aboutsummaryrefslogblamecommitdiffstats
path: root/lib/ssl/src/ssl_alert.erl
blob: 8b393468eac1dd0aa5616179ea5a07c24efcbc30 (plain) (tree)
1
2
3
4
5
6
7
8
9
10

                   
  
                                                        
  




                                                                      
  



                                                                         
  














                                                                           
                             
 
                                                
 


                                                                      









                                                                      
                                                                      
                                                                          




                                                                      

                                                      
                                                    
                                              
 





                                                                      



                                                                                  


                                                                      





                                 
                   
                                       
                         
                                   
                     
                                      
                        
                                    
                      
                                          
                            
                                      
                        

                                            
                                    
                      
                                            
                              
                                        
                          
                                        
                          
                                        
                          
                                      
                        
                               
                 
                                  
                    
                                 
                   
                                  
                    
                                       
                         
                                     
                       
                                          
                            
                                   
                     
                                  
                    
                                     
                       









                                                    
                                         


                                                                          
%%
%% %CopyrightBegin%
%%
%% Copyright Ericsson AB 2007-2014. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
%%
%% %CopyrightEnd%
%%

%%
%%----------------------------------------------------------------------
%% Purpose: Handles an ssl connection, e.i. both the setup
%% e.i. SSL-Handshake, SSL-Alert and SSL-Cipher protocols and delivering
%% data to the application. All data on the connectinon is received and 
%% sent according to the SSL-record protocol.  
%% %%----------------------------------------------------------------------

-module(ssl_alert).

-include("ssl_alert.hrl").
-include("ssl_record.hrl").
-include("ssl_internal.hrl").

-export([encode/3, alert_txt/1, reason_code/2]).

%%====================================================================
%% Internal application API
%%====================================================================

%%--------------------------------------------------------------------
-spec encode(#alert{}, tls_version(), #connection_states{}) -> 
		    {iolist(), #connection_states{}}.
%%
%% Description: 
%%--------------------------------------------------------------------
encode(#alert{} = Alert, Version, ConnectionStates) ->
    ssl_record:encode_alert_record(Alert, Version, ConnectionStates).

%%--------------------------------------------------------------------
-spec reason_code(#alert{}, client | server) -> closed | {essl, string()}.
%%
%% Description: Returns the error reason that will be returned to the
%% user.
%%--------------------------------------------------------------------

reason_code(#alert{description = ?CLOSE_NOTIFY}, _) ->
    closed;
reason_code(#alert{description = Description}, _) ->
    {tls_alert, description_txt(Description)}.

%%--------------------------------------------------------------------
-spec alert_txt(#alert{}) -> string().
%%
%% Description: Returns the error string for given alert.
%%--------------------------------------------------------------------

alert_txt(#alert{level = Level, description = Description, where = {Mod,Line}}) ->
    Mod ++ ":" ++ integer_to_list(Line) ++ ":" ++ 
	level_txt(Level) ++" "++ description_txt(Description).

%%--------------------------------------------------------------------
%%% Internal functions
%%--------------------------------------------------------------------
level_txt(?WARNING) ->
    "Warning:";
level_txt(?FATAL) ->
    "Fatal error:".

description_txt(?CLOSE_NOTIFY) ->
    "close notify";
description_txt(?UNEXPECTED_MESSAGE) ->
    "unexpected message";
description_txt(?BAD_RECORD_MAC) ->
    "bad record mac";
description_txt(?DECRYPTION_FAILED) ->
    "decryption failed";
description_txt(?RECORD_OVERFLOW) ->
    "record overflow";
description_txt(?DECOMPRESSION_FAILURE) ->
    "decompression failure";
description_txt(?HANDSHAKE_FAILURE) ->
    "handshake failure";
description_txt(?NO_CERTIFICATE_RESERVED) ->
    "No certificate reserved";
description_txt(?BAD_CERTIFICATE) ->
    "bad certificate";
description_txt(?UNSUPPORTED_CERTIFICATE) ->
    "unsupported certificate";
description_txt(?CERTIFICATE_REVOKED) ->
    "certificate revoked";
description_txt(?CERTIFICATE_EXPIRED) ->
    "certificate expired";
description_txt(?CERTIFICATE_UNKNOWN) ->
    "certificate unknown";
description_txt(?ILLEGAL_PARAMETER) ->
    "illegal parameter";
description_txt(?UNKNOWN_CA) ->
    "unknown ca";
description_txt(?ACCESS_DENIED) ->
    "access denied";
description_txt(?DECODE_ERROR) ->
    "decode error";
description_txt(?DECRYPT_ERROR) ->
    "decrypt error";
description_txt(?EXPORT_RESTRICTION) ->
    "export restriction";
description_txt(?PROTOCOL_VERSION) ->
    "protocol version";
description_txt(?INSUFFICIENT_SECURITY) ->
    "insufficient security";
description_txt(?INTERNAL_ERROR) ->
    "internal error";
description_txt(?USER_CANCELED) ->
    "user canceled";
description_txt(?NO_RENEGOTIATION) ->
    "no renegotiation";
description_txt(?UNSUPPORTED_EXTENSION) ->
    "unsupported extension";
description_txt(?CERTIFICATE_UNOBTAINABLE) ->
    "certificate unobtainable";
description_txt(?UNRECOGNISED_NAME) ->
    "unrecognised name";
description_txt(?BAD_CERTIFICATE_STATUS_RESPONSE) ->
    "bad certificate status response";
description_txt(?BAD_CERTIFICATE_HASH_VALUE) ->
    "bad certificate hash value";
description_txt(?UNKNOWN_PSK_IDENTITY) ->
    "unknown psk identity";
description_txt(Enum) ->
    lists:flatten(io_lib:format("unsupported/unknown alert: ~p", [Enum])).