From 739a543ea863682f157e9aa0ee382367eb3d187c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Sun, 8 Jan 2006 19:42:30 +0000 Subject: [PATCH] Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) --- crypto/asn1/t_pkey.c | 4 +- crypto/dso/dso.h | 9 ++- crypto/dso/dso_lib.c | 4 +- crypto/dso/dso_win32.c | 14 ++-- crypto/ec/ec.h | 3 +- crypto/ec/ec_lib.c | 2 +- crypto/err/openssl.ec | 5 ++ crypto/rsa/rsa.h | 4 +- engines/e_cswift.c | 2 +- ssl/s23_clnt.c | 2 +- ssl/ssl.h | 148 ++++++++++++++++++++--------------------- ssl/ssl_err.c | 15 ++--- 12 files changed, 111 insertions(+), 101 deletions(-) diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index f8821614a0..f54e5df157 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -740,7 +740,7 @@ int DSAparams_print(BIO *bp, const DSA *x) buf_len = (size_t)BN_num_bytes(x->p); else { - DSAerr(DSA_F_DSA_PRINT,DSA_R_MISSING_PARAMETERS); + DSAerr(DSA_F_DSAPARAMS_PRINT,DSA_R_MISSING_PARAMETERS); goto err; } if (x->q) @@ -752,7 +752,7 @@ int DSAparams_print(BIO *bp, const DSA *x) m=(unsigned char *)OPENSSL_malloc(buf_len+10); if (m == NULL) { - DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); + DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE); goto err; } diff --git a/crypto/dso/dso.h b/crypto/dso/dso.h index c1d0dfeebb..8934c4ee21 100644 --- a/crypto/dso/dso.h +++ b/crypto/dso/dso.h @@ -350,26 +350,31 @@ void ERR_load_DSO_strings(void); #define DSO_F_DSO_FREE 111 #define DSO_F_DSO_GET_FILENAME 127 #define DSO_F_DSO_GET_LOADED_FILENAME 128 +#define DSO_F_DSO_GLOBAL_LOOKUP 139 #define DSO_F_DSO_LOAD 112 #define DSO_F_DSO_MERGE 132 #define DSO_F_DSO_NEW_METHOD 113 +#define DSO_F_DSO_PATHBYADDR 140 #define DSO_F_DSO_SET_FILENAME 129 #define DSO_F_DSO_SET_NAME_CONVERTER 122 #define DSO_F_DSO_UP_REF 114 +#define DSO_F_GLOBAL_LOOKUP_FUNC 138 +#define DSO_F_PATHBYADDR 137 #define DSO_F_VMS_BIND_SYM 115 #define DSO_F_VMS_LOAD 116 #define DSO_F_VMS_MERGER 133 #define DSO_F_VMS_UNLOAD 117 #define DSO_F_WIN32_BIND_FUNC 118 #define DSO_F_WIN32_BIND_VAR 119 +#define DSO_F_WIN32_GLOBALLOOKUP 142 +#define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143 #define DSO_F_WIN32_JOINER 135 #define DSO_F_WIN32_LOAD 120 #define DSO_F_WIN32_MERGER 134 #define DSO_F_WIN32_NAME_CONVERTER 125 +#define DSO_F_WIN32_PATHBYADDR 141 #define DSO_F_WIN32_SPLITTER 136 #define DSO_F_WIN32_UNLOAD 121 -#define DSO_F_PATHBYADDR 137 -#define DSO_F_GLOBAL_LOOKUP_FUNC 138 /* Reason codes. */ #define DSO_R_CTRL_FAILED 100 diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c index c9d978b527..1e3d81ce4c 100644 --- a/crypto/dso/dso_lib.c +++ b/crypto/dso/dso_lib.c @@ -471,7 +471,7 @@ int DSO_pathbyaddr(void *addr,char *path,int sz) if (meth == NULL) meth = DSO_METHOD_openssl(); if (meth->pathbyaddr == NULL) { - DSOerr(DSO_F_PATHBYADDR,DSO_R_UNSUPPORTED); + DSOerr(DSO_F_DSO_PATHBYADDR,DSO_R_UNSUPPORTED); return -1; } return (*meth->pathbyaddr)(addr,path,sz); @@ -483,7 +483,7 @@ void *DSO_global_lookup(const char *name) if (meth == NULL) meth = DSO_METHOD_openssl(); if (meth->globallookup == NULL) { - DSOerr(DSO_F_GLOBAL_LOOKUP_FUNC,DSO_R_UNSUPPORTED); + DSOerr(DSO_F_DSO_GLOBAL_LOOKUP,DSO_R_UNSUPPORTED); return NULL; } return (*meth->globallookup)(name); diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c index 7a3e2b70e2..34b94b3d1d 100644 --- a/crypto/dso/dso_win32.c +++ b/crypto/dso/dso_win32.c @@ -698,7 +698,7 @@ static int win32_pathbyaddr(void *addr,char *path,int sz) dll = LoadLibrary(TEXT(DLLNAME)); if (dll == NULL) { - DSOerr(DSO_F_PATHBYADDR,DSO_R_UNSUPPORTED); + DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED); return -1; } @@ -707,7 +707,7 @@ static int win32_pathbyaddr(void *addr,char *path,int sz) if (create_snap == NULL) { FreeLibrary(dll); - DSOerr(DSO_F_PATHBYADDR,DSO_R_UNSUPPORTED); + DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED); return -1; } /* We take the rest for granted... */ @@ -724,7 +724,7 @@ static int win32_pathbyaddr(void *addr,char *path,int sz) if( hModuleSnap == INVALID_HANDLE_VALUE ) { FreeLibrary(dll); - DSOerr(DSO_F_PATHBYADDR,DSO_R_UNSUPPORTED); + DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED); return -1; } @@ -734,7 +734,7 @@ static int win32_pathbyaddr(void *addr,char *path,int sz) { (*close_snap)(hModuleSnap); FreeLibrary(dll); - DSOerr(DSO_F_PATHBYADDR,DSO_R_FAILURE); + DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_FAILURE); return -1; } @@ -786,7 +786,7 @@ static void *win32_globallookup(const char *name) dll = LoadLibrary(TEXT(DLLNAME)); if (dll == NULL) { - DSOerr(DSO_F_GLOBAL_LOOKUP_FUNC,DSO_R_UNSUPPORTED); + DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED); return NULL; } @@ -795,7 +795,7 @@ static void *win32_globallookup(const char *name) if (create_snap == NULL) { FreeLibrary(dll); - DSOerr(DSO_F_GLOBAL_LOOKUP_FUNC,DSO_R_UNSUPPORTED); + DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED); return NULL; } /* We take the rest for granted... */ @@ -812,7 +812,7 @@ static void *win32_globallookup(const char *name) if( hModuleSnap == INVALID_HANDLE_VALUE ) { FreeLibrary(dll); - DSOerr(DSO_F_PATHBYADDR,DSO_R_UNSUPPORTED); + DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED); return NULL; } diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h index 3d187e9d29..a3fec5a2df 100644 --- a/crypto/ec/ec.h +++ b/crypto/ec/ec.h @@ -932,6 +932,7 @@ void ERR_load_EC_strings(void); #define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156 #define EC_F_EC_ASN1_PARAMETERS2GROUP 157 #define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158 +#define EC_F_EC_EX_DATA_SET_DATA 211 #define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208 #define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159 #define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195 @@ -982,7 +983,7 @@ void ERR_load_EC_strings(void); #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 #define EC_F_EC_GROUP_SET_CURVE_GF2M 176 #define EC_F_EC_GROUP_SET_CURVE_GFP 109 -#define EC_F_EC_EX_DATA_SET_DATA 110 +#define EC_F_EC_GROUP_SET_EXTRA_DATA 110 #define EC_F_EC_GROUP_SET_GENERATOR 111 #define EC_F_EC_KEY_CHECK_KEY 177 #define EC_F_EC_KEY_COPY 178 diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index a987d8985d..60aa7fdeee 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -79,7 +79,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) if (meth == NULL) { - ECerr(EC_F_EC_GROUP_NEW, ERR_R_PASSED_NULL_PARAMETER); + ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL); return NULL; } if (meth->group_init == 0) diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index 64200fceba..755d56cae2 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -67,6 +67,11 @@ R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 +R SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 +R SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111 +R SSL_R_TLSV1_UNRECOGNIZED_NAME 1112 +R SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113 +R SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114 R RSAREF_R_CONTENT_ENCODING 0x0400 R RSAREF_R_DATA 0x0401 diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index a1ca34760c..d302254bb1 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -411,17 +411,17 @@ void ERR_load_RSA_strings(void); #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 -#define RSA_R_SLEN_RECOVERY_FAILED 135 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 +#define RSA_R_SLEN_CHECK_FAILED 136 +#define RSA_R_SLEN_RECOVERY_FAILED 135 #define RSA_R_SSLV3_ROLLBACK_ATTACK 115 #define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 #define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 #define RSA_R_UNKNOWN_PADDING_TYPE 118 #define RSA_R_WRONG_SIGNATURE_LENGTH 119 -#define RSA_R_SLEN_CHECK_FAILED 136 #ifdef __cplusplus } diff --git a/engines/e_cswift.c b/engines/e_cswift.c index d5f1d4e05f..e67379e23e 100644 --- a/engines/e_cswift.c +++ b/engines/e_cswift.c @@ -1089,7 +1089,7 @@ static int cswift_rand_bytes(unsigned char *buf, int num) if (swrc != SW_OK) { char tmpbuf[20]; - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", swrc); ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); goto err; diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index 3bb5adfa48..66ecbc7eed 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -422,7 +422,7 @@ static int ssl23_client_hello(SSL *s) #ifndef OPENSSL_NO_TLSEXT if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) { - SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); return -1; } #endif diff --git a/ssl/ssl.h b/ssl/ssl.h index c5581e078c..018a8c44b7 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -1114,7 +1114,8 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); PEM_ASN1_write_bio_of(SSL_SESSION,i2d_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,x,NULL,NULL,0,NULL,NULL) #endif -#define SSL_AD_REASON_OFFSET 1000 +#define SSL_AD_REASON_OFFSET 1000 /* offset to get SSL_R_... value from SSL_AD_... / + /* These alert types are for SSLv3 and TLSv1 */ #define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY #define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ @@ -1595,31 +1596,31 @@ void ERR_load_SSL_strings(void); #define SSL_F_CLIENT_HELLO 101 #define SSL_F_CLIENT_MASTER_KEY 102 #define SSL_F_D2I_SSL_SESSION 103 -#define SSL_F_DO_DTLS1_WRITE 1003 +#define SSL_F_DO_DTLS1_WRITE 245 #define SSL_F_DO_SSL3_WRITE 104 -#define SSL_F_DTLS1_ACCEPT 1004 -#define SSL_F_DTLS1_BUFFER_RECORD 1005 -#define SSL_F_DTLS1_CLIENT_HELLO 1006 -#define SSL_F_DTLS1_CONNECT 1007 -#define SSL_F_DTLS1_ENC 1008 -#define SSL_F_DTLS1_GET_HELLO_VERIFY 1009 -#define SSL_F_DTLS1_GET_MESSAGE 1010 -#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 1011 -#define SSL_F_DTLS1_GET_RECORD 1012 -#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 1013 -#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 1014 -#define SSL_F_DTLS1_PROCESS_RECORD 1015 -#define SSL_F_DTLS1_READ_BYTES 1016 -#define SSL_F_DTLS1_READ_FAILED 1001 -#define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 1017 -#define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 1018 -#define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 1019 -#define SSL_F_DTLS1_SEND_CLIENT_VERIFY 1020 -#define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 1002 -#define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 1021 -#define SSL_F_DTLS1_SEND_SERVER_HELLO 1022 -#define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 1023 -#define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 1024 +#define SSL_F_DTLS1_ACCEPT 246 +#define SSL_F_DTLS1_BUFFER_RECORD 247 +#define SSL_F_DTLS1_CLIENT_HELLO 248 +#define SSL_F_DTLS1_CONNECT 249 +#define SSL_F_DTLS1_ENC 250 +#define SSL_F_DTLS1_GET_HELLO_VERIFY 251 +#define SSL_F_DTLS1_GET_MESSAGE 252 +#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253 +#define SSL_F_DTLS1_GET_RECORD 254 +#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255 +#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256 +#define SSL_F_DTLS1_PROCESS_RECORD 257 +#define SSL_F_DTLS1_READ_BYTES 258 +#define SSL_F_DTLS1_READ_FAILED 259 +#define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260 +#define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261 +#define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262 +#define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263 +#define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264 +#define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265 +#define SSL_F_DTLS1_SEND_SERVER_HELLO 266 +#define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267 +#define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268 #define SSL_F_GET_CLIENT_FINISHED 105 #define SSL_F_GET_CLIENT_HELLO 106 #define SSL_F_GET_CLIENT_MASTER_KEY 107 @@ -1703,7 +1704,7 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL_CTRL 232 #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 #define SSL_F_SSL_CTX_NEW 169 -#define SSL_F_SSL_CTX_SET_CIPHER_LIST 1026 +#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 #define SSL_F_SSL_CTX_SET_PURPOSE 226 #define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 #define SSL_F_SSL_CTX_SET_SSL_VERSION 170 @@ -1726,7 +1727,7 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL_INIT_WBIO_BUFFER 184 #define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 #define SSL_F_SSL_NEW 186 -#define SSL_F_SSL_PEEK 1025 +#define SSL_F_SSL_PEEK 270 #define SSL_F_SSL_READ 223 #define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 #define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 @@ -1734,7 +1735,7 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL_SESSION_PRINT_FP 190 #define SSL_F_SSL_SESS_CERT_NEW 225 #define SSL_F_SSL_SET_CERT 191 -#define SSL_F_SSL_SET_CIPHER_LIST 1027 +#define SSL_F_SSL_SET_CIPHER_LIST 271 #define SSL_F_SSL_SET_FD 192 #define SSL_F_SSL_SET_PKEY 193 #define SSL_F_SSL_SET_PURPOSE 227 @@ -1777,9 +1778,9 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_DH_P_LENGTH 110 #define SSL_R_BAD_DIGEST_LENGTH 111 #define SSL_R_BAD_DSA_SIGNATURE 112 -#define SSL_R_BAD_ECC_CERT 1117 -#define SSL_R_BAD_ECDSA_SIGNATURE 1112 -#define SSL_R_BAD_ECPOINT 1113 +#define SSL_R_BAD_ECC_CERT 304 +#define SSL_R_BAD_ECDSA_SIGNATURE 305 +#define SSL_R_BAD_ECPOINT 306 #define SSL_R_BAD_HELLO_REQUEST 105 #define SSL_R_BAD_LENGTH 271 #define SSL_R_BAD_MAC_DECODE 113 @@ -1809,53 +1810,52 @@ void ERR_load_SSL_strings(void); #define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 #define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 #define SSL_R_CIPHER_TABLE_SRC_ERROR 139 -#define SSL_R_CLIENTHELLO_TLS_EXT 2003 +#define SSL_R_CLIENTHELLO_TLS_EXT 316 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 #define SSL_R_COMPRESSION_FAILURE 141 -#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 1120 +#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307 #define SSL_R_COMPRESSION_LIBRARY_ERROR 142 #define SSL_R_CONNECTION_ID_IS_DIFFERENT 143 #define SSL_R_CONNECTION_TYPE_NOT_SET 144 -#define SSL_R_COOKIE_MISMATCH 2002 +#define SSL_R_COOKIE_MISMATCH 308 #define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 #define SSL_R_DATA_LENGTH_TOO_LONG 146 #define SSL_R_DECRYPTION_FAILED 147 -#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 1109 +#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 #define SSL_R_DIGEST_CHECK_FAILED 149 -#define SSL_R_DUPLICATE_COMPRESSION_ID 1121 -#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 1119 +#define SSL_R_DUPLICATE_COMPRESSION_ID 309 +#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 -#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092 +#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 #define SSL_R_HTTPS_PROXY_REQUEST 155 #define SSL_R_HTTP_REQUEST 156 -#define SSL_R_ILLEGAL_PADDING 1110 +#define SSL_R_ILLEGAL_PADDING 283 #define SSL_R_INVALID_CHALLENGE_LENGTH 158 #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_PURPOSE 278 #define SSL_R_INVALID_TRUST 279 -#define SSL_R_KEY_ARG_TOO_LONG 1112 -#define SSL_R_KRB5 1104 -#define SSL_R_KRB5_C_CC_PRINC 1094 -#define SSL_R_KRB5_C_GET_CRED 1095 -#define SSL_R_KRB5_C_INIT 1096 -#define SSL_R_KRB5_C_MK_REQ 1097 -#define SSL_R_KRB5_S_BAD_TICKET 1098 -#define SSL_R_KRB5_S_INIT 1099 -#define SSL_R_KRB5_S_RD_REQ 1108 -#define SSL_R_KRB5_S_TKT_EXPIRED 1105 -#define SSL_R_KRB5_S_TKT_NYV 1106 -#define SSL_R_KRB5_S_TKT_SKEW 1107 +#define SSL_R_KEY_ARG_TOO_LONG 284 +#define SSL_R_KRB5 285 +#define SSL_R_KRB5_C_CC_PRINC 286 +#define SSL_R_KRB5_C_GET_CRED 287 +#define SSL_R_KRB5_C_INIT 288 +#define SSL_R_KRB5_C_MK_REQ 289 +#define SSL_R_KRB5_S_BAD_TICKET 290 +#define SSL_R_KRB5_S_INIT 291 +#define SSL_R_KRB5_S_RD_REQ 292 +#define SSL_R_KRB5_S_TKT_EXPIRED 293 +#define SSL_R_KRB5_S_TKT_NYV 294 +#define SSL_R_KRB5_S_TKT_SKEW 295 #define SSL_R_LENGTH_MISMATCH 159 #define SSL_R_LENGTH_TOO_SHORT 160 #define SSL_R_LIBRARY_BUG 274 #define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 -#define SSL_R_MASTER_KEY_TOO_LONG 1112 -#define SSL_R_MESSAGE_TOO_LONG 1111 +#define SSL_R_MESSAGE_TOO_LONG 296 #define SSL_R_MISSING_DH_DSA_CERT 162 #define SSL_R_MISSING_DH_KEY 163 #define SSL_R_MISSING_DH_RSA_CERT 164 @@ -1866,7 +1866,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 #define SSL_R_MISSING_RSA_SIGNING_CERT 170 #define SSL_R_MISSING_TMP_DH_KEY 171 -#define SSL_R_MISSING_TMP_ECDH_KEY 1114 +#define SSL_R_MISSING_TMP_ECDH_KEY 311 #define SSL_R_MISSING_TMP_RSA_KEY 172 #define SSL_R_MISSING_TMP_RSA_PKEY 173 #define SSL_R_MISSING_VERIFY_MESSAGE 174 @@ -1893,8 +1893,9 @@ void ERR_load_SSL_strings(void); #define SSL_R_NULL_SSL_CTX 195 #define SSL_R_NULL_SSL_METHOD_PASSED 196 #define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 +#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297 #define SSL_R_PACKET_LENGTH_TOO_LONG 198 -#define SSL_R_PARSE_TLS_EXT 2004 +#define SSL_R_PARSE_TLS_EXT 317 #define SSL_R_PATH_TOO_LONG 270 #define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 #define SSL_R_PEER_ERROR 200 @@ -1909,24 +1910,24 @@ void ERR_load_SSL_strings(void); #define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209 #define SSL_R_PUBLIC_KEY_NOT_RSA 210 #define SSL_R_READ_BIO_NOT_SET 211 -#define SSL_R_READ_TIMEOUT_EXPIRED 2001 +#define SSL_R_READ_TIMEOUT_EXPIRED 312 #define SSL_R_READ_WRONG_PACKET_TYPE 212 #define SSL_R_RECORD_LENGTH_MISMATCH 213 #define SSL_R_RECORD_TOO_LARGE 214 -#define SSL_R_RECORD_TOO_SMALL 1093 +#define SSL_R_RECORD_TOO_SMALL 298 #define SSL_R_REQUIRED_CIPHER_MISSING 215 #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 #define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 -#define SSL_R_SERVERHELLO_TLS_EXT 2005 +#define SSL_R_SERVERHELLO_TLS_EXT 318 #define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 #define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 -#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 1114 -#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 2006 -#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 2007 -#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113 +#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299 +#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319 +#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320 +#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 @@ -1937,20 +1938,15 @@ void ERR_load_SSL_strings(void); #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 #define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 223 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 224 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 225 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 -#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 227 #define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 #define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228 #define SSL_R_SSL_HANDSHAKE_FAILURE 229 #define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230 -#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 1102 -#define SSL_R_SSL_SESSION_ID_CONFLICT 1103 +#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301 +#define SSL_R_SSL_SESSION_ID_CONFLICT 302 #define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 -#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 1101 +#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303 #define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231 #define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 #define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 @@ -1964,15 +1960,20 @@ void ERR_load_SSL_strings(void); #define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 #define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 #define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 +#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114 +#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113 +#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111 +#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112 +#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 #define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 #define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 #define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 #define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 -#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 1115 +#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313 #define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237 #define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238 -#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 1116 +#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314 #define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239 #define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240 #define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241 @@ -1993,8 +1994,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_UNKNOWN_STATE 255 #define SSL_R_UNSUPPORTED_CIPHER 256 #define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257 -#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 1118 -#define SSL_R_UNSUPPORTED_OPTION 1091 +#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315 #define SSL_R_UNSUPPORTED_PROTOCOL 258 #define SSL_R_UNSUPPORTED_SSL_VERSION 259 #define SSL_R_WRITE_BIO_NOT_SET 260 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 133c4a7447..dd6657186d 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -204,7 +204,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"}, {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "SSL_GET_SIGN_PKEY"}, {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "SSL_INIT_WBIO_BUFFER"}, -{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"}, +{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_LOAD_CLIENT_CA_FILE"}, {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"}, {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"}, {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"}, @@ -337,7 +337,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_LENGTH_TOO_SHORT) ,"length too short"}, {ERR_REASON(SSL_R_LIBRARY_BUG) ,"library bug"}, {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS),"library has no ciphers"}, -{ERR_REASON(SSL_R_MASTER_KEY_TOO_LONG) ,"master key too long"}, {ERR_REASON(SSL_R_MESSAGE_TOO_LONG) ,"message too long"}, {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT) ,"missing dh dsa cert"}, {ERR_REASON(SSL_R_MISSING_DH_KEY) ,"missing dh key"}, @@ -376,6 +375,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_NULL_SSL_CTX) ,"null ssl ctx"}, {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED),"null ssl method passed"}, {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),"old session cipher not returned"}, +{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),"only tls allowed in fips mode"}, {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG),"packet length too long"}, {ERR_REASON(SSL_R_PARSE_TLS_EXT) ,"parse tls ext"}, {ERR_REASON(SSL_R_PATH_TOO_LONG) ,"path too long"}, @@ -420,12 +420,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),"sslv3 alert handshake failure"}, {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),"sslv3 alert illegal parameter"}, {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),"sslv3 alert no certificate"}, -{ERR_REASON(SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE),"sslv3 alert peer error certificate"}, -{ERR_REASON(SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE),"sslv3 alert peer error no certificate"}, -{ERR_REASON(SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER),"sslv3 alert peer error no cipher"}, -{ERR_REASON(SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),"sslv3 alert peer error unsupported certificate type"}, {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),"sslv3 alert unexpected message"}, -{ERR_REASON(SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE),"sslv3 alert unknown remote error type"}, {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),"sslv3 alert unsupported certificate"}, {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),"ssl ctx has no default ssl version"}, {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) ,"ssl handshake failure"}, @@ -447,6 +442,11 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),"tlsv1 alert record overflow"}, {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA),"tlsv1 alert unknown ca"}, {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),"tlsv1 alert user cancelled"}, +{ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),"tlsv1 bad certificate hash value"}, +{ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE),"tlsv1 bad certificate status response"}, +{ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),"tlsv1 certificate unobtainable"}, +{ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME),"tlsv1 unrecognized name"}, +{ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),"tlsv1 unsupported extension"}, {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),"tls client cert req with anon cipher"}, {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"}, {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),"tls rsa encrypted value length is wrong"}, @@ -477,7 +477,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"}, {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),"unsupported elliptic curve"}, -{ERR_REASON(SSL_R_UNSUPPORTED_OPTION) ,"unsupported option"}, {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL) ,"unsupported protocol"}, {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION),"unsupported ssl version"}, {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET) ,"write bio not set"},