diff options
author | Heikki Vatiainen <hvn@radiatorsoftware.com> | 2023-07-09 19:38:18 +0300 |
---|---|---|
committer | Heikki Vatiainen <hvn@radiatorsoftware.com> | 2023-07-09 19:38:18 +0300 |
commit | 7ad76ee29a4e8da82b392756c4f2cb388308f89b (patch) | |
tree | be741f07f058133bb80c71258910a02fc31e0e5c | |
parent | 0a7730a9b2452a05a7f264708db74ac4f6afbed6 (diff) |
GH-71 Add constants for SSL_CTX_set_client_hello_cb() callback function.
A callback function set with SSL_CTX_set_client_hello_cb() requires constants
SSL_CLIENT_HELLO_ERROR, SSL_CLIENT_HELLO_RETRY and SSL_CLIENT_HELLO_SUCCESS for
its return value. The callback function may also set TLS alert to send. This
requires using SSL_AD_* prefixed constants.
-rw-r--r-- | constants.c | 1298 | ||||
-rw-r--r-- | helper_script/constants.txt | 37 | ||||
-rw-r--r-- | lib/Net/SSLeay.pm | 37 | ||||
-rw-r--r-- | lib/Net/SSLeay.pod | 661 | ||||
-rw-r--r-- | t/local/21_constants.t | 39 |
5 files changed, 1312 insertions, 760 deletions
diff --git a/constants.c b/constants.c index f6ca2b9..3998064 100644 --- a/constants.c +++ b/constants.c @@ -1488,14 +1488,14 @@ constant (const char *name, size_t len) { break; case 13: /* Names all of length 13. */ - /* ASYNC_NO_JOBS CB_READ_ALERT ERROR_SYSCALL FILETYPE_ASN1 F_SSL_SET_RFD - F_SSL_SET_WFD GEN_OTHERNAME MBSTRING_FLAG MBSTRING_UNIV MBSTRING_UTF8 - NID_OCSP_sign NID_algorithm NID_cast5_cbc NID_cast5_ecb NID_code_sign - NID_delta_crl NID_des_cfb64 NID_des_ofb64 NID_givenName NID_id_pbkdf2 - NID_id_qt_cps NID_key_usage NID_rc2_cfb64 NID_rc2_ofb64 NID_rc5_cfb64 - NID_rc5_ofb64 NID_ripemd160 NID_secretBag OP_NO_TLSv1_1 OP_NO_TLSv1_2 - OP_NO_TLSv1_3 OP_TLS_D5_BUG SENT_SHUTDOWN SSL2_MT_ERROR SSL3_RT_ALERT - SSLEAY_CFLAGS XN_FLAG_FN_LN XN_FLAG_FN_SN */ + /* AD_UNKNOWN_CA ASYNC_NO_JOBS CB_READ_ALERT ERROR_SYSCALL FILETYPE_ASN1 + F_SSL_SET_RFD F_SSL_SET_WFD GEN_OTHERNAME MBSTRING_FLAG MBSTRING_UNIV + MBSTRING_UTF8 NID_OCSP_sign NID_algorithm NID_cast5_cbc NID_cast5_ecb + NID_code_sign NID_delta_crl NID_des_cfb64 NID_des_ofb64 NID_givenName + NID_id_pbkdf2 NID_id_qt_cps NID_key_usage NID_rc2_cfb64 NID_rc2_ofb64 + NID_rc5_cfb64 NID_rc5_ofb64 NID_ripemd160 NID_secretBag OP_NO_TLSv1_1 + OP_NO_TLSv1_2 OP_NO_TLSv1_3 OP_TLS_D5_BUG SENT_SHUTDOWN SSL2_MT_ERROR + SSL3_RT_ALERT SSLEAY_CFLAGS XN_FLAG_FN_LN XN_FLAG_FN_SN */ /* Offset 12 gives the best switch position. */ switch (name[12]) { case '0': @@ -1640,6 +1640,18 @@ constant (const char *name, size_t len) { } break; + case 'A': + if (!memcmp(name, "AD_UNKNOWN_C", 12)) { + /* A */ + +#ifdef SSL_AD_UNKNOWN_CA + return SSL_AD_UNKNOWN_CA; +#else + goto not_there; +#endif + + } + break; case 'D': if (!memcmp(name, "F_SSL_SET_RF", 12)) { /* D */ @@ -2362,14 +2374,15 @@ constant (const char *name, size_t len) { break; case 15: /* Names all of length 15. */ - /* CB_CONNECT_EXIT CB_CONNECT_LOOP CLIENT_HELLO_CB ERROR_WANT_READ - F_WRITE_PENDING MODE_AUTO_RETRY NID_cast5_cfb64 NID_cast5_ofb64 - NID_client_auth NID_countryName NID_des_ede_cbc NID_description - NID_dnQualifier NID_dsaWithSHA1 NID_info_access NID_mdc2WithRSA - NID_ms_code_com NID_ms_code_ind NID_ms_ctl_sign NID_server_auth - NID_sha1WithRSA OPENSSL_VERSION OP_NO_QUERY_MTU R_NO_PRIVATEKEY - R_UNKNOWN_STATE SESS_CACHE_BOTH SSLEAY_BUILT_ON SSLEAY_PLATFORM - XN_FLAG_FN_MASK XN_FLAG_FN_NONE XN_FLAG_ONELINE XN_FLAG_RFC2253 */ + /* AD_CLOSE_NOTIFY AD_DECODE_ERROR CB_CONNECT_EXIT CB_CONNECT_LOOP + CLIENT_HELLO_CB ERROR_WANT_READ F_WRITE_PENDING MODE_AUTO_RETRY + NID_cast5_cfb64 NID_cast5_ofb64 NID_client_auth NID_countryName + NID_des_ede_cbc NID_description NID_dnQualifier NID_dsaWithSHA1 + NID_info_access NID_mdc2WithRSA NID_ms_code_com NID_ms_code_ind + NID_ms_ctl_sign NID_server_auth NID_sha1WithRSA OPENSSL_VERSION + OP_NO_QUERY_MTU R_NO_PRIVATEKEY R_UNKNOWN_STATE SESS_CACHE_BOTH + SSLEAY_BUILT_ON SSLEAY_PLATFORM XN_FLAG_FN_MASK XN_FLAG_FN_NONE + XN_FLAG_ONELINE XN_FLAG_RFC2253 */ /* Offset 14 gives the best switch position. */ switch (name[14]) { case '1': @@ -2578,6 +2591,18 @@ constant (const char *name, size_t len) { } break; + case 'R': + if (!memcmp(name, "AD_DECODE_ERRO", 14)) { + /* R */ + +#ifdef SSL_AD_DECODE_ERROR + return SSL_AD_DECODE_ERROR; +#else + goto not_there; +#endif + + } + break; case 'T': if (!memcmp(name, "CB_CONNECT_EXI", 14)) { /* T */ @@ -2603,6 +2628,16 @@ constant (const char *name, size_t len) { } break; case 'Y': + if (!memcmp(name, "AD_CLOSE_NOTIF", 14)) { + /* Y */ + +#ifdef SSL_AD_CLOSE_NOTIFY + return SSL_AD_CLOSE_NOTIFY; +#else + goto not_there; +#endif + + } if (!memcmp(name, "MODE_AUTO_RETR", 14)) { /* Y */ @@ -2744,12 +2779,13 @@ constant (const char *name, size_t len) { break; case 16: /* Names all of length 16. */ - /* ERROR_WANT_ASYNC ERROR_WANT_WRITE NID_des_ede3_cbc NID_friendlyName - NID_hmacWithSHA1 NID_localityName NID_pkcs7_digest NID_pkcs7_signed - NID_serialNumber OPENSSL_BUILT_ON OPENSSL_CPU_INFO OPENSSL_PLATFORM - OP_EPHEMERAL_RSA OP_PKCS1_CHECK_1 OP_PKCS1_CHECK_2 OP_SINGLE_DH_USE - R_BAD_MAC_DECODE R_NO_CIPHER_LIST SSL3_MT_FINISHED X509_PURPOSE_ANY - X509_TRUST_EMAIL XN_FLAG_FN_ALIGN XN_FLAG_SEP_MASK */ + /* AD_ACCESS_DENIED AD_DECRYPT_ERROR ERROR_WANT_ASYNC ERROR_WANT_WRITE + NID_des_ede3_cbc NID_friendlyName NID_hmacWithSHA1 NID_localityName + NID_pkcs7_digest NID_pkcs7_signed NID_serialNumber OPENSSL_BUILT_ON + OPENSSL_CPU_INFO OPENSSL_PLATFORM OP_EPHEMERAL_RSA OP_PKCS1_CHECK_1 + OP_PKCS1_CHECK_2 OP_SINGLE_DH_USE R_BAD_MAC_DECODE R_NO_CIPHER_LIST + SSL3_MT_FINISHED X509_PURPOSE_ANY X509_TRUST_EMAIL XN_FLAG_FN_ALIGN + XN_FLAG_SEP_MASK */ /* Offset 15 gives the best switch position. */ switch (name[15]) { case '1': @@ -2811,6 +2847,16 @@ constant (const char *name, size_t len) { } break; case 'D': + if (!memcmp(name, "AD_ACCESS_DENIE", 15)) { + /* D */ + +#ifdef SSL_AD_ACCESS_DENIED + return SSL_AD_ACCESS_DENIED; +#else + goto not_there; +#endif + + } if (!memcmp(name, "SSL3_MT_FINISHE", 15)) { /* D */ @@ -2924,6 +2970,18 @@ constant (const char *name, size_t len) { } break; + case 'R': + if (!memcmp(name, "AD_DECRYPT_ERRO", 15)) { + /* R */ + +#ifdef SSL_AD_DECRYPT_ERROR + return SSL_AD_DECRYPT_ERROR; +#else + goto not_there; +#endif + + } + break; case 'T': if (!memcmp(name, "R_NO_CIPHER_LIS", 15)) { /* T */ @@ -3022,52 +3080,53 @@ constant (const char *name, size_t len) { break; case 17: /* Names all of length 17. */ - /* CB_HANDSHAKE_DONE ERROR_WANT_ACCEPT ERROR_ZERO_RETURN F_D2I_SSL_SESSION + /* AD_BAD_RECORD_MAC AD_INTERNAL_ERROR AD_NO_CERTIFICATE AD_USER_CANCELLED + CB_HANDSHAKE_DONE ERROR_WANT_ACCEPT ERROR_ZERO_RETURN F_D2I_SSL_SESSION F_I2D_SSL_SESSION F_SSL_SESSION_NEW NID_ad_ca_issuers NID_des_ede_cfb64 NID_des_ede_ofb64 NID_dsaWithSHA1_2 NID_email_protect NID_ext_key_usage NID_id_qt_unotice NID_rsaEncryption OP_NO_ANTI_REPLAY OP_NO_COMPRESSION OP_TLSEXT_PADDING RECEIVED_SHUTDOWN R_BAD_WRITE_RETRY R_NO_CIPHER_MATCH SESS_CACHE_CLIENT SESS_CACHE_SERVER SSL3_RT_HANDSHAKE X509_FILETYPE_PEM X509_TRUST_COMPAT XN_FLAG_MULTILINE */ - /* Offset 13 gives the best switch position. */ - switch (name[13]) { - case 'A': - if (!memcmp(name, "NID_dsaWithSHA1_2", 17)) { - /* ^ */ + /* Offset 8 gives the best switch position. */ + switch (name[8]) { + case 'C': + if (!memcmp(name, "AD_USER_CANCELLED", 17)) { + /* ^ */ -#ifdef NID_dsaWithSHA1_2 - return NID_dsaWithSHA1_2; +#ifdef SSL_AD_USER_CANCELLED + return SSL_AD_USER_CANCELLED; #else goto not_there; #endif } - if (!memcmp(name, "R_NO_CIPHER_MATCH", 17)) { - /* ^ */ + break; + case 'E': + if (!memcmp(name, "AD_BAD_RECORD_MAC", 17)) { + /* ^ */ -#ifdef SSL_R_NO_CIPHER_MATCH - return SSL_R_NO_CIPHER_MATCH; +#ifdef SSL_AD_BAD_RECORD_MAC + return SSL_AD_BAD_RECORD_MAC; #else goto not_there; #endif } - break; - case 'C': - if (!memcmp(name, "ERROR_WANT_ACCEPT", 17)) { - /* ^ */ + if (!memcmp(name, "X509_FILETYPE_PEM", 17)) { + /* ^ */ -#ifdef SSL_ERROR_WANT_ACCEPT - return SSL_ERROR_WANT_ACCEPT; +#ifdef X509_FILETYPE_PEM + return X509_FILETYPE_PEM; #else goto not_there; #endif } break; - case 'D': + case 'H': if (!memcmp(name, "CB_HANDSHAKE_DONE", 17)) { - /* ^ */ + /* ^ */ #ifdef SSL_CB_HANDSHAKE_DONE return SSL_CB_HANDSHAKE_DONE; @@ -3076,42 +3135,38 @@ constant (const char *name, size_t len) { #endif } - if (!memcmp(name, "OP_TLSEXT_PADDING", 17)) { - /* ^ */ + if (!memcmp(name, "R_NO_CIPHER_MATCH", 17)) { + /* ^ */ -#ifdef SSL_OP_TLSEXT_PADDING - return SSL_OP_TLSEXT_PADDING; +#ifdef SSL_R_NO_CIPHER_MATCH + return SSL_R_NO_CIPHER_MATCH; #else goto not_there; #endif } - if (!memcmp(name, "RECEIVED_SHUTDOWN", 17)) { - /* ^ */ + if (!memcmp(name, "SESS_CACHE_CLIENT", 17)) { + /* ^ */ -#ifdef SSL_RECEIVED_SHUTDOWN - return SSL_RECEIVED_SHUTDOWN; +#ifdef SSL_SESS_CACHE_CLIENT + return SSL_SESS_CACHE_CLIENT; #else goto not_there; #endif } - break; - case 'E': - if (!memcmp(name, "R_BAD_WRITE_RETRY", 17)) { - /* ^ */ + if (!memcmp(name, "SESS_CACHE_SERVER", 17)) { + /* ^ */ -#ifdef SSL_R_BAD_WRITE_RETRY - return SSL_R_BAD_WRITE_RETRY; +#ifdef SSL_SESS_CACHE_SERVER + return SSL_SESS_CACHE_SERVER; #else goto not_there; #endif } - break; - case 'H': if (!memcmp(name, "SSL3_RT_HANDSHAKE", 17)) { - /* ^ */ + /* ^ */ #ifdef SSL3_RT_HANDSHAKE return SSL3_RT_HANDSHAKE; @@ -3122,11 +3177,11 @@ constant (const char *name, size_t len) { } break; case 'I': - if (!memcmp(name, "SESS_CACHE_CLIENT", 17)) { - /* ^ */ + if (!memcmp(name, "R_BAD_WRITE_RETRY", 17)) { + /* ^ */ -#ifdef SSL_SESS_CACHE_CLIENT - return SSL_SESS_CACHE_CLIENT; +#ifdef SSL_R_BAD_WRITE_RETRY + return SSL_R_BAD_WRITE_RETRY; #else goto not_there; #endif @@ -3134,8 +3189,40 @@ constant (const char *name, size_t len) { } break; case 'L': + if (!memcmp(name, "F_D2I_SSL_SESSION", 17)) { + /* ^ */ + +#ifdef SSL_F_D2I_SSL_SESSION + return SSL_F_D2I_SSL_SESSION; +#else + goto not_there; +#endif + + } + if (!memcmp(name, "F_I2D_SSL_SESSION", 17)) { + /* ^ */ + +#ifdef SSL_F_I2D_SSL_SESSION + return SSL_F_I2D_SSL_SESSION; +#else + goto not_there; +#endif + + } + break; + case 'M': + if (!memcmp(name, "OP_NO_COMPRESSION", 17)) { + /* ^ */ + +#ifdef SSL_OP_NO_COMPRESSION + return SSL_OP_NO_COMPRESSION; +#else + goto not_there; +#endif + + } if (!memcmp(name, "XN_FLAG_MULTILINE", 17)) { - /* ^ */ + /* ^ */ #ifdef XN_FLAG_MULTILINE return XN_FLAG_MULTILINE; @@ -3145,24 +3232,22 @@ constant (const char *name, size_t len) { } break; - case 'M': - if (!memcmp(name, "X509_TRUST_COMPAT", 17)) { - /* ^ */ + case 'N': + if (!memcmp(name, "AD_INTERNAL_ERROR", 17)) { + /* ^ */ -#ifdef X509_TRUST_COMPAT - return X509_TRUST_COMPAT; +#ifdef SSL_AD_INTERNAL_ERROR + return SSL_AD_INTERNAL_ERROR; #else goto not_there; #endif } - break; - case 'P': - if (!memcmp(name, "OP_NO_ANTI_REPLAY", 17)) { - /* ^ */ + if (!memcmp(name, "ERROR_WANT_ACCEPT", 17)) { + /* ^ */ -#ifdef SSL_OP_NO_ANTI_REPLAY - return SSL_OP_NO_ANTI_REPLAY; +#ifdef SSL_ERROR_WANT_ACCEPT + return SSL_ERROR_WANT_ACCEPT; #else goto not_there; #endif @@ -3170,43 +3255,43 @@ constant (const char *name, size_t len) { } break; case 'R': - if (!memcmp(name, "SESS_CACHE_SERVER", 17)) { - /* ^ */ + if (!memcmp(name, "AD_NO_CERTIFICATE", 17)) { + /* ^ */ -#ifdef SSL_SESS_CACHE_SERVER - return SSL_SESS_CACHE_SERVER; +#ifdef SSL_AD_NO_CERTIFICATE + return SSL_AD_NO_CERTIFICATE; #else goto not_there; #endif } - break; - case 'S': - if (!memcmp(name, "F_D2I_SSL_SESSION", 17)) { - /* ^ */ + if (!memcmp(name, "ERROR_ZERO_RETURN", 17)) { + /* ^ */ -#ifdef SSL_F_D2I_SSL_SESSION - return SSL_F_D2I_SSL_SESSION; +#ifdef SSL_ERROR_ZERO_RETURN + return SSL_ERROR_ZERO_RETURN; #else goto not_there; #endif } - if (!memcmp(name, "F_I2D_SSL_SESSION", 17)) { - /* ^ */ + break; + case 'S': + if (!memcmp(name, "F_SSL_SESSION_NEW", 17)) { + /* ^ */ -#ifdef SSL_F_I2D_SSL_SESSION - return SSL_F_I2D_SSL_SESSION; +#ifdef SSL_F_SSL_SESSION_NEW + return SSL_F_SSL_SESSION_NEW; #else goto not_there; #endif } - if (!memcmp(name, "OP_NO_COMPRESSION", 17)) { - /* ^ */ + if (!memcmp(name, "X509_TRUST_COMPAT", 17)) { + /* ^ */ -#ifdef SSL_OP_NO_COMPRESSION - return SSL_OP_NO_COMPRESSION; +#ifdef X509_TRUST_COMPAT + return X509_TRUST_COMPAT; #else goto not_there; #endif @@ -3214,11 +3299,21 @@ constant (const char *name, size_t len) { } break; case 'T': - if (!memcmp(name, "ERROR_ZERO_RETURN", 17)) { - /* ^ */ + if (!memcmp(name, "OP_NO_ANTI_REPLAY", 17)) { + /* ^ */ -#ifdef SSL_ERROR_ZERO_RETURN - return SSL_ERROR_ZERO_RETURN; +#ifdef SSL_OP_NO_ANTI_REPLAY + return SSL_OP_NO_ANTI_REPLAY; +#else + goto not_there; +#endif + + } + if (!memcmp(name, "OP_TLSEXT_PADDING", 17)) { + /* ^ */ + +#ifdef SSL_OP_TLSEXT_PADDING + return SSL_OP_TLSEXT_PADDING; #else goto not_there; #endif @@ -3226,30 +3321,32 @@ constant (const char *name, size_t len) { } break; case '_': - if (!memcmp(name, "F_SSL_SESSION_NEW", 17)) { - /* ^ */ + if (!memcmp(name, "RECEIVED_SHUTDOWN", 17)) { + /* ^ */ -#ifdef SSL_F_SSL_SESSION_NEW - return SSL_F_SSL_SESSION_NEW; +#ifdef SSL_RECEIVED_SHUTDOWN + return SSL_RECEIVED_SHUTDOWN; #else goto not_there; #endif } - if (!memcmp(name, "X509_FILETYPE_PEM", 17)) { - /* ^ */ + break; + case 'a': + if (!memcmp(name, "NID_ad_ca_issuers", 17)) { + /* ^ */ -#ifdef X509_FILETYPE_PEM - return X509_FILETYPE_PEM; +#ifdef NID_ad_ca_issuers + return NID_ad_ca_issuers; #else goto not_there; #endif } break; - case 'f': + case 'e': if (!memcmp(name, "NID_des_ede_cfb64", 17)) { - /* ^ */ + /* ^ */ #ifdef NID_des_ede_cfb64 return NID_des_ede_cfb64; @@ -3259,7 +3356,7 @@ constant (const char *name, size_t len) { } if (!memcmp(name, "NID_des_ede_ofb64", 17)) { - /* ^ */ + /* ^ */ #ifdef NID_des_ede_ofb64 return NID_des_ede_ofb64; @@ -3269,41 +3366,45 @@ constant (const char *name, size_t len) { } break; - case 's': - if (!memcmp(name, "NID_ext_key_usage", 17)) { - /* ^ */ + case 'i': + if (!memcmp(name, "NID_dsaWithSHA1_2", 17)) { + /* ^ */ -#ifdef NID_ext_key_usage - return NID_ext_key_usage; +#ifdef NID_dsaWithSHA1_2 + return NID_dsaWithSHA1_2; #else goto not_there; #endif } break; - case 't': - if (!memcmp(name, "NID_email_protect", 17)) { - /* ^ */ + case 'k': + if (!memcmp(name, "NID_ext_key_usage", 17)) { + /* ^ */ -#ifdef NID_email_protect - return NID_email_protect; +#ifdef NID_ext_key_usage + return NID_ext_key_usage; #else goto not_there; #endif } - if (!memcmp(name, "NID_id_qt_unotice", 17)) { - /* ^ */ + break; + case 'l': + if (!memcmp(name, "NID_email_protect", 17)) { + /* ^ */ -#ifdef NID_id_qt_unotice - return NID_id_qt_unotice; +#ifdef NID_email_protect + return NID_email_protect; #else goto not_there; #endif } + break; + case 'n': if (!memcmp(name, "NID_rsaEncryption", 17)) { - /* ^ */ + /* ^ */ #ifdef NID_rsaEncryption return NID_rsaEncryption; @@ -3313,12 +3414,12 @@ constant (const char *name, size_t len) { } break; - case 'u': - if (!memcmp(name, "NID_ad_ca_issuers", 17)) { - /* ^ */ + case 't': + if (!memcmp(name, "NID_id_qt_unotice", 17)) { + /* ^ */ -#ifdef NID_ad_ca_issuers - return NID_ad_ca_issuers; +#ifdef NID_id_qt_unotice + return NID_id_qt_unotice; #else goto not_there; #endif @@ -3329,12 +3430,13 @@ constant (const char *name, size_t len) { break; case 18: /* Names all of length 18. */ - /* CB_HANDSHAKE_START ERROR_WANT_CONNECT F_GET_CLIENT_HELLO - F_GET_SERVER_HELLO MODE_NO_AUTO_CHAIN NID_des_ede3_cfb64 - NID_des_ede3_ofb64 NID_dhKeyAgreement OP_COOKIE_EXCHANGE - OP_SINGLE_ECDH_USE R_BAD_SSL_FILETYPE SSL3_MT_KEY_UPDATE - SSL3_MT_NEXT_PROTO VERIFY_CLIENT_ONCE X509_FILETYPE_ASN1 - X509_TRUST_DEFAULT */ + /* AD_BAD_CERTIFICATE AD_RECORD_OVERFLOW CB_HANDSHAKE_START + CLIENT_HELLO_ERROR CLIENT_HELLO_RETRY ERROR_WANT_CONNECT + F_GET_CLIENT_HELLO F_GET_SERVER_HELLO MODE_NO_AUTO_CHAIN + NID_des_ede3_cfb64 NID_des_ede3_ofb64 NID_dhKeyAgreement + OP_COOKIE_EXCHANGE OP_SINGLE_ECDH_USE R_BAD_SSL_FILETYPE + SSL3_MT_KEY_UPDATE SSL3_MT_NEXT_PROTO VERIFY_CLIENT_ONCE + X509_FILETYPE_ASN1 X509_TRUST_DEFAULT */ /* Offset 11 gives the best switch position. */ switch (name[11]) { case '3': @@ -3406,6 +3508,16 @@ constant (const char *name, size_t len) { } break; case 'I': + if (!memcmp(name, "AD_BAD_CERTIFICATE", 18)) { + /* ^ */ + +#ifdef SSL_AD_BAD_CERTIFICATE + return SSL_AD_BAD_CERTIFICATE; +#else + goto not_there; +#endif + + } if (!memcmp(name, "R_BAD_SSL_FILETYPE", 18)) { /* ^ */ @@ -3430,6 +3542,26 @@ constant (const char *name, size_t len) { } break; case 'O': + if (!memcmp(name, "CLIENT_HELLO_ERROR", 18)) { + /* ^ */ + +#ifdef SSL_CLIENT_HELLO_ERROR + return SSL_CLIENT_HELLO_ERROR; +#else + goto not_there; +#endif + + } + if (!memcmp(name, "CLIENT_HELLO_RETRY", 18)) { + /* ^ */ + +#ifdef SSL_CLIENT_HELLO_RETRY + return SSL_CLIENT_HELLO_RETRY; +#else + goto not_there; +#endif + + } if (!memcmp(name, "MODE_NO_AUTO_CHAIN", 18)) { /* ^ */ @@ -3487,6 +3619,18 @@ constant (const char *name, size_t len) { } break; + case 'V': + if (!memcmp(name, "AD_RECORD_OVERFLOW", 18)) { + /* ^ */ + +#ifdef SSL_AD_RECORD_OVERFLOW + return SSL_AD_RECORD_OVERFLOW; +#else + goto not_there; +#endif + + } + break; case 'X': if (!memcmp(name, "OP_COOKIE_EXCHANGE", 18)) { /* ^ */ @@ -3527,13 +3671,13 @@ constant (const char *name, size_t len) { break; case 19: /* Names all of length 19. */ - /* F_CLIENT_MASTER_KEY F_GET_SERVER_VERIFY NID_invalidity_date - NID_issuer_alt_name NID_pkcs7_encrypted NID_pkcs7_enveloped - NID_rle_compression NID_safeContentsBag NID_sdsiCertificate - NID_x509Certificate OPENSSL_ENGINES_DIR OPENSSL_MODULES_DIR - OP_ALLOW_NO_DHE_KEX OP_CISCO_ANYCONNECT OP_NON_EXPORT_FIRST - OP_NO_RENEGOTIATION OP_TLS_ROLLBACK_BUG SSL3_MT_CERTIFICATE - SSL3_MT_SERVER_DONE */ + /* AD_NO_RENEGOTIATION AD_PROTOCOL_VERSION F_CLIENT_MASTER_KEY + F_GET_SERVER_VERIFY NID_invalidity_date NID_issuer_alt_name + NID_pkcs7_encrypted NID_pkcs7_enveloped NID_rle_compression + NID_safeContentsBag NID_sdsiCertificate NID_x509Certificate + OPENSSL_ENGINES_DIR OPENSSL_MODULES_DIR OP_ALLOW_NO_DHE_KEX + OP_CISCO_ANYCONNECT OP_NON_EXPORT_FIRST OP_NO_RENEGOTIATION + OP_TLS_ROLLBACK_BUG SSL3_MT_CERTIFICATE SSL3_MT_SERVER_DONE */ /* Offset 12 gives the best switch position. */ switch (name[12]) { case 'A': @@ -3621,6 +3765,16 @@ constant (const char *name, size_t len) { } break; case 'T': + if (!memcmp(name, "AD_NO_RENEGOTIATION", 19)) { + /* ^ */ + +#ifdef SSL_AD_NO_RENEGOTIATION + return SSL_AD_NO_RENEGOTIATION; +#else + goto not_there; +#endif + + } if (!memcmp(name, "F_CLIENT_MASTER_KEY", 19)) { /* ^ */ @@ -3652,6 +3806,18 @@ constant (const char *name, size_t len) { } break; + case 'V': + if (!memcmp(name, "AD_PROTOCOL_VERSION", 19)) { + /* ^ */ + +#ifdef SSL_AD_PROTOCOL_VERSION + return SSL_AD_PROTOCOL_VERSION; +#else + goto not_there; +#endif + + } + break; case '_': if (!memcmp(name, "F_GET_SERVER_VERIFY", 19)) { /* ^ */ @@ -3762,7 +3928,9 @@ constant (const char *name, size_t len) { break; case 20: /* Names all of length 20. */ - /* ASN1_STRFLGS_ESC_MSB ASN1_STRFLGS_RFC2253 ERROR_WANT_ASYNC_JOB + /* AD_DECRYPTION_FAILED AD_HANDSHAKE_FAILURE AD_ILLEGAL_PARAMETER + AD_MISSING_EXTENSION AD_UNRECOGNIZED_NAME ASN1_STRFLGS_ESC_MSB + ASN1_STRFLGS_RFC2253 CLIENT_HELLO_SUCCESS ERROR_WANT_ASYNC_JOB F_CLIENT_CERTIFICATE F_SSL_USE_PRIVATEKEY MODE_RELEASE_BUFFERS NID_netscape_comment NID_organizationName NID_ripemd160WithRSA NID_subject_alt_name NID_uniqueIdentifier NID_zlib_compression @@ -3770,33 +3938,75 @@ constant (const char *name, size_t len) { SESSION_ASN1_VERSION SSL2_MT_CLIENT_HELLO SSL2_MT_SERVER_HELLO SSL3_MT_CLIENT_HELLO SSL3_MT_MESSAGE_HASH SSL3_MT_SERVER_HELLO X509_TRUST_OCSP_SIGN X509_V_ERR_PATH_LOOP */ - /* Offset 13 gives the best switch position. */ - switch (name[13]) { + /* Offset 8 gives the best switch position. */ + switch (name[8]) { case 'A': - if (!memcmp(name, "OP_CLEANSE_PLAINTEXT", 20)) { - /* ^ */ + if (!memcmp(name, "AD_ILLEGAL_PARAMETER", 20)) { + /* ^ */ -#ifdef SSL_OP_CLEANSE_PLAINTEXT - return SSL_OP_CLEANSE_PLAINTEXT; +#ifdef SSL_AD_ILLEGAL_PARAMETER + return SSL_AD_ILLEGAL_PARAMETER; #else goto not_there; #endif } - if (!memcmp(name, "R_NO_CERTIFICATE_SET", 20)) { - /* ^ */ + if (!memcmp(name, "SESSION_ASN1_VERSION", 20)) { + /* ^ */ -#ifdef SSL_R_NO_CERTIFICATE_SET - return SSL_R_NO_CERTIFICATE_SET; +#ifdef SSL_SESSION_ASN1_VERSION + return SSL_SESSION_ASN1_VERSION; #else goto not_there; #endif } break; - case 'B': + case 'C': + if (!memcmp(name, "SSL2_MT_CLIENT_HELLO", 20)) { + /* ^ */ + +#ifdef SSL2_MT_CLIENT_HELLO + return SSL2_MT_CLIENT_HELLO; +#else + goto not_there; +#endif + + } + if (!memcmp(name, "SSL3_MT_CLIENT_HELLO", 20)) { + /* ^ */ + +#ifdef SSL3_MT_CLIENT_HELLO + return SSL3_MT_CLIENT_HELLO; +#else + goto not_there; +#endif + + } + break; + case 'E': + if (!memcmp(name, "CLIENT_HELLO_SUCCESS", 20)) { + /* ^ */ + +#ifdef SSL_CLIENT_HELLO_SUCCESS + return SSL_CLIENT_HELLO_SUCCESS; +#else + goto not_there; +#endif + + } + if (!memcmp(name, "F_SSL_USE_PRIVATEKEY", 20)) { + /* ^ */ + +#ifdef SSL_F_SSL_USE_PRIVATEKEY + return SSL_F_SSL_USE_PRIVATEKEY; +#else + goto not_there; +#endif + + } if (!memcmp(name, "MODE_RELEASE_BUFFERS", 20)) { - /* ^ */ + /* ^ */ #ifdef SSL_MODE_RELEASE_BUFFERS return SSL_MODE_RELEASE_BUFFERS; @@ -3806,9 +4016,9 @@ constant (const char *name, size_t len) { } break; - case 'E': + case 'F': if (!memcmp(name, "ASN1_STRFLGS_ESC_MSB", 20)) { - /* ^ */ + /* ^ */ #ifdef ASN1_STRFLGS_ESC_MSB return ASN1_STRFLGS_ESC_MSB; @@ -3817,98 +4027,102 @@ constant (const char *name, size_t len) { #endif } - break; - case 'G': - if (!memcmp(name, "SSL3_MT_MESSAGE_HASH", 20)) { - /* ^ */ + if (!memcmp(name, "ASN1_STRFLGS_RFC2253", 20)) { + /* ^ */ -#ifdef SSL3_MT_MESSAGE_HASH - return SSL3_MT_MESSAGE_HASH; +#ifdef ASN1_STRFLGS_RFC2253 + return ASN1_STRFLGS_RFC2253; #else goto not_there; #endif } break; - case 'I': - if (!memcmp(name, "F_CLIENT_CERTIFICATE", 20)) { - /* ^ */ + case 'H': + if (!memcmp(name, "AD_HANDSHAKE_FAILURE", 20)) { + /* ^ */ -#ifdef SSL_F_CLIENT_CERTIFICATE - return SSL_F_CLIENT_CERTIFICATE; +#ifdef SSL_AD_HANDSHAKE_FAILURE + return SSL_AD_HANDSHAKE_FAILURE; #else goto not_there; #endif } break; - case 'R': - if (!memcmp(name, "ASN1_STRFLGS_RFC2253", 20)) { - /* ^ */ + case 'I': + if (!memcmp(name, "OP_PRIORITIZE_CHACHA", 20)) { + /* ^ */ -#ifdef ASN1_STRFLGS_RFC2253 - return ASN1_STRFLGS_RFC2253; +#ifdef SSL_OP_PRIORITIZE_CHACHA + return SSL_OP_PRIORITIZE_CHACHA; #else goto not_there; #endif } - if (!memcmp(name, "SSL2_MT_SERVER_HELLO", 20)) { - /* ^ */ + break; + case 'M': + if (!memcmp(name, "SSL3_MT_MESSAGE_HASH", 20)) { + /* ^ */ -#ifdef SSL2_MT_SERVER_HELLO - return SSL2_MT_SERVER_HELLO; +#ifdef SSL3_MT_MESSAGE_HASH + return SSL3_MT_MESSAGE_HASH; #else goto not_there; #endif } - if (!memcmp(name, "SSL3_MT_SERVER_HELLO", 20)) { - /* ^ */ + break; + case 'N': + if (!memcmp(name, "AD_MISSING_EXTENSION", 20)) { + /* ^ */ -#ifdef SSL3_MT_SERVER_HELLO - return SSL3_MT_SERVER_HELLO; +#ifdef SSL_AD_MISSING_EXTENSION + return SSL_AD_MISSING_EXTENSION; #else goto not_there; #endif } - break; - case 'S': - if (!memcmp(name, "X509_TRUST_OCSP_SIGN", 20)) { - /* ^ */ + if (!memcmp(name, "ERROR_WANT_ASYNC_JOB", 20)) { + /* ^ */ -#ifdef X509_TRUST_OCSP_SIGN - return X509_TRUST_OCSP_SIGN; +#ifdef SSL_ERROR_WANT_ASYNC_JOB + return SSL_ERROR_WANT_ASYNC_JOB; #else goto not_there; #endif } break; - case 'T': - if (!memcmp(name, "SSL2_MT_CLIENT_HELLO", 20)) { - /* ^ */ + case 'O': + if (!memcmp(name, "AD_UNRECOGNIZED_NAME", 20)) { + /* ^ */ -#ifdef SSL2_MT_CLIENT_HELLO - return SSL2_MT_CLIENT_HELLO; +#ifdef SSL_AD_UNRECOGNIZED_NAME + return SSL_AD_UNRECOGNIZED_NAME; #else goto not_there; #endif } - if (!memcmp(name, "SSL3_MT_CLIENT_HELLO", 20)) { - /* ^ */ + break; + case 'P': + if (!memcmp(name, "AD_DECRYPTION_FAILED", 20)) { + /* ^ */ -#ifdef SSL3_MT_CLIENT_HELLO - return SSL3_MT_CLIENT_HELLO; +#ifdef SSL_AD_DECRYPTION_FAILED + return SSL_AD_DECRYPTION_FAILED; #else goto not_there; #endif } + break; + case 'R': if (!memcmp(name, "X509_V_ERR_PATH_LOOP", 20)) { - /* ^ */ + /* ^ */ #ifdef X509_V_ERR_PATH_LOOP return X509_V_ERR_PATH_LOOP; @@ -3918,46 +4132,54 @@ constant (const char *name, size_t len) { } break; - case 'V': - if (!memcmp(name, "F_SSL_USE_PRIVATEKEY", 20)) { - /* ^ */ + case 'S': + if (!memcmp(name, "OP_CLEANSE_PLAINTEXT", 20)) { + /* ^ */ -#ifdef SSL_F_SSL_USE_PRIVATEKEY - return SSL_F_SSL_USE_PRIVATEKEY; +#ifdef SSL_OP_CLEANSE_PLAINTEXT + return SSL_OP_CLEANSE_PLAINTEXT; #else goto not_there; #endif } - if (!memcmp(name, "SESSION_ASN1_VERSION", 20)) { - /* ^ */ + if (!memcmp(name, "SSL2_MT_SERVER_HELLO", 20)) { + /* ^ */ -#ifdef SSL_SESSION_ASN1_VERSION - return SSL_SESSION_ASN1_VERSION; +#ifdef SSL2_MT_SERVER_HELLO + return SSL2_MT_SERVER_HELLO; #else goto not_there; #endif } - break; - case 'W': - if (!memcmp(name, "NID_ripemd160WithRSA", 20)) { - /* ^ */ + if (!memcmp(name, "SSL3_MT_SERVER_HELLO", 20)) { + /* ^ */ -#ifdef NID_ripemd160WithRSA - return NID_ripemd160WithRSA; +#ifdef SSL3_MT_SERVER_HELLO + return SSL3_MT_SERVER_HELLO; +#else + goto not_there; +#endif + + } + if (!memcmp(name, "X509_TRUST_OCSP_SIGN", 20)) { + /* ^ */ + +#ifdef X509_TRUST_OCSP_SIGN + return X509_TRUST_OCSP_SIGN; #else goto not_there; #endif } break; - case 'Y': - if (!memcmp(name, "ERROR_WANT_ASYNC_JOB", 20)) { - /* ^ */ + case 'T': + if (!memcmp(name, "R_NO_CERTIFICATE_SET", 20)) { + /* ^ */ -#ifdef SSL_ERROR_WANT_ASYNC_JOB - return SSL_ERROR_WANT_ASYNC_JOB; +#ifdef SSL_R_NO_CERTIFICATE_SET + return SSL_R_NO_CERTIFICATE_SET; #else goto not_there; #endif @@ -3965,11 +4187,21 @@ constant (const char *name, size_t len) { } break; case '_': - if (!memcmp(name, "OP_PRIORITIZE_CHACHA", 20)) { - /* ^ */ + if (!memcmp(name, "F_CLIENT_CERTIFICATE", 20)) { + /* ^ */ -#ifdef SSL_OP_PRIORITIZE_CHACHA - return SSL_OP_PRIORITIZE_CHACHA; +#ifdef SSL_F_CLIENT_CERTIFICATE + return SSL_F_CLIENT_CERTIFICATE; +#else + goto not_there; +#endif + + } + if (!memcmp(name, "NID_zlib_compression", 20)) { + /* ^ */ + +#ifdef NID_zlib_compression + return NID_zlib_compression; #else goto not_there; #endif @@ -3978,7 +4210,7 @@ constant (const char *name, size_t len) { break; case 'c': if (!memcmp(name, "NID_netscape_comment", 20)) { - /* ^ */ + /* ^ */ #ifdef NID_netscape_comment return NID_netscape_comment; @@ -3988,24 +4220,24 @@ constant (const char *name, size_t len) { } break; - case 'i': - if (!memcmp(name, "NID_organizationName", 20)) { - /* ^ */ + case 'e': + if (!memcmp(name, "NID_subject_alt_name", 20)) { + /* ^ */ -#ifdef NID_organizationName - return NID_organizationName; +#ifdef NID_subject_alt_name + return NID_subject_alt_name; #else goto not_there; #endif } break; - case 'l': - if (!memcmp(name, "NID_subject_alt_name", 20)) { - /* ^ */ + case 'm': + if (!memcmp(name, "NID_ripemd160WithRSA", 20)) { + /* ^ */ -#ifdef NID_subject_alt_name - return NID_subject_alt_name; +#ifdef NID_ripemd160WithRSA + return NID_ripemd160WithRSA; #else goto not_there; #endif @@ -4013,23 +4245,23 @@ constant (const char *name, size_t len) { } break; case 'n': - if (!memcmp(name, "NID_uniqueIdentifier", 20)) { - /* ^ */ + if (!memcmp(name, "NID_organizationName", 20)) { + /* ^ */ -#ifdef NID_uniqueIdentifier - return NID_uniqueIdentifier; +#ifdef NID_organizationName + return NID_organizationName; #else goto not_there; #endif } break; - case 'r': - if (!memcmp(name, "NID_zlib_compression", 20)) { - /* ^ */ + case 'u': + if (!memcmp(name, "NID_uniqueIdentifier", 20)) { + /* ^ */ -#ifdef NID_zlib_compression - return NID_zlib_compression; +#ifdef NID_uniqueIdentifier + return NID_uniqueIdentifier; #else goto not_there; #endif @@ -4040,16 +4272,16 @@ constant (const char *name, size_t len) { break; case 21: /* Names all of length 21. */ - /* ASN1_STRFLGS_ESC_CTRL F_GET_CLIENT_FINISHED F_GET_SERVER_FINISHED - F_REQUEST_CERTIFICATE F_SSL_GET_NEW_SESSION F_SSL_USE_CERTIFICATE - NID_SMIMECapabilities NID_basic_constraints NID_netscape_base_url - NID_pkcs9_contentType NID_pkcs9_signingTime OPENSSL_VERSION_MAJOR - OPENSSL_VERSION_MINOR OPENSSL_VERSION_PATCH OP_NETSCAPE_CA_DN_BUG - SSL2_MT_SERVER_VERIFY SSL3_MT_HELLO_REQUEST VERIFY_POST_HANDSHAKE - X509_FILETYPE_DEFAULT X509_PURPOSE_CRL_SIGN X509_TRUST_SSL_CLIENT - X509_TRUST_SSL_SERVER X509_V_ERR_INVALID_CA X509_V_ERR_OUT_OF_MEM - X509_V_FLAG_CRL_CHECK XN_FLAG_SEP_CPLUS_SPC XN_FLAG_SEP_MULTILINE - XN_FLAG_SEP_SPLUS_SPC */ + /* AD_EXPORT_RESTRICTION AD_UNEXPECTED_MESSAGE ASN1_STRFLGS_ESC_CTRL + F_GET_CLIENT_FINISHED F_GET_SERVER_FINISHED F_REQUEST_CERTIFICATE + F_SSL_GET_NEW_SESSION F_SSL_USE_CERTIFICATE NID_SMIMECapabilities + NID_basic_constraints NID_netscape_base_url NID_pkcs9_contentType + NID_pkcs9_signingTime OPENSSL_VERSION_MAJOR OPENSSL_VERSION_MINOR + OPENSSL_VERSION_PATCH OP_NETSCAPE_CA_DN_BUG SSL2_MT_SERVER_VERIFY + SSL3_MT_HELLO_REQUEST VERIFY_POST_HANDSHAKE X509_FILETYPE_DEFAULT + X509_PURPOSE_CRL_SIGN X509_TRUST_SSL_CLIENT X509_TRUST_SSL_SERVER + X509_V_ERR_INVALID_CA X509_V_ERR_OUT_OF_MEM X509_V_FLAG_CRL_CHECK + XN_FLAG_SEP_CPLUS_SPC XN_FLAG_SEP_MULTILINE XN_FLAG_SEP_SPLUS_SPC */ /* Offset 19 gives the best switch position. */ switch (name[19]) { case 'C': @@ -4139,6 +4371,16 @@ constant (const char *name, size_t len) { } break; case 'G': + if (!memcmp(name, "AD_UNEXPECTED_MESSAGE", 21)) { + /* ^ */ + +#ifdef SSL_AD_UNEXPECTED_MESSAGE + return SSL_AD_UNEXPECTED_MESSAGE; +#else + goto not_there; +#endif + + } if (!memcmp(name, "X509_PURPOSE_CRL_SIGN", 21)) { /* ^ */ @@ -4197,6 +4439,16 @@ constant (const char *name, size_t len) { } break; case 'O': + if (!memcmp(name, "AD_EXPORT_RESTRICTION", 21)) { + /* ^ */ + +#ifdef SSL_AD_EXPORT_RESTRICTION + return SSL_AD_EXPORT_RESTRICTION; +#else + goto not_there; +#endif + + } if (!memcmp(name, "F_SSL_GET_NEW_SESSION", 21)) { /* ^ */ @@ -4372,7 +4624,8 @@ constant (const char *name, size_t len) { break; case 22: /* Names all of length 22. */ - /* ASN1_STRFLGS_ESC_QUOTE ERROR_WANT_X509_LOOKUP F_SSL_SESSION_PRINT_FP + /* AD_CERTIFICATE_EXPIRED AD_CERTIFICATE_REVOKED AD_CERTIFICATE_UNKNOWN + ASN1_STRFLGS_ESC_QUOTE ERROR_WANT_X509_LOOKUP F_SSL_SESSION_PRINT_FP NID_netscape_cert_type NID_netscape_data_type NID_pkcs9_emailAddress OPENSSL_VERSION_NUMBER OPENSSL_VERSION_STRING OP_NO_ENCRYPT_THEN_MAC R_PEER_ERROR_NO_CIPHER SESS_CACHE_NO_INTERNAL SESS_CACHE_UPDATE_TIME @@ -4404,6 +4657,18 @@ constant (const char *name, size_t len) { } break; + case 'I': + if (!memcmp(name, "AD_CERTIFICATE_EXPIRED", 22)) { + /* ^ */ + +#ifdef SSL_AD_CERTIFICATE_EXPIRED + return SSL_AD_CERTIFICATE_EXPIRED; +#else + goto not_there; +#endif + + } + break; case 'L': if (!memcmp(name, "X509_V_FLAG_USE_DELTAS", 22)) { /* ^ */ @@ -4428,7 +4693,29 @@ constant (const char *name, size_t len) { } break; + case 'N': + if (!memcmp(name, "AD_CERTIFICATE_UNKNOWN", 22)) { + /* ^ */ + +#ifdef SSL_AD_CERTIFICATE_UNKNOWN + return SSL_AD_CERTIFICATE_UNKNOWN; +#else + goto not_there; +#endif + + } + break; case 'O': + if (!memcmp(name, "AD_CERTIFICATE_REVOKED", 22)) { + /* ^ */ + +#ifdef SSL_AD_CERTIFICATE_REVOKED + return SSL_AD_CERTIFICATE_REVOKED; +#else + goto not_there; +#endif + + } if (!memcmp(name, "ERROR_WANT_X509_LOOKUP", 22)) { /* ^ */ @@ -4592,15 +4879,16 @@ constant (const char *name, size_t len) { break; case 23: /* Names all of length 23. */ - /* ERROR_WANT_RETRY_VERIFY F_GET_CLIENT_MASTER_KEY F_SSL_USE_RSAPRIVATEKEY - LIBRESSL_VERSION_NUMBER NID_pkcs8ShroudedKeyBag NID_pkcs9_messageDigest - NID_stateOrProvinceName OPENSSL_INFO_CONFIG_DIR OP_CRYPTOPRO_TLSEXT_BUG - R_BAD_RESPONSE_ARGUMENT R_PUBLIC_KEY_IS_NOT_RSA SSL2_MT_CLIENT_FINISHED - SSL2_MT_SERVER_FINISHED SSL3_MT_CERTIFICATE_URL X509_PURPOSE_SMIME_SIGN - X509_PURPOSE_SSL_CLIENT X509_PURPOSE_SSL_SERVER X509_TRUST_OCSP_REQUEST - X509_V_ERR_CERT_REVOKED X509_V_ERR_INVALID_CALL X509_V_ERR_STORE_LOOKUP - X509_V_FLAG_INHIBIT_ANY X509_V_FLAG_INHIBIT_MAP X509_V_FLAG_POLICY_MASK - X509_V_FLAG_X509_STRICT */ + /* AD_CERTIFICATE_REQUIRED AD_UNKNOWN_PSK_IDENTITY ERROR_WANT_RETRY_VERIFY + F_GET_CLIENT_MASTER_KEY F_SSL_USE_RSAPRIVATEKEY LIBRESSL_VERSION_NUMBER + NID_pkcs8ShroudedKeyBag NID_pkcs9_messageDigest NID_stateOrProvinceName + OPENSSL_INFO_CONFIG_DIR OP_CRYPTOPRO_TLSEXT_BUG R_BAD_RESPONSE_ARGUMENT + R_PUBLIC_KEY_IS_NOT_RSA SSL2_MT_CLIENT_FINISHED SSL2_MT_SERVER_FINISHED + SSL3_MT_CERTIFICATE_URL X509_PURPOSE_SMIME_SIGN X509_PURPOSE_SSL_CLIENT + X509_PURPOSE_SSL_SERVER X509_TRUST_OCSP_REQUEST X509_V_ERR_CERT_REVOKED + X509_V_ERR_INVALID_CALL X509_V_ERR_STORE_LOOKUP X509_V_FLAG_INHIBIT_ANY + X509_V_FLAG_INHIBIT_MAP X509_V_FLAG_POLICY_MASK X509_V_FLAG_X509_STRICT + */ /* Offset 13 gives the best switch position. */ switch (name[13]) { case '5': @@ -4628,6 +4916,16 @@ constant (const char *name, size_t len) { } break; case 'E': + if (!memcmp(name, "AD_CERTIFICATE_REQUIRED", 23)) { + /* ^ */ + +#ifdef SSL_AD_CERTIFICATE_REQUIRED + return SSL_AD_CERTIFICATE_REQUIRED; +#else + goto not_there; +#endif + + } if (!memcmp(name, "R_BAD_RESPONSE_ARGUMENT", 23)) { /* ^ */ @@ -4673,6 +4971,18 @@ constant (const char *name, size_t len) { } break; + case 'K': + if (!memcmp(name, "AD_UNKNOWN_PSK_IDENTITY", 23)) { + /* ^ */ + +#ifdef SSL_AD_UNKNOWN_PSK_IDENTITY + return SSL_AD_UNKNOWN_PSK_IDENTITY; +#else + goto not_there; +#endif + + } + break; case 'M': if (!memcmp(name, "F_GET_CLIENT_MASTER_KEY", 23)) { /* ^ */ @@ -4889,20 +5199,22 @@ constant (const char *name, size_t len) { break; case 24: /* Names all of length 24. */ - /* F_SSL_RSA_PUBLIC_ENCRYPT NID_certificate_policies - NID_md2WithRSAEncryption NID_md5WithRSAEncryption - NID_netscape_renewal_url NID_pbeWithMD2AndDES_CBC - NID_pbeWithMD2AndRC2_CBC NID_pbeWithMD5AndDES_CBC - NID_pbeWithMD5AndRC2_CBC NID_shaWithRSAEncryption - OPENSSL_INFO_ENGINES_DIR OPENSSL_INFO_MODULES_DIR - OPENSSL_INFO_SEED_SOURCE OP_IGNORE_UNEXPECTED_EOF - OP_LEGACY_SERVER_CONNECT OP_MICROSOFT_SESS_ID_BUG - OP_TLS_BLOCK_PADDING_BUG R_CHALLENGE_IS_DIFFERENT - R_CIPHER_TABLE_SRC_ERROR R_PEER_ERROR_CERTIFICATE - R_READ_WRONG_PACKET_TYPE SESS_CACHE_NO_AUTO_CLEAR - SSL3_RT_APPLICATION_DATA X509_PURPOSE_OCSP_HELPER - X509_V_ERR_CERT_REJECTED X509_V_ERR_DANE_NO_MATCH - X509_V_ERR_NO_VALID_SCTS X509_V_FLAG_POLICY_CHECK */ + /* AD_DECOMPRESSION_FAILURE AD_INSUFFICIENT_SECURITY + AD_UNSUPPORTED_EXTENSION F_SSL_RSA_PUBLIC_ENCRYPT + NID_certificate_policies NID_md2WithRSAEncryption + NID_md5WithRSAEncryption NID_netscape_renewal_url + NID_pbeWithMD2AndDES_CBC NID_pbeWithMD2AndRC2_CBC + NID_pbeWithMD5AndDES_CBC NID_pbeWithMD5AndRC2_CBC + NID_shaWithRSAEncryption OPENSSL_INFO_ENGINES_DIR + OPENSSL_INFO_MODULES_DIR OPENSSL_INFO_SEED_SOURCE + OP_IGNORE_UNEXPECTED_EOF OP_LEGACY_SERVER_CONNECT + OP_MICROSOFT_SESS_ID_BUG OP_TLS_BLOCK_PADDING_BUG + R_CHALLENGE_IS_DIFFERENT R_CIPHER_TABLE_SRC_ERROR + R_PEER_ERROR_CERTIFICATE R_READ_WRONG_PACKET_TYPE + SESS_CACHE_NO_AUTO_CLEAR SSL3_RT_APPLICATION_DATA + X509_PURPOSE_OCSP_HELPER X509_V_ERR_CERT_REJECTED + X509_V_ERR_DANE_NO_MATCH X509_V_ERR_NO_VALID_SCTS + X509_V_FLAG_POLICY_CHECK */ /* Offset 13 gives the best switch position. */ switch (name[13]) { case '2': @@ -5003,6 +5315,18 @@ constant (const char *name, size_t len) { } break; + case 'D': + if (!memcmp(name, "AD_UNSUPPORTED_EXTENSION", 24)) { + /* ^ */ + +#ifdef SSL_AD_UNSUPPORTED_EXTENSION + return SSL_AD_UNSUPPORTED_EXTENSION; +#else + goto not_there; +#endif + + } + break; case 'E': if (!memcmp(name, "OPENSSL_INFO_ENGINES_DIR", 24)) { /* ^ */ @@ -5025,6 +5349,18 @@ constant (const char *name, size_t len) { } break; + case 'I': + if (!memcmp(name, "AD_DECOMPRESSION_FAILURE", 24)) { + /* ^ */ + +#ifdef SSL_AD_DECOMPRESSION_FAILURE + return SSL_AD_DECOMPRESSION_FAILURE; +#else + goto not_there; +#endif + + } + break; case 'L': if (!memcmp(name, "F_SSL_RSA_PUBLIC_ENCRYPT", 24)) { /* ^ */ @@ -5050,6 +5386,16 @@ constant (const char *name, size_t len) { } break; case 'N': + if (!memcmp(name, "AD_INSUFFICIENT_SECURITY", 24)) { + /* ^ */ + +#ifdef SSL_AD_INSUFFICIENT_SECURITY + return SSL_AD_INSUFFICIENT_SECURITY; +#else + goto not_there; +#endif + + } if (!memcmp(name, "X509_V_ERR_DANE_NO_MATCH", 24)) { /* ^ */ @@ -5223,183 +5569,190 @@ constant (const char *name, size_t len) { break; case 25: /* Names all of length 25. */ - /* F_SSL_RSA_PRIVATE_DECRYPT F_SSL_USE_PRIVATEKEY_ASN1 - F_SSL_USE_PRIVATEKEY_FILE MODE_ENABLE_PARTIAL_WRITE - NID_pbeWithSHA1AndDES_CBC NID_pbeWithSHA1AndRC2_CBC - NID_sha1WithRSAEncryption OPENSSL_INFO_CPU_SETTINGS - OP_MSIE_SSLV2_RSA_PADDING OP_NETSCAPE_CHALLENGE_BUG - OP_SAFARI_ECDHE_ECDSA_BUG R_BAD_AUTHENTICATION_TYPE - SSL2_MT_CLIENT_MASTER_KEY SSL3_MT_END_OF_EARLY_DATA - SSL3_MT_NEWSESSION_TICKET SSL3_MT_SUPPLEMENTAL_DATA - V_OCSP_CERTSTATUS_REVOKED V_OCSP_CERTSTATUS_UNKNOWN - X509_V_ERR_CA_MD_TOO_WEAK X509_V_ERR_CERT_UNTRUSTED - X509_V_ERR_EMAIL_MISMATCH X509_V_ERR_INVALID_NON_CA - X509_V_ERR_SUBTREE_MINMAX X509_V_FLAG_CRL_CHECK_ALL - X509_V_FLAG_LEGACY_VERIFY X509_V_FLAG_NOTIFY_POLICY - X509_V_FLAG_NO_ALT_CHAINS X509_V_FLAG_NO_CHECK_TIME - X509_V_FLAG_PARTIAL_CHAIN X509_V_FLAG_TRUSTED_FIRST */ - /* Offset 19 gives the best switch position. */ - switch (name[19]) { - case 'A': - if (!memcmp(name, "OP_MSIE_SSLV2_RSA_PADDING", 25)) { - /* ^ */ + /* AD_INAPPROPRIATE_FALLBACK F_SSL_RSA_PRIVATE_DECRYPT + F_SSL_USE_PRIVATEKEY_ASN1 F_SSL_USE_PRIVATEKEY_FILE + MODE_ENABLE_PARTIAL_WRITE NID_pbeWithSHA1AndDES_CBC + NID_pbeWithSHA1AndRC2_CBC NID_sha1WithRSAEncryption + OPENSSL_INFO_CPU_SETTINGS OP_MSIE_SSLV2_RSA_PADDING + OP_NETSCAPE_CHALLENGE_BUG OP_SAFARI_ECDHE_ECDSA_BUG + R_BAD_AUTHENTICATION_TYPE SSL2_MT_CLIENT_MASTER_KEY + SSL3_MT_END_OF_EARLY_DATA SSL3_MT_NEWSESSION_TICKET + SSL3_MT_SUPPLEMENTAL_DATA V_OCSP_CERTSTATUS_REVOKED + V_OCSP_CERTSTATUS_UNKNOWN X509_V_ERR_CA_MD_TOO_WEAK + X509_V_ERR_CERT_UNTRUSTED X509_V_ERR_EMAIL_MISMATCH + X509_V_ERR_INVALID_NON_CA X509_V_ERR_SUBTREE_MINMAX + X509_V_FLAG_CRL_CHECK_ALL X509_V_FLAG_LEGACY_VERIFY + X509_V_FLAG_NOTIFY_POLICY X509_V_FLAG_NO_ALT_CHAINS + X509_V_FLAG_NO_CHECK_TIME X509_V_FLAG_PARTIAL_CHAIN + X509_V_FLAG_TRUSTED_FIRST */ + /* Offset 20 gives the best switch position. */ + switch (name[20]) { + case '2': + if (!memcmp(name, "NID_pbeWithSHA1AndRC2_CBC", 25)) { + /* ^ */ -#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING - return SSL_OP_MSIE_SSLV2_RSA_PADDING; +#ifdef NID_pbeWithSHA1AndRC2_CBC + return NID_pbeWithSHA1AndRC2_CBC; #else goto not_there; #endif } break; - case 'C': - if (!memcmp(name, "NID_pbeWithSHA1AndRC2_CBC", 25)) { - /* ^ */ + case 'A': + if (!memcmp(name, "OP_SAFARI_ECDHE_ECDSA_BUG", 25)) { + /* ^ */ -#ifdef NID_pbeWithSHA1AndRC2_CBC - return NID_pbeWithSHA1AndRC2_CBC; +#ifdef SSL_OP_SAFARI_ECDHE_ECDSA_BUG + return SSL_OP_SAFARI_ECDHE_ECDSA_BUG; #else goto not_there; #endif } - if (!memcmp(name, "X509_V_FLAG_CRL_CHECK_ALL", 25)) { - /* ^ */ + break; + case 'C': + if (!memcmp(name, "F_SSL_RSA_PRIVATE_DECRYPT", 25)) { + /* ^ */ -#ifdef X509_V_FLAG_CRL_CHECK_ALL - return X509_V_FLAG_CRL_CHECK_ALL; +#ifdef SSL_F_SSL_RSA_PRIVATE_DECRYPT + return SSL_F_SSL_RSA_PRIVATE_DECRYPT; #else goto not_there; #endif } - if (!memcmp(name, "X509_V_FLAG_NO_ALT_CHAINS", 25)) { - /* ^ */ + if (!memcmp(name, "X509_V_FLAG_PARTIAL_CHAIN", 25)) { + /* ^ */ -#ifdef X509_V_FLAG_NO_ALT_CHAINS - return X509_V_FLAG_NO_ALT_CHAINS; +#ifdef X509_V_FLAG_PARTIAL_CHAIN + return X509_V_FLAG_PARTIAL_CHAIN; #else goto not_there; #endif } break; - case 'E': - if (!memcmp(name, "F_SSL_RSA_PRIVATE_DECRYPT", 25)) { - /* ^ */ + case 'D': + if (!memcmp(name, "OP_MSIE_SSLV2_RSA_PADDING", 25)) { + /* ^ */ -#ifdef SSL_F_SSL_RSA_PRIVATE_DECRYPT - return SSL_F_SSL_RSA_PRIVATE_DECRYPT; +#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING + return SSL_OP_MSIE_SSLV2_RSA_PADDING; #else goto not_there; #endif } - if (!memcmp(name, "NID_pbeWithSHA1AndDES_CBC", 25)) { - /* ^ */ + break; + case 'E': + if (!memcmp(name, "OP_NETSCAPE_CHALLENGE_BUG", 25)) { + /* ^ */ -#ifdef NID_pbeWithSHA1AndDES_CBC - return NID_pbeWithSHA1AndDES_CBC; +#ifdef SSL_OP_NETSCAPE_CHALLENGE_BUG + return SSL_OP_NETSCAPE_CHALLENGE_BUG; #else goto not_there; #endif } - if (!memcmp(name, "SSL2_MT_CLIENT_MASTER_KEY", 25)) { - /* ^ */ + if (!memcmp(name, "X509_V_FLAG_LEGACY_VERIFY", 25)) { + /* ^ */ -#ifdef SSL2_MT_CLIENT_MASTER_KEY - return SSL2_MT_CLIENT_MASTER_KEY; +#ifdef X509_V_FLAG_LEGACY_VERIFY + return X509_V_FLAG_LEGACY_VERIFY; #else goto not_there; #endif } - if (!memcmp(name, "V_OCSP_CERTSTATUS_REVOKED", 25)) { - /* ^ */ + break; + case 'F': + if (!memcmp(name, "X509_V_FLAG_TRUSTED_FIRST", 25)) { + /* ^ */ -#ifdef V_OCSP_CERTSTATUS_REVOKED - return V_OCSP_CERTSTATUS_REVOKED; +#ifdef X509_V_FLAG_TRUSTED_FIRST + return X509_V_FLAG_TRUSTED_FIRST; #else goto not_there; #endif } break; - case 'G': - if (!memcmp(name, "OP_NETSCAPE_CHALLENGE_BUG", 25)) { - /* ^ */ + case 'H': + if (!memcmp(name, "X509_V_FLAG_NO_ALT_CHAINS", 25)) { + /* ^ */ -#ifdef SSL_OP_NETSCAPE_CHALLENGE_BUG - return SSL_OP_NETSCAPE_CHALLENGE_BUG; +#ifdef X509_V_FLAG_NO_ALT_CHAINS + return X509_V_FLAG_NO_ALT_CHAINS; #else goto not_there; #endif } break; - case 'K': - if (!memcmp(name, "X509_V_FLAG_NO_CHECK_TIME", 25)) { - /* ^ */ + case 'I': + if (!memcmp(name, "SSL3_MT_NEWSESSION_TICKET", 25)) { + /* ^ */ -#ifdef X509_V_FLAG_NO_CHECK_TIME - return X509_V_FLAG_NO_CHECK_TIME; +#ifdef SSL3_MT_NEWSESSION_TICKET + return SSL3_MT_NEWSESSION_TICKET; #else goto not_there; #endif } - break; - case 'L': - if (!memcmp(name, "SSL3_MT_SUPPLEMENTAL_DATA", 25)) { - /* ^ */ + if (!memcmp(name, "X509_V_ERR_SUBTREE_MINMAX", 25)) { + /* ^ */ -#ifdef SSL3_MT_SUPPLEMENTAL_DATA - return SSL3_MT_SUPPLEMENTAL_DATA; +#ifdef X509_V_ERR_SUBTREE_MINMAX + return X509_V_ERR_SUBTREE_MINMAX; #else goto not_there; #endif } break; - case 'M': - if (!memcmp(name, "X509_V_ERR_SUBTREE_MINMAX", 25)) { - /* ^ */ + case 'K': + if (!memcmp(name, "V_OCSP_CERTSTATUS_UNKNOWN", 25)) { + /* ^ */ -#ifdef X509_V_ERR_SUBTREE_MINMAX - return X509_V_ERR_SUBTREE_MINMAX; +#ifdef V_OCSP_CERTSTATUS_UNKNOWN + return V_OCSP_CERTSTATUS_UNKNOWN; #else goto not_there; #endif } - break; - case 'N': - if (!memcmp(name, "R_BAD_AUTHENTICATION_TYPE", 25)) { - /* ^ */ + if (!memcmp(name, "X509_V_FLAG_CRL_CHECK_ALL", 25)) { + /* ^ */ -#ifdef SSL_R_BAD_AUTHENTICATION_TYPE - return SSL_R_BAD_AUTHENTICATION_TYPE; +#ifdef X509_V_FLAG_CRL_CHECK_ALL + return X509_V_FLAG_CRL_CHECK_ALL; #else goto not_there; #endif } - if (!memcmp(name, "V_OCSP_CERTSTATUS_UNKNOWN", 25)) { - /* ^ */ + break; + case 'L': + if (!memcmp(name, "AD_INAPPROPRIATE_FALLBACK", 25)) { + /* ^ */ -#ifdef V_OCSP_CERTSTATUS_UNKNOWN - return V_OCSP_CERTSTATUS_UNKNOWN; +#ifdef SSL_AD_INAPPROPRIATE_FALLBACK + return SSL_AD_INAPPROPRIATE_FALLBACK; #else goto not_there; #endif } - if (!memcmp(name, "X509_V_ERR_INVALID_NON_CA", 25)) { - /* ^ */ + break; + case 'M': + if (!memcmp(name, "X509_V_ERR_EMAIL_MISMATCH", 25)) { + /* ^ */ -#ifdef X509_V_ERR_INVALID_NON_CA - return X509_V_ERR_INVALID_NON_CA; +#ifdef X509_V_ERR_EMAIL_MISMATCH + return X509_V_ERR_EMAIL_MISMATCH; #else goto not_there; #endif @@ -5407,20 +5760,18 @@ constant (const char *name, size_t len) { } break; case 'O': - if (!memcmp(name, "X509_V_ERR_CA_MD_TOO_WEAK", 25)) { - /* ^ */ + if (!memcmp(name, "X509_V_ERR_INVALID_NON_CA", 25)) { + /* ^ */ -#ifdef X509_V_ERR_CA_MD_TOO_WEAK - return X509_V_ERR_CA_MD_TOO_WEAK; +#ifdef X509_V_ERR_INVALID_NON_CA + return X509_V_ERR_INVALID_NON_CA; #else goto not_there; #endif } - break; - case 'P': if (!memcmp(name, "X509_V_FLAG_NOTIFY_POLICY", 25)) { - /* ^ */ + /* ^ */ #ifdef X509_V_FLAG_NOTIFY_POLICY return X509_V_FLAG_NOTIFY_POLICY; @@ -5431,11 +5782,11 @@ constant (const char *name, size_t len) { } break; case 'R': - if (!memcmp(name, "X509_V_ERR_CERT_UNTRUSTED", 25)) { - /* ^ */ + if (!memcmp(name, "SSL2_MT_CLIENT_MASTER_KEY", 25)) { + /* ^ */ -#ifdef X509_V_ERR_CERT_UNTRUSTED - return X509_V_ERR_CERT_UNTRUSTED; +#ifdef SSL2_MT_CLIENT_MASTER_KEY + return SSL2_MT_CLIENT_MASTER_KEY; #else goto not_there; #endif @@ -5443,64 +5794,68 @@ constant (const char *name, size_t len) { } break; case 'S': - if (!memcmp(name, "OP_SAFARI_ECDHE_ECDSA_BUG", 25)) { - /* ^ */ + if (!memcmp(name, "NID_pbeWithSHA1AndDES_CBC", 25)) { + /* ^ */ -#ifdef SSL_OP_SAFARI_ECDHE_ECDSA_BUG - return SSL_OP_SAFARI_ECDHE_ECDSA_BUG; +#ifdef NID_pbeWithSHA1AndDES_CBC + return NID_pbeWithSHA1AndDES_CBC; #else goto not_there; #endif } - if (!memcmp(name, "X509_V_ERR_EMAIL_MISMATCH", 25)) { - /* ^ */ + break; + case 'T': + if (!memcmp(name, "OPENSSL_INFO_CPU_SETTINGS", 25)) { + /* ^ */ -#ifdef X509_V_ERR_EMAIL_MISMATCH - return X509_V_ERR_EMAIL_MISMATCH; +#ifdef OPENSSL_INFO_CPU_SETTINGS + return OPENSSL_INFO_CPU_SETTINGS; #else goto not_there; #endif } break; - case 'T': - if (!memcmp(name, "OPENSSL_INFO_CPU_SETTINGS", 25)) { - /* ^ */ + case 'U': + if (!memcmp(name, "X509_V_ERR_CERT_UNTRUSTED", 25)) { + /* ^ */ -#ifdef OPENSSL_INFO_CPU_SETTINGS - return OPENSSL_INFO_CPU_SETTINGS; +#ifdef X509_V_ERR_CERT_UNTRUSTED + return X509_V_ERR_CERT_UNTRUSTED; #else goto not_there; #endif } - if (!memcmp(name, "SSL3_MT_NEWSESSION_TICKET", 25)) { - /* ^ */ + break; + case 'V': + if (!memcmp(name, "V_OCSP_CERTSTATUS_REVOKED", 25)) { + /* ^ */ -#ifdef SSL3_MT_NEWSESSION_TICKET - return SSL3_MT_NEWSESSION_TICKET; +#ifdef V_OCSP_CERTSTATUS_REVOKED + return V_OCSP_CERTSTATUS_REVOKED; #else goto not_there; #endif } break; - case 'V': - if (!memcmp(name, "X509_V_FLAG_LEGACY_VERIFY", 25)) { - /* ^ */ + case 'W': + if (!memcmp(name, "MODE_ENABLE_PARTIAL_WRITE", 25)) { + /* ^ */ -#ifdef X509_V_FLAG_LEGACY_VERIFY - return X509_V_FLAG_LEGACY_VERIFY; +#ifdef SSL_MODE_ENABLE_PARTIAL_WRITE + return SSL_MODE_ENABLE_PARTIAL_WRITE; #else goto not_there; #endif } break; - case 'Y': + case '_': if (!memcmp(name, "F_SSL_USE_PRIVATEKEY_ASN1", 25)) { - /* ^ */ + /* ^ */ #ifdef SSL_F_SSL_USE_PRIVATEKEY_ASN1 return SSL_F_SSL_USE_PRIVATEKEY_ASN1; @@ -5510,7 +5865,7 @@ constant (const char *name, size_t len) { } if (!memcmp(name, "F_SSL_USE_PRIVATEKEY_FILE", 25)) { - /* ^ */ + /* ^ */ #ifdef SSL_F_SSL_USE_PRIVATEKEY_FILE return SSL_F_SSL_USE_PRIVATEKEY_FILE; @@ -5519,8 +5874,18 @@ constant (const char *name, size_t len) { #endif } + if (!memcmp(name, "R_BAD_AUTHENTICATION_TYPE", 25)) { + /* ^ */ + +#ifdef SSL_R_BAD_AUTHENTICATION_TYPE + return SSL_R_BAD_AUTHENTICATION_TYPE; +#else + goto not_there; +#endif + + } if (!memcmp(name, "SSL3_MT_END_OF_EARLY_DATA", 25)) { - /* ^ */ + /* ^ */ #ifdef SSL3_MT_END_OF_EARLY_DATA return SSL3_MT_END_OF_EARLY_DATA; @@ -5529,42 +5894,40 @@ constant (const char *name, size_t len) { #endif } - break; - case '_': - if (!memcmp(name, "MODE_ENABLE_PARTIAL_WRITE", 25)) { - /* ^ */ + if (!memcmp(name, "SSL3_MT_SUPPLEMENTAL_DATA", 25)) { + /* ^ */ -#ifdef SSL_MODE_ENABLE_PARTIAL_WRITE - return SSL_MODE_ENABLE_PARTIAL_WRITE; +#ifdef SSL3_MT_SUPPLEMENTAL_DATA + return SSL3_MT_SUPPLEMENTAL_DATA; #else goto not_there; #endif } - if (!memcmp(name, "X509_V_FLAG_PARTIAL_CHAIN", 25)) { - /* ^ */ + if (!memcmp(name, "X509_V_ERR_CA_MD_TOO_WEAK", 25)) { + /* ^ */ -#ifdef X509_V_FLAG_PARTIAL_CHAIN - return X509_V_FLAG_PARTIAL_CHAIN; +#ifdef X509_V_ERR_CA_MD_TOO_WEAK + return X509_V_ERR_CA_MD_TOO_WEAK; #else goto not_there; #endif } - if (!memcmp(name, "X509_V_FLAG_TRUSTED_FIRST", 25)) { - /* ^ */ + if (!memcmp(name, "X509_V_FLAG_NO_CHECK_TIME", 25)) { + /* ^ */ -#ifdef X509_V_FLAG_TRUSTED_FIRST - return X509_V_FLAG_TRUSTED_FIRST; +#ifdef X509_V_FLAG_NO_CHECK_TIME + return X509_V_FLAG_NO_CHECK_TIME; #else goto not_there; #endif } break; - case 'y': + case 'p': if (!memcmp(name, "NID_sha1WithRSAEncryption", 25)) { - /* ^ */ + /* ^ */ #ifdef NID_sha1WithRSAEncryption return NID_sha1WithRSAEncryption; @@ -5578,7 +5941,8 @@ constant (const char *name, size_t len) { break; case 26: /* Names all of length 26. */ - /* ERROR_WANT_CLIENT_HELLO_CB F_SSL_USE_CERTIFICATE_ASN1 + /* AD_NO_APPLICATION_PROTOCOL AD_UNSUPPORTED_CERTIFICATE + ERROR_WANT_CLIENT_HELLO_CB F_SSL_USE_CERTIFICATE_ASN1 F_SSL_USE_CERTIFICATE_FILE NID_netscape_ca_policy_url NID_netscape_cert_sequence NID_organizationalUnitName NID_pbeWithMD5AndCast5_CBC NID_pkcs9_countersignature @@ -5674,6 +6038,16 @@ constant (const char *name, size_t len) { } break; case 'F': + if (!memcmp(name, "AD_UNSUPPORTED_CERTIFICATE", 26)) { + /* ^ */ + +#ifdef SSL_AD_UNSUPPORTED_CERTIFICATE + return SSL_AD_UNSUPPORTED_CERTIFICATE; +#else + goto not_there; +#endif + + } if (!memcmp(name, "SSL2_MT_CLIENT_CERTIFICATE", 26)) { /* ^ */ @@ -5743,6 +6117,18 @@ constant (const char *name, size_t len) { } break; + case 'O': + if (!memcmp(name, "AD_NO_APPLICATION_PROTOCOL", 26)) { + /* ^ */ + +#ifdef SSL_AD_NO_APPLICATION_PROTOCOL + return SSL_AD_NO_APPLICATION_PROTOCOL; +#else + goto not_there; +#endif + + } + break; case 'R': if (!memcmp(name, "SSL3_MT_CHANGE_CIPHER_SPEC", 26)) { /* ^ */ @@ -5943,19 +6329,19 @@ constant (const char *name, size_t len) { break; case 27: /* Names all of length 27. */ - /* NID_crl_distribution_points NID_netscape_cert_extension - NID_netscape_revocation_url NID_pbe_WithSHA1And40BitRC4 - NID_pkcs9_challengePassword NID_pkcs9_extCertAttributes - OPENSSL_FULL_VERSION_STRING OPENSSL_INFO_LIST_SEPARATOR - OP_CIPHER_SERVER_PREFERENCE OP_SSLEAY_080_CLIENT_DH_BUG - R_BAD_SSL_SESSION_ID_LENGTH R_UNKNOWN_REMOTE_ERROR_TYPE - SSL2_MT_REQUEST_CERTIFICATE SSL3_MT_CERTIFICATE_REQUEST - SSL3_MT_CLIENT_KEY_EXCHANGE SSL3_MT_SERVER_KEY_EXCHANGE - VERIFY_FAIL_IF_NO_PEER_CERT X509_PURPOSE_TIMESTAMP_SIGN - X509_V_ERR_CA_KEY_TOO_SMALL X509_V_ERR_CERT_HAS_EXPIRED - X509_V_ERR_EE_KEY_TOO_SMALL X509_V_FLAG_CB_ISSUER_CHECK - X509_V_FLAG_EXPLICIT_POLICY X509_V_FLAG_IGNORE_CRITICAL - XN_FLAG_DUMP_UNKNOWN_FIELDS */ + /* AD_CERTIFICATE_UNOBTAINABLE NID_crl_distribution_points + NID_netscape_cert_extension NID_netscape_revocation_url + NID_pbe_WithSHA1And40BitRC4 NID_pkcs9_challengePassword + NID_pkcs9_extCertAttributes OPENSSL_FULL_VERSION_STRING + OPENSSL_INFO_LIST_SEPARATOR OP_CIPHER_SERVER_PREFERENCE + OP_SSLEAY_080_CLIENT_DH_BUG R_BAD_SSL_SESSION_ID_LENGTH + R_UNKNOWN_REMOTE_ERROR_TYPE SSL2_MT_REQUEST_CERTIFICATE + SSL3_MT_CERTIFICATE_REQUEST SSL3_MT_CLIENT_KEY_EXCHANGE + SSL3_MT_SERVER_KEY_EXCHANGE VERIFY_FAIL_IF_NO_PEER_CERT + X509_PURPOSE_TIMESTAMP_SIGN X509_V_ERR_CA_KEY_TOO_SMALL + X509_V_ERR_CERT_HAS_EXPIRED X509_V_ERR_EE_KEY_TOO_SMALL + X509_V_FLAG_CB_ISSUER_CHECK X509_V_FLAG_EXPLICIT_POLICY + X509_V_FLAG_IGNORE_CRITICAL XN_FLAG_DUMP_UNKNOWN_FIELDS */ /* Offset 13 gives the best switch position. */ switch (name[13]) { case 'B': @@ -5982,6 +6368,18 @@ constant (const char *name, size_t len) { } break; + case 'E': + if (!memcmp(name, "AD_CERTIFICATE_UNOBTAINABLE", 27)) { + /* ^ */ + +#ifdef SSL_AD_CERTIFICATE_UNOBTAINABLE + return SSL_AD_CERTIFICATE_UNOBTAINABLE; +#else + goto not_there; +#endif + + } + break; case 'F': if (!memcmp(name, "SSL3_MT_CERTIFICATE_REQUEST", 27)) { /* ^ */ @@ -6473,13 +6871,14 @@ constant (const char *name, size_t len) { break; case 29: /* Names all of length 29. */ - /* NID_pkcs9_unstructuredAddress OCSP_RESPONSE_STATUS_TRYLATER - OP_ALLOW_CLIENT_RENEGOTIATION OP_MICROSOFT_BIG_SSLV3_BUFFER - R_SSL_SESSION_ID_IS_DIFFERENT SESS_CACHE_NO_INTERNAL_LOOKUP - X509_V_ERR_AKID_SKID_MISMATCH X509_V_ERR_CERT_NOT_YET_VALID - X509_V_ERR_EXCLUDED_VIOLATION X509_V_ERR_NO_EXPLICIT_POLICY - X509_V_ERR_OCSP_VERIFY_FAILED X509_V_ERR_OCSP_VERIFY_NEEDED - X509_V_ERR_SUBJECT_NAME_EMPTY X509_V_FLAG_ALLOW_PROXY_CERTS */ + /* AD_BAD_CERTIFICATE_HASH_VALUE NID_pkcs9_unstructuredAddress + OCSP_RESPONSE_STATUS_TRYLATER OP_ALLOW_CLIENT_RENEGOTIATION + OP_MICROSOFT_BIG_SSLV3_BUFFER R_SSL_SESSION_ID_IS_DIFFERENT + SESS_CACHE_NO_INTERNAL_LOOKUP X509_V_ERR_AKID_SKID_MISMATCH + X509_V_ERR_CERT_NOT_YET_VALID X509_V_ERR_EXCLUDED_VIOLATION + X509_V_ERR_NO_EXPLICIT_POLICY X509_V_ERR_OCSP_VERIFY_FAILED + X509_V_ERR_OCSP_VERIFY_NEEDED X509_V_ERR_SUBJECT_NAME_EMPTY + X509_V_FLAG_ALLOW_PROXY_CERTS */ /* Offset 16 gives the best switch position. */ switch (name[16]) { case 'A': @@ -6567,6 +6966,16 @@ constant (const char *name, size_t len) { } break; case 'T': + if (!memcmp(name, "AD_BAD_CERTIFICATE_HASH_VALUE", 29)) { + /* ^ */ + +#ifdef SSL_AD_BAD_CERTIFICATE_HASH_VALUE + return SSL_AD_BAD_CERTIFICATE_HASH_VALUE; +#else + goto not_there; +#endif + + } if (!memcmp(name, "SESS_CACHE_NO_INTERNAL_LOOKUP", 29)) { /* ^ */ @@ -7023,9 +7432,10 @@ constant (const char *name, size_t len) { break; case 34: /* Names all of length 34. */ - /* OCSP_RESPONSE_STATUS_INTERNALERROR OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG - X509_V_ERR_SUBJECT_ISSUER_MISMATCH X509_V_ERR_SUITE_B_INVALID_VERSION - X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED X509_V_ERR_UNSUPPORTED_NAME_SYNTAX */ + /* AD_BAD_CERTIFICATE_STATUS_RESPONSE OCSP_RESPONSE_STATUS_INTERNALERROR + OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG X509_V_ERR_SUBJECT_ISSUER_MISMATCH + X509_V_ERR_SUITE_B_INVALID_VERSION X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED + X509_V_ERR_UNSUPPORTED_NAME_SYNTAX */ /* Offset 24 gives the best switch position. */ switch (name[24]) { case 'A': @@ -7100,6 +7510,18 @@ constant (const char *name, size_t len) { } break; + case 'S': + if (!memcmp(name, "AD_BAD_CERTIFICATE_STATUS_RESPONSE", 34)) { + /* ^ */ + +#ifdef SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE + return SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; +#else + goto not_there; +#endif + + } + break; } break; case 35: diff --git a/helper_script/constants.txt b/helper_script/constants.txt index ea2b2b6..b0acb8e 100644 --- a/helper_script/constants.txt +++ b/helper_script/constants.txt @@ -295,6 +295,40 @@ SSLEAY_CFLAGS SSLEAY_DIR SSLEAY_PLATFORM SSLEAY_VERSION +SSL_AD_ACCESS_DENIED +SSL_AD_BAD_CERTIFICATE +SSL_AD_BAD_CERTIFICATE_HASH_VALUE +SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE +SSL_AD_BAD_RECORD_MAC +SSL_AD_CERTIFICATE_EXPIRED +SSL_AD_CERTIFICATE_REQUIRED +SSL_AD_CERTIFICATE_REVOKED +SSL_AD_CERTIFICATE_UNKNOWN +SSL_AD_CERTIFICATE_UNOBTAINABLE +SSL_AD_CLOSE_NOTIFY +SSL_AD_DECODE_ERROR +SSL_AD_DECOMPRESSION_FAILURE +SSL_AD_DECRYPTION_FAILED +SSL_AD_DECRYPT_ERROR +SSL_AD_EXPORT_RESTRICTION +SSL_AD_HANDSHAKE_FAILURE +SSL_AD_ILLEGAL_PARAMETER +SSL_AD_INAPPROPRIATE_FALLBACK +SSL_AD_INSUFFICIENT_SECURITY +SSL_AD_INTERNAL_ERROR +SSL_AD_MISSING_EXTENSION +SSL_AD_NO_APPLICATION_PROTOCOL +SSL_AD_NO_CERTIFICATE +SSL_AD_NO_RENEGOTIATION +SSL_AD_PROTOCOL_VERSION +SSL_AD_RECORD_OVERFLOW +SSL_AD_UNEXPECTED_MESSAGE +SSL_AD_UNKNOWN_CA +SSL_AD_UNKNOWN_PSK_IDENTITY +SSL_AD_UNRECOGNIZED_NAME +SSL_AD_UNSUPPORTED_CERTIFICATE +SSL_AD_UNSUPPORTED_EXTENSION +SSL_AD_USER_CANCELLED SSL_ASYNC_PAUSED SSL_ASYNC_NO_JOBS SSL_CB_ACCEPT_EXIT @@ -311,6 +345,9 @@ SSL_CB_READ_ALERT SSL_CB_WRITE SSL_CB_WRITE_ALERT SSL_CLIENT_HELLO_CB +SSL_CLIENT_HELLO_ERROR +SSL_CLIENT_HELLO_RETRY +SSL_CLIENT_HELLO_SUCCESS SSL_ERROR_NONE SSL_ERROR_SSL SSL_ERROR_SYSCALL diff --git a/lib/Net/SSLeay.pm b/lib/Net/SSLeay.pm index be818d1..777ce3f 100644 --- a/lib/Net/SSLeay.pm +++ b/lib/Net/SSLeay.pm @@ -78,6 +78,40 @@ $VERSION = '1.93_02'; # To add or remove a constant, edit helper_script/constants.txt, then run # helper_script/update-exported-constants. my @constants = qw( + AD_ACCESS_DENIED + AD_BAD_CERTIFICATE + AD_BAD_CERTIFICATE_HASH_VALUE + AD_BAD_CERTIFICATE_STATUS_RESPONSE + AD_BAD_RECORD_MAC + AD_CERTIFICATE_EXPIRED + AD_CERTIFICATE_REQUIRED + AD_CERTIFICATE_REVOKED + AD_CERTIFICATE_UNKNOWN + AD_CERTIFICATE_UNOBTAINABLE + AD_CLOSE_NOTIFY + AD_DECODE_ERROR + AD_DECOMPRESSION_FAILURE + AD_DECRYPTION_FAILED + AD_DECRYPT_ERROR + AD_EXPORT_RESTRICTION + AD_HANDSHAKE_FAILURE + AD_ILLEGAL_PARAMETER + AD_INAPPROPRIATE_FALLBACK + AD_INSUFFICIENT_SECURITY + AD_INTERNAL_ERROR + AD_MISSING_EXTENSION + AD_NO_APPLICATION_PROTOCOL + AD_NO_CERTIFICATE + AD_NO_RENEGOTIATION + AD_PROTOCOL_VERSION + AD_RECORD_OVERFLOW + AD_UNEXPECTED_MESSAGE + AD_UNKNOWN_CA + AD_UNKNOWN_PSK_IDENTITY + AD_UNRECOGNIZED_NAME + AD_UNSUPPORTED_CERTIFICATE + AD_UNSUPPORTED_EXTENSION + AD_USER_CANCELLED ASN1_STRFLGS_ESC_CTRL ASN1_STRFLGS_ESC_MSB ASN1_STRFLGS_ESC_QUOTE @@ -98,6 +132,9 @@ my @constants = qw( CB_WRITE CB_WRITE_ALERT CLIENT_HELLO_CB + CLIENT_HELLO_ERROR + CLIENT_HELLO_RETRY + CLIENT_HELLO_SUCCESS ERROR_NONE ERROR_SSL ERROR_SYSCALL diff --git a/lib/Net/SSLeay.pod b/lib/Net/SSLeay.pod index 4fc1f74..4f03f86 100644 --- a/lib/Net/SSLeay.pod +++ b/lib/Net/SSLeay.pod @@ -9739,327 +9739,346 @@ helper_script/update-exported-constants. =for start_constants - ASN1_STRFLGS_ESC_CTRL OP_CRYPTOPRO_TLSEXT_BUG - ASN1_STRFLGS_ESC_MSB OP_DISABLE_TLSEXT_CA_NAMES - ASN1_STRFLGS_ESC_QUOTE OP_DONT_INSERT_EMPTY_FRAGMENTS - ASN1_STRFLGS_RFC2253 OP_ENABLE_KTLS - ASYNC_NO_JOBS OP_ENABLE_MIDDLEBOX_COMPAT - ASYNC_PAUSED OP_EPHEMERAL_RSA - CB_ACCEPT_EXIT OP_IGNORE_UNEXPECTED_EOF - CB_ACCEPT_LOOP OP_LEGACY_SERVER_CONNECT - CB_ALERT OP_MICROSOFT_BIG_SSLV3_BUFFER - CB_CONNECT_EXIT OP_MICROSOFT_SESS_ID_BUG - CB_CONNECT_LOOP OP_MSIE_SSLV2_RSA_PADDING - CB_EXIT OP_NETSCAPE_CA_DN_BUG - CB_HANDSHAKE_DONE OP_NETSCAPE_CHALLENGE_BUG - CB_HANDSHAKE_START OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG - CB_LOOP OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CB_READ OP_NON_EXPORT_FIRST - CB_READ_ALERT OP_NO_ANTI_REPLAY - CB_WRITE OP_NO_CLIENT_RENEGOTIATION - CB_WRITE_ALERT OP_NO_COMPRESSION - CLIENT_HELLO_CB OP_NO_ENCRYPT_THEN_MAC - ERROR_NONE OP_NO_EXTENDED_MASTER_SECRET - ERROR_SSL OP_NO_QUERY_MTU - ERROR_SYSCALL OP_NO_RENEGOTIATION - ERROR_WANT_ACCEPT OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION - ERROR_WANT_ASYNC OP_NO_SSL_MASK - ERROR_WANT_ASYNC_JOB OP_NO_SSLv2 - ERROR_WANT_CLIENT_HELLO_CB OP_NO_SSLv3 - ERROR_WANT_CONNECT OP_NO_TICKET - ERROR_WANT_READ OP_NO_TLSv1 - ERROR_WANT_RETRY_VERIFY OP_NO_TLSv1_1 - ERROR_WANT_WRITE OP_NO_TLSv1_2 - ERROR_WANT_X509_LOOKUP OP_NO_TLSv1_3 - ERROR_ZERO_RETURN OP_PKCS1_CHECK_1 - EVP_PKS_DSA OP_PKCS1_CHECK_2 - EVP_PKS_EC OP_PRIORITIZE_CHACHA - EVP_PKS_RSA OP_SAFARI_ECDHE_ECDSA_BUG - EVP_PKT_ENC OP_SINGLE_DH_USE - EVP_PKT_EXCH OP_SINGLE_ECDH_USE - EVP_PKT_EXP OP_SSLEAY_080_CLIENT_DH_BUG - EVP_PKT_SIGN OP_SSLREF2_REUSE_CERT_TYPE_BUG - EVP_PK_DH OP_TLSEXT_PADDING - EVP_PK_DSA OP_TLS_BLOCK_PADDING_BUG - EVP_PK_EC OP_TLS_D5_BUG - EVP_PK_RSA OP_TLS_ROLLBACK_BUG - FILETYPE_ASN1 READING - FILETYPE_PEM RECEIVED_SHUTDOWN - F_CLIENT_CERTIFICATE RETRY_VERIFY - F_CLIENT_HELLO RSA_3 - F_CLIENT_MASTER_KEY RSA_F4 - F_D2I_SSL_SESSION R_BAD_AUTHENTICATION_TYPE - F_GET_CLIENT_FINISHED R_BAD_CHECKSUM - F_GET_CLIENT_HELLO R_BAD_MAC_DECODE - F_GET_CLIENT_MASTER_KEY R_BAD_RESPONSE_ARGUMENT - F_GET_SERVER_FINISHED R_BAD_SSL_FILETYPE - F_GET_SERVER_HELLO R_BAD_SSL_SESSION_ID_LENGTH - F_GET_SERVER_VERIFY R_BAD_STATE - F_I2D_SSL_SESSION R_BAD_WRITE_RETRY - F_READ_N R_CHALLENGE_IS_DIFFERENT - F_REQUEST_CERTIFICATE R_CIPHER_TABLE_SRC_ERROR - F_SERVER_HELLO R_INVALID_CHALLENGE_LENGTH - F_SSL_CERT_NEW R_NO_CERTIFICATE_SET - F_SSL_GET_NEW_SESSION R_NO_CERTIFICATE_SPECIFIED - F_SSL_NEW R_NO_CIPHER_LIST - F_SSL_READ R_NO_CIPHER_MATCH - F_SSL_RSA_PRIVATE_DECRYPT R_NO_PRIVATEKEY - F_SSL_RSA_PUBLIC_ENCRYPT R_NO_PUBLICKEY - F_SSL_SESSION_NEW R_NULL_SSL_CTX - F_SSL_SESSION_PRINT_FP R_PEER_DID_NOT_RETURN_A_CERTIFICATE - F_SSL_SET_FD R_PEER_ERROR - F_SSL_SET_RFD R_PEER_ERROR_CERTIFICATE - F_SSL_SET_WFD R_PEER_ERROR_NO_CIPHER - F_SSL_USE_CERTIFICATE R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE - F_SSL_USE_CERTIFICATE_ASN1 R_PUBLIC_KEY_ENCRYPT_ERROR - F_SSL_USE_CERTIFICATE_FILE R_PUBLIC_KEY_IS_NOT_RSA - F_SSL_USE_PRIVATEKEY R_READ_WRONG_PACKET_TYPE - F_SSL_USE_PRIVATEKEY_ASN1 R_SHORT_READ - F_SSL_USE_PRIVATEKEY_FILE R_SSL_SESSION_ID_IS_DIFFERENT - F_SSL_USE_RSAPRIVATEKEY R_UNABLE_TO_EXTRACT_PUBLIC_KEY - F_SSL_USE_RSAPRIVATEKEY_ASN1 R_UNKNOWN_REMOTE_ERROR_TYPE - F_SSL_USE_RSAPRIVATEKEY_FILE R_UNKNOWN_STATE - F_WRITE_PENDING R_X509_LIB - GEN_DIRNAME SENT_SHUTDOWN - GEN_DNS SESSION_ASN1_VERSION - GEN_EDIPARTY SESS_CACHE_BOTH - GEN_EMAIL SESS_CACHE_CLIENT - GEN_IPADD SESS_CACHE_NO_AUTO_CLEAR - GEN_OTHERNAME SESS_CACHE_NO_INTERNAL - GEN_RID SESS_CACHE_NO_INTERNAL_LOOKUP - GEN_URI SESS_CACHE_NO_INTERNAL_STORE - GEN_X400 SESS_CACHE_OFF - LIBRESSL_VERSION_NUMBER SESS_CACHE_SERVER - MBSTRING_ASC SESS_CACHE_UPDATE_TIME - MBSTRING_BMP SSL2_MT_CLIENT_CERTIFICATE - MBSTRING_FLAG SSL2_MT_CLIENT_FINISHED - MBSTRING_UNIV SSL2_MT_CLIENT_HELLO - MBSTRING_UTF8 SSL2_MT_CLIENT_MASTER_KEY - MIN_RSA_MODULUS_LENGTH_IN_BYTES SSL2_MT_ERROR - MODE_ACCEPT_MOVING_WRITE_BUFFER SSL2_MT_REQUEST_CERTIFICATE - MODE_ASYNC SSL2_MT_SERVER_FINISHED - MODE_AUTO_RETRY SSL2_MT_SERVER_HELLO - MODE_ENABLE_PARTIAL_WRITE SSL2_MT_SERVER_VERIFY - MODE_NO_AUTO_CHAIN SSL2_VERSION - MODE_RELEASE_BUFFERS SSL3_MT_CCS - NID_OCSP_sign SSL3_MT_CERTIFICATE - NID_SMIMECapabilities SSL3_MT_CERTIFICATE_REQUEST - NID_X500 SSL3_MT_CERTIFICATE_STATUS - NID_X509 SSL3_MT_CERTIFICATE_URL - NID_ad_OCSP SSL3_MT_CERTIFICATE_VERIFY - NID_ad_ca_issuers SSL3_MT_CHANGE_CIPHER_SPEC - NID_algorithm SSL3_MT_CLIENT_HELLO - NID_authority_key_identifier SSL3_MT_CLIENT_KEY_EXCHANGE - NID_basic_constraints SSL3_MT_ENCRYPTED_EXTENSIONS - NID_bf_cbc SSL3_MT_END_OF_EARLY_DATA - NID_bf_cfb64 SSL3_MT_FINISHED - NID_bf_ecb SSL3_MT_HELLO_REQUEST - NID_bf_ofb64 SSL3_MT_KEY_UPDATE - NID_cast5_cbc SSL3_MT_MESSAGE_HASH - NID_cast5_cfb64 SSL3_MT_NEWSESSION_TICKET - NID_cast5_ecb SSL3_MT_NEXT_PROTO - NID_cast5_ofb64 SSL3_MT_SERVER_DONE - NID_certBag SSL3_MT_SERVER_HELLO - NID_certificate_policies SSL3_MT_SERVER_KEY_EXCHANGE - NID_client_auth SSL3_MT_SUPPLEMENTAL_DATA - NID_code_sign SSL3_RT_ALERT - NID_commonName SSL3_RT_APPLICATION_DATA - NID_countryName SSL3_RT_CHANGE_CIPHER_SPEC - NID_crlBag SSL3_RT_HANDSHAKE - NID_crl_distribution_points SSL3_RT_HEADER - NID_crl_number SSL3_RT_INNER_CONTENT_TYPE - NID_crl_reason SSL3_VERSION - NID_delta_crl SSLEAY_BUILT_ON - NID_des_cbc SSLEAY_CFLAGS - NID_des_cfb64 SSLEAY_DIR - NID_des_ecb SSLEAY_PLATFORM - NID_des_ede SSLEAY_VERSION - NID_des_ede3 ST_ACCEPT - NID_des_ede3_cbc ST_BEFORE - NID_des_ede3_cfb64 ST_CONNECT - NID_des_ede3_ofb64 ST_INIT - NID_des_ede_cbc ST_OK - NID_des_ede_cfb64 ST_READ_BODY - NID_des_ede_ofb64 ST_READ_HEADER - NID_des_ofb64 TLS1_1_VERSION - NID_description TLS1_2_VERSION - NID_desx_cbc TLS1_3_VERSION - NID_dhKeyAgreement TLS1_VERSION - NID_dnQualifier TLSEXT_STATUSTYPE_ocsp - NID_dsa VERIFY_CLIENT_ONCE - NID_dsaWithSHA VERIFY_FAIL_IF_NO_PEER_CERT - NID_dsaWithSHA1 VERIFY_NONE - NID_dsaWithSHA1_2 VERIFY_PEER - NID_dsa_2 VERIFY_POST_HANDSHAKE - NID_email_protect V_OCSP_CERTSTATUS_GOOD - NID_ext_key_usage V_OCSP_CERTSTATUS_REVOKED - NID_ext_req V_OCSP_CERTSTATUS_UNKNOWN - NID_friendlyName WRITING - NID_givenName X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT - NID_hmacWithSHA1 X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS - NID_id_ad X509_CHECK_FLAG_NEVER_CHECK_SUBJECT - NID_id_ce X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS - NID_id_kp X509_CHECK_FLAG_NO_WILDCARDS - NID_id_pbkdf2 X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS - NID_id_pe X509_FILETYPE_ASN1 - NID_id_pkix X509_FILETYPE_DEFAULT - NID_id_qt_cps X509_FILETYPE_PEM - NID_id_qt_unotice X509_LOOKUP - NID_idea_cbc X509_PURPOSE_ANY - NID_idea_cfb64 X509_PURPOSE_CRL_SIGN - NID_idea_ecb X509_PURPOSE_NS_SSL_SERVER - NID_idea_ofb64 X509_PURPOSE_OCSP_HELPER - NID_info_access X509_PURPOSE_SMIME_ENCRYPT - NID_initials X509_PURPOSE_SMIME_SIGN - NID_invalidity_date X509_PURPOSE_SSL_CLIENT - NID_issuer_alt_name X509_PURPOSE_SSL_SERVER - NID_keyBag X509_PURPOSE_TIMESTAMP_SIGN - NID_key_usage X509_TRUST_COMPAT - NID_localKeyID X509_TRUST_DEFAULT - NID_localityName X509_TRUST_EMAIL - NID_md2 X509_TRUST_OBJECT_SIGN - NID_md2WithRSAEncryption X509_TRUST_OCSP_REQUEST - NID_md5 X509_TRUST_OCSP_SIGN - NID_md5WithRSA X509_TRUST_SSL_CLIENT - NID_md5WithRSAEncryption X509_TRUST_SSL_SERVER - NID_md5_sha1 X509_TRUST_TSA - NID_mdc2 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH - NID_mdc2WithRSA X509_V_ERR_AKID_SKID_MISMATCH - NID_ms_code_com X509_V_ERR_APPLICATION_VERIFICATION - NID_ms_code_ind X509_V_ERR_AUTHORITY_KEY_IDENTIFIER_CRITICAL - NID_ms_ctl_sign X509_V_ERR_CA_BCONS_NOT_CRITICAL - NID_ms_efs X509_V_ERR_CA_CERT_MISSING_KEY_USAGE - NID_ms_ext_req X509_V_ERR_CA_KEY_TOO_SMALL - NID_ms_sgc X509_V_ERR_CA_MD_TOO_WEAK - NID_name X509_V_ERR_CERT_CHAIN_TOO_LONG - NID_netscape X509_V_ERR_CERT_HAS_EXPIRED - NID_netscape_base_url X509_V_ERR_CERT_NOT_YET_VALID - NID_netscape_ca_policy_url X509_V_ERR_CERT_REJECTED - NID_netscape_ca_revocation_url X509_V_ERR_CERT_REVOKED - NID_netscape_cert_extension X509_V_ERR_CERT_SIGNATURE_FAILURE - NID_netscape_cert_sequence X509_V_ERR_CERT_UNTRUSTED - NID_netscape_cert_type X509_V_ERR_CRL_HAS_EXPIRED - NID_netscape_comment X509_V_ERR_CRL_NOT_YET_VALID - NID_netscape_data_type X509_V_ERR_CRL_PATH_VALIDATION_ERROR - NID_netscape_renewal_url X509_V_ERR_CRL_SIGNATURE_FAILURE - NID_netscape_revocation_url X509_V_ERR_DANE_NO_MATCH - NID_netscape_ssl_server_name X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT - NID_ns_sgc X509_V_ERR_DIFFERENT_CRL_SCOPE - NID_organizationName X509_V_ERR_EC_KEY_EXPLICIT_PARAMS - NID_organizationalUnitName X509_V_ERR_EE_KEY_TOO_SMALL - NID_pbeWithMD2AndDES_CBC X509_V_ERR_EMAIL_MISMATCH - NID_pbeWithMD2AndRC2_CBC X509_V_ERR_EMPTY_SUBJECT_ALT_NAME - NID_pbeWithMD5AndCast5_CBC X509_V_ERR_EMPTY_SUBJECT_SAN_NOT_CRITICAL - NID_pbeWithMD5AndDES_CBC X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD - NID_pbeWithMD5AndRC2_CBC X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD - NID_pbeWithSHA1AndDES_CBC X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD - NID_pbeWithSHA1AndRC2_CBC X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD - NID_pbe_WithSHA1And128BitRC2_CBC X509_V_ERR_EXCLUDED_VIOLATION - NID_pbe_WithSHA1And128BitRC4 X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3 - NID_pbe_WithSHA1And2_Key_TripleDES_CBC X509_V_ERR_HOSTNAME_MISMATCH - NID_pbe_WithSHA1And3_Key_TripleDES_CBC X509_V_ERR_INVALID_CA - NID_pbe_WithSHA1And40BitRC2_CBC X509_V_ERR_INVALID_CALL - NID_pbe_WithSHA1And40BitRC4 X509_V_ERR_INVALID_EXTENSION - NID_pbes2 X509_V_ERR_INVALID_NON_CA - NID_pbmac1 X509_V_ERR_INVALID_POLICY_EXTENSION - NID_pkcs X509_V_ERR_INVALID_PURPOSE - NID_pkcs3 X509_V_ERR_IP_ADDRESS_MISMATCH - NID_pkcs7 X509_V_ERR_ISSUER_NAME_EMPTY - NID_pkcs7_data X509_V_ERR_KEYUSAGE_NO_CERTSIGN - NID_pkcs7_digest X509_V_ERR_KEYUSAGE_NO_CRL_SIGN - NID_pkcs7_encrypted X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE - NID_pkcs7_enveloped X509_V_ERR_KU_KEY_CERT_SIGN_INVALID_FOR_NON_CA - NID_pkcs7_signed X509_V_ERR_MISSING_AUTHORITY_KEY_IDENTIFIER - NID_pkcs7_signedAndEnveloped X509_V_ERR_MISSING_SUBJECT_KEY_IDENTIFIER - NID_pkcs8ShroudedKeyBag X509_V_ERR_NO_EXPLICIT_POLICY - NID_pkcs9 X509_V_ERR_NO_ISSUER_PUBLIC_KEY - NID_pkcs9_challengePassword X509_V_ERR_NO_VALID_SCTS - NID_pkcs9_contentType X509_V_ERR_OCSP_CERT_UNKNOWN - NID_pkcs9_countersignature X509_V_ERR_OCSP_VERIFY_FAILED - NID_pkcs9_emailAddress X509_V_ERR_OCSP_VERIFY_NEEDED - NID_pkcs9_extCertAttributes X509_V_ERR_OUT_OF_MEM - NID_pkcs9_messageDigest X509_V_ERR_PATHLEN_INVALID_FOR_NON_CA - NID_pkcs9_signingTime X509_V_ERR_PATHLEN_WITHOUT_KU_KEY_CERT_SIGN - NID_pkcs9_unstructuredAddress X509_V_ERR_PATH_LENGTH_EXCEEDED - NID_pkcs9_unstructuredName X509_V_ERR_PATH_LOOP - NID_private_key_usage_period X509_V_ERR_PERMITTED_VIOLATION - NID_rc2_40_cbc X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED - NID_rc2_64_cbc X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED - NID_rc2_cbc X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION - NID_rc2_cfb64 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN - NID_rc2_ecb X509_V_ERR_SIGNATURE_ALGORITHM_INCONSISTENCY - NID_rc2_ofb64 X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH - NID_rc4 X509_V_ERR_STORE_LOOKUP - NID_rc4_40 X509_V_ERR_SUBJECT_ISSUER_MISMATCH - NID_rc5_cbc X509_V_ERR_SUBJECT_KEY_IDENTIFIER_CRITICAL - NID_rc5_cfb64 X509_V_ERR_SUBJECT_NAME_EMPTY - NID_rc5_ecb X509_V_ERR_SUBTREE_MINMAX - NID_rc5_ofb64 X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 - NID_ripemd160 X509_V_ERR_SUITE_B_INVALID_ALGORITHM - NID_ripemd160WithRSA X509_V_ERR_SUITE_B_INVALID_CURVE - NID_rle_compression X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM - NID_rsa X509_V_ERR_SUITE_B_INVALID_VERSION - NID_rsaEncryption X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED - NID_rsadsi X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY - NID_safeContentsBag X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE - NID_sdsiCertificate X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE - NID_secretBag X509_V_ERR_UNABLE_TO_GET_CRL - NID_serialNumber X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER - NID_server_auth X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT - NID_sha X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY - NID_sha1 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE - NID_sha1WithRSA X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION - NID_sha1WithRSAEncryption X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION - NID_shaWithRSAEncryption X509_V_ERR_UNNESTED_RESOURCE - NID_stateOrProvinceName X509_V_ERR_UNSPECIFIED - NID_subject_alt_name X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX - NID_subject_key_identifier X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE - NID_surname X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE - NID_sxnet X509_V_ERR_UNSUPPORTED_NAME_SYNTAX - NID_time_stamp X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM - NID_title X509_V_FLAG_ALLOW_PROXY_CERTS - NID_undef X509_V_FLAG_CB_ISSUER_CHECK - NID_uniqueIdentifier X509_V_FLAG_CHECK_SS_SIGNATURE - NID_x509Certificate X509_V_FLAG_CRL_CHECK - NID_x509Crl X509_V_FLAG_CRL_CHECK_ALL - NID_zlib_compression X509_V_FLAG_EXPLICIT_POLICY - NOTHING X509_V_FLAG_EXTENDED_CRL_SUPPORT - OCSP_RESPONSE_STATUS_INTERNALERROR X509_V_FLAG_IGNORE_CRITICAL - OCSP_RESPONSE_STATUS_MALFORMEDREQUEST X509_V_FLAG_INHIBIT_ANY - OCSP_RESPONSE_STATUS_SIGREQUIRED X509_V_FLAG_INHIBIT_MAP - OCSP_RESPONSE_STATUS_SUCCESSFUL X509_V_FLAG_LEGACY_VERIFY - OCSP_RESPONSE_STATUS_TRYLATER X509_V_FLAG_NOTIFY_POLICY - OCSP_RESPONSE_STATUS_UNAUTHORIZED X509_V_FLAG_NO_ALT_CHAINS - OPENSSL_BUILT_ON X509_V_FLAG_NO_CHECK_TIME - OPENSSL_CFLAGS X509_V_FLAG_PARTIAL_CHAIN - OPENSSL_CPU_INFO X509_V_FLAG_POLICY_CHECK - OPENSSL_DIR X509_V_FLAG_POLICY_MASK - OPENSSL_ENGINES_DIR X509_V_FLAG_SUITEB_128_LOS - OPENSSL_FULL_VERSION_STRING X509_V_FLAG_SUITEB_128_LOS_ONLY - OPENSSL_INFO_CONFIG_DIR X509_V_FLAG_SUITEB_192_LOS - OPENSSL_INFO_CPU_SETTINGS X509_V_FLAG_TRUSTED_FIRST - OPENSSL_INFO_DIR_FILENAME_SEPARATOR X509_V_FLAG_USE_CHECK_TIME - OPENSSL_INFO_DSO_EXTENSION X509_V_FLAG_USE_DELTAS - OPENSSL_INFO_ENGINES_DIR X509_V_FLAG_X509_STRICT - OPENSSL_INFO_LIST_SEPARATOR X509_V_OK - OPENSSL_INFO_MODULES_DIR XN_FLAG_COMPAT - OPENSSL_INFO_SEED_SOURCE XN_FLAG_DN_REV - OPENSSL_MODULES_DIR XN_FLAG_DUMP_UNKNOWN_FIELDS - OPENSSL_PLATFORM XN_FLAG_FN_ALIGN - OPENSSL_VERSION XN_FLAG_FN_LN - OPENSSL_VERSION_MAJOR XN_FLAG_FN_MASK - OPENSSL_VERSION_MINOR XN_FLAG_FN_NONE - OPENSSL_VERSION_NUMBER XN_FLAG_FN_OID - OPENSSL_VERSION_PATCH XN_FLAG_FN_SN - OPENSSL_VERSION_STRING XN_FLAG_MULTILINE - OP_ALL XN_FLAG_ONELINE - OP_ALLOW_CLIENT_RENEGOTIATION XN_FLAG_RFC2253 - OP_ALLOW_NO_DHE_KEX XN_FLAG_SEP_COMMA_PLUS - OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION XN_FLAG_SEP_CPLUS_SPC - OP_CIPHER_SERVER_PREFERENCE XN_FLAG_SEP_MASK - OP_CISCO_ANYCONNECT XN_FLAG_SEP_MULTILINE - OP_CLEANSE_PLAINTEXT XN_FLAG_SEP_SPLUS_SPC - OP_COOKIE_EXCHANGE XN_FLAG_SPC_EQ + AD_ACCESS_DENIED OPENSSL_INFO_MODULES_DIR + AD_BAD_CERTIFICATE OPENSSL_INFO_SEED_SOURCE + AD_BAD_CERTIFICATE_HASH_VALUE OPENSSL_MODULES_DIR + AD_BAD_CERTIFICATE_STATUS_RESPONSE OPENSSL_PLATFORM + AD_BAD_RECORD_MAC OPENSSL_VERSION + AD_CERTIFICATE_EXPIRED OPENSSL_VERSION_MAJOR + AD_CERTIFICATE_REQUIRED OPENSSL_VERSION_MINOR + AD_CERTIFICATE_REVOKED OPENSSL_VERSION_NUMBER + AD_CERTIFICATE_UNKNOWN OPENSSL_VERSION_PATCH + AD_CERTIFICATE_UNOBTAINABLE OPENSSL_VERSION_STRING + AD_CLOSE_NOTIFY OP_ALL + AD_DECODE_ERROR OP_ALLOW_CLIENT_RENEGOTIATION + AD_DECOMPRESSION_FAILURE OP_ALLOW_NO_DHE_KEX + AD_DECRYPTION_FAILED OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION + AD_DECRYPT_ERROR OP_CIPHER_SERVER_PREFERENCE + AD_EXPORT_RESTRICTION OP_CISCO_ANYCONNECT + AD_HANDSHAKE_FAILURE OP_CLEANSE_PLAINTEXT + AD_ILLEGAL_PARAMETER OP_COOKIE_EXCHANGE + AD_INAPPROPRIATE_FALLBACK OP_CRYPTOPRO_TLSEXT_BUG + AD_INSUFFICIENT_SECURITY OP_DISABLE_TLSEXT_CA_NAMES + AD_INTERNAL_ERROR OP_DONT_INSERT_EMPTY_FRAGMENTS + AD_MISSING_EXTENSION OP_ENABLE_KTLS + AD_NO_APPLICATION_PROTOCOL OP_ENABLE_MIDDLEBOX_COMPAT + AD_NO_CERTIFICATE OP_EPHEMERAL_RSA + AD_NO_RENEGOTIATION OP_IGNORE_UNEXPECTED_EOF + AD_PROTOCOL_VERSION OP_LEGACY_SERVER_CONNECT + AD_RECORD_OVERFLOW OP_MICROSOFT_BIG_SSLV3_BUFFER + AD_UNEXPECTED_MESSAGE OP_MICROSOFT_SESS_ID_BUG + AD_UNKNOWN_CA OP_MSIE_SSLV2_RSA_PADDING + AD_UNKNOWN_PSK_IDENTITY OP_NETSCAPE_CA_DN_BUG + AD_UNRECOGNIZED_NAME OP_NETSCAPE_CHALLENGE_BUG + AD_UNSUPPORTED_CERTIFICATE OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG + AD_UNSUPPORTED_EXTENSION OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG + AD_USER_CANCELLED OP_NON_EXPORT_FIRST + ASN1_STRFLGS_ESC_CTRL OP_NO_ANTI_REPLAY + ASN1_STRFLGS_ESC_MSB OP_NO_CLIENT_RENEGOTIATION + ASN1_STRFLGS_ESC_QUOTE OP_NO_COMPRESSION + ASN1_STRFLGS_RFC2253 OP_NO_ENCRYPT_THEN_MAC + ASYNC_NO_JOBS OP_NO_EXTENDED_MASTER_SECRET + ASYNC_PAUSED OP_NO_QUERY_MTU + CB_ACCEPT_EXIT OP_NO_RENEGOTIATION + CB_ACCEPT_LOOP OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION + CB_ALERT OP_NO_SSL_MASK + CB_CONNECT_EXIT OP_NO_SSLv2 + CB_CONNECT_LOOP OP_NO_SSLv3 + CB_EXIT OP_NO_TICKET + CB_HANDSHAKE_DONE OP_NO_TLSv1 + CB_HANDSHAKE_START OP_NO_TLSv1_1 + CB_LOOP OP_NO_TLSv1_2 + CB_READ OP_NO_TLSv1_3 + CB_READ_ALERT OP_PKCS1_CHECK_1 + CB_WRITE OP_PKCS1_CHECK_2 + CB_WRITE_ALERT OP_PRIORITIZE_CHACHA + CLIENT_HELLO_CB OP_SAFARI_ECDHE_ECDSA_BUG + CLIENT_HELLO_ERROR OP_SINGLE_DH_USE + CLIENT_HELLO_RETRY OP_SINGLE_ECDH_USE + CLIENT_HELLO_SUCCESS OP_SSLEAY_080_CLIENT_DH_BUG + ERROR_NONE OP_SSLREF2_REUSE_CERT_TYPE_BUG + ERROR_SSL OP_TLSEXT_PADDING + ERROR_SYSCALL OP_TLS_BLOCK_PADDING_BUG + ERROR_WANT_ACCEPT OP_TLS_D5_BUG + ERROR_WANT_ASYNC OP_TLS_ROLLBACK_BUG + ERROR_WANT_ASYNC_JOB READING + ERROR_WANT_CLIENT_HELLO_CB RECEIVED_SHUTDOWN + ERROR_WANT_CONNECT RETRY_VERIFY + ERROR_WANT_READ RSA_3 + ERROR_WANT_RETRY_VERIFY RSA_F4 + ERROR_WANT_WRITE R_BAD_AUTHENTICATION_TYPE + ERROR_WANT_X509_LOOKUP R_BAD_CHECKSUM + ERROR_ZERO_RETURN R_BAD_MAC_DECODE + EVP_PKS_DSA R_BAD_RESPONSE_ARGUMENT + EVP_PKS_EC R_BAD_SSL_FILETYPE + EVP_PKS_RSA R_BAD_SSL_SESSION_ID_LENGTH + EVP_PKT_ENC R_BAD_STATE + EVP_PKT_EXCH R_BAD_WRITE_RETRY + EVP_PKT_EXP R_CHALLENGE_IS_DIFFERENT + EVP_PKT_SIGN R_CIPHER_TABLE_SRC_ERROR + EVP_PK_DH R_INVALID_CHALLENGE_LENGTH + EVP_PK_DSA R_NO_CERTIFICATE_SET + EVP_PK_EC R_NO_CERTIFICATE_SPECIFIED + EVP_PK_RSA R_NO_CIPHER_LIST + FILETYPE_ASN1 R_NO_CIPHER_MATCH + FILETYPE_PEM R_NO_PRIVATEKEY + F_CLIENT_CERTIFICATE R_NO_PUBLICKEY + F_CLIENT_HELLO R_NULL_SSL_CTX + F_CLIENT_MASTER_KEY R_PEER_DID_NOT_RETURN_A_CERTIFICATE + F_D2I_SSL_SESSION R_PEER_ERROR + F_GET_CLIENT_FINISHED R_PEER_ERROR_CERTIFICATE + F_GET_CLIENT_HELLO R_PEER_ERROR_NO_CIPHER + F_GET_CLIENT_MASTER_KEY R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE + F_GET_SERVER_FINISHED R_PUBLIC_KEY_ENCRYPT_ERROR + F_GET_SERVER_HELLO R_PUBLIC_KEY_IS_NOT_RSA + F_GET_SERVER_VERIFY R_READ_WRONG_PACKET_TYPE + F_I2D_SSL_SESSION R_SHORT_READ + F_READ_N R_SSL_SESSION_ID_IS_DIFFERENT + F_REQUEST_CERTIFICATE R_UNABLE_TO_EXTRACT_PUBLIC_KEY + F_SERVER_HELLO R_UNKNOWN_REMOTE_ERROR_TYPE + F_SSL_CERT_NEW R_UNKNOWN_STATE + F_SSL_GET_NEW_SESSION R_X509_LIB + F_SSL_NEW SENT_SHUTDOWN + F_SSL_READ SESSION_ASN1_VERSION + F_SSL_RSA_PRIVATE_DECRYPT SESS_CACHE_BOTH + F_SSL_RSA_PUBLIC_ENCRYPT SESS_CACHE_CLIENT + F_SSL_SESSION_NEW SESS_CACHE_NO_AUTO_CLEAR + F_SSL_SESSION_PRINT_FP SESS_CACHE_NO_INTERNAL + F_SSL_SET_FD SESS_CACHE_NO_INTERNAL_LOOKUP + F_SSL_SET_RFD SESS_CACHE_NO_INTERNAL_STORE + F_SSL_SET_WFD SESS_CACHE_OFF + F_SSL_USE_CERTIFICATE SESS_CACHE_SERVER + F_SSL_USE_CERTIFICATE_ASN1 SESS_CACHE_UPDATE_TIME + F_SSL_USE_CERTIFICATE_FILE SSL2_MT_CLIENT_CERTIFICATE + F_SSL_USE_PRIVATEKEY SSL2_MT_CLIENT_FINISHED + F_SSL_USE_PRIVATEKEY_ASN1 SSL2_MT_CLIENT_HELLO + F_SSL_USE_PRIVATEKEY_FILE SSL2_MT_CLIENT_MASTER_KEY + F_SSL_USE_RSAPRIVATEKEY SSL2_MT_ERROR + F_SSL_USE_RSAPRIVATEKEY_ASN1 SSL2_MT_REQUEST_CERTIFICATE + F_SSL_USE_RSAPRIVATEKEY_FILE SSL2_MT_SERVER_FINISHED + F_WRITE_PENDING SSL2_MT_SERVER_HELLO + GEN_DIRNAME SSL2_MT_SERVER_VERIFY + GEN_DNS SSL2_VERSION + GEN_EDIPARTY SSL3_MT_CCS + GEN_EMAIL SSL3_MT_CERTIFICATE + GEN_IPADD SSL3_MT_CERTIFICATE_REQUEST + GEN_OTHERNAME SSL3_MT_CERTIFICATE_STATUS + GEN_RID SSL3_MT_CERTIFICATE_URL + GEN_URI SSL3_MT_CERTIFICATE_VERIFY + GEN_X400 SSL3_MT_CHANGE_CIPHER_SPEC + LIBRESSL_VERSION_NUMBER SSL3_MT_CLIENT_HELLO + MBSTRING_ASC SSL3_MT_CLIENT_KEY_EXCHANGE + MBSTRING_BMP SSL3_MT_ENCRYPTED_EXTENSIONS + MBSTRING_FLAG SSL3_MT_END_OF_EARLY_DATA + MBSTRING_UNIV SSL3_MT_FINISHED + MBSTRING_UTF8 SSL3_MT_HELLO_REQUEST + MIN_RSA_MODULUS_LENGTH_IN_BYTES SSL3_MT_KEY_UPDATE + MODE_ACCEPT_MOVING_WRITE_BUFFER SSL3_MT_MESSAGE_HASH + MODE_ASYNC SSL3_MT_NEWSESSION_TICKET + MODE_AUTO_RETRY SSL3_MT_NEXT_PROTO + MODE_ENABLE_PARTIAL_WRITE SSL3_MT_SERVER_DONE + MODE_NO_AUTO_CHAIN SSL3_MT_SERVER_HELLO + MODE_RELEASE_BUFFERS SSL3_MT_SERVER_KEY_EXCHANGE + NID_OCSP_sign SSL3_MT_SUPPLEMENTAL_DATA + NID_SMIMECapabilities SSL3_RT_ALERT + NID_X500 SSL3_RT_APPLICATION_DATA + NID_X509 SSL3_RT_CHANGE_CIPHER_SPEC + NID_ad_OCSP SSL3_RT_HANDSHAKE + NID_ad_ca_issuers SSL3_RT_HEADER + NID_algorithm SSL3_RT_INNER_CONTENT_TYPE + NID_authority_key_identifier SSL3_VERSION + NID_basic_constraints SSLEAY_BUILT_ON + NID_bf_cbc SSLEAY_CFLAGS + NID_bf_cfb64 SSLEAY_DIR + NID_bf_ecb SSLEAY_PLATFORM + NID_bf_ofb64 SSLEAY_VERSION + NID_cast5_cbc ST_ACCEPT + NID_cast5_cfb64 ST_BEFORE + NID_cast5_ecb ST_CONNECT + NID_cast5_ofb64 ST_INIT + NID_certBag ST_OK + NID_certificate_policies ST_READ_BODY + NID_client_auth ST_READ_HEADER + NID_code_sign TLS1_1_VERSION + NID_commonName TLS1_2_VERSION + NID_countryName TLS1_3_VERSION + NID_crlBag TLS1_VERSION + NID_crl_distribution_points TLSEXT_STATUSTYPE_ocsp + NID_crl_number VERIFY_CLIENT_ONCE + NID_crl_reason VERIFY_FAIL_IF_NO_PEER_CERT + NID_delta_crl VERIFY_NONE + NID_des_cbc VERIFY_PEER + NID_des_cfb64 VERIFY_POST_HANDSHAKE + NID_des_ecb V_OCSP_CERTSTATUS_GOOD + NID_des_ede V_OCSP_CERTSTATUS_REVOKED + NID_des_ede3 V_OCSP_CERTSTATUS_UNKNOWN + NID_des_ede3_cbc WRITING + NID_des_ede3_cfb64 X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT + NID_des_ede3_ofb64 X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS + NID_des_ede_cbc X509_CHECK_FLAG_NEVER_CHECK_SUBJECT + NID_des_ede_cfb64 X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS + NID_des_ede_ofb64 X509_CHECK_FLAG_NO_WILDCARDS + NID_des_ofb64 X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS + NID_description X509_FILETYPE_ASN1 + NID_desx_cbc X509_FILETYPE_DEFAULT + NID_dhKeyAgreement X509_FILETYPE_PEM + NID_dnQualifier X509_LOOKUP + NID_dsa X509_PURPOSE_ANY + NID_dsaWithSHA X509_PURPOSE_CRL_SIGN + NID_dsaWithSHA1 X509_PURPOSE_NS_SSL_SERVER + NID_dsaWithSHA1_2 X509_PURPOSE_OCSP_HELPER + NID_dsa_2 X509_PURPOSE_SMIME_ENCRYPT + NID_email_protect X509_PURPOSE_SMIME_SIGN + NID_ext_key_usage X509_PURPOSE_SSL_CLIENT + NID_ext_req X509_PURPOSE_SSL_SERVER + NID_friendlyName X509_PURPOSE_TIMESTAMP_SIGN + NID_givenName X509_TRUST_COMPAT + NID_hmacWithSHA1 X509_TRUST_DEFAULT + NID_id_ad X509_TRUST_EMAIL + NID_id_ce X509_TRUST_OBJECT_SIGN + NID_id_kp X509_TRUST_OCSP_REQUEST + NID_id_pbkdf2 X509_TRUST_OCSP_SIGN + NID_id_pe X509_TRUST_SSL_CLIENT + NID_id_pkix X509_TRUST_SSL_SERVER + NID_id_qt_cps X509_TRUST_TSA + NID_id_qt_unotice X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH + NID_idea_cbc X509_V_ERR_AKID_SKID_MISMATCH + NID_idea_cfb64 X509_V_ERR_APPLICATION_VERIFICATION + NID_idea_ecb X509_V_ERR_AUTHORITY_KEY_IDENTIFIER_CRITICAL + NID_idea_ofb64 X509_V_ERR_CA_BCONS_NOT_CRITICAL + NID_info_access X509_V_ERR_CA_CERT_MISSING_KEY_USAGE + NID_initials X509_V_ERR_CA_KEY_TOO_SMALL + NID_invalidity_date X509_V_ERR_CA_MD_TOO_WEAK + NID_issuer_alt_name X509_V_ERR_CERT_CHAIN_TOO_LONG + NID_keyBag X509_V_ERR_CERT_HAS_EXPIRED + NID_key_usage X509_V_ERR_CERT_NOT_YET_VALID + NID_localKeyID X509_V_ERR_CERT_REJECTED + NID_localityName X509_V_ERR_CERT_REVOKED + NID_md2 X509_V_ERR_CERT_SIGNATURE_FAILURE + NID_md2WithRSAEncryption X509_V_ERR_CERT_UNTRUSTED + NID_md5 X509_V_ERR_CRL_HAS_EXPIRED + NID_md5WithRSA X509_V_ERR_CRL_NOT_YET_VALID + NID_md5WithRSAEncryption X509_V_ERR_CRL_PATH_VALIDATION_ERROR + NID_md5_sha1 X509_V_ERR_CRL_SIGNATURE_FAILURE + NID_mdc2 X509_V_ERR_DANE_NO_MATCH + NID_mdc2WithRSA X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT + NID_ms_code_com X509_V_ERR_DIFFERENT_CRL_SCOPE + NID_ms_code_ind X509_V_ERR_EC_KEY_EXPLICIT_PARAMS + NID_ms_ctl_sign X509_V_ERR_EE_KEY_TOO_SMALL + NID_ms_efs X509_V_ERR_EMAIL_MISMATCH + NID_ms_ext_req X509_V_ERR_EMPTY_SUBJECT_ALT_NAME + NID_ms_sgc X509_V_ERR_EMPTY_SUBJECT_SAN_NOT_CRITICAL + NID_name X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD + NID_netscape X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD + NID_netscape_base_url X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD + NID_netscape_ca_policy_url X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD + NID_netscape_ca_revocation_url X509_V_ERR_EXCLUDED_VIOLATION + NID_netscape_cert_extension X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3 + NID_netscape_cert_sequence X509_V_ERR_HOSTNAME_MISMATCH + NID_netscape_cert_type X509_V_ERR_INVALID_CA + NID_netscape_comment X509_V_ERR_INVALID_CALL + NID_netscape_data_type X509_V_ERR_INVALID_EXTENSION + NID_netscape_renewal_url X509_V_ERR_INVALID_NON_CA + NID_netscape_revocation_url X509_V_ERR_INVALID_POLICY_EXTENSION + NID_netscape_ssl_server_name X509_V_ERR_INVALID_PURPOSE + NID_ns_sgc X509_V_ERR_IP_ADDRESS_MISMATCH + NID_organizationName X509_V_ERR_ISSUER_NAME_EMPTY + NID_organizationalUnitName X509_V_ERR_KEYUSAGE_NO_CERTSIGN + NID_pbeWithMD2AndDES_CBC X509_V_ERR_KEYUSAGE_NO_CRL_SIGN + NID_pbeWithMD2AndRC2_CBC X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE + NID_pbeWithMD5AndCast5_CBC X509_V_ERR_KU_KEY_CERT_SIGN_INVALID_FOR_NON_CA + NID_pbeWithMD5AndDES_CBC X509_V_ERR_MISSING_AUTHORITY_KEY_IDENTIFIER + NID_pbeWithMD5AndRC2_CBC X509_V_ERR_MISSING_SUBJECT_KEY_IDENTIFIER + NID_pbeWithSHA1AndDES_CBC X509_V_ERR_NO_EXPLICIT_POLICY + NID_pbeWithSHA1AndRC2_CBC X509_V_ERR_NO_ISSUER_PUBLIC_KEY + NID_pbe_WithSHA1And128BitRC2_CBC X509_V_ERR_NO_VALID_SCTS + NID_pbe_WithSHA1And128BitRC4 X509_V_ERR_OCSP_CERT_UNKNOWN + NID_pbe_WithSHA1And2_Key_TripleDES_CBC X509_V_ERR_OCSP_VERIFY_FAILED + NID_pbe_WithSHA1And3_Key_TripleDES_CBC X509_V_ERR_OCSP_VERIFY_NEEDED + NID_pbe_WithSHA1And40BitRC2_CBC X509_V_ERR_OUT_OF_MEM + NID_pbe_WithSHA1And40BitRC4 X509_V_ERR_PATHLEN_INVALID_FOR_NON_CA + NID_pbes2 X509_V_ERR_PATHLEN_WITHOUT_KU_KEY_CERT_SIGN + NID_pbmac1 X509_V_ERR_PATH_LENGTH_EXCEEDED + NID_pkcs X509_V_ERR_PATH_LOOP + NID_pkcs3 X509_V_ERR_PERMITTED_VIOLATION + NID_pkcs7 X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED + NID_pkcs7_data X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED + NID_pkcs7_digest X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION + NID_pkcs7_encrypted X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN + NID_pkcs7_enveloped X509_V_ERR_SIGNATURE_ALGORITHM_INCONSISTENCY + NID_pkcs7_signed X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH + NID_pkcs7_signedAndEnveloped X509_V_ERR_STORE_LOOKUP + NID_pkcs8ShroudedKeyBag X509_V_ERR_SUBJECT_ISSUER_MISMATCH + NID_pkcs9 X509_V_ERR_SUBJECT_KEY_IDENTIFIER_CRITICAL + NID_pkcs9_challengePassword X509_V_ERR_SUBJECT_NAME_EMPTY + NID_pkcs9_contentType X509_V_ERR_SUBTREE_MINMAX + NID_pkcs9_countersignature X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 + NID_pkcs9_emailAddress X509_V_ERR_SUITE_B_INVALID_ALGORITHM + NID_pkcs9_extCertAttributes X509_V_ERR_SUITE_B_INVALID_CURVE + NID_pkcs9_messageDigest X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM + NID_pkcs9_signingTime X509_V_ERR_SUITE_B_INVALID_VERSION + NID_pkcs9_unstructuredAddress X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED + NID_pkcs9_unstructuredName X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY + NID_private_key_usage_period X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE + NID_rc2_40_cbc X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE + NID_rc2_64_cbc X509_V_ERR_UNABLE_TO_GET_CRL + NID_rc2_cbc X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER + NID_rc2_cfb64 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT + NID_rc2_ecb X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY + NID_rc2_ofb64 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE + NID_rc4 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION + NID_rc4_40 X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION + NID_rc5_cbc X509_V_ERR_UNNESTED_RESOURCE + NID_rc5_cfb64 X509_V_ERR_UNSPECIFIED + NID_rc5_ecb X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX + NID_rc5_ofb64 X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE + NID_ripemd160 X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE + NID_ripemd160WithRSA X509_V_ERR_UNSUPPORTED_NAME_SYNTAX + NID_rle_compression X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM + NID_rsa X509_V_FLAG_ALLOW_PROXY_CERTS + NID_rsaEncryption X509_V_FLAG_CB_ISSUER_CHECK + NID_rsadsi X509_V_FLAG_CHECK_SS_SIGNATURE + NID_safeContentsBag X509_V_FLAG_CRL_CHECK + NID_sdsiCertificate X509_V_FLAG_CRL_CHECK_ALL + NID_secretBag X509_V_FLAG_EXPLICIT_POLICY + NID_serialNumber X509_V_FLAG_EXTENDED_CRL_SUPPORT + NID_server_auth X509_V_FLAG_IGNORE_CRITICAL + NID_sha X509_V_FLAG_INHIBIT_ANY + NID_sha1 X509_V_FLAG_INHIBIT_MAP + NID_sha1WithRSA X509_V_FLAG_LEGACY_VERIFY + NID_sha1WithRSAEncryption X509_V_FLAG_NOTIFY_POLICY + NID_shaWithRSAEncryption X509_V_FLAG_NO_ALT_CHAINS + NID_stateOrProvinceName X509_V_FLAG_NO_CHECK_TIME + NID_subject_alt_name X509_V_FLAG_PARTIAL_CHAIN + NID_subject_key_identifier X509_V_FLAG_POLICY_CHECK + NID_surname X509_V_FLAG_POLICY_MASK + NID_sxnet X509_V_FLAG_SUITEB_128_LOS + NID_time_stamp X509_V_FLAG_SUITEB_128_LOS_ONLY + NID_title X509_V_FLAG_SUITEB_192_LOS + NID_undef X509_V_FLAG_TRUSTED_FIRST + NID_uniqueIdentifier X509_V_FLAG_USE_CHECK_TIME + NID_x509Certificate X509_V_FLAG_USE_DELTAS + NID_x509Crl X509_V_FLAG_X509_STRICT + NID_zlib_compression X509_V_OK + NOTHING XN_FLAG_COMPAT + OCSP_RESPONSE_STATUS_INTERNALERROR XN_FLAG_DN_REV + OCSP_RESPONSE_STATUS_MALFORMEDREQUEST XN_FLAG_DUMP_UNKNOWN_FIELDS + OCSP_RESPONSE_STATUS_SIGREQUIRED XN_FLAG_FN_ALIGN + OCSP_RESPONSE_STATUS_SUCCESSFUL XN_FLAG_FN_LN + OCSP_RESPONSE_STATUS_TRYLATER XN_FLAG_FN_MASK + OCSP_RESPONSE_STATUS_UNAUTHORIZED XN_FLAG_FN_NONE + OPENSSL_BUILT_ON XN_FLAG_FN_OID + OPENSSL_CFLAGS XN_FLAG_FN_SN + OPENSSL_CPU_INFO XN_FLAG_MULTILINE + OPENSSL_DIR XN_FLAG_ONELINE + OPENSSL_ENGINES_DIR XN_FLAG_RFC2253 + OPENSSL_FULL_VERSION_STRING XN_FLAG_SEP_COMMA_PLUS + OPENSSL_INFO_CONFIG_DIR XN_FLAG_SEP_CPLUS_SPC + OPENSSL_INFO_CPU_SETTINGS XN_FLAG_SEP_MASK + OPENSSL_INFO_DIR_FILENAME_SEPARATOR XN_FLAG_SEP_MULTILINE + OPENSSL_INFO_DSO_EXTENSION XN_FLAG_SEP_SPLUS_SPC + OPENSSL_INFO_ENGINES_DIR XN_FLAG_SPC_EQ + OPENSSL_INFO_LIST_SEPARATOR =for end_constants diff --git a/t/local/21_constants.t b/t/local/21_constants.t index c930d2b..ee773ca 100644 --- a/t/local/21_constants.t +++ b/t/local/21_constants.t @@ -11,9 +11,43 @@ use Test::Net::SSLeay qw(dies_like); # We rely on symbolic references in the dies_like() tests: no strict 'refs'; -plan tests => 644; +plan tests => 681; my @constants = qw( + AD_ACCESS_DENIED + AD_BAD_CERTIFICATE + AD_BAD_CERTIFICATE_HASH_VALUE + AD_BAD_CERTIFICATE_STATUS_RESPONSE + AD_BAD_RECORD_MAC + AD_CERTIFICATE_EXPIRED + AD_CERTIFICATE_REQUIRED + AD_CERTIFICATE_REVOKED + AD_CERTIFICATE_UNKNOWN + AD_CERTIFICATE_UNOBTAINABLE + AD_CLOSE_NOTIFY + AD_DECODE_ERROR + AD_DECOMPRESSION_FAILURE + AD_DECRYPTION_FAILED + AD_DECRYPT_ERROR + AD_EXPORT_RESTRICTION + AD_HANDSHAKE_FAILURE + AD_ILLEGAL_PARAMETER + AD_INAPPROPRIATE_FALLBACK + AD_INSUFFICIENT_SECURITY + AD_INTERNAL_ERROR + AD_MISSING_EXTENSION + AD_NO_APPLICATION_PROTOCOL + AD_NO_CERTIFICATE + AD_NO_RENEGOTIATION + AD_PROTOCOL_VERSION + AD_RECORD_OVERFLOW + AD_UNEXPECTED_MESSAGE + AD_UNKNOWN_CA + AD_UNKNOWN_PSK_IDENTITY + AD_UNRECOGNIZED_NAME + AD_UNSUPPORTED_CERTIFICATE + AD_UNSUPPORTED_EXTENSION + AD_USER_CANCELLED ASN1_STRFLGS_ESC_CTRL ASN1_STRFLGS_ESC_MSB ASN1_STRFLGS_ESC_QUOTE @@ -34,6 +68,9 @@ my @constants = qw( CB_WRITE CB_WRITE_ALERT CLIENT_HELLO_CB + CLIENT_HELLO_ERROR + CLIENT_HELLO_RETRY + CLIENT_HELLO_SUCCESS ERROR_NONE ERROR_SSL ERROR_SYSCALL |