X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_stat.c;h=aae31a98499a3794cddb783cc8171b86d2a51ec3;hp=a1daf25dd4302130f0a90c31cf7a9f5577a7159f;hb=e02614417d41380c7ccc612375352aac2fab079c;hpb=7dfb0b774e6592dcbfe47015168a0ac8b44e2a17 diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c index a1daf25dd4..aae31a9849 100644 --- a/ssl/ssl_stat.c +++ b/ssl/ssl_stat.c @@ -55,27 +55,52 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2005 Nokia. All rights reserved. + * + * The portions of the attached software ("Contribution") is developed by + * Nokia Corporation and is licensed pursuant to the OpenSSL open source + * license. + * + * The Contribution, originally written by Mika Kousa and Pasi Eronen of + * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites + * support (see RFC 4279) to OpenSSL. + * + * No patent licenses or other rights except those expressly stated in + * the OpenSSL open source license shall be deemed granted or received + * expressly, by implication, estoppel, or otherwise. + * + * No assurances are provided by Nokia that the Contribution does not + * infringe the patent or other intellectual property rights of any third + * party or that the license provides you with all the necessary rights + * to make use of the Contribution. + * + * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN + * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA + * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY + * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR + * OTHERWISE. + */ #include #include "ssl_locl.h" -char *SSL_state_string_long(s) -SSL *s; +const char *SSL_state_string_long(const SSL *s) { - char *str; + const char *str; switch (s->state) { -case SSL_ST_BEFORE: str="before SSL initalisation"; break; -case SSL_ST_ACCEPT: str="before accept initalisation"; break; -case SSL_ST_CONNECT: str="before connect initalisation"; break; +case SSL_ST_BEFORE: str="before SSL initialization"; break; +case SSL_ST_ACCEPT: str="before accept initialization"; break; +case SSL_ST_CONNECT: str="before connect initialization"; break; case SSL_ST_OK: str="SSL negotiation finished successfully"; break; case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break; -case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initalisation"; break; -case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initalisation"; break; -case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initalisation"; break; -case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initalisation"; break; -#ifndef NO_SSL2 +case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break; +case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break; +case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break; +case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break; +#ifndef OPENSSL_NO_SSL2 case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break; case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break; case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break; @@ -116,7 +141,7 @@ case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificat case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break; #endif -#ifndef NO_SSL3 +#ifndef OPENSSL_NO_SSL3 /* SSLv3 additions */ case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break; case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break; @@ -128,14 +153,18 @@ case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break; case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break; case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break; case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break; +case SSL3_ST_CR_SESSION_TICKET_A: str="SSLv3 read server session ticket A";break; +case SSL3_ST_CR_SESSION_TICKET_B: str="SSLv3 read server session ticket B";break; case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break; case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break; case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break; case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break; +case SSL3_ST_CW_CERT_C: str="SSLv3 write client certificate C"; break; +case SSL3_ST_CW_CERT_D: str="SSLv3 write client certificate D"; break; case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break; case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break; case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break; -case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify A"; break; +case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify B"; break; case SSL3_ST_CW_CHANGE_A: case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break; @@ -144,7 +173,7 @@ case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break; case SSL3_ST_CW_FINISHED_A: case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break; case SSL3_ST_CW_FINISHED_B: -case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished A"; break; +case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished B"; break; case SSL3_ST_CR_CHANGE_A: case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break; case SSL3_ST_CR_CHANGE_B: @@ -171,6 +200,8 @@ case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break; case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break; case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break; case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break; +case SSL3_ST_SW_SESSION_TICKET_A: str="SSLv3 write session ticket A"; break; +case SSL3_ST_SW_SESSION_TICKET_B: str="SSLv3 write session ticket B"; break; case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break; case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break; case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break; @@ -179,10 +210,18 @@ case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break; case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break; case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break; case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break; +case SSL3_ST_CW_SUPPLEMENTAL_DATA_A: str="SSLv3 client write supplemental data A"; break; +case SSL3_ST_CW_SUPPLEMENTAL_DATA_B: str="SSLv3 client write supplemental data B"; break; +case SSL3_ST_SW_SUPPLEMENTAL_DATA_A: str="SSLv3 server write supplemental data A"; break; +case SSL3_ST_SW_SUPPLEMENTAL_DATA_B: str="SSLv3 client write supplemental data B"; break; +case SSL3_ST_CR_SUPPLEMENTAL_DATA_A: str="SSLv3 client read supplemental data A"; break; +case SSL3_ST_CR_SUPPLEMENTAL_DATA_B: str="SSLv3 client read supplemental data B"; break; +case SSL3_ST_SR_SUPPLEMENTAL_DATA_A: str="SSLv3 server read supplemental data A"; break; +case SSL3_ST_SR_SUPPLEMENTAL_DATA_B: str="SSLv3 client read supplemental data B"; break; #endif -#if !defined(NO_SSL2) && !defined(NO_SSL3) -/* SSLv2/v3 compatablitity states */ +#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) +/* SSLv2/v3 compatibility states */ /* client */ case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break; case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break; @@ -193,15 +232,20 @@ case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break; case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break; #endif +/* DTLS */ +case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DTLS1 read hello verify request A"; break; +case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: str="DTLS1 read hello verify request B"; break; +case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: str="DTLS1 write hello verify request A"; break; +case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: str="DTLS1 write hello verify request B"; break; + default: str="unknown state"; break; } return(str); } -char *SSL_rstate_string_long(s) -SSL *s; +const char *SSL_rstate_string_long(const SSL *s) { - char *str; + const char *str; switch (s->rstate) { @@ -213,10 +257,9 @@ SSL *s; return(str); } -char *SSL_state_string(s) -SSL *s; +const char *SSL_state_string(const SSL *s) { - char *str; + const char *str; switch (s->state) { @@ -224,7 +267,7 @@ case SSL_ST_BEFORE: str="PINIT "; break; case SSL_ST_ACCEPT: str="AINIT "; break; case SSL_ST_CONNECT: str="CINIT "; break; case SSL_ST_OK: str="SSLOK "; break; -#ifndef NO_SSL2 +#ifndef OPENSSL_NO_SSL2 case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break; case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break; case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break; @@ -265,7 +308,7 @@ case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break; case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break; #endif -#ifndef NO_SSL3 +#ifndef OPENSSL_NO_SSL3 /* SSLv3 additions */ case SSL3_ST_SW_FLUSH: case SSL3_ST_CW_FLUSH: str="3FLUSH"; break; @@ -283,6 +326,8 @@ case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break; case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break; case SSL3_ST_CW_CERT_A: str="3WCC_A"; break; case SSL3_ST_CW_CERT_B: str="3WCC_B"; break; +case SSL3_ST_CW_CERT_C: str="3WCC_C"; break; +case SSL3_ST_CW_CERT_D: str="3WCC_D"; break; case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break; case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break; case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break; @@ -329,8 +374,8 @@ case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break; case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break; #endif -#if !defined(NO_SSL2) && !defined(NO_SSL3) -/* SSLv2/v3 compatablitity states */ +#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) +/* SSLv2/v3 compatibility states */ /* client */ case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break; case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break; @@ -340,14 +385,18 @@ case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break; case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break; case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break; #endif +/* DTLS */ +case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DRCHVA"; break; +case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: str="DRCHVB"; break; +case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: str="DWCHVA"; break; +case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: str="DWCHVB"; break; default: str="UNKWN "; break; } return(str); } -char *SSL_alert_type_string_long(value) -int value; +const char *SSL_alert_type_string_long(int value) { value>>=8; if (value == SSL3_AL_WARNING) @@ -358,8 +407,7 @@ int value; return("unknown"); } -char *SSL_alert_type_string(value) -int value; +const char *SSL_alert_type_string(int value) { value>>=8; if (value == SSL3_AL_WARNING) @@ -370,10 +418,9 @@ int value; return("U"); } -char *SSL_alert_desc_string(value) -int value; +const char *SSL_alert_desc_string(int value) { - char *str; + const char *str; switch (value & 0xff) { @@ -389,15 +436,32 @@ int value; case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break; case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break; case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break; + case TLS1_AD_DECRYPTION_FAILED: str="DC"; break; + case TLS1_AD_RECORD_OVERFLOW: str="RO"; break; + case TLS1_AD_UNKNOWN_CA: str="CA"; break; + case TLS1_AD_ACCESS_DENIED: str="AD"; break; + case TLS1_AD_DECODE_ERROR: str="DE"; break; + case TLS1_AD_DECRYPT_ERROR: str="CY"; break; + case TLS1_AD_EXPORT_RESTRICTION: str="ER"; break; + case TLS1_AD_PROTOCOL_VERSION: str="PV"; break; + case TLS1_AD_INSUFFICIENT_SECURITY: str="IS"; break; + case TLS1_AD_INTERNAL_ERROR: str="IE"; break; + case TLS1_AD_USER_CANCELLED: str="US"; break; + case TLS1_AD_NO_RENEGOTIATION: str="NR"; break; + case TLS1_AD_UNSUPPORTED_EXTENSION: str="UE"; break; + case TLS1_AD_CERTIFICATE_UNOBTAINABLE: str="CO"; break; + case TLS1_AD_UNRECOGNIZED_NAME: str="UN"; break; + case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: str="BR"; break; + case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: str="BH"; break; + case TLS1_AD_UNKNOWN_PSK_IDENTITY: str="UP"; break; default: str="UK"; break; } return(str); } -char *SSL_alert_desc_string_long(value) -int value; +const char *SSL_alert_desc_string_long(int value) { - char *str; + const char *str; switch (value & 0xff) { @@ -405,7 +469,7 @@ int value; str="close notify"; break; case SSL3_AD_UNEXPECTED_MESSAGE: - str="unexected_message"; + str="unexpected_message"; break; case SSL3_AD_BAD_RECORD_MAC: str="bad record mac"; @@ -432,20 +496,73 @@ int value; str="certificate expired"; break; case SSL3_AD_CERTIFICATE_UNKNOWN: - str="certifcate unknown"; + str="certificate unknown"; break; case SSL3_AD_ILLEGAL_PARAMETER: str="illegal parameter"; break; + case TLS1_AD_DECRYPTION_FAILED: + str="decryption failed"; + break; + case TLS1_AD_RECORD_OVERFLOW: + str="record overflow"; + break; + case TLS1_AD_UNKNOWN_CA: + str="unknown CA"; + break; + case TLS1_AD_ACCESS_DENIED: + str="access denied"; + break; + case TLS1_AD_DECODE_ERROR: + str="decode error"; + break; + case TLS1_AD_DECRYPT_ERROR: + str="decrypt error"; + break; + case TLS1_AD_EXPORT_RESTRICTION: + str="export restriction"; + break; + case TLS1_AD_PROTOCOL_VERSION: + str="protocol version"; + break; + case TLS1_AD_INSUFFICIENT_SECURITY: + str="insufficient security"; + break; + case TLS1_AD_INTERNAL_ERROR: + str="internal error"; + break; + case TLS1_AD_USER_CANCELLED: + str="user canceled"; + break; + case TLS1_AD_NO_RENEGOTIATION: + str="no renegotiation"; + break; + case TLS1_AD_UNSUPPORTED_EXTENSION: + str="unsupported extension"; + break; + case TLS1_AD_CERTIFICATE_UNOBTAINABLE: + str="certificate unobtainable"; + break; + case TLS1_AD_UNRECOGNIZED_NAME: + str="unrecognized name"; + break; + case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: + str="bad certificate status response"; + break; + case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: + str="bad certificate hash value"; + break; + case TLS1_AD_UNKNOWN_PSK_IDENTITY: + str="unknown PSK identity"; + break; default: str="unknown"; break; } return(str); } -char *SSL_rstate_string(s) -SSL *s; +const char *SSL_rstate_string(const SSL *s) { - char *str; + const char *str; switch (s->rstate) {