1 /* $OpenBSD: ssl_err.c,v 1.44 2022/08/21 19:18:57 jsing Exp $ */
2 /* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56 #include <stdio.h>
57
58 #include <openssl/err.h>
59 #include <openssl/opensslconf.h>
60 #include <openssl/ssl.h>
61
62 #include "ssl_locl.h"
63
64 #ifndef OPENSSL_NO_ERR
65
66 #define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
67 #define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
68
69 /* See SSL_state_func_code below */
70 static ERR_STRING_DATA SSL_str_functs[]= {
71 {ERR_FUNC(1), "CONNECT_CW_FLUSH"},
72 {ERR_FUNC(2), "CONNECT_CW_CLNT_HELLO"},
73 {ERR_FUNC(3), "CONNECT_CW_CLNT_HELLO"},
74 {ERR_FUNC(4), "CONNECT_CR_SRVR_HELLO"},
75 {ERR_FUNC(5), "CONNECT_CR_SRVR_HELLO"},
76 {ERR_FUNC(6), "CONNECT_CR_CERT"},
77 {ERR_FUNC(7), "CONNECT_CR_CERT"},
78 {ERR_FUNC(8), "CONNECT_CR_KEY_EXCH"},
79 {ERR_FUNC(9), "CONNECT_CR_KEY_EXCH"},
80 {ERR_FUNC(10), "CONNECT_CR_CERT_REQ"},
81 {ERR_FUNC(11), "CONNECT_CR_CERT_REQ"},
82 {ERR_FUNC(12), "CONNECT_CR_SRVR_DONE"},
83 {ERR_FUNC(13), "CONNECT_CR_SRVR_DONE"},
84 {ERR_FUNC(14), "CONNECT_CW_CERT"},
85 {ERR_FUNC(15), "CONNECT_CW_CERT"},
86 {ERR_FUNC(16), "CONNECT_CW_CERT_C"},
87 {ERR_FUNC(17), "CONNECT_CW_CERT_D"},
88 {ERR_FUNC(18), "CONNECT_CW_KEY_EXCH"},
89 {ERR_FUNC(19), "CONNECT_CW_KEY_EXCH"},
90 {ERR_FUNC(20), "CONNECT_CW_CERT_VRFY"},
91 {ERR_FUNC(21), "CONNECT_CW_CERT_VRFY"},
92 {ERR_FUNC(22), "CONNECT_CW_CHANGE"},
93 {ERR_FUNC(23), "CONNECT_CW_CHANGE"},
94 {ERR_FUNC(26), "CONNECT_CW_FINISHED"},
95 {ERR_FUNC(27), "CONNECT_CW_FINISHED"},
96 {ERR_FUNC(28), "CONNECT_CR_CHANGE"},
97 {ERR_FUNC(29), "CONNECT_CR_CHANGE"},
98 {ERR_FUNC(30), "CONNECT_CR_FINISHED"},
99 {ERR_FUNC(31), "CONNECT_CR_FINISHED"},
100 {ERR_FUNC(32), "CONNECT_CR_SESSION_TICKET"},
101 {ERR_FUNC(33), "CONNECT_CR_SESSION_TICKET"},
102 {ERR_FUNC(34), "CONNECT_CR_CERT_STATUS"},
103 {ERR_FUNC(35), "CONNECT_CR_CERT_STATUS"},
104 {ERR_FUNC(36), "ACCEPT_SW_FLUSH"},
105 {ERR_FUNC(37), "ACCEPT_SR_CLNT_HELLO"},
106 {ERR_FUNC(38), "ACCEPT_SR_CLNT_HELLO"},
107 {ERR_FUNC(39), "ACCEPT_SR_CLNT_HELLO_C"},
108 {ERR_FUNC(40), "ACCEPT_SW_HELLO_REQ"},
109 {ERR_FUNC(41), "ACCEPT_SW_HELLO_REQ"},
110 {ERR_FUNC(42), "ACCEPT_SW_HELLO_REQ_C"},
111 {ERR_FUNC(43), "ACCEPT_SW_SRVR_HELLO"},
112 {ERR_FUNC(44), "ACCEPT_SW_SRVR_HELLO"},
113 {ERR_FUNC(45), "ACCEPT_SW_CERT"},
114 {ERR_FUNC(46), "ACCEPT_SW_CERT"},
115 {ERR_FUNC(47), "ACCEPT_SW_KEY_EXCH"},
116 {ERR_FUNC(48), "ACCEPT_SW_KEY_EXCH"},
117 {ERR_FUNC(49), "ACCEPT_SW_CERT_REQ"},
118 {ERR_FUNC(50), "ACCEPT_SW_CERT_REQ"},
119 {ERR_FUNC(51), "ACCEPT_SW_SRVR_DONE"},
120 {ERR_FUNC(52), "ACCEPT_SW_SRVR_DONE"},
121 {ERR_FUNC(53), "ACCEPT_SR_CERT"},
122 {ERR_FUNC(54), "ACCEPT_SR_CERT"},
123 {ERR_FUNC(55), "ACCEPT_SR_KEY_EXCH"},
124 {ERR_FUNC(56), "ACCEPT_SR_KEY_EXCH"},
125 {ERR_FUNC(57), "ACCEPT_SR_CERT_VRFY"},
126 {ERR_FUNC(58), "ACCEPT_SR_CERT_VRFY"},
127 {ERR_FUNC(59), "ACCEPT_SR_CHANGE"},
128 {ERR_FUNC(60), "ACCEPT_SR_CHANGE"},
129 {ERR_FUNC(63), "ACCEPT_SR_FINISHED"},
130 {ERR_FUNC(64), "ACCEPT_SR_FINISHED"},
131 {ERR_FUNC(65), "ACCEPT_SW_CHANGE"},
132 {ERR_FUNC(66), "ACCEPT_SW_CHANGE"},
133 {ERR_FUNC(67), "ACCEPT_SW_FINISHED"},
134 {ERR_FUNC(68), "ACCEPT_SW_FINISHED"},
135 {ERR_FUNC(69), "ACCEPT_SW_SESSION_TICKET"},
136 {ERR_FUNC(70), "ACCEPT_SW_SESSION_TICKET"},
137 {ERR_FUNC(71), "ACCEPT_SW_CERT_STATUS"},
138 {ERR_FUNC(72), "ACCEPT_SW_CERT_STATUS"},
139 {ERR_FUNC(73), "ST_BEFORE"},
140 {ERR_FUNC(74), "ST_ACCEPT"},
141 {ERR_FUNC(75), "ST_CONNECT"},
142 {ERR_FUNC(76), "ST_OK"},
143 {ERR_FUNC(77), "ST_RENEGOTIATE"},
144 {ERR_FUNC(78), "ST_BEFORE_CONNECT"},
145 {ERR_FUNC(79), "ST_OK_CONNECT"},
146 {ERR_FUNC(80), "ST_BEFORE_ACCEPT"},
147 {ERR_FUNC(81), "ST_OK_ACCEPT"},
148 {ERR_FUNC(83), "DTLS1_ST_CR_HELLO_VERIFY_REQUEST"},
149 {ERR_FUNC(84), "DTLS1_ST_CR_HELLO_VERIFY_REQUEST"},
150 {ERR_FUNC(85), "DTLS1_ST_SW_HELLO_VERIFY_REQUEST"},
151 {ERR_FUNC(86), "DTLS1_ST_SW_HELLO_VERIFY_REQUEST"},
152 {ERR_FUNC(0xfff), "(UNKNOWN)SSL_internal"},
153 {0, NULL}
154 };
155
156 static ERR_STRING_DATA SSL_str_reasons[]= {
157 {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) , "app data in handshake"},
158 {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT), "attempt to reuse session in different context"},
159 {ERR_REASON(SSL_R_BAD_ALERT_RECORD) , "bad alert record"},
160 {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"},
161 {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
162 {ERR_REASON(SSL_R_BAD_CHECKSUM) , "bad checksum"},
163 {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK), "bad data returned by callback"},
164 {ERR_REASON(SSL_R_BAD_DECOMPRESSION) , "bad decompression"},
165 {ERR_REASON(SSL_R_BAD_DH_G_LENGTH) , "bad dh g length"},
166 {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH) , "bad dh pub key length"},
167 {ERR_REASON(SSL_R_BAD_DH_P_LENGTH) , "bad dh p length"},
168 {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH) , "bad digest length"},
169 {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE) , "bad dsa signature"},
170 {ERR_REASON(SSL_R_BAD_ECC_CERT) , "bad ecc cert"},
171 {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE) , "bad ecdsa signature"},
172 {ERR_REASON(SSL_R_BAD_ECPOINT) , "bad ecpoint"},
173 {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH) , "bad handshake length"},
174 {ERR_REASON(SSL_R_BAD_HELLO_REQUEST) , "bad hello request"},
175 {ERR_REASON(SSL_R_BAD_LENGTH) , "bad length"},
176 {ERR_REASON(SSL_R_BAD_MAC_DECODE) , "bad mac decode"},
177 {ERR_REASON(SSL_R_BAD_MAC_LENGTH) , "bad mac length"},
178 {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE) , "bad message type"},
179 {ERR_REASON(SSL_R_BAD_PACKET_LENGTH) , "bad packet length"},
180 {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER), "bad protocol version number"},
181 {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH), "bad psk identity hint length"},
182 {ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) , "bad response argument"},
183 {ERR_REASON(SSL_R_BAD_RSA_DECRYPT) , "bad rsa decrypt"},
184 {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT) , "bad rsa encrypt"},
185 {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH) , "bad rsa e length"},
186 {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
187 {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE) , "bad rsa signature"},
188 {ERR_REASON(SSL_R_BAD_SIGNATURE) , "bad signature"},
189 {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH) , "bad srp a length"},
190 {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) , "bad srp b length"},
191 {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) , "bad srp g length"},
192 {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) , "bad srp n length"},
193 {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) , "bad srp s length"},
194 {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) , "bad srtp mki value"},
195 {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST), "bad srtp protection profile list"},
196 {ERR_REASON(SSL_R_BAD_SSL_FILETYPE) , "bad ssl filetype"},
197 {ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH), "bad ssl session id length"},
198 {ERR_REASON(SSL_R_BAD_STATE) , "bad state"},
199 {ERR_REASON(SSL_R_BAD_WRITE_RETRY) , "bad write retry"},
200 {ERR_REASON(SSL_R_BIO_NOT_SET) , "bio not set"},
201 {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG), "block cipher pad is wrong"},
202 {ERR_REASON(SSL_R_BN_LIB) , "bn lib"},
203 {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH) , "ca dn length mismatch"},
204 {ERR_REASON(SSL_R_CA_DN_TOO_LONG) , "ca dn too long"},
205 {ERR_REASON(SSL_R_CA_KEY_TOO_SMALL) , "ca key too small"},
206 {ERR_REASON(SSL_R_CA_MD_TOO_WEAK) , "ca md too weak"},
207 {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY) , "ccs received early"},
208 {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED), "certificate verify failed"},
209 {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH) , "cert length mismatch"},
210 {ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"},
211 {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
212 {ERR_REASON(SSL_R_CIPHER_COMPRESSION_UNAVAILABLE), "cipher compression unavailable"},
213 {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE), "cipher or hash unavailable"},
214 {ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"},
215 {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) , "clienthello tlsext"},
216 {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG), "compressed length too long"},
217 {ERR_REASON(SSL_R_COMPRESSION_DISABLED) , "compression disabled"},
218 {ERR_REASON(SSL_R_COMPRESSION_FAILURE) , "compression failure"},
219 {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE), "compression id not within private range"},
220 {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR), "compression library error"},
221 {ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT), "connection id is different"},
222 {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
223 {ERR_REASON(SSL_R_COOKIE_MISMATCH) , "cookie mismatch"},
224 {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED), "data between ccs and finished"},
225 {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG) , "data length too long"},
226 {ERR_REASON(SSL_R_DECRYPTION_FAILED) , "decryption failed"},
227 {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC), "decryption failed or bad record mac"},
228 {ERR_REASON(SSL_R_DH_KEY_TOO_SMALL) , "dh key too small"},
229 {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG), "dh public value length is wrong"},
230 {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED) , "digest check failed"},
231 {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG) , "dtls message too big"},
232 {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
233 {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT), "ecc cert not for key agreement"},
234 {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
235 {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE), "ecc cert should have rsa signature"},
236 {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE), "ecc cert should have sha1 signature"},
237 {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER), "ecgroup too large for cipher"},
238 {ERR_REASON(SSL_R_EE_KEY_TOO_SMALL) , "ee key too small"},
239 {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST), "empty srtp protection profile list"},
240 {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG), "encrypted length too long"},
241 {ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY), "error generating tmp rsa key"},
242 {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST), "error in received cipher list"},
243 {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
244 {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) , "extra data in message"},
245 {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
246 {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS), "got next proto before a ccs"},
247 {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION), "got next proto without seeing extension"},
248 {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) , "https proxy request"},
249 {ERR_REASON(SSL_R_HTTP_REQUEST) , "http request"},
250 {ERR_REASON(SSL_R_ILLEGAL_PADDING) , "illegal padding"},
251 {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
252 {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
253 {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
254 {ERR_REASON(SSL_R_INVALID_COMMAND) , "invalid command"},
255 {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM), "invalid compression algorithm"},
256 {ERR_REASON(SSL_R_INVALID_PURPOSE) , "invalid purpose"},
257 {ERR_REASON(SSL_R_INVALID_SRP_USERNAME) , "invalid srp username"},
258 {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
259 {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH), "invalid ticket keys length"},
260 {ERR_REASON(SSL_R_INVALID_TRUST) , "invalid trust"},
261 {ERR_REASON(SSL_R_KEY_ARG_TOO_LONG) , "key arg too long"},
262 {ERR_REASON(SSL_R_KRB5) , "krb5"},
263 {ERR_REASON(SSL_R_KRB5_C_CC_PRINC) , "krb5 client cc principal (no tkt?)"},
264 {ERR_REASON(SSL_R_KRB5_C_GET_CRED) , "krb5 client get cred"},
265 {ERR_REASON(SSL_R_KRB5_C_INIT) , "krb5 client init"},
266 {ERR_REASON(SSL_R_KRB5_C_MK_REQ) , "krb5 client mk_req (expired tkt?)"},
267 {ERR_REASON(SSL_R_KRB5_S_BAD_TICKET) , "krb5 server bad ticket"},
268 {ERR_REASON(SSL_R_KRB5_S_INIT) , "krb5 server init"},
269 {ERR_REASON(SSL_R_KRB5_S_RD_REQ) , "krb5 server rd_req (keytab perms?)"},
270 {ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED) , "krb5 server tkt expired"},
271 {ERR_REASON(SSL_R_KRB5_S_TKT_NYV) , "krb5 server tkt not yet valid"},
272 {ERR_REASON(SSL_R_KRB5_S_TKT_SKEW) , "krb5 server tkt skew"},
273 {ERR_REASON(SSL_R_LENGTH_MISMATCH) , "length mismatch"},
274 {ERR_REASON(SSL_R_LENGTH_TOO_SHORT) , "length too short"},
275 {ERR_REASON(SSL_R_LIBRARY_BUG) , "library bug"},
276 {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
277 {ERR_REASON(SSL_R_MESSAGE_TOO_LONG) , "message too long"},
278 {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT) , "missing dh dsa cert"},
279 {ERR_REASON(SSL_R_MISSING_DH_KEY) , "missing dh key"},
280 {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT) , "missing dh rsa cert"},
281 {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
282 {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY), "missing export tmp dh key"},
283 {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY), "missing export tmp rsa key"},
284 {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
285 {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT), "missing rsa encrypting cert"},
286 {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
287 {ERR_REASON(SSL_R_MISSING_SRP_PARAM) , "can't find SRP server param"},
288 {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY) , "missing tmp dh key"},
289 {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY) , "missing tmp ecdh key"},
290 {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) , "missing tmp rsa key"},
291 {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY) , "missing tmp rsa pkey"},
292 {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
293 {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS) , "multiple sgc restarts"},
294 {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"},
295 {ERR_REASON(SSL_R_NO_APPLICATION_PROTOCOL), "no application protocol"},
296 {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
297 {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
298 {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
299 {ERR_REASON(SSL_R_NO_CERTIFICATE_SET) , "no certificate set"},
300 {ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"},
301 {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE) , "no ciphers available"},
302 {ERR_REASON(SSL_R_NO_CIPHERS_PASSED) , "no ciphers passed"},
303 {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) , "no ciphers specified"},
304 {ERR_REASON(SSL_R_NO_CIPHER_LIST) , "no cipher list"},
305 {ERR_REASON(SSL_R_NO_CIPHER_MATCH) , "no cipher match"},
306 {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) , "no client cert method"},
307 {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
308 {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
309 {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "Peer haven't sent GOST certificate, required for selected ciphersuite"},
310 {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) , "no method specified"},
311 {ERR_REASON(SSL_R_NO_PRIVATEKEY) , "no privatekey"},
312 {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
313 {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
314 {ERR_REASON(SSL_R_NO_PUBLICKEY) , "no publickey"},
315 {ERR_REASON(SSL_R_NO_RENEGOTIATION) , "no renegotiation"},
316 {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST) , "digest requred for handshake isn't computed"},
317 {ERR_REASON(SSL_R_NO_SHARED_CIPHER) , "no shared cipher"},
318 {ERR_REASON(SSL_R_NO_SRTP_PROFILES) , "no srtp profiles"},
319 {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) , "no verify callback"},
320 {ERR_REASON(SSL_R_NULL_SSL_CTX) , "null ssl ctx"},
321 {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
322 {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED), "old session cipher not returned"},
323 {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED), "old session compression algorithm not returned"},
324 {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE), "only tls allowed in fips mode"},
325 {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
326 {ERR_REASON(SSL_R_PARSE_TLSEXT) , "parse tlsext"},
327 {ERR_REASON(SSL_R_PATH_TOO_LONG) , "path too long"},
328 {ERR_REASON(SSL_R_PEER_BEHAVING_BADLY) , "peer is doing strange or hostile things"},
329 {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE), "peer did not return a certificate"},
330 {ERR_REASON(SSL_R_PEER_ERROR) , "peer error"},
331 {ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"},
332 {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE), "peer error no certificate"},
333 {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER) , "peer error no cipher"},
334 {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE), "peer error unsupported certificate type"},
335 {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
336 {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS), "problems mapping cipher functions"},
337 {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN) , "protocol is shutdown"},
338 {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
339 {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB) , "psk no client cb"},
340 {ERR_REASON(SSL_R_PSK_NO_SERVER_CB) , "psk no server cb"},
341 {ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
342 {ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) , "public key is not rsa"},
343 {ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA) , "public key not rsa"},
344 {ERR_REASON(SSL_R_QUIC_INTERNAL_ERROR) , "QUIC: internal error"},
345 {ERR_REASON(SSL_R_READ_BIO_NOT_SET) , "read bio not set"},
346 {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED) , "read timeout expired"},
347 {ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"},
348 {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
349 {ERR_REASON(SSL_R_RECORD_TOO_LARGE) , "record too large"},
350 {ERR_REASON(SSL_R_RECORD_TOO_SMALL) , "record too small"},
351 {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
352 {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR), "renegotiation encoding err"},
353 {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
354 {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
355 {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING), "required compresssion algorithm missing"},
356 {ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO), "reuse cert length not zero"},
357 {ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
358 {ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO), "reuse cipher list not zero"},
359 {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING), "scsv received when renegotiating"},
360 {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) , "serverhello tlsext"},
361 {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED), "session id context uninitialized"},
362 {ERR_REASON(SSL_R_SHORT_READ) , "short read"},
363 {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR), "signature algorithms error"},
364 {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE), "signature for non signing certificate"},
365 {ERR_REASON(SSL_R_SRP_A_CALC) , "error with the srp params"},
366 {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES), "srtp could not allocate profiles"},
367 {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG), "srtp protection profile list too long"},
368 {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE), "srtp unknown protection profile"},
369 {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE), "ssl23 doing session id reuse"},
370 {ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG), "ssl2 connection id too long"},
371 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT), "ssl3 ext invalid ecpointformat"},
372 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME), "ssl3 ext invalid servername"},
373 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE), "ssl3 ext invalid servername type"},
374 {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
375 {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT), "ssl3 session id too short"},
376 {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE), "sslv3 alert bad certificate"},
377 {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC), "sslv3 alert bad record mac"},
378 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED), "sslv3 alert certificate expired"},
379 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED), "sslv3 alert certificate revoked"},
380 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN), "sslv3 alert certificate unknown"},
381 {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE), "sslv3 alert decompression failure"},
382 {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE), "sslv3 alert handshake failure"},
383 {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER), "sslv3 alert illegal parameter"},
384 {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE), "sslv3 alert no certificate"},
385 {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE), "sslv3 alert unexpected message"},
386 {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE), "sslv3 alert unsupported certificate"},
387 {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION), "ssl ctx has no default ssl version"},
388 {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) , "ssl handshake failure"},
389 {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS), "ssl library has no ciphers"},
390 {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED), "ssl session id callback failed"},
391 {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
392 {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"},
393 {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"},
394 {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT), "ssl session id is different"},
395 {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id is too long"},
396 {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), "tlsv1 alert access denied"},
397 {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
398 {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED), "tlsv1 alert decryption failed"},
399 {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR), "tlsv1 alert decrypt error"},
400 {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION), "tlsv1 alert export restriction"},
401 {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK), "tlsv1 alert inappropriate fallback"},
402 {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY), "tlsv1 alert insufficient security"},
403 {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR), "tlsv1 alert internal error"},
404 {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION), "tlsv1 alert no renegotiation"},
405 {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION), "tlsv1 alert protocol version"},
406 {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW), "tlsv1 alert record overflow"},
407 {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
408 {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED), "tlsv1 alert user cancelled"},
409 {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE), "tlsv1 bad certificate hash value"},
410 {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE), "tlsv1 bad certificate status response"},
411 {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE), "tlsv1 certificate unobtainable"},
412 {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
413 {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION), "tlsv1 unsupported extension"},
414 {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER), "tls client cert req with anon cipher"},
415 {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT), "peer does not accept heartbeats"},
416 {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING) , "heartbeat request already pending"},
417 {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL), "tls illegal exporter label"},
418 {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST), "tls invalid ecpointformat list"},
419 {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST), "tls peer did not respond with certificate list"},
420 {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG), "tls rsa encrypted value length is wrong"},
421 {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER), "tried to use unsupported cipher"},
422 {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS), "unable to decode dh certs"},
423 {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS), "unable to decode ecdh certs"},
424 {ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY), "unable to extract public key"},
425 {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS), "unable to find dh parameters"},
426 {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS), "unable to find ecdh parameters"},
427 {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS), "unable to find public key parameters"},
428 {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD), "unable to find ssl method"},
429 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES), "unable to load ssl2 md5 routines"},
430 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES), "unable to load ssl3 md5 routines"},
431 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES), "unable to load ssl3 sha1 routines"},
432 {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE) , "unexpected message"},
433 {ERR_REASON(SSL_R_UNEXPECTED_RECORD) , "unexpected record"},
434 {ERR_REASON(SSL_R_UNINITIALIZED) , "uninitialized"},
435 {ERR_REASON(SSL_R_UNKNOWN), "unknown failure occurred"},
436 {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE) , "unknown alert type"},
437 {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
438 {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
439 {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE) , "unknown cipher type"},
440 {ERR_REASON(SSL_R_UNKNOWN_DIGEST) , "unknown digest"},
441 {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE), "unknown key exchange type"},
442 {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE) , "unknown pkey type"},
443 {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL) , "unknown protocol"},
444 {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE), "unknown remote error type"},
445 {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION) , "unknown ssl version"},
446 {ERR_REASON(SSL_R_UNKNOWN_STATE) , "unknown state"},
447 {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED), "unsafe legacy renegotiation disabled"},
448 {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER) , "unsupported cipher"},
449 {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM), "unsupported compression algorithm"},
450 {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
451 {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE), "unsupported elliptic curve"},
452 {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL) , "unsupported protocol"},
453 {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
454 {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
455 {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
456 {ERR_REASON(SSL_R_VERSION_TOO_LOW) , "version too low"},
457 {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET) , "write bio not set"},
458 {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) , "wrong cipher returned"},
459 {ERR_REASON(SSL_R_WRONG_CURVE) , "wrong curve"},
460 {ERR_REASON(SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED), "QUIC: wrong encryption level received"},
461 {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE) , "wrong message type"},
462 {ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
463 {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
464 {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE) , "wrong signature size"},
465 {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE) , "wrong signature type"},
466 {ERR_REASON(SSL_R_WRONG_SSL_VERSION) , "wrong ssl version"},
467 {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER) , "wrong version number"},
468 {ERR_REASON(SSL_R_X509_LIB) , "x509 lib"},
469 {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS), "x509 verification setup problems"},
470 {0, NULL}
471 };
472
473 #endif
474
475 void
ERR_load_SSL_strings(void)476 ERR_load_SSL_strings(void)
477 {
478 #ifndef OPENSSL_NO_ERR
479 if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
480 ERR_load_strings(0, SSL_str_functs);
481 ERR_load_strings(0, SSL_str_reasons);
482 }
483 #endif
484 }
485
486 void
SSL_load_error_strings(void)487 SSL_load_error_strings(void)
488 {
489 #ifndef OPENSSL_NO_ERR
490 ERR_load_crypto_strings();
491 ERR_load_SSL_strings();
492 #endif
493 }
494
495 int
SSL_state_func_code(int state)496 SSL_state_func_code(int state) {
497 switch (state) {
498 case SSL3_ST_CW_FLUSH:
499 return 1;
500 case SSL3_ST_CW_CLNT_HELLO_A:
501 return 2;
502 case SSL3_ST_CW_CLNT_HELLO_B:
503 return 3;
504 case SSL3_ST_CR_SRVR_HELLO_A:
505 return 4;
506 case SSL3_ST_CR_SRVR_HELLO_B:
507 return 5;
508 case SSL3_ST_CR_CERT_A:
509 return 6;
510 case SSL3_ST_CR_CERT_B:
511 return 7;
512 case SSL3_ST_CR_KEY_EXCH_A:
513 return 8;
514 case SSL3_ST_CR_KEY_EXCH_B:
515 return 9;
516 case SSL3_ST_CR_CERT_REQ_A:
517 return 10;
518 case SSL3_ST_CR_CERT_REQ_B:
519 return 11;
520 case SSL3_ST_CR_SRVR_DONE_A:
521 return 12;
522 case SSL3_ST_CR_SRVR_DONE_B:
523 return 13;
524 case SSL3_ST_CW_CERT_A:
525 return 14;
526 case SSL3_ST_CW_CERT_B:
527 return 15;
528 case SSL3_ST_CW_CERT_C:
529 return 16;
530 case SSL3_ST_CW_CERT_D:
531 return 17;
532 case SSL3_ST_CW_KEY_EXCH_A:
533 return 18;
534 case SSL3_ST_CW_KEY_EXCH_B:
535 return 19;
536 case SSL3_ST_CW_CERT_VRFY_A:
537 return 20;
538 case SSL3_ST_CW_CERT_VRFY_B:
539 return 21;
540 case SSL3_ST_CW_CHANGE_A:
541 return 22;
542 case SSL3_ST_CW_CHANGE_B:
543 return 23;
544 case SSL3_ST_CW_FINISHED_A:
545 return 26;
546 case SSL3_ST_CW_FINISHED_B:
547 return 27;
548 case SSL3_ST_CR_CHANGE_A:
549 return 28;
550 case SSL3_ST_CR_CHANGE_B:
551 return 29;
552 case SSL3_ST_CR_FINISHED_A:
553 return 30;
554 case SSL3_ST_CR_FINISHED_B:
555 return 31;
556 case SSL3_ST_CR_SESSION_TICKET_A:
557 return 32;
558 case SSL3_ST_CR_SESSION_TICKET_B:
559 return 33;
560 case SSL3_ST_CR_CERT_STATUS_A:
561 return 34;
562 case SSL3_ST_CR_CERT_STATUS_B:
563 return 35;
564 case SSL3_ST_SW_FLUSH:
565 return 36;
566 case SSL3_ST_SR_CLNT_HELLO_A:
567 return 37;
568 case SSL3_ST_SR_CLNT_HELLO_B:
569 return 38;
570 case SSL3_ST_SR_CLNT_HELLO_C:
571 return 39;
572 case SSL3_ST_SW_HELLO_REQ_A:
573 return 40;
574 case SSL3_ST_SW_HELLO_REQ_B:
575 return 41;
576 case SSL3_ST_SW_HELLO_REQ_C:
577 return 42;
578 case SSL3_ST_SW_SRVR_HELLO_A:
579 return 43;
580 case SSL3_ST_SW_SRVR_HELLO_B:
581 return 44;
582 case SSL3_ST_SW_CERT_A:
583 return 45;
584 case SSL3_ST_SW_CERT_B:
585 return 46;
586 case SSL3_ST_SW_KEY_EXCH_A:
587 return 47;
588 case SSL3_ST_SW_KEY_EXCH_B:
589 return 48;
590 case SSL3_ST_SW_CERT_REQ_A:
591 return 49;
592 case SSL3_ST_SW_CERT_REQ_B:
593 return 50;
594 case SSL3_ST_SW_SRVR_DONE_A:
595 return 51;
596 case SSL3_ST_SW_SRVR_DONE_B:
597 return 52;
598 case SSL3_ST_SR_CERT_A:
599 return 53;
600 case SSL3_ST_SR_CERT_B:
601 return 54;
602 case SSL3_ST_SR_KEY_EXCH_A:
603 return 55;
604 case SSL3_ST_SR_KEY_EXCH_B:
605 return 56;
606 case SSL3_ST_SR_CERT_VRFY_A:
607 return 57;
608 case SSL3_ST_SR_CERT_VRFY_B:
609 return 58;
610 case SSL3_ST_SR_CHANGE_A:
611 return 59;
612 case SSL3_ST_SR_CHANGE_B:
613 return 60;
614 case SSL3_ST_SR_FINISHED_A:
615 return 63;
616 case SSL3_ST_SR_FINISHED_B:
617 return 64;
618 case SSL3_ST_SW_CHANGE_A:
619 return 65;
620 case SSL3_ST_SW_CHANGE_B:
621 return 66;
622 case SSL3_ST_SW_FINISHED_A:
623 return 67;
624 case SSL3_ST_SW_FINISHED_B:
625 return 68;
626 case SSL3_ST_SW_SESSION_TICKET_A:
627 return 69;
628 case SSL3_ST_SW_SESSION_TICKET_B:
629 return 70;
630 case SSL3_ST_SW_CERT_STATUS_A:
631 return 71;
632 case SSL3_ST_SW_CERT_STATUS_B:
633 return 72;
634 case SSL_ST_BEFORE:
635 return 73;
636 case SSL_ST_ACCEPT:
637 return 74;
638 case SSL_ST_CONNECT:
639 return 75;
640 case SSL_ST_OK:
641 return 76;
642 case SSL_ST_RENEGOTIATE:
643 return 77;
644 case SSL_ST_BEFORE|SSL_ST_CONNECT:
645 return 78;
646 case SSL_ST_OK|SSL_ST_CONNECT:
647 return 79;
648 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
649 return 80;
650 case SSL_ST_OK|SSL_ST_ACCEPT:
651 return 81;
652 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
653 return 83;
654 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
655 return 84;
656 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
657 return 85;
658 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
659 return 86;
660 default:
661 break;
662 }
663 return 0xfff;
664 }
665
666 void
SSL_error_internal(const SSL * s,int r,char * f,int l)667 SSL_error_internal(const SSL *s, int r, char *f, int l)
668 {
669 ERR_PUT_error(ERR_LIB_SSL,
670 (SSL_state_func_code(s->s3->hs.state)), r, f, l);
671 }
672