Branch data Line data Source code
1 : : /*
2 : : * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3 : : *
4 : : * Licensed under the Apache License, Version 2.0 (the "License").
5 : : * You may not use this file except in compliance with the License.
6 : : * A copy of the License is located at
7 : : *
8 : : * http://aws.amazon.com/apache2.0
9 : : *
10 : : * or in the "license" file accompanying this file. This file is distributed
11 : : * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12 : : * express or implied. See the License for the specific language governing
13 : : * permissions and limitations under the License.
14 : : */
15 : :
16 : : #include "error/s2n_errno.h"
17 : :
18 : : #include <errno.h>
19 : : #include <stdio.h>
20 : : #include <stdlib.h>
21 : : #include <string.h>
22 : : #include <strings.h>
23 : :
24 : : #include "api/s2n.h"
25 : : #include "utils/s2n_map.h"
26 : : #include "utils/s2n_safety.h"
27 : :
28 : : #ifdef S2N_STACKTRACE
29 : : #include <execinfo.h>
30 : : #endif
31 : :
32 : : __thread int s2n_errno;
33 : : __thread struct s2n_debug_info _s2n_debug_info = { .debug_str = "", .source = "" };
34 : :
35 : : /**
36 : : * Returns the address of the thread-local `s2n_errno` variable
37 : : */
38 : : int *s2n_errno_location()
39 : 9 : {
40 : 9 : return &s2n_errno;
41 : 9 : }
42 : :
43 : : static const char *no_such_language = "Language is not supported for error translation";
44 : : static const char *no_such_error = "Internal s2n error";
45 : :
46 : : /*
47 : : * Define error entries with descriptions in this macro once
48 : : * to generate code in next 2 following functions.
49 : : */
50 : : /* clang-format off */
51 : : #define ERR_ENTRIES(ERR_ENTRY) \
52 : 4 : ERR_ENTRY(S2N_ERR_OK, "no error") \
53 : 7 : ERR_ENTRY(S2N_ERR_IO, "underlying I/O operation failed, check system errno") \
54 : 7 : ERR_ENTRY(S2N_ERR_CLOSED, "connection is closed") \
55 : 2 : ERR_ENTRY(S2N_ERR_IO_BLOCKED, "underlying I/O operation would block") \
56 : 2 : ERR_ENTRY(S2N_ERR_ASYNC_BLOCKED, "blocked on external async function invocation") \
57 : 2 : ERR_ENTRY(S2N_ERR_ALERT, "TLS alert received") \
58 : 2 : ERR_ENTRY(S2N_ERR_ENCRYPT, "error encrypting data") \
59 : 2 : ERR_ENTRY(S2N_ERR_DECRYPT, "error decrypting data") \
60 : 2 : ERR_ENTRY(S2N_ERR_BAD_MESSAGE, "Bad message encountered") \
61 : 2 : ERR_ENTRY(S2N_ERR_KEY_INIT, "error initializing encryption key") \
62 : 2 : ERR_ENTRY(S2N_ERR_KEY_DESTROY, "error destroying encryption key") \
63 : 2 : ERR_ENTRY(S2N_ERR_DH_SERIALIZING, "error serializing Diffie-Hellman parameters") \
64 : 2 : ERR_ENTRY(S2N_ERR_DH_SHARED_SECRET, "error computing Diffie-Hellman shared secret") \
65 : 2 : ERR_ENTRY(S2N_ERR_DH_WRITING_PUBLIC_KEY, "error writing Diffie-Hellman public key") \
66 : 2 : ERR_ENTRY(S2N_ERR_DH_FAILED_SIGNING, "error signing Diffie-Hellman values") \
67 : 2 : ERR_ENTRY(S2N_ERR_DH_COPYING_PARAMETERS, "error copying Diffie-Hellman parameters") \
68 : 2 : ERR_ENTRY(S2N_ERR_DH_GENERATING_PARAMETERS, "error generating Diffie-Hellman parameters") \
69 : 2 : ERR_ENTRY(S2N_ERR_CIPHER_NOT_SUPPORTED, "Cipher is not supported") \
70 : 2 : ERR_ENTRY(S2N_ERR_NO_APPLICATION_PROTOCOL, "No supported application protocol to negotiate") \
71 : 2 : ERR_ENTRY(S2N_ERR_FALLBACK_DETECTED, "TLS fallback detected") \
72 : 2 : ERR_ENTRY(S2N_ERR_HASH_DIGEST_FAILED, "failed to create hash digest") \
73 : 2 : ERR_ENTRY(S2N_ERR_HASH_INIT_FAILED, "error initializing hash") \
74 : 2 : ERR_ENTRY(S2N_ERR_HASH_UPDATE_FAILED, "error updating hash") \
75 : 2 : ERR_ENTRY(S2N_ERR_HASH_COPY_FAILED, "error copying hash") \
76 : 2 : ERR_ENTRY(S2N_ERR_HASH_WIPE_FAILED, "error wiping hash") \
77 : 2 : ERR_ENTRY(S2N_ERR_HASH_NOT_READY, "hash not in a valid state for the attempted operation") \
78 : 2 : ERR_ENTRY(S2N_ERR_ALLOW_MD5_FOR_FIPS_FAILED, "error allowing MD5 to be used when in FIPS mode") \
79 : 2 : ERR_ENTRY(S2N_ERR_DECODE_CERTIFICATE, "error decoding certificate") \
80 : 2 : ERR_ENTRY(S2N_ERR_DECODE_PRIVATE_KEY, "error decoding private key") \
81 : 2 : ERR_ENTRY(S2N_ERR_INVALID_SIGNATURE_ALGORITHM, "Invalid signature algorithm") \
82 : 2 : ERR_ENTRY(S2N_ERR_INVALID_SIGNATURE_SCHEME, "Invalid signature scheme") \
83 : 2 : ERR_ENTRY(S2N_ERR_NO_VALID_SIGNATURE_SCHEME, "Unable to negotiate a supported signature scheme") \
84 : 2 : ERR_ENTRY(S2N_ERR_CBC_VERIFY, "Failed CBC verification") \
85 : 2 : ERR_ENTRY(S2N_ERR_DH_COPYING_PUBLIC_KEY, "error copying Diffie-Hellman public key") \
86 : 2 : ERR_ENTRY(S2N_ERR_SIGN, "error signing data") \
87 : 2 : ERR_ENTRY(S2N_ERR_VERIFY_SIGNATURE, "error verifying signature") \
88 : 2 : ERR_ENTRY(S2N_ERR_ECDHE_GEN_KEY, "Failed to generate an ECDHE key") \
89 : 2 : ERR_ENTRY(S2N_ERR_ECDHE_SHARED_SECRET, "Error computing ECDHE shared secret") \
90 : 2 : ERR_ENTRY(S2N_ERR_ECDHE_UNSUPPORTED_CURVE, "Unsupported EC curve was presented during an ECDHE handshake") \
91 : 2 : ERR_ENTRY(S2N_ERR_ECDHE_INVALID_PUBLIC_KEY, "Failed to validate the peer's point on the elliptic curve") \
92 : 2 : ERR_ENTRY(S2N_ERR_ECDHE_INVALID_PUBLIC_KEY_FIPS, "Failed to validate the peer's point on the elliptic curve, per FIPS requirements") \
93 : 2 : ERR_ENTRY(S2N_ERR_ECDSA_UNSUPPORTED_CURVE, "Unsupported EC curve was presented during an ECDSA SignatureScheme handshake") \
94 : 2 : ERR_ENTRY(S2N_ERR_ECDHE_SERIALIZING, "Error serializing ECDHE public") \
95 : 2 : ERR_ENTRY(S2N_ERR_KEM_UNSUPPORTED_PARAMS, "Unsupported KEM params was presented during a handshake that uses a KEM") \
96 : 2 : ERR_ENTRY(S2N_ERR_SHUTDOWN_RECORD_TYPE, "Non alert record received during s2n_shutdown()") \
97 : 2 : ERR_ENTRY(S2N_ERR_SHUTDOWN_CLOSED, "Peer closed before sending their close_notify") \
98 : 2 : ERR_ENTRY(S2N_ERR_NON_EMPTY_RENEGOTIATION_INFO, "renegotiation_info should be empty") \
99 : 2 : ERR_ENTRY(S2N_ERR_RECORD_LIMIT, "TLS record limit reached") \
100 : 2 : ERR_ENTRY(S2N_ERR_CERT_UNTRUSTED, "Certificate is untrusted") \
101 : 2 : ERR_ENTRY(S2N_ERR_CERT_REVOKED, "Certificate has been revoked by the CA") \
102 : 2 : ERR_ENTRY(S2N_ERR_CERT_NOT_YET_VALID, "Certificate is not yet valid") \
103 : 2 : ERR_ENTRY(S2N_ERR_CERT_EXPIRED, "Certificate has expired") \
104 : 2 : ERR_ENTRY(S2N_ERR_CERT_TYPE_UNSUPPORTED, "Certificate Type is unsupported") \
105 : 2 : ERR_ENTRY(S2N_ERR_CERT_INVALID, "Certificate is invalid") \
106 : 2 : ERR_ENTRY(S2N_ERR_CERT_MAX_CHAIN_DEPTH_EXCEEDED, "The maximum certificate chain depth has been exceeded") \
107 : 2 : ERR_ENTRY(S2N_ERR_CERT_REJECTED, "Certificate failed custom application validation") \
108 : 2 : ERR_ENTRY(S2N_ERR_CERT_UNHANDLED_CRITICAL_EXTENSION, "Unhandled critical certificate extension") \
109 : 2 : ERR_ENTRY(S2N_ERR_SECURITY_POLICY_INCOMPATIBLE_CERT, "Incompatibility found between loaded certificates and chosen security policy") \
110 : 2 : ERR_ENTRY(S2N_ERR_CRL_LOOKUP_FAILED, "No CRL could be found for the corresponding certificate") \
111 : 2 : ERR_ENTRY(S2N_ERR_CRL_SIGNATURE, "The signature of the CRL is invalid") \
112 : 2 : ERR_ENTRY(S2N_ERR_CRL_ISSUER, "Unable to get the CRL issuer certificate") \
113 : 2 : ERR_ENTRY(S2N_ERR_CRL_UNHANDLED_CRITICAL_EXTENSION, "Unhandled critical CRL extension") \
114 : 2 : ERR_ENTRY(S2N_ERR_CRL_INVALID_THIS_UPDATE, "The CRL contains an invalid thisUpdate field") \
115 : 2 : ERR_ENTRY(S2N_ERR_CRL_INVALID_NEXT_UPDATE, "The CRL contains an invalid nextUpdate field") \
116 : 2 : ERR_ENTRY(S2N_ERR_CRL_NOT_YET_VALID, "The CRL is not yet valid") \
117 : 2 : ERR_ENTRY(S2N_ERR_CRL_EXPIRED, "The CRL has expired") \
118 : 2 : ERR_ENTRY(S2N_ERR_INVALID_MAX_FRAG_LEN, "invalid Maximum Fragmentation Length encountered") \
119 : 2 : ERR_ENTRY(S2N_ERR_MAX_FRAG_LEN_MISMATCH, "Negotiated Maximum Fragmentation Length from server does not match the requested length by client") \
120 : 2 : ERR_ENTRY(S2N_ERR_PROTOCOL_VERSION_UNSUPPORTED, "TLS protocol version is not supported by configuration") \
121 : 2 : ERR_ENTRY(S2N_ERR_BAD_KEY_SHARE, "Bad key share received") \
122 : 2 : ERR_ENTRY(S2N_ERR_CANCELLED, "handshake was cancelled") \
123 : 2 : ERR_ENTRY(S2N_ERR_PROTOCOL_DOWNGRADE_DETECTED, "Protocol downgrade detected by client") \
124 : 2 : ERR_ENTRY(S2N_ERR_MADVISE, "error calling madvise") \
125 : 2 : ERR_ENTRY(S2N_ERR_ALLOC, "error allocating memory") \
126 : 2 : ERR_ENTRY(S2N_ERR_MLOCK, "error calling mlock (Did you run prlimit?)") \
127 : 2 : ERR_ENTRY(S2N_ERR_MUNLOCK, "error calling munlock") \
128 : 2 : ERR_ENTRY(S2N_ERR_FSTAT, "error calling fstat") \
129 : 2 : ERR_ENTRY(S2N_ERR_OPEN, "error calling open") \
130 : 2 : ERR_ENTRY(S2N_ERR_MMAP, "error calling mmap") \
131 : 2 : ERR_ENTRY(S2N_ERR_ATEXIT, "error calling atexit") \
132 : 2 : ERR_ENTRY(S2N_ERR_NOMEM, "no memory") \
133 : 3 : ERR_ENTRY(S2N_ERR_NULL, "NULL pointer encountered") \
134 : 3 : ERR_ENTRY(S2N_ERR_SAFETY, "a safety check failed") \
135 : 2 : ERR_ENTRY(S2N_ERR_INITIALIZED, "s2n is initialized") \
136 : 2 : ERR_ENTRY(S2N_ERR_NOT_INITIALIZED, "s2n not initialized") \
137 : 2 : ERR_ENTRY(S2N_ERR_RANDOM_UNINITIALIZED, "s2n entropy not initialized") \
138 : 2 : ERR_ENTRY(S2N_ERR_OPEN_RANDOM, "error opening urandom") \
139 : 2 : ERR_ENTRY(S2N_ERR_RESIZE_STATIC_STUFFER, "cannot resize a static stuffer") \
140 : 2 : ERR_ENTRY(S2N_ERR_RESIZE_TAINTED_STUFFER, "cannot resize a tainted stuffer") \
141 : 2 : ERR_ENTRY(S2N_ERR_STUFFER_OUT_OF_DATA, "stuffer is out of data") \
142 : 2 : ERR_ENTRY(S2N_ERR_STUFFER_IS_FULL, "stuffer is full") \
143 : 2 : ERR_ENTRY(S2N_ERR_STUFFER_NOT_FOUND, "stuffer expected bytes were not found") \
144 : 2 : ERR_ENTRY(S2N_ERR_STUFFER_HAS_UNPROCESSED_DATA, "stuffer has unprocessed data") \
145 : 2 : ERR_ENTRY(S2N_ERR_HASH_INVALID_ALGORITHM, "invalid hash algorithm") \
146 : 2 : ERR_ENTRY(S2N_ERR_PRF_INVALID_ALGORITHM, "invalid prf hash algorithm") \
147 : 2 : ERR_ENTRY(S2N_ERR_PRF_INVALID_SEED, "invalid prf seeds provided") \
148 : 2 : ERR_ENTRY(S2N_ERR_PRF_DERIVE, "error deriving a secret from the PRF") \
149 : 2 : ERR_ENTRY(S2N_ERR_P_HASH_INVALID_ALGORITHM, "invalid p_hash algorithm") \
150 : 2 : ERR_ENTRY(S2N_ERR_P_HASH_INIT_FAILED, "error initializing p_hash") \
151 : 2 : ERR_ENTRY(S2N_ERR_P_HASH_UPDATE_FAILED, "error updating p_hash") \
152 : 2 : ERR_ENTRY(S2N_ERR_P_HASH_FINAL_FAILED, "error creating p_hash digest") \
153 : 2 : ERR_ENTRY(S2N_ERR_P_HASH_WIPE_FAILED, "error wiping p_hash") \
154 : 2 : ERR_ENTRY(S2N_ERR_HMAC_INVALID_ALGORITHM, "invalid HMAC algorithm") \
155 : 2 : ERR_ENTRY(S2N_ERR_HKDF_OUTPUT_SIZE, "invalid HKDF output size") \
156 : 2 : ERR_ENTRY(S2N_ERR_HKDF, "error generating HKDF output") \
157 : 2 : ERR_ENTRY(S2N_ERR_ALERT_PRESENT, "TLS alert is already pending") \
158 : 2 : ERR_ENTRY(S2N_ERR_HANDSHAKE_STATE, "Invalid handshake state encountered") \
159 : 2 : ERR_ENTRY(S2N_ERR_SHUTDOWN_PAUSED, "s2n_shutdown() called while paused") \
160 : 2 : ERR_ENTRY(S2N_ERR_SIZE_MISMATCH, "size mismatch") \
161 : 2 : ERR_ENTRY(S2N_ERR_DRBG, "Error using Deterministic Random Bit Generator") \
162 : 2 : ERR_ENTRY(S2N_ERR_DRBG_REQUEST_SIZE, "Request for too much entropy") \
163 : 2 : ERR_ENTRY(S2N_ERR_KEY_CHECK, "Invalid key") \
164 : 2 : ERR_ENTRY(S2N_ERR_CIPHER_TYPE, "Unknown cipher type used") \
165 : 2 : ERR_ENTRY(S2N_ERR_MAP_DUPLICATE, "Duplicate map key inserted") \
166 : 2 : ERR_ENTRY(S2N_ERR_MAP_IMMUTABLE, "Attempt to update an immutable map") \
167 : 2 : ERR_ENTRY(S2N_ERR_MAP_MUTABLE, "Attempt to lookup a mutable map") \
168 : 2 : ERR_ENTRY(S2N_ERR_MAP_INVALID_MAP_SIZE, "Attempt to create a map with 0 capacity") \
169 : 2 : ERR_ENTRY(S2N_ERR_INITIAL_HMAC, "error calling EVP_CIPHER_CTX_ctrl for composite cbc cipher") \
170 : 2 : ERR_ENTRY(S2N_ERR_INVALID_NONCE_TYPE, "Invalid AEAD nonce type") \
171 : 2 : ERR_ENTRY(S2N_ERR_UNIMPLEMENTED, "Unimplemented feature") \
172 : 2 : ERR_ENTRY(S2N_ERR_HANDSHAKE_UNREACHABLE, "Unreachable handshake state machine handler invoked") \
173 : 2 : ERR_ENTRY(S2N_ERR_READ, "error calling read") \
174 : 2 : ERR_ENTRY(S2N_ERR_WRITE, "error calling write") \
175 : 2 : ERR_ENTRY(S2N_ERR_BAD_FD, "Invalid file descriptor") \
176 : 2 : ERR_ENTRY(S2N_ERR_RDRAND_FAILED, "Error executing rdrand instruction") \
177 : 2 : ERR_ENTRY(S2N_ERR_FAILED_CACHE_RETRIEVAL, "Failed cache retrieval") \
178 : 2 : ERR_ENTRY(S2N_ERR_X509_TRUST_STORE, "Error initializing trust store") \
179 : 2 : ERR_ENTRY(S2N_ERR_UNKNOWN_PROTOCOL_VERSION, "Error determining client protocol version") \
180 : 2 : ERR_ENTRY(S2N_ERR_NULL_CN_NAME, "Error parsing CN names") \
181 : 2 : ERR_ENTRY(S2N_ERR_NULL_SANS, "Error parsing SANS") \
182 : 2 : ERR_ENTRY(S2N_ERR_CLIENT_HELLO_VERSION, "Could not get client hello version") \
183 : 2 : ERR_ENTRY(S2N_ERR_CLIENT_PROTOCOL_VERSION, "Could not get client protocol version") \
184 : 2 : ERR_ENTRY(S2N_ERR_SERVER_PROTOCOL_VERSION, "Could not get server protocol version") \
185 : 2 : ERR_ENTRY(S2N_ERR_ACTUAL_PROTOCOL_VERSION, "Could not get actual protocol version") \
186 : 2 : ERR_ENTRY(S2N_ERR_POLLING_FROM_SOCKET, "Error polling from socket") \
187 : 2 : ERR_ENTRY(S2N_ERR_RECV_STUFFER_FROM_CONN, "Error receiving stuffer from connection") \
188 : 2 : ERR_ENTRY(S2N_ERR_SEND_STUFFER_TO_CONN, "Error sending stuffer to connection") \
189 : 2 : ERR_ENTRY(S2N_ERR_PRECONDITION_VIOLATION, "Precondition violation") \
190 : 2 : ERR_ENTRY(S2N_ERR_POSTCONDITION_VIOLATION, "Postcondition violation") \
191 : 2 : ERR_ENTRY(S2N_ERR_INTEGER_OVERFLOW, "Integer overflow violation") \
192 : 2 : ERR_ENTRY(S2N_ERR_ARRAY_INDEX_OOB, "Array index out of bounds") \
193 : 2 : ERR_ENTRY(S2N_ERR_FREE_STATIC_BLOB, "Cannot free a static blob") \
194 : 2 : ERR_ENTRY(S2N_ERR_RESIZE_STATIC_BLOB, "Cannot resize a static blob") \
195 : 2 : ERR_ENTRY(S2N_ERR_RECORD_LENGTH_TOO_LARGE, "Record length exceeds protocol version maximum") \
196 : 2 : ERR_ENTRY(S2N_ERR_SET_DUPLICATE_VALUE, "Set already contains the provided value") \
197 : 2 : ERR_ENTRY(S2N_ERR_ASYNC_CALLBACK_FAILED, "Callback associated with async private keys function has failed") \
198 : 2 : ERR_ENTRY(S2N_ERR_ASYNC_MORE_THAN_ONE, "Only one asynchronous operation can be in-progress at the same time") \
199 : 2 : ERR_ENTRY(S2N_ERR_NO_ALERT, "No Alert present") \
200 : 2 : ERR_ENTRY(S2N_ERR_SERVER_MODE, "Operation not allowed in server mode") \
201 : 2 : ERR_ENTRY(S2N_ERR_CLIENT_MODE, "Operation not allowed in client mode") \
202 : 2 : ERR_ENTRY(S2N_ERR_CLIENT_MODE_DISABLED, "client connections not allowed") \
203 : 2 : ERR_ENTRY(S2N_ERR_TOO_MANY_CERTIFICATES, "only 1 certificate is supported in client mode") \
204 : 2 : ERR_ENTRY(S2N_ERR_TOO_MANY_SIGNATURE_SCHEMES, "Max supported length of SignatureAlgorithms/SignatureSchemes list is 128") \
205 : 2 : ERR_ENTRY(S2N_ERR_CLIENT_AUTH_NOT_SUPPORTED_IN_FIPS_MODE, "Client Auth is not supported when in FIPS mode") \
206 : 2 : ERR_ENTRY(S2N_ERR_INVALID_BASE64, "invalid base64 encountered") \
207 : 2 : ERR_ENTRY(S2N_ERR_INVALID_HEX, "invalid HEX encountered") \
208 : 2 : ERR_ENTRY(S2N_ERR_INVALID_PEM, "invalid PEM encountered") \
209 : 2 : ERR_ENTRY(S2N_ERR_DH_PARAMS_CREATE, "error creating Diffie-Hellman parameters") \
210 : 2 : ERR_ENTRY(S2N_ERR_DH_TOO_SMALL, "Diffie-Hellman parameters are too small") \
211 : 2 : ERR_ENTRY(S2N_ERR_DH_PARAMETER_CHECK, "Diffie-Hellman parameter check failed") \
212 : 2 : ERR_ENTRY(S2N_ERR_INVALID_PKCS3, "invalid PKCS3 encountered") \
213 : 2 : ERR_ENTRY(S2N_ERR_NO_CERTIFICATE_IN_PEM, "No certificate in PEM") \
214 : 2 : ERR_ENTRY(S2N_ERR_SERVER_NAME_TOO_LONG, "server name is too long") \
215 : 3 : ERR_ENTRY(S2N_ERR_NUM_DEFAULT_CERTIFICATES, "exceeded max default certificates or provided no default") \
216 : 3 : ERR_ENTRY(S2N_ERR_MULTIPLE_DEFAULT_CERTIFICATES_PER_AUTH_TYPE, "setting multiple default certificates per auth type is not allowed") \
217 : 3 : ERR_ENTRY(S2N_ERR_INVALID_CIPHER_PREFERENCES, "Invalid Cipher Preferences version") \
218 : 2 : ERR_ENTRY(S2N_ERR_INVALID_APPLICATION_PROTOCOL, "The supplied application protocol name is invalid") \
219 : 2 : ERR_ENTRY(S2N_ERR_KEY_MISMATCH, "public and private key do not match") \
220 : 2 : ERR_ENTRY(S2N_ERR_SEND_SIZE, "Retried s2n_send() size is invalid") \
221 : 2 : ERR_ENTRY(S2N_ERR_CORK_SET_ON_UNMANAGED, "Attempt to set connection cork management on unmanaged IO") \
222 : 2 : ERR_ENTRY(S2N_ERR_UNRECOGNIZED_EXTENSION, "TLS extension not recognized") \
223 : 2 : ERR_ENTRY(S2N_ERR_EXTENSION_NOT_RECEIVED, "The TLS extension was not received") \
224 : 2 : ERR_ENTRY(S2N_ERR_INVALID_SCT_LIST, "SCT list is invalid") \
225 : 2 : ERR_ENTRY(S2N_ERR_INVALID_OCSP_RESPONSE, "OCSP response is invalid") \
226 : 2 : ERR_ENTRY(S2N_ERR_UPDATING_EXTENSION, "Updating extension data failed") \
227 : 2 : ERR_ENTRY(S2N_ERR_INVALID_SERIALIZED_SESSION_STATE, "Serialized session state is not in valid format") \
228 : 2 : ERR_ENTRY(S2N_ERR_SERIALIZED_SESSION_STATE_TOO_LONG, "Serialized session state is too long") \
229 : 2 : ERR_ENTRY(S2N_ERR_SESSION_ID_TOO_LONG, "Session id is too long") \
230 : 2 : ERR_ENTRY(S2N_ERR_CLIENT_AUTH_NOT_SUPPORTED_IN_SESSION_RESUMPTION_MODE, "Client Auth is not supported in session resumption mode") \
231 : 2 : ERR_ENTRY(S2N_ERR_INVALID_TICKET_KEY_LENGTH, "Session ticket key length cannot be zero") \
232 : 2 : ERR_ENTRY(S2N_ERR_INVALID_TICKET_KEY_NAME_OR_NAME_LENGTH, "Session ticket key name should be unique and the name length cannot be zero") \
233 : 2 : ERR_ENTRY(S2N_ERR_TICKET_KEY_NOT_UNIQUE, "Cannot add session ticket key because it was added before") \
234 : 2 : ERR_ENTRY(S2N_ERR_TICKET_KEY_LIMIT, "Limit reached for unexpired session ticket keys") \
235 : 2 : ERR_ENTRY(S2N_ERR_NO_TICKET_ENCRYPT_DECRYPT_KEY, "No key in encrypt-decrypt state is available to encrypt session ticket") \
236 : 2 : ERR_ENTRY(S2N_ERR_ENCRYPT_DECRYPT_KEY_SELECTION_FAILED, "Failed to select a key from keys in encrypt-decrypt state") \
237 : 2 : ERR_ENTRY(S2N_ERR_KEY_USED_IN_SESSION_TICKET_NOT_FOUND, "Key used in already assigned session ticket not found for decryption") \
238 : 2 : ERR_ENTRY(S2N_ERR_SENDING_NST, "Error in session ticket status encountered before sending NST") \
239 : 2 : ERR_ENTRY(S2N_ERR_INVALID_DYNAMIC_THRESHOLD, "invalid dynamic record threshold") \
240 : 2 : ERR_ENTRY(S2N_ERR_INVALID_ARGUMENT, "invalid argument provided into a function call") \
241 : 2 : ERR_ENTRY(S2N_ERR_NOT_IN_UNIT_TEST, "Illegal configuration, can only be used during unit tests") \
242 : 2 : ERR_ENTRY(S2N_ERR_NOT_IN_TEST, "Illegal configuration, can only be used during unit or integration tests") \
243 : 2 : ERR_ENTRY(S2N_ERR_UNSUPPORTED_CPU, "Unsupported CPU architecture") \
244 : 2 : ERR_ENTRY(S2N_ERR_SESSION_ID_TOO_SHORT, "Session id is too short") \
245 : 2 : ERR_ENTRY(S2N_ERR_CONNECTION_CACHING_DISALLOWED, "This connection is not allowed to be cached") \
246 : 2 : ERR_ENTRY(S2N_ERR_SESSION_TICKET_NOT_SUPPORTED, "Session ticket not supported for this connection") \
247 : 2 : ERR_ENTRY(S2N_ERR_OCSP_NOT_SUPPORTED, "OCSP stapling was requested, but is not supported") \
248 : 2 : ERR_ENTRY(S2N_ERR_INVALID_SIGNATURE_ALGORITHMS_PREFERENCES, "Invalid signature algorithms preferences version") \
249 : 2 : ERR_ENTRY(S2N_ERR_RSA_PSS_NOT_SUPPORTED, "RSA-PSS signing not supported by underlying libcrypto implementation") \
250 : 2 : ERR_ENTRY(S2N_ERR_MAX_INNER_PLAINTEXT_SIZE, "Inner plaintext size exceeds limit") \
251 : 2 : ERR_ENTRY(S2N_ERR_INVALID_ECC_PREFERENCES, "Invalid ecc curves preferences version") \
252 : 2 : ERR_ENTRY(S2N_ERR_RECORD_STUFFER_SIZE, "Record stuffer out of space") \
253 : 2 : ERR_ENTRY(S2N_ERR_FRAGMENT_LENGTH_TOO_SMALL, "Fragment length is too small") \
254 : 2 : ERR_ENTRY(S2N_ERR_FRAGMENT_LENGTH_TOO_LARGE, "Fragment length is too large") \
255 : 2 : ERR_ENTRY(S2N_ERR_RECORD_STUFFER_NEEDS_DRAINING, "Record stuffer needs to be drained first") \
256 : 2 : ERR_ENTRY(S2N_ERR_UNSUPPORTED_EXTENSION, "Illegal use of a known, supported extension") \
257 : 2 : ERR_ENTRY(S2N_ERR_MISSING_EXTENSION, "Mandatory extension not received") \
258 : 2 : ERR_ENTRY(S2N_ERR_DUPLICATE_EXTENSION, "Extension block contains two or more extensions of the same type") \
259 : 2 : ERR_ENTRY(S2N_ERR_DEPRECATED_SECURITY_POLICY, "Deprecated security policy. Please choose a different security policy.") \
260 : 2 : ERR_ENTRY(S2N_ERR_INVALID_SECURITY_POLICY, "Invalid security policy") \
261 : 2 : ERR_ENTRY(S2N_ERR_INVALID_KEM_PREFERENCES, "Invalid kem preferences version") \
262 : 2 : ERR_ENTRY(S2N_ERR_INVALID_PARSED_EXTENSIONS, "Invalid parsed extension data") \
263 : 2 : ERR_ENTRY(S2N_ERR_ASYNC_ALREADY_PERFORMED, "Async operation was already performed, cannot perform it again") \
264 : 2 : ERR_ENTRY(S2N_ERR_ASYNC_NOT_PERFORMED, "Async operation is not performed, cannot apply its result") \
265 : 2 : ERR_ENTRY(S2N_ERR_ASYNC_WRONG_CONNECTION, "Async private key operation can only be consumed by connection which initiated it") \
266 : 2 : ERR_ENTRY(S2N_ERR_ASYNC_ALREADY_APPLIED, "Async operation was already applied to connection, cannot apply it again") \
267 : 2 : ERR_ENTRY(S2N_ERR_INVALID_HELLO_RETRY, "Invalid hello retry request") \
268 : 2 : ERR_ENTRY(S2N_ERR_INVALID_STATE, "Invalid state, this is the result of invalid use of an API. Check the API documentation for the function that raised this error for more info") \
269 : 2 : ERR_ENTRY(S2N_ERR_UNSUPPORTED_WITH_QUIC, "Functionality not supported when running with QUIC support enabled") \
270 : 2 : ERR_ENTRY(S2N_ERR_PQ_CRYPTO, "An error occurred in a post-quantum crypto function") \
271 : 2 : ERR_ENTRY(S2N_ERR_DUPLICATE_PSK_IDENTITIES, "The list of pre-shared keys provided contains duplicate psk identities") \
272 : 2 : ERR_ENTRY(S2N_ERR_OFFERED_PSKS_TOO_LONG, "The total pre-shared key data is too long to send over the wire") \
273 : 2 : ERR_ENTRY(S2N_ERR_INVALID_SESSION_TICKET, "Session ticket data is not valid") \
274 : 2 : ERR_ENTRY(S2N_ERR_ZERO_LIFETIME_TICKET, "Calculated session lifetime is zero") \
275 : 2 : ERR_ENTRY(S2N_ERR_REENTRANCY, "Original execution must complete before method can be called again") \
276 : 2 : ERR_ENTRY(S2N_ERR_INVALID_CERT_STATE, "Certificate validation entered an invalid state and is not able to continue") \
277 : 2 : ERR_ENTRY(S2N_ERR_INVALID_EARLY_DATA_STATE, "Early data in invalid state") \
278 : 2 : ERR_ENTRY(S2N_ERR_EARLY_DATA_NOT_ALLOWED, "Early data is not allowed by the connection") \
279 : 2 : ERR_ENTRY(S2N_ERR_NO_CERT_FOUND, "Certificate not found") \
280 : 2 : ERR_ENTRY(S2N_ERR_NO_PRIVATE_KEY, "Certificate found, but no corresponding private key") \
281 : 2 : ERR_ENTRY(S2N_ERR_CERT_NOT_VALIDATED, "Certificate not validated") \
282 : 2 : ERR_ENTRY(S2N_ERR_MAX_EARLY_DATA_SIZE, "Maximum early data bytes exceeded") \
283 : 2 : ERR_ENTRY(S2N_ERR_EARLY_DATA_BLOCKED, "Blocked on early data") \
284 : 2 : ERR_ENTRY(S2N_ERR_PSK_MODE, "Mixing resumption and external PSKs is not supported") \
285 : 2 : ERR_ENTRY(S2N_ERR_X509_EXTENSION_VALUE_NOT_FOUND, "X509 extension value not found") \
286 : 2 : ERR_ENTRY(S2N_ERR_INVALID_X509_EXTENSION_TYPE, "Invalid X509 extension type") \
287 : 2 : ERR_ENTRY(S2N_ERR_INSUFFICIENT_MEM_SIZE, "The provided buffer size is not large enough to contain the output data. Try increasing the allocation size.") \
288 : 2 : ERR_ENTRY(S2N_ERR_KEYING_MATERIAL_EXPIRED, "The lifetime of the connection keying material has exceeded the limit. Perform a new full handshake.") \
289 : 2 : ERR_ENTRY(S2N_ERR_EARLY_DATA_TRIAL_DECRYPT, "Unable to decrypt rejected early data") \
290 : 2 : ERR_ENTRY(S2N_ERR_PKEY_CTX_INIT, "Unable to initialize the libcrypto pkey context") \
291 : 2 : ERR_ENTRY(S2N_ERR_FORK_DETECTION_INIT, "Fork detection initialization failed") \
292 : 2 : ERR_ENTRY(S2N_ERR_RETRIEVE_FORK_GENERATION_NUMBER, "Retrieving fork generation number failed") \
293 : 2 : ERR_ENTRY(S2N_ERR_SECRET_SCHEDULE_STATE, "Correct inputs to secret calculation not available") \
294 : 2 : ERR_ENTRY(S2N_ERR_LIBCRYPTO_VERSION_NUMBER_MISMATCH, "The libcrypto major version number seen at compile-time is different from the major version number seen at run-time") \
295 : 2 : ERR_ENTRY(S2N_ERR_LIBCRYPTO_VERSION_NAME_MISMATCH, "The libcrypto major version name seen at compile-time is different from the major version name seen at run-time") \
296 : 2 : ERR_ENTRY(S2N_ERR_OSSL_PROVIDER, "Failed to load or unload an openssl provider") \
297 : 2 : ERR_ENTRY(S2N_ERR_CERT_OWNERSHIP, "The ownership of the certificate chain is incompatible with the operation") \
298 : 2 : ERR_ENTRY(S2N_ERR_INTERNAL_LIBCRYPTO_ERROR, "An internal error has occurred in the libcrypto API") \
299 : 2 : ERR_ENTRY(S2N_ERR_NO_RENEGOTIATION, "Only secure, server-initiated renegotiation is supported") \
300 : 2 : ERR_ENTRY(S2N_ERR_APP_DATA_BLOCKED, "Blocked on application data during handshake") \
301 : 2 : ERR_ENTRY(S2N_ERR_KTLS_MANAGED_IO, "kTLS cannot be enabled while custom I/O is configured for the connection") \
302 : 2 : ERR_ENTRY(S2N_ERR_HANDSHAKE_NOT_COMPLETE, "Operation is only allowed after the handshake is complete") \
303 : 2 : ERR_ENTRY(S2N_ERR_KTLS_UNSUPPORTED_PLATFORM, "kTLS is unsupported on this platform") \
304 : 2 : ERR_ENTRY(S2N_ERR_KTLS_UNSUPPORTED_CONN, "kTLS is unsupported for this connection") \
305 : 2 : ERR_ENTRY(S2N_ERR_KTLS_ENABLE, "An error occurred when attempting to enable kTLS on socket. Ensure the 'tls' kernel module is enabled.") \
306 : 2 : ERR_ENTRY(S2N_ERR_KTLS_BAD_CMSG, "Error handling cmsghdr.") \
307 : 2 : ERR_ENTRY(S2N_ERR_ATOMIC, "Atomic operations in this environment would require locking") \
308 : 2 : ERR_ENTRY(S2N_ERR_TEST_ASSERTION, "Test assertion failed") \
309 : 2 : ERR_ENTRY(S2N_ERR_KTLS_RENEG, "kTLS does not support secure renegotiation") \
310 : 2 : ERR_ENTRY(S2N_ERR_KTLS_KEYUPDATE, "Received KeyUpdate from peer, but kernel does not support updating tls keys") \
311 : 2 : ERR_ENTRY(S2N_ERR_KTLS_KEY_LIMIT, "Reached key encryption limit, but kernel does not support updating tls keys") \
312 : 2 : ERR_ENTRY(S2N_ERR_UNEXPECTED_CERT_REQUEST, "Client forbids mutual authentication, but server requested a cert") \
313 : 2 : ERR_ENTRY(S2N_ERR_MISSING_CERT_REQUEST, "Client requires mutual authentication, but server did not request a cert") \
314 : 2 : ERR_ENTRY(S2N_ERR_MISSING_CLIENT_CERT, "Server requires client certificate") \
315 : 2 : ERR_ENTRY(S2N_ERR_INVALID_SERIALIZED_CONNECTION, "Serialized connection is invalid"); \
316 : 2 : ERR_ENTRY(S2N_ERR_TOO_MANY_CAS, "Too many certificate authorities in trust store"); \
317 : 2 : ERR_ENTRY(S2N_ERR_BAD_HEX, "Could not parse malformed hex string"); \
318 : 2 : ERR_ENTRY(S2N_ERR_CONFIG_NULL_BEFORE_CH_CALLBACK, "Config set to NULL before client hello callback. This should not be possible outside of tests."); \
319 : 2 : ERR_ENTRY(S2N_ERR_API_UNSUPPORTED_BY_LIBCRYPTO, "The invoked s2n-tls API is not supported by the libcrypto"); \
320 : 2 : ERR_ENTRY(S2N_ERR_FIPS_MODE_UNSUPPORTED, "FIPS mode is not supported for the libcrypto"); \
321 : : /* clang-format on */
322 : :
323 : : #define ERR_STR_CASE(ERR, str) \
324 : 275 : case ERR: \
325 : 275 : return str;
326 : : #define ERR_NAME_CASE(ERR, str) \
327 : 273 : case ERR: \
328 : 273 : return #ERR;
329 : :
330 : : const char *s2n_strerror(int error, const char *lang)
331 : 284 : {
332 [ + + ]: 284 : if (lang == NULL) {
333 : 5 : lang = "EN";
334 : 5 : }
335 : :
336 [ - + ]: 284 : if (strcasecmp(lang, "EN")) {
337 : 0 : return no_such_language;
338 : 0 : }
339 : :
340 : 284 : s2n_error err = error;
341 [ + + ]: 284 : switch (err) {
342 [ + + ][ + + ]: 275 : ERR_ENTRIES(ERR_STR_CASE)
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ]
343 : :
344 : : /* Skip block ends */
345 [ + + ]: 1 : case S2N_ERR_T_OK_END:
346 [ + + ]: 2 : case S2N_ERR_T_IO_END:
347 [ + + ]: 3 : case S2N_ERR_T_CLOSED_END:
348 [ + + ]: 4 : case S2N_ERR_T_BLOCKED_END:
349 [ + + ]: 5 : case S2N_ERR_T_ALERT_END:
350 [ + + ]: 6 : case S2N_ERR_T_PROTO_END:
351 [ + + ]: 7 : case S2N_ERR_T_INTERNAL_END:
352 [ + + ]: 8 : case S2N_ERR_T_USAGE_END:
353 : 8 : break;
354 : :
355 : : /* No default to make compiler fail on missing values */
356 : 284 : }
357 : :
358 : 9 : return no_such_error;
359 : 284 : }
360 : :
361 : : const char *s2n_strerror_name(int error)
362 : 282 : {
363 : 282 : s2n_error err = error;
364 [ + + ]: 282 : switch (err) {
365 [ + + ][ + + ]: 273 : ERR_ENTRIES(ERR_NAME_CASE)
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ][ + + ]
[ + + ]
366 : :
367 : : /* Skip block ends */
368 [ + + ]: 1 : case S2N_ERR_T_OK_END:
369 [ + + ]: 2 : case S2N_ERR_T_IO_END:
370 [ + + ]: 3 : case S2N_ERR_T_CLOSED_END:
371 [ + + ]: 4 : case S2N_ERR_T_BLOCKED_END:
372 [ + + ]: 5 : case S2N_ERR_T_ALERT_END:
373 [ + + ]: 6 : case S2N_ERR_T_PROTO_END:
374 [ + + ]: 7 : case S2N_ERR_T_INTERNAL_END:
375 [ + + ]: 8 : case S2N_ERR_T_USAGE_END:
376 : 8 : break;
377 : :
378 : : /* No default to make compiler fail on missing values */
379 : 282 : }
380 : :
381 : 9 : return no_such_error;
382 : 282 : }
383 : :
384 : : const char *s2n_strerror_debug(int error, const char *lang)
385 : 3289683 : {
386 [ + + ]: 3289683 : if (lang == NULL) {
387 : 5 : lang = "EN";
388 : 5 : }
389 : :
390 [ - + ]: 3289683 : if (strcasecmp(lang, "EN")) {
391 : 0 : return no_such_language;
392 : 0 : }
393 : :
394 : : /* No error, just return the no error string */
395 [ - + ]: 3289683 : if (error == S2N_ERR_OK) {
396 : 0 : return s2n_strerror(error, lang);
397 : 0 : }
398 : :
399 : 3289683 : return _s2n_debug_info.debug_str;
400 : 3289683 : }
401 : :
402 : : const char *s2n_strerror_source(int error)
403 : 901 : {
404 : : /* No error, just return the no error string */
405 [ - + ]: 901 : if (error == S2N_ERR_OK) {
406 : 0 : return s2n_strerror(error, "EN");
407 : 0 : }
408 : :
409 : 901 : return _s2n_debug_info.source;
410 : 901 : }
411 : :
412 : : int s2n_error_get_type(int error)
413 : 635699 : {
414 : 635699 : return (error >> S2N_ERR_NUM_VALUE_BITS);
415 : 635699 : }
416 : :
417 : : /* https://www.gnu.org/software/libc/manual/html_node/Backtraces.html */
418 : : static bool s_s2n_stack_traces_enabled = false;
419 : :
420 : : bool s2n_stack_traces_enabled()
421 : 0 : {
422 : 0 : return s_s2n_stack_traces_enabled;
423 : 0 : }
424 : :
425 : : int s2n_stack_traces_enabled_set(bool newval)
426 : 1 : {
427 : 1 : s_s2n_stack_traces_enabled = newval;
428 : 1 : return S2N_SUCCESS;
429 : 1 : }
430 : :
431 : : void s2n_debug_info_reset(void)
432 : 3288775 : {
433 : 3288775 : _s2n_debug_info.debug_str = "";
434 : 3288775 : _s2n_debug_info.source = "";
435 : 3288775 : }
436 : :
437 : : #ifdef S2N_STACKTRACE
438 : :
439 :>1844*10^16 : #define MAX_BACKTRACE_DEPTH 20
440 : : __thread struct s2n_stacktrace tl_stacktrace = { 0 };
441 : :
442 : : int s2n_free_stacktrace(void)
443 : 2 : {
444 [ + + ]: 2 : if (tl_stacktrace.trace != NULL) {
445 : 1 : free(tl_stacktrace.trace);
446 : 1 : struct s2n_stacktrace zero_stacktrace = { 0 };
447 : 1 : tl_stacktrace = zero_stacktrace;
448 : 1 : }
449 : 2 : return S2N_SUCCESS;
450 : 2 : }
451 : :
452 : : int s2n_calculate_stacktrace(void)
453 : 4568539 : {
454 [ + + ]: 4568551 : if (!s_s2n_stack_traces_enabled) {
455 : 4568551 : return S2N_SUCCESS;
456 : 4568551 : }
457 : :
458 :>1844*10^16 : int old_errno = errno;
459 [ - + ]:>1844*10^16 : POSIX_GUARD(s2n_free_stacktrace());
460 :>1844*10^16 : void *array[MAX_BACKTRACE_DEPTH];
461 :>1844*10^16 : tl_stacktrace.trace_size = backtrace(array, MAX_BACKTRACE_DEPTH);
462 :>1844*10^16 : tl_stacktrace.trace = backtrace_symbols(array, tl_stacktrace.trace_size);
463 :>1844*10^16 : errno = old_errno;
464 :>1844*10^16 : return S2N_SUCCESS;
465 :>1844*10^16 : }
466 : :
467 : : int s2n_get_stacktrace(struct s2n_stacktrace *trace)
468 : 2 : {
469 : 2 : *trace = tl_stacktrace;
470 : 2 : return S2N_SUCCESS;
471 : 2 : }
472 : :
473 : : int s2n_print_stacktrace(FILE *fptr)
474 : 1 : {
475 [ - + ]: 1 : if (!s_s2n_stack_traces_enabled) {
476 : 0 : fprintf(fptr, "%s\n%s\n",
477 : 0 : "NOTE: Some details are omitted, run with S2N_PRINT_STACKTRACE=1 for a verbose backtrace.",
478 : 0 : "See https://github.com/aws/s2n-tls/blob/main/docs/usage-guide");
479 : 0 : return S2N_SUCCESS;
480 : 0 : }
481 : :
482 : 1 : fprintf(fptr, "\nStacktrace is:\n");
483 [ + + ]: 7 : for (int i = 0; i < tl_stacktrace.trace_size; ++i) {
484 : 6 : fprintf(fptr, "%s\n", tl_stacktrace.trace[i]);
485 : 6 : }
486 : 1 : return S2N_SUCCESS;
487 : 1 : }
488 : :
489 : : #else /* !S2N_STACKTRACE */
490 : : int s2n_free_stacktrace(void)
491 : : {
492 : : S2N_ERROR(S2N_ERR_UNIMPLEMENTED);
493 : : }
494 : :
495 : : int s2n_calculate_stacktrace(void)
496 : : {
497 : : if (!s_s2n_stack_traces_enabled) {
498 : : return S2N_SUCCESS;
499 : : }
500 : :
501 : : S2N_ERROR(S2N_ERR_UNIMPLEMENTED);
502 : : }
503 : :
504 : : int s2n_get_stacktrace(struct s2n_stacktrace *trace)
505 : : {
506 : : S2N_ERROR(S2N_ERR_UNIMPLEMENTED);
507 : : }
508 : :
509 : : int s2n_print_stacktrace(FILE *fptr)
510 : : {
511 : : S2N_ERROR(S2N_ERR_UNIMPLEMENTED);
512 : : }
513 : : #endif /* S2N_STACKTRACE */
|
