security/nss/lib/ssl/SSLerrs.h@b8a032363ba2 (annotated)
security/nss/lib/ssl/SSLerrs.h
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
| michael@0 | 1 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 2 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 4 | |
| michael@0 | 5 | /* SSL-specific security error codes */ |
| michael@0 | 6 | /* caller must include "sslerr.h" */ |
| michael@0 | 7 | |
| michael@0 | 8 | ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0, |
| michael@0 | 9 | "Unable to communicate securely. Peer does not support high-grade encryption.") |
| michael@0 | 10 | |
| michael@0 | 11 | ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1, |
| michael@0 | 12 | "Unable to communicate securely. Peer requires high-grade encryption which is not supported.") |
| michael@0 | 13 | |
| michael@0 | 14 | ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2, |
| michael@0 | 15 | "Cannot communicate securely with peer: no common encryption algorithm(s).") |
| michael@0 | 16 | |
| michael@0 | 17 | ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3, |
| michael@0 | 18 | "Unable to find the certificate or key necessary for authentication.") |
| michael@0 | 19 | |
| michael@0 | 20 | ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4, |
| michael@0 | 21 | "Unable to communicate securely with peer: peers's certificate was rejected.") |
| michael@0 | 22 | |
| michael@0 | 23 | ER3(SSL_ERROR_UNUSED_5, SSL_ERROR_BASE + 5, |
| michael@0 | 24 | "Unrecognized SSL error code.") |
| michael@0 | 25 | |
| michael@0 | 26 | ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6, |
| michael@0 | 27 | "The server has encountered bad data from the client.") |
| michael@0 | 28 | |
| michael@0 | 29 | ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7, |
| michael@0 | 30 | "The client has encountered bad data from the server.") |
| michael@0 | 31 | |
| michael@0 | 32 | ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8, |
| michael@0 | 33 | "Unsupported certificate type.") |
| michael@0 | 34 | |
| michael@0 | 35 | ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9, |
| michael@0 | 36 | "Peer using unsupported version of security protocol.") |
| michael@0 | 37 | |
| michael@0 | 38 | ER3(SSL_ERROR_UNUSED_10, SSL_ERROR_BASE + 10, |
| michael@0 | 39 | "Unrecognized SSL error code.") |
| michael@0 | 40 | |
| michael@0 | 41 | ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11, |
| michael@0 | 42 | "Client authentication failed: private key in key database does not match public key in certificate database.") |
| michael@0 | 43 | |
| michael@0 | 44 | ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12, |
| michael@0 | 45 | "Unable to communicate securely with peer: requested domain name does not match the server's certificate.") |
| michael@0 | 46 | |
| michael@0 | 47 | ER3(SSL_ERROR_POST_WARNING, SSL_ERROR_BASE + 13, |
| michael@0 | 48 | "Unrecognized SSL error code.") |
| michael@0 | 49 | |
| michael@0 | 50 | ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14), |
| michael@0 | 51 | "Peer only supports SSL version 2, which is locally disabled.") |
| michael@0 | 52 | |
| michael@0 | 53 | |
| michael@0 | 54 | ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15), |
| michael@0 | 55 | "SSL received a record with an incorrect Message Authentication Code.") |
| michael@0 | 56 | |
| michael@0 | 57 | ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16), |
| michael@0 | 58 | "SSL peer reports incorrect Message Authentication Code.") |
| michael@0 | 59 | |
| michael@0 | 60 | ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17), |
| michael@0 | 61 | "SSL peer cannot verify your certificate.") |
| michael@0 | 62 | |
| michael@0 | 63 | ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18), |
| michael@0 | 64 | "SSL peer rejected your certificate as revoked.") |
| michael@0 | 65 | |
| michael@0 | 66 | ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19), |
| michael@0 | 67 | "SSL peer rejected your certificate as expired.") |
| michael@0 | 68 | |
| michael@0 | 69 | ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20), |
| michael@0 | 70 | "Cannot connect: SSL is disabled.") |
| michael@0 | 71 | |
| michael@0 | 72 | ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21), |
| michael@0 | 73 | "Cannot connect: SSL peer is in another FORTEZZA domain.") |
| michael@0 | 74 | |
| michael@0 | 75 | ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22), |
| michael@0 | 76 | "An unknown SSL cipher suite has been requested.") |
| michael@0 | 77 | |
| michael@0 | 78 | ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23), |
| michael@0 | 79 | "No cipher suites are present and enabled in this program.") |
| michael@0 | 80 | |
| michael@0 | 81 | ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24), |
| michael@0 | 82 | "SSL received a record with bad block padding.") |
| michael@0 | 83 | |
| michael@0 | 84 | ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25), |
| michael@0 | 85 | "SSL received a record that exceeded the maximum permissible length.") |
| michael@0 | 86 | |
| michael@0 | 87 | ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26), |
| michael@0 | 88 | "SSL attempted to send a record that exceeded the maximum permissible length.") |
| michael@0 | 89 | |
| michael@0 | 90 | /* |
| michael@0 | 91 | * Received a malformed (too long or short or invalid content) SSL handshake. |
| michael@0 | 92 | */ |
| michael@0 | 93 | ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27), |
| michael@0 | 94 | "SSL received a malformed Hello Request handshake message.") |
| michael@0 | 95 | |
| michael@0 | 96 | ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28), |
| michael@0 | 97 | "SSL received a malformed Client Hello handshake message.") |
| michael@0 | 98 | |
| michael@0 | 99 | ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29), |
| michael@0 | 100 | "SSL received a malformed Server Hello handshake message.") |
| michael@0 | 101 | |
| michael@0 | 102 | ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30), |
| michael@0 | 103 | "SSL received a malformed Certificate handshake message.") |
| michael@0 | 104 | |
| michael@0 | 105 | ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31), |
| michael@0 | 106 | "SSL received a malformed Server Key Exchange handshake message.") |
| michael@0 | 107 | |
| michael@0 | 108 | ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32), |
| michael@0 | 109 | "SSL received a malformed Certificate Request handshake message.") |
| michael@0 | 110 | |
| michael@0 | 111 | ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33), |
| michael@0 | 112 | "SSL received a malformed Server Hello Done handshake message.") |
| michael@0 | 113 | |
| michael@0 | 114 | ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34), |
| michael@0 | 115 | "SSL received a malformed Certificate Verify handshake message.") |
| michael@0 | 116 | |
| michael@0 | 117 | ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35), |
| michael@0 | 118 | "SSL received a malformed Client Key Exchange handshake message.") |
| michael@0 | 119 | |
| michael@0 | 120 | ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36), |
| michael@0 | 121 | "SSL received a malformed Finished handshake message.") |
| michael@0 | 122 | |
| michael@0 | 123 | /* |
| michael@0 | 124 | * Received a malformed (too long or short) SSL record. |
| michael@0 | 125 | */ |
| michael@0 | 126 | ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37), |
| michael@0 | 127 | "SSL received a malformed Change Cipher Spec record.") |
| michael@0 | 128 | |
| michael@0 | 129 | ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38), |
| michael@0 | 130 | "SSL received a malformed Alert record.") |
| michael@0 | 131 | |
| michael@0 | 132 | ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39), |
| michael@0 | 133 | "SSL received a malformed Handshake record.") |
| michael@0 | 134 | |
| michael@0 | 135 | ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40), |
| michael@0 | 136 | "SSL received a malformed Application Data record.") |
| michael@0 | 137 | |
| michael@0 | 138 | /* |
| michael@0 | 139 | * Received an SSL handshake that was inappropriate for the state we're in. |
| michael@0 | 140 | * E.g. Server received message from server, or wrong state in state machine. |
| michael@0 | 141 | */ |
| michael@0 | 142 | ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41), |
| michael@0 | 143 | "SSL received an unexpected Hello Request handshake message.") |
| michael@0 | 144 | |
| michael@0 | 145 | ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42), |
| michael@0 | 146 | "SSL received an unexpected Client Hello handshake message.") |
| michael@0 | 147 | |
| michael@0 | 148 | ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43), |
| michael@0 | 149 | "SSL received an unexpected Server Hello handshake message.") |
| michael@0 | 150 | |
| michael@0 | 151 | ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44), |
| michael@0 | 152 | "SSL received an unexpected Certificate handshake message.") |
| michael@0 | 153 | |
| michael@0 | 154 | ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45), |
| michael@0 | 155 | "SSL received an unexpected Server Key Exchange handshake message.") |
| michael@0 | 156 | |
| michael@0 | 157 | ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46), |
| michael@0 | 158 | "SSL received an unexpected Certificate Request handshake message.") |
| michael@0 | 159 | |
| michael@0 | 160 | ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47), |
| michael@0 | 161 | "SSL received an unexpected Server Hello Done handshake message.") |
| michael@0 | 162 | |
| michael@0 | 163 | ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48), |
| michael@0 | 164 | "SSL received an unexpected Certificate Verify handshake message.") |
| michael@0 | 165 | |
| michael@0 | 166 | ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49), |
| michael@0 | 167 | "SSL received an unexpected Client Key Exchange handshake message.") |
| michael@0 | 168 | |
| michael@0 | 169 | ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50), |
| michael@0 | 170 | "SSL received an unexpected Finished handshake message.") |
| michael@0 | 171 | |
| michael@0 | 172 | /* |
| michael@0 | 173 | * Received an SSL record that was inappropriate for the state we're in. |
| michael@0 | 174 | */ |
| michael@0 | 175 | ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51), |
| michael@0 | 176 | "SSL received an unexpected Change Cipher Spec record.") |
| michael@0 | 177 | |
| michael@0 | 178 | ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52), |
| michael@0 | 179 | "SSL received an unexpected Alert record.") |
| michael@0 | 180 | |
| michael@0 | 181 | ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53), |
| michael@0 | 182 | "SSL received an unexpected Handshake record.") |
| michael@0 | 183 | |
| michael@0 | 184 | ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54), |
| michael@0 | 185 | "SSL received an unexpected Application Data record.") |
| michael@0 | 186 | |
| michael@0 | 187 | /* |
| michael@0 | 188 | * Received record/message with unknown discriminant. |
| michael@0 | 189 | */ |
| michael@0 | 190 | ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55), |
| michael@0 | 191 | "SSL received a record with an unknown content type.") |
| michael@0 | 192 | |
| michael@0 | 193 | ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56), |
| michael@0 | 194 | "SSL received a handshake message with an unknown message type.") |
| michael@0 | 195 | |
| michael@0 | 196 | ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57), |
| michael@0 | 197 | "SSL received an alert record with an unknown alert description.") |
| michael@0 | 198 | |
| michael@0 | 199 | /* |
| michael@0 | 200 | * Received an alert reporting what we did wrong. (more alerts above) |
| michael@0 | 201 | */ |
| michael@0 | 202 | ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58), |
| michael@0 | 203 | "SSL peer has closed this connection.") |
| michael@0 | 204 | |
| michael@0 | 205 | ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59), |
| michael@0 | 206 | "SSL peer was not expecting a handshake message it received.") |
| michael@0 | 207 | |
| michael@0 | 208 | ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60), |
| michael@0 | 209 | "SSL peer was unable to successfully decompress an SSL record it received.") |
| michael@0 | 210 | |
| michael@0 | 211 | ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61), |
| michael@0 | 212 | "SSL peer was unable to negotiate an acceptable set of security parameters.") |
| michael@0 | 213 | |
| michael@0 | 214 | ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62), |
| michael@0 | 215 | "SSL peer rejected a handshake message for unacceptable content.") |
| michael@0 | 216 | |
| michael@0 | 217 | ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63), |
| michael@0 | 218 | "SSL peer does not support certificates of the type it received.") |
| michael@0 | 219 | |
| michael@0 | 220 | ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64), |
| michael@0 | 221 | "SSL peer had some unspecified issue with the certificate it received.") |
| michael@0 | 222 | |
| michael@0 | 223 | |
| michael@0 | 224 | ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65), |
| michael@0 | 225 | "SSL experienced a failure of its random number generator.") |
| michael@0 | 226 | |
| michael@0 | 227 | ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66), |
| michael@0 | 228 | "Unable to digitally sign data required to verify your certificate.") |
| michael@0 | 229 | |
| michael@0 | 230 | ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67), |
| michael@0 | 231 | "SSL was unable to extract the public key from the peer's certificate.") |
| michael@0 | 232 | |
| michael@0 | 233 | ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68), |
| michael@0 | 234 | "Unspecified failure while processing SSL Server Key Exchange handshake.") |
| michael@0 | 235 | |
| michael@0 | 236 | ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69), |
| michael@0 | 237 | "Unspecified failure while processing SSL Client Key Exchange handshake.") |
| michael@0 | 238 | |
| michael@0 | 239 | ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70), |
| michael@0 | 240 | "Bulk data encryption algorithm failed in selected cipher suite.") |
| michael@0 | 241 | |
| michael@0 | 242 | ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71), |
| michael@0 | 243 | "Bulk data decryption algorithm failed in selected cipher suite.") |
| michael@0 | 244 | |
| michael@0 | 245 | ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72), |
| michael@0 | 246 | "Attempt to write encrypted data to underlying socket failed.") |
| michael@0 | 247 | |
| michael@0 | 248 | ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73), |
| michael@0 | 249 | "MD5 digest function failed.") |
| michael@0 | 250 | |
| michael@0 | 251 | ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74), |
| michael@0 | 252 | "SHA-1 digest function failed.") |
| michael@0 | 253 | |
| michael@0 | 254 | ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75), |
| michael@0 | 255 | "MAC computation failed.") |
| michael@0 | 256 | |
| michael@0 | 257 | ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76), |
| michael@0 | 258 | "Failure to create Symmetric Key context.") |
| michael@0 | 259 | |
| michael@0 | 260 | ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77), |
| michael@0 | 261 | "Failure to unwrap the Symmetric key in Client Key Exchange message.") |
| michael@0 | 262 | |
| michael@0 | 263 | ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78), |
| michael@0 | 264 | "SSL Server attempted to use domestic-grade public key with export cipher suite.") |
| michael@0 | 265 | |
| michael@0 | 266 | ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79), |
| michael@0 | 267 | "PKCS11 code failed to translate an IV into a param.") |
| michael@0 | 268 | |
| michael@0 | 269 | ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80), |
| michael@0 | 270 | "Failed to initialize the selected cipher suite.") |
| michael@0 | 271 | |
| michael@0 | 272 | ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81), |
| michael@0 | 273 | "Client failed to generate session keys for SSL session.") |
| michael@0 | 274 | |
| michael@0 | 275 | ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82), |
| michael@0 | 276 | "Server has no key for the attempted key exchange algorithm.") |
| michael@0 | 277 | |
| michael@0 | 278 | ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83), |
| michael@0 | 279 | "PKCS#11 token was inserted or removed while operation was in progress.") |
| michael@0 | 280 | |
| michael@0 | 281 | ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84), |
| michael@0 | 282 | "No PKCS#11 token could be found to do a required operation.") |
| michael@0 | 283 | |
| michael@0 | 284 | ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85), |
| michael@0 | 285 | "Cannot communicate securely with peer: no common compression algorithm(s).") |
| michael@0 | 286 | |
| michael@0 | 287 | ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86), |
| michael@0 | 288 | "Cannot perform the operation until the handshake is complete.") |
| michael@0 | 289 | |
| michael@0 | 290 | ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87), |
| michael@0 | 291 | "Received incorrect handshakes hash values from peer.") |
| michael@0 | 292 | |
| michael@0 | 293 | ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88), |
| michael@0 | 294 | "The certificate provided cannot be used with the selected key exchange algorithm.") |
| michael@0 | 295 | |
| michael@0 | 296 | ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89), |
| michael@0 | 297 | "No certificate authority is trusted for SSL client authentication.") |
| michael@0 | 298 | |
| michael@0 | 299 | ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90), |
| michael@0 | 300 | "Client's SSL session ID not found in server's session cache.") |
| michael@0 | 301 | |
| michael@0 | 302 | ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91), |
| michael@0 | 303 | "Peer was unable to decrypt an SSL record it received.") |
| michael@0 | 304 | |
| michael@0 | 305 | ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92), |
| michael@0 | 306 | "Peer received an SSL record that was longer than is permitted.") |
| michael@0 | 307 | |
| michael@0 | 308 | ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93), |
| michael@0 | 309 | "Peer does not recognize and trust the CA that issued your certificate.") |
| michael@0 | 310 | |
| michael@0 | 311 | ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94), |
| michael@0 | 312 | "Peer received a valid certificate, but access was denied.") |
| michael@0 | 313 | |
| michael@0 | 314 | ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95), |
| michael@0 | 315 | "Peer could not decode an SSL handshake message.") |
| michael@0 | 316 | |
| michael@0 | 317 | ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96), |
| michael@0 | 318 | "Peer reports failure of signature verification or key exchange.") |
| michael@0 | 319 | |
| michael@0 | 320 | ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97), |
| michael@0 | 321 | "Peer reports negotiation not in compliance with export regulations.") |
| michael@0 | 322 | |
| michael@0 | 323 | ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98), |
| michael@0 | 324 | "Peer reports incompatible or unsupported protocol version.") |
| michael@0 | 325 | |
| michael@0 | 326 | ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99), |
| michael@0 | 327 | "Server requires ciphers more secure than those supported by client.") |
| michael@0 | 328 | |
| michael@0 | 329 | ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100), |
| michael@0 | 330 | "Peer reports it experienced an internal error.") |
| michael@0 | 331 | |
| michael@0 | 332 | ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101), |
| michael@0 | 333 | "Peer user canceled handshake.") |
| michael@0 | 334 | |
| michael@0 | 335 | ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102), |
| michael@0 | 336 | "Peer does not permit renegotiation of SSL security parameters.") |
| michael@0 | 337 | |
| michael@0 | 338 | ER3(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED , (SSL_ERROR_BASE + 103), |
| michael@0 | 339 | "SSL server cache not configured and not disabled for this socket.") |
| michael@0 | 340 | |
| michael@0 | 341 | ER3(SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT , (SSL_ERROR_BASE + 104), |
| michael@0 | 342 | "SSL peer does not support requested TLS hello extension.") |
| michael@0 | 343 | |
| michael@0 | 344 | ER3(SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT , (SSL_ERROR_BASE + 105), |
| michael@0 | 345 | "SSL peer could not obtain your certificate from the supplied URL.") |
| michael@0 | 346 | |
| michael@0 | 347 | ER3(SSL_ERROR_UNRECOGNIZED_NAME_ALERT , (SSL_ERROR_BASE + 106), |
| michael@0 | 348 | "SSL peer has no certificate for the requested DNS name.") |
| michael@0 | 349 | |
| michael@0 | 350 | ER3(SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT , (SSL_ERROR_BASE + 107), |
| michael@0 | 351 | "SSL peer was unable to get an OCSP response for its certificate.") |
| michael@0 | 352 | |
| michael@0 | 353 | ER3(SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT , (SSL_ERROR_BASE + 108), |
| michael@0 | 354 | "SSL peer reported bad certificate hash value.") |
| michael@0 | 355 | |
| michael@0 | 356 | ER3(SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET, (SSL_ERROR_BASE + 109), |
| michael@0 | 357 | "SSL received an unexpected New Session Ticket handshake message.") |
| michael@0 | 358 | |
| michael@0 | 359 | ER3(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET, (SSL_ERROR_BASE + 110), |
| michael@0 | 360 | "SSL received a malformed New Session Ticket handshake message.") |
| michael@0 | 361 | |
| michael@0 | 362 | ER3(SSL_ERROR_DECOMPRESSION_FAILURE, (SSL_ERROR_BASE + 111), |
| michael@0 | 363 | "SSL received a compressed record that could not be decompressed.") |
| michael@0 | 364 | |
| michael@0 | 365 | ER3(SSL_ERROR_RENEGOTIATION_NOT_ALLOWED, (SSL_ERROR_BASE + 112), |
| michael@0 | 366 | "Renegotiation is not allowed on this SSL socket.") |
| michael@0 | 367 | |
| michael@0 | 368 | ER3(SSL_ERROR_UNSAFE_NEGOTIATION, (SSL_ERROR_BASE + 113), |
| michael@0 | 369 | "Peer attempted old style (potentially vulnerable) handshake.") |
| michael@0 | 370 | |
| michael@0 | 371 | ER3(SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD, (SSL_ERROR_BASE + 114), |
| michael@0 | 372 | "SSL received an unexpected uncompressed record.") |
| michael@0 | 373 | |
| michael@0 | 374 | ER3(SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY, (SSL_ERROR_BASE + 115), |
| michael@0 | 375 | "SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.") |
| michael@0 | 376 | |
| michael@0 | 377 | ER3(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID, (SSL_ERROR_BASE + 116), |
| michael@0 | 378 | "SSL received invalid NPN extension data.") |
| michael@0 | 379 | |
| michael@0 | 380 | ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2, (SSL_ERROR_BASE + 117), |
| michael@0 | 381 | "SSL feature not supported for SSL 2.0 connections.") |
| michael@0 | 382 | |
| michael@0 | 383 | ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS, (SSL_ERROR_BASE + 118), |
| michael@0 | 384 | "SSL feature not supported for servers.") |
| michael@0 | 385 | |
| michael@0 | 386 | ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIENTS, (SSL_ERROR_BASE + 119), |
| michael@0 | 387 | "SSL feature not supported for clients.") |
| michael@0 | 388 | |
| michael@0 | 389 | ER3(SSL_ERROR_INVALID_VERSION_RANGE, (SSL_ERROR_BASE + 120), |
| michael@0 | 390 | "SSL version range is not valid.") |
| michael@0 | 391 | |
| michael@0 | 392 | ER3(SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION, (SSL_ERROR_BASE + 121), |
| michael@0 | 393 | "SSL peer selected a cipher suite disallowed for the selected protocol version.") |
| michael@0 | 394 | |
| michael@0 | 395 | ER3(SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST, (SSL_ERROR_BASE + 122), |
| michael@0 | 396 | "SSL received a malformed Hello Verify Request handshake message.") |
| michael@0 | 397 | |
| michael@0 | 398 | ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST, (SSL_ERROR_BASE + 123), |
| michael@0 | 399 | "SSL received an unexpected Hello Verify Request handshake message.") |
| michael@0 | 400 | |
| michael@0 | 401 | ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION, (SSL_ERROR_BASE + 124), |
| michael@0 | 402 | "SSL feature not supported for the protocol version.") |
| michael@0 | 403 | |
| michael@0 | 404 | ER3(SSL_ERROR_RX_UNEXPECTED_CERT_STATUS, (SSL_ERROR_BASE + 125), |
| michael@0 | 405 | "SSL received an unexpected Certificate Status handshake message.") |
| michael@0 | 406 | |
| michael@0 | 407 | ER3(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM, (SSL_ERROR_BASE + 126), |
| michael@0 | 408 | "Unsupported hash algorithm used by TLS peer.") |
| michael@0 | 409 | |
| michael@0 | 410 | ER3(SSL_ERROR_DIGEST_FAILURE, (SSL_ERROR_BASE + 127), |
| michael@0 | 411 | "Digest function failed.") |
| michael@0 | 412 | |
| michael@0 | 413 | ER3(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM, (SSL_ERROR_BASE + 128), |
| michael@0 | 414 | "Incorrect signature algorithm specified in a digitally-signed element.") |
| michael@0 | 415 | |
| michael@0 | 416 | ER3(SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK, (SSL_ERROR_BASE + 129), |
| michael@0 | 417 | "The next protocol negotiation extension was enabled, but the callback was cleared prior to being needed.") |
| michael@0 | 418 | |
| michael@0 | 419 | ER3(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL, (SSL_ERROR_BASE + 130), |
| michael@0 | 420 | "The server supports no protocols that the client advertises in the ALPN extension.") |
| michael@0 | 421 | |
| michael@0 | 422 | ER3(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT, (SSL_ERROR_BASE + 131), |
| michael@0 | 423 | "The server rejected the handshake because the client downgraded to a lower " |
| michael@0 | 424 | "TLS version than the server supports.") |
