boringssl/crypto/err/ssl.errordata

385 lines
15 KiB
Plaintext
Raw Normal View History

SSL,function,276,SSL_AEAD_CTX_new
SSL,function,277,SSL_AEAD_CTX_open
SSL,function,278,SSL_AEAD_CTX_seal
SSL,function,100,SSL_CTX_check_private_key
SSL,function,101,SSL_CTX_new
SSL,function,272,SSL_CTX_set1_tls_channel_id
SSL,function,102,SSL_CTX_set_cipher_list
SSL,function,103,SSL_CTX_set_cipher_list_tls11
SSL,function,104,SSL_CTX_set_session_id_context
SSL,function,268,SSL_CTX_set_tmp_dh
SSL,function,269,SSL_CTX_set_tmp_ecdh
SSL,function,105,SSL_CTX_use_PrivateKey
SSL,function,106,SSL_CTX_use_PrivateKey_ASN1
SSL,function,107,SSL_CTX_use_PrivateKey_file
SSL,function,108,SSL_CTX_use_RSAPrivateKey
SSL,function,109,SSL_CTX_use_RSAPrivateKey_ASN1
SSL,function,110,SSL_CTX_use_RSAPrivateKey_file
SSL,function,111,SSL_CTX_use_certificate
SSL,function,112,SSL_CTX_use_certificate_ASN1
SSL,function,113,SSL_CTX_use_certificate_chain_file
SSL,function,114,SSL_CTX_use_certificate_file
SSL,function,115,SSL_CTX_use_psk_identity_hint
SSL,function,116,SSL_SESSION_new
SSL,function,117,SSL_SESSION_print_fp
SSL,function,118,SSL_SESSION_set1_id_context
SSL,function,119,SSL_SESSION_to_bytes_full
SSL,function,120,SSL_accept
SSL,function,121,SSL_add_dir_cert_subjects_to_stack
SSL,function,122,SSL_add_file_cert_subjects_to_stack
SSL,function,123,SSL_check_private_key
SSL,function,124,SSL_clear
SSL,function,125,SSL_connect
SSL,function,126,SSL_do_handshake
SSL,function,127,SSL_load_client_CA_file
SSL,function,128,SSL_new
SSL,function,129,SSL_peek
SSL,function,130,SSL_read
SSL,function,131,SSL_renegotiate
SSL,function,273,SSL_set1_tls_channel_id
SSL,function,132,SSL_set_cipher_list
SSL,function,133,SSL_set_fd
SSL,function,134,SSL_set_rfd
SSL,function,135,SSL_set_session_id_context
SSL,function,274,SSL_set_tlsext_host_name
SSL,function,270,SSL_set_tmp_dh
SSL,function,271,SSL_set_tmp_ecdh
SSL,function,136,SSL_set_wfd
SSL,function,137,SSL_shutdown
SSL,function,138,SSL_use_PrivateKey
SSL,function,139,SSL_use_PrivateKey_ASN1
SSL,function,140,SSL_use_PrivateKey_file
SSL,function,141,SSL_use_RSAPrivateKey
SSL,function,142,SSL_use_RSAPrivateKey_ASN1
SSL,function,143,SSL_use_RSAPrivateKey_file
SSL,function,144,SSL_use_certificate
SSL,function,145,SSL_use_certificate_ASN1
SSL,function,146,SSL_use_certificate_file
SSL,function,147,SSL_use_psk_identity_hint
SSL,function,148,SSL_write
SSL,function,149,d2i_SSL_SESSION
SSL,function,150,d2i_SSL_SESSION_get_octet_string
SSL,function,151,d2i_SSL_SESSION_get_string
SSL,function,152,do_ssl3_write
SSL,function,153,dtls1_accept
SSL,function,154,dtls1_buffer_record
SSL,function,155,dtls1_check_timeout_num
SSL,function,156,dtls1_connect
SSL,function,157,dtls1_do_write
SSL,function,263,dtls1_get_buffered_message
SSL,function,158,dtls1_get_hello_verify
SSL,function,159,dtls1_get_message
SSL,function,160,dtls1_get_message_fragment
SSL,function,265,dtls1_hm_fragment_new
SSL,function,161,dtls1_preprocess_fragment
SSL,function,264,dtls1_process_fragment
SSL,function,162,dtls1_process_record
SSL,function,163,dtls1_read_bytes
SSL,function,279,dtls1_seal_record
SSL,function,164,dtls1_send_hello_verify_request
SSL,function,165,dtls1_write_app_data
SSL,function,166,i2d_SSL_SESSION
SSL,function,167,ssl3_accept
SSL,function,169,ssl3_cert_verify_hash
SSL,function,170,ssl3_check_cert_and_algorithm
SSL,function,171,ssl3_connect
SSL,function,172,ssl3_ctrl
SSL,function,173,ssl3_ctx_ctrl
SSL,function,174,ssl3_digest_cached_records
SSL,function,175,ssl3_do_change_cipher_spec
SSL,function,176,ssl3_expect_change_cipher_spec
SSL,function,177,ssl3_get_cert_status
SSL,function,178,ssl3_get_cert_verify
SSL,function,179,ssl3_get_certificate_request
SSL,function,180,ssl3_get_channel_id
SSL,function,181,ssl3_get_client_certificate
SSL,function,182,ssl3_get_client_hello
SSL,function,183,ssl3_get_client_key_exchange
SSL,function,184,ssl3_get_finished
SSL,function,185,ssl3_get_initial_bytes
SSL,function,186,ssl3_get_message
SSL,function,187,ssl3_get_new_session_ticket
SSL,function,188,ssl3_get_next_proto
SSL,function,189,ssl3_get_record
SSL,function,190,ssl3_get_server_certificate
SSL,function,191,ssl3_get_server_done
SSL,function,192,ssl3_get_server_hello
SSL,function,193,ssl3_get_server_key_exchange
SSL,function,194,ssl3_get_v2_client_hello
SSL,function,195,ssl3_handshake_mac
SSL,function,275,ssl3_output_cert_chain
SSL,function,196,ssl3_prf
SSL,function,197,ssl3_read_bytes
SSL,function,198,ssl3_read_n
SSL,function,267,ssl3_record_sequence_update
SSL,function,266,ssl3_seal_record
SSL,function,199,ssl3_send_cert_verify
SSL,function,200,ssl3_send_certificate_request
SSL,function,201,ssl3_send_channel_id
SSL,function,202,ssl3_send_client_certificate
SSL,function,203,ssl3_send_client_hello
SSL,function,204,ssl3_send_client_key_exchange
SSL,function,205,ssl3_send_server_certificate
SSL,function,206,ssl3_send_server_hello
SSL,function,207,ssl3_send_server_key_exchange
SSL,function,208,ssl3_setup_read_buffer
SSL,function,209,ssl3_setup_write_buffer
SSL,function,210,ssl3_write_bytes
SSL,function,211,ssl3_write_pending
SSL,function,212,ssl_add_cert_chain
SSL,function,213,ssl_add_cert_to_buf
SSL,function,214,ssl_add_clienthello_renegotiate_ext
SSL,function,215,ssl_add_clienthello_tlsext
SSL,function,216,ssl_add_clienthello_use_srtp_ext
SSL,function,217,ssl_add_serverhello_renegotiate_ext
SSL,function,218,ssl_add_serverhello_tlsext
SSL,function,219,ssl_add_serverhello_use_srtp_ext
SSL,function,220,ssl_build_cert_chain
SSL,function,221,ssl_bytes_to_cipher_list
SSL,function,222,ssl_cert_dup
SSL,function,223,ssl_cert_inst
SSL,function,224,ssl_cert_new
SSL,function,225,ssl_check_serverhello_tlsext
SSL,function,226,ssl_check_srvr_ecc_cert_and_alg
SSL,function,227,ssl_cipher_process_rulestr
SSL,function,228,ssl_cipher_strength_sort
SSL,function,229,ssl_create_cipher_list
SSL,function,230,ssl_ctx_log_master_secret
SSL,function,231,ssl_ctx_log_rsa_client_key_exchange
SSL,function,232,ssl_ctx_make_profiles
SSL,function,233,ssl_get_new_session
SSL,function,234,ssl_get_prev_session
SSL,function,235,ssl_get_server_cert_index
SSL,function,236,ssl_get_sign_pkey
SSL,function,237,ssl_init_wbio_buffer
SSL,function,238,ssl_parse_clienthello_renegotiate_ext
SSL,function,239,ssl_parse_clienthello_tlsext
SSL,function,240,ssl_parse_clienthello_use_srtp_ext
SSL,function,241,ssl_parse_serverhello_renegotiate_ext
SSL,function,242,ssl_parse_serverhello_tlsext
SSL,function,243,ssl_parse_serverhello_use_srtp_ext
SSL,function,244,ssl_scan_clienthello_tlsext
SSL,function,245,ssl_scan_serverhello_tlsext
SSL,function,246,ssl_sess_cert_new
SSL,function,247,ssl_set_cert
SSL,function,248,ssl_set_pkey
SSL,function,252,ssl_verify_cert_chain
SSL,function,253,tls12_check_peer_sigalg
SSL,function,254,tls1_aead_ctx_init
SSL,function,255,tls1_cert_verify_mac
SSL,function,256,tls1_change_cipher_state
SSL,function,257,tls1_change_cipher_state_aead
SSL,function,258,tls1_check_duplicate_extensions
SSL,function,259,tls1_enc
SSL,function,260,tls1_export_keying_material
SSL,function,261,tls1_prf
SSL,function,262,tls1_setup_key_block
SSL,reason,100,APP_DATA_IN_HANDSHAKE
SSL,reason,101,ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT
SSL,reason,102,BAD_ALERT
SSL,reason,103,BAD_CHANGE_CIPHER_SPEC
SSL,reason,104,BAD_DATA_RETURNED_BY_CALLBACK
SSL,reason,105,BAD_DH_P_LENGTH
SSL,reason,106,BAD_DIGEST_LENGTH
SSL,reason,107,BAD_ECC_CERT
SSL,reason,108,BAD_ECPOINT
SSL,reason,109,BAD_HANDSHAKE_LENGTH
SSL,reason,110,BAD_HANDSHAKE_RECORD
SSL,reason,111,BAD_HELLO_REQUEST
SSL,reason,112,BAD_LENGTH
SSL,reason,113,BAD_PACKET_LENGTH
SSL,reason,114,BAD_RSA_ENCRYPT
SSL,reason,115,BAD_SIGNATURE
SSL,reason,116,BAD_SRTP_MKI_VALUE
SSL,reason,117,BAD_SRTP_PROTECTION_PROFILE_LIST
SSL,reason,118,BAD_SSL_FILETYPE
SSL,reason,119,BAD_WRITE_RETRY
SSL,reason,120,BIO_NOT_SET
SSL,reason,121,BN_LIB
SSL,reason,272,BUFFER_TOO_SMALL
SSL,reason,122,CANNOT_SERIALIZE_PUBLIC_KEY
SSL,reason,123,CA_DN_LENGTH_MISMATCH
SSL,reason,124,CA_DN_TOO_LONG
SSL,reason,125,CCS_RECEIVED_EARLY
SSL,reason,126,CERTIFICATE_VERIFY_FAILED
SSL,reason,127,CERT_CB_ERROR
SSL,reason,128,CERT_LENGTH_MISMATCH
SSL,reason,129,CHANNEL_ID_NOT_P256
SSL,reason,130,CHANNEL_ID_SIGNATURE_INVALID
SSL,reason,131,CIPHER_CODE_WRONG_LENGTH
SSL,reason,132,CIPHER_OR_HASH_UNAVAILABLE
SSL,reason,133,CLIENTHELLO_PARSE_FAILED
SSL,reason,134,CLIENTHELLO_TLSEXT
SSL,reason,135,CONNECTION_REJECTED
SSL,reason,136,CONNECTION_TYPE_NOT_SET
SSL,reason,137,COOKIE_MISMATCH
SSL,reason,138,D2I_ECDSA_SIG
SSL,reason,139,DATA_BETWEEN_CCS_AND_FINISHED
SSL,reason,140,DATA_LENGTH_TOO_LONG
SSL,reason,141,DECODE_ERROR
SSL,reason,142,DECRYPTION_FAILED
SSL,reason,143,DECRYPTION_FAILED_OR_BAD_RECORD_MAC
SSL,reason,144,DH_PUBLIC_VALUE_LENGTH_IS_WRONG
SSL,reason,145,DIGEST_CHECK_FAILED
SSL,reason,146,DTLS_MESSAGE_TOO_BIG
SSL,reason,147,ECC_CERT_NOT_FOR_SIGNING
SSL,reason,148,EMPTY_SRTP_PROTECTION_PROFILE_LIST
Tighten up EMS resumption behaviour. The client and server both have to decide on behaviour when resuming a session where the EMS state of the session doesn't match the EMS state as exchanged in the handshake. Original handshake | No Yes ------+-------------------------------------------------------------- | R | Server: ok [1] Server: abort [3] e No | Client: ok [2] Client: abort [4] s | u | m | e | Yes | Server: don't resume No problem | Client: abort; server | shouldn't have resumed [1] Servers want to accept legacy clients. The draft[5] says that resumptions SHOULD be rejected so that Triple-Handshake can't be done, but we'll rather enforce that EMS was used when using tls-unique etc. [2] The draft[5] says that even the initial handshake should be aborted if the server doesn't support EMS, but we need to be able to talk to the world. [3] This is a very weird case where a client has regressed without flushing the session cache. Hopefully we can be strict and reject these. [4] This can happen when a server-farm shares a session cache but frontends are not all updated at once. If Chrome is strict here then hopefully we can prevent any servers from existing that will try to resume an EMS session that they don't understand. OpenSSL appears to be ok here: https://www.ietf.org/mail-archive/web/tls/current/msg16570.html [5] https://tools.ietf.org/html/draft-ietf-tls-session-hash-05#section-5.2 BUG=492200 Change-Id: Ie1225a3960d49117b05eefa5a36263d8e556e467 Reviewed-on: https://boringssl-review.googlesource.com/4981 Reviewed-by: Adam Langley <agl@google.com>
2015-06-02 18:50:35 +01:00
SSL,reason,276,EMS_STATE_INCONSISTENT
SSL,reason,149,ENCRYPTED_LENGTH_TOO_LONG
SSL,reason,150,ERROR_IN_RECEIVED_CIPHER_LIST
SSL,reason,151,EVP_DIGESTSIGNFINAL_FAILED
SSL,reason,152,EVP_DIGESTSIGNINIT_FAILED
SSL,reason,153,EXCESSIVE_MESSAGE_SIZE
SSL,reason,154,EXTRA_DATA_IN_MESSAGE
SSL,reason,271,FRAGMENT_MISMATCH
SSL,reason,155,GOT_A_FIN_BEFORE_A_CCS
SSL,reason,156,GOT_CHANNEL_ID_BEFORE_A_CCS
SSL,reason,157,GOT_NEXT_PROTO_BEFORE_A_CCS
SSL,reason,158,GOT_NEXT_PROTO_WITHOUT_EXTENSION
SSL,reason,159,HANDSHAKE_FAILURE_ON_CLIENT_HELLO
SSL,reason,160,HANDSHAKE_RECORD_BEFORE_CCS
SSL,reason,161,HTTPS_PROXY_REQUEST
SSL,reason,162,HTTP_REQUEST
SSL,reason,163,INAPPROPRIATE_FALLBACK
SSL,reason,164,INVALID_COMMAND
SSL,reason,165,INVALID_MESSAGE
SSL,reason,166,INVALID_SSL_SESSION
SSL,reason,167,INVALID_TICKET_KEYS_LENGTH
SSL,reason,168,LENGTH_MISMATCH
SSL,reason,169,LIBRARY_HAS_NO_CIPHERS
SSL,reason,170,MISSING_DH_KEY
SSL,reason,171,MISSING_ECDSA_SIGNING_CERT
SSL,reason,172,MISSING_RSA_CERTIFICATE
SSL,reason,173,MISSING_RSA_ENCRYPTING_CERT
SSL,reason,174,MISSING_RSA_SIGNING_CERT
SSL,reason,175,MISSING_TMP_DH_KEY
SSL,reason,176,MISSING_TMP_ECDH_KEY
SSL,reason,177,MIXED_SPECIAL_OPERATOR_WITH_GROUPS
SSL,reason,178,MTU_TOO_SMALL
SSL,reason,179,NESTED_GROUP
SSL,reason,180,NO_CERTIFICATES_RETURNED
SSL,reason,181,NO_CERTIFICATE_ASSIGNED
SSL,reason,182,NO_CERTIFICATE_SET
SSL,reason,183,NO_CIPHERS_AVAILABLE
SSL,reason,184,NO_CIPHERS_PASSED
SSL,reason,185,NO_CIPHERS_SPECIFIED
SSL,reason,186,NO_CIPHER_MATCH
SSL,reason,187,NO_COMPRESSION_SPECIFIED
SSL,reason,188,NO_METHOD_SPECIFIED
SSL,reason,189,NO_P256_SUPPORT
SSL,reason,190,NO_PRIVATE_KEY_ASSIGNED
SSL,reason,191,NO_RENEGOTIATION
SSL,reason,192,NO_REQUIRED_DIGEST
SSL,reason,193,NO_SHARED_CIPHER
SSL,reason,194,NO_SHARED_SIGATURE_ALGORITHMS
SSL,reason,195,NO_SRTP_PROFILES
SSL,reason,196,NULL_SSL_CTX
SSL,reason,197,NULL_SSL_METHOD_PASSED
SSL,reason,198,OLD_SESSION_CIPHER_NOT_RETURNED
SSL,reason,273,OLD_SESSION_VERSION_NOT_RETURNED
SSL,reason,274,OUTPUT_ALIASES_INPUT
SSL,reason,199,PACKET_LENGTH_TOO_LONG
SSL,reason,200,PARSE_TLSEXT
SSL,reason,201,PATH_TOO_LONG
SSL,reason,202,PEER_DID_NOT_RETURN_A_CERTIFICATE
SSL,reason,203,PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE
SSL,reason,204,PROTOCOL_IS_SHUTDOWN
SSL,reason,205,PSK_IDENTITY_NOT_FOUND
SSL,reason,206,PSK_NO_CLIENT_CB
SSL,reason,207,PSK_NO_SERVER_CB
SSL,reason,208,READ_BIO_NOT_SET
SSL,reason,209,READ_TIMEOUT_EXPIRED
SSL,reason,210,RECORD_LENGTH_MISMATCH
SSL,reason,211,RECORD_TOO_LARGE
SSL,reason,212,RENEGOTIATE_EXT_TOO_LONG
SSL,reason,213,RENEGOTIATION_ENCODING_ERR
SSL,reason,214,RENEGOTIATION_MISMATCH
SSL,reason,215,REQUIRED_CIPHER_MISSING
Tighten up EMS resumption behaviour. The client and server both have to decide on behaviour when resuming a session where the EMS state of the session doesn't match the EMS state as exchanged in the handshake. Original handshake | No Yes ------+-------------------------------------------------------------- | R | Server: ok [1] Server: abort [3] e No | Client: ok [2] Client: abort [4] s | u | m | e | Yes | Server: don't resume No problem | Client: abort; server | shouldn't have resumed [1] Servers want to accept legacy clients. The draft[5] says that resumptions SHOULD be rejected so that Triple-Handshake can't be done, but we'll rather enforce that EMS was used when using tls-unique etc. [2] The draft[5] says that even the initial handshake should be aborted if the server doesn't support EMS, but we need to be able to talk to the world. [3] This is a very weird case where a client has regressed without flushing the session cache. Hopefully we can be strict and reject these. [4] This can happen when a server-farm shares a session cache but frontends are not all updated at once. If Chrome is strict here then hopefully we can prevent any servers from existing that will try to resume an EMS session that they don't understand. OpenSSL appears to be ok here: https://www.ietf.org/mail-archive/web/tls/current/msg16570.html [5] https://tools.ietf.org/html/draft-ietf-tls-session-hash-05#section-5.2 BUG=492200 Change-Id: Ie1225a3960d49117b05eefa5a36263d8e556e467 Reviewed-on: https://boringssl-review.googlesource.com/4981 Reviewed-by: Adam Langley <agl@google.com>
2015-06-02 18:50:35 +01:00
SSL,reason,275,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION
SSL,reason,277,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION
SSL,reason,216,SCSV_RECEIVED_WHEN_RENEGOTIATING
SSL,reason,217,SERVERHELLO_TLSEXT
SSL,reason,218,SESSION_ID_CONTEXT_UNINITIALIZED
SSL,reason,219,SESSION_MAY_NOT_BE_CREATED
SSL,reason,220,SIGNATURE_ALGORITHMS_ERROR
SSL,reason,221,SRTP_COULD_NOT_ALLOCATE_PROFILES
SSL,reason,222,SRTP_PROTECTION_PROFILE_LIST_TOO_LONG
SSL,reason,223,SRTP_UNKNOWN_PROTECTION_PROFILE
SSL,reason,224,SSL3_EXT_INVALID_SERVERNAME
SSL,reason,225,SSL3_EXT_INVALID_SERVERNAME_TYPE
SSL,reason,1042,SSLV3_ALERT_BAD_CERTIFICATE
SSL,reason,1020,SSLV3_ALERT_BAD_RECORD_MAC
SSL,reason,1045,SSLV3_ALERT_CERTIFICATE_EXPIRED
SSL,reason,1044,SSLV3_ALERT_CERTIFICATE_REVOKED
SSL,reason,1046,SSLV3_ALERT_CERTIFICATE_UNKNOWN
SSL,reason,1000,SSLV3_ALERT_CLOSE_NOTIFY
SSL,reason,1030,SSLV3_ALERT_DECOMPRESSION_FAILURE
SSL,reason,1040,SSLV3_ALERT_HANDSHAKE_FAILURE
SSL,reason,1047,SSLV3_ALERT_ILLEGAL_PARAMETER
SSL,reason,1041,SSLV3_ALERT_NO_CERTIFICATE
SSL,reason,1010,SSLV3_ALERT_UNEXPECTED_MESSAGE
SSL,reason,1043,SSLV3_ALERT_UNSUPPORTED_CERTIFICATE
SSL,reason,226,SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION
SSL,reason,227,SSL_HANDSHAKE_FAILURE
SSL,reason,228,SSL_SESSION_ID_CALLBACK_FAILED
SSL,reason,229,SSL_SESSION_ID_CONFLICT
SSL,reason,230,SSL_SESSION_ID_CONTEXT_TOO_LONG
SSL,reason,231,SSL_SESSION_ID_HAS_BAD_LENGTH
SSL,reason,1049,TLSV1_ALERT_ACCESS_DENIED
SSL,reason,1050,TLSV1_ALERT_DECODE_ERROR
SSL,reason,1021,TLSV1_ALERT_DECRYPTION_FAILED
SSL,reason,1051,TLSV1_ALERT_DECRYPT_ERROR
SSL,reason,1060,TLSV1_ALERT_EXPORT_RESTRICTION
SSL,reason,1086,TLSV1_ALERT_INAPPROPRIATE_FALLBACK
SSL,reason,1071,TLSV1_ALERT_INSUFFICIENT_SECURITY
SSL,reason,1080,TLSV1_ALERT_INTERNAL_ERROR
SSL,reason,1100,TLSV1_ALERT_NO_RENEGOTIATION
SSL,reason,1070,TLSV1_ALERT_PROTOCOL_VERSION
SSL,reason,1022,TLSV1_ALERT_RECORD_OVERFLOW
SSL,reason,1048,TLSV1_ALERT_UNKNOWN_CA
SSL,reason,1090,TLSV1_ALERT_USER_CANCELLED
SSL,reason,1114,TLSV1_BAD_CERTIFICATE_HASH_VALUE
SSL,reason,1113,TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE
SSL,reason,1111,TLSV1_CERTIFICATE_UNOBTAINABLE
SSL,reason,1112,TLSV1_UNRECOGNIZED_NAME
SSL,reason,1110,TLSV1_UNSUPPORTED_EXTENSION
SSL,reason,232,TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER
SSL,reason,233,TLS_ILLEGAL_EXPORTER_LABEL
SSL,reason,234,TLS_INVALID_ECPOINTFORMAT_LIST
SSL,reason,235,TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST
SSL,reason,236,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG
SSL,reason,237,TOO_MANY_EMPTY_FRAGMENTS
SSL,reason,238,UNABLE_TO_FIND_ECDH_PARAMETERS
SSL,reason,239,UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS
SSL,reason,240,UNEXPECTED_GROUP_CLOSE
SSL,reason,241,UNEXPECTED_MESSAGE
SSL,reason,242,UNEXPECTED_OPERATOR_IN_GROUP
SSL,reason,243,UNEXPECTED_RECORD
SSL,reason,244,UNINITIALIZED
SSL,reason,245,UNKNOWN_ALERT_TYPE
SSL,reason,246,UNKNOWN_CERTIFICATE_TYPE
SSL,reason,247,UNKNOWN_CIPHER_RETURNED
SSL,reason,248,UNKNOWN_CIPHER_TYPE
SSL,reason,249,UNKNOWN_DIGEST
SSL,reason,250,UNKNOWN_KEY_EXCHANGE_TYPE
SSL,reason,251,UNKNOWN_PROTOCOL
SSL,reason,252,UNKNOWN_SSL_VERSION
SSL,reason,253,UNKNOWN_STATE
SSL,reason,254,UNPROCESSED_HANDSHAKE_DATA
SSL,reason,255,UNSAFE_LEGACY_RENEGOTIATION_DISABLED
SSL,reason,256,UNSUPPORTED_CIPHER
SSL,reason,257,UNSUPPORTED_COMPRESSION_ALGORITHM
SSL,reason,258,UNSUPPORTED_ELLIPTIC_CURVE
SSL,reason,259,UNSUPPORTED_PROTOCOL
SSL,reason,260,UNSUPPORTED_SSL_VERSION
SSL,reason,261,USE_SRTP_NOT_NEGOTIATED
SSL,reason,262,WRONG_CERTIFICATE_TYPE
SSL,reason,263,WRONG_CIPHER_RETURNED
SSL,reason,264,WRONG_CURVE
SSL,reason,265,WRONG_MESSAGE_TYPE
SSL,reason,266,WRONG_SIGNATURE_TYPE
SSL,reason,267,WRONG_SSL_VERSION
SSL,reason,268,WRONG_VERSION_NUMBER
SSL,reason,269,X509_LIB
SSL,reason,270,X509_VERIFICATION_SETUP_PROBLEMS