1 /* $OpenBSD: ssl_stat.c,v 1.23 2024/10/12 03:54:18 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright 2005 Nokia. All rights reserved. 60 * 61 * The portions of the attached software ("Contribution") is developed by 62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 63 * license. 64 * 65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 67 * support (see RFC 4279) to OpenSSL. 68 * 69 * No patent licenses or other rights except those expressly stated in 70 * the OpenSSL open source license shall be deemed granted or received 71 * expressly, by implication, estoppel, or otherwise. 72 * 73 * No assurances are provided by Nokia that the Contribution does not 74 * infringe the patent or other intellectual property rights of any third 75 * party or that the license provides you with all the necessary rights 76 * to make use of the Contribution. 77 * 78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 82 * OTHERWISE. 83 */ 84 85 #include <stdio.h> 86 87 #include "ssl_local.h" 88 89 const char * 90 SSL_state_string_long(const SSL *s) 91 { 92 switch (s->s3->hs.state) { 93 case SSL_ST_BEFORE: 94 return "before SSL initialization"; 95 case SSL_ST_ACCEPT: 96 return "before accept initialization"; 97 case SSL_ST_CONNECT: 98 return "before connect initialization"; 99 case SSL_ST_OK: 100 return "SSL negotiation finished successfully"; 101 case SSL_ST_RENEGOTIATE: 102 return "SSL renegotiate ciphers"; 103 case SSL_ST_BEFORE|SSL_ST_CONNECT: 104 return "before/connect initialization"; 105 case SSL_ST_OK|SSL_ST_CONNECT: 106 return "ok/connect SSL initialization"; 107 case SSL_ST_BEFORE|SSL_ST_ACCEPT: 108 return "before/accept initialization"; 109 case SSL_ST_OK|SSL_ST_ACCEPT: 110 return "ok/accept SSL initialization"; 111 112 /* SSLv3 additions */ 113 case SSL3_ST_CW_CLNT_HELLO_A: 114 return "SSLv3 write client hello A"; 115 case SSL3_ST_CW_CLNT_HELLO_B: 116 return "SSLv3 write client hello B"; 117 case SSL3_ST_CR_SRVR_HELLO_A: 118 return "SSLv3 read server hello A"; 119 case SSL3_ST_CR_SRVR_HELLO_B: 120 return "SSLv3 read server hello B"; 121 case SSL3_ST_CR_CERT_A: 122 return "SSLv3 read server certificate A"; 123 case SSL3_ST_CR_CERT_B: 124 return "SSLv3 read server certificate B"; 125 case SSL3_ST_CR_KEY_EXCH_A: 126 return "SSLv3 read server key exchange A"; 127 case SSL3_ST_CR_KEY_EXCH_B: 128 return "SSLv3 read server key exchange B"; 129 case SSL3_ST_CR_CERT_REQ_A: 130 return "SSLv3 read server certificate request A"; 131 case SSL3_ST_CR_CERT_REQ_B: 132 return "SSLv3 read server certificate request B"; 133 case SSL3_ST_CR_SESSION_TICKET_A: 134 return "SSLv3 read server session ticket A"; 135 case SSL3_ST_CR_SESSION_TICKET_B: 136 return "SSLv3 read server session ticket B"; 137 case SSL3_ST_CR_SRVR_DONE_A: 138 return "SSLv3 read server done A"; 139 case SSL3_ST_CR_SRVR_DONE_B: 140 return "SSLv3 read server done B"; 141 case SSL3_ST_CW_CERT_A: 142 return "SSLv3 write client certificate A"; 143 case SSL3_ST_CW_CERT_B: 144 return "SSLv3 write client certificate B"; 145 case SSL3_ST_CW_CERT_C: 146 return "SSLv3 write client certificate C"; 147 case SSL3_ST_CW_CERT_D: 148 return "SSLv3 write client certificate D"; 149 case SSL3_ST_CW_KEY_EXCH_A: 150 return "SSLv3 write client key exchange A"; 151 case SSL3_ST_CW_KEY_EXCH_B: 152 return "SSLv3 write client key exchange B"; 153 case SSL3_ST_CW_CERT_VRFY_A: 154 return "SSLv3 write certificate verify A"; 155 case SSL3_ST_CW_CERT_VRFY_B: 156 return "SSLv3 write certificate verify B"; 157 158 case SSL3_ST_CW_CHANGE_A: 159 case SSL3_ST_SW_CHANGE_A: 160 return "SSLv3 write change cipher spec A"; 161 case SSL3_ST_CW_CHANGE_B: 162 case SSL3_ST_SW_CHANGE_B: 163 return "SSLv3 write change cipher spec B"; 164 case SSL3_ST_CW_FINISHED_A: 165 case SSL3_ST_SW_FINISHED_A: 166 return "SSLv3 write finished A"; 167 case SSL3_ST_CW_FINISHED_B: 168 case SSL3_ST_SW_FINISHED_B: 169 return "SSLv3 write finished B"; 170 case SSL3_ST_CR_CHANGE_A: 171 case SSL3_ST_SR_CHANGE_A: 172 return "SSLv3 read change cipher spec A"; 173 case SSL3_ST_CR_CHANGE_B: 174 case SSL3_ST_SR_CHANGE_B: 175 return "SSLv3 read change cipher spec B"; 176 case SSL3_ST_CR_FINISHED_A: 177 case SSL3_ST_SR_FINISHED_A: 178 return "SSLv3 read finished A"; 179 case SSL3_ST_CR_FINISHED_B: 180 case SSL3_ST_SR_FINISHED_B: 181 return "SSLv3 read finished B"; 182 183 case SSL3_ST_CW_FLUSH: 184 case SSL3_ST_SW_FLUSH: 185 return "SSLv3 flush data"; 186 187 case SSL3_ST_SR_CLNT_HELLO_A: 188 return "SSLv3 read client hello A"; 189 case SSL3_ST_SR_CLNT_HELLO_B: 190 return "SSLv3 read client hello B"; 191 case SSL3_ST_SR_CLNT_HELLO_C: 192 return "SSLv3 read client hello C"; 193 case SSL3_ST_SW_HELLO_REQ_A: 194 return "SSLv3 write hello request A"; 195 case SSL3_ST_SW_HELLO_REQ_B: 196 return "SSLv3 write hello request B"; 197 case SSL3_ST_SW_HELLO_REQ_C: 198 return "SSLv3 write hello request C"; 199 case SSL3_ST_SW_SRVR_HELLO_A: 200 return "SSLv3 write server hello A"; 201 case SSL3_ST_SW_SRVR_HELLO_B: 202 return "SSLv3 write server hello B"; 203 case SSL3_ST_SW_CERT_A: 204 return "SSLv3 write certificate A"; 205 case SSL3_ST_SW_CERT_B: 206 return "SSLv3 write certificate B"; 207 case SSL3_ST_SW_KEY_EXCH_A: 208 return "SSLv3 write key exchange A"; 209 case SSL3_ST_SW_KEY_EXCH_B: 210 return "SSLv3 write key exchange B"; 211 case SSL3_ST_SW_CERT_REQ_A: 212 return "SSLv3 write certificate request A"; 213 case SSL3_ST_SW_CERT_REQ_B: 214 return "SSLv3 write certificate request B"; 215 case SSL3_ST_SW_SESSION_TICKET_A: 216 return "SSLv3 write session ticket A"; 217 case SSL3_ST_SW_SESSION_TICKET_B: 218 return "SSLv3 write session ticket B"; 219 case SSL3_ST_SW_SRVR_DONE_A: 220 return "SSLv3 write server done A"; 221 case SSL3_ST_SW_SRVR_DONE_B: 222 return "SSLv3 write server done B"; 223 case SSL3_ST_SR_CERT_A: 224 return "SSLv3 read client certificate A"; 225 case SSL3_ST_SR_CERT_B: 226 return "SSLv3 read client certificate B"; 227 case SSL3_ST_SR_KEY_EXCH_A: 228 return "SSLv3 read client key exchange A"; 229 case SSL3_ST_SR_KEY_EXCH_B: 230 return "SSLv3 read client key exchange B"; 231 case SSL3_ST_SR_CERT_VRFY_A: 232 return "SSLv3 read certificate verify A"; 233 case SSL3_ST_SR_CERT_VRFY_B: 234 return "SSLv3 read certificate verify B"; 235 236 /* DTLS */ 237 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 238 return "DTLS1 read hello verify request A"; 239 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: 240 return "DTLS1 read hello verify request B"; 241 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 242 return "DTLS1 write hello verify request A"; 243 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 244 return "DTLS1 write hello verify request B"; 245 246 default: 247 return "unknown state"; 248 } 249 } 250 LSSL_ALIAS(SSL_state_string_long); 251 252 const char * 253 SSL_rstate_string_long(const SSL *s) 254 { 255 switch (s->rstate) { 256 case SSL_ST_READ_HEADER: 257 return "read header"; 258 case SSL_ST_READ_BODY: 259 return "read body"; 260 case SSL_ST_READ_DONE: 261 return "read done"; 262 default: 263 return "unknown"; 264 } 265 } 266 LSSL_ALIAS(SSL_rstate_string_long); 267 268 const char * 269 SSL_state_string(const SSL *s) 270 { 271 switch (s->s3->hs.state) { 272 case SSL_ST_BEFORE: 273 return "PINIT "; 274 case SSL_ST_ACCEPT: 275 return "AINIT "; 276 case SSL_ST_CONNECT: 277 return "CINIT "; 278 case SSL_ST_OK: 279 return "SSLOK "; 280 281 /* SSLv3 additions */ 282 case SSL3_ST_SW_FLUSH: 283 case SSL3_ST_CW_FLUSH: 284 return "3FLUSH"; 285 case SSL3_ST_CW_CLNT_HELLO_A: 286 return "3WCH_A"; 287 case SSL3_ST_CW_CLNT_HELLO_B: 288 return "3WCH_B"; 289 case SSL3_ST_CR_SRVR_HELLO_A: 290 return "3RSH_A"; 291 case SSL3_ST_CR_SRVR_HELLO_B: 292 return "3RSH_B"; 293 case SSL3_ST_CR_CERT_A: 294 return "3RSC_A"; 295 case SSL3_ST_CR_CERT_B: 296 return "3RSC_B"; 297 case SSL3_ST_CR_KEY_EXCH_A: 298 return "3RSKEA"; 299 case SSL3_ST_CR_KEY_EXCH_B: 300 return "3RSKEB"; 301 case SSL3_ST_CR_CERT_REQ_A: 302 return "3RCR_A"; 303 case SSL3_ST_CR_CERT_REQ_B: 304 return "3RCR_B"; 305 case SSL3_ST_CR_SRVR_DONE_A: 306 return "3RSD_A"; 307 case SSL3_ST_CR_SRVR_DONE_B: 308 return "3RSD_B"; 309 case SSL3_ST_CW_CERT_A: 310 return "3WCC_A"; 311 case SSL3_ST_CW_CERT_B: 312 return "3WCC_B"; 313 case SSL3_ST_CW_CERT_C: 314 return "3WCC_C"; 315 case SSL3_ST_CW_CERT_D: 316 return "3WCC_D"; 317 case SSL3_ST_CW_KEY_EXCH_A: 318 return "3WCKEA"; 319 case SSL3_ST_CW_KEY_EXCH_B: 320 return "3WCKEB"; 321 case SSL3_ST_CW_CERT_VRFY_A: 322 return "3WCV_A"; 323 case SSL3_ST_CW_CERT_VRFY_B: 324 return "3WCV_B"; 325 326 case SSL3_ST_SW_CHANGE_A: 327 case SSL3_ST_CW_CHANGE_A: 328 return "3WCCSA"; 329 case SSL3_ST_SW_CHANGE_B: 330 case SSL3_ST_CW_CHANGE_B: 331 return "3WCCSB"; 332 case SSL3_ST_SW_FINISHED_A: 333 case SSL3_ST_CW_FINISHED_A: 334 return "3WFINA"; 335 case SSL3_ST_SW_FINISHED_B: 336 case SSL3_ST_CW_FINISHED_B: 337 return "3WFINB"; 338 case SSL3_ST_SR_CHANGE_A: 339 case SSL3_ST_CR_CHANGE_A: 340 return "3RCCSA"; 341 case SSL3_ST_SR_CHANGE_B: 342 case SSL3_ST_CR_CHANGE_B: 343 return "3RCCSB"; 344 case SSL3_ST_SR_FINISHED_A: 345 case SSL3_ST_CR_FINISHED_A: 346 return "3RFINA"; 347 case SSL3_ST_SR_FINISHED_B: 348 case SSL3_ST_CR_FINISHED_B: 349 return "3RFINB"; 350 351 case SSL3_ST_SW_HELLO_REQ_A: 352 return "3WHR_A"; 353 case SSL3_ST_SW_HELLO_REQ_B: 354 return "3WHR_B"; 355 case SSL3_ST_SW_HELLO_REQ_C: 356 return "3WHR_C"; 357 case SSL3_ST_SR_CLNT_HELLO_A: 358 return "3RCH_A"; 359 case SSL3_ST_SR_CLNT_HELLO_B: 360 return "3RCH_B"; 361 case SSL3_ST_SR_CLNT_HELLO_C: 362 return "3RCH_C"; 363 case SSL3_ST_SW_SRVR_HELLO_A: 364 return "3WSH_A"; 365 case SSL3_ST_SW_SRVR_HELLO_B: 366 return "3WSH_B"; 367 case SSL3_ST_SW_CERT_A: 368 return "3WSC_A"; 369 case SSL3_ST_SW_CERT_B: 370 return "3WSC_B"; 371 case SSL3_ST_SW_KEY_EXCH_A: 372 return "3WSKEA"; 373 case SSL3_ST_SW_KEY_EXCH_B: 374 return "3WSKEB"; 375 case SSL3_ST_SW_CERT_REQ_A: 376 return "3WCR_A"; 377 case SSL3_ST_SW_CERT_REQ_B: 378 return "3WCR_B"; 379 case SSL3_ST_SW_SRVR_DONE_A: 380 return "3WSD_A"; 381 case SSL3_ST_SW_SRVR_DONE_B: 382 return "3WSD_B"; 383 case SSL3_ST_SR_CERT_A: 384 return "3RCC_A"; 385 case SSL3_ST_SR_CERT_B: 386 return "3RCC_B"; 387 case SSL3_ST_SR_KEY_EXCH_A: 388 return "3RCKEA"; 389 case SSL3_ST_SR_KEY_EXCH_B: 390 return "3RCKEB"; 391 case SSL3_ST_SR_CERT_VRFY_A: 392 return "3RCV_A"; 393 case SSL3_ST_SR_CERT_VRFY_B: 394 return "3RCV_B"; 395 396 /* DTLS */ 397 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 398 return "DRCHVA"; 399 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: 400 return "DRCHVB"; 401 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 402 return "DWCHVA"; 403 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 404 return "DWCHVB"; 405 406 default: 407 return "UNKWN "; 408 } 409 } 410 LSSL_ALIAS(SSL_state_string); 411 412 const char * 413 SSL_alert_type_string_long(int value) 414 { 415 value >>= 8; 416 if (value == SSL3_AL_WARNING) 417 return "warning"; 418 else if (value == SSL3_AL_FATAL) 419 return "fatal"; 420 else 421 return "unknown"; 422 } 423 LSSL_ALIAS(SSL_alert_type_string_long); 424 425 const char * 426 SSL_alert_type_string(int value) 427 { 428 value >>= 8; 429 if (value == SSL3_AL_WARNING) 430 return "W"; 431 else if (value == SSL3_AL_FATAL) 432 return "F"; 433 else 434 return "U"; 435 } 436 LSSL_ALIAS(SSL_alert_type_string); 437 438 const char * 439 SSL_alert_desc_string(int value) 440 { 441 switch (value & 0xff) { 442 case SSL_AD_CLOSE_NOTIFY: 443 return "CN"; 444 case SSL_AD_UNEXPECTED_MESSAGE: 445 return "UM"; 446 case SSL_AD_BAD_RECORD_MAC: 447 return "BM"; 448 case SSL_AD_RECORD_OVERFLOW: 449 return "RO"; 450 case SSL_AD_DECOMPRESSION_FAILURE: 451 return "DF"; 452 case SSL_AD_HANDSHAKE_FAILURE: 453 return "HF"; 454 case SSL_AD_BAD_CERTIFICATE: 455 return "BC"; 456 case SSL_AD_UNSUPPORTED_CERTIFICATE: 457 return "UC"; 458 case SSL_AD_CERTIFICATE_REVOKED: 459 return "CR"; 460 case SSL_AD_CERTIFICATE_EXPIRED: 461 return "CE"; 462 case SSL_AD_CERTIFICATE_UNKNOWN: 463 return "CU"; 464 case SSL_AD_ILLEGAL_PARAMETER: 465 return "IP"; 466 case SSL_AD_UNKNOWN_CA: 467 return "CA"; 468 case SSL_AD_ACCESS_DENIED: 469 return "AD"; 470 case SSL_AD_DECODE_ERROR: 471 return "DE"; 472 case SSL_AD_DECRYPT_ERROR: 473 return "CY"; 474 case SSL_AD_PROTOCOL_VERSION: 475 return "PV"; 476 case SSL_AD_INSUFFICIENT_SECURITY: 477 return "IS"; 478 case SSL_AD_INTERNAL_ERROR: 479 return "IE"; 480 case SSL_AD_INAPPROPRIATE_FALLBACK: 481 return "IF"; 482 case SSL_AD_USER_CANCELLED: 483 return "US"; 484 case SSL_AD_NO_RENEGOTIATION: 485 return "NR"; 486 case SSL_AD_MISSING_EXTENSION: 487 return "ME"; 488 case SSL_AD_UNSUPPORTED_EXTENSION: 489 return "UE"; 490 case SSL_AD_CERTIFICATE_UNOBTAINABLE: 491 return "CO"; 492 case SSL_AD_UNRECOGNIZED_NAME: 493 return "UN"; 494 case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 495 return "BR"; 496 case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: 497 return "BH"; 498 case SSL_AD_UNKNOWN_PSK_IDENTITY: 499 return "UP"; 500 case SSL_AD_CERTIFICATE_REQUIRED: 501 return "CQ"; /* XXX */ 502 case SSL_AD_NO_APPLICATION_PROTOCOL: 503 return "AP"; 504 default: 505 return "UK"; 506 } 507 } 508 LSSL_ALIAS(SSL_alert_desc_string); 509 510 const char * 511 SSL_alert_desc_string_long(int value) 512 { 513 switch (value & 0xff) { 514 case SSL_AD_CLOSE_NOTIFY: 515 return "close notify"; 516 case SSL_AD_UNEXPECTED_MESSAGE: 517 return "unexpected_message"; 518 case SSL_AD_BAD_RECORD_MAC: 519 return "bad record mac"; 520 case SSL_AD_RECORD_OVERFLOW: 521 return "record overflow"; 522 case SSL_AD_DECOMPRESSION_FAILURE: 523 return "decompression failure"; 524 case SSL_AD_HANDSHAKE_FAILURE: 525 return "handshake failure"; 526 case SSL_AD_BAD_CERTIFICATE: 527 return "bad certificate"; 528 case SSL_AD_UNSUPPORTED_CERTIFICATE: 529 return "unsupported certificate"; 530 case SSL_AD_CERTIFICATE_REVOKED: 531 return "certificate revoked"; 532 case SSL_AD_CERTIFICATE_EXPIRED: 533 return "certificate expired"; 534 case SSL_AD_CERTIFICATE_UNKNOWN: 535 return "certificate unknown"; 536 case SSL_AD_ILLEGAL_PARAMETER: 537 return "illegal parameter"; 538 case SSL_AD_UNKNOWN_CA: 539 return "unknown CA"; 540 case SSL_AD_ACCESS_DENIED: 541 return "access denied"; 542 case SSL_AD_DECODE_ERROR: 543 return "decode error"; 544 case SSL_AD_DECRYPT_ERROR: 545 return "decrypt error"; 546 case SSL_AD_PROTOCOL_VERSION: 547 return "protocol version"; 548 case SSL_AD_INSUFFICIENT_SECURITY: 549 return "insufficient security"; 550 case SSL_AD_INTERNAL_ERROR: 551 return "internal error"; 552 case SSL_AD_INAPPROPRIATE_FALLBACK: 553 return "inappropriate fallback"; 554 case SSL_AD_USER_CANCELLED: 555 return "user canceled"; 556 case SSL_AD_NO_RENEGOTIATION: 557 return "no renegotiation"; 558 case SSL_AD_MISSING_EXTENSION: 559 return "missing extension"; 560 case SSL_AD_UNSUPPORTED_EXTENSION: 561 return "unsupported extension"; 562 case SSL_AD_CERTIFICATE_UNOBTAINABLE: 563 return "certificate unobtainable"; 564 case SSL_AD_UNRECOGNIZED_NAME: 565 return "unrecognized name"; 566 case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 567 return "bad certificate status response"; 568 case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: 569 return "bad certificate hash value"; 570 case SSL_AD_UNKNOWN_PSK_IDENTITY: 571 return "unknown PSK identity"; 572 case SSL_AD_CERTIFICATE_REQUIRED: 573 return "certificate required"; 574 case SSL_AD_NO_APPLICATION_PROTOCOL: 575 return "no application protocol"; 576 default: 577 return "unknown"; 578 } 579 } 580 LSSL_ALIAS(SSL_alert_desc_string_long); 581 582 const char * 583 SSL_rstate_string(const SSL *s) 584 { 585 switch (s->rstate) { 586 case SSL_ST_READ_HEADER: 587 return "RH"; 588 case SSL_ST_READ_BODY: 589 return "RB"; 590 case SSL_ST_READ_DONE: 591 return "RD"; 592 default: 593 return "unknown"; 594 } 595 } 596 LSSL_ALIAS(SSL_rstate_string); 597