summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Misc/NEWS2
-rw-r--r--Modules/_ssl_data.h297
-rwxr-xr-xTools/ssl/make_ssl_data.py57
3 files changed, 336 insertions, 20 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index c866803..9b68d3d 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -44,6 +44,8 @@ Core and Builtins
Library
-------
+- Issue #23248: Update ssl error codes from latest OpenSSL git master.
+
- Issue #23098: 64-bit dev_t is now supported in the os module.
- Issue #23250: In the http.cookies module, capitalize "HttpOnly" and "Secure"
diff --git a/Modules/_ssl_data.h b/Modules/_ssl_data.h
index 81a8d7b..85165b9 100644
--- a/Modules/_ssl_data.h
+++ b/Modules/_ssl_data.h
@@ -1,5 +1,5 @@
/* File generated by Tools/ssl/make_ssl_data.py */
-/* Generated on 2012-05-16T23:56:40.981382 */
+/* Generated on 2015-01-17T20:33:43.377453 */
static struct py_ssl_library_code library_codes[] = {
{"PEM", ERR_LIB_PEM},
@@ -179,6 +179,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"BAD_CHECKSUM", ERR_LIB_SSL, 104},
#endif
+ #ifdef SSL_R_BAD_DATA
+ {"BAD_DATA", ERR_LIB_SSL, SSL_R_BAD_DATA},
+ #else
+ {"BAD_DATA", ERR_LIB_SSL, 390},
+ #endif
#ifdef SSL_R_BAD_DATA_RETURNED_BY_CALLBACK
{"BAD_DATA_RETURNED_BY_CALLBACK", ERR_LIB_SSL, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK},
#else
@@ -309,6 +314,46 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"BAD_SIGNATURE", ERR_LIB_SSL, 123},
#endif
+ #ifdef SSL_R_BAD_SRP_A_LENGTH
+ {"BAD_SRP_A_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_A_LENGTH},
+ #else
+ {"BAD_SRP_A_LENGTH", ERR_LIB_SSL, 347},
+ #endif
+ #ifdef SSL_R_BAD_SRP_B_LENGTH
+ {"BAD_SRP_B_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_B_LENGTH},
+ #else
+ {"BAD_SRP_B_LENGTH", ERR_LIB_SSL, 348},
+ #endif
+ #ifdef SSL_R_BAD_SRP_G_LENGTH
+ {"BAD_SRP_G_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_G_LENGTH},
+ #else
+ {"BAD_SRP_G_LENGTH", ERR_LIB_SSL, 349},
+ #endif
+ #ifdef SSL_R_BAD_SRP_N_LENGTH
+ {"BAD_SRP_N_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_N_LENGTH},
+ #else
+ {"BAD_SRP_N_LENGTH", ERR_LIB_SSL, 350},
+ #endif
+ #ifdef SSL_R_BAD_SRP_PARAMETERS
+ {"BAD_SRP_PARAMETERS", ERR_LIB_SSL, SSL_R_BAD_SRP_PARAMETERS},
+ #else
+ {"BAD_SRP_PARAMETERS", ERR_LIB_SSL, 371},
+ #endif
+ #ifdef SSL_R_BAD_SRP_S_LENGTH
+ {"BAD_SRP_S_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_S_LENGTH},
+ #else
+ {"BAD_SRP_S_LENGTH", ERR_LIB_SSL, 351},
+ #endif
+ #ifdef SSL_R_BAD_SRTP_MKI_VALUE
+ {"BAD_SRTP_MKI_VALUE", ERR_LIB_SSL, SSL_R_BAD_SRTP_MKI_VALUE},
+ #else
+ {"BAD_SRTP_MKI_VALUE", ERR_LIB_SSL, 352},
+ #endif
+ #ifdef SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST
+ {"BAD_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST},
+ #else
+ {"BAD_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, 353},
+ #endif
#ifdef SSL_R_BAD_SSL_FILETYPE
{"BAD_SSL_FILETYPE", ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE},
#else
@@ -324,6 +369,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"BAD_STATE", ERR_LIB_SSL, 126},
#endif
+ #ifdef SSL_R_BAD_VALUE
+ {"BAD_VALUE", ERR_LIB_SSL, SSL_R_BAD_VALUE},
+ #else
+ {"BAD_VALUE", ERR_LIB_SSL, 384},
+ #endif
#ifdef SSL_R_BAD_WRITE_RETRY
{"BAD_WRITE_RETRY", ERR_LIB_SSL, SSL_R_BAD_WRITE_RETRY},
#else
@@ -354,6 +404,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"CA_DN_TOO_LONG", ERR_LIB_SSL, 132},
#endif
+ #ifdef SSL_R_CA_KEY_TOO_SMALL
+ {"CA_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_CA_KEY_TOO_SMALL},
+ #else
+ {"CA_KEY_TOO_SMALL", ERR_LIB_SSL, 397},
+ #endif
+ #ifdef SSL_R_CA_MD_TOO_WEAK
+ {"CA_MD_TOO_WEAK", ERR_LIB_SSL, SSL_R_CA_MD_TOO_WEAK},
+ #else
+ {"CA_MD_TOO_WEAK", ERR_LIB_SSL, 398},
+ #endif
#ifdef SSL_R_CCS_RECEIVED_EARLY
{"CCS_RECEIVED_EARLY", ERR_LIB_SSL, SSL_R_CCS_RECEIVED_EARLY},
#else
@@ -364,6 +424,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"CERTIFICATE_VERIFY_FAILED", ERR_LIB_SSL, 134},
#endif
+ #ifdef SSL_R_CERT_CB_ERROR
+ {"CERT_CB_ERROR", ERR_LIB_SSL, SSL_R_CERT_CB_ERROR},
+ #else
+ {"CERT_CB_ERROR", ERR_LIB_SSL, 377},
+ #endif
#ifdef SSL_R_CERT_LENGTH_MISMATCH
{"CERT_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_CERT_LENGTH_MISMATCH},
#else
@@ -454,6 +519,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"DECRYPTION_FAILED_OR_BAD_RECORD_MAC", ERR_LIB_SSL, 281},
#endif
+ #ifdef SSL_R_DH_KEY_TOO_SMALL
+ {"DH_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL},
+ #else
+ {"DH_KEY_TOO_SMALL", ERR_LIB_SSL, 394},
+ #endif
#ifdef SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG
{"DH_PUBLIC_VALUE_LENGTH_IS_WRONG", ERR_LIB_SSL, SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG},
#else
@@ -494,11 +564,26 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE", ERR_LIB_SSL, 323},
#endif
+ #ifdef SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE
+ {"ECDH_REQUIRED_FOR_SUITEB_MODE", ERR_LIB_SSL, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE},
+ #else
+ {"ECDH_REQUIRED_FOR_SUITEB_MODE", ERR_LIB_SSL, 374},
+ #endif
#ifdef SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER
{"ECGROUP_TOO_LARGE_FOR_CIPHER", ERR_LIB_SSL, SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER},
#else
{"ECGROUP_TOO_LARGE_FOR_CIPHER", ERR_LIB_SSL, 310},
#endif
+ #ifdef SSL_R_EE_KEY_TOO_SMALL
+ {"EE_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_EE_KEY_TOO_SMALL},
+ #else
+ {"EE_KEY_TOO_SMALL", ERR_LIB_SSL, 399},
+ #endif
+ #ifdef SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST
+ {"EMPTY_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST},
+ #else
+ {"EMPTY_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, 354},
+ #endif
#ifdef SSL_R_ENCRYPTED_LENGTH_TOO_LONG
{"ENCRYPTED_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_ENCRYPTED_LENGTH_TOO_LONG},
#else
@@ -529,6 +614,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"GOT_A_FIN_BEFORE_A_CCS", ERR_LIB_SSL, 154},
#endif
+ #ifdef SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS
+ {"GOT_NEXT_PROTO_BEFORE_A_CCS", ERR_LIB_SSL, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS},
+ #else
+ {"GOT_NEXT_PROTO_BEFORE_A_CCS", ERR_LIB_SSL, 355},
+ #endif
+ #ifdef SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION
+ {"GOT_NEXT_PROTO_WITHOUT_EXTENSION", ERR_LIB_SSL, SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION},
+ #else
+ {"GOT_NEXT_PROTO_WITHOUT_EXTENSION", ERR_LIB_SSL, 356},
+ #endif
#ifdef SSL_R_HTTPS_PROXY_REQUEST
{"HTTPS_PROXY_REQUEST", ERR_LIB_SSL, SSL_R_HTTPS_PROXY_REQUEST},
#else
@@ -544,6 +639,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"ILLEGAL_PADDING", ERR_LIB_SSL, 283},
#endif
+ #ifdef SSL_R_ILLEGAL_SUITEB_DIGEST
+ {"ILLEGAL_SUITEB_DIGEST", ERR_LIB_SSL, SSL_R_ILLEGAL_SUITEB_DIGEST},
+ #else
+ {"ILLEGAL_SUITEB_DIGEST", ERR_LIB_SSL, 380},
+ #endif
+ #ifdef SSL_R_INAPPROPRIATE_FALLBACK
+ {"INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, SSL_R_INAPPROPRIATE_FALLBACK},
+ #else
+ {"INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, 373},
+ #endif
#ifdef SSL_R_INCONSISTENT_COMPRESSION
{"INCONSISTENT_COMPRESSION", ERR_LIB_SSL, SSL_R_INCONSISTENT_COMPRESSION},
#else
@@ -564,11 +669,26 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"INVALID_COMPRESSION_ALGORITHM", ERR_LIB_SSL, 341},
#endif
+ #ifdef SSL_R_INVALID_NULL_CMD_NAME
+ {"INVALID_NULL_CMD_NAME", ERR_LIB_SSL, SSL_R_INVALID_NULL_CMD_NAME},
+ #else
+ {"INVALID_NULL_CMD_NAME", ERR_LIB_SSL, 385},
+ #endif
#ifdef SSL_R_INVALID_PURPOSE
{"INVALID_PURPOSE", ERR_LIB_SSL, SSL_R_INVALID_PURPOSE},
#else
{"INVALID_PURPOSE", ERR_LIB_SSL, 278},
#endif
+ #ifdef SSL_R_INVALID_SERVERINFO_DATA
+ {"INVALID_SERVERINFO_DATA", ERR_LIB_SSL, SSL_R_INVALID_SERVERINFO_DATA},
+ #else
+ {"INVALID_SERVERINFO_DATA", ERR_LIB_SSL, 388},
+ #endif
+ #ifdef SSL_R_INVALID_SRP_USERNAME
+ {"INVALID_SRP_USERNAME", ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME},
+ #else
+ {"INVALID_SRP_USERNAME", ERR_LIB_SSL, 357},
+ #endif
#ifdef SSL_R_INVALID_STATUS_RESPONSE
{"INVALID_STATUS_RESPONSE", ERR_LIB_SSL, SSL_R_INVALID_STATUS_RESPONSE},
#else
@@ -689,6 +809,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"MISSING_DSA_SIGNING_CERT", ERR_LIB_SSL, 165},
#endif
+ #ifdef SSL_R_MISSING_ECDH_CERT
+ {"MISSING_ECDH_CERT", ERR_LIB_SSL, SSL_R_MISSING_ECDH_CERT},
+ #else
+ {"MISSING_ECDH_CERT", ERR_LIB_SSL, 382},
+ #endif
+ #ifdef SSL_R_MISSING_ECDSA_SIGNING_CERT
+ {"MISSING_ECDSA_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_ECDSA_SIGNING_CERT},
+ #else
+ {"MISSING_ECDSA_SIGNING_CERT", ERR_LIB_SSL, 381},
+ #endif
#ifdef SSL_R_MISSING_EXPORT_TMP_DH_KEY
{"MISSING_EXPORT_TMP_DH_KEY", ERR_LIB_SSL, SSL_R_MISSING_EXPORT_TMP_DH_KEY},
#else
@@ -714,6 +844,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"MISSING_RSA_SIGNING_CERT", ERR_LIB_SSL, 170},
#endif
+ #ifdef SSL_R_MISSING_SRP_PARAM
+ {"MISSING_SRP_PARAM", ERR_LIB_SSL, SSL_R_MISSING_SRP_PARAM},
+ #else
+ {"MISSING_SRP_PARAM", ERR_LIB_SSL, 358},
+ #endif
#ifdef SSL_R_MISSING_TMP_DH_KEY
{"MISSING_TMP_DH_KEY", ERR_LIB_SSL, SSL_R_MISSING_TMP_DH_KEY},
#else
@@ -739,6 +874,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"MISSING_VERIFY_MESSAGE", ERR_LIB_SSL, 174},
#endif
+ #ifdef SSL_R_MULTIPLE_SGC_RESTARTS
+ {"MULTIPLE_SGC_RESTARTS", ERR_LIB_SSL, SSL_R_MULTIPLE_SGC_RESTARTS},
+ #else
+ {"MULTIPLE_SGC_RESTARTS", ERR_LIB_SSL, 346},
+ #endif
#ifdef SSL_R_NON_SSLV2_INITIAL_PACKET
{"NON_SSLV2_INITIAL_PACKET", ERR_LIB_SSL, SSL_R_NON_SSLV2_INITIAL_PACKET},
#else
@@ -819,6 +959,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"NO_METHOD_SPECIFIED", ERR_LIB_SSL, 188},
#endif
+ #ifdef SSL_R_NO_PEM_EXTENSIONS
+ {"NO_PEM_EXTENSIONS", ERR_LIB_SSL, SSL_R_NO_PEM_EXTENSIONS},
+ #else
+ {"NO_PEM_EXTENSIONS", ERR_LIB_SSL, 389},
+ #endif
#ifdef SSL_R_NO_PRIVATEKEY
{"NO_PRIVATEKEY", ERR_LIB_SSL, SSL_R_NO_PRIVATEKEY},
#else
@@ -854,6 +999,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"NO_SHARED_CIPHER", ERR_LIB_SSL, 193},
#endif
+ #ifdef SSL_R_NO_SHARED_SIGATURE_ALGORITHMS
+ {"NO_SHARED_SIGATURE_ALGORITHMS", ERR_LIB_SSL, SSL_R_NO_SHARED_SIGATURE_ALGORITHMS},
+ #else
+ {"NO_SHARED_SIGATURE_ALGORITHMS", ERR_LIB_SSL, 376},
+ #endif
+ #ifdef SSL_R_NO_SRTP_PROFILES
+ {"NO_SRTP_PROFILES", ERR_LIB_SSL, SSL_R_NO_SRTP_PROFILES},
+ #else
+ {"NO_SRTP_PROFILES", ERR_LIB_SSL, 359},
+ #endif
#ifdef SSL_R_NO_VERIFY_CALLBACK
{"NO_VERIFY_CALLBACK", ERR_LIB_SSL, SSL_R_NO_VERIFY_CALLBACK},
#else
@@ -879,6 +1034,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", ERR_LIB_SSL, 344},
#endif
+ #ifdef SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE
+ {"ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE", ERR_LIB_SSL, SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE},
+ #else
+ {"ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE", ERR_LIB_SSL, 387},
+ #endif
+ #ifdef SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE
+ {"ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE", ERR_LIB_SSL, SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE},
+ #else
+ {"ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE", ERR_LIB_SSL, 379},
+ #endif
#ifdef SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE
{"ONLY_TLS_ALLOWED_IN_FIPS_MODE", ERR_LIB_SSL, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE},
#else
@@ -934,6 +1099,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE", ERR_LIB_SSL, 204},
#endif
+ #ifdef SSL_R_PEM_NAME_BAD_PREFIX
+ {"PEM_NAME_BAD_PREFIX", ERR_LIB_SSL, SSL_R_PEM_NAME_BAD_PREFIX},
+ #else
+ {"PEM_NAME_BAD_PREFIX", ERR_LIB_SSL, 391},
+ #endif
+ #ifdef SSL_R_PEM_NAME_TOO_SHORT
+ {"PEM_NAME_TOO_SHORT", ERR_LIB_SSL, SSL_R_PEM_NAME_TOO_SHORT},
+ #else
+ {"PEM_NAME_TOO_SHORT", ERR_LIB_SSL, 392},
+ #endif
#ifdef SSL_R_PRE_MAC_LENGTH_TOO_LONG
{"PRE_MAC_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_PRE_MAC_LENGTH_TOO_LONG},
#else
@@ -1069,11 +1244,36 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"SHORT_READ", ERR_LIB_SSL, 219},
#endif
+ #ifdef SSL_R_SIGNATURE_ALGORITHMS_ERROR
+ {"SIGNATURE_ALGORITHMS_ERROR", ERR_LIB_SSL, SSL_R_SIGNATURE_ALGORITHMS_ERROR},
+ #else
+ {"SIGNATURE_ALGORITHMS_ERROR", ERR_LIB_SSL, 360},
+ #endif
#ifdef SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE
{"SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", ERR_LIB_SSL, SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE},
#else
{"SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", ERR_LIB_SSL, 220},
#endif
+ #ifdef SSL_R_SRP_A_CALC
+ {"SRP_A_CALC", ERR_LIB_SSL, SSL_R_SRP_A_CALC},
+ #else
+ {"SRP_A_CALC", ERR_LIB_SSL, 361},
+ #endif
+ #ifdef SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES
+ {"SRTP_COULD_NOT_ALLOCATE_PROFILES", ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES},
+ #else
+ {"SRTP_COULD_NOT_ALLOCATE_PROFILES", ERR_LIB_SSL, 362},
+ #endif
+ #ifdef SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG
+ {"SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", ERR_LIB_SSL, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG},
+ #else
+ {"SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", ERR_LIB_SSL, 363},
+ #endif
+ #ifdef SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE
+ {"SRTP_UNKNOWN_PROTECTION_PROFILE", ERR_LIB_SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE},
+ #else
+ {"SRTP_UNKNOWN_PROTECTION_PROFILE", ERR_LIB_SSL, 364},
+ #endif
#ifdef SSL_R_SSL23_DOING_SESSION_ID_REUSE
{"SSL23_DOING_SESSION_ID_REUSE", ERR_LIB_SSL, SSL_R_SSL23_DOING_SESSION_ID_REUSE},
#else
@@ -1179,6 +1379,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"SSL_LIBRARY_HAS_NO_CIPHERS", ERR_LIB_SSL, 230},
#endif
+ #ifdef SSL_R_SSL_NEGATIVE_LENGTH
+ {"SSL_NEGATIVE_LENGTH", ERR_LIB_SSL, SSL_R_SSL_NEGATIVE_LENGTH},
+ #else
+ {"SSL_NEGATIVE_LENGTH", ERR_LIB_SSL, 372},
+ #endif
#ifdef SSL_R_SSL_SESSION_ID_CALLBACK_FAILED
{"SSL_SESSION_ID_CALLBACK_FAILED", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED},
#else
@@ -1229,6 +1434,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"TLSV1_ALERT_EXPORT_RESTRICTION", ERR_LIB_SSL, 1060},
#endif
+ #ifdef SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK
+ {"TLSV1_ALERT_INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK},
+ #else
+ {"TLSV1_ALERT_INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, 1086},
+ #endif
#ifdef SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY
{"TLSV1_ALERT_INSUFFICIENT_SECURITY", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY},
#else
@@ -1294,6 +1504,21 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER", ERR_LIB_SSL, 232},
#endif
+ #ifdef SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT
+ {"TLS_HEARTBEAT_PEER_DOESNT_ACCEPT", ERR_LIB_SSL, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT},
+ #else
+ {"TLS_HEARTBEAT_PEER_DOESNT_ACCEPT", ERR_LIB_SSL, 365},
+ #endif
+ #ifdef SSL_R_TLS_HEARTBEAT_PENDING
+ {"TLS_HEARTBEAT_PENDING", ERR_LIB_SSL, SSL_R_TLS_HEARTBEAT_PENDING},
+ #else
+ {"TLS_HEARTBEAT_PENDING", ERR_LIB_SSL, 366},
+ #endif
+ #ifdef SSL_R_TLS_ILLEGAL_EXPORTER_LABEL
+ {"TLS_ILLEGAL_EXPORTER_LABEL", ERR_LIB_SSL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL},
+ #else
+ {"TLS_ILLEGAL_EXPORTER_LABEL", ERR_LIB_SSL, 367},
+ #endif
#ifdef SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST
{"TLS_INVALID_ECPOINTFORMAT_LIST", ERR_LIB_SSL, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST},
#else
@@ -1399,6 +1624,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"UNKNOWN_CIPHER_TYPE", ERR_LIB_SSL, 249},
#endif
+ #ifdef SSL_R_UNKNOWN_CMD_NAME
+ {"UNKNOWN_CMD_NAME", ERR_LIB_SSL, SSL_R_UNKNOWN_CMD_NAME},
+ #else
+ {"UNKNOWN_CMD_NAME", ERR_LIB_SSL, 386},
+ #endif
+ #ifdef SSL_R_UNKNOWN_DIGEST
+ {"UNKNOWN_DIGEST", ERR_LIB_SSL, SSL_R_UNKNOWN_DIGEST},
+ #else
+ {"UNKNOWN_DIGEST", ERR_LIB_SSL, 368},
+ #endif
#ifdef SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE
{"UNKNOWN_KEY_EXCHANGE_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE},
#else
@@ -1469,16 +1704,36 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"UNSUPPORTED_STATUS_TYPE", ERR_LIB_SSL, 329},
#endif
+ #ifdef SSL_R_USE_SRTP_NOT_NEGOTIATED
+ {"USE_SRTP_NOT_NEGOTIATED", ERR_LIB_SSL, SSL_R_USE_SRTP_NOT_NEGOTIATED},
+ #else
+ {"USE_SRTP_NOT_NEGOTIATED", ERR_LIB_SSL, 369},
+ #endif
+ #ifdef SSL_R_VERSION_TOO_LOW
+ {"VERSION_TOO_LOW", ERR_LIB_SSL, SSL_R_VERSION_TOO_LOW},
+ #else
+ {"VERSION_TOO_LOW", ERR_LIB_SSL, 396},
+ #endif
#ifdef SSL_R_WRITE_BIO_NOT_SET
{"WRITE_BIO_NOT_SET", ERR_LIB_SSL, SSL_R_WRITE_BIO_NOT_SET},
#else
{"WRITE_BIO_NOT_SET", ERR_LIB_SSL, 260},
#endif
+ #ifdef SSL_R_WRONG_CERTIFICATE_TYPE
+ {"WRONG_CERTIFICATE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_CERTIFICATE_TYPE},
+ #else
+ {"WRONG_CERTIFICATE_TYPE", ERR_LIB_SSL, 383},
+ #endif
#ifdef SSL_R_WRONG_CIPHER_RETURNED
{"WRONG_CIPHER_RETURNED", ERR_LIB_SSL, SSL_R_WRONG_CIPHER_RETURNED},
#else
{"WRONG_CIPHER_RETURNED", ERR_LIB_SSL, 261},
#endif
+ #ifdef SSL_R_WRONG_CURVE
+ {"WRONG_CURVE", ERR_LIB_SSL, SSL_R_WRONG_CURVE},
+ #else
+ {"WRONG_CURVE", ERR_LIB_SSL, 378},
+ #endif
#ifdef SSL_R_WRONG_MESSAGE_TYPE
{"WRONG_MESSAGE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_MESSAGE_TYPE},
#else
@@ -1499,6 +1754,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"WRONG_SIGNATURE_SIZE", ERR_LIB_SSL, 265},
#endif
+ #ifdef SSL_R_WRONG_SIGNATURE_TYPE
+ {"WRONG_SIGNATURE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_SIGNATURE_TYPE},
+ #else
+ {"WRONG_SIGNATURE_TYPE", ERR_LIB_SSL, 370},
+ #endif
#ifdef SSL_R_WRONG_SSL_VERSION
{"WRONG_SSL_VERSION", ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION},
#else
@@ -1519,6 +1779,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"X509_VERIFICATION_SETUP_PROBLEMS", ERR_LIB_SSL, 269},
#endif
+ #ifdef X509_R_AKID_MISMATCH
+ {"AKID_MISMATCH", ERR_LIB_X509, X509_R_AKID_MISMATCH},
+ #else
+ {"AKID_MISMATCH", ERR_LIB_X509, 110},
+ #endif
#ifdef X509_R_BAD_X509_FILETYPE
{"BAD_X509_FILETYPE", ERR_LIB_X509, X509_R_BAD_X509_FILETYPE},
#else
@@ -1539,11 +1804,26 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"CERT_ALREADY_IN_HASH_TABLE", ERR_LIB_X509, 101},
#endif
+ #ifdef X509_R_CRL_ALREADY_DELTA
+ {"CRL_ALREADY_DELTA", ERR_LIB_X509, X509_R_CRL_ALREADY_DELTA},
+ #else
+ {"CRL_ALREADY_DELTA", ERR_LIB_X509, 127},
+ #endif
+ #ifdef X509_R_CRL_VERIFY_FAILURE
+ {"CRL_VERIFY_FAILURE", ERR_LIB_X509, X509_R_CRL_VERIFY_FAILURE},
+ #else
+ {"CRL_VERIFY_FAILURE", ERR_LIB_X509, 131},
+ #endif
#ifdef X509_R_ERR_ASN1_LIB
{"ERR_ASN1_LIB", ERR_LIB_X509, X509_R_ERR_ASN1_LIB},
#else
{"ERR_ASN1_LIB", ERR_LIB_X509, 102},
#endif
+ #ifdef X509_R_IDP_MISMATCH
+ {"IDP_MISMATCH", ERR_LIB_X509, X509_R_IDP_MISMATCH},
+ #else
+ {"IDP_MISMATCH", ERR_LIB_X509, 128},
+ #endif
#ifdef X509_R_INVALID_DIRECTORY
{"INVALID_DIRECTORY", ERR_LIB_X509, X509_R_INVALID_DIRECTORY},
#else
@@ -1559,6 +1839,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"INVALID_TRUST", ERR_LIB_X509, 123},
#endif
+ #ifdef X509_R_ISSUER_MISMATCH
+ {"ISSUER_MISMATCH", ERR_LIB_X509, X509_R_ISSUER_MISMATCH},
+ #else
+ {"ISSUER_MISMATCH", ERR_LIB_X509, 129},
+ #endif
#ifdef X509_R_KEY_TYPE_MISMATCH
{"KEY_TYPE_MISMATCH", ERR_LIB_X509, X509_R_KEY_TYPE_MISMATCH},
#else
@@ -1584,11 +1869,21 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"METHOD_NOT_SUPPORTED", ERR_LIB_X509, 124},
#endif
+ #ifdef X509_R_NEWER_CRL_NOT_NEWER
+ {"NEWER_CRL_NOT_NEWER", ERR_LIB_X509, X509_R_NEWER_CRL_NOT_NEWER},
+ #else
+ {"NEWER_CRL_NOT_NEWER", ERR_LIB_X509, 132},
+ #endif
#ifdef X509_R_NO_CERT_SET_FOR_US_TO_VERIFY
{"NO_CERT_SET_FOR_US_TO_VERIFY", ERR_LIB_X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY},
#else
{"NO_CERT_SET_FOR_US_TO_VERIFY", ERR_LIB_X509, 105},
#endif
+ #ifdef X509_R_NO_CRL_NUMBER
+ {"NO_CRL_NUMBER", ERR_LIB_X509, X509_R_NO_CRL_NUMBER},
+ #else
+ {"NO_CRL_NUMBER", ERR_LIB_X509, 130},
+ #endif
#ifdef X509_R_PUBLIC_KEY_DECODE_ERROR
{"PUBLIC_KEY_DECODE_ERROR", ERR_LIB_X509, X509_R_PUBLIC_KEY_DECODE_ERROR},
#else
diff --git a/Tools/ssl/make_ssl_data.py b/Tools/ssl/make_ssl_data.py
index 10244d1..3fb4985 100755
--- a/Tools/ssl/make_ssl_data.py
+++ b/Tools/ssl/make_ssl_data.py
@@ -5,8 +5,7 @@ This script should be called *manually* when we want to upgrade SSLError
`library` and `reason` mnemnonics to a more recent OpenSSL version.
It takes two arguments:
-- the path to the OpenSSL include files' directory
- (e.g. openssl-1.0.1-beta3/include/openssl/)
+- the path to the OpenSSL source tree (e.g. git checkout)
- the path to the C file to be generated
(probably Modules/_ssl_data.h)
"""
@@ -15,9 +14,10 @@ import datetime
import os
import re
import sys
+import _ssl
-def parse_error_codes(h_file, prefix):
+def parse_error_codes(h_file, prefix, libcode):
pat = re.compile(r"#define\W+(%s([\w]+))\W+(\d+)\b" % re.escape(prefix))
codes = []
with open(h_file, "r", encoding="latin1") as f:
@@ -26,7 +26,8 @@ def parse_error_codes(h_file, prefix):
if match:
code, name, num = match.groups()
num = int(num)
- codes.append((code, name, num))
+ # e.g. ("SSL_R_BAD_DATA", ("ERR_LIB_SSL", "BAD_DATA", 390))
+ codes.append((code, (libcode, name, num)))
return codes
if __name__ == "__main__":
@@ -34,12 +35,32 @@ if __name__ == "__main__":
outfile = sys.argv[2]
use_stdout = outfile == '-'
f = sys.stdout if use_stdout else open(outfile, "w")
- error_libraries = (
- # (library code, mnemonic, error prefix, header file)
- ('ERR_LIB_PEM', 'PEM', 'PEM_R_', 'pem.h'),
- ('ERR_LIB_SSL', 'SSL', 'SSL_R_', 'ssl.h'),
- ('ERR_LIB_X509', 'X509', 'X509_R_', 'x509.h'),
- )
+ error_libraries = {
+ # mnemonic -> (library code, error prefix, header file)
+ 'PEM': ('ERR_LIB_PEM', 'PEM_R_', 'crypto/pem/pem.h'),
+ 'SSL': ('ERR_LIB_SSL', 'SSL_R_', 'ssl/ssl.h'),
+ 'X509': ('ERR_LIB_X509', 'X509_R_', 'crypto/x509/x509.h'),
+ }
+
+ # Read codes from libraries
+ new_codes = []
+ for libcode, prefix, h_file in sorted(error_libraries.values()):
+ new_codes += parse_error_codes(os.path.join(openssl_inc, h_file),
+ prefix, libcode)
+ new_code_nums = set((libcode, num)
+ for (code, (libcode, name, num)) in new_codes)
+
+ # Merge with existing codes (in case some old codes disappeared).
+ codes = {}
+ for errname, (libnum, errnum) in _ssl.err_names_to_codes.items():
+ lib = error_libraries[_ssl.lib_codes_to_names[libnum]]
+ libcode = lib[0] # e.g. ERR_LIB_PEM
+ errcode = lib[1] + errname # e.g. SSL_R_BAD_SSL_SESSION_ID_LENGTH
+ # Only keep it if the numeric codes weren't reused
+ if (libcode, errnum) not in new_code_nums:
+ codes[errcode] = libcode, errname, errnum
+ codes.update(dict(new_codes))
+
def w(l):
f.write(l + "\n")
w("/* File generated by Tools/ssl/make_ssl_data.py */")
@@ -47,21 +68,19 @@ if __name__ == "__main__":
w("")
w("static struct py_ssl_library_code library_codes[] = {")
- for libcode, mnemo, _, _ in error_libraries:
+ for mnemo, (libcode, _, _) in sorted(error_libraries.items()):
w(' {"%s", %s},' % (mnemo, libcode))
w(' { NULL }')
w('};')
w("")
w("static struct py_ssl_error_code error_codes[] = {")
- for libcode, _, prefix, h_file in error_libraries:
- codes = parse_error_codes(os.path.join(openssl_inc, h_file), prefix)
- for code, name, num in sorted(codes):
- w(' #ifdef %s' % (code))
- w(' {"%s", %s, %s},' % (name, libcode, code))
- w(' #else')
- w(' {"%s", %s, %d},' % (name, libcode, num))
- w(' #endif')
+ for errcode, (libcode, name, num) in sorted(codes.items()):
+ w(' #ifdef %s' % (errcode))
+ w(' {"%s", %s, %s},' % (name, libcode, errcode))
+ w(' #else')
+ w(' {"%s", %s, %d},' % (name, libcode, num))
+ w(' #endif')
w(' { NULL }')
w('};')
if not use_stdout: