Update per latest manual pages after running 'man-update'.
[dragonfly.git] / secure / lib / libssl / man / SSL_alert_type_string.3
CommitLineData
a7d27d5a
JR
1.rn '' }`
2''' $RCSfile$$Revision$$Date$
3'''
4''' $Log$
5'''
6.de Sh
984263bc
MD
7.br
8.if t .Sp
9.ne 5
10.PP
11\fB\\$1\fR
12.PP
13..
a7d27d5a 14.de Sp
984263bc
MD
15.if t .sp .5v
16.if n .sp
17..
a7d27d5a 18.de Ip
984263bc
MD
19.br
20.ie \\n(.$>=3 .ne \\$3
21.el .ne 3
22.IP "\\$1" \\$2
23..
a7d27d5a 24.de Vb
984263bc
MD
25.ft CW
26.nf
27.ne \\$1
28..
a7d27d5a 29.de Ve
984263bc
MD
30.ft R
31
32.fi
33..
a7d27d5a
JR
34'''
35'''
36''' Set up \*(-- to give an unbreakable dash;
37''' string Tr holds user defined translation string.
38''' Bell System Logo is used as a dummy character.
39'''
984263bc 40.tr \(*W-|\(bv\*(Tr
984263bc 41.ie n \{\
a7d27d5a
JR
42.ds -- \(*W-
43.ds PI pi
44.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
45.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
46.ds L" ""
47.ds R" ""
48''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
49''' \*(L" and \*(R", except that they are used on ".xx" lines,
50''' such as .IP and .SH, which do another additional levels of
51''' double-quote interpretation
52.ds M" """
53.ds S" """
54.ds N" """""
55.ds T" """""
56.ds L' '
57.ds R' '
58.ds M' '
59.ds S' '
60.ds N' '
61.ds T' '
984263bc
MD
62'br\}
63.el\{\
a7d27d5a
JR
64.ds -- \(em\|
65.tr \*(Tr
66.ds L" ``
67.ds R" ''
68.ds M" ``
69.ds S" ''
70.ds N" ``
71.ds T" ''
72.ds L' `
73.ds R' '
74.ds M' `
75.ds S' '
76.ds N' `
77.ds T' '
78.ds PI \(*p
984263bc 79'br\}
a7d27d5a
JR
80.\" If the F register is turned on, we'll generate
81.\" index entries out stderr for the following things:
82.\" TH Title
83.\" SH Header
84.\" Sh Subsection
85.\" Ip Item
86.\" X<> Xref (embedded
87.\" Of course, you have to process the output yourself
88.\" in some meaninful fashion.
89.if \nF \{
90.de IX
91.tm Index:\\$1\t\\n%\t"\\$2"
984263bc 92..
a7d27d5a
JR
93.nr % 0
94.rr F
984263bc 95.\}
a7d27d5a
JR
96.TH SSL_alert_type_string 3 "0.9.7d" "2/Sep/2004" "OpenSSL"
97.UC
98.if n .hy 0
984263bc 99.if n .na
a7d27d5a
JR
100.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
101.de CQ \" put $1 in typewriter font
102.ft CW
103'if n "\c
104'if t \\&\\$1\c
105'if n \\&\\$1\c
106'if n \&"
107\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
108'.ft R
109..
110.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
111. \" AM - accent mark definitions
984263bc 112.bd B 3
a7d27d5a 113. \" fudge factors for nroff and troff
984263bc 114.if n \{\
a7d27d5a
JR
115. ds #H 0
116. ds #V .8m
117. ds #F .3m
118. ds #[ \f1
119. ds #] \fP
984263bc
MD
120.\}
121.if t \{\
a7d27d5a
JR
122. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
123. ds #V .6m
124. ds #F 0
125. ds #[ \&
126. ds #] \&
984263bc 127.\}
a7d27d5a 128. \" simple accents for nroff and troff
984263bc 129.if n \{\
a7d27d5a
JR
130. ds ' \&
131. ds ` \&
132. ds ^ \&
133. ds , \&
134. ds ~ ~
135. ds ? ?
136. ds ! !
137. ds /
138. ds q
984263bc
MD
139.\}
140.if t \{\
a7d27d5a
JR
141. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
142. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
143. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
144. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
145. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
146. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
147. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
148. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
149. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
984263bc 150.\}
a7d27d5a 151. \" troff and (daisy-wheel) nroff accents
984263bc
MD
152.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
153.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
a7d27d5a
JR
154.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
155.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
156.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
157.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
984263bc
MD
158.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
159.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
160.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
161.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
162.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
163.ds ae a\h'-(\w'a'u*4/10)'e
164.ds Ae A\h'-(\w'A'u*4/10)'E
a7d27d5a
JR
165.ds oe o\h'-(\w'o'u*4/10)'e
166.ds Oe O\h'-(\w'O'u*4/10)'E
167. \" corrections for vroff
984263bc
MD
168.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
169.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
a7d27d5a 170. \" for low resolution devices (crt and lpr)
984263bc
MD
171.if \n(.H>23 .if \n(.V>19 \
172\{\
a7d27d5a
JR
173. ds : e
174. ds 8 ss
175. ds v \h'-1'\o'\(aa\(ga'
176. ds _ \h'-1'^
177. ds . \h'-1'.
178. ds 3 3
179. ds o a
180. ds d- d\h'-1'\(ga
181. ds D- D\h'-1'\(hy
182. ds th \o'bp'
183. ds Th \o'LP'
184. ds ae ae
185. ds Ae AE
186. ds oe oe
187. ds Oe OE
984263bc
MD
188.\}
189.rm #[ #] #H #V #F C
984263bc
MD
190.SH "NAME"
191SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long \- get textual description of alert information
192.SH "SYNOPSIS"
a7d27d5a 193.PP
984263bc
MD
194.Vb 1
195\& #include <openssl/ssl.h>
196.Ve
197.Vb 2
198\& const char *SSL_alert_type_string(int value);
199\& const char *SSL_alert_type_string_long(int value);
200.Ve
201.Vb 2
202\& const char *SSL_alert_desc_string(int value);
203\& const char *SSL_alert_desc_string_long(int value);
204.Ve
205.SH "DESCRIPTION"
a7d27d5a 206\fISSL_alert_type_string()\fR returns a one letter string indicating the
984263bc
MD
207type of the alert specified by \fBvalue\fR.
208.PP
a7d27d5a 209\fISSL_alert_type_string_long()\fR returns a string indicating the type of the alert
984263bc
MD
210specified by \fBvalue\fR.
211.PP
a7d27d5a 212\fISSL_alert_desc_string()\fR returns a two letter string as a short form
984263bc
MD
213describing the reason of the alert specified by \fBvalue\fR.
214.PP
a7d27d5a 215\fISSL_alert_desc_string_long()\fR returns a string describing the reason
984263bc
MD
216of the alert specified by \fBvalue\fR.
217.SH "NOTES"
a7d27d5a 218When one side of an SSL/TLS communication wants to inform the peer about
984263bc
MD
219a special situation, it sends an alert. The alert is sent as a special message
220and does not influence the normal data stream (unless its contents results
221in the communication being canceled).
222.PP
223A warning alert is sent, when a non-fatal error condition occurs. The
a7d27d5a
JR
224\*(L"close notify\*(R" alert is sent as a warning alert. Other examples for
225non-fatal errors are certificate errors ("certificate expired\*(R",
226\*(L"unsupported certificate"), for which a warning alert may be sent.
984263bc
MD
227(The sending party may however decide to send a fatal error.) The
228receiving side may cancel the connection on reception of a warning
229alert on it discretion.
230.PP
231Several alert messages must be sent as fatal alert messages as specified
a7d27d5a 232by the TLS RFC. A fatal alert always leads to a connection abort.
984263bc 233.SH "RETURN VALUES"
984263bc 234The following strings can occur for \fISSL_alert_type_string()\fR or
a7d27d5a
JR
235\fISSL_alert_type_string_long()\fR:
236.Ip "\*(N"'/'arning\*(T"" 4
237.Ip "\*(N"'/'atal\*(T"" 4
238.Ip "\*(N"'/'nknown\*(T"" 4
984263bc
MD
239This indicates that no support is available for this alert type.
240Probably \fBvalue\fR does not contain a correct alert message.
241.PP
242The following strings can occur for \fISSL_alert_desc_string()\fR or
a7d27d5a
JR
243\fISSL_alert_desc_string_long()\fR:
244.Ip "\*(N"\s-1CN\s'/'lose notify\*(T"" 4
984263bc 245The connection shall be closed. This is a warning alert.
a7d27d5a 246.Ip "\*(N"\s-1UM\s'/'nexpected message\*(T"" 4
984263bc
MD
247An inappropriate message was received. This alert is always fatal
248and should never be observed in communication between proper
249implementations.
a7d27d5a 250.Ip "\*(N"\s-1BM\s'/'ad record mac\*(T"" 4
984263bc 251This alert is returned if a record is received with an incorrect
a7d27d5a
JR
252\s-1MAC\s0. This message is always fatal.
253.Ip "\*(N"\s-1DF\s'/'ecompression failure\*(T"" 4
984263bc
MD
254The decompression function received improper input (e.g. data
255that would expand to excessive length). This message is always
256fatal.
a7d27d5a 257.Ip "\*(N"\s-1HF\s'/'andshake failure\*(T"" 4
984263bc
MD
258Reception of a handshake_failure alert message indicates that the
259sender was unable to negotiate an acceptable set of security
260parameters given the options available. This is a fatal error.
a7d27d5a 261.Ip "\*(N"\s-1NC\s'/'o certificate\*(T"" 4
984263bc
MD
262A client, that was asked to send a certificate, does not send a certificate
263(SSLv3 only).
a7d27d5a 264.Ip "\*(N"\s-1BC\s'/'ad certificate\*(T"" 4
984263bc
MD
265A certificate was corrupt, contained signatures that did not
266verify correctly, etc
a7d27d5a 267.Ip "\*(N"\s-1UC\s'/'nsupported certificate\*(T"" 4
984263bc 268A certificate was of an unsupported type.
a7d27d5a 269.Ip "\*(N"\s-1CR\s'/'ertificate revoked\*(T"" 4
984263bc 270A certificate was revoked by its signer.
a7d27d5a 271.Ip "\*(N"\s-1CE\s'/'ertificate expired\*(T"" 4
984263bc 272A certificate has expired or is not currently valid.
a7d27d5a 273.Ip "\*(N"\s-1CU\s'/'ertificate unknown\*(T"" 4
984263bc
MD
274Some other (unspecified) issue arose in processing the
275certificate, rendering it unacceptable.
a7d27d5a 276.Ip "\*(N"\s-1IP\s'/'llegal parameter\*(T"" 4
984263bc
MD
277A field in the handshake was out of range or inconsistent with
278other fields. This is always fatal.
a7d27d5a 279.Ip "\*(N"\s-1DC\s'/'ecryption failed\*(T"" 4
984263bc
MD
280A TLSCiphertext decrypted in an invalid way: either it wasn't an
281even multiple of the block length or its padding values, when
282checked, weren't correct. This message is always fatal.
a7d27d5a 283.Ip "\*(N"\s-1RO\s'/'ecord overflow\*(T"" 4
984263bc
MD
284A TLSCiphertext record was received which had a length more than
2852^14+2048 bytes, or a record decrypted to a TLSCompressed record
286with more than 2^14+1024 bytes. This message is always fatal.
a7d27d5a 287.Ip "\*(N"\s-1CA\s'/'nknown \s-1CA\s0\*(T"" 4
984263bc
MD
288A valid certificate chain or partial chain was received, but the
289certificate was not accepted because the \s-1CA\s0 certificate could not
290be located or couldn't be matched with a known, trusted \s-1CA\s0. This
291message is always fatal.
a7d27d5a 292.Ip "\*(N"\s-1AD\s'/'ccess denied\*(T"" 4
984263bc
MD
293A valid certificate was received, but when access control was
294applied, the sender decided not to proceed with negotiation.
295This message is always fatal.
a7d27d5a 296.Ip "\*(N"\s-1DE\s'/'ecode error\*(T"" 4
984263bc
MD
297A message could not be decoded because some field was out of the
298specified range or the length of the message was incorrect. This
299message is always fatal.
a7d27d5a 300.Ip "\*(N"\s-1CY\s'/'ecrypt error\*(T"" 4
984263bc
MD
301A handshake cryptographic operation failed, including being
302unable to correctly verify a signature, decrypt a key exchange,
303or validate a finished message.
a7d27d5a 304.Ip "\*(N"\s-1ER\s'/'xport restriction\*(T"" 4
984263bc
MD
305A negotiation not in compliance with export restrictions was
306detected; for example, attempting to transfer a 1024 bit
307ephemeral \s-1RSA\s0 key for the \s-1RSA_EXPORT\s0 handshake method. This
308message is always fatal.
a7d27d5a 309.Ip "\*(N"\s-1PV\s'/'rotocol version\*(T"" 4
984263bc
MD
310The protocol version the client has attempted to negotiate is
311recognized, but not supported. (For example, old protocol
312versions might be avoided for security reasons). This message is
313always fatal.
a7d27d5a 314.Ip "\*(N"\s-1IS\s'/'nsufficient security\*(T"" 4
984263bc
MD
315Returned instead of handshake_failure when a negotiation has
316failed specifically because the server requires ciphers more
317secure than those supported by the client. This message is always
318fatal.
a7d27d5a 319.Ip "\*(N"\s-1IE\s'/'nternal error\*(T"" 4
984263bc
MD
320An internal error unrelated to the peer or the correctness of the
321protocol makes it impossible to continue (such as a memory
322allocation failure). This message is always fatal.
a7d27d5a 323.Ip "\*(N"\s-1US\s'/'ser canceled\*(T"" 4
984263bc
MD
324This handshake is being canceled for some reason unrelated to a
325protocol failure. If the user cancels an operation after the
326handshake is complete, just closing the connection by sending a
327close_notify is more appropriate. This alert should be followed
328by a close_notify. This message is generally a warning.
a7d27d5a 329.Ip "\*(N"\s-1NR\s'/'o renegotiation\*(T"" 4
984263bc
MD
330Sent by the client in response to a hello request or by the
331server in response to a client hello after initial handshaking.
332Either of these would normally lead to renegotiation; when that
333is not appropriate, the recipient should respond with this alert;
334at that point, the original requester can decide whether to
335proceed with the connection. One case where this would be
336appropriate would be where a server has spawned a process to
337satisfy a request; the process might receive security parameters
338(key length, authentication, etc.) at startup and it might be
339difficult to communicate changes to these parameters after that
340point. This message is always a warning.
a7d27d5a 341.Ip "\*(N"\s-1UK\s'/'nknown\*(T"" 4
984263bc
MD
342This indicates that no description is available for this alert type.
343Probably \fBvalue\fR does not contain a correct alert message.
344.SH "SEE ALSO"
984263bc 345ssl(3), SSL_CTX_set_info_callback(3)
a7d27d5a
JR
346
347.rn }` ''
348.IX Title "SSL_alert_type_string 3"
349.IX Name "SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long - get textual description of alert information"
350
351.IX Header "NAME"
352
353.IX Header "SYNOPSIS"
354
355.IX Header "DESCRIPTION"
356
357.IX Header "NOTES"
358
359.IX Header "RETURN VALUES"
360
361.IX Item "\*(N"'/'arning\*(T""
362
363.IX Item "\*(N"'/'atal\*(T""
364
365.IX Item "\*(N"'/'nknown\*(T""
366
367.IX Item "\*(N"\s-1CN\s'/'lose notify\*(T""
368
369.IX Item "\*(N"\s-1UM\s'/'nexpected message\*(T""
370
371.IX Item "\*(N"\s-1BM\s'/'ad record mac\*(T""
372
373.IX Item "\*(N"\s-1DF\s'/'ecompression failure\*(T""
374
375.IX Item "\*(N"\s-1HF\s'/'andshake failure\*(T""
376
377.IX Item "\*(N"\s-1NC\s'/'o certificate\*(T""
378
379.IX Item "\*(N"\s-1BC\s'/'ad certificate\*(T""
380
381.IX Item "\*(N"\s-1UC\s'/'nsupported certificate\*(T""
382
383.IX Item "\*(N"\s-1CR\s'/'ertificate revoked\*(T""
384
385.IX Item "\*(N"\s-1CE\s'/'ertificate expired\*(T""
386
387.IX Item "\*(N"\s-1CU\s'/'ertificate unknown\*(T""
388
389.IX Item "\*(N"\s-1IP\s'/'llegal parameter\*(T""
390
391.IX Item "\*(N"\s-1DC\s'/'ecryption failed\*(T""
392
393.IX Item "\*(N"\s-1RO\s'/'ecord overflow\*(T""
394
395.IX Item "\*(N"\s-1CA\s'/'nknown \s-1CA\s0\*(T""
396
397.IX Item "\*(N"\s-1AD\s'/'ccess denied\*(T""
398
399.IX Item "\*(N"\s-1DE\s'/'ecode error\*(T""
400
401.IX Item "\*(N"\s-1CY\s'/'ecrypt error\*(T""
402
403.IX Item "\*(N"\s-1ER\s'/'xport restriction\*(T""
404
405.IX Item "\*(N"\s-1PV\s'/'rotocol version\*(T""
406
407.IX Item "\*(N"\s-1IS\s'/'nsufficient security\*(T""
408
409.IX Item "\*(N"\s-1IE\s'/'nternal error\*(T""
410
411.IX Item "\*(N"\s-1US\s'/'ser canceled\*(T""
412
413.IX Item "\*(N"\s-1NR\s'/'o renegotiation\*(T""
414
415.IX Item "\*(N"\s-1UK\s'/'nknown\*(T""
416
417.IX Header "SEE ALSO"
418