1 /* ssl/ssl_stat.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright 2005 Nokia. All rights reserved. 60 * 61 * The portions of the attached software ("Contribution") is developed by 62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 63 * license. 64 * 65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 67 * support (see RFC 4279) to OpenSSL. 68 * 69 * No patent licenses or other rights except those expressly stated in 70 * the OpenSSL open source license shall be deemed granted or received 71 * expressly, by implication, estoppel, or otherwise. 72 * 73 * No assurances are provided by Nokia that the Contribution does not 74 * infringe the patent or other intellectual property rights of any third 75 * party or that the license provides you with all the necessary rights 76 * to make use of the Contribution. 77 * 78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 82 * OTHERWISE. 83 */ 84 85 #include <stdio.h> 86 #include "ssl_locl.h" 87 88 const char *SSL_state_string_long(const SSL *s) 89 { 90 const char *str; 91 92 switch (s->state) { 93 case SSL_ST_BEFORE: 94 str = "before SSL initialization"; 95 break; 96 case SSL_ST_ACCEPT: 97 str = "before accept initialization"; 98 break; 99 case SSL_ST_CONNECT: 100 str = "before connect initialization"; 101 break; 102 case SSL_ST_OK: 103 str = "SSL negotiation finished successfully"; 104 break; 105 case SSL_ST_RENEGOTIATE: 106 str = "SSL renegotiate ciphers"; 107 break; 108 case SSL_ST_BEFORE | SSL_ST_CONNECT: 109 str = "before/connect initialization"; 110 break; 111 case SSL_ST_OK | SSL_ST_CONNECT: 112 str = "ok/connect SSL initialization"; 113 break; 114 case SSL_ST_BEFORE | SSL_ST_ACCEPT: 115 str = "before/accept initialization"; 116 break; 117 case SSL_ST_OK | SSL_ST_ACCEPT: 118 str = "ok/accept SSL initialization"; 119 break; 120 #ifndef OPENSSL_NO_SSL2 121 case SSL2_ST_CLIENT_START_ENCRYPTION: 122 str = "SSLv2 client start encryption"; 123 break; 124 case SSL2_ST_SERVER_START_ENCRYPTION: 125 str = "SSLv2 server start encryption"; 126 break; 127 case SSL2_ST_SEND_CLIENT_HELLO_A: 128 str = "SSLv2 write client hello A"; 129 break; 130 case SSL2_ST_SEND_CLIENT_HELLO_B: 131 str = "SSLv2 write client hello B"; 132 break; 133 case SSL2_ST_GET_SERVER_HELLO_A: 134 str = "SSLv2 read server hello A"; 135 break; 136 case SSL2_ST_GET_SERVER_HELLO_B: 137 str = "SSLv2 read server hello B"; 138 break; 139 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: 140 str = "SSLv2 write client master key A"; 141 break; 142 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: 143 str = "SSLv2 write client master key B"; 144 break; 145 case SSL2_ST_SEND_CLIENT_FINISHED_A: 146 str = "SSLv2 write client finished A"; 147 break; 148 case SSL2_ST_SEND_CLIENT_FINISHED_B: 149 str = "SSLv2 write client finished B"; 150 break; 151 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: 152 str = "SSLv2 write client certificate A"; 153 break; 154 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: 155 str = "SSLv2 write client certificate B"; 156 break; 157 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: 158 str = "SSLv2 write client certificate C"; 159 break; 160 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: 161 str = "SSLv2 write client certificate D"; 162 break; 163 case SSL2_ST_GET_SERVER_VERIFY_A: 164 str = "SSLv2 read server verify A"; 165 break; 166 case SSL2_ST_GET_SERVER_VERIFY_B: 167 str = "SSLv2 read server verify B"; 168 break; 169 case SSL2_ST_GET_SERVER_FINISHED_A: 170 str = "SSLv2 read server finished A"; 171 break; 172 case SSL2_ST_GET_SERVER_FINISHED_B: 173 str = "SSLv2 read server finished B"; 174 break; 175 case SSL2_ST_GET_CLIENT_HELLO_A: 176 str = "SSLv2 read client hello A"; 177 break; 178 case SSL2_ST_GET_CLIENT_HELLO_B: 179 str = "SSLv2 read client hello B"; 180 break; 181 case SSL2_ST_GET_CLIENT_HELLO_C: 182 str = "SSLv2 read client hello C"; 183 break; 184 case SSL2_ST_SEND_SERVER_HELLO_A: 185 str = "SSLv2 write server hello A"; 186 break; 187 case SSL2_ST_SEND_SERVER_HELLO_B: 188 str = "SSLv2 write server hello B"; 189 break; 190 case SSL2_ST_GET_CLIENT_MASTER_KEY_A: 191 str = "SSLv2 read client master key A"; 192 break; 193 case SSL2_ST_GET_CLIENT_MASTER_KEY_B: 194 str = "SSLv2 read client master key B"; 195 break; 196 case SSL2_ST_SEND_SERVER_VERIFY_A: 197 str = "SSLv2 write server verify A"; 198 break; 199 case SSL2_ST_SEND_SERVER_VERIFY_B: 200 str = "SSLv2 write server verify B"; 201 break; 202 case SSL2_ST_SEND_SERVER_VERIFY_C: 203 str = "SSLv2 write server verify C"; 204 break; 205 case SSL2_ST_GET_CLIENT_FINISHED_A: 206 str = "SSLv2 read client finished A"; 207 break; 208 case SSL2_ST_GET_CLIENT_FINISHED_B: 209 str = "SSLv2 read client finished B"; 210 break; 211 case SSL2_ST_SEND_SERVER_FINISHED_A: 212 str = "SSLv2 write server finished A"; 213 break; 214 case SSL2_ST_SEND_SERVER_FINISHED_B: 215 str = "SSLv2 write server finished B"; 216 break; 217 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: 218 str = "SSLv2 write request certificate A"; 219 break; 220 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: 221 str = "SSLv2 write request certificate B"; 222 break; 223 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: 224 str = "SSLv2 write request certificate C"; 225 break; 226 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: 227 str = "SSLv2 write request certificate D"; 228 break; 229 case SSL2_ST_X509_GET_SERVER_CERTIFICATE: 230 str = "SSLv2 X509 read server certificate"; 231 break; 232 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: 233 str = "SSLv2 X509 read client certificate"; 234 break; 235 #endif 236 237 #ifndef OPENSSL_NO_SSL3 238 /* SSLv3 additions */ 239 case SSL3_ST_CW_CLNT_HELLO_A: 240 str = "SSLv3 write client hello A"; 241 break; 242 case SSL3_ST_CW_CLNT_HELLO_B: 243 str = "SSLv3 write client hello B"; 244 break; 245 case SSL3_ST_CR_SRVR_HELLO_A: 246 str = "SSLv3 read server hello A"; 247 break; 248 case SSL3_ST_CR_SRVR_HELLO_B: 249 str = "SSLv3 read server hello B"; 250 break; 251 case SSL3_ST_CR_CERT_A: 252 str = "SSLv3 read server certificate A"; 253 break; 254 case SSL3_ST_CR_CERT_B: 255 str = "SSLv3 read server certificate B"; 256 break; 257 case SSL3_ST_CR_KEY_EXCH_A: 258 str = "SSLv3 read server key exchange A"; 259 break; 260 case SSL3_ST_CR_KEY_EXCH_B: 261 str = "SSLv3 read server key exchange B"; 262 break; 263 case SSL3_ST_CR_CERT_REQ_A: 264 str = "SSLv3 read server certificate request A"; 265 break; 266 case SSL3_ST_CR_CERT_REQ_B: 267 str = "SSLv3 read server certificate request B"; 268 break; 269 case SSL3_ST_CR_SESSION_TICKET_A: 270 str = "SSLv3 read server session ticket A"; 271 break; 272 case SSL3_ST_CR_SESSION_TICKET_B: 273 str = "SSLv3 read server session ticket B"; 274 break; 275 case SSL3_ST_CR_SRVR_DONE_A: 276 str = "SSLv3 read server done A"; 277 break; 278 case SSL3_ST_CR_SRVR_DONE_B: 279 str = "SSLv3 read server done B"; 280 break; 281 case SSL3_ST_CW_CERT_A: 282 str = "SSLv3 write client certificate A"; 283 break; 284 case SSL3_ST_CW_CERT_B: 285 str = "SSLv3 write client certificate B"; 286 break; 287 case SSL3_ST_CW_CERT_C: 288 str = "SSLv3 write client certificate C"; 289 break; 290 case SSL3_ST_CW_CERT_D: 291 str = "SSLv3 write client certificate D"; 292 break; 293 case SSL3_ST_CW_KEY_EXCH_A: 294 str = "SSLv3 write client key exchange A"; 295 break; 296 case SSL3_ST_CW_KEY_EXCH_B: 297 str = "SSLv3 write client key exchange B"; 298 break; 299 case SSL3_ST_CW_CERT_VRFY_A: 300 str = "SSLv3 write certificate verify A"; 301 break; 302 case SSL3_ST_CW_CERT_VRFY_B: 303 str = "SSLv3 write certificate verify B"; 304 break; 305 306 case SSL3_ST_CW_CHANGE_A: 307 case SSL3_ST_SW_CHANGE_A: 308 str = "SSLv3 write change cipher spec A"; 309 break; 310 case SSL3_ST_CW_CHANGE_B: 311 case SSL3_ST_SW_CHANGE_B: 312 str = "SSLv3 write change cipher spec B"; 313 break; 314 case SSL3_ST_CW_FINISHED_A: 315 case SSL3_ST_SW_FINISHED_A: 316 str = "SSLv3 write finished A"; 317 break; 318 case SSL3_ST_CW_FINISHED_B: 319 case SSL3_ST_SW_FINISHED_B: 320 str = "SSLv3 write finished B"; 321 break; 322 case SSL3_ST_CR_CHANGE_A: 323 case SSL3_ST_SR_CHANGE_A: 324 str = "SSLv3 read change cipher spec A"; 325 break; 326 case SSL3_ST_CR_CHANGE_B: 327 case SSL3_ST_SR_CHANGE_B: 328 str = "SSLv3 read change cipher spec B"; 329 break; 330 case SSL3_ST_CR_FINISHED_A: 331 case SSL3_ST_SR_FINISHED_A: 332 str = "SSLv3 read finished A"; 333 break; 334 case SSL3_ST_CR_FINISHED_B: 335 case SSL3_ST_SR_FINISHED_B: 336 str = "SSLv3 read finished B"; 337 break; 338 339 case SSL3_ST_CW_FLUSH: 340 case SSL3_ST_SW_FLUSH: 341 str = "SSLv3 flush data"; 342 break; 343 344 case SSL3_ST_SR_CLNT_HELLO_A: 345 str = "SSLv3 read client hello A"; 346 break; 347 case SSL3_ST_SR_CLNT_HELLO_B: 348 str = "SSLv3 read client hello B"; 349 break; 350 case SSL3_ST_SR_CLNT_HELLO_C: 351 str = "SSLv3 read client hello C"; 352 break; 353 case SSL3_ST_SW_HELLO_REQ_A: 354 str = "SSLv3 write hello request A"; 355 break; 356 case SSL3_ST_SW_HELLO_REQ_B: 357 str = "SSLv3 write hello request B"; 358 break; 359 case SSL3_ST_SW_HELLO_REQ_C: 360 str = "SSLv3 write hello request C"; 361 break; 362 case SSL3_ST_SW_SRVR_HELLO_A: 363 str = "SSLv3 write server hello A"; 364 break; 365 case SSL3_ST_SW_SRVR_HELLO_B: 366 str = "SSLv3 write server hello B"; 367 break; 368 case SSL3_ST_SW_CERT_A: 369 str = "SSLv3 write certificate A"; 370 break; 371 case SSL3_ST_SW_CERT_B: 372 str = "SSLv3 write certificate B"; 373 break; 374 case SSL3_ST_SW_KEY_EXCH_A: 375 str = "SSLv3 write key exchange A"; 376 break; 377 case SSL3_ST_SW_KEY_EXCH_B: 378 str = "SSLv3 write key exchange B"; 379 break; 380 case SSL3_ST_SW_CERT_REQ_A: 381 str = "SSLv3 write certificate request A"; 382 break; 383 case SSL3_ST_SW_CERT_REQ_B: 384 str = "SSLv3 write certificate request B"; 385 break; 386 case SSL3_ST_SW_SESSION_TICKET_A: 387 str = "SSLv3 write session ticket A"; 388 break; 389 case SSL3_ST_SW_SESSION_TICKET_B: 390 str = "SSLv3 write session ticket B"; 391 break; 392 case SSL3_ST_SW_SRVR_DONE_A: 393 str = "SSLv3 write server done A"; 394 break; 395 case SSL3_ST_SW_SRVR_DONE_B: 396 str = "SSLv3 write server done B"; 397 break; 398 case SSL3_ST_SR_CERT_A: 399 str = "SSLv3 read client certificate A"; 400 break; 401 case SSL3_ST_SR_CERT_B: 402 str = "SSLv3 read client certificate B"; 403 break; 404 case SSL3_ST_SR_KEY_EXCH_A: 405 str = "SSLv3 read client key exchange A"; 406 break; 407 case SSL3_ST_SR_KEY_EXCH_B: 408 str = "SSLv3 read client key exchange B"; 409 break; 410 case SSL3_ST_SR_CERT_VRFY_A: 411 str = "SSLv3 read certificate verify A"; 412 break; 413 case SSL3_ST_SR_CERT_VRFY_B: 414 str = "SSLv3 read certificate verify B"; 415 break; 416 #endif 417 418 /* SSLv2/v3 compatibility states */ 419 /* client */ 420 case SSL23_ST_CW_CLNT_HELLO_A: 421 str = "SSLv2/v3 write client hello A"; 422 break; 423 case SSL23_ST_CW_CLNT_HELLO_B: 424 str = "SSLv2/v3 write client hello B"; 425 break; 426 case SSL23_ST_CR_SRVR_HELLO_A: 427 str = "SSLv2/v3 read server hello A"; 428 break; 429 case SSL23_ST_CR_SRVR_HELLO_B: 430 str = "SSLv2/v3 read server hello B"; 431 break; 432 /* server */ 433 case SSL23_ST_SR_CLNT_HELLO_A: 434 str = "SSLv2/v3 read client hello A"; 435 break; 436 case SSL23_ST_SR_CLNT_HELLO_B: 437 str = "SSLv2/v3 read client hello B"; 438 break; 439 440 /* DTLS */ 441 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 442 str = "DTLS1 read hello verify request A"; 443 break; 444 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: 445 str = "DTLS1 read hello verify request B"; 446 break; 447 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 448 str = "DTLS1 write hello verify request A"; 449 break; 450 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 451 str = "DTLS1 write hello verify request B"; 452 break; 453 454 default: 455 str = "unknown state"; 456 break; 457 } 458 return (str); 459 } 460 461 const char *SSL_rstate_string_long(const SSL *s) 462 { 463 const char *str; 464 465 switch (s->rstate) { 466 case SSL_ST_READ_HEADER: 467 str = "read header"; 468 break; 469 case SSL_ST_READ_BODY: 470 str = "read body"; 471 break; 472 case SSL_ST_READ_DONE: 473 str = "read done"; 474 break; 475 default: 476 str = "unknown"; 477 break; 478 } 479 return (str); 480 } 481 482 const char *SSL_state_string(const SSL *s) 483 { 484 const char *str; 485 486 switch (s->state) { 487 case SSL_ST_BEFORE: 488 str = "PINIT "; 489 break; 490 case SSL_ST_ACCEPT: 491 str = "AINIT "; 492 break; 493 case SSL_ST_CONNECT: 494 str = "CINIT "; 495 break; 496 case SSL_ST_OK: 497 str = "SSLOK "; 498 break; 499 #ifndef OPENSSL_NO_SSL2 500 case SSL2_ST_CLIENT_START_ENCRYPTION: 501 str = "2CSENC"; 502 break; 503 case SSL2_ST_SERVER_START_ENCRYPTION: 504 str = "2SSENC"; 505 break; 506 case SSL2_ST_SEND_CLIENT_HELLO_A: 507 str = "2SCH_A"; 508 break; 509 case SSL2_ST_SEND_CLIENT_HELLO_B: 510 str = "2SCH_B"; 511 break; 512 case SSL2_ST_GET_SERVER_HELLO_A: 513 str = "2GSH_A"; 514 break; 515 case SSL2_ST_GET_SERVER_HELLO_B: 516 str = "2GSH_B"; 517 break; 518 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: 519 str = "2SCMKA"; 520 break; 521 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: 522 str = "2SCMKB"; 523 break; 524 case SSL2_ST_SEND_CLIENT_FINISHED_A: 525 str = "2SCF_A"; 526 break; 527 case SSL2_ST_SEND_CLIENT_FINISHED_B: 528 str = "2SCF_B"; 529 break; 530 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: 531 str = "2SCC_A"; 532 break; 533 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: 534 str = "2SCC_B"; 535 break; 536 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: 537 str = "2SCC_C"; 538 break; 539 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: 540 str = "2SCC_D"; 541 break; 542 case SSL2_ST_GET_SERVER_VERIFY_A: 543 str = "2GSV_A"; 544 break; 545 case SSL2_ST_GET_SERVER_VERIFY_B: 546 str = "2GSV_B"; 547 break; 548 case SSL2_ST_GET_SERVER_FINISHED_A: 549 str = "2GSF_A"; 550 break; 551 case SSL2_ST_GET_SERVER_FINISHED_B: 552 str = "2GSF_B"; 553 break; 554 case SSL2_ST_GET_CLIENT_HELLO_A: 555 str = "2GCH_A"; 556 break; 557 case SSL2_ST_GET_CLIENT_HELLO_B: 558 str = "2GCH_B"; 559 break; 560 case SSL2_ST_GET_CLIENT_HELLO_C: 561 str = "2GCH_C"; 562 break; 563 case SSL2_ST_SEND_SERVER_HELLO_A: 564 str = "2SSH_A"; 565 break; 566 case SSL2_ST_SEND_SERVER_HELLO_B: 567 str = "2SSH_B"; 568 break; 569 case SSL2_ST_GET_CLIENT_MASTER_KEY_A: 570 str = "2GCMKA"; 571 break; 572 case SSL2_ST_GET_CLIENT_MASTER_KEY_B: 573 str = "2GCMKA"; 574 break; 575 case SSL2_ST_SEND_SERVER_VERIFY_A: 576 str = "2SSV_A"; 577 break; 578 case SSL2_ST_SEND_SERVER_VERIFY_B: 579 str = "2SSV_B"; 580 break; 581 case SSL2_ST_SEND_SERVER_VERIFY_C: 582 str = "2SSV_C"; 583 break; 584 case SSL2_ST_GET_CLIENT_FINISHED_A: 585 str = "2GCF_A"; 586 break; 587 case SSL2_ST_GET_CLIENT_FINISHED_B: 588 str = "2GCF_B"; 589 break; 590 case SSL2_ST_SEND_SERVER_FINISHED_A: 591 str = "2SSF_A"; 592 break; 593 case SSL2_ST_SEND_SERVER_FINISHED_B: 594 str = "2SSF_B"; 595 break; 596 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: 597 str = "2SRC_A"; 598 break; 599 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: 600 str = "2SRC_B"; 601 break; 602 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: 603 str = "2SRC_C"; 604 break; 605 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: 606 str = "2SRC_D"; 607 break; 608 case SSL2_ST_X509_GET_SERVER_CERTIFICATE: 609 str = "2X9GSC"; 610 break; 611 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: 612 str = "2X9GCC"; 613 break; 614 #endif 615 616 #ifndef OPENSSL_NO_SSL3 617 /* SSLv3 additions */ 618 case SSL3_ST_SW_FLUSH: 619 case SSL3_ST_CW_FLUSH: 620 str = "3FLUSH"; 621 break; 622 case SSL3_ST_CW_CLNT_HELLO_A: 623 str = "3WCH_A"; 624 break; 625 case SSL3_ST_CW_CLNT_HELLO_B: 626 str = "3WCH_B"; 627 break; 628 case SSL3_ST_CR_SRVR_HELLO_A: 629 str = "3RSH_A"; 630 break; 631 case SSL3_ST_CR_SRVR_HELLO_B: 632 str = "3RSH_B"; 633 break; 634 case SSL3_ST_CR_CERT_A: 635 str = "3RSC_A"; 636 break; 637 case SSL3_ST_CR_CERT_B: 638 str = "3RSC_B"; 639 break; 640 case SSL3_ST_CR_KEY_EXCH_A: 641 str = "3RSKEA"; 642 break; 643 case SSL3_ST_CR_KEY_EXCH_B: 644 str = "3RSKEB"; 645 break; 646 case SSL3_ST_CR_CERT_REQ_A: 647 str = "3RCR_A"; 648 break; 649 case SSL3_ST_CR_CERT_REQ_B: 650 str = "3RCR_B"; 651 break; 652 case SSL3_ST_CR_SRVR_DONE_A: 653 str = "3RSD_A"; 654 break; 655 case SSL3_ST_CR_SRVR_DONE_B: 656 str = "3RSD_B"; 657 break; 658 case SSL3_ST_CW_CERT_A: 659 str = "3WCC_A"; 660 break; 661 case SSL3_ST_CW_CERT_B: 662 str = "3WCC_B"; 663 break; 664 case SSL3_ST_CW_CERT_C: 665 str = "3WCC_C"; 666 break; 667 case SSL3_ST_CW_CERT_D: 668 str = "3WCC_D"; 669 break; 670 case SSL3_ST_CW_KEY_EXCH_A: 671 str = "3WCKEA"; 672 break; 673 case SSL3_ST_CW_KEY_EXCH_B: 674 str = "3WCKEB"; 675 break; 676 case SSL3_ST_CW_CERT_VRFY_A: 677 str = "3WCV_A"; 678 break; 679 case SSL3_ST_CW_CERT_VRFY_B: 680 str = "3WCV_B"; 681 break; 682 683 case SSL3_ST_SW_CHANGE_A: 684 case SSL3_ST_CW_CHANGE_A: 685 str = "3WCCSA"; 686 break; 687 case SSL3_ST_SW_CHANGE_B: 688 case SSL3_ST_CW_CHANGE_B: 689 str = "3WCCSB"; 690 break; 691 case SSL3_ST_SW_FINISHED_A: 692 case SSL3_ST_CW_FINISHED_A: 693 str = "3WFINA"; 694 break; 695 case SSL3_ST_SW_FINISHED_B: 696 case SSL3_ST_CW_FINISHED_B: 697 str = "3WFINB"; 698 break; 699 case SSL3_ST_SR_CHANGE_A: 700 case SSL3_ST_CR_CHANGE_A: 701 str = "3RCCSA"; 702 break; 703 case SSL3_ST_SR_CHANGE_B: 704 case SSL3_ST_CR_CHANGE_B: 705 str = "3RCCSB"; 706 break; 707 case SSL3_ST_SR_FINISHED_A: 708 case SSL3_ST_CR_FINISHED_A: 709 str = "3RFINA"; 710 break; 711 case SSL3_ST_SR_FINISHED_B: 712 case SSL3_ST_CR_FINISHED_B: 713 str = "3RFINB"; 714 break; 715 716 case SSL3_ST_SW_HELLO_REQ_A: 717 str = "3WHR_A"; 718 break; 719 case SSL3_ST_SW_HELLO_REQ_B: 720 str = "3WHR_B"; 721 break; 722 case SSL3_ST_SW_HELLO_REQ_C: 723 str = "3WHR_C"; 724 break; 725 case SSL3_ST_SR_CLNT_HELLO_A: 726 str = "3RCH_A"; 727 break; 728 case SSL3_ST_SR_CLNT_HELLO_B: 729 str = "3RCH_B"; 730 break; 731 case SSL3_ST_SR_CLNT_HELLO_C: 732 str = "3RCH_C"; 733 break; 734 case SSL3_ST_SW_SRVR_HELLO_A: 735 str = "3WSH_A"; 736 break; 737 case SSL3_ST_SW_SRVR_HELLO_B: 738 str = "3WSH_B"; 739 break; 740 case SSL3_ST_SW_CERT_A: 741 str = "3WSC_A"; 742 break; 743 case SSL3_ST_SW_CERT_B: 744 str = "3WSC_B"; 745 break; 746 case SSL3_ST_SW_KEY_EXCH_A: 747 str = "3WSKEA"; 748 break; 749 case SSL3_ST_SW_KEY_EXCH_B: 750 str = "3WSKEB"; 751 break; 752 case SSL3_ST_SW_CERT_REQ_A: 753 str = "3WCR_A"; 754 break; 755 case SSL3_ST_SW_CERT_REQ_B: 756 str = "3WCR_B"; 757 break; 758 case SSL3_ST_SW_SRVR_DONE_A: 759 str = "3WSD_A"; 760 break; 761 case SSL3_ST_SW_SRVR_DONE_B: 762 str = "3WSD_B"; 763 break; 764 case SSL3_ST_SR_CERT_A: 765 str = "3RCC_A"; 766 break; 767 case SSL3_ST_SR_CERT_B: 768 str = "3RCC_B"; 769 break; 770 case SSL3_ST_SR_KEY_EXCH_A: 771 str = "3RCKEA"; 772 break; 773 case SSL3_ST_SR_KEY_EXCH_B: 774 str = "3RCKEB"; 775 break; 776 case SSL3_ST_SR_CERT_VRFY_A: 777 str = "3RCV_A"; 778 break; 779 case SSL3_ST_SR_CERT_VRFY_B: 780 str = "3RCV_B"; 781 break; 782 #endif 783 784 /* SSLv2/v3 compatibility states */ 785 /* client */ 786 case SSL23_ST_CW_CLNT_HELLO_A: 787 str = "23WCHA"; 788 break; 789 case SSL23_ST_CW_CLNT_HELLO_B: 790 str = "23WCHB"; 791 break; 792 case SSL23_ST_CR_SRVR_HELLO_A: 793 str = "23RSHA"; 794 break; 795 case SSL23_ST_CR_SRVR_HELLO_B: 796 str = "23RSHA"; 797 break; 798 /* server */ 799 case SSL23_ST_SR_CLNT_HELLO_A: 800 str = "23RCHA"; 801 break; 802 case SSL23_ST_SR_CLNT_HELLO_B: 803 str = "23RCHB"; 804 break; 805 806 /* DTLS */ 807 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 808 str = "DRCHVA"; 809 break; 810 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: 811 str = "DRCHVB"; 812 break; 813 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 814 str = "DWCHVA"; 815 break; 816 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 817 str = "DWCHVB"; 818 break; 819 820 default: 821 str = "UNKWN "; 822 break; 823 } 824 return (str); 825 } 826 827 const char *SSL_alert_type_string_long(int value) 828 { 829 value >>= 8; 830 if (value == SSL3_AL_WARNING) 831 return ("warning"); 832 else if (value == SSL3_AL_FATAL) 833 return ("fatal"); 834 else 835 return ("unknown"); 836 } 837 838 const char *SSL_alert_type_string(int value) 839 { 840 value >>= 8; 841 if (value == SSL3_AL_WARNING) 842 return ("W"); 843 else if (value == SSL3_AL_FATAL) 844 return ("F"); 845 else 846 return ("U"); 847 } 848 849 const char *SSL_alert_desc_string(int value) 850 { 851 const char *str; 852 853 switch (value & 0xff) { 854 case SSL3_AD_CLOSE_NOTIFY: 855 str = "CN"; 856 break; 857 case SSL3_AD_UNEXPECTED_MESSAGE: 858 str = "UM"; 859 break; 860 case SSL3_AD_BAD_RECORD_MAC: 861 str = "BM"; 862 break; 863 case SSL3_AD_DECOMPRESSION_FAILURE: 864 str = "DF"; 865 break; 866 case SSL3_AD_HANDSHAKE_FAILURE: 867 str = "HF"; 868 break; 869 case SSL3_AD_NO_CERTIFICATE: 870 str = "NC"; 871 break; 872 case SSL3_AD_BAD_CERTIFICATE: 873 str = "BC"; 874 break; 875 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 876 str = "UC"; 877 break; 878 case SSL3_AD_CERTIFICATE_REVOKED: 879 str = "CR"; 880 break; 881 case SSL3_AD_CERTIFICATE_EXPIRED: 882 str = "CE"; 883 break; 884 case SSL3_AD_CERTIFICATE_UNKNOWN: 885 str = "CU"; 886 break; 887 case SSL3_AD_ILLEGAL_PARAMETER: 888 str = "IP"; 889 break; 890 case TLS1_AD_DECRYPTION_FAILED: 891 str = "DC"; 892 break; 893 case TLS1_AD_RECORD_OVERFLOW: 894 str = "RO"; 895 break; 896 case TLS1_AD_UNKNOWN_CA: 897 str = "CA"; 898 break; 899 case TLS1_AD_ACCESS_DENIED: 900 str = "AD"; 901 break; 902 case TLS1_AD_DECODE_ERROR: 903 str = "DE"; 904 break; 905 case TLS1_AD_DECRYPT_ERROR: 906 str = "CY"; 907 break; 908 case TLS1_AD_EXPORT_RESTRICTION: 909 str = "ER"; 910 break; 911 case TLS1_AD_PROTOCOL_VERSION: 912 str = "PV"; 913 break; 914 case TLS1_AD_INSUFFICIENT_SECURITY: 915 str = "IS"; 916 break; 917 case TLS1_AD_INTERNAL_ERROR: 918 str = "IE"; 919 break; 920 case TLS1_AD_USER_CANCELLED: 921 str = "US"; 922 break; 923 case TLS1_AD_NO_RENEGOTIATION: 924 str = "NR"; 925 break; 926 case TLS1_AD_UNSUPPORTED_EXTENSION: 927 str = "UE"; 928 break; 929 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 930 str = "CO"; 931 break; 932 case TLS1_AD_UNRECOGNIZED_NAME: 933 str = "UN"; 934 break; 935 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 936 str = "BR"; 937 break; 938 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 939 str = "BH"; 940 break; 941 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 942 str = "UP"; 943 break; 944 default: 945 str = "UK"; 946 break; 947 } 948 return (str); 949 } 950 951 const char *SSL_alert_desc_string_long(int value) 952 { 953 const char *str; 954 955 switch (value & 0xff) { 956 case SSL3_AD_CLOSE_NOTIFY: 957 str = "close notify"; 958 break; 959 case SSL3_AD_UNEXPECTED_MESSAGE: 960 str = "unexpected_message"; 961 break; 962 case SSL3_AD_BAD_RECORD_MAC: 963 str = "bad record mac"; 964 break; 965 case SSL3_AD_DECOMPRESSION_FAILURE: 966 str = "decompression failure"; 967 break; 968 case SSL3_AD_HANDSHAKE_FAILURE: 969 str = "handshake failure"; 970 break; 971 case SSL3_AD_NO_CERTIFICATE: 972 str = "no certificate"; 973 break; 974 case SSL3_AD_BAD_CERTIFICATE: 975 str = "bad certificate"; 976 break; 977 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 978 str = "unsupported certificate"; 979 break; 980 case SSL3_AD_CERTIFICATE_REVOKED: 981 str = "certificate revoked"; 982 break; 983 case SSL3_AD_CERTIFICATE_EXPIRED: 984 str = "certificate expired"; 985 break; 986 case SSL3_AD_CERTIFICATE_UNKNOWN: 987 str = "certificate unknown"; 988 break; 989 case SSL3_AD_ILLEGAL_PARAMETER: 990 str = "illegal parameter"; 991 break; 992 case TLS1_AD_DECRYPTION_FAILED: 993 str = "decryption failed"; 994 break; 995 case TLS1_AD_RECORD_OVERFLOW: 996 str = "record overflow"; 997 break; 998 case TLS1_AD_UNKNOWN_CA: 999 str = "unknown CA"; 1000 break; 1001 case TLS1_AD_ACCESS_DENIED: 1002 str = "access denied"; 1003 break; 1004 case TLS1_AD_DECODE_ERROR: 1005 str = "decode error"; 1006 break; 1007 case TLS1_AD_DECRYPT_ERROR: 1008 str = "decrypt error"; 1009 break; 1010 case TLS1_AD_EXPORT_RESTRICTION: 1011 str = "export restriction"; 1012 break; 1013 case TLS1_AD_PROTOCOL_VERSION: 1014 str = "protocol version"; 1015 break; 1016 case TLS1_AD_INSUFFICIENT_SECURITY: 1017 str = "insufficient security"; 1018 break; 1019 case TLS1_AD_INTERNAL_ERROR: 1020 str = "internal error"; 1021 break; 1022 case TLS1_AD_USER_CANCELLED: 1023 str = "user canceled"; 1024 break; 1025 case TLS1_AD_NO_RENEGOTIATION: 1026 str = "no renegotiation"; 1027 break; 1028 case TLS1_AD_UNSUPPORTED_EXTENSION: 1029 str = "unsupported extension"; 1030 break; 1031 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 1032 str = "certificate unobtainable"; 1033 break; 1034 case TLS1_AD_UNRECOGNIZED_NAME: 1035 str = "unrecognized name"; 1036 break; 1037 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 1038 str = "bad certificate status response"; 1039 break; 1040 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 1041 str = "bad certificate hash value"; 1042 break; 1043 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 1044 str = "unknown PSK identity"; 1045 break; 1046 default: 1047 str = "unknown"; 1048 break; 1049 } 1050 return (str); 1051 } 1052 1053 const char *SSL_rstate_string(const SSL *s) 1054 { 1055 const char *str; 1056 1057 switch (s->rstate) { 1058 case SSL_ST_READ_HEADER: 1059 str = "RH"; 1060 break; 1061 case SSL_ST_READ_BODY: 1062 str = "RB"; 1063 break; 1064 case SSL_ST_READ_DONE: 1065 str = "RD"; 1066 break; 1067 default: 1068 str = "unknown"; 1069 break; 1070 } 1071 return (str); 1072 } 1073