1 /* $OpenBSD: ssl_stat.c,v 1.23 2024/10/12 03:54:18 tb Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright 2005 Nokia. All rights reserved.
60 *
61 * The portions of the attached software ("Contribution") is developed by
62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
63 * license.
64 *
65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
67 * support (see RFC 4279) to OpenSSL.
68 *
69 * No patent licenses or other rights except those expressly stated in
70 * the OpenSSL open source license shall be deemed granted or received
71 * expressly, by implication, estoppel, or otherwise.
72 *
73 * No assurances are provided by Nokia that the Contribution does not
74 * infringe the patent or other intellectual property rights of any third
75 * party or that the license provides you with all the necessary rights
76 * to make use of the Contribution.
77 *
78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
82 * OTHERWISE.
83 */
84
85 #include <stdio.h>
86
87 #include "ssl_local.h"
88
89 const char *
SSL_state_string_long(const SSL * s)90 SSL_state_string_long(const SSL *s)
91 {
92 switch (s->s3->hs.state) {
93 case SSL_ST_BEFORE:
94 return "before SSL initialization";
95 case SSL_ST_ACCEPT:
96 return "before accept initialization";
97 case SSL_ST_CONNECT:
98 return "before connect initialization";
99 case SSL_ST_OK:
100 return "SSL negotiation finished successfully";
101 case SSL_ST_RENEGOTIATE:
102 return "SSL renegotiate ciphers";
103 case SSL_ST_BEFORE|SSL_ST_CONNECT:
104 return "before/connect initialization";
105 case SSL_ST_OK|SSL_ST_CONNECT:
106 return "ok/connect SSL initialization";
107 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
108 return "before/accept initialization";
109 case SSL_ST_OK|SSL_ST_ACCEPT:
110 return "ok/accept SSL initialization";
111
112 /* SSLv3 additions */
113 case SSL3_ST_CW_CLNT_HELLO_A:
114 return "SSLv3 write client hello A";
115 case SSL3_ST_CW_CLNT_HELLO_B:
116 return "SSLv3 write client hello B";
117 case SSL3_ST_CR_SRVR_HELLO_A:
118 return "SSLv3 read server hello A";
119 case SSL3_ST_CR_SRVR_HELLO_B:
120 return "SSLv3 read server hello B";
121 case SSL3_ST_CR_CERT_A:
122 return "SSLv3 read server certificate A";
123 case SSL3_ST_CR_CERT_B:
124 return "SSLv3 read server certificate B";
125 case SSL3_ST_CR_KEY_EXCH_A:
126 return "SSLv3 read server key exchange A";
127 case SSL3_ST_CR_KEY_EXCH_B:
128 return "SSLv3 read server key exchange B";
129 case SSL3_ST_CR_CERT_REQ_A:
130 return "SSLv3 read server certificate request A";
131 case SSL3_ST_CR_CERT_REQ_B:
132 return "SSLv3 read server certificate request B";
133 case SSL3_ST_CR_SESSION_TICKET_A:
134 return "SSLv3 read server session ticket A";
135 case SSL3_ST_CR_SESSION_TICKET_B:
136 return "SSLv3 read server session ticket B";
137 case SSL3_ST_CR_SRVR_DONE_A:
138 return "SSLv3 read server done A";
139 case SSL3_ST_CR_SRVR_DONE_B:
140 return "SSLv3 read server done B";
141 case SSL3_ST_CW_CERT_A:
142 return "SSLv3 write client certificate A";
143 case SSL3_ST_CW_CERT_B:
144 return "SSLv3 write client certificate B";
145 case SSL3_ST_CW_CERT_C:
146 return "SSLv3 write client certificate C";
147 case SSL3_ST_CW_CERT_D:
148 return "SSLv3 write client certificate D";
149 case SSL3_ST_CW_KEY_EXCH_A:
150 return "SSLv3 write client key exchange A";
151 case SSL3_ST_CW_KEY_EXCH_B:
152 return "SSLv3 write client key exchange B";
153 case SSL3_ST_CW_CERT_VRFY_A:
154 return "SSLv3 write certificate verify A";
155 case SSL3_ST_CW_CERT_VRFY_B:
156 return "SSLv3 write certificate verify B";
157
158 case SSL3_ST_CW_CHANGE_A:
159 case SSL3_ST_SW_CHANGE_A:
160 return "SSLv3 write change cipher spec A";
161 case SSL3_ST_CW_CHANGE_B:
162 case SSL3_ST_SW_CHANGE_B:
163 return "SSLv3 write change cipher spec B";
164 case SSL3_ST_CW_FINISHED_A:
165 case SSL3_ST_SW_FINISHED_A:
166 return "SSLv3 write finished A";
167 case SSL3_ST_CW_FINISHED_B:
168 case SSL3_ST_SW_FINISHED_B:
169 return "SSLv3 write finished B";
170 case SSL3_ST_CR_CHANGE_A:
171 case SSL3_ST_SR_CHANGE_A:
172 return "SSLv3 read change cipher spec A";
173 case SSL3_ST_CR_CHANGE_B:
174 case SSL3_ST_SR_CHANGE_B:
175 return "SSLv3 read change cipher spec B";
176 case SSL3_ST_CR_FINISHED_A:
177 case SSL3_ST_SR_FINISHED_A:
178 return "SSLv3 read finished A";
179 case SSL3_ST_CR_FINISHED_B:
180 case SSL3_ST_SR_FINISHED_B:
181 return "SSLv3 read finished B";
182
183 case SSL3_ST_CW_FLUSH:
184 case SSL3_ST_SW_FLUSH:
185 return "SSLv3 flush data";
186
187 case SSL3_ST_SR_CLNT_HELLO_A:
188 return "SSLv3 read client hello A";
189 case SSL3_ST_SR_CLNT_HELLO_B:
190 return "SSLv3 read client hello B";
191 case SSL3_ST_SR_CLNT_HELLO_C:
192 return "SSLv3 read client hello C";
193 case SSL3_ST_SW_HELLO_REQ_A:
194 return "SSLv3 write hello request A";
195 case SSL3_ST_SW_HELLO_REQ_B:
196 return "SSLv3 write hello request B";
197 case SSL3_ST_SW_HELLO_REQ_C:
198 return "SSLv3 write hello request C";
199 case SSL3_ST_SW_SRVR_HELLO_A:
200 return "SSLv3 write server hello A";
201 case SSL3_ST_SW_SRVR_HELLO_B:
202 return "SSLv3 write server hello B";
203 case SSL3_ST_SW_CERT_A:
204 return "SSLv3 write certificate A";
205 case SSL3_ST_SW_CERT_B:
206 return "SSLv3 write certificate B";
207 case SSL3_ST_SW_KEY_EXCH_A:
208 return "SSLv3 write key exchange A";
209 case SSL3_ST_SW_KEY_EXCH_B:
210 return "SSLv3 write key exchange B";
211 case SSL3_ST_SW_CERT_REQ_A:
212 return "SSLv3 write certificate request A";
213 case SSL3_ST_SW_CERT_REQ_B:
214 return "SSLv3 write certificate request B";
215 case SSL3_ST_SW_SESSION_TICKET_A:
216 return "SSLv3 write session ticket A";
217 case SSL3_ST_SW_SESSION_TICKET_B:
218 return "SSLv3 write session ticket B";
219 case SSL3_ST_SW_SRVR_DONE_A:
220 return "SSLv3 write server done A";
221 case SSL3_ST_SW_SRVR_DONE_B:
222 return "SSLv3 write server done B";
223 case SSL3_ST_SR_CERT_A:
224 return "SSLv3 read client certificate A";
225 case SSL3_ST_SR_CERT_B:
226 return "SSLv3 read client certificate B";
227 case SSL3_ST_SR_KEY_EXCH_A:
228 return "SSLv3 read client key exchange A";
229 case SSL3_ST_SR_KEY_EXCH_B:
230 return "SSLv3 read client key exchange B";
231 case SSL3_ST_SR_CERT_VRFY_A:
232 return "SSLv3 read certificate verify A";
233 case SSL3_ST_SR_CERT_VRFY_B:
234 return "SSLv3 read certificate verify B";
235
236 /* DTLS */
237 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
238 return "DTLS1 read hello verify request A";
239 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
240 return "DTLS1 read hello verify request B";
241 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
242 return "DTLS1 write hello verify request A";
243 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
244 return "DTLS1 write hello verify request B";
245
246 default:
247 return "unknown state";
248 }
249 }
250 LSSL_ALIAS(SSL_state_string_long);
251
252 const char *
SSL_rstate_string_long(const SSL * s)253 SSL_rstate_string_long(const SSL *s)
254 {
255 switch (s->rstate) {
256 case SSL_ST_READ_HEADER:
257 return "read header";
258 case SSL_ST_READ_BODY:
259 return "read body";
260 case SSL_ST_READ_DONE:
261 return "read done";
262 default:
263 return "unknown";
264 }
265 }
266 LSSL_ALIAS(SSL_rstate_string_long);
267
268 const char *
SSL_state_string(const SSL * s)269 SSL_state_string(const SSL *s)
270 {
271 switch (s->s3->hs.state) {
272 case SSL_ST_BEFORE:
273 return "PINIT ";
274 case SSL_ST_ACCEPT:
275 return "AINIT ";
276 case SSL_ST_CONNECT:
277 return "CINIT ";
278 case SSL_ST_OK:
279 return "SSLOK ";
280
281 /* SSLv3 additions */
282 case SSL3_ST_SW_FLUSH:
283 case SSL3_ST_CW_FLUSH:
284 return "3FLUSH";
285 case SSL3_ST_CW_CLNT_HELLO_A:
286 return "3WCH_A";
287 case SSL3_ST_CW_CLNT_HELLO_B:
288 return "3WCH_B";
289 case SSL3_ST_CR_SRVR_HELLO_A:
290 return "3RSH_A";
291 case SSL3_ST_CR_SRVR_HELLO_B:
292 return "3RSH_B";
293 case SSL3_ST_CR_CERT_A:
294 return "3RSC_A";
295 case SSL3_ST_CR_CERT_B:
296 return "3RSC_B";
297 case SSL3_ST_CR_KEY_EXCH_A:
298 return "3RSKEA";
299 case SSL3_ST_CR_KEY_EXCH_B:
300 return "3RSKEB";
301 case SSL3_ST_CR_CERT_REQ_A:
302 return "3RCR_A";
303 case SSL3_ST_CR_CERT_REQ_B:
304 return "3RCR_B";
305 case SSL3_ST_CR_SRVR_DONE_A:
306 return "3RSD_A";
307 case SSL3_ST_CR_SRVR_DONE_B:
308 return "3RSD_B";
309 case SSL3_ST_CW_CERT_A:
310 return "3WCC_A";
311 case SSL3_ST_CW_CERT_B:
312 return "3WCC_B";
313 case SSL3_ST_CW_CERT_C:
314 return "3WCC_C";
315 case SSL3_ST_CW_CERT_D:
316 return "3WCC_D";
317 case SSL3_ST_CW_KEY_EXCH_A:
318 return "3WCKEA";
319 case SSL3_ST_CW_KEY_EXCH_B:
320 return "3WCKEB";
321 case SSL3_ST_CW_CERT_VRFY_A:
322 return "3WCV_A";
323 case SSL3_ST_CW_CERT_VRFY_B:
324 return "3WCV_B";
325
326 case SSL3_ST_SW_CHANGE_A:
327 case SSL3_ST_CW_CHANGE_A:
328 return "3WCCSA";
329 case SSL3_ST_SW_CHANGE_B:
330 case SSL3_ST_CW_CHANGE_B:
331 return "3WCCSB";
332 case SSL3_ST_SW_FINISHED_A:
333 case SSL3_ST_CW_FINISHED_A:
334 return "3WFINA";
335 case SSL3_ST_SW_FINISHED_B:
336 case SSL3_ST_CW_FINISHED_B:
337 return "3WFINB";
338 case SSL3_ST_SR_CHANGE_A:
339 case SSL3_ST_CR_CHANGE_A:
340 return "3RCCSA";
341 case SSL3_ST_SR_CHANGE_B:
342 case SSL3_ST_CR_CHANGE_B:
343 return "3RCCSB";
344 case SSL3_ST_SR_FINISHED_A:
345 case SSL3_ST_CR_FINISHED_A:
346 return "3RFINA";
347 case SSL3_ST_SR_FINISHED_B:
348 case SSL3_ST_CR_FINISHED_B:
349 return "3RFINB";
350
351 case SSL3_ST_SW_HELLO_REQ_A:
352 return "3WHR_A";
353 case SSL3_ST_SW_HELLO_REQ_B:
354 return "3WHR_B";
355 case SSL3_ST_SW_HELLO_REQ_C:
356 return "3WHR_C";
357 case SSL3_ST_SR_CLNT_HELLO_A:
358 return "3RCH_A";
359 case SSL3_ST_SR_CLNT_HELLO_B:
360 return "3RCH_B";
361 case SSL3_ST_SR_CLNT_HELLO_C:
362 return "3RCH_C";
363 case SSL3_ST_SW_SRVR_HELLO_A:
364 return "3WSH_A";
365 case SSL3_ST_SW_SRVR_HELLO_B:
366 return "3WSH_B";
367 case SSL3_ST_SW_CERT_A:
368 return "3WSC_A";
369 case SSL3_ST_SW_CERT_B:
370 return "3WSC_B";
371 case SSL3_ST_SW_KEY_EXCH_A:
372 return "3WSKEA";
373 case SSL3_ST_SW_KEY_EXCH_B:
374 return "3WSKEB";
375 case SSL3_ST_SW_CERT_REQ_A:
376 return "3WCR_A";
377 case SSL3_ST_SW_CERT_REQ_B:
378 return "3WCR_B";
379 case SSL3_ST_SW_SRVR_DONE_A:
380 return "3WSD_A";
381 case SSL3_ST_SW_SRVR_DONE_B:
382 return "3WSD_B";
383 case SSL3_ST_SR_CERT_A:
384 return "3RCC_A";
385 case SSL3_ST_SR_CERT_B:
386 return "3RCC_B";
387 case SSL3_ST_SR_KEY_EXCH_A:
388 return "3RCKEA";
389 case SSL3_ST_SR_KEY_EXCH_B:
390 return "3RCKEB";
391 case SSL3_ST_SR_CERT_VRFY_A:
392 return "3RCV_A";
393 case SSL3_ST_SR_CERT_VRFY_B:
394 return "3RCV_B";
395
396 /* DTLS */
397 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
398 return "DRCHVA";
399 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
400 return "DRCHVB";
401 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
402 return "DWCHVA";
403 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
404 return "DWCHVB";
405
406 default:
407 return "UNKWN ";
408 }
409 }
410 LSSL_ALIAS(SSL_state_string);
411
412 const char *
SSL_alert_type_string_long(int value)413 SSL_alert_type_string_long(int value)
414 {
415 value >>= 8;
416 if (value == SSL3_AL_WARNING)
417 return "warning";
418 else if (value == SSL3_AL_FATAL)
419 return "fatal";
420 else
421 return "unknown";
422 }
423 LSSL_ALIAS(SSL_alert_type_string_long);
424
425 const char *
SSL_alert_type_string(int value)426 SSL_alert_type_string(int value)
427 {
428 value >>= 8;
429 if (value == SSL3_AL_WARNING)
430 return "W";
431 else if (value == SSL3_AL_FATAL)
432 return "F";
433 else
434 return "U";
435 }
436 LSSL_ALIAS(SSL_alert_type_string);
437
438 const char *
SSL_alert_desc_string(int value)439 SSL_alert_desc_string(int value)
440 {
441 switch (value & 0xff) {
442 case SSL_AD_CLOSE_NOTIFY:
443 return "CN";
444 case SSL_AD_UNEXPECTED_MESSAGE:
445 return "UM";
446 case SSL_AD_BAD_RECORD_MAC:
447 return "BM";
448 case SSL_AD_RECORD_OVERFLOW:
449 return "RO";
450 case SSL_AD_DECOMPRESSION_FAILURE:
451 return "DF";
452 case SSL_AD_HANDSHAKE_FAILURE:
453 return "HF";
454 case SSL_AD_BAD_CERTIFICATE:
455 return "BC";
456 case SSL_AD_UNSUPPORTED_CERTIFICATE:
457 return "UC";
458 case SSL_AD_CERTIFICATE_REVOKED:
459 return "CR";
460 case SSL_AD_CERTIFICATE_EXPIRED:
461 return "CE";
462 case SSL_AD_CERTIFICATE_UNKNOWN:
463 return "CU";
464 case SSL_AD_ILLEGAL_PARAMETER:
465 return "IP";
466 case SSL_AD_UNKNOWN_CA:
467 return "CA";
468 case SSL_AD_ACCESS_DENIED:
469 return "AD";
470 case SSL_AD_DECODE_ERROR:
471 return "DE";
472 case SSL_AD_DECRYPT_ERROR:
473 return "CY";
474 case SSL_AD_PROTOCOL_VERSION:
475 return "PV";
476 case SSL_AD_INSUFFICIENT_SECURITY:
477 return "IS";
478 case SSL_AD_INTERNAL_ERROR:
479 return "IE";
480 case SSL_AD_INAPPROPRIATE_FALLBACK:
481 return "IF";
482 case SSL_AD_USER_CANCELLED:
483 return "US";
484 case SSL_AD_NO_RENEGOTIATION:
485 return "NR";
486 case SSL_AD_MISSING_EXTENSION:
487 return "ME";
488 case SSL_AD_UNSUPPORTED_EXTENSION:
489 return "UE";
490 case SSL_AD_CERTIFICATE_UNOBTAINABLE:
491 return "CO";
492 case SSL_AD_UNRECOGNIZED_NAME:
493 return "UN";
494 case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
495 return "BR";
496 case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
497 return "BH";
498 case SSL_AD_UNKNOWN_PSK_IDENTITY:
499 return "UP";
500 case SSL_AD_CERTIFICATE_REQUIRED:
501 return "CQ"; /* XXX */
502 case SSL_AD_NO_APPLICATION_PROTOCOL:
503 return "AP";
504 default:
505 return "UK";
506 }
507 }
508 LSSL_ALIAS(SSL_alert_desc_string);
509
510 const char *
SSL_alert_desc_string_long(int value)511 SSL_alert_desc_string_long(int value)
512 {
513 switch (value & 0xff) {
514 case SSL_AD_CLOSE_NOTIFY:
515 return "close notify";
516 case SSL_AD_UNEXPECTED_MESSAGE:
517 return "unexpected_message";
518 case SSL_AD_BAD_RECORD_MAC:
519 return "bad record mac";
520 case SSL_AD_RECORD_OVERFLOW:
521 return "record overflow";
522 case SSL_AD_DECOMPRESSION_FAILURE:
523 return "decompression failure";
524 case SSL_AD_HANDSHAKE_FAILURE:
525 return "handshake failure";
526 case SSL_AD_BAD_CERTIFICATE:
527 return "bad certificate";
528 case SSL_AD_UNSUPPORTED_CERTIFICATE:
529 return "unsupported certificate";
530 case SSL_AD_CERTIFICATE_REVOKED:
531 return "certificate revoked";
532 case SSL_AD_CERTIFICATE_EXPIRED:
533 return "certificate expired";
534 case SSL_AD_CERTIFICATE_UNKNOWN:
535 return "certificate unknown";
536 case SSL_AD_ILLEGAL_PARAMETER:
537 return "illegal parameter";
538 case SSL_AD_UNKNOWN_CA:
539 return "unknown CA";
540 case SSL_AD_ACCESS_DENIED:
541 return "access denied";
542 case SSL_AD_DECODE_ERROR:
543 return "decode error";
544 case SSL_AD_DECRYPT_ERROR:
545 return "decrypt error";
546 case SSL_AD_PROTOCOL_VERSION:
547 return "protocol version";
548 case SSL_AD_INSUFFICIENT_SECURITY:
549 return "insufficient security";
550 case SSL_AD_INTERNAL_ERROR:
551 return "internal error";
552 case SSL_AD_INAPPROPRIATE_FALLBACK:
553 return "inappropriate fallback";
554 case SSL_AD_USER_CANCELLED:
555 return "user canceled";
556 case SSL_AD_NO_RENEGOTIATION:
557 return "no renegotiation";
558 case SSL_AD_MISSING_EXTENSION:
559 return "missing extension";
560 case SSL_AD_UNSUPPORTED_EXTENSION:
561 return "unsupported extension";
562 case SSL_AD_CERTIFICATE_UNOBTAINABLE:
563 return "certificate unobtainable";
564 case SSL_AD_UNRECOGNIZED_NAME:
565 return "unrecognized name";
566 case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
567 return "bad certificate status response";
568 case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
569 return "bad certificate hash value";
570 case SSL_AD_UNKNOWN_PSK_IDENTITY:
571 return "unknown PSK identity";
572 case SSL_AD_CERTIFICATE_REQUIRED:
573 return "certificate required";
574 case SSL_AD_NO_APPLICATION_PROTOCOL:
575 return "no application protocol";
576 default:
577 return "unknown";
578 }
579 }
580 LSSL_ALIAS(SSL_alert_desc_string_long);
581
582 const char *
SSL_rstate_string(const SSL * s)583 SSL_rstate_string(const SSL *s)
584 {
585 switch (s->rstate) {
586 case SSL_ST_READ_HEADER:
587 return "RH";
588 case SSL_ST_READ_BODY:
589 return "RB";
590 case SSL_ST_READ_DONE:
591 return "RD";
592 default:
593 return "unknown";
594 }
595 }
596 LSSL_ALIAS(SSL_rstate_string);
597