->config->use_fake_private_key) {
+		if ((x509 = PEM_read_bio_X509(bio, NULL, tls_password_cb,
+		    NULL)) == NULL) {
+			tls_set_errorx(ctx, "failed to read X509 certificate");
+			goto err;
+		}
+		if ((*pkey = X509_get_pubkey(x509)) == NULL) {
+			tls_set_errorx(ctx, "failed to retrieve pubkey");
+			goto err;
+		}
+	} else {
+		if ((*pkey = PEM_read_bio_PrivateKey(bio, NULL, tls_password_cb,
+		    NULL)) ==  NULL) {
+			tls_set_errorx(ctx, "failed to read private key");
+			goto err;
+		}
+	}
+
+	ret = 0;
+ err:
+	BIO_free(bio);
+	X509_free(x509);
+	return (ret);
+}
+
+static int
+tls_keypair_setup_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY *pkey)
+{
+	RSA *rsa = NULL;
+	EC_KEY *eckey = NULL;
+	int ret = -1;
+
+	/* Only install the pubkey hash if fake private keys are used. */
+	if (!ctx->config->skip_private_key_check)
+		return (0);
+
+	if (keypair->pubkey_hash == NULL) {
+		tls_set_errorx(ctx, "public key hash not set");
+		goto err;
+	}
+
+	switch (EVP_PKEY_id(pkey)) {
+	case EVP_PKEY_RSA:
+		if ((rsa = EVP_PKEY_get1_RSA(pkey)) == NULL ||
+		    RSA_set_ex_data(rsa, 0, keypair->pubkey_hash) == 0) {
+			tls_set_errorx(ctx, "RSA key setup failure");
+			goto err;
+		}
+		break;
+	case EVP_PKEY_EC:
+		if ((eckey = EVP_PKEY_get1_EC_KEY(pkey)) == NULL ||
+		    ECDSA_set_ex_data(eckey, 0, keypair->pubkey_hash) == 0) {
+			tls_set_errorx(ctx, "EC key setup failure");
+			goto err;
+		}
+		break;
+	default:
+		tls_set_errorx(ctx, "incorrect key type");
+		goto err;
+	}
+
+	ret = 0;
+
+ err:
+	RSA_free(rsa);
+	EC_KEY_free(eckey);
+	return (ret);
+}
+
 int
 tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
     struct tls_keypair *keypair, int required)
 {
 	EVP_PKEY *pkey = NULL;
-	BIO *bio = NULL;
 
 	if (!required &&
 	    keypair->cert_mem == NULL &&
@@ -412,38 +513,15 @@ tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
 		}
 	}
 
-	if (keypair->key_mem != NULL) {
-		if (keypair->key_len > INT_MAX) {
-			tls_set_errorx(ctx, "key too long");
-			goto err;
-		}
-
-		if ((bio = BIO_new_mem_buf(keypair->key_mem,
-		    keypair->key_len)) == NULL) {
-			tls_set_errorx(ctx, "failed to create buffer");
-			goto err;
-		}
-		if ((pkey = PEM_read_bio_PrivateKey(bio, NULL, tls_password_cb,
-		    NULL)) == NULL) {
-			tls_set_errorx(ctx, "failed to read private key");
+	if (tls_keypair_to_pkey(ctx, keypair, &pkey) == -1)
+		goto err;
+	if (pkey != NULL) {
+		if (tls_keypair_setup_pkey(ctx, keypair, pkey) == -1)
 			goto err;
-		}
-
-		if (keypair->pubkey_hash != NULL) {
-			RSA *rsa;
-			/* XXX only RSA for now for relayd privsep */
-			if ((rsa = EVP_PKEY_get1_RSA(pkey)) != NULL) {
-				RSA_set_ex_data(rsa, 0, keypair->pubkey_hash);
-				RSA_free(rsa);
-			}
-		}
-
 		if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1) {
 			tls_set_errorx(ctx, "failed to load private key");
 			goto err;
 		}
-		BIO_free(bio);
-		bio = NULL;
 		EVP_PKEY_free(pkey);
 		pkey = NULL;
 	}
@@ -458,9 +536,8 @@ tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
 
  err:
 	EVP_PKEY_free(pkey);
-	BIO_free(bio);
 
-	return (1);
+	return (-1);
 }
 
 int
diff --git a/tls.sym b/tls.sym
index e3fcb67..42c039d 100644
--- a/tls.sym
+++ b/tls.sym
@@ -45,6 +45,7 @@ tls_config_set_session_lifetime
 tls_config_set_session_fd
 tls_config_set_verify_depth
 tls_config_skip_private_key_check
+tls_config_use_fake_private_key
 tls_config_verify
 tls_config_verify_client
 tls_config_verify_client_optional
diff --git a/tls_config.c b/tls_config.c
index 6c3404c..3b1f4ff 100644
--- a/tls_config.c
+++ b/tls_config.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_config.c,v 1.58 2020/01/20 08:39:21 jsing Exp $ */
+/* $OpenBSD: tls_config.c,v 1.63 2021/01/21 22:03:25 eric Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -180,6 +180,8 @@ tls_config_free(struct tls_config *config)
 	free((char *)config->crl_mem);
 	free(config->ecdhecurves);
 
+	pthread_mutex_destroy(&config->mutex);
+
 	free(config);
 }
 
@@ -352,7 +354,8 @@ tls_config_add_keypair_file_internal(struct tls_config *config,
 		return (-1);
 	if (tls_keypair_set_cert_file(keypair, &config->error, cert_file) != 0)
 		goto err;
-	if (tls_keypair_set_key_file(keypair, &config->error, key_file) != 0)
+	if (key_file != NULL &&
+	    tls_keypair_set_key_file(keypair, &config->error, key_file) != 0)
 		goto err;
 	if (ocsp_file != NULL &&
 	    tls_keypair_set_ocsp_staple_file(keypair, &config->error,
@@ -379,7 +382,8 @@ tls_config_add_keypair_mem_internal(struct tls_config *config, const uint8_t *ce
 		return (-1);
 	if (tls_keypair_set_cert_mem(keypair, &config->error, cert, cert_len) != 0)
 		goto err;
-	if (tls_keypair_set_key_mem(keypair, &config->error, key, key_len) != 0)
+	if (key != NULL &&
+	    tls_keypair_set_key_mem(keypair, &config->error, key, key_len) != 0)
 		goto err;
 	if (staple != NULL &&
 	    tls_keypair_set_ocsp_staple_mem(keypair, &config->error, staple,
@@ -804,6 +808,13 @@ tls_config_skip_private_key_check(struct tls_config *config)
 	config->skip_private_key_check = 1;
 }
 
+void
+tls_config_use_fake_private_key(struct tls_config *config)
+{
+	config->use_fake_private_key = 1;
+	config->skip_private_key_check = 1;
+}
+
 int
 tls_config_set_ocsp_staple_file(struct tls_config *config, const char *staple_file)
 {
diff --git a/tls_conninfo.c b/tls_conninfo.c
index 7805719..72d60c2 100644
--- a/tls_conninfo.c
+++ b/tls_conninfo.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_conninfo.c,v 1.21 2019/11/02 13:37:59 jsing Exp $ */
+/* $OpenBSD: tls_conninfo.c,v 1.22 2021/01/05 15:57:38 tb Exp $ */
 /*
  * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
@@ -159,9 +159,6 @@ tls_get_peer_cert_times(struct tls *ctx, time_t *notbefore,
 	if (ctx->ssl_peer_cert == NULL)
 		return (-1);
 
-	memset(&before_tm, 0, sizeof(before_tm));
-	memset(&after_tm, 0, sizeof(after_tm));
-
 	if ((before = X509_get_notBefore(ctx->ssl_peer_cert)) == NULL)
 		goto err;
 	if ((after = X509_get_notAfter(ctx->ssl_peer_cert)) == NULL)
diff --git a/tls_internal.h b/tls_internal.h
index adc6252..72b08f4 100644
--- a/tls_internal.h
+++ b/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.77 2019/11/16 21:39:52 beck Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.78 2021/01/21 19:09:10 eric Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -107,6 +107,7 @@ struct tls_config {
 	int verify_name;
 	int verify_time;
 	int skip_private_key_check;
+	int use_fake_private_key;
 };
 
 struct tls_conninfo {
@@ -290,5 +291,6 @@ __END_HIDDEN_DECLS
 
 /* XXX this function is not fully hidden so relayd can use it */
 void tls_config_skip_private_key_check(struct tls_config *config);
+void tls_config_use_fake_private_key(struct tls_config *config);
 
 #endif /* HEADER_TLS_INTERNAL_H */
diff --git a/tls_keypair.c b/tls_keypair.c
index a98e5c2..a12d21d 100644
--- a/tls_keypair.c
+++ b/tls_keypair.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_keypair.c,v 1.6 2018/04/07 16:35:34 jsing Exp $ */
+/* $OpenBSD: tls_keypair.c,v 1.8 2021/01/05 17:37:12 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -137,7 +137,7 @@ tls_keypair_load_cert(struct tls_keypair *keypair, struct tls_error *error,
 {
 	char *errstr = "unknown";
 	BIO *cert_bio = NULL;
-	int ssl_err;
+	unsigned long ssl_err;
 	int rv = -1;
 
 	X509_free(*cert);
@@ -155,7 +155,7 @@ tls_keypair_load_cert(struct tls_keypair *keypair, struct tls_error *error,
 	if ((*cert = PEM_read_bio_X509(cert_bio, NULL, tls_password_cb,
 	    NULL)) == NULL) {
 		if ((ssl_err = ERR_peek_error()) != 0)
-		    errstr = ERR_error_string(ssl_err, NULL);
+			errstr = ERR_error_string(ssl_err, NULL);
 		tls_error_set(error, "failed to load certificate: %s", errstr);
 		goto err;
 	}
diff --git a/tls_ocsp.c b/tls_ocsp.c
index 3ba45fc..2a322c1 100644
--- a/tls_ocsp.c
+++ b/tls_ocsp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls_ocsp.c,v 1.19 2019/12/03 14:56:42 tb Exp $ */
+/*	$OpenBSD: tls_ocsp.c,v 1.20 2021/03/23 20:04:29 tb Exp $ */
 /*
  * Copyright (c) 2015 Marko Kreen <markokr@gmail.com>
  * Copyright (c) 2016 Bob Beck <beck@openbsd.org>
@@ -229,7 +229,7 @@ tls_ocsp_verify_response(struct tls *ctx, OCSP_RESPONSE *resp)
 	/* now verify */
 	if (OCSP_basic_verify(br, ctx->ocsp->extra_certs,
 		SSL_CTX_get_cert_store(ctx->ssl_ctx), flags) != 1) {
-		tls_set_error(ctx, "ocsp verify failed");
+		tls_set_errorx(ctx, "ocsp verify failed");
 		goto err;
 	}