projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
DANE support structures, constructructors and accessors
[openssl.git] / ssl / ssl_err.c
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 0c40b7b3ec08d1ef0a46fdea2223ca0644e29457..cfa4179a40b5e4402dc23d810b59dc7477e07ae6 100644 (file)
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -72,6 +72,9 @@
 static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_CHECK_SUITEB_CIPHER_LIST), "check_suiteb_cipher_list"},
     {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
+    {ERR_FUNC(SSL_F_DANE_CTX_ENABLE), "dane_ctx_enable"},
+    {ERR_FUNC(SSL_F_DANE_MTYPE_SET), "dane_mtype_set"},
+    {ERR_FUNC(SSL_F_DANE_TLSA_ADD), "dane_tlsa_add"},
     {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "do_dtls1_write"},
     {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
     {ERR_FUNC(SSL_F_DTLS1_ACCEPT), "dtls1_accept"},
@@ -262,6 +265,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO), "SSL_CTX_use_serverinfo"},
     {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO_FILE),
      "SSL_CTX_use_serverinfo_file"},
+    {ERR_FUNC(SSL_F_SSL_DANE_ENABLE), "SSL_dane_enable"},
     {ERR_FUNC(SSL_F_SSL_DO_CONFIG), "ssl_do_config"},
     {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
     {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "ssl_get_new_session"},
@@ -314,7 +318,6 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
      "SSL_set_session_ticket_ext"},
     {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
-    {ERR_FUNC(SSL_F_SSL_SET_VERSION), "SSL_SET_VERSION"},
     {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
     {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
     {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
@@ -416,6 +419,10 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE), "app data in handshake"},
     {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),
      "attempt to reuse session in different context"},
+    {ERR_REASON(SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE),
+     "at least TLS 1.0 needed in FIPS mode"},
+    {ERR_REASON(SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE),
+     "at least (D)TLS 1.2 needed in Suite B mode"},
     {ERR_REASON(SSL_R_BAD_ALERT_RECORD), "bad alert record"},
     {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
     {ERR_REASON(SSL_R_BAD_DATA), "bad data"},
@@ -488,9 +495,25 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),
      "compression library error"},
     {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
+    {ERR_REASON(SSL_R_CONTEXT_NOT_DANE_ENABLED), "context not dane enabled"},
     {ERR_REASON(SSL_R_COOKIE_GEN_CALLBACK_FAILURE),
      "cookie gen callback failure"},
     {ERR_REASON(SSL_R_COOKIE_MISMATCH), "cookie mismatch"},
+    {ERR_REASON(SSL_R_DANE_ALREADY_ENABLED), "dane already enabled"},
+    {ERR_REASON(SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL),
+     "dane cannot override mtype full"},
+    {ERR_REASON(SSL_R_DANE_NOT_ENABLED), "dane not enabled"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE), "dane tlsa bad certificate"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE),
+     "dane tlsa bad certificate usage"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_DATA_LENGTH), "dane tlsa bad data length"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH),
+     "dane tlsa bad digest length"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_MATCHING_TYPE),
+     "dane tlsa bad matching type"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_PUBLIC_KEY), "dane tlsa bad public key"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_SELECTOR), "dane tlsa bad selector"},
+    {ERR_REASON(SSL_R_DANE_TLSA_NULL_DATA), "dane tlsa null data"},
     {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),
      "data between ccs and finished"},
     {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG), "data length too long"},
@@ -521,6 +544,8 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
      "encrypted length too long"},
     {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
      "error in received cipher list"},
+    {ERR_REASON(SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN),
+     "error setting tlsa base domain"},
     {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
     {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE), "extra data in message"},
     {ERR_REASON(SSL_R_FAILED_TO_INIT_ASYNC), "failed to init async"},
@@ -603,14 +628,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
      "old session cipher not returned"},
     {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
      "old session compression algorithm not returned"},
-    {ERR_REASON(SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE),
-     "only DTLS 1.2 allowed in Suite B mode"},
-    {ERR_REASON(SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE),
-     "only TLS 1.2 allowed in Suite B mode"},
-    {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),
-     "only tls allowed in fips mode"},
-    {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),
-     "opaque PRF input too long"},
     {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
     {ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
     {ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
@@ -794,6 +811,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
     {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
     {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
+    {ERR_REASON(SSL_R_VERSION_TOO_HIGH), "version too high"},
     {ERR_REASON(SSL_R_VERSION_TOO_LOW), "version too low"},
     {ERR_REASON(SSL_R_WRONG_CERTIFICATE_TYPE), "wrong certificate type"},
     {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
Unnamed repository; edit this file 'description' to name the repository.