1/* $OpenBSD: ssl_stat.c,v 1.21 2023/07/08 16:40:13 beck Exp $ */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright 2005 Nokia. All rights reserved. 60 * 61 * The portions of the attached software ("Contribution") is developed by 62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 63 * license. 64 * 65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 67 * support (see RFC 4279) to OpenSSL. 68 * 69 * No patent licenses or other rights except those expressly stated in 70 * the OpenSSL open source license shall be deemed granted or received 71 * expressly, by implication, estoppel, or otherwise. 72 * 73 * No assurances are provided by Nokia that the Contribution does not 74 * infringe the patent or other intellectual property rights of any third 75 * party or that the license provides you with all the necessary rights 76 * to make use of the Contribution. 77 * 78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 82 * OTHERWISE. 83 */ 84 85#include <stdio.h> 86 87#include "ssl_local.h" 88 89const char * 90SSL_state_string_long(const SSL *s) 91{ 92 const char *str; 93 94 switch (s->s3->hs.state) { 95 case SSL_ST_BEFORE: 96 str = "before SSL initialization"; 97 break; 98 case SSL_ST_ACCEPT: 99 str = "before accept initialization"; 100 break; 101 case SSL_ST_CONNECT: 102 str = "before connect initialization"; 103 break; 104 case SSL_ST_OK: 105 str = "SSL negotiation finished successfully"; 106 break; 107 case SSL_ST_RENEGOTIATE: 108 str = "SSL renegotiate ciphers"; 109 break; 110 case SSL_ST_BEFORE|SSL_ST_CONNECT: 111 str = "before/connect initialization"; 112 break; 113 case SSL_ST_OK|SSL_ST_CONNECT: 114 str = "ok/connect SSL initialization"; 115 break; 116 case SSL_ST_BEFORE|SSL_ST_ACCEPT: 117 str = "before/accept initialization"; 118 break; 119 case SSL_ST_OK|SSL_ST_ACCEPT: 120 str = "ok/accept SSL initialization"; 121 break; 122 123 /* SSLv3 additions */ 124 case SSL3_ST_CW_CLNT_HELLO_A: 125 str = "SSLv3 write client hello A"; 126 break; 127 case SSL3_ST_CW_CLNT_HELLO_B: 128 str = "SSLv3 write client hello B"; 129 break; 130 case SSL3_ST_CR_SRVR_HELLO_A: 131 str = "SSLv3 read server hello A"; 132 break; 133 case SSL3_ST_CR_SRVR_HELLO_B: 134 str = "SSLv3 read server hello B"; 135 break; 136 case SSL3_ST_CR_CERT_A: 137 str = "SSLv3 read server certificate A"; 138 break; 139 case SSL3_ST_CR_CERT_B: 140 str = "SSLv3 read server certificate B"; 141 break; 142 case SSL3_ST_CR_KEY_EXCH_A: 143 str = "SSLv3 read server key exchange A"; 144 break; 145 case SSL3_ST_CR_KEY_EXCH_B: 146 str = "SSLv3 read server key exchange B"; 147 break; 148 case SSL3_ST_CR_CERT_REQ_A: 149 str = "SSLv3 read server certificate request A"; 150 break; 151 case SSL3_ST_CR_CERT_REQ_B: 152 str = "SSLv3 read server certificate request B"; 153 break; 154 case SSL3_ST_CR_SESSION_TICKET_A: 155 str = "SSLv3 read server session ticket A"; 156 break; 157 case SSL3_ST_CR_SESSION_TICKET_B: 158 str = "SSLv3 read server session ticket B"; 159 break; 160 case SSL3_ST_CR_SRVR_DONE_A: 161 str = "SSLv3 read server done A"; 162 break; 163 case SSL3_ST_CR_SRVR_DONE_B: 164 str = "SSLv3 read server done B"; 165 break; 166 case SSL3_ST_CW_CERT_A: 167 str = "SSLv3 write client certificate A"; 168 break; 169 case SSL3_ST_CW_CERT_B: 170 str = "SSLv3 write client certificate B"; 171 break; 172 case SSL3_ST_CW_CERT_C: 173 str = "SSLv3 write client certificate C"; 174 break; 175 case SSL3_ST_CW_CERT_D: 176 str = "SSLv3 write client certificate D"; 177 break; 178 case SSL3_ST_CW_KEY_EXCH_A: 179 str = "SSLv3 write client key exchange A"; 180 break; 181 case SSL3_ST_CW_KEY_EXCH_B: 182 str = "SSLv3 write client key exchange B"; 183 break; 184 case SSL3_ST_CW_CERT_VRFY_A: 185 str = "SSLv3 write certificate verify A"; 186 break; 187 case SSL3_ST_CW_CERT_VRFY_B: 188 str = "SSLv3 write certificate verify B"; 189 break; 190 191 case SSL3_ST_CW_CHANGE_A: 192 case SSL3_ST_SW_CHANGE_A: 193 str = "SSLv3 write change cipher spec A"; 194 break; 195 case SSL3_ST_CW_CHANGE_B: 196 case SSL3_ST_SW_CHANGE_B: 197 str = "SSLv3 write change cipher spec B"; 198 break; 199 case SSL3_ST_CW_FINISHED_A: 200 case SSL3_ST_SW_FINISHED_A: 201 str = "SSLv3 write finished A"; 202 break; 203 case SSL3_ST_CW_FINISHED_B: 204 case SSL3_ST_SW_FINISHED_B: 205 str = "SSLv3 write finished B"; 206 break; 207 case SSL3_ST_CR_CHANGE_A: 208 case SSL3_ST_SR_CHANGE_A: 209 str = "SSLv3 read change cipher spec A"; 210 break; 211 case SSL3_ST_CR_CHANGE_B: 212 case SSL3_ST_SR_CHANGE_B: 213 str = "SSLv3 read change cipher spec B"; 214 break; 215 case SSL3_ST_CR_FINISHED_A: 216 case SSL3_ST_SR_FINISHED_A: 217 str = "SSLv3 read finished A"; 218 break; 219 case SSL3_ST_CR_FINISHED_B: 220 case SSL3_ST_SR_FINISHED_B: 221 str = "SSLv3 read finished B"; 222 break; 223 224 case SSL3_ST_CW_FLUSH: 225 case SSL3_ST_SW_FLUSH: 226 str = "SSLv3 flush data"; 227 break; 228 229 case SSL3_ST_SR_CLNT_HELLO_A: 230 str = "SSLv3 read client hello A"; 231 break; 232 case SSL3_ST_SR_CLNT_HELLO_B: 233 str = "SSLv3 read client hello B"; 234 break; 235 case SSL3_ST_SR_CLNT_HELLO_C: 236 str = "SSLv3 read client hello C"; 237 break; 238 case SSL3_ST_SW_HELLO_REQ_A: 239 str = "SSLv3 write hello request A"; 240 break; 241 case SSL3_ST_SW_HELLO_REQ_B: 242 str = "SSLv3 write hello request B"; 243 break; 244 case SSL3_ST_SW_HELLO_REQ_C: 245 str = "SSLv3 write hello request C"; 246 break; 247 case SSL3_ST_SW_SRVR_HELLO_A: 248 str = "SSLv3 write server hello A"; 249 break; 250 case SSL3_ST_SW_SRVR_HELLO_B: 251 str = "SSLv3 write server hello B"; 252 break; 253 case SSL3_ST_SW_CERT_A: 254 str = "SSLv3 write certificate A"; 255 break; 256 case SSL3_ST_SW_CERT_B: 257 str = "SSLv3 write certificate B"; 258 break; 259 case SSL3_ST_SW_KEY_EXCH_A: 260 str = "SSLv3 write key exchange A"; 261 break; 262 case SSL3_ST_SW_KEY_EXCH_B: 263 str = "SSLv3 write key exchange B"; 264 break; 265 case SSL3_ST_SW_CERT_REQ_A: 266 str = "SSLv3 write certificate request A"; 267 break; 268 case SSL3_ST_SW_CERT_REQ_B: 269 str = "SSLv3 write certificate request B"; 270 break; 271 case SSL3_ST_SW_SESSION_TICKET_A: 272 str = "SSLv3 write session ticket A"; 273 break; 274 case SSL3_ST_SW_SESSION_TICKET_B: 275 str = "SSLv3 write session ticket B"; 276 break; 277 case SSL3_ST_SW_SRVR_DONE_A: 278 str = "SSLv3 write server done A"; 279 break; 280 case SSL3_ST_SW_SRVR_DONE_B: 281 str = "SSLv3 write server done B"; 282 break; 283 case SSL3_ST_SR_CERT_A: 284 str = "SSLv3 read client certificate A"; 285 break; 286 case SSL3_ST_SR_CERT_B: 287 str = "SSLv3 read client certificate B"; 288 break; 289 case SSL3_ST_SR_KEY_EXCH_A: 290 str = "SSLv3 read client key exchange A"; 291 break; 292 case SSL3_ST_SR_KEY_EXCH_B: 293 str = "SSLv3 read client key exchange B"; 294 break; 295 case SSL3_ST_SR_CERT_VRFY_A: 296 str = "SSLv3 read certificate verify A"; 297 break; 298 case SSL3_ST_SR_CERT_VRFY_B: 299 str = "SSLv3 read certificate verify B"; 300 break; 301 302 /* DTLS */ 303 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 304 str = "DTLS1 read hello verify request A"; 305 break; 306 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: 307 str = "DTLS1 read hello verify request B"; 308 break; 309 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 310 str = "DTLS1 write hello verify request A"; 311 break; 312 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 313 str = "DTLS1 write hello verify request B"; 314 break; 315 316 default: 317 str = "unknown state"; 318 break; 319 } 320 return (str); 321} 322LSSL_ALIAS(SSL_state_string_long); 323 324const char * 325SSL_rstate_string_long(const SSL *s) 326{ 327 const char *str; 328 329 switch (s->rstate) { 330 case SSL_ST_READ_HEADER: 331 str = "read header"; 332 break; 333 case SSL_ST_READ_BODY: 334 str = "read body"; 335 break; 336 case SSL_ST_READ_DONE: 337 str = "read done"; 338 break; 339 default: 340 str = "unknown"; 341 break; 342 } 343 return (str); 344} 345LSSL_ALIAS(SSL_rstate_string_long); 346 347const char * 348SSL_state_string(const SSL *s) 349{ 350 const char *str; 351 352 switch (s->s3->hs.state) { 353 case SSL_ST_BEFORE: 354 str = "PINIT "; 355 break; 356 case SSL_ST_ACCEPT: 357 str = "AINIT "; 358 break; 359 case SSL_ST_CONNECT: 360 str = "CINIT "; 361 break; 362 case SSL_ST_OK: 363 str = "SSLOK "; 364 break; 365 366 /* SSLv3 additions */ 367 case SSL3_ST_SW_FLUSH: 368 case SSL3_ST_CW_FLUSH: 369 str = "3FLUSH"; 370 break; 371 case SSL3_ST_CW_CLNT_HELLO_A: 372 str = "3WCH_A"; 373 break; 374 case SSL3_ST_CW_CLNT_HELLO_B: 375 str = "3WCH_B"; 376 break; 377 case SSL3_ST_CR_SRVR_HELLO_A: 378 str = "3RSH_A"; 379 break; 380 case SSL3_ST_CR_SRVR_HELLO_B: 381 str = "3RSH_B"; 382 break; 383 case SSL3_ST_CR_CERT_A: 384 str = "3RSC_A"; 385 break; 386 case SSL3_ST_CR_CERT_B: 387 str = "3RSC_B"; 388 break; 389 case SSL3_ST_CR_KEY_EXCH_A: 390 str = "3RSKEA"; 391 break; 392 case SSL3_ST_CR_KEY_EXCH_B: 393 str = "3RSKEB"; 394 break; 395 case SSL3_ST_CR_CERT_REQ_A: 396 str = "3RCR_A"; 397 break; 398 case SSL3_ST_CR_CERT_REQ_B: 399 str = "3RCR_B"; 400 break; 401 case SSL3_ST_CR_SRVR_DONE_A: 402 str = "3RSD_A"; 403 break; 404 case SSL3_ST_CR_SRVR_DONE_B: 405 str = "3RSD_B"; 406 break; 407 case SSL3_ST_CW_CERT_A: 408 str = "3WCC_A"; 409 break; 410 case SSL3_ST_CW_CERT_B: 411 str = "3WCC_B"; 412 break; 413 case SSL3_ST_CW_CERT_C: 414 str = "3WCC_C"; 415 break; 416 case SSL3_ST_CW_CERT_D: 417 str = "3WCC_D"; 418 break; 419 case SSL3_ST_CW_KEY_EXCH_A: 420 str = "3WCKEA"; 421 break; 422 case SSL3_ST_CW_KEY_EXCH_B: 423 str = "3WCKEB"; 424 break; 425 case SSL3_ST_CW_CERT_VRFY_A: 426 str = "3WCV_A"; 427 break; 428 case SSL3_ST_CW_CERT_VRFY_B: 429 str = "3WCV_B"; 430 break; 431 432 case SSL3_ST_SW_CHANGE_A: 433 case SSL3_ST_CW_CHANGE_A: 434 str = "3WCCSA"; 435 break; 436 case SSL3_ST_SW_CHANGE_B: 437 case SSL3_ST_CW_CHANGE_B: 438 str = "3WCCSB"; 439 break; 440 case SSL3_ST_SW_FINISHED_A: 441 case SSL3_ST_CW_FINISHED_A: 442 str = "3WFINA"; 443 break; 444 case SSL3_ST_SW_FINISHED_B: 445 case SSL3_ST_CW_FINISHED_B: 446 str = "3WFINB"; 447 break; 448 case SSL3_ST_SR_CHANGE_A: 449 case SSL3_ST_CR_CHANGE_A: 450 str = "3RCCSA"; 451 break; 452 case SSL3_ST_SR_CHANGE_B: 453 case SSL3_ST_CR_CHANGE_B: 454 str = "3RCCSB"; 455 break; 456 case SSL3_ST_SR_FINISHED_A: 457 case SSL3_ST_CR_FINISHED_A: 458 str = "3RFINA"; 459 break; 460 case SSL3_ST_SR_FINISHED_B: 461 case SSL3_ST_CR_FINISHED_B: 462 str = "3RFINB"; 463 break; 464 465 case SSL3_ST_SW_HELLO_REQ_A: 466 str = "3WHR_A"; 467 break; 468 case SSL3_ST_SW_HELLO_REQ_B: 469 str = "3WHR_B"; 470 break; 471 case SSL3_ST_SW_HELLO_REQ_C: 472 str = "3WHR_C"; 473 break; 474 case SSL3_ST_SR_CLNT_HELLO_A: 475 str = "3RCH_A"; 476 break; 477 case SSL3_ST_SR_CLNT_HELLO_B: 478 str = "3RCH_B"; 479 break; 480 case SSL3_ST_SR_CLNT_HELLO_C: 481 str = "3RCH_C"; 482 break; 483 case SSL3_ST_SW_SRVR_HELLO_A: 484 str = "3WSH_A"; 485 break; 486 case SSL3_ST_SW_SRVR_HELLO_B: 487 str = "3WSH_B"; 488 break; 489 case SSL3_ST_SW_CERT_A: 490 str = "3WSC_A"; 491 break; 492 case SSL3_ST_SW_CERT_B: 493 str = "3WSC_B"; 494 break; 495 case SSL3_ST_SW_KEY_EXCH_A: 496 str = "3WSKEA"; 497 break; 498 case SSL3_ST_SW_KEY_EXCH_B: 499 str = "3WSKEB"; 500 break; 501 case SSL3_ST_SW_CERT_REQ_A: 502 str = "3WCR_A"; 503 break; 504 case SSL3_ST_SW_CERT_REQ_B: 505 str = "3WCR_B"; 506 break; 507 case SSL3_ST_SW_SRVR_DONE_A: 508 str = "3WSD_A"; 509 break; 510 case SSL3_ST_SW_SRVR_DONE_B: 511 str = "3WSD_B"; 512 break; 513 case SSL3_ST_SR_CERT_A: 514 str = "3RCC_A"; 515 break; 516 case SSL3_ST_SR_CERT_B: 517 str = "3RCC_B"; 518 break; 519 case SSL3_ST_SR_KEY_EXCH_A: 520 str = "3RCKEA"; 521 break; 522 case SSL3_ST_SR_KEY_EXCH_B: 523 str = "3RCKEB"; 524 break; 525 case SSL3_ST_SR_CERT_VRFY_A: 526 str = "3RCV_A"; 527 break; 528 case SSL3_ST_SR_CERT_VRFY_B: 529 str = "3RCV_B"; 530 break; 531 532 /* DTLS */ 533 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 534 str = "DRCHVA"; 535 break; 536 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: 537 str = "DRCHVB"; 538 break; 539 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 540 str = "DWCHVA"; 541 break; 542 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 543 str = "DWCHVB"; 544 break; 545 546 default: 547 str = "UNKWN "; 548 break; 549 } 550 return (str); 551} 552LSSL_ALIAS(SSL_state_string); 553 554const char * 555SSL_alert_type_string_long(int value) 556{ 557 value >>= 8; 558 if (value == SSL3_AL_WARNING) 559 return ("warning"); 560 else if (value == SSL3_AL_FATAL) 561 return ("fatal"); 562 else 563 return ("unknown"); 564} 565LSSL_ALIAS(SSL_alert_type_string_long); 566 567const char * 568SSL_alert_type_string(int value) 569{ 570 value >>= 8; 571 if (value == SSL3_AL_WARNING) 572 return ("W"); 573 else if (value == SSL3_AL_FATAL) 574 return ("F"); 575 else 576 return ("U"); 577} 578LSSL_ALIAS(SSL_alert_type_string); 579 580const char * 581SSL_alert_desc_string(int value) 582{ 583 const char *str; 584 585 switch (value & 0xff) { 586 case SSL_AD_CLOSE_NOTIFY: 587 str = "CN"; 588 break; 589 case SSL_AD_UNEXPECTED_MESSAGE: 590 str = "UM"; 591 break; 592 case SSL_AD_BAD_RECORD_MAC: 593 str = "BM"; 594 break; 595 case SSL_AD_DECOMPRESSION_FAILURE: 596 str = "DF"; 597 break; 598 case SSL_AD_HANDSHAKE_FAILURE: 599 str = "HF"; 600 break; 601 case SSL_AD_BAD_CERTIFICATE: 602 str = "BC"; 603 break; 604 case SSL_AD_UNSUPPORTED_CERTIFICATE: 605 str = "UC"; 606 break; 607 case SSL_AD_CERTIFICATE_REVOKED: 608 str = "CR"; 609 break; 610 case SSL_AD_CERTIFICATE_EXPIRED: 611 str = "CE"; 612 break; 613 case SSL_AD_CERTIFICATE_UNKNOWN: 614 str = "CU"; 615 break; 616 case SSL_AD_ILLEGAL_PARAMETER: 617 str = "IP"; 618 break; 619 case SSL_AD_RECORD_OVERFLOW: 620 str = "RO"; 621 break; 622 case SSL_AD_UNKNOWN_CA: 623 str = "CA"; 624 break; 625 case SSL_AD_ACCESS_DENIED: 626 str = "AD"; 627 break; 628 case SSL_AD_DECODE_ERROR: 629 str = "DE"; 630 break; 631 case SSL_AD_DECRYPT_ERROR: 632 str = "CY"; 633 break; 634 case SSL_AD_PROTOCOL_VERSION: 635 str = "PV"; 636 break; 637 case SSL_AD_INSUFFICIENT_SECURITY: 638 str = "IS"; 639 break; 640 case SSL_AD_INTERNAL_ERROR: 641 str = "IE"; 642 break; 643 case SSL_AD_USER_CANCELLED: 644 str = "US"; 645 break; 646 case SSL_AD_NO_RENEGOTIATION: 647 str = "NR"; 648 break; 649 case SSL_AD_MISSING_EXTENSION: 650 str = "ME"; 651 break; 652 case SSL_AD_UNSUPPORTED_EXTENSION: 653 str = "UE"; 654 break; 655 case SSL_AD_CERTIFICATE_UNOBTAINABLE: 656 str = "CO"; 657 break; 658 case SSL_AD_UNRECOGNIZED_NAME: 659 str = "UN"; 660 break; 661 case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 662 str = "BR"; 663 break; 664 case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: 665 str = "BH"; 666 break; 667 case SSL_AD_UNKNOWN_PSK_IDENTITY: 668 str = "UP"; 669 break; 670 default: 671 str = "UK"; 672 break; 673 } 674 return (str); 675} 676LSSL_ALIAS(SSL_alert_desc_string); 677 678const char * 679SSL_alert_desc_string_long(int value) 680{ 681 const char *str; 682 683 switch (value & 0xff) { 684 case SSL_AD_CLOSE_NOTIFY: 685 str = "close notify"; 686 break; 687 case SSL_AD_UNEXPECTED_MESSAGE: 688 str = "unexpected_message"; 689 break; 690 case SSL_AD_BAD_RECORD_MAC: 691 str = "bad record mac"; 692 break; 693 case SSL_AD_DECOMPRESSION_FAILURE: 694 str = "decompression failure"; 695 break; 696 case SSL_AD_HANDSHAKE_FAILURE: 697 str = "handshake failure"; 698 break; 699 case SSL_AD_BAD_CERTIFICATE: 700 str = "bad certificate"; 701 break; 702 case SSL_AD_UNSUPPORTED_CERTIFICATE: 703 str = "unsupported certificate"; 704 break; 705 case SSL_AD_CERTIFICATE_REVOKED: 706 str = "certificate revoked"; 707 break; 708 case SSL_AD_CERTIFICATE_EXPIRED: 709 str = "certificate expired"; 710 break; 711 case SSL_AD_CERTIFICATE_UNKNOWN: 712 str = "certificate unknown"; 713 break; 714 case SSL_AD_ILLEGAL_PARAMETER: 715 str = "illegal parameter"; 716 break; 717 case SSL_AD_RECORD_OVERFLOW: 718 str = "record overflow"; 719 break; 720 case SSL_AD_UNKNOWN_CA: 721 str = "unknown CA"; 722 break; 723 case SSL_AD_ACCESS_DENIED: 724 str = "access denied"; 725 break; 726 case SSL_AD_DECODE_ERROR: 727 str = "decode error"; 728 break; 729 case SSL_AD_DECRYPT_ERROR: 730 str = "decrypt error"; 731 break; 732 case SSL_AD_PROTOCOL_VERSION: 733 str = "protocol version"; 734 break; 735 case SSL_AD_INSUFFICIENT_SECURITY: 736 str = "insufficient security"; 737 break; 738 case SSL_AD_INTERNAL_ERROR: 739 str = "internal error"; 740 break; 741 case SSL_AD_USER_CANCELLED: 742 str = "user canceled"; 743 break; 744 case SSL_AD_NO_RENEGOTIATION: 745 str = "no renegotiation"; 746 break; 747 case SSL_AD_MISSING_EXTENSION: 748 str = "missing extension"; 749 break; 750 case SSL_AD_UNSUPPORTED_EXTENSION: 751 str = "unsupported extension"; 752 break; 753 case SSL_AD_CERTIFICATE_UNOBTAINABLE: 754 str = "certificate unobtainable"; 755 break; 756 case SSL_AD_UNRECOGNIZED_NAME: 757 str = "unrecognized name"; 758 break; 759 case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 760 str = "bad certificate status response"; 761 break; 762 case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: 763 str = "bad certificate hash value"; 764 break; 765 case SSL_AD_UNKNOWN_PSK_IDENTITY: 766 str = "unknown PSK identity"; 767 break; 768 default: 769 str = "unknown"; 770 break; 771 } 772 return (str); 773} 774LSSL_ALIAS(SSL_alert_desc_string_long); 775 776const char * 777SSL_rstate_string(const SSL *s) 778{ 779 const char *str; 780 781 switch (s->rstate) { 782 case SSL_ST_READ_HEADER: 783 str = "RH"; 784 break; 785 case SSL_ST_READ_BODY: 786 str = "RB"; 787 break; 788 case SSL_ST_READ_DONE: 789 str = "RD"; 790 break; 791 default: 792 str = "unknown"; 793 break; 794 } 795 return (str); 796} 797LSSL_ALIAS(SSL_rstate_string); 798