1 /* $OpenBSD: ssl_err.c,v 1.44 2022/08/21 19:18:57 jsing Exp $ */ 2 /* ==================================================================== 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in 14 * the documentation and/or other materials provided with the 15 * distribution. 16 * 17 * 3. All advertising materials mentioning features or use of this 18 * software must display the following acknowledgment: 19 * "This product includes software developed by the OpenSSL Project 20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 21 * 22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 23 * endorse or promote products derived from this software without 24 * prior written permission. For written permission, please contact 25 * openssl-core@OpenSSL.org. 26 * 27 * 5. Products derived from this software may not be called "OpenSSL" 28 * nor may "OpenSSL" appear in their names without prior written 29 * permission of the OpenSSL Project. 30 * 31 * 6. Redistributions of any form whatsoever must retain the following 32 * acknowledgment: 33 * "This product includes software developed by the OpenSSL Project 34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 35 * 36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 47 * OF THE POSSIBILITY OF SUCH DAMAGE. 48 * ==================================================================== 49 * 50 * This product includes cryptographic software written by Eric Young 51 * (eay@cryptsoft.com). This product includes software written by Tim 52 * Hudson (tjh@cryptsoft.com). 53 * 54 */ 55 56 #include <stdio.h> 57 58 #include <openssl/err.h> 59 #include <openssl/opensslconf.h> 60 #include <openssl/ssl.h> 61 62 #include "ssl_locl.h" 63 64 #ifndef OPENSSL_NO_ERR 65 66 #define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0) 67 #define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason) 68 69 /* See SSL_state_func_code below */ 70 static ERR_STRING_DATA SSL_str_functs[]= { 71 {ERR_FUNC(1), "CONNECT_CW_FLUSH"}, 72 {ERR_FUNC(2), "CONNECT_CW_CLNT_HELLO"}, 73 {ERR_FUNC(3), "CONNECT_CW_CLNT_HELLO"}, 74 {ERR_FUNC(4), "CONNECT_CR_SRVR_HELLO"}, 75 {ERR_FUNC(5), "CONNECT_CR_SRVR_HELLO"}, 76 {ERR_FUNC(6), "CONNECT_CR_CERT"}, 77 {ERR_FUNC(7), "CONNECT_CR_CERT"}, 78 {ERR_FUNC(8), "CONNECT_CR_KEY_EXCH"}, 79 {ERR_FUNC(9), "CONNECT_CR_KEY_EXCH"}, 80 {ERR_FUNC(10), "CONNECT_CR_CERT_REQ"}, 81 {ERR_FUNC(11), "CONNECT_CR_CERT_REQ"}, 82 {ERR_FUNC(12), "CONNECT_CR_SRVR_DONE"}, 83 {ERR_FUNC(13), "CONNECT_CR_SRVR_DONE"}, 84 {ERR_FUNC(14), "CONNECT_CW_CERT"}, 85 {ERR_FUNC(15), "CONNECT_CW_CERT"}, 86 {ERR_FUNC(16), "CONNECT_CW_CERT_C"}, 87 {ERR_FUNC(17), "CONNECT_CW_CERT_D"}, 88 {ERR_FUNC(18), "CONNECT_CW_KEY_EXCH"}, 89 {ERR_FUNC(19), "CONNECT_CW_KEY_EXCH"}, 90 {ERR_FUNC(20), "CONNECT_CW_CERT_VRFY"}, 91 {ERR_FUNC(21), "CONNECT_CW_CERT_VRFY"}, 92 {ERR_FUNC(22), "CONNECT_CW_CHANGE"}, 93 {ERR_FUNC(23), "CONNECT_CW_CHANGE"}, 94 {ERR_FUNC(26), "CONNECT_CW_FINISHED"}, 95 {ERR_FUNC(27), "CONNECT_CW_FINISHED"}, 96 {ERR_FUNC(28), "CONNECT_CR_CHANGE"}, 97 {ERR_FUNC(29), "CONNECT_CR_CHANGE"}, 98 {ERR_FUNC(30), "CONNECT_CR_FINISHED"}, 99 {ERR_FUNC(31), "CONNECT_CR_FINISHED"}, 100 {ERR_FUNC(32), "CONNECT_CR_SESSION_TICKET"}, 101 {ERR_FUNC(33), "CONNECT_CR_SESSION_TICKET"}, 102 {ERR_FUNC(34), "CONNECT_CR_CERT_STATUS"}, 103 {ERR_FUNC(35), "CONNECT_CR_CERT_STATUS"}, 104 {ERR_FUNC(36), "ACCEPT_SW_FLUSH"}, 105 {ERR_FUNC(37), "ACCEPT_SR_CLNT_HELLO"}, 106 {ERR_FUNC(38), "ACCEPT_SR_CLNT_HELLO"}, 107 {ERR_FUNC(39), "ACCEPT_SR_CLNT_HELLO_C"}, 108 {ERR_FUNC(40), "ACCEPT_SW_HELLO_REQ"}, 109 {ERR_FUNC(41), "ACCEPT_SW_HELLO_REQ"}, 110 {ERR_FUNC(42), "ACCEPT_SW_HELLO_REQ_C"}, 111 {ERR_FUNC(43), "ACCEPT_SW_SRVR_HELLO"}, 112 {ERR_FUNC(44), "ACCEPT_SW_SRVR_HELLO"}, 113 {ERR_FUNC(45), "ACCEPT_SW_CERT"}, 114 {ERR_FUNC(46), "ACCEPT_SW_CERT"}, 115 {ERR_FUNC(47), "ACCEPT_SW_KEY_EXCH"}, 116 {ERR_FUNC(48), "ACCEPT_SW_KEY_EXCH"}, 117 {ERR_FUNC(49), "ACCEPT_SW_CERT_REQ"}, 118 {ERR_FUNC(50), "ACCEPT_SW_CERT_REQ"}, 119 {ERR_FUNC(51), "ACCEPT_SW_SRVR_DONE"}, 120 {ERR_FUNC(52), "ACCEPT_SW_SRVR_DONE"}, 121 {ERR_FUNC(53), "ACCEPT_SR_CERT"}, 122 {ERR_FUNC(54), "ACCEPT_SR_CERT"}, 123 {ERR_FUNC(55), "ACCEPT_SR_KEY_EXCH"}, 124 {ERR_FUNC(56), "ACCEPT_SR_KEY_EXCH"}, 125 {ERR_FUNC(57), "ACCEPT_SR_CERT_VRFY"}, 126 {ERR_FUNC(58), "ACCEPT_SR_CERT_VRFY"}, 127 {ERR_FUNC(59), "ACCEPT_SR_CHANGE"}, 128 {ERR_FUNC(60), "ACCEPT_SR_CHANGE"}, 129 {ERR_FUNC(63), "ACCEPT_SR_FINISHED"}, 130 {ERR_FUNC(64), "ACCEPT_SR_FINISHED"}, 131 {ERR_FUNC(65), "ACCEPT_SW_CHANGE"}, 132 {ERR_FUNC(66), "ACCEPT_SW_CHANGE"}, 133 {ERR_FUNC(67), "ACCEPT_SW_FINISHED"}, 134 {ERR_FUNC(68), "ACCEPT_SW_FINISHED"}, 135 {ERR_FUNC(69), "ACCEPT_SW_SESSION_TICKET"}, 136 {ERR_FUNC(70), "ACCEPT_SW_SESSION_TICKET"}, 137 {ERR_FUNC(71), "ACCEPT_SW_CERT_STATUS"}, 138 {ERR_FUNC(72), "ACCEPT_SW_CERT_STATUS"}, 139 {ERR_FUNC(73), "ST_BEFORE"}, 140 {ERR_FUNC(74), "ST_ACCEPT"}, 141 {ERR_FUNC(75), "ST_CONNECT"}, 142 {ERR_FUNC(76), "ST_OK"}, 143 {ERR_FUNC(77), "ST_RENEGOTIATE"}, 144 {ERR_FUNC(78), "ST_BEFORE_CONNECT"}, 145 {ERR_FUNC(79), "ST_OK_CONNECT"}, 146 {ERR_FUNC(80), "ST_BEFORE_ACCEPT"}, 147 {ERR_FUNC(81), "ST_OK_ACCEPT"}, 148 {ERR_FUNC(83), "DTLS1_ST_CR_HELLO_VERIFY_REQUEST"}, 149 {ERR_FUNC(84), "DTLS1_ST_CR_HELLO_VERIFY_REQUEST"}, 150 {ERR_FUNC(85), "DTLS1_ST_SW_HELLO_VERIFY_REQUEST"}, 151 {ERR_FUNC(86), "DTLS1_ST_SW_HELLO_VERIFY_REQUEST"}, 152 {ERR_FUNC(0xfff), "(UNKNOWN)SSL_internal"}, 153 {0, NULL} 154 }; 155 156 static ERR_STRING_DATA SSL_str_reasons[]= { 157 {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) , "app data in handshake"}, 158 {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT), "attempt to reuse session in different context"}, 159 {ERR_REASON(SSL_R_BAD_ALERT_RECORD) , "bad alert record"}, 160 {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"}, 161 {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"}, 162 {ERR_REASON(SSL_R_BAD_CHECKSUM) , "bad checksum"}, 163 {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK), "bad data returned by callback"}, 164 {ERR_REASON(SSL_R_BAD_DECOMPRESSION) , "bad decompression"}, 165 {ERR_REASON(SSL_R_BAD_DH_G_LENGTH) , "bad dh g length"}, 166 {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH) , "bad dh pub key length"}, 167 {ERR_REASON(SSL_R_BAD_DH_P_LENGTH) , "bad dh p length"}, 168 {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH) , "bad digest length"}, 169 {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE) , "bad dsa signature"}, 170 {ERR_REASON(SSL_R_BAD_ECC_CERT) , "bad ecc cert"}, 171 {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE) , "bad ecdsa signature"}, 172 {ERR_REASON(SSL_R_BAD_ECPOINT) , "bad ecpoint"}, 173 {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH) , "bad handshake length"}, 174 {ERR_REASON(SSL_R_BAD_HELLO_REQUEST) , "bad hello request"}, 175 {ERR_REASON(SSL_R_BAD_LENGTH) , "bad length"}, 176 {ERR_REASON(SSL_R_BAD_MAC_DECODE) , "bad mac decode"}, 177 {ERR_REASON(SSL_R_BAD_MAC_LENGTH) , "bad mac length"}, 178 {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE) , "bad message type"}, 179 {ERR_REASON(SSL_R_BAD_PACKET_LENGTH) , "bad packet length"}, 180 {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER), "bad protocol version number"}, 181 {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH), "bad psk identity hint length"}, 182 {ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) , "bad response argument"}, 183 {ERR_REASON(SSL_R_BAD_RSA_DECRYPT) , "bad rsa decrypt"}, 184 {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT) , "bad rsa encrypt"}, 185 {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH) , "bad rsa e length"}, 186 {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"}, 187 {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE) , "bad rsa signature"}, 188 {ERR_REASON(SSL_R_BAD_SIGNATURE) , "bad signature"}, 189 {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH) , "bad srp a length"}, 190 {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) , "bad srp b length"}, 191 {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) , "bad srp g length"}, 192 {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) , "bad srp n length"}, 193 {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) , "bad srp s length"}, 194 {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) , "bad srtp mki value"}, 195 {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST), "bad srtp protection profile list"}, 196 {ERR_REASON(SSL_R_BAD_SSL_FILETYPE) , "bad ssl filetype"}, 197 {ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH), "bad ssl session id length"}, 198 {ERR_REASON(SSL_R_BAD_STATE) , "bad state"}, 199 {ERR_REASON(SSL_R_BAD_WRITE_RETRY) , "bad write retry"}, 200 {ERR_REASON(SSL_R_BIO_NOT_SET) , "bio not set"}, 201 {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG), "block cipher pad is wrong"}, 202 {ERR_REASON(SSL_R_BN_LIB) , "bn lib"}, 203 {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH) , "ca dn length mismatch"}, 204 {ERR_REASON(SSL_R_CA_DN_TOO_LONG) , "ca dn too long"}, 205 {ERR_REASON(SSL_R_CA_KEY_TOO_SMALL) , "ca key too small"}, 206 {ERR_REASON(SSL_R_CA_MD_TOO_WEAK) , "ca md too weak"}, 207 {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY) , "ccs received early"}, 208 {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED), "certificate verify failed"}, 209 {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH) , "cert length mismatch"}, 210 {ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"}, 211 {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"}, 212 {ERR_REASON(SSL_R_CIPHER_COMPRESSION_UNAVAILABLE), "cipher compression unavailable"}, 213 {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE), "cipher or hash unavailable"}, 214 {ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"}, 215 {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) , "clienthello tlsext"}, 216 {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG), "compressed length too long"}, 217 {ERR_REASON(SSL_R_COMPRESSION_DISABLED) , "compression disabled"}, 218 {ERR_REASON(SSL_R_COMPRESSION_FAILURE) , "compression failure"}, 219 {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE), "compression id not within private range"}, 220 {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR), "compression library error"}, 221 {ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT), "connection id is different"}, 222 {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"}, 223 {ERR_REASON(SSL_R_COOKIE_MISMATCH) , "cookie mismatch"}, 224 {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED), "data between ccs and finished"}, 225 {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG) , "data length too long"}, 226 {ERR_REASON(SSL_R_DECRYPTION_FAILED) , "decryption failed"}, 227 {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC), "decryption failed or bad record mac"}, 228 {ERR_REASON(SSL_R_DH_KEY_TOO_SMALL) , "dh key too small"}, 229 {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG), "dh public value length is wrong"}, 230 {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED) , "digest check failed"}, 231 {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG) , "dtls message too big"}, 232 {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"}, 233 {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT), "ecc cert not for key agreement"}, 234 {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"}, 235 {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE), "ecc cert should have rsa signature"}, 236 {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE), "ecc cert should have sha1 signature"}, 237 {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER), "ecgroup too large for cipher"}, 238 {ERR_REASON(SSL_R_EE_KEY_TOO_SMALL) , "ee key too small"}, 239 {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST), "empty srtp protection profile list"}, 240 {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG), "encrypted length too long"}, 241 {ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY), "error generating tmp rsa key"}, 242 {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST), "error in received cipher list"}, 243 {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"}, 244 {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) , "extra data in message"}, 245 {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"}, 246 {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS), "got next proto before a ccs"}, 247 {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION), "got next proto without seeing extension"}, 248 {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) , "https proxy request"}, 249 {ERR_REASON(SSL_R_HTTP_REQUEST) , "http request"}, 250 {ERR_REASON(SSL_R_ILLEGAL_PADDING) , "illegal padding"}, 251 {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"}, 252 {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"}, 253 {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"}, 254 {ERR_REASON(SSL_R_INVALID_COMMAND) , "invalid command"}, 255 {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM), "invalid compression algorithm"}, 256 {ERR_REASON(SSL_R_INVALID_PURPOSE) , "invalid purpose"}, 257 {ERR_REASON(SSL_R_INVALID_SRP_USERNAME) , "invalid srp username"}, 258 {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"}, 259 {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH), "invalid ticket keys length"}, 260 {ERR_REASON(SSL_R_INVALID_TRUST) , "invalid trust"}, 261 {ERR_REASON(SSL_R_KEY_ARG_TOO_LONG) , "key arg too long"}, 262 {ERR_REASON(SSL_R_KRB5) , "krb5"}, 263 {ERR_REASON(SSL_R_KRB5_C_CC_PRINC) , "krb5 client cc principal (no tkt?)"}, 264 {ERR_REASON(SSL_R_KRB5_C_GET_CRED) , "krb5 client get cred"}, 265 {ERR_REASON(SSL_R_KRB5_C_INIT) , "krb5 client init"}, 266 {ERR_REASON(SSL_R_KRB5_C_MK_REQ) , "krb5 client mk_req (expired tkt?)"}, 267 {ERR_REASON(SSL_R_KRB5_S_BAD_TICKET) , "krb5 server bad ticket"}, 268 {ERR_REASON(SSL_R_KRB5_S_INIT) , "krb5 server init"}, 269 {ERR_REASON(SSL_R_KRB5_S_RD_REQ) , "krb5 server rd_req (keytab perms?)"}, 270 {ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED) , "krb5 server tkt expired"}, 271 {ERR_REASON(SSL_R_KRB5_S_TKT_NYV) , "krb5 server tkt not yet valid"}, 272 {ERR_REASON(SSL_R_KRB5_S_TKT_SKEW) , "krb5 server tkt skew"}, 273 {ERR_REASON(SSL_R_LENGTH_MISMATCH) , "length mismatch"}, 274 {ERR_REASON(SSL_R_LENGTH_TOO_SHORT) , "length too short"}, 275 {ERR_REASON(SSL_R_LIBRARY_BUG) , "library bug"}, 276 {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"}, 277 {ERR_REASON(SSL_R_MESSAGE_TOO_LONG) , "message too long"}, 278 {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT) , "missing dh dsa cert"}, 279 {ERR_REASON(SSL_R_MISSING_DH_KEY) , "missing dh key"}, 280 {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT) , "missing dh rsa cert"}, 281 {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"}, 282 {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY), "missing export tmp dh key"}, 283 {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY), "missing export tmp rsa key"}, 284 {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"}, 285 {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT), "missing rsa encrypting cert"}, 286 {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"}, 287 {ERR_REASON(SSL_R_MISSING_SRP_PARAM) , "can't find SRP server param"}, 288 {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY) , "missing tmp dh key"}, 289 {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY) , "missing tmp ecdh key"}, 290 {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) , "missing tmp rsa key"}, 291 {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY) , "missing tmp rsa pkey"}, 292 {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"}, 293 {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS) , "multiple sgc restarts"}, 294 {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"}, 295 {ERR_REASON(SSL_R_NO_APPLICATION_PROTOCOL), "no application protocol"}, 296 {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"}, 297 {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"}, 298 {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"}, 299 {ERR_REASON(SSL_R_NO_CERTIFICATE_SET) , "no certificate set"}, 300 {ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"}, 301 {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE) , "no ciphers available"}, 302 {ERR_REASON(SSL_R_NO_CIPHERS_PASSED) , "no ciphers passed"}, 303 {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) , "no ciphers specified"}, 304 {ERR_REASON(SSL_R_NO_CIPHER_LIST) , "no cipher list"}, 305 {ERR_REASON(SSL_R_NO_CIPHER_MATCH) , "no cipher match"}, 306 {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) , "no client cert method"}, 307 {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"}, 308 {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"}, 309 {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "Peer haven't sent GOST certificate, required for selected ciphersuite"}, 310 {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) , "no method specified"}, 311 {ERR_REASON(SSL_R_NO_PRIVATEKEY) , "no privatekey"}, 312 {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"}, 313 {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"}, 314 {ERR_REASON(SSL_R_NO_PUBLICKEY) , "no publickey"}, 315 {ERR_REASON(SSL_R_NO_RENEGOTIATION) , "no renegotiation"}, 316 {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST) , "digest requred for handshake isn't computed"}, 317 {ERR_REASON(SSL_R_NO_SHARED_CIPHER) , "no shared cipher"}, 318 {ERR_REASON(SSL_R_NO_SRTP_PROFILES) , "no srtp profiles"}, 319 {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) , "no verify callback"}, 320 {ERR_REASON(SSL_R_NULL_SSL_CTX) , "null ssl ctx"}, 321 {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"}, 322 {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED), "old session cipher not returned"}, 323 {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED), "old session compression algorithm not returned"}, 324 {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE), "only tls allowed in fips mode"}, 325 {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"}, 326 {ERR_REASON(SSL_R_PARSE_TLSEXT) , "parse tlsext"}, 327 {ERR_REASON(SSL_R_PATH_TOO_LONG) , "path too long"}, 328 {ERR_REASON(SSL_R_PEER_BEHAVING_BADLY) , "peer is doing strange or hostile things"}, 329 {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE), "peer did not return a certificate"}, 330 {ERR_REASON(SSL_R_PEER_ERROR) , "peer error"}, 331 {ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"}, 332 {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE), "peer error no certificate"}, 333 {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER) , "peer error no cipher"}, 334 {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE), "peer error unsupported certificate type"}, 335 {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"}, 336 {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS), "problems mapping cipher functions"}, 337 {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN) , "protocol is shutdown"}, 338 {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"}, 339 {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB) , "psk no client cb"}, 340 {ERR_REASON(SSL_R_PSK_NO_SERVER_CB) , "psk no server cb"}, 341 {ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"}, 342 {ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) , "public key is not rsa"}, 343 {ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA) , "public key not rsa"}, 344 {ERR_REASON(SSL_R_QUIC_INTERNAL_ERROR) , "QUIC: internal error"}, 345 {ERR_REASON(SSL_R_READ_BIO_NOT_SET) , "read bio not set"}, 346 {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED) , "read timeout expired"}, 347 {ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"}, 348 {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"}, 349 {ERR_REASON(SSL_R_RECORD_TOO_LARGE) , "record too large"}, 350 {ERR_REASON(SSL_R_RECORD_TOO_SMALL) , "record too small"}, 351 {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"}, 352 {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR), "renegotiation encoding err"}, 353 {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"}, 354 {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"}, 355 {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING), "required compresssion algorithm missing"}, 356 {ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO), "reuse cert length not zero"}, 357 {ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"}, 358 {ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO), "reuse cipher list not zero"}, 359 {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING), "scsv received when renegotiating"}, 360 {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) , "serverhello tlsext"}, 361 {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED), "session id context uninitialized"}, 362 {ERR_REASON(SSL_R_SHORT_READ) , "short read"}, 363 {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR), "signature algorithms error"}, 364 {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE), "signature for non signing certificate"}, 365 {ERR_REASON(SSL_R_SRP_A_CALC) , "error with the srp params"}, 366 {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES), "srtp could not allocate profiles"}, 367 {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG), "srtp protection profile list too long"}, 368 {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE), "srtp unknown protection profile"}, 369 {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE), "ssl23 doing session id reuse"}, 370 {ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG), "ssl2 connection id too long"}, 371 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT), "ssl3 ext invalid ecpointformat"}, 372 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME), "ssl3 ext invalid servername"}, 373 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE), "ssl3 ext invalid servername type"}, 374 {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"}, 375 {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT), "ssl3 session id too short"}, 376 {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE), "sslv3 alert bad certificate"}, 377 {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC), "sslv3 alert bad record mac"}, 378 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED), "sslv3 alert certificate expired"}, 379 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED), "sslv3 alert certificate revoked"}, 380 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN), "sslv3 alert certificate unknown"}, 381 {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE), "sslv3 alert decompression failure"}, 382 {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE), "sslv3 alert handshake failure"}, 383 {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER), "sslv3 alert illegal parameter"}, 384 {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE), "sslv3 alert no certificate"}, 385 {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE), "sslv3 alert unexpected message"}, 386 {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE), "sslv3 alert unsupported certificate"}, 387 {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION), "ssl ctx has no default ssl version"}, 388 {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) , "ssl handshake failure"}, 389 {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS), "ssl library has no ciphers"}, 390 {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED), "ssl session id callback failed"}, 391 {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"}, 392 {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"}, 393 {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"}, 394 {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT), "ssl session id is different"}, 395 {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id is too long"}, 396 {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), "tlsv1 alert access denied"}, 397 {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"}, 398 {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED), "tlsv1 alert decryption failed"}, 399 {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR), "tlsv1 alert decrypt error"}, 400 {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION), "tlsv1 alert export restriction"}, 401 {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK), "tlsv1 alert inappropriate fallback"}, 402 {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY), "tlsv1 alert insufficient security"}, 403 {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR), "tlsv1 alert internal error"}, 404 {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION), "tlsv1 alert no renegotiation"}, 405 {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION), "tlsv1 alert protocol version"}, 406 {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW), "tlsv1 alert record overflow"}, 407 {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"}, 408 {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED), "tlsv1 alert user cancelled"}, 409 {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE), "tlsv1 bad certificate hash value"}, 410 {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE), "tlsv1 bad certificate status response"}, 411 {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE), "tlsv1 certificate unobtainable"}, 412 {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"}, 413 {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION), "tlsv1 unsupported extension"}, 414 {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER), "tls client cert req with anon cipher"}, 415 {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT), "peer does not accept heartbeats"}, 416 {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING) , "heartbeat request already pending"}, 417 {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL), "tls illegal exporter label"}, 418 {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST), "tls invalid ecpointformat list"}, 419 {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST), "tls peer did not respond with certificate list"}, 420 {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG), "tls rsa encrypted value length is wrong"}, 421 {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER), "tried to use unsupported cipher"}, 422 {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS), "unable to decode dh certs"}, 423 {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS), "unable to decode ecdh certs"}, 424 {ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY), "unable to extract public key"}, 425 {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS), "unable to find dh parameters"}, 426 {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS), "unable to find ecdh parameters"}, 427 {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS), "unable to find public key parameters"}, 428 {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD), "unable to find ssl method"}, 429 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES), "unable to load ssl2 md5 routines"}, 430 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES), "unable to load ssl3 md5 routines"}, 431 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES), "unable to load ssl3 sha1 routines"}, 432 {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE) , "unexpected message"}, 433 {ERR_REASON(SSL_R_UNEXPECTED_RECORD) , "unexpected record"}, 434 {ERR_REASON(SSL_R_UNINITIALIZED) , "uninitialized"}, 435 {ERR_REASON(SSL_R_UNKNOWN), "unknown failure occurred"}, 436 {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE) , "unknown alert type"}, 437 {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"}, 438 {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"}, 439 {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE) , "unknown cipher type"}, 440 {ERR_REASON(SSL_R_UNKNOWN_DIGEST) , "unknown digest"}, 441 {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE), "unknown key exchange type"}, 442 {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE) , "unknown pkey type"}, 443 {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL) , "unknown protocol"}, 444 {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE), "unknown remote error type"}, 445 {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION) , "unknown ssl version"}, 446 {ERR_REASON(SSL_R_UNKNOWN_STATE) , "unknown state"}, 447 {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED), "unsafe legacy renegotiation disabled"}, 448 {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER) , "unsupported cipher"}, 449 {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM), "unsupported compression algorithm"}, 450 {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"}, 451 {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE), "unsupported elliptic curve"}, 452 {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL) , "unsupported protocol"}, 453 {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"}, 454 {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"}, 455 {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"}, 456 {ERR_REASON(SSL_R_VERSION_TOO_LOW) , "version too low"}, 457 {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET) , "write bio not set"}, 458 {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) , "wrong cipher returned"}, 459 {ERR_REASON(SSL_R_WRONG_CURVE) , "wrong curve"}, 460 {ERR_REASON(SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED), "QUIC: wrong encryption level received"}, 461 {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE) , "wrong message type"}, 462 {ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"}, 463 {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"}, 464 {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE) , "wrong signature size"}, 465 {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE) , "wrong signature type"}, 466 {ERR_REASON(SSL_R_WRONG_SSL_VERSION) , "wrong ssl version"}, 467 {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER) , "wrong version number"}, 468 {ERR_REASON(SSL_R_X509_LIB) , "x509 lib"}, 469 {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS), "x509 verification setup problems"}, 470 {0, NULL} 471 }; 472 473 #endif 474 475 void 476 ERR_load_SSL_strings(void) 477 { 478 #ifndef OPENSSL_NO_ERR 479 if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) { 480 ERR_load_strings(0, SSL_str_functs); 481 ERR_load_strings(0, SSL_str_reasons); 482 } 483 #endif 484 } 485 486 void 487 SSL_load_error_strings(void) 488 { 489 #ifndef OPENSSL_NO_ERR 490 ERR_load_crypto_strings(); 491 ERR_load_SSL_strings(); 492 #endif 493 } 494 495 int 496 SSL_state_func_code(int state) { 497 switch (state) { 498 case SSL3_ST_CW_FLUSH: 499 return 1; 500 case SSL3_ST_CW_CLNT_HELLO_A: 501 return 2; 502 case SSL3_ST_CW_CLNT_HELLO_B: 503 return 3; 504 case SSL3_ST_CR_SRVR_HELLO_A: 505 return 4; 506 case SSL3_ST_CR_SRVR_HELLO_B: 507 return 5; 508 case SSL3_ST_CR_CERT_A: 509 return 6; 510 case SSL3_ST_CR_CERT_B: 511 return 7; 512 case SSL3_ST_CR_KEY_EXCH_A: 513 return 8; 514 case SSL3_ST_CR_KEY_EXCH_B: 515 return 9; 516 case SSL3_ST_CR_CERT_REQ_A: 517 return 10; 518 case SSL3_ST_CR_CERT_REQ_B: 519 return 11; 520 case SSL3_ST_CR_SRVR_DONE_A: 521 return 12; 522 case SSL3_ST_CR_SRVR_DONE_B: 523 return 13; 524 case SSL3_ST_CW_CERT_A: 525 return 14; 526 case SSL3_ST_CW_CERT_B: 527 return 15; 528 case SSL3_ST_CW_CERT_C: 529 return 16; 530 case SSL3_ST_CW_CERT_D: 531 return 17; 532 case SSL3_ST_CW_KEY_EXCH_A: 533 return 18; 534 case SSL3_ST_CW_KEY_EXCH_B: 535 return 19; 536 case SSL3_ST_CW_CERT_VRFY_A: 537 return 20; 538 case SSL3_ST_CW_CERT_VRFY_B: 539 return 21; 540 case SSL3_ST_CW_CHANGE_A: 541 return 22; 542 case SSL3_ST_CW_CHANGE_B: 543 return 23; 544 case SSL3_ST_CW_FINISHED_A: 545 return 26; 546 case SSL3_ST_CW_FINISHED_B: 547 return 27; 548 case SSL3_ST_CR_CHANGE_A: 549 return 28; 550 case SSL3_ST_CR_CHANGE_B: 551 return 29; 552 case SSL3_ST_CR_FINISHED_A: 553 return 30; 554 case SSL3_ST_CR_FINISHED_B: 555 return 31; 556 case SSL3_ST_CR_SESSION_TICKET_A: 557 return 32; 558 case SSL3_ST_CR_SESSION_TICKET_B: 559 return 33; 560 case SSL3_ST_CR_CERT_STATUS_A: 561 return 34; 562 case SSL3_ST_CR_CERT_STATUS_B: 563 return 35; 564 case SSL3_ST_SW_FLUSH: 565 return 36; 566 case SSL3_ST_SR_CLNT_HELLO_A: 567 return 37; 568 case SSL3_ST_SR_CLNT_HELLO_B: 569 return 38; 570 case SSL3_ST_SR_CLNT_HELLO_C: 571 return 39; 572 case SSL3_ST_SW_HELLO_REQ_A: 573 return 40; 574 case SSL3_ST_SW_HELLO_REQ_B: 575 return 41; 576 case SSL3_ST_SW_HELLO_REQ_C: 577 return 42; 578 case SSL3_ST_SW_SRVR_HELLO_A: 579 return 43; 580 case SSL3_ST_SW_SRVR_HELLO_B: 581 return 44; 582 case SSL3_ST_SW_CERT_A: 583 return 45; 584 case SSL3_ST_SW_CERT_B: 585 return 46; 586 case SSL3_ST_SW_KEY_EXCH_A: 587 return 47; 588 case SSL3_ST_SW_KEY_EXCH_B: 589 return 48; 590 case SSL3_ST_SW_CERT_REQ_A: 591 return 49; 592 case SSL3_ST_SW_CERT_REQ_B: 593 return 50; 594 case SSL3_ST_SW_SRVR_DONE_A: 595 return 51; 596 case SSL3_ST_SW_SRVR_DONE_B: 597 return 52; 598 case SSL3_ST_SR_CERT_A: 599 return 53; 600 case SSL3_ST_SR_CERT_B: 601 return 54; 602 case SSL3_ST_SR_KEY_EXCH_A: 603 return 55; 604 case SSL3_ST_SR_KEY_EXCH_B: 605 return 56; 606 case SSL3_ST_SR_CERT_VRFY_A: 607 return 57; 608 case SSL3_ST_SR_CERT_VRFY_B: 609 return 58; 610 case SSL3_ST_SR_CHANGE_A: 611 return 59; 612 case SSL3_ST_SR_CHANGE_B: 613 return 60; 614 case SSL3_ST_SR_FINISHED_A: 615 return 63; 616 case SSL3_ST_SR_FINISHED_B: 617 return 64; 618 case SSL3_ST_SW_CHANGE_A: 619 return 65; 620 case SSL3_ST_SW_CHANGE_B: 621 return 66; 622 case SSL3_ST_SW_FINISHED_A: 623 return 67; 624 case SSL3_ST_SW_FINISHED_B: 625 return 68; 626 case SSL3_ST_SW_SESSION_TICKET_A: 627 return 69; 628 case SSL3_ST_SW_SESSION_TICKET_B: 629 return 70; 630 case SSL3_ST_SW_CERT_STATUS_A: 631 return 71; 632 case SSL3_ST_SW_CERT_STATUS_B: 633 return 72; 634 case SSL_ST_BEFORE: 635 return 73; 636 case SSL_ST_ACCEPT: 637 return 74; 638 case SSL_ST_CONNECT: 639 return 75; 640 case SSL_ST_OK: 641 return 76; 642 case SSL_ST_RENEGOTIATE: 643 return 77; 644 case SSL_ST_BEFORE|SSL_ST_CONNECT: 645 return 78; 646 case SSL_ST_OK|SSL_ST_CONNECT: 647 return 79; 648 case SSL_ST_BEFORE|SSL_ST_ACCEPT: 649 return 80; 650 case SSL_ST_OK|SSL_ST_ACCEPT: 651 return 81; 652 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 653 return 83; 654 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: 655 return 84; 656 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 657 return 85; 658 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 659 return 86; 660 default: 661 break; 662 } 663 return 0xfff; 664 } 665 666 void 667 SSL_error_internal(const SSL *s, int r, char *f, int l) 668 { 669 ERR_PUT_error(ERR_LIB_SSL, 670 (SSL_state_func_code(s->s3->hs.state)), r, f, l); 671 } 672