The Tor Browser / annotate

security/nss/lib/ssl/sslerr.h@b8a032363ba2 (annotated)

security/nss/lib/ssl/sslerr.h

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 /*
michael@0 2 * Enumeration of all SSL-specific error codes.
michael@0 3 *
michael@0 4 * This Source Code Form is subject to the terms of the Mozilla Public
michael@0 5 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 7 #ifndef __SSL_ERR_H_
michael@0 8 #define __SSL_ERR_H_
michael@0 9
michael@0 10
michael@0 11 #define SSL_ERROR_BASE (-0x3000)
michael@0 12 #define SSL_ERROR_LIMIT (SSL_ERROR_BASE + 1000)
michael@0 13
michael@0 14 #define IS_SSL_ERROR(code) \
michael@0 15 (((code) >= SSL_ERROR_BASE) && ((code) < SSL_ERROR_LIMIT))
michael@0 16
michael@0 17 #ifndef NO_SECURITY_ERROR_ENUM
michael@0 18 typedef enum {
michael@0 19 SSL_ERROR_EXPORT_ONLY_SERVER = (SSL_ERROR_BASE + 0),
michael@0 20 SSL_ERROR_US_ONLY_SERVER = (SSL_ERROR_BASE + 1),
michael@0 21 SSL_ERROR_NO_CYPHER_OVERLAP = (SSL_ERROR_BASE + 2),
michael@0 22 /*
michael@0 23 * Received an alert reporting what we did wrong. (more alerts below)
michael@0 24 */
michael@0 25 SSL_ERROR_NO_CERTIFICATE /*_ALERT */ = (SSL_ERROR_BASE + 3),
michael@0 26 SSL_ERROR_BAD_CERTIFICATE = (SSL_ERROR_BASE + 4),
michael@0 27 SSL_ERROR_UNUSED_5 = (SSL_ERROR_BASE + 5),
michael@0 28 /* error 5 is obsolete */
michael@0 29 SSL_ERROR_BAD_CLIENT = (SSL_ERROR_BASE + 6),
michael@0 30 SSL_ERROR_BAD_SERVER = (SSL_ERROR_BASE + 7),
michael@0 31 SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE = (SSL_ERROR_BASE + 8),
michael@0 32 SSL_ERROR_UNSUPPORTED_VERSION = (SSL_ERROR_BASE + 9),
michael@0 33 SSL_ERROR_UNUSED_10 = (SSL_ERROR_BASE + 10),
michael@0 34 /* error 10 is obsolete */
michael@0 35 SSL_ERROR_WRONG_CERTIFICATE = (SSL_ERROR_BASE + 11),
michael@0 36 SSL_ERROR_BAD_CERT_DOMAIN = (SSL_ERROR_BASE + 12),
michael@0 37 SSL_ERROR_POST_WARNING = (SSL_ERROR_BASE + 13),
michael@0 38 SSL_ERROR_SSL2_DISABLED = (SSL_ERROR_BASE + 14),
michael@0 39 SSL_ERROR_BAD_MAC_READ = (SSL_ERROR_BASE + 15),
michael@0 40 /*
michael@0 41 * Received an alert reporting what we did wrong.
michael@0 42 * (two more alerts above, and many more below)
michael@0 43 */
michael@0 44 SSL_ERROR_BAD_MAC_ALERT = (SSL_ERROR_BASE + 16),
michael@0 45 SSL_ERROR_BAD_CERT_ALERT = (SSL_ERROR_BASE + 17),
michael@0 46 SSL_ERROR_REVOKED_CERT_ALERT = (SSL_ERROR_BASE + 18),
michael@0 47 SSL_ERROR_EXPIRED_CERT_ALERT = (SSL_ERROR_BASE + 19),
michael@0 48
michael@0 49 SSL_ERROR_SSL_DISABLED = (SSL_ERROR_BASE + 20),
michael@0 50 SSL_ERROR_FORTEZZA_PQG = (SSL_ERROR_BASE + 21),
michael@0 51 SSL_ERROR_UNKNOWN_CIPHER_SUITE = (SSL_ERROR_BASE + 22),
michael@0 52 SSL_ERROR_NO_CIPHERS_SUPPORTED = (SSL_ERROR_BASE + 23),
michael@0 53 SSL_ERROR_BAD_BLOCK_PADDING = (SSL_ERROR_BASE + 24),
michael@0 54 SSL_ERROR_RX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 25),
michael@0 55 SSL_ERROR_TX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 26),
michael@0 56 /*
michael@0 57 * Received a malformed (too long or short) SSL handshake.
michael@0 58 */
michael@0 59 SSL_ERROR_RX_MALFORMED_HELLO_REQUEST = (SSL_ERROR_BASE + 27),
michael@0 60 SSL_ERROR_RX_MALFORMED_CLIENT_HELLO = (SSL_ERROR_BASE + 28),
michael@0 61 SSL_ERROR_RX_MALFORMED_SERVER_HELLO = (SSL_ERROR_BASE + 29),
michael@0 62 SSL_ERROR_RX_MALFORMED_CERTIFICATE = (SSL_ERROR_BASE + 30),
michael@0 63 SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 31),
michael@0 64 SSL_ERROR_RX_MALFORMED_CERT_REQUEST = (SSL_ERROR_BASE + 32),
michael@0 65 SSL_ERROR_RX_MALFORMED_HELLO_DONE = (SSL_ERROR_BASE + 33),
michael@0 66 SSL_ERROR_RX_MALFORMED_CERT_VERIFY = (SSL_ERROR_BASE + 34),
michael@0 67 SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 35),
michael@0 68 SSL_ERROR_RX_MALFORMED_FINISHED = (SSL_ERROR_BASE + 36),
michael@0 69 /*
michael@0 70 * Received a malformed (too long or short) SSL record.
michael@0 71 */
michael@0 72 SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER = (SSL_ERROR_BASE + 37),
michael@0 73 SSL_ERROR_RX_MALFORMED_ALERT = (SSL_ERROR_BASE + 38),
michael@0 74 SSL_ERROR_RX_MALFORMED_HANDSHAKE = (SSL_ERROR_BASE + 39),
michael@0 75 SSL_ERROR_RX_MALFORMED_APPLICATION_DATA = (SSL_ERROR_BASE + 40),
michael@0 76 /*
michael@0 77 * Received an SSL handshake that was inappropriate for the state we're in.
michael@0 78 * E.g. Server received message from server, or wrong state in state machine.
michael@0 79 */
michael@0 80 SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST = (SSL_ERROR_BASE + 41),
michael@0 81 SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO = (SSL_ERROR_BASE + 42),
michael@0 82 SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO = (SSL_ERROR_BASE + 43),
michael@0 83 SSL_ERROR_RX_UNEXPECTED_CERTIFICATE = (SSL_ERROR_BASE + 44),
michael@0 84 SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 45),
michael@0 85 SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST = (SSL_ERROR_BASE + 46),
michael@0 86 SSL_ERROR_RX_UNEXPECTED_HELLO_DONE = (SSL_ERROR_BASE + 47),
michael@0 87 SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY = (SSL_ERROR_BASE + 48),
michael@0 88 SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 49),
michael@0 89 SSL_ERROR_RX_UNEXPECTED_FINISHED = (SSL_ERROR_BASE + 50),
michael@0 90 /*
michael@0 91 * Received an SSL record that was inappropriate for the state we're in.
michael@0 92 */
michael@0 93 SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER = (SSL_ERROR_BASE + 51),
michael@0 94 SSL_ERROR_RX_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 52),
michael@0 95 SSL_ERROR_RX_UNEXPECTED_HANDSHAKE = (SSL_ERROR_BASE + 53),
michael@0 96 SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA = (SSL_ERROR_BASE + 54),
michael@0 97 /*
michael@0 98 * Received record/message with unknown discriminant.
michael@0 99 */
michael@0 100 SSL_ERROR_RX_UNKNOWN_RECORD_TYPE = (SSL_ERROR_BASE + 55),
michael@0 101 SSL_ERROR_RX_UNKNOWN_HANDSHAKE = (SSL_ERROR_BASE + 56),
michael@0 102 SSL_ERROR_RX_UNKNOWN_ALERT = (SSL_ERROR_BASE + 57),
michael@0 103 /*
michael@0 104 * Received an alert reporting what we did wrong. (more alerts above)
michael@0 105 */
michael@0 106 SSL_ERROR_CLOSE_NOTIFY_ALERT = (SSL_ERROR_BASE + 58),
michael@0 107 SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 59),
michael@0 108 SSL_ERROR_DECOMPRESSION_FAILURE_ALERT = (SSL_ERROR_BASE + 60),
michael@0 109 SSL_ERROR_HANDSHAKE_FAILURE_ALERT = (SSL_ERROR_BASE + 61),
michael@0 110 SSL_ERROR_ILLEGAL_PARAMETER_ALERT = (SSL_ERROR_BASE + 62),
michael@0 111 SSL_ERROR_UNSUPPORTED_CERT_ALERT = (SSL_ERROR_BASE + 63),
michael@0 112 SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT = (SSL_ERROR_BASE + 64),
michael@0 113
michael@0 114 SSL_ERROR_GENERATE_RANDOM_FAILURE = (SSL_ERROR_BASE + 65),
michael@0 115 SSL_ERROR_SIGN_HASHES_FAILURE = (SSL_ERROR_BASE + 66),
michael@0 116 SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE = (SSL_ERROR_BASE + 67),
michael@0 117 SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 68),
michael@0 118 SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 69),
michael@0 119
michael@0 120 SSL_ERROR_ENCRYPTION_FAILURE = (SSL_ERROR_BASE + 70),
michael@0 121 SSL_ERROR_DECRYPTION_FAILURE = (SSL_ERROR_BASE + 71), /* don't use */
michael@0 122 SSL_ERROR_SOCKET_WRITE_FAILURE = (SSL_ERROR_BASE + 72),
michael@0 123
michael@0 124 SSL_ERROR_MD5_DIGEST_FAILURE = (SSL_ERROR_BASE + 73),
michael@0 125 SSL_ERROR_SHA_DIGEST_FAILURE = (SSL_ERROR_BASE + 74),
michael@0 126 SSL_ERROR_MAC_COMPUTATION_FAILURE = (SSL_ERROR_BASE + 75),
michael@0 127 SSL_ERROR_SYM_KEY_CONTEXT_FAILURE = (SSL_ERROR_BASE + 76),
michael@0 128 SSL_ERROR_SYM_KEY_UNWRAP_FAILURE = (SSL_ERROR_BASE + 77),
michael@0 129 SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED = (SSL_ERROR_BASE + 78),
michael@0 130 SSL_ERROR_IV_PARAM_FAILURE = (SSL_ERROR_BASE + 79),
michael@0 131 SSL_ERROR_INIT_CIPHER_SUITE_FAILURE = (SSL_ERROR_BASE + 80),
michael@0 132 SSL_ERROR_SESSION_KEY_GEN_FAILURE = (SSL_ERROR_BASE + 81),
michael@0 133 SSL_ERROR_NO_SERVER_KEY_FOR_ALG = (SSL_ERROR_BASE + 82),
michael@0 134 SSL_ERROR_TOKEN_INSERTION_REMOVAL = (SSL_ERROR_BASE + 83),
michael@0 135 SSL_ERROR_TOKEN_SLOT_NOT_FOUND = (SSL_ERROR_BASE + 84),
michael@0 136 SSL_ERROR_NO_COMPRESSION_OVERLAP = (SSL_ERROR_BASE + 85),
michael@0 137 SSL_ERROR_HANDSHAKE_NOT_COMPLETED = (SSL_ERROR_BASE + 86),
michael@0 138 SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE = (SSL_ERROR_BASE + 87),
michael@0 139 SSL_ERROR_CERT_KEA_MISMATCH = (SSL_ERROR_BASE + 88),
michael@0 140 /* SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA became obsolete in NSS 3.14. */
michael@0 141 SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA = (SSL_ERROR_BASE + 89),
michael@0 142 SSL_ERROR_SESSION_NOT_FOUND = (SSL_ERROR_BASE + 90),
michael@0 143
michael@0 144 SSL_ERROR_DECRYPTION_FAILED_ALERT = (SSL_ERROR_BASE + 91),
michael@0 145 SSL_ERROR_RECORD_OVERFLOW_ALERT = (SSL_ERROR_BASE + 92),
michael@0 146 SSL_ERROR_UNKNOWN_CA_ALERT = (SSL_ERROR_BASE + 93),
michael@0 147 SSL_ERROR_ACCESS_DENIED_ALERT = (SSL_ERROR_BASE + 94),
michael@0 148 SSL_ERROR_DECODE_ERROR_ALERT = (SSL_ERROR_BASE + 95),
michael@0 149 SSL_ERROR_DECRYPT_ERROR_ALERT = (SSL_ERROR_BASE + 96),
michael@0 150 SSL_ERROR_EXPORT_RESTRICTION_ALERT = (SSL_ERROR_BASE + 97),
michael@0 151 SSL_ERROR_PROTOCOL_VERSION_ALERT = (SSL_ERROR_BASE + 98),
michael@0 152 SSL_ERROR_INSUFFICIENT_SECURITY_ALERT = (SSL_ERROR_BASE + 99),
michael@0 153 SSL_ERROR_INTERNAL_ERROR_ALERT = (SSL_ERROR_BASE + 100),
michael@0 154 SSL_ERROR_USER_CANCELED_ALERT = (SSL_ERROR_BASE + 101),
michael@0 155 SSL_ERROR_NO_RENEGOTIATION_ALERT = (SSL_ERROR_BASE + 102),
michael@0 156
michael@0 157 SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED = (SSL_ERROR_BASE + 103),
michael@0 158
michael@0 159 SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT = (SSL_ERROR_BASE + 104),
michael@0 160 SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT = (SSL_ERROR_BASE + 105),
michael@0 161 SSL_ERROR_UNRECOGNIZED_NAME_ALERT = (SSL_ERROR_BASE + 106),
michael@0 162 SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT = (SSL_ERROR_BASE + 107),
michael@0 163 SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT = (SSL_ERROR_BASE + 108),
michael@0 164
michael@0 165 SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET = (SSL_ERROR_BASE + 109),
michael@0 166 SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET = (SSL_ERROR_BASE + 110),
michael@0 167
michael@0 168 SSL_ERROR_DECOMPRESSION_FAILURE = (SSL_ERROR_BASE + 111),
michael@0 169 SSL_ERROR_RENEGOTIATION_NOT_ALLOWED = (SSL_ERROR_BASE + 112),
michael@0 170 SSL_ERROR_UNSAFE_NEGOTIATION = (SSL_ERROR_BASE + 113),
michael@0 171
michael@0 172 SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD = (SSL_ERROR_BASE + 114),
michael@0 173
michael@0 174 SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY = (SSL_ERROR_BASE + 115),
michael@0 175
michael@0 176 SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID = (SSL_ERROR_BASE + 116),
michael@0 177
michael@0 178 SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2 = (SSL_ERROR_BASE + 117),
michael@0 179 SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS = (SSL_ERROR_BASE + 118),
michael@0 180 SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIENTS = (SSL_ERROR_BASE + 119),
michael@0 181
michael@0 182 SSL_ERROR_INVALID_VERSION_RANGE = (SSL_ERROR_BASE + 120),
michael@0 183 SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION = (SSL_ERROR_BASE + 121),
michael@0 184
michael@0 185 SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST = (SSL_ERROR_BASE + 122),
michael@0 186 SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST = (SSL_ERROR_BASE + 123),
michael@0 187
michael@0 188 SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION = (SSL_ERROR_BASE + 124),
michael@0 189
michael@0 190 SSL_ERROR_RX_UNEXPECTED_CERT_STATUS = (SSL_ERROR_BASE + 125),
michael@0 191
michael@0 192 SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM = (SSL_ERROR_BASE + 126),
michael@0 193 SSL_ERROR_DIGEST_FAILURE = (SSL_ERROR_BASE + 127),
michael@0 194 SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM = (SSL_ERROR_BASE + 128),
michael@0 195
michael@0 196 SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK = (SSL_ERROR_BASE + 129),
michael@0 197 SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL = (SSL_ERROR_BASE + 130),
michael@0 198
michael@0 199 SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT = (SSL_ERROR_BASE + 131),
michael@0 200
michael@0 201 SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */
michael@0 202 } SSLErrorCodes;
michael@0 203 #endif /* NO_SECURITY_ERROR_ENUM */
michael@0 204
michael@0 205 #endif /* __SSL_ERR_H_ */

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial