Mirror
/
cpython
mirror of https://github.com/python/cpython
4
1
Fork 0
Code Issues Releases Wiki Activity

Issue #23248: Update ssl error codes from latest OpenSSL git master.

This commit is contained in:
Antoine Pitrou 2015-01-18 17:39:32 +01:00
parent d3faf43f9b
commit 173ad83b07
3 changed files with 336 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Misc/NEWS
View File

@ -44,6 +44,8 @@ Core and Builtins
Library
-------
- Issue #23248: Update ssl error codes from latest OpenSSL git master.
- Issue #23098: 64-bit dev_t is now supported in the os module.
- Issue #23250: In the http.cookies module, capitalize "HttpOnly" and "Secure"

297
Modules/_ssl_data.h
View File

@ -1,5 +1,5 @@
/* File generated by Tools/ssl/make_ssl_data.py */
/* Generated on 2012-05-16T23:56:40.981382 */
/* Generated on 2015-01-17T20:33:43.377453 */
static struct py_ssl_library_code library_codes[] = {
{"PEM", ERR_LIB_PEM},
@ -179,6 +179,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"BAD_CHECKSUM", ERR_LIB_SSL, 104},
#endif
#ifdef SSL_R_BAD_DATA
{"BAD_DATA", ERR_LIB_SSL, SSL_R_BAD_DATA},
#else
{"BAD_DATA", ERR_LIB_SSL, 390},
#endif
#ifdef SSL_R_BAD_DATA_RETURNED_BY_CALLBACK
{"BAD_DATA_RETURNED_BY_CALLBACK", ERR_LIB_SSL, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK},
#else
@ -309,6 +314,46 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"BAD_SIGNATURE", ERR_LIB_SSL, 123},
#endif
#ifdef SSL_R_BAD_SRP_A_LENGTH
{"BAD_SRP_A_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_A_LENGTH},
#else
{"BAD_SRP_A_LENGTH", ERR_LIB_SSL, 347},
#endif
#ifdef SSL_R_BAD_SRP_B_LENGTH
{"BAD_SRP_B_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_B_LENGTH},
#else
{"BAD_SRP_B_LENGTH", ERR_LIB_SSL, 348},
#endif
#ifdef SSL_R_BAD_SRP_G_LENGTH
{"BAD_SRP_G_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_G_LENGTH},
#else
{"BAD_SRP_G_LENGTH", ERR_LIB_SSL, 349},
#endif
#ifdef SSL_R_BAD_SRP_N_LENGTH
{"BAD_SRP_N_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_N_LENGTH},
#else
{"BAD_SRP_N_LENGTH", ERR_LIB_SSL, 350},
#endif
#ifdef SSL_R_BAD_SRP_PARAMETERS
{"BAD_SRP_PARAMETERS", ERR_LIB_SSL, SSL_R_BAD_SRP_PARAMETERS},
#else
{"BAD_SRP_PARAMETERS", ERR_LIB_SSL, 371},
#endif
#ifdef SSL_R_BAD_SRP_S_LENGTH
{"BAD_SRP_S_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_S_LENGTH},
#else
{"BAD_SRP_S_LENGTH", ERR_LIB_SSL, 351},
#endif
#ifdef SSL_R_BAD_SRTP_MKI_VALUE
{"BAD_SRTP_MKI_VALUE", ERR_LIB_SSL, SSL_R_BAD_SRTP_MKI_VALUE},
#else
{"BAD_SRTP_MKI_VALUE", ERR_LIB_SSL, 352},
#endif
#ifdef SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST
{"BAD_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST},
#else
{"BAD_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, 353},
#endif
#ifdef SSL_R_BAD_SSL_FILETYPE
{"BAD_SSL_FILETYPE", ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE},
#else
@ -324,6 +369,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"BAD_STATE", ERR_LIB_SSL, 126},
#endif
#ifdef SSL_R_BAD_VALUE
{"BAD_VALUE", ERR_LIB_SSL, SSL_R_BAD_VALUE},
#else
{"BAD_VALUE", ERR_LIB_SSL, 384},
#endif
#ifdef SSL_R_BAD_WRITE_RETRY
{"BAD_WRITE_RETRY", ERR_LIB_SSL, SSL_R_BAD_WRITE_RETRY},
#else
@ -354,6 +404,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"CA_DN_TOO_LONG", ERR_LIB_SSL, 132},
#endif
#ifdef SSL_R_CA_KEY_TOO_SMALL
{"CA_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_CA_KEY_TOO_SMALL},
#else
{"CA_KEY_TOO_SMALL", ERR_LIB_SSL, 397},
#endif
#ifdef SSL_R_CA_MD_TOO_WEAK
{"CA_MD_TOO_WEAK", ERR_LIB_SSL, SSL_R_CA_MD_TOO_WEAK},
#else
{"CA_MD_TOO_WEAK", ERR_LIB_SSL, 398},
#endif
#ifdef SSL_R_CCS_RECEIVED_EARLY
{"CCS_RECEIVED_EARLY", ERR_LIB_SSL, SSL_R_CCS_RECEIVED_EARLY},
#else
@ -364,6 +424,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"CERTIFICATE_VERIFY_FAILED", ERR_LIB_SSL, 134},
#endif
#ifdef SSL_R_CERT_CB_ERROR
{"CERT_CB_ERROR", ERR_LIB_SSL, SSL_R_CERT_CB_ERROR},
#else
{"CERT_CB_ERROR", ERR_LIB_SSL, 377},
#endif
#ifdef SSL_R_CERT_LENGTH_MISMATCH
{"CERT_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_CERT_LENGTH_MISMATCH},
#else
@ -454,6 +519,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"DECRYPTION_FAILED_OR_BAD_RECORD_MAC", ERR_LIB_SSL, 281},
#endif
#ifdef SSL_R_DH_KEY_TOO_SMALL
{"DH_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL},
#else
{"DH_KEY_TOO_SMALL", ERR_LIB_SSL, 394},
#endif
#ifdef SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG
{"DH_PUBLIC_VALUE_LENGTH_IS_WRONG", ERR_LIB_SSL, SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG},
#else
@ -494,11 +564,26 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE", ERR_LIB_SSL, 323},
#endif
#ifdef SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE
{"ECDH_REQUIRED_FOR_SUITEB_MODE", ERR_LIB_SSL, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE},
#else
{"ECDH_REQUIRED_FOR_SUITEB_MODE", ERR_LIB_SSL, 374},
#endif
#ifdef SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER
{"ECGROUP_TOO_LARGE_FOR_CIPHER", ERR_LIB_SSL, SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER},
#else
{"ECGROUP_TOO_LARGE_FOR_CIPHER", ERR_LIB_SSL, 310},
#endif
#ifdef SSL_R_EE_KEY_TOO_SMALL
{"EE_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_EE_KEY_TOO_SMALL},
#else
{"EE_KEY_TOO_SMALL", ERR_LIB_SSL, 399},
#endif
#ifdef SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST
{"EMPTY_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST},
#else
{"EMPTY_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, 354},
#endif
#ifdef SSL_R_ENCRYPTED_LENGTH_TOO_LONG
{"ENCRYPTED_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_ENCRYPTED_LENGTH_TOO_LONG},
#else
@ -529,6 +614,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"GOT_A_FIN_BEFORE_A_CCS", ERR_LIB_SSL, 154},
#endif
#ifdef SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS
{"GOT_NEXT_PROTO_BEFORE_A_CCS", ERR_LIB_SSL, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS},
#else
{"GOT_NEXT_PROTO_BEFORE_A_CCS", ERR_LIB_SSL, 355},
#endif
#ifdef SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION
{"GOT_NEXT_PROTO_WITHOUT_EXTENSION", ERR_LIB_SSL, SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION},
#else
{"GOT_NEXT_PROTO_WITHOUT_EXTENSION", ERR_LIB_SSL, 356},
#endif
#ifdef SSL_R_HTTPS_PROXY_REQUEST
{"HTTPS_PROXY_REQUEST", ERR_LIB_SSL, SSL_R_HTTPS_PROXY_REQUEST},
#else
@ -544,6 +639,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"ILLEGAL_PADDING", ERR_LIB_SSL, 283},
#endif
#ifdef SSL_R_ILLEGAL_SUITEB_DIGEST
{"ILLEGAL_SUITEB_DIGEST", ERR_LIB_SSL, SSL_R_ILLEGAL_SUITEB_DIGEST},
#else
{"ILLEGAL_SUITEB_DIGEST", ERR_LIB_SSL, 380},
#endif
#ifdef SSL_R_INAPPROPRIATE_FALLBACK
{"INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, SSL_R_INAPPROPRIATE_FALLBACK},
#else
{"INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, 373},
#endif
#ifdef SSL_R_INCONSISTENT_COMPRESSION
{"INCONSISTENT_COMPRESSION", ERR_LIB_SSL, SSL_R_INCONSISTENT_COMPRESSION},
#else
@ -564,11 +669,26 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"INVALID_COMPRESSION_ALGORITHM", ERR_LIB_SSL, 341},
#endif
#ifdef SSL_R_INVALID_NULL_CMD_NAME
{"INVALID_NULL_CMD_NAME", ERR_LIB_SSL, SSL_R_INVALID_NULL_CMD_NAME},
#else
{"INVALID_NULL_CMD_NAME", ERR_LIB_SSL, 385},
#endif
#ifdef SSL_R_INVALID_PURPOSE
{"INVALID_PURPOSE", ERR_LIB_SSL, SSL_R_INVALID_PURPOSE},
#else
{"INVALID_PURPOSE", ERR_LIB_SSL, 278},
#endif
#ifdef SSL_R_INVALID_SERVERINFO_DATA
{"INVALID_SERVERINFO_DATA", ERR_LIB_SSL, SSL_R_INVALID_SERVERINFO_DATA},
#else
{"INVALID_SERVERINFO_DATA", ERR_LIB_SSL, 388},
#endif
#ifdef SSL_R_INVALID_SRP_USERNAME
{"INVALID_SRP_USERNAME", ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME},
#else
{"INVALID_SRP_USERNAME", ERR_LIB_SSL, 357},
#endif
#ifdef SSL_R_INVALID_STATUS_RESPONSE
{"INVALID_STATUS_RESPONSE", ERR_LIB_SSL, SSL_R_INVALID_STATUS_RESPONSE},
#else
@ -689,6 +809,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"MISSING_DSA_SIGNING_CERT", ERR_LIB_SSL, 165},
#endif
#ifdef SSL_R_MISSING_ECDH_CERT
{"MISSING_ECDH_CERT", ERR_LIB_SSL, SSL_R_MISSING_ECDH_CERT},
#else
{"MISSING_ECDH_CERT", ERR_LIB_SSL, 382},
#endif
#ifdef SSL_R_MISSING_ECDSA_SIGNING_CERT
{"MISSING_ECDSA_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_ECDSA_SIGNING_CERT},
#else
{"MISSING_ECDSA_SIGNING_CERT", ERR_LIB_SSL, 381},
#endif
#ifdef SSL_R_MISSING_EXPORT_TMP_DH_KEY
{"MISSING_EXPORT_TMP_DH_KEY", ERR_LIB_SSL, SSL_R_MISSING_EXPORT_TMP_DH_KEY},
#else
@ -714,6 +844,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"MISSING_RSA_SIGNING_CERT", ERR_LIB_SSL, 170},
#endif
#ifdef SSL_R_MISSING_SRP_PARAM
{"MISSING_SRP_PARAM", ERR_LIB_SSL, SSL_R_MISSING_SRP_PARAM},
#else
{"MISSING_SRP_PARAM", ERR_LIB_SSL, 358},
#endif
#ifdef SSL_R_MISSING_TMP_DH_KEY
{"MISSING_TMP_DH_KEY", ERR_LIB_SSL, SSL_R_MISSING_TMP_DH_KEY},
#else
@ -739,6 +874,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"MISSING_VERIFY_MESSAGE", ERR_LIB_SSL, 174},
#endif
#ifdef SSL_R_MULTIPLE_SGC_RESTARTS
{"MULTIPLE_SGC_RESTARTS", ERR_LIB_SSL, SSL_R_MULTIPLE_SGC_RESTARTS},
#else
{"MULTIPLE_SGC_RESTARTS", ERR_LIB_SSL, 346},
#endif
#ifdef SSL_R_NON_SSLV2_INITIAL_PACKET
{"NON_SSLV2_INITIAL_PACKET", ERR_LIB_SSL, SSL_R_NON_SSLV2_INITIAL_PACKET},
#else
@ -819,6 +959,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"NO_METHOD_SPECIFIED", ERR_LIB_SSL, 188},
#endif
#ifdef SSL_R_NO_PEM_EXTENSIONS
{"NO_PEM_EXTENSIONS", ERR_LIB_SSL, SSL_R_NO_PEM_EXTENSIONS},
#else
{"NO_PEM_EXTENSIONS", ERR_LIB_SSL, 389},
#endif
#ifdef SSL_R_NO_PRIVATEKEY
{"NO_PRIVATEKEY", ERR_LIB_SSL, SSL_R_NO_PRIVATEKEY},
#else
@ -854,6 +999,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"NO_SHARED_CIPHER", ERR_LIB_SSL, 193},
#endif
#ifdef SSL_R_NO_SHARED_SIGATURE_ALGORITHMS
{"NO_SHARED_SIGATURE_ALGORITHMS", ERR_LIB_SSL, SSL_R_NO_SHARED_SIGATURE_ALGORITHMS},
#else
{"NO_SHARED_SIGATURE_ALGORITHMS", ERR_LIB_SSL, 376},
#endif
#ifdef SSL_R_NO_SRTP_PROFILES
{"NO_SRTP_PROFILES", ERR_LIB_SSL, SSL_R_NO_SRTP_PROFILES},
#else
{"NO_SRTP_PROFILES", ERR_LIB_SSL, 359},
#endif
#ifdef SSL_R_NO_VERIFY_CALLBACK
{"NO_VERIFY_CALLBACK", ERR_LIB_SSL, SSL_R_NO_VERIFY_CALLBACK},
#else
@ -879,6 +1034,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", ERR_LIB_SSL, 344},
#endif
#ifdef SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE
{"ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE", ERR_LIB_SSL, SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE},
#else
{"ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE", ERR_LIB_SSL, 387},
#endif
#ifdef SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE
{"ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE", ERR_LIB_SSL, SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE},
#else
{"ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE", ERR_LIB_SSL, 379},
#endif
#ifdef SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE
{"ONLY_TLS_ALLOWED_IN_FIPS_MODE", ERR_LIB_SSL, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE},
#else
@ -934,6 +1099,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE", ERR_LIB_SSL, 204},
#endif
#ifdef SSL_R_PEM_NAME_BAD_PREFIX
{"PEM_NAME_BAD_PREFIX", ERR_LIB_SSL, SSL_R_PEM_NAME_BAD_PREFIX},
#else
{"PEM_NAME_BAD_PREFIX", ERR_LIB_SSL, 391},
#endif
#ifdef SSL_R_PEM_NAME_TOO_SHORT
{"PEM_NAME_TOO_SHORT", ERR_LIB_SSL, SSL_R_PEM_NAME_TOO_SHORT},
#else
{"PEM_NAME_TOO_SHORT", ERR_LIB_SSL, 392},
#endif
#ifdef SSL_R_PRE_MAC_LENGTH_TOO_LONG
{"PRE_MAC_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_PRE_MAC_LENGTH_TOO_LONG},
#else
@ -1069,11 +1244,36 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"SHORT_READ", ERR_LIB_SSL, 219},
#endif
#ifdef SSL_R_SIGNATURE_ALGORITHMS_ERROR
{"SIGNATURE_ALGORITHMS_ERROR", ERR_LIB_SSL, SSL_R_SIGNATURE_ALGORITHMS_ERROR},
#else
{"SIGNATURE_ALGORITHMS_ERROR", ERR_LIB_SSL, 360},
#endif
#ifdef SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE
{"SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", ERR_LIB_SSL, SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE},
#else
{"SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", ERR_LIB_SSL, 220},
#endif
#ifdef SSL_R_SRP_A_CALC
{"SRP_A_CALC", ERR_LIB_SSL, SSL_R_SRP_A_CALC},
#else
{"SRP_A_CALC", ERR_LIB_SSL, 361},
#endif
#ifdef SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES
{"SRTP_COULD_NOT_ALLOCATE_PROFILES", ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES},
#else
{"SRTP_COULD_NOT_ALLOCATE_PROFILES", ERR_LIB_SSL, 362},
#endif
#ifdef SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG
{"SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", ERR_LIB_SSL, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG},
#else
{"SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", ERR_LIB_SSL, 363},
#endif
#ifdef SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE
{"SRTP_UNKNOWN_PROTECTION_PROFILE", ERR_LIB_SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE},
#else
{"SRTP_UNKNOWN_PROTECTION_PROFILE", ERR_LIB_SSL, 364},
#endif
#ifdef SSL_R_SSL23_DOING_SESSION_ID_REUSE
{"SSL23_DOING_SESSION_ID_REUSE", ERR_LIB_SSL, SSL_R_SSL23_DOING_SESSION_ID_REUSE},
#else
@ -1179,6 +1379,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"SSL_LIBRARY_HAS_NO_CIPHERS", ERR_LIB_SSL, 230},
#endif
#ifdef SSL_R_SSL_NEGATIVE_LENGTH
{"SSL_NEGATIVE_LENGTH", ERR_LIB_SSL, SSL_R_SSL_NEGATIVE_LENGTH},
#else
{"SSL_NEGATIVE_LENGTH", ERR_LIB_SSL, 372},
#endif
#ifdef SSL_R_SSL_SESSION_ID_CALLBACK_FAILED
{"SSL_SESSION_ID_CALLBACK_FAILED", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED},
#else
@ -1229,6 +1434,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"TLSV1_ALERT_EXPORT_RESTRICTION", ERR_LIB_SSL, 1060},
#endif
#ifdef SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK
{"TLSV1_ALERT_INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK},
#else
{"TLSV1_ALERT_INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, 1086},
#endif
#ifdef SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY
{"TLSV1_ALERT_INSUFFICIENT_SECURITY", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY},
#else
@ -1294,6 +1504,21 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER", ERR_LIB_SSL, 232},
#endif
#ifdef SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT
{"TLS_HEARTBEAT_PEER_DOESNT_ACCEPT", ERR_LIB_SSL, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT},
#else
{"TLS_HEARTBEAT_PEER_DOESNT_ACCEPT", ERR_LIB_SSL, 365},
#endif
#ifdef SSL_R_TLS_HEARTBEAT_PENDING
{"TLS_HEARTBEAT_PENDING", ERR_LIB_SSL, SSL_R_TLS_HEARTBEAT_PENDING},
#else
{"TLS_HEARTBEAT_PENDING", ERR_LIB_SSL, 366},
#endif
#ifdef SSL_R_TLS_ILLEGAL_EXPORTER_LABEL
{"TLS_ILLEGAL_EXPORTER_LABEL", ERR_LIB_SSL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL},
#else
{"TLS_ILLEGAL_EXPORTER_LABEL", ERR_LIB_SSL, 367},
#endif
#ifdef SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST
{"TLS_INVALID_ECPOINTFORMAT_LIST", ERR_LIB_SSL, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST},
#else
@ -1399,6 +1624,16 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"UNKNOWN_CIPHER_TYPE", ERR_LIB_SSL, 249},
#endif
#ifdef SSL_R_UNKNOWN_CMD_NAME
{"UNKNOWN_CMD_NAME", ERR_LIB_SSL, SSL_R_UNKNOWN_CMD_NAME},
#else
{"UNKNOWN_CMD_NAME", ERR_LIB_SSL, 386},
#endif
#ifdef SSL_R_UNKNOWN_DIGEST
{"UNKNOWN_DIGEST", ERR_LIB_SSL, SSL_R_UNKNOWN_DIGEST},
#else
{"UNKNOWN_DIGEST", ERR_LIB_SSL, 368},
#endif
#ifdef SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE
{"UNKNOWN_KEY_EXCHANGE_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE},
#else
@ -1469,16 +1704,36 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"UNSUPPORTED_STATUS_TYPE", ERR_LIB_SSL, 329},
#endif
#ifdef SSL_R_USE_SRTP_NOT_NEGOTIATED
{"USE_SRTP_NOT_NEGOTIATED", ERR_LIB_SSL, SSL_R_USE_SRTP_NOT_NEGOTIATED},
#else
{"USE_SRTP_NOT_NEGOTIATED", ERR_LIB_SSL, 369},
#endif
#ifdef SSL_R_VERSION_TOO_LOW
{"VERSION_TOO_LOW", ERR_LIB_SSL, SSL_R_VERSION_TOO_LOW},
#else
{"VERSION_TOO_LOW", ERR_LIB_SSL, 396},
#endif
#ifdef SSL_R_WRITE_BIO_NOT_SET
{"WRITE_BIO_NOT_SET", ERR_LIB_SSL, SSL_R_WRITE_BIO_NOT_SET},
#else
{"WRITE_BIO_NOT_SET", ERR_LIB_SSL, 260},
#endif
#ifdef SSL_R_WRONG_CERTIFICATE_TYPE
{"WRONG_CERTIFICATE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_CERTIFICATE_TYPE},
#else
{"WRONG_CERTIFICATE_TYPE", ERR_LIB_SSL, 383},
#endif
#ifdef SSL_R_WRONG_CIPHER_RETURNED
{"WRONG_CIPHER_RETURNED", ERR_LIB_SSL, SSL_R_WRONG_CIPHER_RETURNED},
#else
{"WRONG_CIPHER_RETURNED", ERR_LIB_SSL, 261},
#endif
#ifdef SSL_R_WRONG_CURVE
{"WRONG_CURVE", ERR_LIB_SSL, SSL_R_WRONG_CURVE},
#else
{"WRONG_CURVE", ERR_LIB_SSL, 378},
#endif
#ifdef SSL_R_WRONG_MESSAGE_TYPE
{"WRONG_MESSAGE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_MESSAGE_TYPE},
#else
@ -1499,6 +1754,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"WRONG_SIGNATURE_SIZE", ERR_LIB_SSL, 265},
#endif
#ifdef SSL_R_WRONG_SIGNATURE_TYPE
{"WRONG_SIGNATURE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_SIGNATURE_TYPE},
#else
{"WRONG_SIGNATURE_TYPE", ERR_LIB_SSL, 370},
#endif
#ifdef SSL_R_WRONG_SSL_VERSION
{"WRONG_SSL_VERSION", ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION},
#else
@ -1519,6 +1779,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"X509_VERIFICATION_SETUP_PROBLEMS", ERR_LIB_SSL, 269},
#endif
#ifdef X509_R_AKID_MISMATCH
{"AKID_MISMATCH", ERR_LIB_X509, X509_R_AKID_MISMATCH},
#else
{"AKID_MISMATCH", ERR_LIB_X509, 110},
#endif
#ifdef X509_R_BAD_X509_FILETYPE
{"BAD_X509_FILETYPE", ERR_LIB_X509, X509_R_BAD_X509_FILETYPE},
#else
@ -1539,11 +1804,26 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"CERT_ALREADY_IN_HASH_TABLE", ERR_LIB_X509, 101},
#endif
#ifdef X509_R_CRL_ALREADY_DELTA
{"CRL_ALREADY_DELTA", ERR_LIB_X509, X509_R_CRL_ALREADY_DELTA},
#else
{"CRL_ALREADY_DELTA", ERR_LIB_X509, 127},
#endif
#ifdef X509_R_CRL_VERIFY_FAILURE
{"CRL_VERIFY_FAILURE", ERR_LIB_X509, X509_R_CRL_VERIFY_FAILURE},
#else
{"CRL_VERIFY_FAILURE", ERR_LIB_X509, 131},
#endif
#ifdef X509_R_ERR_ASN1_LIB
{"ERR_ASN1_LIB", ERR_LIB_X509, X509_R_ERR_ASN1_LIB},
#else
{"ERR_ASN1_LIB", ERR_LIB_X509, 102},
#endif
#ifdef X509_R_IDP_MISMATCH
{"IDP_MISMATCH", ERR_LIB_X509, X509_R_IDP_MISMATCH},
#else
{"IDP_MISMATCH", ERR_LIB_X509, 128},
#endif
#ifdef X509_R_INVALID_DIRECTORY
{"INVALID_DIRECTORY", ERR_LIB_X509, X509_R_INVALID_DIRECTORY},
#else
@ -1559,6 +1839,11 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"INVALID_TRUST", ERR_LIB_X509, 123},
#endif
#ifdef X509_R_ISSUER_MISMATCH
{"ISSUER_MISMATCH", ERR_LIB_X509, X509_R_ISSUER_MISMATCH},
#else
{"ISSUER_MISMATCH", ERR_LIB_X509, 129},
#endif
#ifdef X509_R_KEY_TYPE_MISMATCH
{"KEY_TYPE_MISMATCH", ERR_LIB_X509, X509_R_KEY_TYPE_MISMATCH},
#else
@ -1584,11 +1869,21 @@ static struct py_ssl_error_code error_codes[] = {
#else
{"METHOD_NOT_SUPPORTED", ERR_LIB_X509, 124},
#endif
#ifdef X509_R_NEWER_CRL_NOT_NEWER
{"NEWER_CRL_NOT_NEWER", ERR_LIB_X509, X509_R_NEWER_CRL_NOT_NEWER},
#else
{"NEWER_CRL_NOT_NEWER", ERR_LIB_X509, 132},
#endif
#ifdef X509_R_NO_CERT_SET_FOR_US_TO_VERIFY
{"NO_CERT_SET_FOR_US_TO_VERIFY", ERR_LIB_X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY},
#else
{"NO_CERT_SET_FOR_US_TO_VERIFY", ERR_LIB_X509, 105},
#endif
#ifdef X509_R_NO_CRL_NUMBER
{"NO_CRL_NUMBER", ERR_LIB_X509, X509_R_NO_CRL_NUMBER},
#else
{"NO_CRL_NUMBER", ERR_LIB_X509, 130},
#endif
#ifdef X509_R_PUBLIC_KEY_DECODE_ERROR
{"PUBLIC_KEY_DECODE_ERROR", ERR_LIB_X509, X509_R_PUBLIC_KEY_DECODE_ERROR},
#else

57
Tools/ssl/make_ssl_data.py
View File

@ -5,8 +5,7 @@ This script should be called *manually* when we want to upgrade SSLError
`library` and `reason` mnemnonics to a more recent OpenSSL version.
It takes two arguments:
- the path to the OpenSSL include files' directory
(e.g. openssl-1.0.1-beta3/include/openssl/)
- the path to the OpenSSL source tree (e.g. git checkout)
- the path to the C file to be generated
(probably Modules/_ssl_data.h)
"""
@ -15,9 +14,10 @@ import datetime
import os
import re
import sys
import _ssl
def parse_error_codes(h_file, prefix):
def parse_error_codes(h_file, prefix, libcode):
pat = re.compile(r"#define\W+(%s([\w]+))\W+(\d+)\b" % re.escape(prefix))
codes = []
with open(h_file, "r", encoding="latin1") as f:
@ -26,7 +26,8 @@ def parse_error_codes(h_file, prefix):
if match:
code, name, num = match.groups()
num = int(num)
codes.append((code, name, num))
# e.g. ("SSL_R_BAD_DATA", ("ERR_LIB_SSL", "BAD_DATA", 390))
codes.append((code, (libcode, name, num)))
return codes
if __name__ == "__main__":
@ -34,12 +35,32 @@ if __name__ == "__main__":
outfile = sys.argv[2]
use_stdout = outfile == '-'
f = sys.stdout if use_stdout else open(outfile, "w")
error_libraries = (
# (library code, mnemonic, error prefix, header file)
('ERR_LIB_PEM', 'PEM', 'PEM_R_', 'pem.h'),
('ERR_LIB_SSL', 'SSL', 'SSL_R_', 'ssl.h'),
('ERR_LIB_X509', 'X509', 'X509_R_', 'x509.h'),
)
error_libraries = {
# mnemonic -> (library code, error prefix, header file)
'PEM': ('ERR_LIB_PEM', 'PEM_R_', 'crypto/pem/pem.h'),
'SSL': ('ERR_LIB_SSL', 'SSL_R_', 'ssl/ssl.h'),
'X509': ('ERR_LIB_X509', 'X509_R_', 'crypto/x509/x509.h'),
}
# Read codes from libraries
new_codes = []
for libcode, prefix, h_file in sorted(error_libraries.values()):
new_codes += parse_error_codes(os.path.join(openssl_inc, h_file),
prefix, libcode)
new_code_nums = set((libcode, num)
for (code, (libcode, name, num)) in new_codes)
# Merge with existing codes (in case some old codes disappeared).
codes = {}
for errname, (libnum, errnum) in _ssl.err_names_to_codes.items():
lib = error_libraries[_ssl.lib_codes_to_names[libnum]]
libcode = lib[0] # e.g. ERR_LIB_PEM
errcode = lib[1] + errname # e.g. SSL_R_BAD_SSL_SESSION_ID_LENGTH
# Only keep it if the numeric codes weren't reused
if (libcode, errnum) not in new_code_nums:
codes[errcode] = libcode, errname, errnum
codes.update(dict(new_codes))
def w(l):
f.write(l + "\n")
w("/* File generated by Tools/ssl/make_ssl_data.py */")
@ -47,21 +68,19 @@ if __name__ == "__main__":
w("")
w("static struct py_ssl_library_code library_codes[] = {")
for libcode, mnemo, _, _ in error_libraries:
for mnemo, (libcode, _, _) in sorted(error_libraries.items()):
w(' {"%s", %s},' % (mnemo, libcode))
w(' { NULL }')
w('};')
w("")
w("static struct py_ssl_error_code error_codes[] = {")
for libcode, _, prefix, h_file in error_libraries:
codes = parse_error_codes(os.path.join(openssl_inc, h_file), prefix)
for code, name, num in sorted(codes):
w(' #ifdef %s' % (code))
w(' {"%s", %s, %s},' % (name, libcode, code))
w(' #else')
w(' {"%s", %s, %d},' % (name, libcode, num))
w(' #endif')
for errcode, (libcode, name, num) in sorted(codes.items()):
w(' #ifdef %s' % (errcode))
w(' {"%s", %s, %s},' % (name, libcode, errcode))
w(' #else')
w(' {"%s", %s, %d},' % (name, libcode, num))
w(' #endif')
w(' { NULL }')
w('};')
if not use_stdout: