]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/ssl_stat.c
projects / thirdparty / openssl.git / blob
? search:


8b93ccd4ac25416d89a78e82d2c9b785b02c8f6d
[thirdparty/openssl.git] / ssl / ssl_stat.c
1 /*
2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright 2005 Nokia. All rights reserved.
4 *
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
9 */
10
11 #include <stdio.h>
12 #include "ssl_local.h"
13
14 const char *SSL_state_string_long(const SSL *s)
15 {
16 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
17
18 if (sc == NULL || ossl_statem_in_error(sc))
19 return "error";
20
21 switch (SSL_get_state(s)) {
22 case TLS_ST_CR_CERT_STATUS:
23 return "SSLv3/TLS read certificate status";
24 case TLS_ST_CW_NEXT_PROTO:
25 return "SSLv3/TLS write next proto";
26 case TLS_ST_SR_NEXT_PROTO:
27 return "SSLv3/TLS read next proto";
28 case TLS_ST_SW_CERT_STATUS:
29 return "SSLv3/TLS write certificate status";
30 case TLS_ST_BEFORE:
31 return "before SSL initialization";
32 case TLS_ST_OK:
33 return "SSL negotiation finished successfully";
34 case TLS_ST_CW_CLNT_HELLO:
35 return "SSLv3/TLS write client hello";
36 case TLS_ST_CR_SRVR_HELLO:
37 return "SSLv3/TLS read server hello";
38 case TLS_ST_CR_CERT:
39 return "SSLv3/TLS read server certificate";
40 case TLS_ST_CR_COMP_CERT:
41 return "TLSv1.3 read server compressed certificate";
42 case TLS_ST_CR_KEY_EXCH:
43 return "SSLv3/TLS read server key exchange";
44 case TLS_ST_CR_CERT_REQ:
45 return "SSLv3/TLS read server certificate request";
46 case TLS_ST_CR_SESSION_TICKET:
47 return "SSLv3/TLS read server session ticket";
48 case TLS_ST_CR_SRVR_DONE:
49 return "SSLv3/TLS read server done";
50 case TLS_ST_CW_CERT:
51 return "SSLv3/TLS write client certificate";
52 case TLS_ST_CW_COMP_CERT:
53 return "TLSv1.3 write client compressed certificate";
54 case TLS_ST_CW_KEY_EXCH:
55 return "SSLv3/TLS write client key exchange";
56 case TLS_ST_CW_CERT_VRFY:
57 return "SSLv3/TLS write certificate verify";
58 case TLS_ST_CW_CHANGE:
59 case TLS_ST_SW_CHANGE:
60 return "SSLv3/TLS write change cipher spec";
61 case TLS_ST_CW_FINISHED:
62 case TLS_ST_SW_FINISHED:
63 return "SSLv3/TLS write finished";
64 case TLS_ST_CR_CHANGE:
65 case TLS_ST_SR_CHANGE:
66 return "SSLv3/TLS read change cipher spec";
67 case TLS_ST_CR_FINISHED:
68 case TLS_ST_SR_FINISHED:
69 return "SSLv3/TLS read finished";
70 case TLS_ST_SR_CLNT_HELLO:
71 return "SSLv3/TLS read client hello";
72 case TLS_ST_SW_HELLO_REQ:
73 return "SSLv3/TLS write hello request";
74 case TLS_ST_SW_SRVR_HELLO:
75 return "SSLv3/TLS write server hello";
76 case TLS_ST_SW_CERT:
77 return "SSLv3/TLS write certificate";
78 case TLS_ST_SW_COMP_CERT:
79 return "TLSv1.3 write server compressed certificate";
80 case TLS_ST_SW_KEY_EXCH:
81 return "SSLv3/TLS write key exchange";
82 case TLS_ST_SW_CERT_REQ:
83 return "SSLv3/TLS write certificate request";
84 case TLS_ST_SW_SESSION_TICKET:
85 return "SSLv3/TLS write session ticket";
86 case TLS_ST_SW_SRVR_DONE:
87 return "SSLv3/TLS write server done";
88 case TLS_ST_SR_CERT:
89 return "SSLv3/TLS read client certificate";
90 case TLS_ST_SR_COMP_CERT:
91 return "TLSv1.3 read client compressed certificate";
92 case TLS_ST_SR_KEY_EXCH:
93 return "SSLv3/TLS read client key exchange";
94 case TLS_ST_SR_CERT_VRFY:
95 return "SSLv3/TLS read certificate verify";
96 case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
97 return "DTLS1 read hello verify request";
98 case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
99 return "DTLS1 write hello verify request";
100 case TLS_ST_SW_ENCRYPTED_EXTENSIONS:
101 return "TLSv1.3 write encrypted extensions";
102 case TLS_ST_CR_ENCRYPTED_EXTENSIONS:
103 return "TLSv1.3 read encrypted extensions";
104 case TLS_ST_CR_CERT_VRFY:
105 return "TLSv1.3 read server certificate verify";
106 case TLS_ST_SW_CERT_VRFY:
107 return "TLSv1.3 write server certificate verify";
108 case TLS_ST_CR_HELLO_REQ:
109 return "SSLv3/TLS read hello request";
110 case TLS_ST_SW_KEY_UPDATE:
111 return "TLSv1.3 write server key update";
112 case TLS_ST_CW_KEY_UPDATE:
113 return "TLSv1.3 write client key update";
114 case TLS_ST_SR_KEY_UPDATE:
115 return "TLSv1.3 read client key update";
116 case TLS_ST_CR_KEY_UPDATE:
117 return "TLSv1.3 read server key update";
118 case TLS_ST_EARLY_DATA:
119 return "TLSv1.3 early data";
120 case TLS_ST_PENDING_EARLY_DATA_END:
121 return "TLSv1.3 pending early data end";
122 case TLS_ST_CW_END_OF_EARLY_DATA:
123 return "TLSv1.3 write end of early data";
124 case TLS_ST_SR_END_OF_EARLY_DATA:
125 return "TLSv1.3 read end of early data";
126 default:
127 return "unknown state";
128 }
129 }
130
131 const char *SSL_state_string(const SSL *s)
132 {
133 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
134
135 if (sc == NULL || ossl_statem_in_error(sc))
136 return "SSLERR";
137
138 switch (SSL_get_state(s)) {
139 case TLS_ST_SR_NEXT_PROTO:
140 return "TRNP";
141 case TLS_ST_SW_SESSION_TICKET:
142 return "TWST";
143 case TLS_ST_SW_CERT_STATUS:
144 return "TWCS";
145 case TLS_ST_CR_CERT_STATUS:
146 return "TRCS";
147 case TLS_ST_CR_SESSION_TICKET:
148 return "TRST";
149 case TLS_ST_CW_NEXT_PROTO:
150 return "TWNP";
151 case TLS_ST_BEFORE:
152 return "PINIT";
153 case TLS_ST_OK:
154 return "SSLOK";
155 case TLS_ST_CW_CLNT_HELLO:
156 return "TWCH";
157 case TLS_ST_CR_SRVR_HELLO:
158 return "TRSH";
159 case TLS_ST_CR_CERT:
160 return "TRSC";
161 case TLS_ST_CR_COMP_CERT:
162 return "TRSCC";
163 case TLS_ST_CR_KEY_EXCH:
164 return "TRSKE";
165 case TLS_ST_CR_CERT_REQ:
166 return "TRCR";
167 case TLS_ST_CR_SRVR_DONE:
168 return "TRSD";
169 case TLS_ST_CW_CERT:
170 return "TWCC";
171 case TLS_ST_CW_COMP_CERT:
172 return "TWCCC";
173 case TLS_ST_CW_KEY_EXCH:
174 return "TWCKE";
175 case TLS_ST_CW_CERT_VRFY:
176 return "TWCV";
177 case TLS_ST_SW_CHANGE:
178 case TLS_ST_CW_CHANGE:
179 return "TWCCS";
180 case TLS_ST_SW_FINISHED:
181 case TLS_ST_CW_FINISHED:
182 return "TWFIN";
183 case TLS_ST_SR_CHANGE:
184 case TLS_ST_CR_CHANGE:
185 return "TRCCS";
186 case TLS_ST_SR_FINISHED:
187 case TLS_ST_CR_FINISHED:
188 return "TRFIN";
189 case TLS_ST_SW_HELLO_REQ:
190 return "TWHR";
191 case TLS_ST_SR_CLNT_HELLO:
192 return "TRCH";
193 case TLS_ST_SW_SRVR_HELLO:
194 return "TWSH";
195 case TLS_ST_SW_CERT:
196 return "TWSC";
197 case TLS_ST_SW_COMP_CERT:
198 return "TWSCC";
199 case TLS_ST_SW_KEY_EXCH:
200 return "TWSKE";
201 case TLS_ST_SW_CERT_REQ:
202 return "TWCR";
203 case TLS_ST_SW_SRVR_DONE:
204 return "TWSD";
205 case TLS_ST_SR_CERT:
206 return "TRCC";
207 case TLS_ST_SR_COMP_CERT:
208 return "TRCCC";
209 case TLS_ST_SR_KEY_EXCH:
210 return "TRCKE";
211 case TLS_ST_SR_CERT_VRFY:
212 return "TRCV";
213 case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
214 return "DRCHV";
215 case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
216 return "DWCHV";
217 case TLS_ST_SW_ENCRYPTED_EXTENSIONS:
218 return "TWEE";
219 case TLS_ST_CR_ENCRYPTED_EXTENSIONS:
220 return "TREE";
221 case TLS_ST_CR_CERT_VRFY:
222 return "TRSCV";
223 case TLS_ST_SW_CERT_VRFY:
224 return "TWSCV";
225 case TLS_ST_CR_HELLO_REQ:
226 return "TRHR";
227 case TLS_ST_SW_KEY_UPDATE:
228 return "TWSKU";
229 case TLS_ST_CW_KEY_UPDATE:
230 return "TWCKU";
231 case TLS_ST_SR_KEY_UPDATE:
232 return "TRCKU";
233 case TLS_ST_CR_KEY_UPDATE:
234 return "TRSKU";
235 case TLS_ST_EARLY_DATA:
236 return "TED";
237 case TLS_ST_PENDING_EARLY_DATA_END:
238 return "TPEDE";
239 case TLS_ST_CW_END_OF_EARLY_DATA:
240 return "TWEOED";
241 case TLS_ST_SR_END_OF_EARLY_DATA:
242 return "TWEOED";
243 default:
244 return "UNKWN";
245 }
246 }
247
248 const char *SSL_alert_type_string_long(int value)
249 {
250 switch (value >> 8) {
251 case SSL3_AL_WARNING:
252 return "warning";
253 case SSL3_AL_FATAL:
254 return "fatal";
255 default:
256 return "unknown";
257 }
258 }
259
260 const char *SSL_alert_type_string(int value)
261 {
262 switch (value >> 8) {
263 case SSL3_AL_WARNING:
264 return "W";
265 case SSL3_AL_FATAL:
266 return "F";
267 default:
268 return "U";
269 }
270 }
271
272 const char *SSL_alert_desc_string(int value)
273 {
274 switch (value & 0xff) {
275 case SSL3_AD_CLOSE_NOTIFY:
276 return "CN";
277 case SSL3_AD_UNEXPECTED_MESSAGE:
278 return "UM";
279 case SSL3_AD_BAD_RECORD_MAC:
280 return "BM";
281 case SSL3_AD_DECOMPRESSION_FAILURE:
282 return "DF";
283 case SSL3_AD_HANDSHAKE_FAILURE:
284 return "HF";
285 case SSL3_AD_NO_CERTIFICATE:
286 return "NC";
287 case SSL3_AD_BAD_CERTIFICATE:
288 return "BC";
289 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
290 return "UC";
291 case SSL3_AD_CERTIFICATE_REVOKED:
292 return "CR";
293 case SSL3_AD_CERTIFICATE_EXPIRED:
294 return "CE";
295 case SSL3_AD_CERTIFICATE_UNKNOWN:
296 return "CU";
297 case SSL3_AD_ILLEGAL_PARAMETER:
298 return "IP";
299 case TLS1_AD_DECRYPTION_FAILED:
300 return "DC";
301 case TLS1_AD_RECORD_OVERFLOW:
302 return "RO";
303 case TLS1_AD_UNKNOWN_CA:
304 return "CA";
305 case TLS1_AD_ACCESS_DENIED:
306 return "AD";
307 case TLS1_AD_DECODE_ERROR:
308 return "DE";
309 case TLS1_AD_DECRYPT_ERROR:
310 return "CY";
311 case TLS1_AD_EXPORT_RESTRICTION:
312 return "ER";
313 case TLS1_AD_PROTOCOL_VERSION:
314 return "PV";
315 case TLS1_AD_INSUFFICIENT_SECURITY:
316 return "IS";
317 case TLS1_AD_INTERNAL_ERROR:
318 return "IE";
319 case TLS1_AD_USER_CANCELLED:
320 return "US";
321 case TLS1_AD_NO_RENEGOTIATION:
322 return "NR";
323 case TLS1_AD_UNSUPPORTED_EXTENSION:
324 return "UE";
325 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
326 return "CO";
327 case TLS1_AD_UNRECOGNIZED_NAME:
328 return "UN";
329 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
330 return "BR";
331 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
332 return "BH";
333 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
334 return "UP";
335 default:
336 return "UK";
337 }
338 }
339
340 const char *SSL_alert_desc_string_long(int value)
341 {
342 switch (value & 0xff) {
343 case SSL3_AD_CLOSE_NOTIFY:
344 return "close notify";
345 case SSL3_AD_UNEXPECTED_MESSAGE:
346 return "unexpected_message";
347 case SSL3_AD_BAD_RECORD_MAC:
348 return "bad record mac";
349 case SSL3_AD_DECOMPRESSION_FAILURE:
350 return "decompression failure";
351 case SSL3_AD_HANDSHAKE_FAILURE:
352 return "handshake failure";
353 case SSL3_AD_NO_CERTIFICATE:
354 return "no certificate";
355 case SSL3_AD_BAD_CERTIFICATE:
356 return "bad certificate";
357 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
358 return "unsupported certificate";
359 case SSL3_AD_CERTIFICATE_REVOKED:
360 return "certificate revoked";
361 case SSL3_AD_CERTIFICATE_EXPIRED:
362 return "certificate expired";
363 case SSL3_AD_CERTIFICATE_UNKNOWN:
364 return "certificate unknown";
365 case SSL3_AD_ILLEGAL_PARAMETER:
366 return "illegal parameter";
367 case TLS1_AD_DECRYPTION_FAILED:
368 return "decryption failed";
369 case TLS1_AD_RECORD_OVERFLOW:
370 return "record overflow";
371 case TLS1_AD_UNKNOWN_CA:
372 return "unknown CA";
373 case TLS1_AD_ACCESS_DENIED:
374 return "access denied";
375 case TLS1_AD_DECODE_ERROR:
376 return "decode error";
377 case TLS1_AD_DECRYPT_ERROR:
378 return "decrypt error";
379 case TLS1_AD_EXPORT_RESTRICTION:
380 return "export restriction";
381 case TLS1_AD_PROTOCOL_VERSION:
382 return "protocol version";
383 case TLS1_AD_INSUFFICIENT_SECURITY:
384 return "insufficient security";
385 case TLS1_AD_INTERNAL_ERROR:
386 return "internal error";
387 case TLS1_AD_USER_CANCELLED:
388 return "user canceled";
389 case TLS1_AD_NO_RENEGOTIATION:
390 return "no renegotiation";
391 case TLS1_AD_UNSUPPORTED_EXTENSION:
392 return "unsupported extension";
393 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
394 return "certificate unobtainable";
395 case TLS1_AD_UNRECOGNIZED_NAME:
396 return "unrecognized name";
397 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
398 return "bad certificate status response";
399 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
400 return "bad certificate hash value";
401 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
402 return "unknown PSK identity";
403 case TLS1_AD_NO_APPLICATION_PROTOCOL:
404 return "no application protocol";
405 default:
406 return "unknown";
407 }
408 }
A mirror of the official openssl repository