1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/ssl/SSLerrs.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,424 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +/* SSL-specific security error codes */
1.9 +/* caller must include "sslerr.h" */
1.10 +
1.11 +ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
1.12 +"Unable to communicate securely. Peer does not support high-grade encryption.")
1.13 +
1.14 +ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
1.15 +"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
1.16 +
1.17 +ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
1.18 +"Cannot communicate securely with peer: no common encryption algorithm(s).")
1.19 +
1.20 +ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
1.21 +"Unable to find the certificate or key necessary for authentication.")
1.22 +
1.23 +ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
1.24 +"Unable to communicate securely with peer: peers's certificate was rejected.")
1.25 +
1.26 +ER3(SSL_ERROR_UNUSED_5, SSL_ERROR_BASE + 5,
1.27 +"Unrecognized SSL error code.")
1.28 +
1.29 +ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
1.30 +"The server has encountered bad data from the client.")
1.31 +
1.32 +ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
1.33 +"The client has encountered bad data from the server.")
1.34 +
1.35 +ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
1.36 +"Unsupported certificate type.")
1.37 +
1.38 +ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
1.39 +"Peer using unsupported version of security protocol.")
1.40 +
1.41 +ER3(SSL_ERROR_UNUSED_10, SSL_ERROR_BASE + 10,
1.42 +"Unrecognized SSL error code.")
1.43 +
1.44 +ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
1.45 +"Client authentication failed: private key in key database does not match public key in certificate database.")
1.46 +
1.47 +ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
1.48 +"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
1.49 +
1.50 +ER3(SSL_ERROR_POST_WARNING, SSL_ERROR_BASE + 13,
1.51 +"Unrecognized SSL error code.")
1.52 +
1.53 +ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
1.54 +"Peer only supports SSL version 2, which is locally disabled.")
1.55 +
1.56 +
1.57 +ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
1.58 +"SSL received a record with an incorrect Message Authentication Code.")
1.59 +
1.60 +ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
1.61 +"SSL peer reports incorrect Message Authentication Code.")
1.62 +
1.63 +ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
1.64 +"SSL peer cannot verify your certificate.")
1.65 +
1.66 +ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
1.67 +"SSL peer rejected your certificate as revoked.")
1.68 +
1.69 +ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
1.70 +"SSL peer rejected your certificate as expired.")
1.71 +
1.72 +ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
1.73 +"Cannot connect: SSL is disabled.")
1.74 +
1.75 +ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
1.76 +"Cannot connect: SSL peer is in another FORTEZZA domain.")
1.77 +
1.78 +ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22),
1.79 +"An unknown SSL cipher suite has been requested.")
1.80 +
1.81 +ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23),
1.82 +"No cipher suites are present and enabled in this program.")
1.83 +
1.84 +ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24),
1.85 +"SSL received a record with bad block padding.")
1.86 +
1.87 +ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25),
1.88 +"SSL received a record that exceeded the maximum permissible length.")
1.89 +
1.90 +ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26),
1.91 +"SSL attempted to send a record that exceeded the maximum permissible length.")
1.92 +
1.93 +/*
1.94 + * Received a malformed (too long or short or invalid content) SSL handshake.
1.95 + */
1.96 +ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27),
1.97 +"SSL received a malformed Hello Request handshake message.")
1.98 +
1.99 +ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28),
1.100 +"SSL received a malformed Client Hello handshake message.")
1.101 +
1.102 +ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29),
1.103 +"SSL received a malformed Server Hello handshake message.")
1.104 +
1.105 +ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30),
1.106 +"SSL received a malformed Certificate handshake message.")
1.107 +
1.108 +ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31),
1.109 +"SSL received a malformed Server Key Exchange handshake message.")
1.110 +
1.111 +ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32),
1.112 +"SSL received a malformed Certificate Request handshake message.")
1.113 +
1.114 +ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33),
1.115 +"SSL received a malformed Server Hello Done handshake message.")
1.116 +
1.117 +ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34),
1.118 +"SSL received a malformed Certificate Verify handshake message.")
1.119 +
1.120 +ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35),
1.121 +"SSL received a malformed Client Key Exchange handshake message.")
1.122 +
1.123 +ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36),
1.124 +"SSL received a malformed Finished handshake message.")
1.125 +
1.126 +/*
1.127 + * Received a malformed (too long or short) SSL record.
1.128 + */
1.129 +ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37),
1.130 +"SSL received a malformed Change Cipher Spec record.")
1.131 +
1.132 +ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38),
1.133 +"SSL received a malformed Alert record.")
1.134 +
1.135 +ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39),
1.136 +"SSL received a malformed Handshake record.")
1.137 +
1.138 +ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
1.139 +"SSL received a malformed Application Data record.")
1.140 +
1.141 +/*
1.142 + * Received an SSL handshake that was inappropriate for the state we're in.
1.143 + * E.g. Server received message from server, or wrong state in state machine.
1.144 + */
1.145 +ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41),
1.146 +"SSL received an unexpected Hello Request handshake message.")
1.147 +
1.148 +ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42),
1.149 +"SSL received an unexpected Client Hello handshake message.")
1.150 +
1.151 +ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43),
1.152 +"SSL received an unexpected Server Hello handshake message.")
1.153 +
1.154 +ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44),
1.155 +"SSL received an unexpected Certificate handshake message.")
1.156 +
1.157 +ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
1.158 +"SSL received an unexpected Server Key Exchange handshake message.")
1.159 +
1.160 +ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46),
1.161 +"SSL received an unexpected Certificate Request handshake message.")
1.162 +
1.163 +ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47),
1.164 +"SSL received an unexpected Server Hello Done handshake message.")
1.165 +
1.166 +ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48),
1.167 +"SSL received an unexpected Certificate Verify handshake message.")
1.168 +
1.169 +ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
1.170 +"SSL received an unexpected Client Key Exchange handshake message.")
1.171 +
1.172 +ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50),
1.173 +"SSL received an unexpected Finished handshake message.")
1.174 +
1.175 +/*
1.176 + * Received an SSL record that was inappropriate for the state we're in.
1.177 + */
1.178 +ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51),
1.179 +"SSL received an unexpected Change Cipher Spec record.")
1.180 +
1.181 +ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52),
1.182 +"SSL received an unexpected Alert record.")
1.183 +
1.184 +ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53),
1.185 +"SSL received an unexpected Handshake record.")
1.186 +
1.187 +ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
1.188 +"SSL received an unexpected Application Data record.")
1.189 +
1.190 +/*
1.191 + * Received record/message with unknown discriminant.
1.192 + */
1.193 +ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55),
1.194 +"SSL received a record with an unknown content type.")
1.195 +
1.196 +ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56),
1.197 +"SSL received a handshake message with an unknown message type.")
1.198 +
1.199 +ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57),
1.200 +"SSL received an alert record with an unknown alert description.")
1.201 +
1.202 +/*
1.203 + * Received an alert reporting what we did wrong. (more alerts above)
1.204 + */
1.205 +ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58),
1.206 +"SSL peer has closed this connection.")
1.207 +
1.208 +ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59),
1.209 +"SSL peer was not expecting a handshake message it received.")
1.210 +
1.211 +ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60),
1.212 +"SSL peer was unable to successfully decompress an SSL record it received.")
1.213 +
1.214 +ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61),
1.215 +"SSL peer was unable to negotiate an acceptable set of security parameters.")
1.216 +
1.217 +ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62),
1.218 +"SSL peer rejected a handshake message for unacceptable content.")
1.219 +
1.220 +ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63),
1.221 +"SSL peer does not support certificates of the type it received.")
1.222 +
1.223 +ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64),
1.224 +"SSL peer had some unspecified issue with the certificate it received.")
1.225 +
1.226 +
1.227 +ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65),
1.228 +"SSL experienced a failure of its random number generator.")
1.229 +
1.230 +ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66),
1.231 +"Unable to digitally sign data required to verify your certificate.")
1.232 +
1.233 +ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67),
1.234 +"SSL was unable to extract the public key from the peer's certificate.")
1.235 +
1.236 +ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68),
1.237 +"Unspecified failure while processing SSL Server Key Exchange handshake.")
1.238 +
1.239 +ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69),
1.240 +"Unspecified failure while processing SSL Client Key Exchange handshake.")
1.241 +
1.242 +ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70),
1.243 +"Bulk data encryption algorithm failed in selected cipher suite.")
1.244 +
1.245 +ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71),
1.246 +"Bulk data decryption algorithm failed in selected cipher suite.")
1.247 +
1.248 +ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72),
1.249 +"Attempt to write encrypted data to underlying socket failed.")
1.250 +
1.251 +ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73),
1.252 +"MD5 digest function failed.")
1.253 +
1.254 +ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74),
1.255 +"SHA-1 digest function failed.")
1.256 +
1.257 +ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75),
1.258 +"MAC computation failed.")
1.259 +
1.260 +ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76),
1.261 +"Failure to create Symmetric Key context.")
1.262 +
1.263 +ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77),
1.264 +"Failure to unwrap the Symmetric key in Client Key Exchange message.")
1.265 +
1.266 +ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78),
1.267 +"SSL Server attempted to use domestic-grade public key with export cipher suite.")
1.268 +
1.269 +ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79),
1.270 +"PKCS11 code failed to translate an IV into a param.")
1.271 +
1.272 +ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80),
1.273 +"Failed to initialize the selected cipher suite.")
1.274 +
1.275 +ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81),
1.276 +"Client failed to generate session keys for SSL session.")
1.277 +
1.278 +ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82),
1.279 +"Server has no key for the attempted key exchange algorithm.")
1.280 +
1.281 +ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83),
1.282 +"PKCS#11 token was inserted or removed while operation was in progress.")
1.283 +
1.284 +ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84),
1.285 +"No PKCS#11 token could be found to do a required operation.")
1.286 +
1.287 +ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85),
1.288 +"Cannot communicate securely with peer: no common compression algorithm(s).")
1.289 +
1.290 +ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86),
1.291 +"Cannot perform the operation until the handshake is complete.")
1.292 +
1.293 +ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87),
1.294 +"Received incorrect handshakes hash values from peer.")
1.295 +
1.296 +ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88),
1.297 +"The certificate provided cannot be used with the selected key exchange algorithm.")
1.298 +
1.299 +ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89),
1.300 +"No certificate authority is trusted for SSL client authentication.")
1.301 +
1.302 +ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90),
1.303 +"Client's SSL session ID not found in server's session cache.")
1.304 +
1.305 +ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91),
1.306 +"Peer was unable to decrypt an SSL record it received.")
1.307 +
1.308 +ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92),
1.309 +"Peer received an SSL record that was longer than is permitted.")
1.310 +
1.311 +ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93),
1.312 +"Peer does not recognize and trust the CA that issued your certificate.")
1.313 +
1.314 +ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94),
1.315 +"Peer received a valid certificate, but access was denied.")
1.316 +
1.317 +ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95),
1.318 +"Peer could not decode an SSL handshake message.")
1.319 +
1.320 +ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96),
1.321 +"Peer reports failure of signature verification or key exchange.")
1.322 +
1.323 +ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97),
1.324 +"Peer reports negotiation not in compliance with export regulations.")
1.325 +
1.326 +ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98),
1.327 +"Peer reports incompatible or unsupported protocol version.")
1.328 +
1.329 +ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
1.330 +"Server requires ciphers more secure than those supported by client.")
1.331 +
1.332 +ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100),
1.333 +"Peer reports it experienced an internal error.")
1.334 +
1.335 +ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101),
1.336 +"Peer user canceled handshake.")
1.337 +
1.338 +ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102),
1.339 +"Peer does not permit renegotiation of SSL security parameters.")
1.340 +
1.341 +ER3(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED , (SSL_ERROR_BASE + 103),
1.342 +"SSL server cache not configured and not disabled for this socket.")
1.343 +
1.344 +ER3(SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT , (SSL_ERROR_BASE + 104),
1.345 +"SSL peer does not support requested TLS hello extension.")
1.346 +
1.347 +ER3(SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT , (SSL_ERROR_BASE + 105),
1.348 +"SSL peer could not obtain your certificate from the supplied URL.")
1.349 +
1.350 +ER3(SSL_ERROR_UNRECOGNIZED_NAME_ALERT , (SSL_ERROR_BASE + 106),
1.351 +"SSL peer has no certificate for the requested DNS name.")
1.352 +
1.353 +ER3(SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT , (SSL_ERROR_BASE + 107),
1.354 +"SSL peer was unable to get an OCSP response for its certificate.")
1.355 +
1.356 +ER3(SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT , (SSL_ERROR_BASE + 108),
1.357 +"SSL peer reported bad certificate hash value.")
1.358 +
1.359 +ER3(SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET, (SSL_ERROR_BASE + 109),
1.360 +"SSL received an unexpected New Session Ticket handshake message.")
1.361 +
1.362 +ER3(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET, (SSL_ERROR_BASE + 110),
1.363 +"SSL received a malformed New Session Ticket handshake message.")
1.364 +
1.365 +ER3(SSL_ERROR_DECOMPRESSION_FAILURE, (SSL_ERROR_BASE + 111),
1.366 +"SSL received a compressed record that could not be decompressed.")
1.367 +
1.368 +ER3(SSL_ERROR_RENEGOTIATION_NOT_ALLOWED, (SSL_ERROR_BASE + 112),
1.369 +"Renegotiation is not allowed on this SSL socket.")
1.370 +
1.371 +ER3(SSL_ERROR_UNSAFE_NEGOTIATION, (SSL_ERROR_BASE + 113),
1.372 +"Peer attempted old style (potentially vulnerable) handshake.")
1.373 +
1.374 +ER3(SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD, (SSL_ERROR_BASE + 114),
1.375 +"SSL received an unexpected uncompressed record.")
1.376 +
1.377 +ER3(SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY, (SSL_ERROR_BASE + 115),
1.378 +"SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.")
1.379 +
1.380 +ER3(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID, (SSL_ERROR_BASE + 116),
1.381 +"SSL received invalid NPN extension data.")
1.382 +
1.383 +ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2, (SSL_ERROR_BASE + 117),
1.384 +"SSL feature not supported for SSL 2.0 connections.")
1.385 +
1.386 +ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS, (SSL_ERROR_BASE + 118),
1.387 +"SSL feature not supported for servers.")
1.388 +
1.389 +ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIENTS, (SSL_ERROR_BASE + 119),
1.390 +"SSL feature not supported for clients.")
1.391 +
1.392 +ER3(SSL_ERROR_INVALID_VERSION_RANGE, (SSL_ERROR_BASE + 120),
1.393 +"SSL version range is not valid.")
1.394 +
1.395 +ER3(SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION, (SSL_ERROR_BASE + 121),
1.396 +"SSL peer selected a cipher suite disallowed for the selected protocol version.")
1.397 +
1.398 +ER3(SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST, (SSL_ERROR_BASE + 122),
1.399 +"SSL received a malformed Hello Verify Request handshake message.")
1.400 +
1.401 +ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST, (SSL_ERROR_BASE + 123),
1.402 +"SSL received an unexpected Hello Verify Request handshake message.")
1.403 +
1.404 +ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION, (SSL_ERROR_BASE + 124),
1.405 +"SSL feature not supported for the protocol version.")
1.406 +
1.407 +ER3(SSL_ERROR_RX_UNEXPECTED_CERT_STATUS, (SSL_ERROR_BASE + 125),
1.408 +"SSL received an unexpected Certificate Status handshake message.")
1.409 +
1.410 +ER3(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM, (SSL_ERROR_BASE + 126),
1.411 +"Unsupported hash algorithm used by TLS peer.")
1.412 +
1.413 +ER3(SSL_ERROR_DIGEST_FAILURE, (SSL_ERROR_BASE + 127),
1.414 +"Digest function failed.")
1.415 +
1.416 +ER3(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM, (SSL_ERROR_BASE + 128),
1.417 +"Incorrect signature algorithm specified in a digitally-signed element.")
1.418 +
1.419 +ER3(SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK, (SSL_ERROR_BASE + 129),
1.420 +"The next protocol negotiation extension was enabled, but the callback was cleared prior to being needed.")
1.421 +
1.422 +ER3(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL, (SSL_ERROR_BASE + 130),
1.423 +"The server supports no protocols that the client advertises in the ALPN extension.")
1.424 +
1.425 +ER3(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT, (SSL_ERROR_BASE + 131),
1.426 +"The server rejected the handshake because the client downgraded to a lower "
1.427 +"TLS version than the server supports.")
