X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_stat.c;h=179513b1a3d0cd5aa112df78d9f2bd0e6765ff5b;hp=d64ea1866c51bb254818a99d9ea57306fa81f515;hb=848a950b715fa73070a9d1638e7630acfb0dfa4d;hpb=49ae742398aecd81551d59f421e4116a5b8a4ea9 diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c index d64ea1866c..179513b1a3 100644 --- a/ssl/ssl_stat.c +++ b/ssl/ssl_stat.c @@ -1,85 +1,11 @@ -/* ssl/ssl_stat.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2005 Nokia. All rights reserved. * - * The portions of the attached software ("Contribution") is developed by - * Nokia Corporation and is licensed pursuant to the OpenSSL open source - * license. - * - * The Contribution, originally written by Mika Kousa and Pasi Eronen of - * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites - * support (see RFC 4279) to OpenSSL. - * - * No patent licenses or other rights except those expressly stated in - * the OpenSSL open source license shall be deemed granted or received - * expressly, by implication, estoppel, or otherwise. - * - * No assurances are provided by Nokia that the Contribution does not - * infringe the patent or other intellectual property rights of any third - * party or that the license provides you with all the necessary rights - * to make use of the Contribution. - * - * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN - * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA - * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY - * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR - * OTHERWISE. + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include @@ -87,448 +13,376 @@ const char *SSL_state_string_long(const SSL *s) { - const char *str; - - if (statem_in_error(s)) { + if (ossl_statem_in_error(s)) return "error"; - } - switch (SSL_state(s)) { + switch (SSL_get_state(s)) { + case TLS_ST_CR_CERT_STATUS: + return "SSLv3/TLS read certificate status"; + case TLS_ST_CW_NEXT_PROTO: + return "SSLv3/TLS write next proto"; + case TLS_ST_SR_NEXT_PROTO: + return "SSLv3/TLS read next proto"; + case TLS_ST_SW_CERT_STATUS: + return "SSLv3/TLS write certificate status"; case TLS_ST_BEFORE: - str = "before SSL initialization"; - break; + return "before SSL initialization"; case TLS_ST_OK: - str = "SSL negotiation finished successfully"; - break; - -/* SSLv3 additions */ + return "SSL negotiation finished successfully"; case TLS_ST_CW_CLNT_HELLO: - str = "SSLv3/TLS write client hello"; - break; + return "SSLv3/TLS write client hello"; case TLS_ST_CR_SRVR_HELLO: - str = "SSLv3/TLS read server hello"; - break; + return "SSLv3/TLS read server hello"; case TLS_ST_CR_CERT: - str = "SSLv3/TLS read server certificate"; - break; + return "SSLv3/TLS read server certificate"; case TLS_ST_CR_KEY_EXCH: - str = "SSLv3/TLS read server key exchange"; - break; + return "SSLv3/TLS read server key exchange"; case TLS_ST_CR_CERT_REQ: - str = "SSLv3/TLS read server certificate request"; - break; + return "SSLv3/TLS read server certificate request"; case TLS_ST_CR_SESSION_TICKET: - str = "SSLv3/TLS read server session ticket"; - break; + return "SSLv3/TLS read server session ticket"; case TLS_ST_CR_SRVR_DONE: - str = "SSLv3/TLS read server done"; - break; + return "SSLv3/TLS read server done"; case TLS_ST_CW_CERT: - str = "SSLv3/TLS write client certificate"; - break; + return "SSLv3/TLS write client certificate"; case TLS_ST_CW_KEY_EXCH: - str = "SSLv3/TLS write client key exchange"; - break; + return "SSLv3/TLS write client key exchange"; case TLS_ST_CW_CERT_VRFY: - str = "SSLv3/TLS write certificate verify"; - break; - + return "SSLv3/TLS write certificate verify"; case TLS_ST_CW_CHANGE: case TLS_ST_SW_CHANGE: - str = "SSLv3/TLS write change cipher spec"; - break; + return "SSLv3/TLS write change cipher spec"; case TLS_ST_CW_FINISHED: case TLS_ST_SW_FINISHED: - str = "SSLv3/TLS write finished"; - break; + return "SSLv3/TLS write finished"; case TLS_ST_CR_CHANGE: case TLS_ST_SR_CHANGE: - str = "SSLv3/TLS read change cipher spec"; - break; + return "SSLv3/TLS read change cipher spec"; case TLS_ST_CR_FINISHED: case TLS_ST_SR_FINISHED: - str = "SSLv3/TLS read finished"; - break; - + return "SSLv3/TLS read finished"; case TLS_ST_SR_CLNT_HELLO: - str = "SSLv3/TLS read client hello"; - break; + return "SSLv3/TLS read client hello"; case TLS_ST_SW_HELLO_REQ: - str = "SSLv3/TLS write hello request"; - break; + return "SSLv3/TLS write hello request"; case TLS_ST_SW_SRVR_HELLO: - str = "SSLv3/TLS write server hello"; - break; + return "SSLv3/TLS write server hello"; case TLS_ST_SW_CERT: - str = "SSLv3/TLS write certificate"; - break; + return "SSLv3/TLS write certificate"; case TLS_ST_SW_KEY_EXCH: - str = "SSLv3/TLS write key exchange"; - break; + return "SSLv3/TLS write key exchange"; case TLS_ST_SW_CERT_REQ: - str = "SSLv3/TLS write certificate request"; - break; + return "SSLv3/TLS write certificate request"; case TLS_ST_SW_SESSION_TICKET: - str = "SSLv3/TLS write session ticket"; - break; + return "SSLv3/TLS write session ticket"; case TLS_ST_SW_SRVR_DONE: - str = "SSLv3/TLS write server done"; - break; + return "SSLv3/TLS write server done"; case TLS_ST_SR_CERT: - str = "SSLv3/TLS read client certificate"; - break; + return "SSLv3/TLS read client certificate"; case TLS_ST_SR_KEY_EXCH: - str = "SSLv3/TLS read client key exchange"; - break; + return "SSLv3/TLS read client key exchange"; case TLS_ST_SR_CERT_VRFY: - str = "SSLv3/TLS read certificate verify"; - break; - -/* DTLS */ + return "SSLv3/TLS read certificate verify"; case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - str = "DTLS1 read hello verify request"; - break; + return "DTLS1 read hello verify request"; case DTLS_ST_SW_HELLO_VERIFY_REQUEST: - str = "DTLS1 write hello verify request"; - break; - + return "DTLS1 write hello verify request"; + case TLS_ST_SW_ENCRYPTED_EXTENSIONS: + return "TLSv1.3 write encrypted extensions"; + case TLS_ST_CR_ENCRYPTED_EXTENSIONS: + return "TLSv1.3 read encrypted extensions"; + case TLS_ST_CR_CERT_VRFY: + return "TLSv1.3 read server certificate verify"; + case TLS_ST_SW_CERT_VRFY: + return "TLSv1.3 write server certificate verify"; + case TLS_ST_CR_HELLO_REQ: + return "SSLv3/TLS read hello request"; + case TLS_ST_SW_KEY_UPDATE: + return "TLSv1.3 write server key update"; + case TLS_ST_CW_KEY_UPDATE: + return "TLSv1.3 write client key update"; + case TLS_ST_SR_KEY_UPDATE: + return "TLSv1.3 read client key update"; + case TLS_ST_CR_KEY_UPDATE: + return "TLSv1.3 read server key update"; + case TLS_ST_EARLY_DATA: + return "TLSv1.3 early data"; + case TLS_ST_PENDING_EARLY_DATA_END: + return "TLSv1.3 pending early data end"; + case TLS_ST_CW_END_OF_EARLY_DATA: + return "TLSv1.3 write end of early data"; + case TLS_ST_SR_END_OF_EARLY_DATA: + return "TLSv1.3 read end of early data"; default: - str = "unknown state"; - break; + return "unknown state"; } - return (str); } - const char *SSL_state_string(const SSL *s) { - const char *str; - - if (statem_in_error(s)) { + if (ossl_statem_in_error(s)) return "SSLERR"; - } - switch (SSL_state(s)) { + switch (SSL_get_state(s)) { + case TLS_ST_SR_NEXT_PROTO: + return "TRNP"; + case TLS_ST_SW_SESSION_TICKET: + return "TWST"; + case TLS_ST_SW_CERT_STATUS: + return "TWCS"; + case TLS_ST_CR_CERT_STATUS: + return "TRCS"; + case TLS_ST_CR_SESSION_TICKET: + return "TRST"; + case TLS_ST_CW_NEXT_PROTO: + return "TWNP"; case TLS_ST_BEFORE: - str = "PINIT "; - break; + return "PINIT "; case TLS_ST_OK: - str = "SSLOK "; - break; - + return "SSLOK "; case TLS_ST_CW_CLNT_HELLO: - str = "3WCH"; - break; + return "TWCH"; case TLS_ST_CR_SRVR_HELLO: - str = "3RSH"; - break; + return "TRSH"; case TLS_ST_CR_CERT: - str = "3RSC"; - break; + return "TRSC"; case TLS_ST_CR_KEY_EXCH: - str = "3RSKE"; - break; + return "TRSKE"; case TLS_ST_CR_CERT_REQ: - str = "3RCR"; - break; + return "TRCR"; case TLS_ST_CR_SRVR_DONE: - str = "3RSD"; - break; + return "TRSD"; case TLS_ST_CW_CERT: - str = "3WCC"; - break; + return "TWCC"; case TLS_ST_CW_KEY_EXCH: - str = "3WCKE"; - break; + return "TWCKE"; case TLS_ST_CW_CERT_VRFY: - str = "3WCV"; - break; - + return "TWCV"; case TLS_ST_SW_CHANGE: case TLS_ST_CW_CHANGE: - str = "3WCCS"; - break; + return "TWCCS"; case TLS_ST_SW_FINISHED: case TLS_ST_CW_FINISHED: - str = "3WFIN"; - break; + return "TWFIN"; case TLS_ST_SR_CHANGE: case TLS_ST_CR_CHANGE: - str = "3RCCS"; - break; + return "TRCCS"; case TLS_ST_SR_FINISHED: case TLS_ST_CR_FINISHED: - str = "3RFIN"; - break; - + return "TRFIN"; case TLS_ST_SW_HELLO_REQ: - str = "3WHR"; - break; + return "TWHR"; case TLS_ST_SR_CLNT_HELLO: - str = "3RCH"; - break; + return "TRCH"; case TLS_ST_SW_SRVR_HELLO: - str = "3WSH"; - break; + return "TWSH"; case TLS_ST_SW_CERT: - str = "3WSC"; - break; + return "TWSC"; case TLS_ST_SW_KEY_EXCH: - str = "3WSKE"; - break; + return "TWSKE"; case TLS_ST_SW_CERT_REQ: - str = "3WCR"; - break; + return "TWCR"; case TLS_ST_SW_SRVR_DONE: - str = "3WSD"; - break; + return "TWSD"; case TLS_ST_SR_CERT: - str = "3RCC"; - break; + return "TRCC"; case TLS_ST_SR_KEY_EXCH: - str = "3RCKE"; - break; + return "TRCKE"; case TLS_ST_SR_CERT_VRFY: - str = "3RCV"; - break; - -/* DTLS */ + return "TRCV"; case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - str = "DRCHV"; - break; + return "DRCHV"; case DTLS_ST_SW_HELLO_VERIFY_REQUEST: - str = "DWCHV"; - break; - + return "DWCHV"; + case TLS_ST_SW_ENCRYPTED_EXTENSIONS: + return "TWEE"; + case TLS_ST_CR_ENCRYPTED_EXTENSIONS: + return "TREE"; + case TLS_ST_CR_CERT_VRFY: + return "TRSCV"; + case TLS_ST_SW_CERT_VRFY: + return "TRSCV"; + case TLS_ST_CR_HELLO_REQ: + return "TRHR"; + case TLS_ST_SW_KEY_UPDATE: + return "TWSKU"; + case TLS_ST_CW_KEY_UPDATE: + return "TWCKU"; + case TLS_ST_SR_KEY_UPDATE: + return "TRCKU"; + case TLS_ST_CR_KEY_UPDATE: + return "TRSKU"; + case TLS_ST_EARLY_DATA: + return "TED"; + case TLS_ST_PENDING_EARLY_DATA_END: + return "TPEDE"; + case TLS_ST_CW_END_OF_EARLY_DATA: + return "TWEOED"; + case TLS_ST_SR_END_OF_EARLY_DATA: + return "TWEOED"; default: - str = "UNKWN "; - break; + return "UNKWN "; } - return (str); } const char *SSL_alert_type_string_long(int value) { - value >>= 8; - if (value == SSL3_AL_WARNING) - return ("warning"); - else if (value == SSL3_AL_FATAL) - return ("fatal"); - else - return ("unknown"); + switch (value >> 8) { + case SSL3_AL_WARNING: + return "warning"; + case SSL3_AL_FATAL: + return "fatal"; + default: + return "unknown"; + } } const char *SSL_alert_type_string(int value) { - value >>= 8; - if (value == SSL3_AL_WARNING) - return ("W"); - else if (value == SSL3_AL_FATAL) - return ("F"); - else - return ("U"); + switch (value >> 8) { + case SSL3_AL_WARNING: + return "W"; + case SSL3_AL_FATAL: + return "F"; + default: + return "U"; + } } const char *SSL_alert_desc_string(int value) { - const char *str; - switch (value & 0xff) { case SSL3_AD_CLOSE_NOTIFY: - str = "CN"; - break; + return "CN"; case SSL3_AD_UNEXPECTED_MESSAGE: - str = "UM"; - break; + return "UM"; case SSL3_AD_BAD_RECORD_MAC: - str = "BM"; - break; + return "BM"; case SSL3_AD_DECOMPRESSION_FAILURE: - str = "DF"; - break; + return "DF"; case SSL3_AD_HANDSHAKE_FAILURE: - str = "HF"; - break; + return "HF"; case SSL3_AD_NO_CERTIFICATE: - str = "NC"; - break; + return "NC"; case SSL3_AD_BAD_CERTIFICATE: - str = "BC"; - break; + return "BC"; case SSL3_AD_UNSUPPORTED_CERTIFICATE: - str = "UC"; - break; + return "UC"; case SSL3_AD_CERTIFICATE_REVOKED: - str = "CR"; - break; + return "CR"; case SSL3_AD_CERTIFICATE_EXPIRED: - str = "CE"; - break; + return "CE"; case SSL3_AD_CERTIFICATE_UNKNOWN: - str = "CU"; - break; + return "CU"; case SSL3_AD_ILLEGAL_PARAMETER: - str = "IP"; - break; + return "IP"; case TLS1_AD_DECRYPTION_FAILED: - str = "DC"; - break; + return "DC"; case TLS1_AD_RECORD_OVERFLOW: - str = "RO"; - break; + return "RO"; case TLS1_AD_UNKNOWN_CA: - str = "CA"; - break; + return "CA"; case TLS1_AD_ACCESS_DENIED: - str = "AD"; - break; + return "AD"; case TLS1_AD_DECODE_ERROR: - str = "DE"; - break; + return "DE"; case TLS1_AD_DECRYPT_ERROR: - str = "CY"; - break; + return "CY"; case TLS1_AD_EXPORT_RESTRICTION: - str = "ER"; - break; + return "ER"; case TLS1_AD_PROTOCOL_VERSION: - str = "PV"; - break; + return "PV"; case TLS1_AD_INSUFFICIENT_SECURITY: - str = "IS"; - break; + return "IS"; case TLS1_AD_INTERNAL_ERROR: - str = "IE"; - break; + return "IE"; case TLS1_AD_USER_CANCELLED: - str = "US"; - break; + return "US"; case TLS1_AD_NO_RENEGOTIATION: - str = "NR"; - break; + return "NR"; case TLS1_AD_UNSUPPORTED_EXTENSION: - str = "UE"; - break; + return "UE"; case TLS1_AD_CERTIFICATE_UNOBTAINABLE: - str = "CO"; - break; + return "CO"; case TLS1_AD_UNRECOGNIZED_NAME: - str = "UN"; - break; + return "UN"; case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: - str = "BR"; - break; + return "BR"; case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: - str = "BH"; - break; + return "BH"; case TLS1_AD_UNKNOWN_PSK_IDENTITY: - str = "UP"; - break; + return "UP"; default: - str = "UK"; - break; + return "UK"; } - return (str); } const char *SSL_alert_desc_string_long(int value) { - const char *str; - switch (value & 0xff) { case SSL3_AD_CLOSE_NOTIFY: - str = "close notify"; - break; + return "close notify"; case SSL3_AD_UNEXPECTED_MESSAGE: - str = "unexpected_message"; - break; + return "unexpected_message"; case SSL3_AD_BAD_RECORD_MAC: - str = "bad record mac"; - break; + return "bad record mac"; case SSL3_AD_DECOMPRESSION_FAILURE: - str = "decompression failure"; - break; + return "decompression failure"; case SSL3_AD_HANDSHAKE_FAILURE: - str = "handshake failure"; - break; + return "handshake failure"; case SSL3_AD_NO_CERTIFICATE: - str = "no certificate"; - break; + return "no certificate"; case SSL3_AD_BAD_CERTIFICATE: - str = "bad certificate"; - break; + return "bad certificate"; case SSL3_AD_UNSUPPORTED_CERTIFICATE: - str = "unsupported certificate"; - break; + return "unsupported certificate"; case SSL3_AD_CERTIFICATE_REVOKED: - str = "certificate revoked"; - break; + return "certificate revoked"; case SSL3_AD_CERTIFICATE_EXPIRED: - str = "certificate expired"; - break; + return "certificate expired"; case SSL3_AD_CERTIFICATE_UNKNOWN: - str = "certificate unknown"; - break; + return "certificate unknown"; case SSL3_AD_ILLEGAL_PARAMETER: - str = "illegal parameter"; - break; + return "illegal parameter"; case TLS1_AD_DECRYPTION_FAILED: - str = "decryption failed"; - break; + return "decryption failed"; case TLS1_AD_RECORD_OVERFLOW: - str = "record overflow"; - break; + return "record overflow"; case TLS1_AD_UNKNOWN_CA: - str = "unknown CA"; - break; + return "unknown CA"; case TLS1_AD_ACCESS_DENIED: - str = "access denied"; - break; + return "access denied"; case TLS1_AD_DECODE_ERROR: - str = "decode error"; - break; + return "decode error"; case TLS1_AD_DECRYPT_ERROR: - str = "decrypt error"; - break; + return "decrypt error"; case TLS1_AD_EXPORT_RESTRICTION: - str = "export restriction"; - break; + return "export restriction"; case TLS1_AD_PROTOCOL_VERSION: - str = "protocol version"; - break; + return "protocol version"; case TLS1_AD_INSUFFICIENT_SECURITY: - str = "insufficient security"; - break; + return "insufficient security"; case TLS1_AD_INTERNAL_ERROR: - str = "internal error"; - break; + return "internal error"; case TLS1_AD_USER_CANCELLED: - str = "user canceled"; - break; + return "user canceled"; case TLS1_AD_NO_RENEGOTIATION: - str = "no renegotiation"; - break; + return "no renegotiation"; case TLS1_AD_UNSUPPORTED_EXTENSION: - str = "unsupported extension"; - break; + return "unsupported extension"; case TLS1_AD_CERTIFICATE_UNOBTAINABLE: - str = "certificate unobtainable"; - break; + return "certificate unobtainable"; case TLS1_AD_UNRECOGNIZED_NAME: - str = "unrecognized name"; - break; + return "unrecognized name"; case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: - str = "bad certificate status response"; - break; + return "bad certificate status response"; case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: - str = "bad certificate hash value"; - break; + return "bad certificate hash value"; case TLS1_AD_UNKNOWN_PSK_IDENTITY: - str = "unknown PSK identity"; - break; + return "unknown PSK identity"; + case TLS1_AD_NO_APPLICATION_PROTOCOL: + return "no application protocol"; default: - str = "unknown"; - break; + return "unknown"; } - return (str); }