diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/00001-rpath.patch b/00001-rpath.patch index 5ab70f9..0194cdf 100644 --- a/00001-rpath.patch +++ b/00001-rpath.patch @@ -1,9 +1,10 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Wed, 13 Jan 2010 21:25:18 +0000 -Subject: [PATCH] 00001: Fixup distutils/unixccompiler.py to remove standard - library path from rpath Was Patch0 in ivazquez' python3000 specfile +Subject: 00001: Fixup distutils/unixccompiler.py to remove standard library + path from rpath +Was Patch0 in ivazquez' python3000 specfile --- Lib/distutils/unixccompiler.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/00102-lib64.patch b/00102-lib64.patch index 4567a65..1fcf747 100644 --- a/00102-lib64.patch +++ b/00102-lib64.patch @@ -1,8 +1,8 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Wed, 13 Jan 2010 21:25:18 +0000 -Subject: [PATCH] 00102: Change the various install paths to use /usr/lib64/ - instead or /usr/lib/ +Subject: 00102: Change the various install paths to use /usr/lib64/ instead or + /usr/lib/ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit diff --git a/00111-no-static-lib.patch b/00111-no-static-lib.patch index 630b6db..87ce20f 100644 --- a/00111-no-static-lib.patch +++ b/00111-no-static-lib.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Mon, 18 Jan 2010 17:59:07 +0000 -Subject: [PATCH] 00111: Don't try to build a libpythonMAJOR.MINOR.a +Subject: 00111: Don't try to build a libpythonMAJOR.MINOR.a MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit diff --git a/00132-add-rpmbuild-hooks-to-unittest.patch b/00132-add-rpmbuild-hooks-to-unittest.patch index f5db1b1..6c4393b 100644 --- a/00132-add-rpmbuild-hooks-to-unittest.patch +++ b/00132-add-rpmbuild-hooks-to-unittest.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Fri, 19 Jun 2020 16:54:05 +0200 -Subject: [PATCH] 00132: Add rpmbuild hooks to unittest +Subject: 00132: Add rpmbuild hooks to unittest Add non-standard hooks to unittest for use in the "check" phase, when running selftests within the build: diff --git a/00155-avoid-ctypes-thunks.patch b/00155-avoid-ctypes-thunks.patch index c1e06e9..a2824b2 100644 --- a/00155-avoid-ctypes-thunks.patch +++ b/00155-avoid-ctypes-thunks.patch @@ -1,8 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Fri, 19 Jun 2020 16:02:24 +0200 -Subject: [PATCH] 00155: avoid allocating thunks in ctypes unless absolutely - necessary +Subject: 00155: avoid allocating thunks in ctypes unless absolutely necessary Avoid allocating thunks in ctypes unless absolutely necessary, to avoid generating SELinux denials on "import ctypes" and "import uuid" when diff --git a/00160-disable-test_fs_holes-in-rpm-build.patch b/00160-disable-test_fs_holes-in-rpm-build.patch index ed979b8..eb3a2db 100644 --- a/00160-disable-test_fs_holes-in-rpm-build.patch +++ b/00160-disable-test_fs_holes-in-rpm-build.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Fri, 19 Jun 2020 16:57:09 +0200 -Subject: [PATCH] 00160: Disable test_fs_holes in RPM build +Subject: 00160: Disable test_fs_holes in RPM build Python 3.3 added os.SEEK_DATA and os.SEEK_HOLE, which may be present in the header files in the build chroot, but may not be supported in the running diff --git a/00163-disable-parts-of-test_socket-in-rpm-build.patch b/00163-disable-parts-of-test_socket-in-rpm-build.patch index 13b7428..f42eac7 100644 --- a/00163-disable-parts-of-test_socket-in-rpm-build.patch +++ b/00163-disable-parts-of-test_socket-in-rpm-build.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Fri, 19 Jun 2020 16:58:24 +0200 -Subject: [PATCH] 00163: Disable parts of test_socket in RPM build +Subject: 00163: Disable parts of test_socket in RPM build Some tests within test_socket fail intermittently when run inside Koji; disable them using unittest._skipInRpmBuild diff --git a/00170-gc-assertions.patch b/00170-gc-assertions.patch index 1ff22b4..1fe7cf3 100644 --- a/00170-gc-assertions.patch +++ b/00170-gc-assertions.patch @@ -1,8 +1,8 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Fri, 19 Jun 2020 16:05:07 +0200 -Subject: [PATCH] 00170: In debug builds, try to print repr() when a C-level - assert fails +Subject: 00170: In debug builds, try to print repr() when a C-level assert + fails In debug builds, try to print repr() when a C-level assert fails in the garbage collector (typically indicating a reference-counting error diff --git a/00189-use-rpm-wheels.patch b/00189-use-rpm-wheels.patch index 5350ea4..6f9690a 100644 --- a/00189-use-rpm-wheels.patch +++ b/00189-use-rpm-wheels.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= Date: Wed, 15 Aug 2018 15:36:29 +0200 -Subject: [PATCH] 00189: Instead of bundled wheels, use our RPM packaged wheels +Subject: 00189: Instead of bundled wheels, use our RPM packaged wheels We keep them in /usr/share/python-wheels --- diff --git a/00251-change-user-install-location.patch b/00251-change-user-install-location.patch index 4e18773..bc0c75e 100644 --- a/00251-change-user-install-location.patch +++ b/00251-change-user-install-location.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Michal Cyprian Date: Mon, 26 Jun 2017 16:32:56 +0200 -Subject: [PATCH] 00251: Change user install location +Subject: 00251: Change user install location Set values of prefix and exec_prefix in distutils install command to /usr/local if executable is /usr/bin/python* and RPM build diff --git a/00262-pep538_coerce_legacy_c_locale.patch b/00262-pep538_coerce_legacy_c_locale.patch index de74c31..1acae8d 100644 --- a/00262-pep538_coerce_legacy_c_locale.patch +++ b/00262-pep538_coerce_legacy_c_locale.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Nick Coghlan Date: Fri, 19 Jun 2020 17:02:52 +0200 -Subject: [PATCH] 00262: PEP538 - Coerce legacy C locale +Subject: 00262: PEP538 - Coerce legacy C locale MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit diff --git a/00292-restore-PyExc_RecursionErrorInst-symbol.patch b/00292-restore-PyExc_RecursionErrorInst-symbol.patch index 5ab1bda..297fff8 100644 --- a/00292-restore-PyExc_RecursionErrorInst-symbol.patch +++ b/00292-restore-PyExc_RecursionErrorInst-symbol.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Charalampos Stratakis Date: Fri, 19 Jun 2020 17:06:08 +0200 -Subject: [PATCH] 00292: Restore PyExc_RecursionErrorInst symbol +Subject: 00292: Restore PyExc_RecursionErrorInst symbol Restore the public PyExc_RecursionErrorInst symbol that was removed from the 3.6.4 release upstream. diff --git a/00294-define-TLS-cipher-suite-on-build-time.patch b/00294-define-TLS-cipher-suite-on-build-time.patch index 04e187d..c11b05f 100644 --- a/00294-define-TLS-cipher-suite-on-build-time.patch +++ b/00294-define-TLS-cipher-suite-on-build-time.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Fri, 19 Jun 2020 17:13:03 +0200 -Subject: [PATCH] 00294: Define TLS cipher suite on build time +Subject: 00294: Define TLS cipher suite on build time Define TLS cipher suite on build time depending on the OpenSSL default cipher suite selection. diff --git a/00319-test_tarfile_ppc64.patch b/00319-test_tarfile_ppc64.patch new file mode 100644 index 0000000..4686991 --- /dev/null +++ b/00319-test_tarfile_ppc64.patch @@ -0,0 +1,72 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Mon, 21 Jan 2019 01:44:30 -0800 +Subject: 00319: test_tarfile_ppc64 + +Fix sparse file tests of test_tarfile on ppc64le with the tmpfs +filesystem. + +Upstream: https://bugs.python.org/issue35772 + +Co-authored-by: Victor Stinner +--- + Lib/test/pythoninfo.py | 2 ++ + Lib/test/test_tarfile.py | 9 +++++++-- + .../next/Tests/2019-01-18-12-19-19.bpo-35772.sGBbsn.rst | 6 ++++++ + 3 files changed, 15 insertions(+), 2 deletions(-) + create mode 100644 Misc/NEWS.d/next/Tests/2019-01-18-12-19-19.bpo-35772.sGBbsn.rst + +diff --git a/Lib/test/pythoninfo.py b/Lib/test/pythoninfo.py +index c5586b45a5..96b6db1cb7 100644 +--- a/Lib/test/pythoninfo.py ++++ b/Lib/test/pythoninfo.py +@@ -515,6 +515,8 @@ def collect_resource(info_add): + value = resource.getrlimit(key) + info_add('resource.%s' % name, value) + ++ call_func(info_add, 'resource.pagesize', resource, 'getpagesize') ++ + + def collect_test_socket(info_add): + try: +diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py +index 573be812ea..8e0b275972 100644 +--- a/Lib/test/test_tarfile.py ++++ b/Lib/test/test_tarfile.py +@@ -980,16 +980,21 @@ class GNUReadTest(LongnameTest, ReadTest, unittest.TestCase): + def _fs_supports_holes(): + # Return True if the platform knows the st_blocks stat attribute and + # uses st_blocks units of 512 bytes, and if the filesystem is able to +- # store holes in files. ++ # store holes of 4 KiB in files. ++ # ++ # The function returns False if page size is larger than 4 KiB. ++ # For example, ppc64 uses pages of 64 KiB. + if sys.platform.startswith("linux"): + # Linux evidentially has 512 byte st_blocks units. + name = os.path.join(TEMPDIR, "sparse-test") + with open(name, "wb") as fobj: ++ # Seek to "punch a hole" of 4 KiB + fobj.seek(4096) ++ fobj.write(b'x' * 4096) + fobj.truncate() + s = os.stat(name) + support.unlink(name) +- return s.st_blocks == 0 ++ return (s.st_blocks * 512 < s.st_size) + else: + return False + +diff --git a/Misc/NEWS.d/next/Tests/2019-01-18-12-19-19.bpo-35772.sGBbsn.rst b/Misc/NEWS.d/next/Tests/2019-01-18-12-19-19.bpo-35772.sGBbsn.rst +new file mode 100644 +index 0000000000..cfd282f1d0 +--- /dev/null ++++ b/Misc/NEWS.d/next/Tests/2019-01-18-12-19-19.bpo-35772.sGBbsn.rst +@@ -0,0 +1,6 @@ ++Fix sparse file tests of test_tarfile on ppc64 with the tmpfs filesystem. Fix ++the function testing if the filesystem supports sparse files: create a file ++which contains data and "holes", instead of creating a file which contains no ++data. tmpfs effective block size is a page size (tmpfs lives in the page cache). ++RHEL uses 64 KiB pages on aarch64, ppc64, ppc64le, only s390x and x86_64 use 4 ++KiB pages, whereas the test punch holes of 4 KiB. diff --git a/00343-faulthandler-gcc10.patch b/00343-faulthandler-gcc10.patch index 068b117..38c9e56 100644 --- a/00343-faulthandler-gcc10.patch +++ b/00343-faulthandler-gcc10.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Fri, 19 Jun 2020 17:16:05 +0200 -Subject: [PATCH] 00343: Fix test_faulthandler on GCC 10 +Subject: 00343: Fix test_faulthandler on GCC 10 bpo-21131: Fix faulthandler.register(chain=True) stack (GH-15276) https://bugs.python.org/issue21131 diff --git a/00353-architecture-names-upstream-downstream.patch b/00353-architecture-names-upstream-downstream.patch index 13f2655..fa166c7 100644 --- a/00353-architecture-names-upstream-downstream.patch +++ b/00353-architecture-names-upstream-downstream.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Lumir Balhar Date: Tue, 4 Aug 2020 12:04:03 +0200 -Subject: [PATCH] 00353: Original names for architectures with different names +Subject: 00353: Original names for architectures with different names downstream MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 diff --git a/00358-align-allocations-and-pygc_head-to-16-bytes-on-64-bit-platforms.patch b/00358-align-allocations-and-pygc_head-to-16-bytes-on-64-bit-platforms.patch index 063eb4c..62ef5f7 100644 --- a/00358-align-allocations-and-pygc_head-to-16-bytes-on-64-bit-platforms.patch +++ b/00358-align-allocations-and-pygc_head-to-16-bytes-on-64-bit-platforms.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Inada Naoki Date: Mon, 3 Jun 2019 10:51:32 +0900 -Subject: [PATCH] 00358: align allocations and PyGC_Head to 16 bytes on 64-bit +Subject: 00358: align allocations and PyGC_Head to 16 bytes on 64-bit platforms Upstream bug: https://bugs.python.org/issue27987 diff --git a/00361-openssl-3-compatibility.patch b/00361-openssl-3-compatibility.patch new file mode 100644 index 0000000..5e3d454 --- /dev/null +++ b/00361-openssl-3-compatibility.patch @@ -0,0 +1,16064 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Sat, 7 Dec 2019 09:20:43 -0800 +Subject: 00361: openssl-3-compatibility + +Backported from Python 3.8 + +Based on https://github.com/stratakis/cpython/tree/fedora-3.6_openssl3_compat + +Co-authored-by: Christian Heimes +Co-authored-by: Charalampos Stratakis +Co-authored-by: Victor Stinner +--- + Doc/library/hashlib.rst | 4 +- + Doc/library/ssl.rst | 11 + + Lib/test/test_ssl.py | 149 +- + .../2019-11-16-16-09-07.bpo-38820.ivhUSV.rst | 2 + + .../2021-04-09-12-08-01.bpo-43788.YsvInM.rst | 4 + + .../2021-04-09-14-08-03.bpo-43789.eaHlAm.rst | 2 + + .../2021-04-09-16-14-22.bpo-43794.-1XPDH.rst | 1 + + .../2021-04-23-11-54-38.bpo-43920.cJMQ2D.rst | 2 + + .../2021-04-09-15-10-38.bpo-43791.4KxiXK.rst | 2 + + .../2021-12-17-14-46-19.bpo-46114.9iyZ_9.rst | 1 + + Modules/_hashopenssl.c | 10 +- + Modules/_ssl.c | 93 +- + Modules/_ssl_data_111.h | 6525 +++++++++++++ + Modules/_ssl_data_300.h | 8435 +++++++++++++++++ + Tools/ssl/make_ssl_data.py | 181 +- + Tools/ssl/multissltests.py | 3 +- + setup.py | 34 +- + 17 files changed, 15289 insertions(+), 170 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2019-11-16-16-09-07.bpo-38820.ivhUSV.rst + create mode 100644 Misc/NEWS.d/next/Library/2021-04-09-12-08-01.bpo-43788.YsvInM.rst + create mode 100644 Misc/NEWS.d/next/Library/2021-04-09-14-08-03.bpo-43789.eaHlAm.rst + create mode 100644 Misc/NEWS.d/next/Library/2021-04-09-16-14-22.bpo-43794.-1XPDH.rst + create mode 100644 Misc/NEWS.d/next/Library/2021-04-23-11-54-38.bpo-43920.cJMQ2D.rst + create mode 100644 Misc/NEWS.d/next/Tests/2021-04-09-15-10-38.bpo-43791.4KxiXK.rst + create mode 100644 Misc/NEWS.d/next/Tests/2021-12-17-14-46-19.bpo-46114.9iyZ_9.rst + create mode 100644 Modules/_ssl_data_111.h + create mode 100644 Modules/_ssl_data_300.h + +diff --git a/Doc/library/hashlib.rst b/Doc/library/hashlib.rst +index b4f5176352..d78f9f48d1 100644 +--- a/Doc/library/hashlib.rst ++++ b/Doc/library/hashlib.rst +@@ -109,10 +109,10 @@ More condensed: + + Using :func:`new` with an algorithm provided by OpenSSL: + +- >>> h = hashlib.new('ripemd160') ++ >>> h = hashlib.new('sha512_256') + >>> h.update(b"Nobody inspects the spammish repetition") + >>> h.hexdigest() +- 'cc4a5ce1b3df48aec5d22d1f16b894a0b894eccc' ++ '19197dc4d03829df858011c6c87600f994a858103bbc19005f20987aa19a97e2' + + Hashlib provides the following constant attributes: + +diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst +index a85be1a744..a534811f93 100644 +--- a/Doc/library/ssl.rst ++++ b/Doc/library/ssl.rst +@@ -844,6 +844,14 @@ Constants + + .. versionadded:: 3.6 + ++.. data:: OP_IGNORE_UNEXPECTED_EOF ++ ++ Ignore unexpected shutdown of TLS connections. ++ ++ This option is only available with OpenSSL 3.0.0 and later. ++ ++ .. versionadded:: 3.6.15-27 ++ + .. data:: HAS_ALPN + + Whether the OpenSSL library has built-in support for the *Application-Layer +@@ -1143,6 +1151,9 @@ SSL sockets also have the following additional methods and attributes: + The returned dictionary includes additional X509v3 extension items + such as ``crlDistributionPoints``, ``caIssuers`` and ``OCSP`` URIs. + ++ .. versionchanged:: 3.6.15-27 ++ IPv6 address strings no longer have a trailing new line. ++ + .. method:: SSLSocket.cipher() + + Returns a three-value tuple containing the name of the cipher being used, the +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index 510bb09501..ce40b09bb6 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -38,6 +38,7 @@ PROTOCOLS = sorted(ssl._PROTOCOL_NAMES) + HOST = support.HOST + IS_LIBRESSL = ssl.OPENSSL_VERSION.startswith('LibreSSL') + IS_OPENSSL_1_1 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 0) ++IS_OPENSSL_3_0_0 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (3, 0, 0) + PY_SSL_DEFAULT_CIPHERS = sysconfig.get_config_var('PY_SSL_DEFAULT_CIPHERS') + + def data_file(*name): +@@ -92,6 +93,7 @@ OP_SINGLE_DH_USE = getattr(ssl, "OP_SINGLE_DH_USE", 0) + OP_SINGLE_ECDH_USE = getattr(ssl, "OP_SINGLE_ECDH_USE", 0) + OP_CIPHER_SERVER_PREFERENCE = getattr(ssl, "OP_CIPHER_SERVER_PREFERENCE", 0) + OP_ENABLE_MIDDLEBOX_COMPAT = getattr(ssl, "OP_ENABLE_MIDDLEBOX_COMPAT", 0) ++OP_IGNORE_UNEXPECTED_EOF = getattr(ssl, "OP_IGNORE_UNEXPECTED_EOF", 0) + + + def handle_error(prefix): +@@ -147,8 +149,8 @@ def skip_if_broken_ubuntu_ssl(func): + else: + return func + +-def skip_if_openssl_cnf_minprotocol_gt_tls1(func): +- """Skip a test if the OpenSSL config MinProtocol is > TLSv1. ++def skip_if_openssl_cnf_minprotocol_gt_tls11(func): ++ """Skip a test if the OpenSSL config MinProtocol is > TLSv1.1. + + OS distros with an /etc/ssl/openssl.cnf and MinProtocol set often do so to + require TLSv1.2 or higher (Debian Buster). Some of our tests for older +@@ -159,6 +161,8 @@ def skip_if_openssl_cnf_minprotocol_gt_tls1(func): + """ + @functools.wraps(func) + def f(*args, **kwargs): ++ if IS_OPENSSL_3_0_0: ++ raise unittest.SkipTest('OpenSSL 3 effectively disables TLS < 1.2') + openssl_cnf = os.environ.get("OPENSSL_CONF", "/etc/ssl/openssl.cnf") + try: + with open(openssl_cnf, "r") as config: +@@ -166,7 +170,7 @@ def skip_if_openssl_cnf_minprotocol_gt_tls1(func): + match = re.match(r"MinProtocol\s*=\s*(TLSv\d+\S*)", line) + if match: + tls_ver = match.group(1) +- if tls_ver > "TLSv1": ++ if tls_ver > "TLSv1.1": + raise unittest.SkipTest( + "%s has MinProtocol = %s which is > TLSv1." % + (openssl_cnf, tls_ver)) +@@ -367,7 +371,7 @@ class BasicSocketTests(unittest.TestCase): + ('email', 'null@python.org\x00user@example.org'), + ('URI', 'http://null.python.org\x00http://example.org'), + ('IP Address', '192.0.2.1'), +- ('IP Address', '2001:DB8:0:0:0:0:0:1\n')) ++ ('IP Address', '2001:DB8:0:0:0:0:0:1')) + else: + # OpenSSL 0.9.7 doesn't support IPv6 addresses in subjectAltName + san = (('DNS', 'altnull.python.org\x00example.com'), +@@ -394,7 +398,7 @@ class BasicSocketTests(unittest.TestCase): + (('commonName', 'dirname example'),))), + ('URI', 'https://www.python.org/'), + ('IP Address', '127.0.0.1'), +- ('IP Address', '0:0:0:0:0:0:0:1\n'), ++ ('IP Address', '0:0:0:0:0:0:0:1'), + ('Registered ID', '1.2.3.4.5') + ) + ) +@@ -421,11 +425,11 @@ class BasicSocketTests(unittest.TestCase): + # Some sanity checks follow + # >= 0.9 + self.assertGreaterEqual(n, 0x900000) +- # < 3.0 +- self.assertLess(n, 0x30000000) ++ # < 4.0 ++ self.assertLess(n, 0x40000000) + major, minor, fix, patch, status = t +- self.assertGreaterEqual(major, 0) +- self.assertLess(major, 3) ++ self.assertGreaterEqual(major, 1) ++ self.assertLess(major, 4) + self.assertGreaterEqual(minor, 0) + self.assertLess(minor, 256) + self.assertGreaterEqual(fix, 0) +@@ -434,13 +438,17 @@ class BasicSocketTests(unittest.TestCase): + self.assertLessEqual(patch, 63) + self.assertGreaterEqual(status, 0) + self.assertLessEqual(status, 15) +- # Version string as returned by {Open,Libre}SSL, the format might change +- if IS_LIBRESSL: +- self.assertTrue(s.startswith("LibreSSL {:d}".format(major)), +- (s, t, hex(n))) ++ ++ libressl_ver = f"LibreSSL {major:d}" ++ if major >= 3: ++ # 3.x uses 0xMNN00PP0L ++ openssl_ver = f"OpenSSL {major:d}.{minor:d}.{patch:d}" + else: +- self.assertTrue(s.startswith("OpenSSL {:d}.{:d}.{:d}".format(major, minor, fix)), +- (s, t, hex(n))) ++ openssl_ver = f"OpenSSL {major:d}.{minor:d}.{fix:d}" ++ self.assertTrue( ++ s.startswith((openssl_ver, libressl_ver)), ++ (s, t, hex(n)) ++ ) + + @support.cpython_only + def test_refcycle(self): +@@ -982,7 +990,8 @@ class ContextTests(unittest.TestCase): + # SSLContext also enables these by default + default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE | + OP_SINGLE_DH_USE | OP_SINGLE_ECDH_USE | +- OP_ENABLE_MIDDLEBOX_COMPAT) ++ OP_ENABLE_MIDDLEBOX_COMPAT | ++ OP_IGNORE_UNEXPECTED_EOF) + self.assertEqual(default, ctx.options) + ctx.options |= ssl.OP_NO_TLSv1 + self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options) +@@ -1185,12 +1194,17 @@ class ContextTests(unittest.TestCase): + ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) + self.assertRaises(TypeError, ctx.load_verify_locations, cadata=object) + +- with self.assertRaisesRegex(ssl.SSLError, "no start line"): ++ with self.assertRaisesRegex( ++ ssl.SSLError, ++ "no start line: cadata does not contain a certificate" ++ ): + ctx.load_verify_locations(cadata="broken") +- with self.assertRaisesRegex(ssl.SSLError, "not enough data"): ++ with self.assertRaisesRegex( ++ ssl.SSLError, ++ "not enough data: cadata does not contain a certificate" ++ ): + ctx.load_verify_locations(cadata=b"broken") + +- + def test_load_dh_params(self): + ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) + ctx.load_dh_params(DHFILE) +@@ -1410,7 +1424,7 @@ class ContextTests(unittest.TestCase): + self._assert_context_options(ctx) + + def test_check_hostname(self): +- ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ ctx = ssl.SSLContext(ssl.PROTOCOL_TLS) + self.assertFalse(ctx.check_hostname) + + # Requires CERT_REQUIRED or CERT_OPTIONAL +@@ -1468,7 +1482,7 @@ class SSLErrorTests(unittest.TestCase): + def test_subclass(self): + # Check that the appropriate SSLError subclass is raised + # (this only tests one of them) +- ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ ctx = ssl.SSLContext(ssl.PROTOCOL_TLS) + with socket.socket() as s: + s.bind(("127.0.0.1", 0)) + s.listen() +@@ -2411,7 +2425,8 @@ if _have_threads: + if support.verbose: + sys.stdout.write("\n") + for protocol in PROTOCOLS: +- if protocol in {ssl.PROTOCOL_TLS_CLIENT, ssl.PROTOCOL_TLS_SERVER}: ++ if protocol in {ssl.PROTOCOL_TLS_CLIENT, ssl.PROTOCOL_TLS_SERVER, ++ ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1_1}: + continue + with self.subTest(protocol=ssl._PROTOCOL_NAMES[protocol]): + context = ssl.SSLContext(protocol) +@@ -2502,10 +2517,10 @@ if _have_threads: + if support.verbose: + sys.stdout.write("\n") + +- server_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ server_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + server_context.load_cert_chain(SIGNED_CERTFILE) + +- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ context = ssl.SSLContext(ssl.PROTOCOL_TLS) + context.verify_mode = ssl.CERT_REQUIRED + context.load_verify_locations(SIGNING_CA) + tf = getattr(ssl, "VERIFY_X509_TRUSTED_FIRST", 0) +@@ -2543,10 +2558,10 @@ if _have_threads: + if support.verbose: + sys.stdout.write("\n") + +- server_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ server_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + server_context.load_cert_chain(SIGNED_CERTFILE) + +- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ context = ssl.SSLContext(ssl.PROTOCOL_TLS) + context.verify_mode = ssl.CERT_REQUIRED + context.check_hostname = True + context.load_verify_locations(SIGNING_CA) +@@ -2676,7 +2691,7 @@ if _have_threads: + client_options=ssl.OP_NO_TLSv1) + + @skip_if_broken_ubuntu_ssl +- @skip_if_openssl_cnf_minprotocol_gt_tls1 ++ @skip_if_openssl_cnf_minprotocol_gt_tls11 + def test_protocol_sslv23(self): + """Connecting to an SSLv23 server with various client options""" + if support.verbose: +@@ -2737,6 +2752,7 @@ if _have_threads: + False, client_options=ssl.OP_NO_SSLv2) + + @skip_if_broken_ubuntu_ssl ++ @skip_if_openssl_cnf_minprotocol_gt_tls11 + def test_protocol_tlsv1(self): + """Connecting to a TLSv1 server with various client options""" + if support.verbose: +@@ -2754,7 +2770,7 @@ if _have_threads: + @skip_if_broken_ubuntu_ssl + @unittest.skipUnless(hasattr(ssl, "PROTOCOL_TLSv1_1"), + "TLS version 1.1 not supported.") +- @skip_if_openssl_cnf_minprotocol_gt_tls1 ++ @skip_if_openssl_cnf_minprotocol_gt_tls11 + def test_protocol_tlsv1_1(self): + """Connecting to a TLSv1.1 server with various client options. + Testing against older TLS versions.""" +@@ -2802,7 +2818,7 @@ if _have_threads: + msgs = (b"msg 1", b"MSG 2", b"STARTTLS", b"MSG 3", b"msg 4", b"ENDTLS", b"msg 5", b"msg 6") + + server = ThreadedEchoServer(CERTFILE, +- ssl_version=ssl.PROTOCOL_TLSv1, ++ ssl_version=ssl.PROTOCOL_TLS, + starttls_server=True, + chatty=True, + connectionchatty=True) +@@ -2830,7 +2846,7 @@ if _have_threads: + sys.stdout.write( + " client: read %r from server, starting TLS...\n" + % msg) +- conn = test_wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1) ++ conn = test_wrap_socket(s, ssl_version=ssl.PROTOCOL_TLS) + wrapped = True + elif indata == b"ENDTLS" and msg.startswith(b"ok"): + # ENDTLS ok, switch back to clear text +@@ -2917,7 +2933,7 @@ if _have_threads: + + server = ThreadedEchoServer(CERTFILE, + certreqs=ssl.CERT_NONE, +- ssl_version=ssl.PROTOCOL_TLSv1, ++ ssl_version=ssl.PROTOCOL_TLS, + cacerts=CERTFILE, + chatty=True, + connectionchatty=False) +@@ -2927,7 +2943,7 @@ if _have_threads: + certfile=CERTFILE, + ca_certs=CERTFILE, + cert_reqs=ssl.CERT_NONE, +- ssl_version=ssl.PROTOCOL_TLSv1) ++ ssl_version=ssl.PROTOCOL_TLS) + s.connect((HOST, server.port)) + # helper methods for standardising recv* method signatures + def _recv_into(): +@@ -3069,7 +3085,7 @@ if _have_threads: + def test_nonblocking_send(self): + server = ThreadedEchoServer(CERTFILE, + certreqs=ssl.CERT_NONE, +- ssl_version=ssl.PROTOCOL_TLSv1, ++ ssl_version=ssl.PROTOCOL_TLS, + cacerts=CERTFILE, + chatty=True, + connectionchatty=False) +@@ -3079,7 +3095,7 @@ if _have_threads: + certfile=CERTFILE, + ca_certs=CERTFILE, + cert_reqs=ssl.CERT_NONE, +- ssl_version=ssl.PROTOCOL_TLSv1) ++ ssl_version=ssl.PROTOCOL_TLS) + s.connect((HOST, server.port)) + s.setblocking(False) + +@@ -3225,14 +3241,14 @@ if _have_threads: + Basic tests for SSLSocket.version(). + More tests are done in the test_protocol_*() methods. + """ +- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ context = ssl.SSLContext(ssl.PROTOCOL_TLS) + with ThreadedEchoServer(CERTFILE, +- ssl_version=ssl.PROTOCOL_TLSv1, ++ ssl_version=ssl.PROTOCOL_TLS, + chatty=False) as server: + with context.wrap_socket(socket.socket()) as s: + self.assertIs(s.version(), None) + s.connect((HOST, server.port)) +- self.assertEqual(s.version(), 'TLSv1') ++ self.assertEqual(s.version(), 'TLSv1.3') + self.assertIs(s.version(), None) + + @unittest.skipUnless(ssl.HAS_TLSv1_3, +@@ -3282,7 +3298,7 @@ if _have_threads: + + server = ThreadedEchoServer(CERTFILE, + certreqs=ssl.CERT_NONE, +- ssl_version=ssl.PROTOCOL_TLSv1, ++ ssl_version=ssl.PROTOCOL_TLS, + cacerts=CERTFILE, + chatty=True, + connectionchatty=False) +@@ -3292,7 +3308,7 @@ if _have_threads: + certfile=CERTFILE, + ca_certs=CERTFILE, + cert_reqs=ssl.CERT_NONE, +- ssl_version=ssl.PROTOCOL_TLSv1) ++ ssl_version=ssl.PROTOCOL_TLS) + s.connect((HOST, server.port)) + # get the data + cb_data = s.get_channel_binding("tls-unique") +@@ -3302,7 +3318,10 @@ if _have_threads: + + # check if it is sane + self.assertIsNotNone(cb_data) +- self.assertEqual(len(cb_data), 12) # True for TLSv1 ++ if s.version() == 'TLSv1.3': ++ self.assertEqual(len(cb_data), 48) ++ else: ++ self.assertEqual(len(cb_data), 12) # True for TLSv1 + + # and compare with the peers version + s.write(b"CB tls-unique\n") +@@ -3317,7 +3336,7 @@ if _have_threads: + certfile=CERTFILE, + ca_certs=CERTFILE, + cert_reqs=ssl.CERT_NONE, +- ssl_version=ssl.PROTOCOL_TLSv1) ++ ssl_version=ssl.PROTOCOL_TLS) + s.connect((HOST, server.port)) + new_cb_data = s.get_channel_binding("tls-unique") + if support.verbose: +@@ -3326,7 +3345,10 @@ if _have_threads: + # is it really unique + self.assertNotEqual(cb_data, new_cb_data) + self.assertIsNotNone(cb_data) +- self.assertEqual(len(cb_data), 12) # True for TLSv1 ++ if s.version() == 'TLSv1.3': ++ self.assertEqual(len(cb_data), 48) ++ else: ++ self.assertEqual(len(cb_data), 12) # True for TLSv1 + s.write(b"CB tls-unique\n") + peer_data_repr = s.read().strip() + self.assertEqual(peer_data_repr, +@@ -3334,7 +3356,7 @@ if _have_threads: + s.close() + + def test_compression(self): +- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ context = ssl.SSLContext(ssl.PROTOCOL_TLS) + context.load_cert_chain(CERTFILE) + stats = server_params_test(context, context, + chatty=True, connectionchatty=True) +@@ -3345,7 +3367,7 @@ if _have_threads: + @unittest.skipUnless(hasattr(ssl, 'OP_NO_COMPRESSION'), + "ssl.OP_NO_COMPRESSION needed for this test") + def test_compression_disabled(self): +- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ context = ssl.SSLContext(ssl.PROTOCOL_TLS) + context.load_cert_chain(CERTFILE) + context.options |= ssl.OP_NO_COMPRESSION + stats = server_params_test(context, context, +@@ -3354,7 +3376,7 @@ if _have_threads: + + def test_dh_params(self): + # Check we can get a connection with ephemeral Diffie-Hellman +- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2) + context.load_cert_chain(CERTFILE) + context.load_dh_params(DHFILE) + context.set_ciphers("kEDH") +@@ -3367,7 +3389,7 @@ if _have_threads: + + def test_selected_alpn_protocol(self): + # selected_alpn_protocol() is None unless ALPN is used. +- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ context = ssl.SSLContext(ssl.PROTOCOL_TLS) + context.load_cert_chain(CERTFILE) + stats = server_params_test(context, context, + chatty=True, connectionchatty=True) +@@ -3376,9 +3398,9 @@ if _have_threads: + @unittest.skipUnless(ssl.HAS_ALPN, "ALPN support required") + def test_selected_alpn_protocol_if_server_uses_alpn(self): + # selected_alpn_protocol() is None unless ALPN is used by the client. +- client_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ client_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + client_context.load_verify_locations(CERTFILE) +- server_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ server_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + server_context.load_cert_chain(CERTFILE) + server_context.set_alpn_protocols(['foo', 'bar']) + stats = server_params_test(client_context, server_context, +@@ -3429,7 +3451,7 @@ if _have_threads: + + def test_selected_npn_protocol(self): + # selected_npn_protocol() is None unless NPN is used +- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ context = ssl.SSLContext(ssl.PROTOCOL_TLS) + context.load_cert_chain(CERTFILE) + stats = server_params_test(context, context, + chatty=True, connectionchatty=True) +@@ -3465,11 +3487,11 @@ if _have_threads: + self.assertEqual(server_result, expected, msg % (server_result, "server")) + + def sni_contexts(self): +- server_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ server_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + server_context.load_cert_chain(SIGNED_CERTFILE) +- other_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ other_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + other_context.load_cert_chain(SIGNED_CERTFILE2) +- client_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ client_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + client_context.verify_mode = ssl.CERT_REQUIRED + client_context.load_verify_locations(SIGNING_CA) + return server_context, other_context, client_context +@@ -3568,9 +3590,9 @@ if _have_threads: + self.assertIn("TypeError", stderr.getvalue()) + + def test_shared_ciphers(self): +- server_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ server_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + server_context.load_cert_chain(SIGNED_CERTFILE) +- client_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ client_context = ssl.SSLContext(ssl.PROTOCOL_TLS) + client_context.verify_mode = ssl.CERT_REQUIRED + client_context.load_verify_locations(SIGNING_CA) + if ssl.OPENSSL_VERSION_INFO >= (1, 0, 2): +@@ -3630,14 +3652,18 @@ if _have_threads: + self.assertEqual(s.recv(1024), TEST_DATA) + + def test_session(self): +- server_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ server_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER) + server_context.load_cert_chain(SIGNED_CERTFILE) +- client_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) ++ client_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + client_context.verify_mode = ssl.CERT_REQUIRED + client_context.load_verify_locations(SIGNING_CA) + ++ # Sessions are not compatible with TLS 1.3 ++ client_context.options |= ssl.OP_NO_TLSv1_3 ++ + # first connection without session +- stats = server_params_test(client_context, server_context) ++ stats = server_params_test(client_context, server_context, ++ sni_name='localhost') + session = stats['session'] + self.assertTrue(session.id) + self.assertGreater(session.time, 0) +@@ -3651,7 +3677,8 @@ if _have_threads: + self.assertEqual(sess_stat['hits'], 0) + + # reuse session +- stats = server_params_test(client_context, server_context, session=session) ++ stats = server_params_test(client_context, server_context, ++ session=session, sni_name='localhost') + sess_stat = server_context.session_stats() + self.assertEqual(sess_stat['accept'], 2) + self.assertEqual(sess_stat['hits'], 1) +@@ -3664,7 +3691,8 @@ if _have_threads: + self.assertGreaterEqual(session2.timeout, session.timeout) + + # another one without session +- stats = server_params_test(client_context, server_context) ++ stats = server_params_test(client_context, server_context, ++ sni_name='localhost') + self.assertFalse(stats['session_reused']) + session3 = stats['session'] + self.assertNotEqual(session3.id, session.id) +@@ -3674,7 +3702,8 @@ if _have_threads: + self.assertEqual(sess_stat['hits'], 1) + + # reuse session again +- stats = server_params_test(client_context, server_context, session=session) ++ stats = server_params_test(client_context, server_context, ++ session=session, sni_name='localhost') + self.assertTrue(stats['session_reused']) + session4 = stats['session'] + self.assertEqual(session4.id, session.id) +diff --git a/Misc/NEWS.d/next/Library/2019-11-16-16-09-07.bpo-38820.ivhUSV.rst b/Misc/NEWS.d/next/Library/2019-11-16-16-09-07.bpo-38820.ivhUSV.rst +new file mode 100644 +index 0000000000..2c6a6e853c +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2019-11-16-16-09-07.bpo-38820.ivhUSV.rst +@@ -0,0 +1,2 @@ ++Make Python compatible with OpenSSL 3.0.0. :func:`ssl.SSLSocket.getpeercert` ++no longer returns IPv6 addresses with a trailing new line. +diff --git a/Misc/NEWS.d/next/Library/2021-04-09-12-08-01.bpo-43788.YsvInM.rst b/Misc/NEWS.d/next/Library/2021-04-09-12-08-01.bpo-43788.YsvInM.rst +new file mode 100644 +index 0000000000..ff76256472 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2021-04-09-12-08-01.bpo-43788.YsvInM.rst +@@ -0,0 +1,4 @@ ++The header files for :mod:`ssl` error codes are now OpenSSL ++version-specific. Exceptions will now show correct reason and library ++codes. The ``make_ssl_data.py`` script has been rewritten to use OpenSSL's ++text file with error codes. +diff --git a/Misc/NEWS.d/next/Library/2021-04-09-14-08-03.bpo-43789.eaHlAm.rst b/Misc/NEWS.d/next/Library/2021-04-09-14-08-03.bpo-43789.eaHlAm.rst +new file mode 100644 +index 0000000000..1c08529462 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2021-04-09-14-08-03.bpo-43789.eaHlAm.rst +@@ -0,0 +1,2 @@ ++OpenSSL 3.0.0: Don't call the password callback function a second time when ++first call has signaled an error condition. +diff --git a/Misc/NEWS.d/next/Library/2021-04-09-16-14-22.bpo-43794.-1XPDH.rst b/Misc/NEWS.d/next/Library/2021-04-09-16-14-22.bpo-43794.-1XPDH.rst +new file mode 100644 +index 0000000000..64894bdc01 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2021-04-09-16-14-22.bpo-43794.-1XPDH.rst +@@ -0,0 +1 @@ ++Add :data:`ssl.OP_IGNORE_UNEXPECTED_EOF` constants (OpenSSL 3.0.0) +diff --git a/Misc/NEWS.d/next/Library/2021-04-23-11-54-38.bpo-43920.cJMQ2D.rst b/Misc/NEWS.d/next/Library/2021-04-23-11-54-38.bpo-43920.cJMQ2D.rst +new file mode 100644 +index 0000000000..28ff0fb3af +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2021-04-23-11-54-38.bpo-43920.cJMQ2D.rst +@@ -0,0 +1,2 @@ ++OpenSSL 3.0.0: :meth:`~ssl.SSLContext.load_verify_locations` now returns a ++consistent error message when cadata contains no valid certificate. +diff --git a/Misc/NEWS.d/next/Tests/2021-04-09-15-10-38.bpo-43791.4KxiXK.rst b/Misc/NEWS.d/next/Tests/2021-04-09-15-10-38.bpo-43791.4KxiXK.rst +new file mode 100644 +index 0000000000..964ae5abb3 +--- /dev/null ++++ b/Misc/NEWS.d/next/Tests/2021-04-09-15-10-38.bpo-43791.4KxiXK.rst +@@ -0,0 +1,2 @@ ++OpenSSL 3.0.0: Disable testing of legacy protocols TLS 1.0 and 1.1. Tests ++are failing with TLSV1_ALERT_INTERNAL_ERROR. +diff --git a/Misc/NEWS.d/next/Tests/2021-12-17-14-46-19.bpo-46114.9iyZ_9.rst b/Misc/NEWS.d/next/Tests/2021-12-17-14-46-19.bpo-46114.9iyZ_9.rst +new file mode 100644 +index 0000000000..6878cea032 +--- /dev/null ++++ b/Misc/NEWS.d/next/Tests/2021-12-17-14-46-19.bpo-46114.9iyZ_9.rst +@@ -0,0 +1 @@ ++Fix test case for OpenSSL 3.0.1 version. OpenSSL 3.0 uses ``0xMNN00PP0L``. +diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c +index 84edd72c85..e8f4badbeb 100644 +--- a/Modules/_hashopenssl.c ++++ b/Modules/_hashopenssl.c +@@ -364,7 +364,7 @@ EVP_tp_init(EVPobject *self, PyObject *args, PyObject *kwds) + return -1; + } + +- digest = EVP_get_digestbyname(nameStr); ++ digest = EVP_MD_fetch(NULL, nameStr, NULL); + if (!digest) { + PyErr_SetString(PyExc_ValueError, "unknown hash function"); + if (data_obj) +@@ -529,7 +529,7 @@ EVP_new(PyObject *self, PyObject *args, PyObject *kwdict) + if (data_obj) + GET_BUFFER_VIEW_OR_ERROUT(data_obj, &view); + +- digest = EVP_get_digestbyname(name); ++ digest = EVP_MD_fetch(NULL, name, NULL); + + ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf, view.len); + +@@ -654,7 +654,7 @@ pbkdf2_hmac(PyObject *self, PyObject *args, PyObject *kwdict) + return NULL; + } + +- digest = EVP_get_digestbyname(name); ++ digest = EVP_MD_fetch(NULL, name, NULL); + if (digest == NULL) { + PyErr_SetString(PyExc_ValueError, "unsupported hash type"); + goto end; +@@ -941,8 +941,8 @@ generate_hash_name_list(void) + \ + if (CONST_new_ ## NAME ## _ctx_p == NULL) { \ + EVP_MD_CTX *ctx_p = EVP_MD_CTX_new(); \ +- if (!EVP_get_digestbyname(#NAME) || \ +- !EVP_DigestInit(ctx_p, EVP_get_digestbyname(#NAME))) { \ ++ if (!EVP_MD_fetch(NULL, #NAME, NULL) || \ ++ !EVP_DigestInit(ctx_p, EVP_MD_fetch(NULL, #NAME, NULL))) { \ + _setException(PyExc_ValueError); \ + EVP_MD_CTX_free(ctx_p); \ + return NULL; \ +diff --git a/Modules/_ssl.c b/Modules/_ssl.c +index ec366f019d..3375b2bf3f 100644 +--- a/Modules/_ssl.c ++++ b/Modules/_ssl.c +@@ -103,7 +103,13 @@ struct py_ssl_library_code { + }; + + /* Include generated data (error codes) */ ++#if (OPENSSL_VERSION_NUMBER >= 0x30000000L) ++#include "_ssl_data_300.h" ++#elif (OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(LIBRESSL_VERSION_NUMBER) ++#include "_ssl_data_111.h" ++#else + #include "_ssl_data.h" ++#endif + + #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER) + # define OPENSSL_VERSION_1_1 1 +@@ -1204,6 +1210,54 @@ _get_peer_alt_names (X509 *certificate) { + PyTuple_SET_ITEM(t, 1, v); + break; + ++ case GEN_IPADD: ++ /* OpenSSL < 3.0.0 adds a trailing \n to IPv6. 3.0.0 removed ++ * the trailing newline. Remove it in all versions ++ */ ++ t = PyTuple_New(2); ++ if (t == NULL) ++ goto fail; ++ ++ v = PyUnicode_FromString("IP Address"); ++ if (v == NULL) { ++ Py_DECREF(t); ++ goto fail; ++ } ++ PyTuple_SET_ITEM(t, 0, v); ++ ++ if (name->d.ip->length == 4) { ++ unsigned char *p = name->d.ip->data; ++ v = PyUnicode_FromFormat( ++ "%d.%d.%d.%d", ++ p[0], p[1], p[2], p[3] ++ ); ++ } else if (name->d.ip->length == 16) { ++ /* PyUnicode_FromFormat() does not support %X */ ++ unsigned char *p = name->d.ip->data; ++ len = sprintf( ++ buf, ++ "%X:%X:%X:%X:%X:%X:%X:%X", ++ p[0] << 8 | p[1], ++ p[2] << 8 | p[3], ++ p[4] << 8 | p[5], ++ p[6] << 8 | p[7], ++ p[8] << 8 | p[9], ++ p[10] << 8 | p[11], ++ p[12] << 8 | p[13], ++ p[14] << 8 | p[15] ++ ); ++ v = PyUnicode_FromStringAndSize(buf, len); ++ } else { ++ v = PyUnicode_FromString(""); ++ } ++ ++ if (v == NULL) { ++ Py_DECREF(t); ++ goto fail; ++ } ++ PyTuple_SET_ITEM(t, 1, v); ++ break; ++ + default: + /* for everything else, we use the OpenSSL print form */ + switch (gntype) { +@@ -1211,7 +1265,6 @@ _get_peer_alt_names (X509 *certificate) { + case GEN_OTHERNAME: + case GEN_X400: + case GEN_EDIPARTY: +- case GEN_IPADD: + case GEN_RID: + break; + default: +@@ -2880,6 +2933,10 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version) + #endif + #ifdef SSL_OP_SINGLE_ECDH_USE + options |= SSL_OP_SINGLE_ECDH_USE; ++#endif ++#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF ++ /* Make OpenSSL 3.0.0 behave like 1.1.1 */ ++ options |= SSL_OP_IGNORE_UNEXPECTED_EOF; + #endif + SSL_CTX_set_options(self->ctx, options); + +@@ -3441,6 +3498,13 @@ _password_callback(char *buf, int size, int rwflag, void *userdata) + + PySSL_END_ALLOW_THREADS_S(pw_info->thread_state); + ++ if (pw_info->error) { ++ /* already failed previously. OpenSSL 3.0.0-alpha14 invokes the ++ * callback multiple times which can lead to fatal Python error in ++ * exception check. */ ++ goto error; ++ } ++ + if (pw_info->callable) { + fn_ret = PyObject_CallFunctionObjArgs(pw_info->callable, NULL); + if (!fn_ret) { +@@ -3584,7 +3648,7 @@ _add_ca_certs(PySSLContext *self, void *data, Py_ssize_t len, + { + BIO *biobuf = NULL; + X509_STORE *store; +- int retval = 0, err, loaded = 0; ++ int retval = -1, err, loaded = 0; + + assert(filetype == SSL_FILETYPE_ASN1 || filetype == SSL_FILETYPE_PEM); + +@@ -3638,23 +3702,32 @@ _add_ca_certs(PySSLContext *self, void *data, Py_ssize_t len, + } + + err = ERR_peek_last_error(); +- if ((filetype == SSL_FILETYPE_ASN1) && +- (loaded > 0) && +- (ERR_GET_LIB(err) == ERR_LIB_ASN1) && +- (ERR_GET_REASON(err) == ASN1_R_HEADER_TOO_LONG)) { ++ if (loaded == 0) { ++ const char *msg = NULL; ++ if (filetype == SSL_FILETYPE_PEM) { ++ msg = "no start line: cadata does not contain a certificate"; ++ } else { ++ msg = "not enough data: cadata does not contain a certificate"; ++ } ++ _setSSLError(msg, 0, __FILE__, __LINE__); ++ retval = -1; ++ } else if ((filetype == SSL_FILETYPE_ASN1) && ++ (ERR_GET_LIB(err) == ERR_LIB_ASN1) && ++ (ERR_GET_REASON(err) == ASN1_R_HEADER_TOO_LONG)) { + /* EOF ASN1 file, not an error */ + ERR_clear_error(); + retval = 0; + } else if ((filetype == SSL_FILETYPE_PEM) && +- (loaded > 0) && + (ERR_GET_LIB(err) == ERR_LIB_PEM) && + (ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) { + /* EOF PEM file, not an error */ + ERR_clear_error(); + retval = 0; +- } else { ++ } else if (err != 0) { + _setSSLError(NULL, 0, __FILE__, __LINE__); + retval = -1; ++ } else { ++ retval = 0; + } + + BIO_free(biobuf); +@@ -5637,6 +5710,10 @@ PyInit__ssl(void) + PyModule_AddIntConstant(m, "OP_ENABLE_MIDDLEBOX_COMPAT", + SSL_OP_ENABLE_MIDDLEBOX_COMPAT); + #endif ++#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF ++ PyModule_AddIntConstant(m, "OP_IGNORE_UNEXPECTED_EOF", ++ SSL_OP_IGNORE_UNEXPECTED_EOF); ++#endif + + #if HAVE_SNI + r = Py_True; +diff --git a/Modules/_ssl_data_111.h b/Modules/_ssl_data_111.h +new file mode 100644 +index 0000000000..85a2f7ec15 +--- /dev/null ++++ b/Modules/_ssl_data_111.h +@@ -0,0 +1,6525 @@ ++/* File generated by Tools/ssl/make_ssl_data.py *//* Generated on 2021-04-09T09:36:21.493286 */ ++static struct py_ssl_library_code library_codes[] = { ++#ifdef ERR_LIB_ASN1 ++ {"ASN1", ERR_LIB_ASN1}, ++#endif ++#ifdef ERR_LIB_ASYNC ++ {"ASYNC", ERR_LIB_ASYNC}, ++#endif ++#ifdef ERR_LIB_BIO ++ {"BIO", ERR_LIB_BIO}, ++#endif ++#ifdef ERR_LIB_BN ++ {"BN", ERR_LIB_BN}, ++#endif ++#ifdef ERR_LIB_BUF ++ {"BUF", ERR_LIB_BUF}, ++#endif ++#ifdef ERR_LIB_CMS ++ {"CMS", ERR_LIB_CMS}, ++#endif ++#ifdef ERR_LIB_COMP ++ {"COMP", ERR_LIB_COMP}, ++#endif ++#ifdef ERR_LIB_CONF ++ {"CONF", ERR_LIB_CONF}, ++#endif ++#ifdef ERR_LIB_CRYPTO ++ {"CRYPTO", ERR_LIB_CRYPTO}, ++#endif ++#ifdef ERR_LIB_CT ++ {"CT", ERR_LIB_CT}, ++#endif ++#ifdef ERR_LIB_DH ++ {"DH", ERR_LIB_DH}, ++#endif ++#ifdef ERR_LIB_DSA ++ {"DSA", ERR_LIB_DSA}, ++#endif ++#ifdef ERR_LIB_DSO ++ {"DSO", ERR_LIB_DSO}, ++#endif ++#ifdef ERR_LIB_EC ++ {"EC", ERR_LIB_EC}, ++#endif ++#ifdef ERR_LIB_ECDH ++ {"ECDH", ERR_LIB_ECDH}, ++#endif ++#ifdef ERR_LIB_ECDSA ++ {"ECDSA", ERR_LIB_ECDSA}, ++#endif ++#ifdef ERR_LIB_ENGINE ++ {"ENGINE", ERR_LIB_ENGINE}, ++#endif ++#ifdef ERR_LIB_EVP ++ {"EVP", ERR_LIB_EVP}, ++#endif ++#ifdef ERR_LIB_FIPS ++ {"FIPS", ERR_LIB_FIPS}, ++#endif ++#ifdef ERR_LIB_HMAC ++ {"HMAC", ERR_LIB_HMAC}, ++#endif ++#ifdef ERR_LIB_JPAKE ++ {"JPAKE", ERR_LIB_JPAKE}, ++#endif ++#ifdef ERR_LIB_KDF ++ {"KDF", ERR_LIB_KDF}, ++#endif ++#ifdef ERR_LIB_METH ++ {"METH", ERR_LIB_METH}, ++#endif ++#ifdef ERR_LIB_NONE ++ {"NONE", ERR_LIB_NONE}, ++#endif ++#ifdef ERR_LIB_OBJ ++ {"OBJ", ERR_LIB_OBJ}, ++#endif ++#ifdef ERR_LIB_OCSP ++ {"OCSP", ERR_LIB_OCSP}, ++#endif ++#ifdef ERR_LIB_OSSL_STORE ++ {"OSSL_STORE", ERR_LIB_OSSL_STORE}, ++#endif ++#ifdef ERR_LIB_PEM ++ {"PEM", ERR_LIB_PEM}, ++#endif ++#ifdef ERR_LIB_PKCS12 ++ {"PKCS12", ERR_LIB_PKCS12}, ++#endif ++#ifdef ERR_LIB_PKCS7 ++ {"PKCS7", ERR_LIB_PKCS7}, ++#endif ++#ifdef ERR_LIB_PROXY ++ {"PROXY", ERR_LIB_PROXY}, ++#endif ++#ifdef ERR_LIB_RAND ++ {"RAND", ERR_LIB_RAND}, ++#endif ++#ifdef ERR_LIB_RSA ++ {"RSA", ERR_LIB_RSA}, ++#endif ++#ifdef ERR_LIB_RSAREF ++ {"RSAREF", ERR_LIB_RSAREF}, ++#endif ++#ifdef ERR_LIB_SM2 ++ {"SM2", ERR_LIB_SM2}, ++#endif ++#ifdef ERR_LIB_SSL ++ {"SSL", ERR_LIB_SSL}, ++#endif ++#ifdef ERR_LIB_SSL2 ++ {"SSL2", ERR_LIB_SSL2}, ++#endif ++#ifdef ERR_LIB_SSL23 ++ {"SSL23", ERR_LIB_SSL23}, ++#endif ++#ifdef ERR_LIB_SSL3 ++ {"SSL3", ERR_LIB_SSL3}, ++#endif ++#ifdef ERR_LIB_SYS ++ {"SYS", ERR_LIB_SYS}, ++#endif ++#ifdef ERR_LIB_TS ++ {"TS", ERR_LIB_TS}, ++#endif ++#ifdef ERR_LIB_UI ++ {"UI", ERR_LIB_UI}, ++#endif ++#ifdef ERR_LIB_USER ++ {"USER", ERR_LIB_USER}, ++#endif ++#ifdef ERR_LIB_X509 ++ {"X509", ERR_LIB_X509}, ++#endif ++#ifdef ERR_LIB_X509V3 ++ {"X509V3", ERR_LIB_X509V3}, ++#endif ++ { NULL } ++}; ++ ++ ++static struct py_ssl_error_code error_codes[] = { ++ #ifdef ASN1_R_ADDING_OBJECT ++ {"ADDING_OBJECT", ERR_LIB_ASN1, ASN1_R_ADDING_OBJECT}, ++ #else ++ {"ADDING_OBJECT", 13, 171}, ++ #endif ++ #ifdef ASN1_R_ASN1_PARSE_ERROR ++ {"ASN1_PARSE_ERROR", ERR_LIB_ASN1, ASN1_R_ASN1_PARSE_ERROR}, ++ #else ++ {"ASN1_PARSE_ERROR", 13, 203}, ++ #endif ++ #ifdef ASN1_R_ASN1_SIG_PARSE_ERROR ++ {"ASN1_SIG_PARSE_ERROR", ERR_LIB_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR}, ++ #else ++ {"ASN1_SIG_PARSE_ERROR", 13, 204}, ++ #endif ++ #ifdef ASN1_R_AUX_ERROR ++ {"AUX_ERROR", ERR_LIB_ASN1, ASN1_R_AUX_ERROR}, ++ #else ++ {"AUX_ERROR", 13, 100}, ++ #endif ++ #ifdef ASN1_R_BAD_OBJECT_HEADER ++ {"BAD_OBJECT_HEADER", ERR_LIB_ASN1, ASN1_R_BAD_OBJECT_HEADER}, ++ #else ++ {"BAD_OBJECT_HEADER", 13, 102}, ++ #endif ++ #ifdef ASN1_R_BAD_TEMPLATE ++ {"BAD_TEMPLATE", ERR_LIB_ASN1, ASN1_R_BAD_TEMPLATE}, ++ #else ++ {"BAD_TEMPLATE", 13, 230}, ++ #endif ++ #ifdef ASN1_R_BMPSTRING_IS_WRONG_LENGTH ++ {"BMPSTRING_IS_WRONG_LENGTH", ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH}, ++ #else ++ {"BMPSTRING_IS_WRONG_LENGTH", 13, 214}, ++ #endif ++ #ifdef ASN1_R_BN_LIB ++ {"BN_LIB", ERR_LIB_ASN1, ASN1_R_BN_LIB}, ++ #else ++ {"BN_LIB", 13, 105}, ++ #endif ++ #ifdef ASN1_R_BOOLEAN_IS_WRONG_LENGTH ++ {"BOOLEAN_IS_WRONG_LENGTH", ERR_LIB_ASN1, ASN1_R_BOOLEAN_IS_WRONG_LENGTH}, ++ #else ++ {"BOOLEAN_IS_WRONG_LENGTH", 13, 106}, ++ #endif ++ #ifdef ASN1_R_BUFFER_TOO_SMALL ++ {"BUFFER_TOO_SMALL", ERR_LIB_ASN1, ASN1_R_BUFFER_TOO_SMALL}, ++ #else ++ {"BUFFER_TOO_SMALL", 13, 107}, ++ #endif ++ #ifdef ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ++ {"CIPHER_HAS_NO_OBJECT_IDENTIFIER", ERR_LIB_ASN1, ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER}, ++ #else ++ {"CIPHER_HAS_NO_OBJECT_IDENTIFIER", 13, 108}, ++ #endif ++ #ifdef ASN1_R_CONTEXT_NOT_INITIALISED ++ {"CONTEXT_NOT_INITIALISED", ERR_LIB_ASN1, ASN1_R_CONTEXT_NOT_INITIALISED}, ++ #else ++ {"CONTEXT_NOT_INITIALISED", 13, 217}, ++ #endif ++ #ifdef ASN1_R_DATA_IS_WRONG ++ {"DATA_IS_WRONG", ERR_LIB_ASN1, ASN1_R_DATA_IS_WRONG}, ++ #else ++ {"DATA_IS_WRONG", 13, 109}, ++ #endif ++ #ifdef ASN1_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_ASN1, ASN1_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 13, 110}, ++ #endif ++ #ifdef ASN1_R_DEPTH_EXCEEDED ++ {"DEPTH_EXCEEDED", ERR_LIB_ASN1, ASN1_R_DEPTH_EXCEEDED}, ++ #else ++ {"DEPTH_EXCEEDED", 13, 174}, ++ #endif ++ #ifdef ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED ++ {"DIGEST_AND_KEY_TYPE_NOT_SUPPORTED", ERR_LIB_ASN1, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED}, ++ #else ++ {"DIGEST_AND_KEY_TYPE_NOT_SUPPORTED", 13, 198}, ++ #endif ++ #ifdef ASN1_R_ENCODE_ERROR ++ {"ENCODE_ERROR", ERR_LIB_ASN1, ASN1_R_ENCODE_ERROR}, ++ #else ++ {"ENCODE_ERROR", 13, 112}, ++ #endif ++ #ifdef ASN1_R_ERROR_GETTING_TIME ++ {"ERROR_GETTING_TIME", ERR_LIB_ASN1, ASN1_R_ERROR_GETTING_TIME}, ++ #else ++ {"ERROR_GETTING_TIME", 13, 173}, ++ #endif ++ #ifdef ASN1_R_ERROR_LOADING_SECTION ++ {"ERROR_LOADING_SECTION", ERR_LIB_ASN1, ASN1_R_ERROR_LOADING_SECTION}, ++ #else ++ {"ERROR_LOADING_SECTION", 13, 172}, ++ #endif ++ #ifdef ASN1_R_ERROR_SETTING_CIPHER_PARAMS ++ {"ERROR_SETTING_CIPHER_PARAMS", ERR_LIB_ASN1, ASN1_R_ERROR_SETTING_CIPHER_PARAMS}, ++ #else ++ {"ERROR_SETTING_CIPHER_PARAMS", 13, 114}, ++ #endif ++ #ifdef ASN1_R_EXPECTING_AN_INTEGER ++ {"EXPECTING_AN_INTEGER", ERR_LIB_ASN1, ASN1_R_EXPECTING_AN_INTEGER}, ++ #else ++ {"EXPECTING_AN_INTEGER", 13, 115}, ++ #endif ++ #ifdef ASN1_R_EXPECTING_AN_OBJECT ++ {"EXPECTING_AN_OBJECT", ERR_LIB_ASN1, ASN1_R_EXPECTING_AN_OBJECT}, ++ #else ++ {"EXPECTING_AN_OBJECT", 13, 116}, ++ #endif ++ #ifdef ASN1_R_EXPLICIT_LENGTH_MISMATCH ++ {"EXPLICIT_LENGTH_MISMATCH", ERR_LIB_ASN1, ASN1_R_EXPLICIT_LENGTH_MISMATCH}, ++ #else ++ {"EXPLICIT_LENGTH_MISMATCH", 13, 119}, ++ #endif ++ #ifdef ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED ++ {"EXPLICIT_TAG_NOT_CONSTRUCTED", ERR_LIB_ASN1, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED}, ++ #else ++ {"EXPLICIT_TAG_NOT_CONSTRUCTED", 13, 120}, ++ #endif ++ #ifdef ASN1_R_FIELD_MISSING ++ {"FIELD_MISSING", ERR_LIB_ASN1, ASN1_R_FIELD_MISSING}, ++ #else ++ {"FIELD_MISSING", 13, 121}, ++ #endif ++ #ifdef ASN1_R_FIRST_NUM_TOO_LARGE ++ {"FIRST_NUM_TOO_LARGE", ERR_LIB_ASN1, ASN1_R_FIRST_NUM_TOO_LARGE}, ++ #else ++ {"FIRST_NUM_TOO_LARGE", 13, 122}, ++ #endif ++ #ifdef ASN1_R_HEADER_TOO_LONG ++ {"HEADER_TOO_LONG", ERR_LIB_ASN1, ASN1_R_HEADER_TOO_LONG}, ++ #else ++ {"HEADER_TOO_LONG", 13, 123}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_BITSTRING_FORMAT ++ {"ILLEGAL_BITSTRING_FORMAT", ERR_LIB_ASN1, ASN1_R_ILLEGAL_BITSTRING_FORMAT}, ++ #else ++ {"ILLEGAL_BITSTRING_FORMAT", 13, 175}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_BOOLEAN ++ {"ILLEGAL_BOOLEAN", ERR_LIB_ASN1, ASN1_R_ILLEGAL_BOOLEAN}, ++ #else ++ {"ILLEGAL_BOOLEAN", 13, 176}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_CHARACTERS ++ {"ILLEGAL_CHARACTERS", ERR_LIB_ASN1, ASN1_R_ILLEGAL_CHARACTERS}, ++ #else ++ {"ILLEGAL_CHARACTERS", 13, 124}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_FORMAT ++ {"ILLEGAL_FORMAT", ERR_LIB_ASN1, ASN1_R_ILLEGAL_FORMAT}, ++ #else ++ {"ILLEGAL_FORMAT", 13, 177}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_HEX ++ {"ILLEGAL_HEX", ERR_LIB_ASN1, ASN1_R_ILLEGAL_HEX}, ++ #else ++ {"ILLEGAL_HEX", 13, 178}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_IMPLICIT_TAG ++ {"ILLEGAL_IMPLICIT_TAG", ERR_LIB_ASN1, ASN1_R_ILLEGAL_IMPLICIT_TAG}, ++ #else ++ {"ILLEGAL_IMPLICIT_TAG", 13, 179}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_INTEGER ++ {"ILLEGAL_INTEGER", ERR_LIB_ASN1, ASN1_R_ILLEGAL_INTEGER}, ++ #else ++ {"ILLEGAL_INTEGER", 13, 180}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_NEGATIVE_VALUE ++ {"ILLEGAL_NEGATIVE_VALUE", ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE}, ++ #else ++ {"ILLEGAL_NEGATIVE_VALUE", 13, 226}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_NESTED_TAGGING ++ {"ILLEGAL_NESTED_TAGGING", ERR_LIB_ASN1, ASN1_R_ILLEGAL_NESTED_TAGGING}, ++ #else ++ {"ILLEGAL_NESTED_TAGGING", 13, 181}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_NULL ++ {"ILLEGAL_NULL", ERR_LIB_ASN1, ASN1_R_ILLEGAL_NULL}, ++ #else ++ {"ILLEGAL_NULL", 13, 125}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_NULL_VALUE ++ {"ILLEGAL_NULL_VALUE", ERR_LIB_ASN1, ASN1_R_ILLEGAL_NULL_VALUE}, ++ #else ++ {"ILLEGAL_NULL_VALUE", 13, 182}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_OBJECT ++ {"ILLEGAL_OBJECT", ERR_LIB_ASN1, ASN1_R_ILLEGAL_OBJECT}, ++ #else ++ {"ILLEGAL_OBJECT", 13, 183}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_OPTIONAL_ANY ++ {"ILLEGAL_OPTIONAL_ANY", ERR_LIB_ASN1, ASN1_R_ILLEGAL_OPTIONAL_ANY}, ++ #else ++ {"ILLEGAL_OPTIONAL_ANY", 13, 126}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE ++ {"ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE", ERR_LIB_ASN1, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE}, ++ #else ++ {"ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE", 13, 170}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_PADDING ++ {"ILLEGAL_PADDING", ERR_LIB_ASN1, ASN1_R_ILLEGAL_PADDING}, ++ #else ++ {"ILLEGAL_PADDING", 13, 221}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_TAGGED_ANY ++ {"ILLEGAL_TAGGED_ANY", ERR_LIB_ASN1, ASN1_R_ILLEGAL_TAGGED_ANY}, ++ #else ++ {"ILLEGAL_TAGGED_ANY", 13, 127}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_TIME_VALUE ++ {"ILLEGAL_TIME_VALUE", ERR_LIB_ASN1, ASN1_R_ILLEGAL_TIME_VALUE}, ++ #else ++ {"ILLEGAL_TIME_VALUE", 13, 184}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_ZERO_CONTENT ++ {"ILLEGAL_ZERO_CONTENT", ERR_LIB_ASN1, ASN1_R_ILLEGAL_ZERO_CONTENT}, ++ #else ++ {"ILLEGAL_ZERO_CONTENT", 13, 222}, ++ #endif ++ #ifdef ASN1_R_INTEGER_NOT_ASCII_FORMAT ++ {"INTEGER_NOT_ASCII_FORMAT", ERR_LIB_ASN1, ASN1_R_INTEGER_NOT_ASCII_FORMAT}, ++ #else ++ {"INTEGER_NOT_ASCII_FORMAT", 13, 185}, ++ #endif ++ #ifdef ASN1_R_INTEGER_TOO_LARGE_FOR_LONG ++ {"INTEGER_TOO_LARGE_FOR_LONG", ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG}, ++ #else ++ {"INTEGER_TOO_LARGE_FOR_LONG", 13, 128}, ++ #endif ++ #ifdef ASN1_R_INVALID_BIT_STRING_BITS_LEFT ++ {"INVALID_BIT_STRING_BITS_LEFT", ERR_LIB_ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT}, ++ #else ++ {"INVALID_BIT_STRING_BITS_LEFT", 13, 220}, ++ #endif ++ #ifdef ASN1_R_INVALID_BMPSTRING_LENGTH ++ {"INVALID_BMPSTRING_LENGTH", ERR_LIB_ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH}, ++ #else ++ {"INVALID_BMPSTRING_LENGTH", 13, 129}, ++ #endif ++ #ifdef ASN1_R_INVALID_DIGIT ++ {"INVALID_DIGIT", ERR_LIB_ASN1, ASN1_R_INVALID_DIGIT}, ++ #else ++ {"INVALID_DIGIT", 13, 130}, ++ #endif ++ #ifdef ASN1_R_INVALID_MIME_TYPE ++ {"INVALID_MIME_TYPE", ERR_LIB_ASN1, ASN1_R_INVALID_MIME_TYPE}, ++ #else ++ {"INVALID_MIME_TYPE", 13, 205}, ++ #endif ++ #ifdef ASN1_R_INVALID_MODIFIER ++ {"INVALID_MODIFIER", ERR_LIB_ASN1, ASN1_R_INVALID_MODIFIER}, ++ #else ++ {"INVALID_MODIFIER", 13, 186}, ++ #endif ++ #ifdef ASN1_R_INVALID_NUMBER ++ {"INVALID_NUMBER", ERR_LIB_ASN1, ASN1_R_INVALID_NUMBER}, ++ #else ++ {"INVALID_NUMBER", 13, 187}, ++ #endif ++ #ifdef ASN1_R_INVALID_OBJECT_ENCODING ++ {"INVALID_OBJECT_ENCODING", ERR_LIB_ASN1, ASN1_R_INVALID_OBJECT_ENCODING}, ++ #else ++ {"INVALID_OBJECT_ENCODING", 13, 216}, ++ #endif ++ #ifdef ASN1_R_INVALID_SCRYPT_PARAMETERS ++ {"INVALID_SCRYPT_PARAMETERS", ERR_LIB_ASN1, ASN1_R_INVALID_SCRYPT_PARAMETERS}, ++ #else ++ {"INVALID_SCRYPT_PARAMETERS", 13, 227}, ++ #endif ++ #ifdef ASN1_R_INVALID_SEPARATOR ++ {"INVALID_SEPARATOR", ERR_LIB_ASN1, ASN1_R_INVALID_SEPARATOR}, ++ #else ++ {"INVALID_SEPARATOR", 13, 131}, ++ #endif ++ #ifdef ASN1_R_INVALID_STRING_TABLE_VALUE ++ {"INVALID_STRING_TABLE_VALUE", ERR_LIB_ASN1, ASN1_R_INVALID_STRING_TABLE_VALUE}, ++ #else ++ {"INVALID_STRING_TABLE_VALUE", 13, 218}, ++ #endif ++ #ifdef ASN1_R_INVALID_UNIVERSALSTRING_LENGTH ++ {"INVALID_UNIVERSALSTRING_LENGTH", ERR_LIB_ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH}, ++ #else ++ {"INVALID_UNIVERSALSTRING_LENGTH", 13, 133}, ++ #endif ++ #ifdef ASN1_R_INVALID_UTF8STRING ++ {"INVALID_UTF8STRING", ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING}, ++ #else ++ {"INVALID_UTF8STRING", 13, 134}, ++ #endif ++ #ifdef ASN1_R_INVALID_VALUE ++ {"INVALID_VALUE", ERR_LIB_ASN1, ASN1_R_INVALID_VALUE}, ++ #else ++ {"INVALID_VALUE", 13, 219}, ++ #endif ++ #ifdef ASN1_R_LIST_ERROR ++ {"LIST_ERROR", ERR_LIB_ASN1, ASN1_R_LIST_ERROR}, ++ #else ++ {"LIST_ERROR", 13, 188}, ++ #endif ++ #ifdef ASN1_R_MIME_NO_CONTENT_TYPE ++ {"MIME_NO_CONTENT_TYPE", ERR_LIB_ASN1, ASN1_R_MIME_NO_CONTENT_TYPE}, ++ #else ++ {"MIME_NO_CONTENT_TYPE", 13, 206}, ++ #endif ++ #ifdef ASN1_R_MIME_PARSE_ERROR ++ {"MIME_PARSE_ERROR", ERR_LIB_ASN1, ASN1_R_MIME_PARSE_ERROR}, ++ #else ++ {"MIME_PARSE_ERROR", 13, 207}, ++ #endif ++ #ifdef ASN1_R_MIME_SIG_PARSE_ERROR ++ {"MIME_SIG_PARSE_ERROR", ERR_LIB_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR}, ++ #else ++ {"MIME_SIG_PARSE_ERROR", 13, 208}, ++ #endif ++ #ifdef ASN1_R_MISSING_EOC ++ {"MISSING_EOC", ERR_LIB_ASN1, ASN1_R_MISSING_EOC}, ++ #else ++ {"MISSING_EOC", 13, 137}, ++ #endif ++ #ifdef ASN1_R_MISSING_SECOND_NUMBER ++ {"MISSING_SECOND_NUMBER", ERR_LIB_ASN1, ASN1_R_MISSING_SECOND_NUMBER}, ++ #else ++ {"MISSING_SECOND_NUMBER", 13, 138}, ++ #endif ++ #ifdef ASN1_R_MISSING_VALUE ++ {"MISSING_VALUE", ERR_LIB_ASN1, ASN1_R_MISSING_VALUE}, ++ #else ++ {"MISSING_VALUE", 13, 189}, ++ #endif ++ #ifdef ASN1_R_MSTRING_NOT_UNIVERSAL ++ {"MSTRING_NOT_UNIVERSAL", ERR_LIB_ASN1, ASN1_R_MSTRING_NOT_UNIVERSAL}, ++ #else ++ {"MSTRING_NOT_UNIVERSAL", 13, 139}, ++ #endif ++ #ifdef ASN1_R_MSTRING_WRONG_TAG ++ {"MSTRING_WRONG_TAG", ERR_LIB_ASN1, ASN1_R_MSTRING_WRONG_TAG}, ++ #else ++ {"MSTRING_WRONG_TAG", 13, 140}, ++ #endif ++ #ifdef ASN1_R_NESTED_ASN1_STRING ++ {"NESTED_ASN1_STRING", ERR_LIB_ASN1, ASN1_R_NESTED_ASN1_STRING}, ++ #else ++ {"NESTED_ASN1_STRING", 13, 197}, ++ #endif ++ #ifdef ASN1_R_NESTED_TOO_DEEP ++ {"NESTED_TOO_DEEP", ERR_LIB_ASN1, ASN1_R_NESTED_TOO_DEEP}, ++ #else ++ {"NESTED_TOO_DEEP", 13, 201}, ++ #endif ++ #ifdef ASN1_R_NON_HEX_CHARACTERS ++ {"NON_HEX_CHARACTERS", ERR_LIB_ASN1, ASN1_R_NON_HEX_CHARACTERS}, ++ #else ++ {"NON_HEX_CHARACTERS", 13, 141}, ++ #endif ++ #ifdef ASN1_R_NOT_ASCII_FORMAT ++ {"NOT_ASCII_FORMAT", ERR_LIB_ASN1, ASN1_R_NOT_ASCII_FORMAT}, ++ #else ++ {"NOT_ASCII_FORMAT", 13, 190}, ++ #endif ++ #ifdef ASN1_R_NOT_ENOUGH_DATA ++ {"NOT_ENOUGH_DATA", ERR_LIB_ASN1, ASN1_R_NOT_ENOUGH_DATA}, ++ #else ++ {"NOT_ENOUGH_DATA", 13, 142}, ++ #endif ++ #ifdef ASN1_R_NO_CONTENT_TYPE ++ {"NO_CONTENT_TYPE", ERR_LIB_ASN1, ASN1_R_NO_CONTENT_TYPE}, ++ #else ++ {"NO_CONTENT_TYPE", 13, 209}, ++ #endif ++ #ifdef ASN1_R_NO_MATCHING_CHOICE_TYPE ++ {"NO_MATCHING_CHOICE_TYPE", ERR_LIB_ASN1, ASN1_R_NO_MATCHING_CHOICE_TYPE}, ++ #else ++ {"NO_MATCHING_CHOICE_TYPE", 13, 143}, ++ #endif ++ #ifdef ASN1_R_NO_MULTIPART_BODY_FAILURE ++ {"NO_MULTIPART_BODY_FAILURE", ERR_LIB_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE}, ++ #else ++ {"NO_MULTIPART_BODY_FAILURE", 13, 210}, ++ #endif ++ #ifdef ASN1_R_NO_MULTIPART_BOUNDARY ++ {"NO_MULTIPART_BOUNDARY", ERR_LIB_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY}, ++ #else ++ {"NO_MULTIPART_BOUNDARY", 13, 211}, ++ #endif ++ #ifdef ASN1_R_NO_SIG_CONTENT_TYPE ++ {"NO_SIG_CONTENT_TYPE", ERR_LIB_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE}, ++ #else ++ {"NO_SIG_CONTENT_TYPE", 13, 212}, ++ #endif ++ #ifdef ASN1_R_NULL_IS_WRONG_LENGTH ++ {"NULL_IS_WRONG_LENGTH", ERR_LIB_ASN1, ASN1_R_NULL_IS_WRONG_LENGTH}, ++ #else ++ {"NULL_IS_WRONG_LENGTH", 13, 144}, ++ #endif ++ #ifdef ASN1_R_OBJECT_NOT_ASCII_FORMAT ++ {"OBJECT_NOT_ASCII_FORMAT", ERR_LIB_ASN1, ASN1_R_OBJECT_NOT_ASCII_FORMAT}, ++ #else ++ {"OBJECT_NOT_ASCII_FORMAT", 13, 191}, ++ #endif ++ #ifdef ASN1_R_ODD_NUMBER_OF_CHARS ++ {"ODD_NUMBER_OF_CHARS", ERR_LIB_ASN1, ASN1_R_ODD_NUMBER_OF_CHARS}, ++ #else ++ {"ODD_NUMBER_OF_CHARS", 13, 145}, ++ #endif ++ #ifdef ASN1_R_SECOND_NUMBER_TOO_LARGE ++ {"SECOND_NUMBER_TOO_LARGE", ERR_LIB_ASN1, ASN1_R_SECOND_NUMBER_TOO_LARGE}, ++ #else ++ {"SECOND_NUMBER_TOO_LARGE", 13, 147}, ++ #endif ++ #ifdef ASN1_R_SEQUENCE_LENGTH_MISMATCH ++ {"SEQUENCE_LENGTH_MISMATCH", ERR_LIB_ASN1, ASN1_R_SEQUENCE_LENGTH_MISMATCH}, ++ #else ++ {"SEQUENCE_LENGTH_MISMATCH", 13, 148}, ++ #endif ++ #ifdef ASN1_R_SEQUENCE_NOT_CONSTRUCTED ++ {"SEQUENCE_NOT_CONSTRUCTED", ERR_LIB_ASN1, ASN1_R_SEQUENCE_NOT_CONSTRUCTED}, ++ #else ++ {"SEQUENCE_NOT_CONSTRUCTED", 13, 149}, ++ #endif ++ #ifdef ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG ++ {"SEQUENCE_OR_SET_NEEDS_CONFIG", ERR_LIB_ASN1, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG}, ++ #else ++ {"SEQUENCE_OR_SET_NEEDS_CONFIG", 13, 192}, ++ #endif ++ #ifdef ASN1_R_SHORT_LINE ++ {"SHORT_LINE", ERR_LIB_ASN1, ASN1_R_SHORT_LINE}, ++ #else ++ {"SHORT_LINE", 13, 150}, ++ #endif ++ #ifdef ASN1_R_SIG_INVALID_MIME_TYPE ++ {"SIG_INVALID_MIME_TYPE", ERR_LIB_ASN1, ASN1_R_SIG_INVALID_MIME_TYPE}, ++ #else ++ {"SIG_INVALID_MIME_TYPE", 13, 213}, ++ #endif ++ #ifdef ASN1_R_STREAMING_NOT_SUPPORTED ++ {"STREAMING_NOT_SUPPORTED", ERR_LIB_ASN1, ASN1_R_STREAMING_NOT_SUPPORTED}, ++ #else ++ {"STREAMING_NOT_SUPPORTED", 13, 202}, ++ #endif ++ #ifdef ASN1_R_STRING_TOO_LONG ++ {"STRING_TOO_LONG", ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG}, ++ #else ++ {"STRING_TOO_LONG", 13, 151}, ++ #endif ++ #ifdef ASN1_R_STRING_TOO_SHORT ++ {"STRING_TOO_SHORT", ERR_LIB_ASN1, ASN1_R_STRING_TOO_SHORT}, ++ #else ++ {"STRING_TOO_SHORT", 13, 152}, ++ #endif ++ #ifdef ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD ++ {"THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", ERR_LIB_ASN1, ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD}, ++ #else ++ {"THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", 13, 154}, ++ #endif ++ #ifdef ASN1_R_TIME_NOT_ASCII_FORMAT ++ {"TIME_NOT_ASCII_FORMAT", ERR_LIB_ASN1, ASN1_R_TIME_NOT_ASCII_FORMAT}, ++ #else ++ {"TIME_NOT_ASCII_FORMAT", 13, 193}, ++ #endif ++ #ifdef ASN1_R_TOO_LARGE ++ {"TOO_LARGE", ERR_LIB_ASN1, ASN1_R_TOO_LARGE}, ++ #else ++ {"TOO_LARGE", 13, 223}, ++ #endif ++ #ifdef ASN1_R_TOO_LONG ++ {"TOO_LONG", ERR_LIB_ASN1, ASN1_R_TOO_LONG}, ++ #else ++ {"TOO_LONG", 13, 155}, ++ #endif ++ #ifdef ASN1_R_TOO_SMALL ++ {"TOO_SMALL", ERR_LIB_ASN1, ASN1_R_TOO_SMALL}, ++ #else ++ {"TOO_SMALL", 13, 224}, ++ #endif ++ #ifdef ASN1_R_TYPE_NOT_CONSTRUCTED ++ {"TYPE_NOT_CONSTRUCTED", ERR_LIB_ASN1, ASN1_R_TYPE_NOT_CONSTRUCTED}, ++ #else ++ {"TYPE_NOT_CONSTRUCTED", 13, 156}, ++ #endif ++ #ifdef ASN1_R_TYPE_NOT_PRIMITIVE ++ {"TYPE_NOT_PRIMITIVE", ERR_LIB_ASN1, ASN1_R_TYPE_NOT_PRIMITIVE}, ++ #else ++ {"TYPE_NOT_PRIMITIVE", 13, 195}, ++ #endif ++ #ifdef ASN1_R_UNEXPECTED_EOC ++ {"UNEXPECTED_EOC", ERR_LIB_ASN1, ASN1_R_UNEXPECTED_EOC}, ++ #else ++ {"UNEXPECTED_EOC", 13, 159}, ++ #endif ++ #ifdef ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH ++ {"UNIVERSALSTRING_IS_WRONG_LENGTH", ERR_LIB_ASN1, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH}, ++ #else ++ {"UNIVERSALSTRING_IS_WRONG_LENGTH", 13, 215}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_FORMAT ++ {"UNKNOWN_FORMAT", ERR_LIB_ASN1, ASN1_R_UNKNOWN_FORMAT}, ++ #else ++ {"UNKNOWN_FORMAT", 13, 160}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ++ {"UNKNOWN_MESSAGE_DIGEST_ALGORITHM", ERR_LIB_ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM}, ++ #else ++ {"UNKNOWN_MESSAGE_DIGEST_ALGORITHM", 13, 161}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_OBJECT_TYPE ++ {"UNKNOWN_OBJECT_TYPE", ERR_LIB_ASN1, ASN1_R_UNKNOWN_OBJECT_TYPE}, ++ #else ++ {"UNKNOWN_OBJECT_TYPE", 13, 162}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ++ {"UNKNOWN_PUBLIC_KEY_TYPE", ERR_LIB_ASN1, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE}, ++ #else ++ {"UNKNOWN_PUBLIC_KEY_TYPE", 13, 163}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM ++ {"UNKNOWN_SIGNATURE_ALGORITHM", ERR_LIB_ASN1, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM}, ++ #else ++ {"UNKNOWN_SIGNATURE_ALGORITHM", 13, 199}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_TAG ++ {"UNKNOWN_TAG", ERR_LIB_ASN1, ASN1_R_UNKNOWN_TAG}, ++ #else ++ {"UNKNOWN_TAG", 13, 194}, ++ #endif ++ #ifdef ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE ++ {"UNSUPPORTED_ANY_DEFINED_BY_TYPE", ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE}, ++ #else ++ {"UNSUPPORTED_ANY_DEFINED_BY_TYPE", 13, 164}, ++ #endif ++ #ifdef ASN1_R_UNSUPPORTED_CIPHER ++ {"UNSUPPORTED_CIPHER", ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_CIPHER}, ++ #else ++ {"UNSUPPORTED_CIPHER", 13, 228}, ++ #endif ++ #ifdef ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ++ {"UNSUPPORTED_PUBLIC_KEY_TYPE", ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE}, ++ #else ++ {"UNSUPPORTED_PUBLIC_KEY_TYPE", 13, 167}, ++ #endif ++ #ifdef ASN1_R_UNSUPPORTED_TYPE ++ {"UNSUPPORTED_TYPE", ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_TYPE}, ++ #else ++ {"UNSUPPORTED_TYPE", 13, 196}, ++ #endif ++ #ifdef ASN1_R_WRONG_INTEGER_TYPE ++ {"WRONG_INTEGER_TYPE", ERR_LIB_ASN1, ASN1_R_WRONG_INTEGER_TYPE}, ++ #else ++ {"WRONG_INTEGER_TYPE", 13, 225}, ++ #endif ++ #ifdef ASN1_R_WRONG_PUBLIC_KEY_TYPE ++ {"WRONG_PUBLIC_KEY_TYPE", ERR_LIB_ASN1, ASN1_R_WRONG_PUBLIC_KEY_TYPE}, ++ #else ++ {"WRONG_PUBLIC_KEY_TYPE", 13, 200}, ++ #endif ++ #ifdef ASN1_R_WRONG_TAG ++ {"WRONG_TAG", ERR_LIB_ASN1, ASN1_R_WRONG_TAG}, ++ #else ++ {"WRONG_TAG", 13, 168}, ++ #endif ++ #ifdef ASYNC_R_FAILED_TO_SET_POOL ++ {"FAILED_TO_SET_POOL", ERR_LIB_ASYNC, ASYNC_R_FAILED_TO_SET_POOL}, ++ #else ++ {"FAILED_TO_SET_POOL", 51, 101}, ++ #endif ++ #ifdef ASYNC_R_FAILED_TO_SWAP_CONTEXT ++ {"FAILED_TO_SWAP_CONTEXT", ERR_LIB_ASYNC, ASYNC_R_FAILED_TO_SWAP_CONTEXT}, ++ #else ++ {"FAILED_TO_SWAP_CONTEXT", 51, 102}, ++ #endif ++ #ifdef ASYNC_R_INIT_FAILED ++ {"INIT_FAILED", ERR_LIB_ASYNC, ASYNC_R_INIT_FAILED}, ++ #else ++ {"INIT_FAILED", 51, 105}, ++ #endif ++ #ifdef ASYNC_R_INVALID_POOL_SIZE ++ {"INVALID_POOL_SIZE", ERR_LIB_ASYNC, ASYNC_R_INVALID_POOL_SIZE}, ++ #else ++ {"INVALID_POOL_SIZE", 51, 103}, ++ #endif ++ #ifdef BIO_R_ACCEPT_ERROR ++ {"ACCEPT_ERROR", ERR_LIB_BIO, BIO_R_ACCEPT_ERROR}, ++ #else ++ {"ACCEPT_ERROR", 32, 100}, ++ #endif ++ #ifdef BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET ++ {"ADDRINFO_ADDR_IS_NOT_AF_INET", ERR_LIB_BIO, BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET}, ++ #else ++ {"ADDRINFO_ADDR_IS_NOT_AF_INET", 32, 141}, ++ #endif ++ #ifdef BIO_R_AMBIGUOUS_HOST_OR_SERVICE ++ {"AMBIGUOUS_HOST_OR_SERVICE", ERR_LIB_BIO, BIO_R_AMBIGUOUS_HOST_OR_SERVICE}, ++ #else ++ {"AMBIGUOUS_HOST_OR_SERVICE", 32, 129}, ++ #endif ++ #ifdef BIO_R_BAD_FOPEN_MODE ++ {"BAD_FOPEN_MODE", ERR_LIB_BIO, BIO_R_BAD_FOPEN_MODE}, ++ #else ++ {"BAD_FOPEN_MODE", 32, 101}, ++ #endif ++ #ifdef BIO_R_BROKEN_PIPE ++ {"BROKEN_PIPE", ERR_LIB_BIO, BIO_R_BROKEN_PIPE}, ++ #else ++ {"BROKEN_PIPE", 32, 124}, ++ #endif ++ #ifdef BIO_R_CONNECT_ERROR ++ {"CONNECT_ERROR", ERR_LIB_BIO, BIO_R_CONNECT_ERROR}, ++ #else ++ {"CONNECT_ERROR", 32, 103}, ++ #endif ++ #ifdef BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ++ {"GETHOSTBYNAME_ADDR_IS_NOT_AF_INET", ERR_LIB_BIO, BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET}, ++ #else ++ {"GETHOSTBYNAME_ADDR_IS_NOT_AF_INET", 32, 107}, ++ #endif ++ #ifdef BIO_R_GETSOCKNAME_ERROR ++ {"GETSOCKNAME_ERROR", ERR_LIB_BIO, BIO_R_GETSOCKNAME_ERROR}, ++ #else ++ {"GETSOCKNAME_ERROR", 32, 132}, ++ #endif ++ #ifdef BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS ++ {"GETSOCKNAME_TRUNCATED_ADDRESS", ERR_LIB_BIO, BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS}, ++ #else ++ {"GETSOCKNAME_TRUNCATED_ADDRESS", 32, 133}, ++ #endif ++ #ifdef BIO_R_GETTING_SOCKTYPE ++ {"GETTING_SOCKTYPE", ERR_LIB_BIO, BIO_R_GETTING_SOCKTYPE}, ++ #else ++ {"GETTING_SOCKTYPE", 32, 134}, ++ #endif ++ #ifdef BIO_R_INVALID_ARGUMENT ++ {"INVALID_ARGUMENT", ERR_LIB_BIO, BIO_R_INVALID_ARGUMENT}, ++ #else ++ {"INVALID_ARGUMENT", 32, 125}, ++ #endif ++ #ifdef BIO_R_INVALID_SOCKET ++ {"INVALID_SOCKET", ERR_LIB_BIO, BIO_R_INVALID_SOCKET}, ++ #else ++ {"INVALID_SOCKET", 32, 135}, ++ #endif ++ #ifdef BIO_R_IN_USE ++ {"IN_USE", ERR_LIB_BIO, BIO_R_IN_USE}, ++ #else ++ {"IN_USE", 32, 123}, ++ #endif ++ #ifdef BIO_R_LENGTH_TOO_LONG ++ {"LENGTH_TOO_LONG", ERR_LIB_BIO, BIO_R_LENGTH_TOO_LONG}, ++ #else ++ {"LENGTH_TOO_LONG", 32, 102}, ++ #endif ++ #ifdef BIO_R_LISTEN_V6_ONLY ++ {"LISTEN_V6_ONLY", ERR_LIB_BIO, BIO_R_LISTEN_V6_ONLY}, ++ #else ++ {"LISTEN_V6_ONLY", 32, 136}, ++ #endif ++ #ifdef BIO_R_LOOKUP_RETURNED_NOTHING ++ {"LOOKUP_RETURNED_NOTHING", ERR_LIB_BIO, BIO_R_LOOKUP_RETURNED_NOTHING}, ++ #else ++ {"LOOKUP_RETURNED_NOTHING", 32, 142}, ++ #endif ++ #ifdef BIO_R_MALFORMED_HOST_OR_SERVICE ++ {"MALFORMED_HOST_OR_SERVICE", ERR_LIB_BIO, BIO_R_MALFORMED_HOST_OR_SERVICE}, ++ #else ++ {"MALFORMED_HOST_OR_SERVICE", 32, 130}, ++ #endif ++ #ifdef BIO_R_NBIO_CONNECT_ERROR ++ {"NBIO_CONNECT_ERROR", ERR_LIB_BIO, BIO_R_NBIO_CONNECT_ERROR}, ++ #else ++ {"NBIO_CONNECT_ERROR", 32, 110}, ++ #endif ++ #ifdef BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED ++ {"NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED", ERR_LIB_BIO, BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED}, ++ #else ++ {"NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED", 32, 143}, ++ #endif ++ #ifdef BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED ++ {"NO_HOSTNAME_OR_SERVICE_SPECIFIED", ERR_LIB_BIO, BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED}, ++ #else ++ {"NO_HOSTNAME_OR_SERVICE_SPECIFIED", 32, 144}, ++ #endif ++ #ifdef BIO_R_NO_PORT_DEFINED ++ {"NO_PORT_DEFINED", ERR_LIB_BIO, BIO_R_NO_PORT_DEFINED}, ++ #else ++ {"NO_PORT_DEFINED", 32, 113}, ++ #endif ++ #ifdef BIO_R_NO_SUCH_FILE ++ {"NO_SUCH_FILE", ERR_LIB_BIO, BIO_R_NO_SUCH_FILE}, ++ #else ++ {"NO_SUCH_FILE", 32, 128}, ++ #endif ++ #ifdef BIO_R_NULL_PARAMETER ++ {"NULL_PARAMETER", ERR_LIB_BIO, BIO_R_NULL_PARAMETER}, ++ #else ++ {"NULL_PARAMETER", 32, 115}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_BIND_SOCKET ++ {"UNABLE_TO_BIND_SOCKET", ERR_LIB_BIO, BIO_R_UNABLE_TO_BIND_SOCKET}, ++ #else ++ {"UNABLE_TO_BIND_SOCKET", 32, 117}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_CREATE_SOCKET ++ {"UNABLE_TO_CREATE_SOCKET", ERR_LIB_BIO, BIO_R_UNABLE_TO_CREATE_SOCKET}, ++ #else ++ {"UNABLE_TO_CREATE_SOCKET", 32, 118}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_KEEPALIVE ++ {"UNABLE_TO_KEEPALIVE", ERR_LIB_BIO, BIO_R_UNABLE_TO_KEEPALIVE}, ++ #else ++ {"UNABLE_TO_KEEPALIVE", 32, 137}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_LISTEN_SOCKET ++ {"UNABLE_TO_LISTEN_SOCKET", ERR_LIB_BIO, BIO_R_UNABLE_TO_LISTEN_SOCKET}, ++ #else ++ {"UNABLE_TO_LISTEN_SOCKET", 32, 119}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_NODELAY ++ {"UNABLE_TO_NODELAY", ERR_LIB_BIO, BIO_R_UNABLE_TO_NODELAY}, ++ #else ++ {"UNABLE_TO_NODELAY", 32, 138}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_REUSEADDR ++ {"UNABLE_TO_REUSEADDR", ERR_LIB_BIO, BIO_R_UNABLE_TO_REUSEADDR}, ++ #else ++ {"UNABLE_TO_REUSEADDR", 32, 139}, ++ #endif ++ #ifdef BIO_R_UNAVAILABLE_IP_FAMILY ++ {"UNAVAILABLE_IP_FAMILY", ERR_LIB_BIO, BIO_R_UNAVAILABLE_IP_FAMILY}, ++ #else ++ {"UNAVAILABLE_IP_FAMILY", 32, 145}, ++ #endif ++ #ifdef BIO_R_UNINITIALIZED ++ {"UNINITIALIZED", ERR_LIB_BIO, BIO_R_UNINITIALIZED}, ++ #else ++ {"UNINITIALIZED", 32, 120}, ++ #endif ++ #ifdef BIO_R_UNKNOWN_INFO_TYPE ++ {"UNKNOWN_INFO_TYPE", ERR_LIB_BIO, BIO_R_UNKNOWN_INFO_TYPE}, ++ #else ++ {"UNKNOWN_INFO_TYPE", 32, 140}, ++ #endif ++ #ifdef BIO_R_UNSUPPORTED_IP_FAMILY ++ {"UNSUPPORTED_IP_FAMILY", ERR_LIB_BIO, BIO_R_UNSUPPORTED_IP_FAMILY}, ++ #else ++ {"UNSUPPORTED_IP_FAMILY", 32, 146}, ++ #endif ++ #ifdef BIO_R_UNSUPPORTED_METHOD ++ {"UNSUPPORTED_METHOD", ERR_LIB_BIO, BIO_R_UNSUPPORTED_METHOD}, ++ #else ++ {"UNSUPPORTED_METHOD", 32, 121}, ++ #endif ++ #ifdef BIO_R_UNSUPPORTED_PROTOCOL_FAMILY ++ {"UNSUPPORTED_PROTOCOL_FAMILY", ERR_LIB_BIO, BIO_R_UNSUPPORTED_PROTOCOL_FAMILY}, ++ #else ++ {"UNSUPPORTED_PROTOCOL_FAMILY", 32, 131}, ++ #endif ++ #ifdef BIO_R_WRITE_TO_READ_ONLY_BIO ++ {"WRITE_TO_READ_ONLY_BIO", ERR_LIB_BIO, BIO_R_WRITE_TO_READ_ONLY_BIO}, ++ #else ++ {"WRITE_TO_READ_ONLY_BIO", 32, 126}, ++ #endif ++ #ifdef BIO_R_WSASTARTUP ++ {"WSASTARTUP", ERR_LIB_BIO, BIO_R_WSASTARTUP}, ++ #else ++ {"WSASTARTUP", 32, 122}, ++ #endif ++ #ifdef BN_R_ARG2_LT_ARG3 ++ {"ARG2_LT_ARG3", ERR_LIB_BN, BN_R_ARG2_LT_ARG3}, ++ #else ++ {"ARG2_LT_ARG3", 3, 100}, ++ #endif ++ #ifdef BN_R_BAD_RECIPROCAL ++ {"BAD_RECIPROCAL", ERR_LIB_BN, BN_R_BAD_RECIPROCAL}, ++ #else ++ {"BAD_RECIPROCAL", 3, 101}, ++ #endif ++ #ifdef BN_R_BIGNUM_TOO_LONG ++ {"BIGNUM_TOO_LONG", ERR_LIB_BN, BN_R_BIGNUM_TOO_LONG}, ++ #else ++ {"BIGNUM_TOO_LONG", 3, 114}, ++ #endif ++ #ifdef BN_R_BITS_TOO_SMALL ++ {"BITS_TOO_SMALL", ERR_LIB_BN, BN_R_BITS_TOO_SMALL}, ++ #else ++ {"BITS_TOO_SMALL", 3, 118}, ++ #endif ++ #ifdef BN_R_CALLED_WITH_EVEN_MODULUS ++ {"CALLED_WITH_EVEN_MODULUS", ERR_LIB_BN, BN_R_CALLED_WITH_EVEN_MODULUS}, ++ #else ++ {"CALLED_WITH_EVEN_MODULUS", 3, 102}, ++ #endif ++ #ifdef BN_R_DIV_BY_ZERO ++ {"DIV_BY_ZERO", ERR_LIB_BN, BN_R_DIV_BY_ZERO}, ++ #else ++ {"DIV_BY_ZERO", 3, 103}, ++ #endif ++ #ifdef BN_R_ENCODING_ERROR ++ {"ENCODING_ERROR", ERR_LIB_BN, BN_R_ENCODING_ERROR}, ++ #else ++ {"ENCODING_ERROR", 3, 104}, ++ #endif ++ #ifdef BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ++ {"EXPAND_ON_STATIC_BIGNUM_DATA", ERR_LIB_BN, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA}, ++ #else ++ {"EXPAND_ON_STATIC_BIGNUM_DATA", 3, 105}, ++ #endif ++ #ifdef BN_R_INPUT_NOT_REDUCED ++ {"INPUT_NOT_REDUCED", ERR_LIB_BN, BN_R_INPUT_NOT_REDUCED}, ++ #else ++ {"INPUT_NOT_REDUCED", 3, 110}, ++ #endif ++ #ifdef BN_R_INVALID_LENGTH ++ {"INVALID_LENGTH", ERR_LIB_BN, BN_R_INVALID_LENGTH}, ++ #else ++ {"INVALID_LENGTH", 3, 106}, ++ #endif ++ #ifdef BN_R_INVALID_RANGE ++ {"INVALID_RANGE", ERR_LIB_BN, BN_R_INVALID_RANGE}, ++ #else ++ {"INVALID_RANGE", 3, 115}, ++ #endif ++ #ifdef BN_R_INVALID_SHIFT ++ {"INVALID_SHIFT", ERR_LIB_BN, BN_R_INVALID_SHIFT}, ++ #else ++ {"INVALID_SHIFT", 3, 119}, ++ #endif ++ #ifdef BN_R_NOT_A_SQUARE ++ {"NOT_A_SQUARE", ERR_LIB_BN, BN_R_NOT_A_SQUARE}, ++ #else ++ {"NOT_A_SQUARE", 3, 111}, ++ #endif ++ #ifdef BN_R_NOT_INITIALIZED ++ {"NOT_INITIALIZED", ERR_LIB_BN, BN_R_NOT_INITIALIZED}, ++ #else ++ {"NOT_INITIALIZED", 3, 107}, ++ #endif ++ #ifdef BN_R_NO_INVERSE ++ {"NO_INVERSE", ERR_LIB_BN, BN_R_NO_INVERSE}, ++ #else ++ {"NO_INVERSE", 3, 108}, ++ #endif ++ #ifdef BN_R_NO_SOLUTION ++ {"NO_SOLUTION", ERR_LIB_BN, BN_R_NO_SOLUTION}, ++ #else ++ {"NO_SOLUTION", 3, 116}, ++ #endif ++ #ifdef BN_R_PRIVATE_KEY_TOO_LARGE ++ {"PRIVATE_KEY_TOO_LARGE", ERR_LIB_BN, BN_R_PRIVATE_KEY_TOO_LARGE}, ++ #else ++ {"PRIVATE_KEY_TOO_LARGE", 3, 117}, ++ #endif ++ #ifdef BN_R_P_IS_NOT_PRIME ++ {"P_IS_NOT_PRIME", ERR_LIB_BN, BN_R_P_IS_NOT_PRIME}, ++ #else ++ {"P_IS_NOT_PRIME", 3, 112}, ++ #endif ++ #ifdef BN_R_TOO_MANY_ITERATIONS ++ {"TOO_MANY_ITERATIONS", ERR_LIB_BN, BN_R_TOO_MANY_ITERATIONS}, ++ #else ++ {"TOO_MANY_ITERATIONS", 3, 113}, ++ #endif ++ #ifdef BN_R_TOO_MANY_TEMPORARY_VARIABLES ++ {"TOO_MANY_TEMPORARY_VARIABLES", ERR_LIB_BN, BN_R_TOO_MANY_TEMPORARY_VARIABLES}, ++ #else ++ {"TOO_MANY_TEMPORARY_VARIABLES", 3, 109}, ++ #endif ++ #ifdef CMS_R_ADD_SIGNER_ERROR ++ {"ADD_SIGNER_ERROR", ERR_LIB_CMS, CMS_R_ADD_SIGNER_ERROR}, ++ #else ++ {"ADD_SIGNER_ERROR", 46, 99}, ++ #endif ++ #ifdef CMS_R_ATTRIBUTE_ERROR ++ {"ATTRIBUTE_ERROR", ERR_LIB_CMS, CMS_R_ATTRIBUTE_ERROR}, ++ #else ++ {"ATTRIBUTE_ERROR", 46, 161}, ++ #endif ++ #ifdef CMS_R_CERTIFICATE_ALREADY_PRESENT ++ {"CERTIFICATE_ALREADY_PRESENT", ERR_LIB_CMS, CMS_R_CERTIFICATE_ALREADY_PRESENT}, ++ #else ++ {"CERTIFICATE_ALREADY_PRESENT", 46, 175}, ++ #endif ++ #ifdef CMS_R_CERTIFICATE_HAS_NO_KEYID ++ {"CERTIFICATE_HAS_NO_KEYID", ERR_LIB_CMS, CMS_R_CERTIFICATE_HAS_NO_KEYID}, ++ #else ++ {"CERTIFICATE_HAS_NO_KEYID", 46, 160}, ++ #endif ++ #ifdef CMS_R_CERTIFICATE_VERIFY_ERROR ++ {"CERTIFICATE_VERIFY_ERROR", ERR_LIB_CMS, CMS_R_CERTIFICATE_VERIFY_ERROR}, ++ #else ++ {"CERTIFICATE_VERIFY_ERROR", 46, 100}, ++ #endif ++ #ifdef CMS_R_CIPHER_INITIALISATION_ERROR ++ {"CIPHER_INITIALISATION_ERROR", ERR_LIB_CMS, CMS_R_CIPHER_INITIALISATION_ERROR}, ++ #else ++ {"CIPHER_INITIALISATION_ERROR", 46, 101}, ++ #endif ++ #ifdef CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR ++ {"CIPHER_PARAMETER_INITIALISATION_ERROR", ERR_LIB_CMS, CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR}, ++ #else ++ {"CIPHER_PARAMETER_INITIALISATION_ERROR", 46, 102}, ++ #endif ++ #ifdef CMS_R_CMS_DATAFINAL_ERROR ++ {"CMS_DATAFINAL_ERROR", ERR_LIB_CMS, CMS_R_CMS_DATAFINAL_ERROR}, ++ #else ++ {"CMS_DATAFINAL_ERROR", 46, 103}, ++ #endif ++ #ifdef CMS_R_CMS_LIB ++ {"CMS_LIB", ERR_LIB_CMS, CMS_R_CMS_LIB}, ++ #else ++ {"CMS_LIB", 46, 104}, ++ #endif ++ #ifdef CMS_R_CONTENTIDENTIFIER_MISMATCH ++ {"CONTENTIDENTIFIER_MISMATCH", ERR_LIB_CMS, CMS_R_CONTENTIDENTIFIER_MISMATCH}, ++ #else ++ {"CONTENTIDENTIFIER_MISMATCH", 46, 170}, ++ #endif ++ #ifdef CMS_R_CONTENT_NOT_FOUND ++ {"CONTENT_NOT_FOUND", ERR_LIB_CMS, CMS_R_CONTENT_NOT_FOUND}, ++ #else ++ {"CONTENT_NOT_FOUND", 46, 105}, ++ #endif ++ #ifdef CMS_R_CONTENT_TYPE_MISMATCH ++ {"CONTENT_TYPE_MISMATCH", ERR_LIB_CMS, CMS_R_CONTENT_TYPE_MISMATCH}, ++ #else ++ {"CONTENT_TYPE_MISMATCH", 46, 171}, ++ #endif ++ #ifdef CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA ++ {"CONTENT_TYPE_NOT_COMPRESSED_DATA", ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA}, ++ #else ++ {"CONTENT_TYPE_NOT_COMPRESSED_DATA", 46, 106}, ++ #endif ++ #ifdef CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA ++ {"CONTENT_TYPE_NOT_ENVELOPED_DATA", ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA}, ++ #else ++ {"CONTENT_TYPE_NOT_ENVELOPED_DATA", 46, 107}, ++ #endif ++ #ifdef CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA ++ {"CONTENT_TYPE_NOT_SIGNED_DATA", ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA}, ++ #else ++ {"CONTENT_TYPE_NOT_SIGNED_DATA", 46, 108}, ++ #endif ++ #ifdef CMS_R_CONTENT_VERIFY_ERROR ++ {"CONTENT_VERIFY_ERROR", ERR_LIB_CMS, CMS_R_CONTENT_VERIFY_ERROR}, ++ #else ++ {"CONTENT_VERIFY_ERROR", 46, 109}, ++ #endif ++ #ifdef CMS_R_CTRL_ERROR ++ {"CTRL_ERROR", ERR_LIB_CMS, CMS_R_CTRL_ERROR}, ++ #else ++ {"CTRL_ERROR", 46, 110}, ++ #endif ++ #ifdef CMS_R_CTRL_FAILURE ++ {"CTRL_FAILURE", ERR_LIB_CMS, CMS_R_CTRL_FAILURE}, ++ #else ++ {"CTRL_FAILURE", 46, 111}, ++ #endif ++ #ifdef CMS_R_DECRYPT_ERROR ++ {"DECRYPT_ERROR", ERR_LIB_CMS, CMS_R_DECRYPT_ERROR}, ++ #else ++ {"DECRYPT_ERROR", 46, 112}, ++ #endif ++ #ifdef CMS_R_ERROR_GETTING_PUBLIC_KEY ++ {"ERROR_GETTING_PUBLIC_KEY", ERR_LIB_CMS, CMS_R_ERROR_GETTING_PUBLIC_KEY}, ++ #else ++ {"ERROR_GETTING_PUBLIC_KEY", 46, 113}, ++ #endif ++ #ifdef CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE ++ {"ERROR_READING_MESSAGEDIGEST_ATTRIBUTE", ERR_LIB_CMS, CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE}, ++ #else ++ {"ERROR_READING_MESSAGEDIGEST_ATTRIBUTE", 46, 114}, ++ #endif ++ #ifdef CMS_R_ERROR_SETTING_KEY ++ {"ERROR_SETTING_KEY", ERR_LIB_CMS, CMS_R_ERROR_SETTING_KEY}, ++ #else ++ {"ERROR_SETTING_KEY", 46, 115}, ++ #endif ++ #ifdef CMS_R_ERROR_SETTING_RECIPIENTINFO ++ {"ERROR_SETTING_RECIPIENTINFO", ERR_LIB_CMS, CMS_R_ERROR_SETTING_RECIPIENTINFO}, ++ #else ++ {"ERROR_SETTING_RECIPIENTINFO", 46, 116}, ++ #endif ++ #ifdef CMS_R_INVALID_ENCRYPTED_KEY_LENGTH ++ {"INVALID_ENCRYPTED_KEY_LENGTH", ERR_LIB_CMS, CMS_R_INVALID_ENCRYPTED_KEY_LENGTH}, ++ #else ++ {"INVALID_ENCRYPTED_KEY_LENGTH", 46, 117}, ++ #endif ++ #ifdef CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER ++ {"INVALID_KEY_ENCRYPTION_PARAMETER", ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER}, ++ #else ++ {"INVALID_KEY_ENCRYPTION_PARAMETER", 46, 176}, ++ #endif ++ #ifdef CMS_R_INVALID_KEY_LENGTH ++ {"INVALID_KEY_LENGTH", ERR_LIB_CMS, CMS_R_INVALID_KEY_LENGTH}, ++ #else ++ {"INVALID_KEY_LENGTH", 46, 118}, ++ #endif ++ #ifdef CMS_R_MD_BIO_INIT_ERROR ++ {"MD_BIO_INIT_ERROR", ERR_LIB_CMS, CMS_R_MD_BIO_INIT_ERROR}, ++ #else ++ {"MD_BIO_INIT_ERROR", 46, 119}, ++ #endif ++ #ifdef CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH ++ {"MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH", ERR_LIB_CMS, CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH}, ++ #else ++ {"MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH", 46, 120}, ++ #endif ++ #ifdef CMS_R_MESSAGEDIGEST_WRONG_LENGTH ++ {"MESSAGEDIGEST_WRONG_LENGTH", ERR_LIB_CMS, CMS_R_MESSAGEDIGEST_WRONG_LENGTH}, ++ #else ++ {"MESSAGEDIGEST_WRONG_LENGTH", 46, 121}, ++ #endif ++ #ifdef CMS_R_MSGSIGDIGEST_ERROR ++ {"MSGSIGDIGEST_ERROR", ERR_LIB_CMS, CMS_R_MSGSIGDIGEST_ERROR}, ++ #else ++ {"MSGSIGDIGEST_ERROR", 46, 172}, ++ #endif ++ #ifdef CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE ++ {"MSGSIGDIGEST_VERIFICATION_FAILURE", ERR_LIB_CMS, CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE}, ++ #else ++ {"MSGSIGDIGEST_VERIFICATION_FAILURE", 46, 162}, ++ #endif ++ #ifdef CMS_R_MSGSIGDIGEST_WRONG_LENGTH ++ {"MSGSIGDIGEST_WRONG_LENGTH", ERR_LIB_CMS, CMS_R_MSGSIGDIGEST_WRONG_LENGTH}, ++ #else ++ {"MSGSIGDIGEST_WRONG_LENGTH", 46, 163}, ++ #endif ++ #ifdef CMS_R_NEED_ONE_SIGNER ++ {"NEED_ONE_SIGNER", ERR_LIB_CMS, CMS_R_NEED_ONE_SIGNER}, ++ #else ++ {"NEED_ONE_SIGNER", 46, 164}, ++ #endif ++ #ifdef CMS_R_NOT_A_SIGNED_RECEIPT ++ {"NOT_A_SIGNED_RECEIPT", ERR_LIB_CMS, CMS_R_NOT_A_SIGNED_RECEIPT}, ++ #else ++ {"NOT_A_SIGNED_RECEIPT", 46, 165}, ++ #endif ++ #ifdef CMS_R_NOT_ENCRYPTED_DATA ++ {"NOT_ENCRYPTED_DATA", ERR_LIB_CMS, CMS_R_NOT_ENCRYPTED_DATA}, ++ #else ++ {"NOT_ENCRYPTED_DATA", 46, 122}, ++ #endif ++ #ifdef CMS_R_NOT_KEK ++ {"NOT_KEK", ERR_LIB_CMS, CMS_R_NOT_KEK}, ++ #else ++ {"NOT_KEK", 46, 123}, ++ #endif ++ #ifdef CMS_R_NOT_KEY_AGREEMENT ++ {"NOT_KEY_AGREEMENT", ERR_LIB_CMS, CMS_R_NOT_KEY_AGREEMENT}, ++ #else ++ {"NOT_KEY_AGREEMENT", 46, 181}, ++ #endif ++ #ifdef CMS_R_NOT_KEY_TRANSPORT ++ {"NOT_KEY_TRANSPORT", ERR_LIB_CMS, CMS_R_NOT_KEY_TRANSPORT}, ++ #else ++ {"NOT_KEY_TRANSPORT", 46, 124}, ++ #endif ++ #ifdef CMS_R_NOT_PWRI ++ {"NOT_PWRI", ERR_LIB_CMS, CMS_R_NOT_PWRI}, ++ #else ++ {"NOT_PWRI", 46, 177}, ++ #endif ++ #ifdef CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE ++ {"NOT_SUPPORTED_FOR_THIS_KEY_TYPE", ERR_LIB_CMS, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE}, ++ #else ++ {"NOT_SUPPORTED_FOR_THIS_KEY_TYPE", 46, 125}, ++ #endif ++ #ifdef CMS_R_NO_CIPHER ++ {"NO_CIPHER", ERR_LIB_CMS, CMS_R_NO_CIPHER}, ++ #else ++ {"NO_CIPHER", 46, 126}, ++ #endif ++ #ifdef CMS_R_NO_CONTENT ++ {"NO_CONTENT", ERR_LIB_CMS, CMS_R_NO_CONTENT}, ++ #else ++ {"NO_CONTENT", 46, 127}, ++ #endif ++ #ifdef CMS_R_NO_CONTENT_TYPE ++ {"NO_CONTENT_TYPE", ERR_LIB_CMS, CMS_R_NO_CONTENT_TYPE}, ++ #else ++ {"NO_CONTENT_TYPE", 46, 173}, ++ #endif ++ #ifdef CMS_R_NO_DEFAULT_DIGEST ++ {"NO_DEFAULT_DIGEST", ERR_LIB_CMS, CMS_R_NO_DEFAULT_DIGEST}, ++ #else ++ {"NO_DEFAULT_DIGEST", 46, 128}, ++ #endif ++ #ifdef CMS_R_NO_DIGEST_SET ++ {"NO_DIGEST_SET", ERR_LIB_CMS, CMS_R_NO_DIGEST_SET}, ++ #else ++ {"NO_DIGEST_SET", 46, 129}, ++ #endif ++ #ifdef CMS_R_NO_KEY ++ {"NO_KEY", ERR_LIB_CMS, CMS_R_NO_KEY}, ++ #else ++ {"NO_KEY", 46, 130}, ++ #endif ++ #ifdef CMS_R_NO_KEY_OR_CERT ++ {"NO_KEY_OR_CERT", ERR_LIB_CMS, CMS_R_NO_KEY_OR_CERT}, ++ #else ++ {"NO_KEY_OR_CERT", 46, 174}, ++ #endif ++ #ifdef CMS_R_NO_MATCHING_DIGEST ++ {"NO_MATCHING_DIGEST", ERR_LIB_CMS, CMS_R_NO_MATCHING_DIGEST}, ++ #else ++ {"NO_MATCHING_DIGEST", 46, 131}, ++ #endif ++ #ifdef CMS_R_NO_MATCHING_RECIPIENT ++ {"NO_MATCHING_RECIPIENT", ERR_LIB_CMS, CMS_R_NO_MATCHING_RECIPIENT}, ++ #else ++ {"NO_MATCHING_RECIPIENT", 46, 132}, ++ #endif ++ #ifdef CMS_R_NO_MATCHING_SIGNATURE ++ {"NO_MATCHING_SIGNATURE", ERR_LIB_CMS, CMS_R_NO_MATCHING_SIGNATURE}, ++ #else ++ {"NO_MATCHING_SIGNATURE", 46, 166}, ++ #endif ++ #ifdef CMS_R_NO_MSGSIGDIGEST ++ {"NO_MSGSIGDIGEST", ERR_LIB_CMS, CMS_R_NO_MSGSIGDIGEST}, ++ #else ++ {"NO_MSGSIGDIGEST", 46, 167}, ++ #endif ++ #ifdef CMS_R_NO_PASSWORD ++ {"NO_PASSWORD", ERR_LIB_CMS, CMS_R_NO_PASSWORD}, ++ #else ++ {"NO_PASSWORD", 46, 178}, ++ #endif ++ #ifdef CMS_R_NO_PRIVATE_KEY ++ {"NO_PRIVATE_KEY", ERR_LIB_CMS, CMS_R_NO_PRIVATE_KEY}, ++ #else ++ {"NO_PRIVATE_KEY", 46, 133}, ++ #endif ++ #ifdef CMS_R_NO_PUBLIC_KEY ++ {"NO_PUBLIC_KEY", ERR_LIB_CMS, CMS_R_NO_PUBLIC_KEY}, ++ #else ++ {"NO_PUBLIC_KEY", 46, 134}, ++ #endif ++ #ifdef CMS_R_NO_RECEIPT_REQUEST ++ {"NO_RECEIPT_REQUEST", ERR_LIB_CMS, CMS_R_NO_RECEIPT_REQUEST}, ++ #else ++ {"NO_RECEIPT_REQUEST", 46, 168}, ++ #endif ++ #ifdef CMS_R_NO_SIGNERS ++ {"NO_SIGNERS", ERR_LIB_CMS, CMS_R_NO_SIGNERS}, ++ #else ++ {"NO_SIGNERS", 46, 135}, ++ #endif ++ #ifdef CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", ERR_LIB_CMS, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE}, ++ #else ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", 46, 136}, ++ #endif ++ #ifdef CMS_R_RECEIPT_DECODE_ERROR ++ {"RECEIPT_DECODE_ERROR", ERR_LIB_CMS, CMS_R_RECEIPT_DECODE_ERROR}, ++ #else ++ {"RECEIPT_DECODE_ERROR", 46, 169}, ++ #endif ++ #ifdef CMS_R_RECIPIENT_ERROR ++ {"RECIPIENT_ERROR", ERR_LIB_CMS, CMS_R_RECIPIENT_ERROR}, ++ #else ++ {"RECIPIENT_ERROR", 46, 137}, ++ #endif ++ #ifdef CMS_R_SIGNER_CERTIFICATE_NOT_FOUND ++ {"SIGNER_CERTIFICATE_NOT_FOUND", ERR_LIB_CMS, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND}, ++ #else ++ {"SIGNER_CERTIFICATE_NOT_FOUND", 46, 138}, ++ #endif ++ #ifdef CMS_R_SIGNFINAL_ERROR ++ {"SIGNFINAL_ERROR", ERR_LIB_CMS, CMS_R_SIGNFINAL_ERROR}, ++ #else ++ {"SIGNFINAL_ERROR", 46, 139}, ++ #endif ++ #ifdef CMS_R_SMIME_TEXT_ERROR ++ {"SMIME_TEXT_ERROR", ERR_LIB_CMS, CMS_R_SMIME_TEXT_ERROR}, ++ #else ++ {"SMIME_TEXT_ERROR", 46, 140}, ++ #endif ++ #ifdef CMS_R_STORE_INIT_ERROR ++ {"STORE_INIT_ERROR", ERR_LIB_CMS, CMS_R_STORE_INIT_ERROR}, ++ #else ++ {"STORE_INIT_ERROR", 46, 141}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_COMPRESSED_DATA ++ {"TYPE_NOT_COMPRESSED_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_COMPRESSED_DATA}, ++ #else ++ {"TYPE_NOT_COMPRESSED_DATA", 46, 142}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_DATA ++ {"TYPE_NOT_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_DATA}, ++ #else ++ {"TYPE_NOT_DATA", 46, 143}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_DIGESTED_DATA ++ {"TYPE_NOT_DIGESTED_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_DIGESTED_DATA}, ++ #else ++ {"TYPE_NOT_DIGESTED_DATA", 46, 144}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_ENCRYPTED_DATA ++ {"TYPE_NOT_ENCRYPTED_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_ENCRYPTED_DATA}, ++ #else ++ {"TYPE_NOT_ENCRYPTED_DATA", 46, 145}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_ENVELOPED_DATA ++ {"TYPE_NOT_ENVELOPED_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_ENVELOPED_DATA}, ++ #else ++ {"TYPE_NOT_ENVELOPED_DATA", 46, 146}, ++ #endif ++ #ifdef CMS_R_UNABLE_TO_FINALIZE_CONTEXT ++ {"UNABLE_TO_FINALIZE_CONTEXT", ERR_LIB_CMS, CMS_R_UNABLE_TO_FINALIZE_CONTEXT}, ++ #else ++ {"UNABLE_TO_FINALIZE_CONTEXT", 46, 147}, ++ #endif ++ #ifdef CMS_R_UNKNOWN_CIPHER ++ {"UNKNOWN_CIPHER", ERR_LIB_CMS, CMS_R_UNKNOWN_CIPHER}, ++ #else ++ {"UNKNOWN_CIPHER", 46, 148}, ++ #endif ++ #ifdef CMS_R_UNKNOWN_DIGEST_ALGORITHM ++ {"UNKNOWN_DIGEST_ALGORITHM", ERR_LIB_CMS, CMS_R_UNKNOWN_DIGEST_ALGORITHM}, ++ #else ++ {"UNKNOWN_DIGEST_ALGORITHM", 46, 149}, ++ #endif ++ #ifdef CMS_R_UNKNOWN_ID ++ {"UNKNOWN_ID", ERR_LIB_CMS, CMS_R_UNKNOWN_ID}, ++ #else ++ {"UNKNOWN_ID", 46, 150}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM ++ {"UNSUPPORTED_COMPRESSION_ALGORITHM", ERR_LIB_CMS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_COMPRESSION_ALGORITHM", 46, 151}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_CONTENT_TYPE ++ {"UNSUPPORTED_CONTENT_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_TYPE}, ++ #else ++ {"UNSUPPORTED_CONTENT_TYPE", 46, 152}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_KEK_ALGORITHM ++ {"UNSUPPORTED_KEK_ALGORITHM", ERR_LIB_CMS, CMS_R_UNSUPPORTED_KEK_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_KEK_ALGORITHM", 46, 153}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM ++ {"UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM", ERR_LIB_CMS, CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM", 46, 179}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE ++ {"UNSUPPORTED_RECIPIENTINFO_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE}, ++ #else ++ {"UNSUPPORTED_RECIPIENTINFO_TYPE", 46, 155}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_RECIPIENT_TYPE ++ {"UNSUPPORTED_RECIPIENT_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENT_TYPE}, ++ #else ++ {"UNSUPPORTED_RECIPIENT_TYPE", 46, 154}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_TYPE ++ {"UNSUPPORTED_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_TYPE}, ++ #else ++ {"UNSUPPORTED_TYPE", 46, 156}, ++ #endif ++ #ifdef CMS_R_UNWRAP_ERROR ++ {"UNWRAP_ERROR", ERR_LIB_CMS, CMS_R_UNWRAP_ERROR}, ++ #else ++ {"UNWRAP_ERROR", 46, 157}, ++ #endif ++ #ifdef CMS_R_UNWRAP_FAILURE ++ {"UNWRAP_FAILURE", ERR_LIB_CMS, CMS_R_UNWRAP_FAILURE}, ++ #else ++ {"UNWRAP_FAILURE", 46, 180}, ++ #endif ++ #ifdef CMS_R_VERIFICATION_FAILURE ++ {"VERIFICATION_FAILURE", ERR_LIB_CMS, CMS_R_VERIFICATION_FAILURE}, ++ #else ++ {"VERIFICATION_FAILURE", 46, 158}, ++ #endif ++ #ifdef CMS_R_WRAP_ERROR ++ {"WRAP_ERROR", ERR_LIB_CMS, CMS_R_WRAP_ERROR}, ++ #else ++ {"WRAP_ERROR", 46, 159}, ++ #endif ++ #ifdef COMP_R_ZLIB_DEFLATE_ERROR ++ {"ZLIB_DEFLATE_ERROR", ERR_LIB_COMP, COMP_R_ZLIB_DEFLATE_ERROR}, ++ #else ++ {"ZLIB_DEFLATE_ERROR", 41, 99}, ++ #endif ++ #ifdef COMP_R_ZLIB_INFLATE_ERROR ++ {"ZLIB_INFLATE_ERROR", ERR_LIB_COMP, COMP_R_ZLIB_INFLATE_ERROR}, ++ #else ++ {"ZLIB_INFLATE_ERROR", 41, 100}, ++ #endif ++ #ifdef COMP_R_ZLIB_NOT_SUPPORTED ++ {"ZLIB_NOT_SUPPORTED", ERR_LIB_COMP, COMP_R_ZLIB_NOT_SUPPORTED}, ++ #else ++ {"ZLIB_NOT_SUPPORTED", 41, 101}, ++ #endif ++ #ifdef CONF_R_ERROR_LOADING_DSO ++ {"ERROR_LOADING_DSO", ERR_LIB_CONF, CONF_R_ERROR_LOADING_DSO}, ++ #else ++ {"ERROR_LOADING_DSO", 14, 110}, ++ #endif ++ #ifdef CONF_R_LIST_CANNOT_BE_NULL ++ {"LIST_CANNOT_BE_NULL", ERR_LIB_CONF, CONF_R_LIST_CANNOT_BE_NULL}, ++ #else ++ {"LIST_CANNOT_BE_NULL", 14, 115}, ++ #endif ++ #ifdef CONF_R_MISSING_CLOSE_SQUARE_BRACKET ++ {"MISSING_CLOSE_SQUARE_BRACKET", ERR_LIB_CONF, CONF_R_MISSING_CLOSE_SQUARE_BRACKET}, ++ #else ++ {"MISSING_CLOSE_SQUARE_BRACKET", 14, 100}, ++ #endif ++ #ifdef CONF_R_MISSING_EQUAL_SIGN ++ {"MISSING_EQUAL_SIGN", ERR_LIB_CONF, CONF_R_MISSING_EQUAL_SIGN}, ++ #else ++ {"MISSING_EQUAL_SIGN", 14, 101}, ++ #endif ++ #ifdef CONF_R_MISSING_INIT_FUNCTION ++ {"MISSING_INIT_FUNCTION", ERR_LIB_CONF, CONF_R_MISSING_INIT_FUNCTION}, ++ #else ++ {"MISSING_INIT_FUNCTION", 14, 112}, ++ #endif ++ #ifdef CONF_R_MODULE_INITIALIZATION_ERROR ++ {"MODULE_INITIALIZATION_ERROR", ERR_LIB_CONF, CONF_R_MODULE_INITIALIZATION_ERROR}, ++ #else ++ {"MODULE_INITIALIZATION_ERROR", 14, 109}, ++ #endif ++ #ifdef CONF_R_NO_CLOSE_BRACE ++ {"NO_CLOSE_BRACE", ERR_LIB_CONF, CONF_R_NO_CLOSE_BRACE}, ++ #else ++ {"NO_CLOSE_BRACE", 14, 102}, ++ #endif ++ #ifdef CONF_R_NO_CONF ++ {"NO_CONF", ERR_LIB_CONF, CONF_R_NO_CONF}, ++ #else ++ {"NO_CONF", 14, 105}, ++ #endif ++ #ifdef CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE ++ {"NO_CONF_OR_ENVIRONMENT_VARIABLE", ERR_LIB_CONF, CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE}, ++ #else ++ {"NO_CONF_OR_ENVIRONMENT_VARIABLE", 14, 106}, ++ #endif ++ #ifdef CONF_R_NO_SECTION ++ {"NO_SECTION", ERR_LIB_CONF, CONF_R_NO_SECTION}, ++ #else ++ {"NO_SECTION", 14, 107}, ++ #endif ++ #ifdef CONF_R_NO_SUCH_FILE ++ {"NO_SUCH_FILE", ERR_LIB_CONF, CONF_R_NO_SUCH_FILE}, ++ #else ++ {"NO_SUCH_FILE", 14, 114}, ++ #endif ++ #ifdef CONF_R_NO_VALUE ++ {"NO_VALUE", ERR_LIB_CONF, CONF_R_NO_VALUE}, ++ #else ++ {"NO_VALUE", 14, 108}, ++ #endif ++ #ifdef CONF_R_NUMBER_TOO_LARGE ++ {"NUMBER_TOO_LARGE", ERR_LIB_CONF, CONF_R_NUMBER_TOO_LARGE}, ++ #else ++ {"NUMBER_TOO_LARGE", 14, 121}, ++ #endif ++ #ifdef CONF_R_RECURSIVE_DIRECTORY_INCLUDE ++ {"RECURSIVE_DIRECTORY_INCLUDE", ERR_LIB_CONF, CONF_R_RECURSIVE_DIRECTORY_INCLUDE}, ++ #else ++ {"RECURSIVE_DIRECTORY_INCLUDE", 14, 111}, ++ #endif ++ #ifdef CONF_R_SSL_COMMAND_SECTION_EMPTY ++ {"SSL_COMMAND_SECTION_EMPTY", ERR_LIB_CONF, CONF_R_SSL_COMMAND_SECTION_EMPTY}, ++ #else ++ {"SSL_COMMAND_SECTION_EMPTY", 14, 117}, ++ #endif ++ #ifdef CONF_R_SSL_COMMAND_SECTION_NOT_FOUND ++ {"SSL_COMMAND_SECTION_NOT_FOUND", ERR_LIB_CONF, CONF_R_SSL_COMMAND_SECTION_NOT_FOUND}, ++ #else ++ {"SSL_COMMAND_SECTION_NOT_FOUND", 14, 118}, ++ #endif ++ #ifdef CONF_R_SSL_SECTION_EMPTY ++ {"SSL_SECTION_EMPTY", ERR_LIB_CONF, CONF_R_SSL_SECTION_EMPTY}, ++ #else ++ {"SSL_SECTION_EMPTY", 14, 119}, ++ #endif ++ #ifdef CONF_R_SSL_SECTION_NOT_FOUND ++ {"SSL_SECTION_NOT_FOUND", ERR_LIB_CONF, CONF_R_SSL_SECTION_NOT_FOUND}, ++ #else ++ {"SSL_SECTION_NOT_FOUND", 14, 120}, ++ #endif ++ #ifdef CONF_R_UNABLE_TO_CREATE_NEW_SECTION ++ {"UNABLE_TO_CREATE_NEW_SECTION", ERR_LIB_CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION}, ++ #else ++ {"UNABLE_TO_CREATE_NEW_SECTION", 14, 103}, ++ #endif ++ #ifdef CONF_R_UNKNOWN_MODULE_NAME ++ {"UNKNOWN_MODULE_NAME", ERR_LIB_CONF, CONF_R_UNKNOWN_MODULE_NAME}, ++ #else ++ {"UNKNOWN_MODULE_NAME", 14, 113}, ++ #endif ++ #ifdef CONF_R_VARIABLE_EXPANSION_TOO_LONG ++ {"VARIABLE_EXPANSION_TOO_LONG", ERR_LIB_CONF, CONF_R_VARIABLE_EXPANSION_TOO_LONG}, ++ #else ++ {"VARIABLE_EXPANSION_TOO_LONG", 14, 116}, ++ #endif ++ #ifdef CONF_R_VARIABLE_HAS_NO_VALUE ++ {"VARIABLE_HAS_NO_VALUE", ERR_LIB_CONF, CONF_R_VARIABLE_HAS_NO_VALUE}, ++ #else ++ {"VARIABLE_HAS_NO_VALUE", 14, 104}, ++ #endif ++ #ifdef CRYPTO_R_FIPS_MODE_NOT_SUPPORTED ++ {"FIPS_MODE_NOT_SUPPORTED", ERR_LIB_CRYPTO, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED}, ++ #else ++ {"FIPS_MODE_NOT_SUPPORTED", 15, 101}, ++ #endif ++ #ifdef CRYPTO_R_ILLEGAL_HEX_DIGIT ++ {"ILLEGAL_HEX_DIGIT", ERR_LIB_CRYPTO, CRYPTO_R_ILLEGAL_HEX_DIGIT}, ++ #else ++ {"ILLEGAL_HEX_DIGIT", 15, 102}, ++ #endif ++ #ifdef CRYPTO_R_ODD_NUMBER_OF_DIGITS ++ {"ODD_NUMBER_OF_DIGITS", ERR_LIB_CRYPTO, CRYPTO_R_ODD_NUMBER_OF_DIGITS}, ++ #else ++ {"ODD_NUMBER_OF_DIGITS", 15, 103}, ++ #endif ++ #ifdef CT_R_BASE64_DECODE_ERROR ++ {"BASE64_DECODE_ERROR", ERR_LIB_CT, CT_R_BASE64_DECODE_ERROR}, ++ #else ++ {"BASE64_DECODE_ERROR", 50, 108}, ++ #endif ++ #ifdef CT_R_INVALID_LOG_ID_LENGTH ++ {"INVALID_LOG_ID_LENGTH", ERR_LIB_CT, CT_R_INVALID_LOG_ID_LENGTH}, ++ #else ++ {"INVALID_LOG_ID_LENGTH", 50, 100}, ++ #endif ++ #ifdef CT_R_LOG_CONF_INVALID ++ {"LOG_CONF_INVALID", ERR_LIB_CT, CT_R_LOG_CONF_INVALID}, ++ #else ++ {"LOG_CONF_INVALID", 50, 109}, ++ #endif ++ #ifdef CT_R_LOG_CONF_INVALID_KEY ++ {"LOG_CONF_INVALID_KEY", ERR_LIB_CT, CT_R_LOG_CONF_INVALID_KEY}, ++ #else ++ {"LOG_CONF_INVALID_KEY", 50, 110}, ++ #endif ++ #ifdef CT_R_LOG_CONF_MISSING_DESCRIPTION ++ {"LOG_CONF_MISSING_DESCRIPTION", ERR_LIB_CT, CT_R_LOG_CONF_MISSING_DESCRIPTION}, ++ #else ++ {"LOG_CONF_MISSING_DESCRIPTION", 50, 111}, ++ #endif ++ #ifdef CT_R_LOG_CONF_MISSING_KEY ++ {"LOG_CONF_MISSING_KEY", ERR_LIB_CT, CT_R_LOG_CONF_MISSING_KEY}, ++ #else ++ {"LOG_CONF_MISSING_KEY", 50, 112}, ++ #endif ++ #ifdef CT_R_LOG_KEY_INVALID ++ {"LOG_KEY_INVALID", ERR_LIB_CT, CT_R_LOG_KEY_INVALID}, ++ #else ++ {"LOG_KEY_INVALID", 50, 113}, ++ #endif ++ #ifdef CT_R_SCT_FUTURE_TIMESTAMP ++ {"SCT_FUTURE_TIMESTAMP", ERR_LIB_CT, CT_R_SCT_FUTURE_TIMESTAMP}, ++ #else ++ {"SCT_FUTURE_TIMESTAMP", 50, 116}, ++ #endif ++ #ifdef CT_R_SCT_INVALID ++ {"SCT_INVALID", ERR_LIB_CT, CT_R_SCT_INVALID}, ++ #else ++ {"SCT_INVALID", 50, 104}, ++ #endif ++ #ifdef CT_R_SCT_INVALID_SIGNATURE ++ {"SCT_INVALID_SIGNATURE", ERR_LIB_CT, CT_R_SCT_INVALID_SIGNATURE}, ++ #else ++ {"SCT_INVALID_SIGNATURE", 50, 107}, ++ #endif ++ #ifdef CT_R_SCT_LIST_INVALID ++ {"SCT_LIST_INVALID", ERR_LIB_CT, CT_R_SCT_LIST_INVALID}, ++ #else ++ {"SCT_LIST_INVALID", 50, 105}, ++ #endif ++ #ifdef CT_R_SCT_LOG_ID_MISMATCH ++ {"SCT_LOG_ID_MISMATCH", ERR_LIB_CT, CT_R_SCT_LOG_ID_MISMATCH}, ++ #else ++ {"SCT_LOG_ID_MISMATCH", 50, 114}, ++ #endif ++ #ifdef CT_R_SCT_NOT_SET ++ {"SCT_NOT_SET", ERR_LIB_CT, CT_R_SCT_NOT_SET}, ++ #else ++ {"SCT_NOT_SET", 50, 106}, ++ #endif ++ #ifdef CT_R_SCT_UNSUPPORTED_VERSION ++ {"SCT_UNSUPPORTED_VERSION", ERR_LIB_CT, CT_R_SCT_UNSUPPORTED_VERSION}, ++ #else ++ {"SCT_UNSUPPORTED_VERSION", 50, 115}, ++ #endif ++ #ifdef CT_R_UNRECOGNIZED_SIGNATURE_NID ++ {"UNRECOGNIZED_SIGNATURE_NID", ERR_LIB_CT, CT_R_UNRECOGNIZED_SIGNATURE_NID}, ++ #else ++ {"UNRECOGNIZED_SIGNATURE_NID", 50, 101}, ++ #endif ++ #ifdef CT_R_UNSUPPORTED_ENTRY_TYPE ++ {"UNSUPPORTED_ENTRY_TYPE", ERR_LIB_CT, CT_R_UNSUPPORTED_ENTRY_TYPE}, ++ #else ++ {"UNSUPPORTED_ENTRY_TYPE", 50, 102}, ++ #endif ++ #ifdef CT_R_UNSUPPORTED_VERSION ++ {"UNSUPPORTED_VERSION", ERR_LIB_CT, CT_R_UNSUPPORTED_VERSION}, ++ #else ++ {"UNSUPPORTED_VERSION", 50, 103}, ++ #endif ++ #ifdef DH_R_BAD_GENERATOR ++ {"BAD_GENERATOR", ERR_LIB_DH, DH_R_BAD_GENERATOR}, ++ #else ++ {"BAD_GENERATOR", 5, 101}, ++ #endif ++ #ifdef DH_R_BN_DECODE_ERROR ++ {"BN_DECODE_ERROR", ERR_LIB_DH, DH_R_BN_DECODE_ERROR}, ++ #else ++ {"BN_DECODE_ERROR", 5, 109}, ++ #endif ++ #ifdef DH_R_BN_ERROR ++ {"BN_ERROR", ERR_LIB_DH, DH_R_BN_ERROR}, ++ #else ++ {"BN_ERROR", 5, 106}, ++ #endif ++ #ifdef DH_R_CHECK_INVALID_J_VALUE ++ {"CHECK_INVALID_J_VALUE", ERR_LIB_DH, DH_R_CHECK_INVALID_J_VALUE}, ++ #else ++ {"CHECK_INVALID_J_VALUE", 5, 115}, ++ #endif ++ #ifdef DH_R_CHECK_INVALID_Q_VALUE ++ {"CHECK_INVALID_Q_VALUE", ERR_LIB_DH, DH_R_CHECK_INVALID_Q_VALUE}, ++ #else ++ {"CHECK_INVALID_Q_VALUE", 5, 116}, ++ #endif ++ #ifdef DH_R_CHECK_PUBKEY_INVALID ++ {"CHECK_PUBKEY_INVALID", ERR_LIB_DH, DH_R_CHECK_PUBKEY_INVALID}, ++ #else ++ {"CHECK_PUBKEY_INVALID", 5, 122}, ++ #endif ++ #ifdef DH_R_CHECK_PUBKEY_TOO_LARGE ++ {"CHECK_PUBKEY_TOO_LARGE", ERR_LIB_DH, DH_R_CHECK_PUBKEY_TOO_LARGE}, ++ #else ++ {"CHECK_PUBKEY_TOO_LARGE", 5, 123}, ++ #endif ++ #ifdef DH_R_CHECK_PUBKEY_TOO_SMALL ++ {"CHECK_PUBKEY_TOO_SMALL", ERR_LIB_DH, DH_R_CHECK_PUBKEY_TOO_SMALL}, ++ #else ++ {"CHECK_PUBKEY_TOO_SMALL", 5, 124}, ++ #endif ++ #ifdef DH_R_CHECK_P_NOT_PRIME ++ {"CHECK_P_NOT_PRIME", ERR_LIB_DH, DH_R_CHECK_P_NOT_PRIME}, ++ #else ++ {"CHECK_P_NOT_PRIME", 5, 117}, ++ #endif ++ #ifdef DH_R_CHECK_P_NOT_SAFE_PRIME ++ {"CHECK_P_NOT_SAFE_PRIME", ERR_LIB_DH, DH_R_CHECK_P_NOT_SAFE_PRIME}, ++ #else ++ {"CHECK_P_NOT_SAFE_PRIME", 5, 118}, ++ #endif ++ #ifdef DH_R_CHECK_Q_NOT_PRIME ++ {"CHECK_Q_NOT_PRIME", ERR_LIB_DH, DH_R_CHECK_Q_NOT_PRIME}, ++ #else ++ {"CHECK_Q_NOT_PRIME", 5, 119}, ++ #endif ++ #ifdef DH_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_DH, DH_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 5, 104}, ++ #endif ++ #ifdef DH_R_INVALID_PARAMETER_NAME ++ {"INVALID_PARAMETER_NAME", ERR_LIB_DH, DH_R_INVALID_PARAMETER_NAME}, ++ #else ++ {"INVALID_PARAMETER_NAME", 5, 110}, ++ #endif ++ #ifdef DH_R_INVALID_PARAMETER_NID ++ {"INVALID_PARAMETER_NID", ERR_LIB_DH, DH_R_INVALID_PARAMETER_NID}, ++ #else ++ {"INVALID_PARAMETER_NID", 5, 114}, ++ #endif ++ #ifdef DH_R_INVALID_PUBKEY ++ {"INVALID_PUBKEY", ERR_LIB_DH, DH_R_INVALID_PUBKEY}, ++ #else ++ {"INVALID_PUBKEY", 5, 102}, ++ #endif ++ #ifdef DH_R_KDF_PARAMETER_ERROR ++ {"KDF_PARAMETER_ERROR", ERR_LIB_DH, DH_R_KDF_PARAMETER_ERROR}, ++ #else ++ {"KDF_PARAMETER_ERROR", 5, 112}, ++ #endif ++ #ifdef DH_R_KEYS_NOT_SET ++ {"KEYS_NOT_SET", ERR_LIB_DH, DH_R_KEYS_NOT_SET}, ++ #else ++ {"KEYS_NOT_SET", 5, 108}, ++ #endif ++ #ifdef DH_R_MISSING_PUBKEY ++ {"MISSING_PUBKEY", ERR_LIB_DH, DH_R_MISSING_PUBKEY}, ++ #else ++ {"MISSING_PUBKEY", 5, 125}, ++ #endif ++ #ifdef DH_R_MODULUS_TOO_LARGE ++ {"MODULUS_TOO_LARGE", ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE}, ++ #else ++ {"MODULUS_TOO_LARGE", 5, 103}, ++ #endif ++ #ifdef DH_R_NOT_SUITABLE_GENERATOR ++ {"NOT_SUITABLE_GENERATOR", ERR_LIB_DH, DH_R_NOT_SUITABLE_GENERATOR}, ++ #else ++ {"NOT_SUITABLE_GENERATOR", 5, 120}, ++ #endif ++ #ifdef DH_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_DH, DH_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 5, 107}, ++ #endif ++ #ifdef DH_R_NO_PRIVATE_VALUE ++ {"NO_PRIVATE_VALUE", ERR_LIB_DH, DH_R_NO_PRIVATE_VALUE}, ++ #else ++ {"NO_PRIVATE_VALUE", 5, 100}, ++ #endif ++ #ifdef DH_R_PARAMETER_ENCODING_ERROR ++ {"PARAMETER_ENCODING_ERROR", ERR_LIB_DH, DH_R_PARAMETER_ENCODING_ERROR}, ++ #else ++ {"PARAMETER_ENCODING_ERROR", 5, 105}, ++ #endif ++ #ifdef DH_R_PEER_KEY_ERROR ++ {"PEER_KEY_ERROR", ERR_LIB_DH, DH_R_PEER_KEY_ERROR}, ++ #else ++ {"PEER_KEY_ERROR", 5, 111}, ++ #endif ++ #ifdef DH_R_SHARED_INFO_ERROR ++ {"SHARED_INFO_ERROR", ERR_LIB_DH, DH_R_SHARED_INFO_ERROR}, ++ #else ++ {"SHARED_INFO_ERROR", 5, 113}, ++ #endif ++ #ifdef DH_R_UNABLE_TO_CHECK_GENERATOR ++ {"UNABLE_TO_CHECK_GENERATOR", ERR_LIB_DH, DH_R_UNABLE_TO_CHECK_GENERATOR}, ++ #else ++ {"UNABLE_TO_CHECK_GENERATOR", 5, 121}, ++ #endif ++ #ifdef DSA_R_BAD_Q_VALUE ++ {"BAD_Q_VALUE", ERR_LIB_DSA, DSA_R_BAD_Q_VALUE}, ++ #else ++ {"BAD_Q_VALUE", 10, 102}, ++ #endif ++ #ifdef DSA_R_BN_DECODE_ERROR ++ {"BN_DECODE_ERROR", ERR_LIB_DSA, DSA_R_BN_DECODE_ERROR}, ++ #else ++ {"BN_DECODE_ERROR", 10, 108}, ++ #endif ++ #ifdef DSA_R_BN_ERROR ++ {"BN_ERROR", ERR_LIB_DSA, DSA_R_BN_ERROR}, ++ #else ++ {"BN_ERROR", 10, 109}, ++ #endif ++ #ifdef DSA_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_DSA, DSA_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 10, 104}, ++ #endif ++ #ifdef DSA_R_INVALID_DIGEST_TYPE ++ {"INVALID_DIGEST_TYPE", ERR_LIB_DSA, DSA_R_INVALID_DIGEST_TYPE}, ++ #else ++ {"INVALID_DIGEST_TYPE", 10, 106}, ++ #endif ++ #ifdef DSA_R_INVALID_PARAMETERS ++ {"INVALID_PARAMETERS", ERR_LIB_DSA, DSA_R_INVALID_PARAMETERS}, ++ #else ++ {"INVALID_PARAMETERS", 10, 112}, ++ #endif ++ #ifdef DSA_R_MISSING_PARAMETERS ++ {"MISSING_PARAMETERS", ERR_LIB_DSA, DSA_R_MISSING_PARAMETERS}, ++ #else ++ {"MISSING_PARAMETERS", 10, 101}, ++ #endif ++ #ifdef DSA_R_MISSING_PRIVATE_KEY ++ {"MISSING_PRIVATE_KEY", ERR_LIB_DSA, DSA_R_MISSING_PRIVATE_KEY}, ++ #else ++ {"MISSING_PRIVATE_KEY", 10, 111}, ++ #endif ++ #ifdef DSA_R_MODULUS_TOO_LARGE ++ {"MODULUS_TOO_LARGE", ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE}, ++ #else ++ {"MODULUS_TOO_LARGE", 10, 103}, ++ #endif ++ #ifdef DSA_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_DSA, DSA_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 10, 107}, ++ #endif ++ #ifdef DSA_R_PARAMETER_ENCODING_ERROR ++ {"PARAMETER_ENCODING_ERROR", ERR_LIB_DSA, DSA_R_PARAMETER_ENCODING_ERROR}, ++ #else ++ {"PARAMETER_ENCODING_ERROR", 10, 105}, ++ #endif ++ #ifdef DSA_R_Q_NOT_PRIME ++ {"Q_NOT_PRIME", ERR_LIB_DSA, DSA_R_Q_NOT_PRIME}, ++ #else ++ {"Q_NOT_PRIME", 10, 113}, ++ #endif ++ #ifdef DSA_R_SEED_LEN_SMALL ++ {"SEED_LEN_SMALL", ERR_LIB_DSA, DSA_R_SEED_LEN_SMALL}, ++ #else ++ {"SEED_LEN_SMALL", 10, 110}, ++ #endif ++ #ifdef DSO_R_CTRL_FAILED ++ {"CTRL_FAILED", ERR_LIB_DSO, DSO_R_CTRL_FAILED}, ++ #else ++ {"CTRL_FAILED", 37, 100}, ++ #endif ++ #ifdef DSO_R_DSO_ALREADY_LOADED ++ {"DSO_ALREADY_LOADED", ERR_LIB_DSO, DSO_R_DSO_ALREADY_LOADED}, ++ #else ++ {"DSO_ALREADY_LOADED", 37, 110}, ++ #endif ++ #ifdef DSO_R_EMPTY_FILE_STRUCTURE ++ {"EMPTY_FILE_STRUCTURE", ERR_LIB_DSO, DSO_R_EMPTY_FILE_STRUCTURE}, ++ #else ++ {"EMPTY_FILE_STRUCTURE", 37, 113}, ++ #endif ++ #ifdef DSO_R_FAILURE ++ {"FAILURE", ERR_LIB_DSO, DSO_R_FAILURE}, ++ #else ++ {"FAILURE", 37, 114}, ++ #endif ++ #ifdef DSO_R_FILENAME_TOO_BIG ++ {"FILENAME_TOO_BIG", ERR_LIB_DSO, DSO_R_FILENAME_TOO_BIG}, ++ #else ++ {"FILENAME_TOO_BIG", 37, 101}, ++ #endif ++ #ifdef DSO_R_FINISH_FAILED ++ {"FINISH_FAILED", ERR_LIB_DSO, DSO_R_FINISH_FAILED}, ++ #else ++ {"FINISH_FAILED", 37, 102}, ++ #endif ++ #ifdef DSO_R_INCORRECT_FILE_SYNTAX ++ {"INCORRECT_FILE_SYNTAX", ERR_LIB_DSO, DSO_R_INCORRECT_FILE_SYNTAX}, ++ #else ++ {"INCORRECT_FILE_SYNTAX", 37, 115}, ++ #endif ++ #ifdef DSO_R_LOAD_FAILED ++ {"LOAD_FAILED", ERR_LIB_DSO, DSO_R_LOAD_FAILED}, ++ #else ++ {"LOAD_FAILED", 37, 103}, ++ #endif ++ #ifdef DSO_R_NAME_TRANSLATION_FAILED ++ {"NAME_TRANSLATION_FAILED", ERR_LIB_DSO, DSO_R_NAME_TRANSLATION_FAILED}, ++ #else ++ {"NAME_TRANSLATION_FAILED", 37, 109}, ++ #endif ++ #ifdef DSO_R_NO_FILENAME ++ {"NO_FILENAME", ERR_LIB_DSO, DSO_R_NO_FILENAME}, ++ #else ++ {"NO_FILENAME", 37, 111}, ++ #endif ++ #ifdef DSO_R_NULL_HANDLE ++ {"NULL_HANDLE", ERR_LIB_DSO, DSO_R_NULL_HANDLE}, ++ #else ++ {"NULL_HANDLE", 37, 104}, ++ #endif ++ #ifdef DSO_R_SET_FILENAME_FAILED ++ {"SET_FILENAME_FAILED", ERR_LIB_DSO, DSO_R_SET_FILENAME_FAILED}, ++ #else ++ {"SET_FILENAME_FAILED", 37, 112}, ++ #endif ++ #ifdef DSO_R_STACK_ERROR ++ {"STACK_ERROR", ERR_LIB_DSO, DSO_R_STACK_ERROR}, ++ #else ++ {"STACK_ERROR", 37, 105}, ++ #endif ++ #ifdef DSO_R_SYM_FAILURE ++ {"SYM_FAILURE", ERR_LIB_DSO, DSO_R_SYM_FAILURE}, ++ #else ++ {"SYM_FAILURE", 37, 106}, ++ #endif ++ #ifdef DSO_R_UNLOAD_FAILED ++ {"UNLOAD_FAILED", ERR_LIB_DSO, DSO_R_UNLOAD_FAILED}, ++ #else ++ {"UNLOAD_FAILED", 37, 107}, ++ #endif ++ #ifdef DSO_R_UNSUPPORTED ++ {"UNSUPPORTED", ERR_LIB_DSO, DSO_R_UNSUPPORTED}, ++ #else ++ {"UNSUPPORTED", 37, 108}, ++ #endif ++ #ifdef EC_R_ASN1_ERROR ++ {"ASN1_ERROR", ERR_LIB_EC, EC_R_ASN1_ERROR}, ++ #else ++ {"ASN1_ERROR", 16, 115}, ++ #endif ++ #ifdef EC_R_BAD_SIGNATURE ++ {"BAD_SIGNATURE", ERR_LIB_EC, EC_R_BAD_SIGNATURE}, ++ #else ++ {"BAD_SIGNATURE", 16, 156}, ++ #endif ++ #ifdef EC_R_BIGNUM_OUT_OF_RANGE ++ {"BIGNUM_OUT_OF_RANGE", ERR_LIB_EC, EC_R_BIGNUM_OUT_OF_RANGE}, ++ #else ++ {"BIGNUM_OUT_OF_RANGE", 16, 144}, ++ #endif ++ #ifdef EC_R_BUFFER_TOO_SMALL ++ {"BUFFER_TOO_SMALL", ERR_LIB_EC, EC_R_BUFFER_TOO_SMALL}, ++ #else ++ {"BUFFER_TOO_SMALL", 16, 100}, ++ #endif ++ #ifdef EC_R_CANNOT_INVERT ++ {"CANNOT_INVERT", ERR_LIB_EC, EC_R_CANNOT_INVERT}, ++ #else ++ {"CANNOT_INVERT", 16, 165}, ++ #endif ++ #ifdef EC_R_COORDINATES_OUT_OF_RANGE ++ {"COORDINATES_OUT_OF_RANGE", ERR_LIB_EC, EC_R_COORDINATES_OUT_OF_RANGE}, ++ #else ++ {"COORDINATES_OUT_OF_RANGE", 16, 146}, ++ #endif ++ #ifdef EC_R_CURVE_DOES_NOT_SUPPORT_ECDH ++ {"CURVE_DOES_NOT_SUPPORT_ECDH", ERR_LIB_EC, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH}, ++ #else ++ {"CURVE_DOES_NOT_SUPPORT_ECDH", 16, 160}, ++ #endif ++ #ifdef EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING ++ {"CURVE_DOES_NOT_SUPPORT_SIGNING", ERR_LIB_EC, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING}, ++ #else ++ {"CURVE_DOES_NOT_SUPPORT_SIGNING", 16, 159}, ++ #endif ++ #ifdef EC_R_D2I_ECPKPARAMETERS_FAILURE ++ {"D2I_ECPKPARAMETERS_FAILURE", ERR_LIB_EC, EC_R_D2I_ECPKPARAMETERS_FAILURE}, ++ #else ++ {"D2I_ECPKPARAMETERS_FAILURE", 16, 117}, ++ #endif ++ #ifdef EC_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_EC, EC_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 16, 142}, ++ #endif ++ #ifdef EC_R_DISCRIMINANT_IS_ZERO ++ {"DISCRIMINANT_IS_ZERO", ERR_LIB_EC, EC_R_DISCRIMINANT_IS_ZERO}, ++ #else ++ {"DISCRIMINANT_IS_ZERO", 16, 118}, ++ #endif ++ #ifdef EC_R_EC_GROUP_NEW_BY_NAME_FAILURE ++ {"EC_GROUP_NEW_BY_NAME_FAILURE", ERR_LIB_EC, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE}, ++ #else ++ {"EC_GROUP_NEW_BY_NAME_FAILURE", 16, 119}, ++ #endif ++ #ifdef EC_R_FIELD_TOO_LARGE ++ {"FIELD_TOO_LARGE", ERR_LIB_EC, EC_R_FIELD_TOO_LARGE}, ++ #else ++ {"FIELD_TOO_LARGE", 16, 143}, ++ #endif ++ #ifdef EC_R_GF2M_NOT_SUPPORTED ++ {"GF2M_NOT_SUPPORTED", ERR_LIB_EC, EC_R_GF2M_NOT_SUPPORTED}, ++ #else ++ {"GF2M_NOT_SUPPORTED", 16, 147}, ++ #endif ++ #ifdef EC_R_GROUP2PKPARAMETERS_FAILURE ++ {"GROUP2PKPARAMETERS_FAILURE", ERR_LIB_EC, EC_R_GROUP2PKPARAMETERS_FAILURE}, ++ #else ++ {"GROUP2PKPARAMETERS_FAILURE", 16, 120}, ++ #endif ++ #ifdef EC_R_I2D_ECPKPARAMETERS_FAILURE ++ {"I2D_ECPKPARAMETERS_FAILURE", ERR_LIB_EC, EC_R_I2D_ECPKPARAMETERS_FAILURE}, ++ #else ++ {"I2D_ECPKPARAMETERS_FAILURE", 16, 121}, ++ #endif ++ #ifdef EC_R_INCOMPATIBLE_OBJECTS ++ {"INCOMPATIBLE_OBJECTS", ERR_LIB_EC, EC_R_INCOMPATIBLE_OBJECTS}, ++ #else ++ {"INCOMPATIBLE_OBJECTS", 16, 101}, ++ #endif ++ #ifdef EC_R_INVALID_ARGUMENT ++ {"INVALID_ARGUMENT", ERR_LIB_EC, EC_R_INVALID_ARGUMENT}, ++ #else ++ {"INVALID_ARGUMENT", 16, 112}, ++ #endif ++ #ifdef EC_R_INVALID_COMPRESSED_POINT ++ {"INVALID_COMPRESSED_POINT", ERR_LIB_EC, EC_R_INVALID_COMPRESSED_POINT}, ++ #else ++ {"INVALID_COMPRESSED_POINT", 16, 110}, ++ #endif ++ #ifdef EC_R_INVALID_COMPRESSION_BIT ++ {"INVALID_COMPRESSION_BIT", ERR_LIB_EC, EC_R_INVALID_COMPRESSION_BIT}, ++ #else ++ {"INVALID_COMPRESSION_BIT", 16, 109}, ++ #endif ++ #ifdef EC_R_INVALID_CURVE ++ {"INVALID_CURVE", ERR_LIB_EC, EC_R_INVALID_CURVE}, ++ #else ++ {"INVALID_CURVE", 16, 141}, ++ #endif ++ #ifdef EC_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_EC, EC_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 16, 151}, ++ #endif ++ #ifdef EC_R_INVALID_DIGEST_TYPE ++ {"INVALID_DIGEST_TYPE", ERR_LIB_EC, EC_R_INVALID_DIGEST_TYPE}, ++ #else ++ {"INVALID_DIGEST_TYPE", 16, 138}, ++ #endif ++ #ifdef EC_R_INVALID_ENCODING ++ {"INVALID_ENCODING", ERR_LIB_EC, EC_R_INVALID_ENCODING}, ++ #else ++ {"INVALID_ENCODING", 16, 102}, ++ #endif ++ #ifdef EC_R_INVALID_FIELD ++ {"INVALID_FIELD", ERR_LIB_EC, EC_R_INVALID_FIELD}, ++ #else ++ {"INVALID_FIELD", 16, 103}, ++ #endif ++ #ifdef EC_R_INVALID_FORM ++ {"INVALID_FORM", ERR_LIB_EC, EC_R_INVALID_FORM}, ++ #else ++ {"INVALID_FORM", 16, 104}, ++ #endif ++ #ifdef EC_R_INVALID_GROUP_ORDER ++ {"INVALID_GROUP_ORDER", ERR_LIB_EC, EC_R_INVALID_GROUP_ORDER}, ++ #else ++ {"INVALID_GROUP_ORDER", 16, 122}, ++ #endif ++ #ifdef EC_R_INVALID_KEY ++ {"INVALID_KEY", ERR_LIB_EC, EC_R_INVALID_KEY}, ++ #else ++ {"INVALID_KEY", 16, 116}, ++ #endif ++ #ifdef EC_R_INVALID_OUTPUT_LENGTH ++ {"INVALID_OUTPUT_LENGTH", ERR_LIB_EC, EC_R_INVALID_OUTPUT_LENGTH}, ++ #else ++ {"INVALID_OUTPUT_LENGTH", 16, 161}, ++ #endif ++ #ifdef EC_R_INVALID_PEER_KEY ++ {"INVALID_PEER_KEY", ERR_LIB_EC, EC_R_INVALID_PEER_KEY}, ++ #else ++ {"INVALID_PEER_KEY", 16, 133}, ++ #endif ++ #ifdef EC_R_INVALID_PENTANOMIAL_BASIS ++ {"INVALID_PENTANOMIAL_BASIS", ERR_LIB_EC, EC_R_INVALID_PENTANOMIAL_BASIS}, ++ #else ++ {"INVALID_PENTANOMIAL_BASIS", 16, 132}, ++ #endif ++ #ifdef EC_R_INVALID_PRIVATE_KEY ++ {"INVALID_PRIVATE_KEY", ERR_LIB_EC, EC_R_INVALID_PRIVATE_KEY}, ++ #else ++ {"INVALID_PRIVATE_KEY", 16, 123}, ++ #endif ++ #ifdef EC_R_INVALID_TRINOMIAL_BASIS ++ {"INVALID_TRINOMIAL_BASIS", ERR_LIB_EC, EC_R_INVALID_TRINOMIAL_BASIS}, ++ #else ++ {"INVALID_TRINOMIAL_BASIS", 16, 137}, ++ #endif ++ #ifdef EC_R_KDF_PARAMETER_ERROR ++ {"KDF_PARAMETER_ERROR", ERR_LIB_EC, EC_R_KDF_PARAMETER_ERROR}, ++ #else ++ {"KDF_PARAMETER_ERROR", 16, 148}, ++ #endif ++ #ifdef EC_R_KEYS_NOT_SET ++ {"KEYS_NOT_SET", ERR_LIB_EC, EC_R_KEYS_NOT_SET}, ++ #else ++ {"KEYS_NOT_SET", 16, 140}, ++ #endif ++ #ifdef EC_R_LADDER_POST_FAILURE ++ {"LADDER_POST_FAILURE", ERR_LIB_EC, EC_R_LADDER_POST_FAILURE}, ++ #else ++ {"LADDER_POST_FAILURE", 16, 136}, ++ #endif ++ #ifdef EC_R_LADDER_PRE_FAILURE ++ {"LADDER_PRE_FAILURE", ERR_LIB_EC, EC_R_LADDER_PRE_FAILURE}, ++ #else ++ {"LADDER_PRE_FAILURE", 16, 153}, ++ #endif ++ #ifdef EC_R_LADDER_STEP_FAILURE ++ {"LADDER_STEP_FAILURE", ERR_LIB_EC, EC_R_LADDER_STEP_FAILURE}, ++ #else ++ {"LADDER_STEP_FAILURE", 16, 162}, ++ #endif ++ #ifdef EC_R_MISSING_OID ++ {"MISSING_OID", ERR_LIB_EC, EC_R_MISSING_OID}, ++ #else ++ {"MISSING_OID", 16, 167}, ++ #endif ++ #ifdef EC_R_MISSING_PARAMETERS ++ {"MISSING_PARAMETERS", ERR_LIB_EC, EC_R_MISSING_PARAMETERS}, ++ #else ++ {"MISSING_PARAMETERS", 16, 124}, ++ #endif ++ #ifdef EC_R_MISSING_PRIVATE_KEY ++ {"MISSING_PRIVATE_KEY", ERR_LIB_EC, EC_R_MISSING_PRIVATE_KEY}, ++ #else ++ {"MISSING_PRIVATE_KEY", 16, 125}, ++ #endif ++ #ifdef EC_R_NEED_NEW_SETUP_VALUES ++ {"NEED_NEW_SETUP_VALUES", ERR_LIB_EC, EC_R_NEED_NEW_SETUP_VALUES}, ++ #else ++ {"NEED_NEW_SETUP_VALUES", 16, 157}, ++ #endif ++ #ifdef EC_R_NOT_A_NIST_PRIME ++ {"NOT_A_NIST_PRIME", ERR_LIB_EC, EC_R_NOT_A_NIST_PRIME}, ++ #else ++ {"NOT_A_NIST_PRIME", 16, 135}, ++ #endif ++ #ifdef EC_R_NOT_IMPLEMENTED ++ {"NOT_IMPLEMENTED", ERR_LIB_EC, EC_R_NOT_IMPLEMENTED}, ++ #else ++ {"NOT_IMPLEMENTED", 16, 126}, ++ #endif ++ #ifdef EC_R_NOT_INITIALIZED ++ {"NOT_INITIALIZED", ERR_LIB_EC, EC_R_NOT_INITIALIZED}, ++ #else ++ {"NOT_INITIALIZED", 16, 111}, ++ #endif ++ #ifdef EC_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_EC, EC_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 16, 139}, ++ #endif ++ #ifdef EC_R_NO_PRIVATE_VALUE ++ {"NO_PRIVATE_VALUE", ERR_LIB_EC, EC_R_NO_PRIVATE_VALUE}, ++ #else ++ {"NO_PRIVATE_VALUE", 16, 154}, ++ #endif ++ #ifdef EC_R_OPERATION_NOT_SUPPORTED ++ {"OPERATION_NOT_SUPPORTED", ERR_LIB_EC, EC_R_OPERATION_NOT_SUPPORTED}, ++ #else ++ {"OPERATION_NOT_SUPPORTED", 16, 152}, ++ #endif ++ #ifdef EC_R_PASSED_NULL_PARAMETER ++ {"PASSED_NULL_PARAMETER", ERR_LIB_EC, EC_R_PASSED_NULL_PARAMETER}, ++ #else ++ {"PASSED_NULL_PARAMETER", 16, 134}, ++ #endif ++ #ifdef EC_R_PEER_KEY_ERROR ++ {"PEER_KEY_ERROR", ERR_LIB_EC, EC_R_PEER_KEY_ERROR}, ++ #else ++ {"PEER_KEY_ERROR", 16, 149}, ++ #endif ++ #ifdef EC_R_PKPARAMETERS2GROUP_FAILURE ++ {"PKPARAMETERS2GROUP_FAILURE", ERR_LIB_EC, EC_R_PKPARAMETERS2GROUP_FAILURE}, ++ #else ++ {"PKPARAMETERS2GROUP_FAILURE", 16, 127}, ++ #endif ++ #ifdef EC_R_POINT_ARITHMETIC_FAILURE ++ {"POINT_ARITHMETIC_FAILURE", ERR_LIB_EC, EC_R_POINT_ARITHMETIC_FAILURE}, ++ #else ++ {"POINT_ARITHMETIC_FAILURE", 16, 155}, ++ #endif ++ #ifdef EC_R_POINT_AT_INFINITY ++ {"POINT_AT_INFINITY", ERR_LIB_EC, EC_R_POINT_AT_INFINITY}, ++ #else ++ {"POINT_AT_INFINITY", 16, 106}, ++ #endif ++ #ifdef EC_R_POINT_COORDINATES_BLIND_FAILURE ++ {"POINT_COORDINATES_BLIND_FAILURE", ERR_LIB_EC, EC_R_POINT_COORDINATES_BLIND_FAILURE}, ++ #else ++ {"POINT_COORDINATES_BLIND_FAILURE", 16, 163}, ++ #endif ++ #ifdef EC_R_POINT_IS_NOT_ON_CURVE ++ {"POINT_IS_NOT_ON_CURVE", ERR_LIB_EC, EC_R_POINT_IS_NOT_ON_CURVE}, ++ #else ++ {"POINT_IS_NOT_ON_CURVE", 16, 107}, ++ #endif ++ #ifdef EC_R_RANDOM_NUMBER_GENERATION_FAILED ++ {"RANDOM_NUMBER_GENERATION_FAILED", ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED}, ++ #else ++ {"RANDOM_NUMBER_GENERATION_FAILED", 16, 158}, ++ #endif ++ #ifdef EC_R_SHARED_INFO_ERROR ++ {"SHARED_INFO_ERROR", ERR_LIB_EC, EC_R_SHARED_INFO_ERROR}, ++ #else ++ {"SHARED_INFO_ERROR", 16, 150}, ++ #endif ++ #ifdef EC_R_SLOT_FULL ++ {"SLOT_FULL", ERR_LIB_EC, EC_R_SLOT_FULL}, ++ #else ++ {"SLOT_FULL", 16, 108}, ++ #endif ++ #ifdef EC_R_UNDEFINED_GENERATOR ++ {"UNDEFINED_GENERATOR", ERR_LIB_EC, EC_R_UNDEFINED_GENERATOR}, ++ #else ++ {"UNDEFINED_GENERATOR", 16, 113}, ++ #endif ++ #ifdef EC_R_UNDEFINED_ORDER ++ {"UNDEFINED_ORDER", ERR_LIB_EC, EC_R_UNDEFINED_ORDER}, ++ #else ++ {"UNDEFINED_ORDER", 16, 128}, ++ #endif ++ #ifdef EC_R_UNKNOWN_COFACTOR ++ {"UNKNOWN_COFACTOR", ERR_LIB_EC, EC_R_UNKNOWN_COFACTOR}, ++ #else ++ {"UNKNOWN_COFACTOR", 16, 164}, ++ #endif ++ #ifdef EC_R_UNKNOWN_GROUP ++ {"UNKNOWN_GROUP", ERR_LIB_EC, EC_R_UNKNOWN_GROUP}, ++ #else ++ {"UNKNOWN_GROUP", 16, 129}, ++ #endif ++ #ifdef EC_R_UNKNOWN_ORDER ++ {"UNKNOWN_ORDER", ERR_LIB_EC, EC_R_UNKNOWN_ORDER}, ++ #else ++ {"UNKNOWN_ORDER", 16, 114}, ++ #endif ++ #ifdef EC_R_UNSUPPORTED_FIELD ++ {"UNSUPPORTED_FIELD", ERR_LIB_EC, EC_R_UNSUPPORTED_FIELD}, ++ #else ++ {"UNSUPPORTED_FIELD", 16, 131}, ++ #endif ++ #ifdef EC_R_WRONG_CURVE_PARAMETERS ++ {"WRONG_CURVE_PARAMETERS", ERR_LIB_EC, EC_R_WRONG_CURVE_PARAMETERS}, ++ #else ++ {"WRONG_CURVE_PARAMETERS", 16, 145}, ++ #endif ++ #ifdef EC_R_WRONG_ORDER ++ {"WRONG_ORDER", ERR_LIB_EC, EC_R_WRONG_ORDER}, ++ #else ++ {"WRONG_ORDER", 16, 130}, ++ #endif ++ #ifdef ENGINE_R_ALREADY_LOADED ++ {"ALREADY_LOADED", ERR_LIB_ENGINE, ENGINE_R_ALREADY_LOADED}, ++ #else ++ {"ALREADY_LOADED", 38, 100}, ++ #endif ++ #ifdef ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER ++ {"ARGUMENT_IS_NOT_A_NUMBER", ERR_LIB_ENGINE, ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER}, ++ #else ++ {"ARGUMENT_IS_NOT_A_NUMBER", 38, 133}, ++ #endif ++ #ifdef ENGINE_R_CMD_NOT_EXECUTABLE ++ {"CMD_NOT_EXECUTABLE", ERR_LIB_ENGINE, ENGINE_R_CMD_NOT_EXECUTABLE}, ++ #else ++ {"CMD_NOT_EXECUTABLE", 38, 134}, ++ #endif ++ #ifdef ENGINE_R_COMMAND_TAKES_INPUT ++ {"COMMAND_TAKES_INPUT", ERR_LIB_ENGINE, ENGINE_R_COMMAND_TAKES_INPUT}, ++ #else ++ {"COMMAND_TAKES_INPUT", 38, 135}, ++ #endif ++ #ifdef ENGINE_R_COMMAND_TAKES_NO_INPUT ++ {"COMMAND_TAKES_NO_INPUT", ERR_LIB_ENGINE, ENGINE_R_COMMAND_TAKES_NO_INPUT}, ++ #else ++ {"COMMAND_TAKES_NO_INPUT", 38, 136}, ++ #endif ++ #ifdef ENGINE_R_CONFLICTING_ENGINE_ID ++ {"CONFLICTING_ENGINE_ID", ERR_LIB_ENGINE, ENGINE_R_CONFLICTING_ENGINE_ID}, ++ #else ++ {"CONFLICTING_ENGINE_ID", 38, 103}, ++ #endif ++ #ifdef ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED ++ {"CTRL_COMMAND_NOT_IMPLEMENTED", ERR_LIB_ENGINE, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED}, ++ #else ++ {"CTRL_COMMAND_NOT_IMPLEMENTED", 38, 119}, ++ #endif ++ #ifdef ENGINE_R_DSO_FAILURE ++ {"DSO_FAILURE", ERR_LIB_ENGINE, ENGINE_R_DSO_FAILURE}, ++ #else ++ {"DSO_FAILURE", 38, 104}, ++ #endif ++ #ifdef ENGINE_R_DSO_NOT_FOUND ++ {"DSO_NOT_FOUND", ERR_LIB_ENGINE, ENGINE_R_DSO_NOT_FOUND}, ++ #else ++ {"DSO_NOT_FOUND", 38, 132}, ++ #endif ++ #ifdef ENGINE_R_ENGINES_SECTION_ERROR ++ {"ENGINES_SECTION_ERROR", ERR_LIB_ENGINE, ENGINE_R_ENGINES_SECTION_ERROR}, ++ #else ++ {"ENGINES_SECTION_ERROR", 38, 148}, ++ #endif ++ #ifdef ENGINE_R_ENGINE_CONFIGURATION_ERROR ++ {"ENGINE_CONFIGURATION_ERROR", ERR_LIB_ENGINE, ENGINE_R_ENGINE_CONFIGURATION_ERROR}, ++ #else ++ {"ENGINE_CONFIGURATION_ERROR", 38, 102}, ++ #endif ++ #ifdef ENGINE_R_ENGINE_IS_NOT_IN_LIST ++ {"ENGINE_IS_NOT_IN_LIST", ERR_LIB_ENGINE, ENGINE_R_ENGINE_IS_NOT_IN_LIST}, ++ #else ++ {"ENGINE_IS_NOT_IN_LIST", 38, 105}, ++ #endif ++ #ifdef ENGINE_R_ENGINE_SECTION_ERROR ++ {"ENGINE_SECTION_ERROR", ERR_LIB_ENGINE, ENGINE_R_ENGINE_SECTION_ERROR}, ++ #else ++ {"ENGINE_SECTION_ERROR", 38, 149}, ++ #endif ++ #ifdef ENGINE_R_FAILED_LOADING_PRIVATE_KEY ++ {"FAILED_LOADING_PRIVATE_KEY", ERR_LIB_ENGINE, ENGINE_R_FAILED_LOADING_PRIVATE_KEY}, ++ #else ++ {"FAILED_LOADING_PRIVATE_KEY", 38, 128}, ++ #endif ++ #ifdef ENGINE_R_FAILED_LOADING_PUBLIC_KEY ++ {"FAILED_LOADING_PUBLIC_KEY", ERR_LIB_ENGINE, ENGINE_R_FAILED_LOADING_PUBLIC_KEY}, ++ #else ++ {"FAILED_LOADING_PUBLIC_KEY", 38, 129}, ++ #endif ++ #ifdef ENGINE_R_FINISH_FAILED ++ {"FINISH_FAILED", ERR_LIB_ENGINE, ENGINE_R_FINISH_FAILED}, ++ #else ++ {"FINISH_FAILED", 38, 106}, ++ #endif ++ #ifdef ENGINE_R_ID_OR_NAME_MISSING ++ {"ID_OR_NAME_MISSING", ERR_LIB_ENGINE, ENGINE_R_ID_OR_NAME_MISSING}, ++ #else ++ {"ID_OR_NAME_MISSING", 38, 108}, ++ #endif ++ #ifdef ENGINE_R_INIT_FAILED ++ {"INIT_FAILED", ERR_LIB_ENGINE, ENGINE_R_INIT_FAILED}, ++ #else ++ {"INIT_FAILED", 38, 109}, ++ #endif ++ #ifdef ENGINE_R_INTERNAL_LIST_ERROR ++ {"INTERNAL_LIST_ERROR", ERR_LIB_ENGINE, ENGINE_R_INTERNAL_LIST_ERROR}, ++ #else ++ {"INTERNAL_LIST_ERROR", 38, 110}, ++ #endif ++ #ifdef ENGINE_R_INVALID_ARGUMENT ++ {"INVALID_ARGUMENT", ERR_LIB_ENGINE, ENGINE_R_INVALID_ARGUMENT}, ++ #else ++ {"INVALID_ARGUMENT", 38, 143}, ++ #endif ++ #ifdef ENGINE_R_INVALID_CMD_NAME ++ {"INVALID_CMD_NAME", ERR_LIB_ENGINE, ENGINE_R_INVALID_CMD_NAME}, ++ #else ++ {"INVALID_CMD_NAME", 38, 137}, ++ #endif ++ #ifdef ENGINE_R_INVALID_CMD_NUMBER ++ {"INVALID_CMD_NUMBER", ERR_LIB_ENGINE, ENGINE_R_INVALID_CMD_NUMBER}, ++ #else ++ {"INVALID_CMD_NUMBER", 38, 138}, ++ #endif ++ #ifdef ENGINE_R_INVALID_INIT_VALUE ++ {"INVALID_INIT_VALUE", ERR_LIB_ENGINE, ENGINE_R_INVALID_INIT_VALUE}, ++ #else ++ {"INVALID_INIT_VALUE", 38, 151}, ++ #endif ++ #ifdef ENGINE_R_INVALID_STRING ++ {"INVALID_STRING", ERR_LIB_ENGINE, ENGINE_R_INVALID_STRING}, ++ #else ++ {"INVALID_STRING", 38, 150}, ++ #endif ++ #ifdef ENGINE_R_NOT_INITIALISED ++ {"NOT_INITIALISED", ERR_LIB_ENGINE, ENGINE_R_NOT_INITIALISED}, ++ #else ++ {"NOT_INITIALISED", 38, 117}, ++ #endif ++ #ifdef ENGINE_R_NOT_LOADED ++ {"NOT_LOADED", ERR_LIB_ENGINE, ENGINE_R_NOT_LOADED}, ++ #else ++ {"NOT_LOADED", 38, 112}, ++ #endif ++ #ifdef ENGINE_R_NO_CONTROL_FUNCTION ++ {"NO_CONTROL_FUNCTION", ERR_LIB_ENGINE, ENGINE_R_NO_CONTROL_FUNCTION}, ++ #else ++ {"NO_CONTROL_FUNCTION", 38, 120}, ++ #endif ++ #ifdef ENGINE_R_NO_INDEX ++ {"NO_INDEX", ERR_LIB_ENGINE, ENGINE_R_NO_INDEX}, ++ #else ++ {"NO_INDEX", 38, 144}, ++ #endif ++ #ifdef ENGINE_R_NO_LOAD_FUNCTION ++ {"NO_LOAD_FUNCTION", ERR_LIB_ENGINE, ENGINE_R_NO_LOAD_FUNCTION}, ++ #else ++ {"NO_LOAD_FUNCTION", 38, 125}, ++ #endif ++ #ifdef ENGINE_R_NO_REFERENCE ++ {"NO_REFERENCE", ERR_LIB_ENGINE, ENGINE_R_NO_REFERENCE}, ++ #else ++ {"NO_REFERENCE", 38, 130}, ++ #endif ++ #ifdef ENGINE_R_NO_SUCH_ENGINE ++ {"NO_SUCH_ENGINE", ERR_LIB_ENGINE, ENGINE_R_NO_SUCH_ENGINE}, ++ #else ++ {"NO_SUCH_ENGINE", 38, 116}, ++ #endif ++ #ifdef ENGINE_R_UNIMPLEMENTED_CIPHER ++ {"UNIMPLEMENTED_CIPHER", ERR_LIB_ENGINE, ENGINE_R_UNIMPLEMENTED_CIPHER}, ++ #else ++ {"UNIMPLEMENTED_CIPHER", 38, 146}, ++ #endif ++ #ifdef ENGINE_R_UNIMPLEMENTED_DIGEST ++ {"UNIMPLEMENTED_DIGEST", ERR_LIB_ENGINE, ENGINE_R_UNIMPLEMENTED_DIGEST}, ++ #else ++ {"UNIMPLEMENTED_DIGEST", 38, 147}, ++ #endif ++ #ifdef ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD ++ {"UNIMPLEMENTED_PUBLIC_KEY_METHOD", ERR_LIB_ENGINE, ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD}, ++ #else ++ {"UNIMPLEMENTED_PUBLIC_KEY_METHOD", 38, 101}, ++ #endif ++ #ifdef ENGINE_R_VERSION_INCOMPATIBILITY ++ {"VERSION_INCOMPATIBILITY", ERR_LIB_ENGINE, ENGINE_R_VERSION_INCOMPATIBILITY}, ++ #else ++ {"VERSION_INCOMPATIBILITY", 38, 145}, ++ #endif ++ #ifdef EVP_R_AES_KEY_SETUP_FAILED ++ {"AES_KEY_SETUP_FAILED", ERR_LIB_EVP, EVP_R_AES_KEY_SETUP_FAILED}, ++ #else ++ {"AES_KEY_SETUP_FAILED", 6, 143}, ++ #endif ++ #ifdef EVP_R_ARIA_KEY_SETUP_FAILED ++ {"ARIA_KEY_SETUP_FAILED", ERR_LIB_EVP, EVP_R_ARIA_KEY_SETUP_FAILED}, ++ #else ++ {"ARIA_KEY_SETUP_FAILED", 6, 176}, ++ #endif ++ #ifdef EVP_R_BAD_DECRYPT ++ {"BAD_DECRYPT", ERR_LIB_EVP, EVP_R_BAD_DECRYPT}, ++ #else ++ {"BAD_DECRYPT", 6, 100}, ++ #endif ++ #ifdef EVP_R_BAD_KEY_LENGTH ++ {"BAD_KEY_LENGTH", ERR_LIB_EVP, EVP_R_BAD_KEY_LENGTH}, ++ #else ++ {"BAD_KEY_LENGTH", 6, 195}, ++ #endif ++ #ifdef EVP_R_BUFFER_TOO_SMALL ++ {"BUFFER_TOO_SMALL", ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL}, ++ #else ++ {"BUFFER_TOO_SMALL", 6, 155}, ++ #endif ++ #ifdef EVP_R_CAMELLIA_KEY_SETUP_FAILED ++ {"CAMELLIA_KEY_SETUP_FAILED", ERR_LIB_EVP, EVP_R_CAMELLIA_KEY_SETUP_FAILED}, ++ #else ++ {"CAMELLIA_KEY_SETUP_FAILED", 6, 157}, ++ #endif ++ #ifdef EVP_R_CIPHER_PARAMETER_ERROR ++ {"CIPHER_PARAMETER_ERROR", ERR_LIB_EVP, EVP_R_CIPHER_PARAMETER_ERROR}, ++ #else ++ {"CIPHER_PARAMETER_ERROR", 6, 122}, ++ #endif ++ #ifdef EVP_R_COMMAND_NOT_SUPPORTED ++ {"COMMAND_NOT_SUPPORTED", ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED}, ++ #else ++ {"COMMAND_NOT_SUPPORTED", 6, 147}, ++ #endif ++ #ifdef EVP_R_COPY_ERROR ++ {"COPY_ERROR", ERR_LIB_EVP, EVP_R_COPY_ERROR}, ++ #else ++ {"COPY_ERROR", 6, 173}, ++ #endif ++ #ifdef EVP_R_CTRL_NOT_IMPLEMENTED ++ {"CTRL_NOT_IMPLEMENTED", ERR_LIB_EVP, EVP_R_CTRL_NOT_IMPLEMENTED}, ++ #else ++ {"CTRL_NOT_IMPLEMENTED", 6, 132}, ++ #endif ++ #ifdef EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ++ {"CTRL_OPERATION_NOT_IMPLEMENTED", ERR_LIB_EVP, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED}, ++ #else ++ {"CTRL_OPERATION_NOT_IMPLEMENTED", 6, 133}, ++ #endif ++ #ifdef EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ++ {"DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH", ERR_LIB_EVP, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH}, ++ #else ++ {"DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH", 6, 138}, ++ #endif ++ #ifdef EVP_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_EVP, EVP_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 6, 114}, ++ #endif ++ #ifdef EVP_R_DIFFERENT_KEY_TYPES ++ {"DIFFERENT_KEY_TYPES", ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES}, ++ #else ++ {"DIFFERENT_KEY_TYPES", 6, 101}, ++ #endif ++ #ifdef EVP_R_DIFFERENT_PARAMETERS ++ {"DIFFERENT_PARAMETERS", ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS}, ++ #else ++ {"DIFFERENT_PARAMETERS", 6, 153}, ++ #endif ++ #ifdef EVP_R_ERROR_LOADING_SECTION ++ {"ERROR_LOADING_SECTION", ERR_LIB_EVP, EVP_R_ERROR_LOADING_SECTION}, ++ #else ++ {"ERROR_LOADING_SECTION", 6, 165}, ++ #endif ++ #ifdef EVP_R_ERROR_SETTING_FIPS_MODE ++ {"ERROR_SETTING_FIPS_MODE", ERR_LIB_EVP, EVP_R_ERROR_SETTING_FIPS_MODE}, ++ #else ++ {"ERROR_SETTING_FIPS_MODE", 6, 166}, ++ #endif ++ #ifdef EVP_R_EXPECTING_AN_HMAC_KEY ++ {"EXPECTING_AN_HMAC_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_AN_HMAC_KEY}, ++ #else ++ {"EXPECTING_AN_HMAC_KEY", 6, 174}, ++ #endif ++ #ifdef EVP_R_EXPECTING_AN_RSA_KEY ++ {"EXPECTING_AN_RSA_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_AN_RSA_KEY}, ++ #else ++ {"EXPECTING_AN_RSA_KEY", 6, 127}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_DH_KEY ++ {"EXPECTING_A_DH_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_DH_KEY}, ++ #else ++ {"EXPECTING_A_DH_KEY", 6, 128}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_DSA_KEY ++ {"EXPECTING_A_DSA_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_DSA_KEY}, ++ #else ++ {"EXPECTING_A_DSA_KEY", 6, 129}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_EC_KEY ++ {"EXPECTING_A_EC_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_EC_KEY}, ++ #else ++ {"EXPECTING_A_EC_KEY", 6, 142}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_POLY1305_KEY ++ {"EXPECTING_A_POLY1305_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_POLY1305_KEY}, ++ #else ++ {"EXPECTING_A_POLY1305_KEY", 6, 164}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_SIPHASH_KEY ++ {"EXPECTING_A_SIPHASH_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_SIPHASH_KEY}, ++ #else ++ {"EXPECTING_A_SIPHASH_KEY", 6, 175}, ++ #endif ++ #ifdef EVP_R_FIPS_MODE_NOT_SUPPORTED ++ {"FIPS_MODE_NOT_SUPPORTED", ERR_LIB_EVP, EVP_R_FIPS_MODE_NOT_SUPPORTED}, ++ #else ++ {"FIPS_MODE_NOT_SUPPORTED", 6, 167}, ++ #endif ++ #ifdef EVP_R_GET_RAW_KEY_FAILED ++ {"GET_RAW_KEY_FAILED", ERR_LIB_EVP, EVP_R_GET_RAW_KEY_FAILED}, ++ #else ++ {"GET_RAW_KEY_FAILED", 6, 182}, ++ #endif ++ #ifdef EVP_R_ILLEGAL_SCRYPT_PARAMETERS ++ {"ILLEGAL_SCRYPT_PARAMETERS", ERR_LIB_EVP, EVP_R_ILLEGAL_SCRYPT_PARAMETERS}, ++ #else ++ {"ILLEGAL_SCRYPT_PARAMETERS", 6, 171}, ++ #endif ++ #ifdef EVP_R_INITIALIZATION_ERROR ++ {"INITIALIZATION_ERROR", ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR}, ++ #else ++ {"INITIALIZATION_ERROR", 6, 134}, ++ #endif ++ #ifdef EVP_R_INPUT_NOT_INITIALIZED ++ {"INPUT_NOT_INITIALIZED", ERR_LIB_EVP, EVP_R_INPUT_NOT_INITIALIZED}, ++ #else ++ {"INPUT_NOT_INITIALIZED", 6, 111}, ++ #endif ++ #ifdef EVP_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_EVP, EVP_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 6, 152}, ++ #endif ++ #ifdef EVP_R_INVALID_FIPS_MODE ++ {"INVALID_FIPS_MODE", ERR_LIB_EVP, EVP_R_INVALID_FIPS_MODE}, ++ #else ++ {"INVALID_FIPS_MODE", 6, 168}, ++ #endif ++ #ifdef EVP_R_INVALID_IV_LENGTH ++ {"INVALID_IV_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH}, ++ #else ++ {"INVALID_IV_LENGTH", 6, 194}, ++ #endif ++ #ifdef EVP_R_INVALID_KEY ++ {"INVALID_KEY", ERR_LIB_EVP, EVP_R_INVALID_KEY}, ++ #else ++ {"INVALID_KEY", 6, 163}, ++ #endif ++ #ifdef EVP_R_INVALID_KEY_LENGTH ++ {"INVALID_KEY_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH}, ++ #else ++ {"INVALID_KEY_LENGTH", 6, 130}, ++ #endif ++ #ifdef EVP_R_INVALID_OPERATION ++ {"INVALID_OPERATION", ERR_LIB_EVP, EVP_R_INVALID_OPERATION}, ++ #else ++ {"INVALID_OPERATION", 6, 148}, ++ #endif ++ #ifdef EVP_R_KEYGEN_FAILURE ++ {"KEYGEN_FAILURE", ERR_LIB_EVP, EVP_R_KEYGEN_FAILURE}, ++ #else ++ {"KEYGEN_FAILURE", 6, 120}, ++ #endif ++ #ifdef EVP_R_KEY_SETUP_FAILED ++ {"KEY_SETUP_FAILED", ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED}, ++ #else ++ {"KEY_SETUP_FAILED", 6, 180}, ++ #endif ++ #ifdef EVP_R_MEMORY_LIMIT_EXCEEDED ++ {"MEMORY_LIMIT_EXCEEDED", ERR_LIB_EVP, EVP_R_MEMORY_LIMIT_EXCEEDED}, ++ #else ++ {"MEMORY_LIMIT_EXCEEDED", 6, 172}, ++ #endif ++ #ifdef EVP_R_MESSAGE_DIGEST_IS_NULL ++ {"MESSAGE_DIGEST_IS_NULL", ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL}, ++ #else ++ {"MESSAGE_DIGEST_IS_NULL", 6, 159}, ++ #endif ++ #ifdef EVP_R_METHOD_NOT_SUPPORTED ++ {"METHOD_NOT_SUPPORTED", ERR_LIB_EVP, EVP_R_METHOD_NOT_SUPPORTED}, ++ #else ++ {"METHOD_NOT_SUPPORTED", 6, 144}, ++ #endif ++ #ifdef EVP_R_MISSING_PARAMETERS ++ {"MISSING_PARAMETERS", ERR_LIB_EVP, EVP_R_MISSING_PARAMETERS}, ++ #else ++ {"MISSING_PARAMETERS", 6, 103}, ++ #endif ++ #ifdef EVP_R_NOT_XOF_OR_INVALID_LENGTH ++ {"NOT_XOF_OR_INVALID_LENGTH", ERR_LIB_EVP, EVP_R_NOT_XOF_OR_INVALID_LENGTH}, ++ #else ++ {"NOT_XOF_OR_INVALID_LENGTH", 6, 178}, ++ #endif ++ #ifdef EVP_R_NO_CIPHER_SET ++ {"NO_CIPHER_SET", ERR_LIB_EVP, EVP_R_NO_CIPHER_SET}, ++ #else ++ {"NO_CIPHER_SET", 6, 131}, ++ #endif ++ #ifdef EVP_R_NO_DEFAULT_DIGEST ++ {"NO_DEFAULT_DIGEST", ERR_LIB_EVP, EVP_R_NO_DEFAULT_DIGEST}, ++ #else ++ {"NO_DEFAULT_DIGEST", 6, 158}, ++ #endif ++ #ifdef EVP_R_NO_DIGEST_SET ++ {"NO_DIGEST_SET", ERR_LIB_EVP, EVP_R_NO_DIGEST_SET}, ++ #else ++ {"NO_DIGEST_SET", 6, 139}, ++ #endif ++ #ifdef EVP_R_NO_KEY_SET ++ {"NO_KEY_SET", ERR_LIB_EVP, EVP_R_NO_KEY_SET}, ++ #else ++ {"NO_KEY_SET", 6, 154}, ++ #endif ++ #ifdef EVP_R_NO_OPERATION_SET ++ {"NO_OPERATION_SET", ERR_LIB_EVP, EVP_R_NO_OPERATION_SET}, ++ #else ++ {"NO_OPERATION_SET", 6, 149}, ++ #endif ++ #ifdef EVP_R_ONLY_ONESHOT_SUPPORTED ++ {"ONLY_ONESHOT_SUPPORTED", ERR_LIB_EVP, EVP_R_ONLY_ONESHOT_SUPPORTED}, ++ #else ++ {"ONLY_ONESHOT_SUPPORTED", 6, 177}, ++ #endif ++ #ifdef EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE}, ++ #else ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", 6, 150}, ++ #endif ++ #ifdef EVP_R_OPERATON_NOT_INITIALIZED ++ {"OPERATON_NOT_INITIALIZED", ERR_LIB_EVP, EVP_R_OPERATON_NOT_INITIALIZED}, ++ #else ++ {"OPERATON_NOT_INITIALIZED", 6, 151}, ++ #endif ++ #ifdef EVP_R_OUTPUT_WOULD_OVERFLOW ++ {"OUTPUT_WOULD_OVERFLOW", ERR_LIB_EVP, EVP_R_OUTPUT_WOULD_OVERFLOW}, ++ #else ++ {"OUTPUT_WOULD_OVERFLOW", 6, 184}, ++ #endif ++ #ifdef EVP_R_PARTIALLY_OVERLAPPING ++ {"PARTIALLY_OVERLAPPING", ERR_LIB_EVP, EVP_R_PARTIALLY_OVERLAPPING}, ++ #else ++ {"PARTIALLY_OVERLAPPING", 6, 162}, ++ #endif ++ #ifdef EVP_R_PBKDF2_ERROR ++ {"PBKDF2_ERROR", ERR_LIB_EVP, EVP_R_PBKDF2_ERROR}, ++ #else ++ {"PBKDF2_ERROR", 6, 181}, ++ #endif ++ #ifdef EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED ++ {"PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED", ERR_LIB_EVP, EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED}, ++ #else ++ {"PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED", 6, 179}, ++ #endif ++ #ifdef EVP_R_PRIVATE_KEY_DECODE_ERROR ++ {"PRIVATE_KEY_DECODE_ERROR", ERR_LIB_EVP, EVP_R_PRIVATE_KEY_DECODE_ERROR}, ++ #else ++ {"PRIVATE_KEY_DECODE_ERROR", 6, 145}, ++ #endif ++ #ifdef EVP_R_PRIVATE_KEY_ENCODE_ERROR ++ {"PRIVATE_KEY_ENCODE_ERROR", ERR_LIB_EVP, EVP_R_PRIVATE_KEY_ENCODE_ERROR}, ++ #else ++ {"PRIVATE_KEY_ENCODE_ERROR", 6, 146}, ++ #endif ++ #ifdef EVP_R_PUBLIC_KEY_NOT_RSA ++ {"PUBLIC_KEY_NOT_RSA", ERR_LIB_EVP, EVP_R_PUBLIC_KEY_NOT_RSA}, ++ #else ++ {"PUBLIC_KEY_NOT_RSA", 6, 106}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_CIPHER ++ {"UNKNOWN_CIPHER", ERR_LIB_EVP, EVP_R_UNKNOWN_CIPHER}, ++ #else ++ {"UNKNOWN_CIPHER", 6, 160}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_DIGEST ++ {"UNKNOWN_DIGEST", ERR_LIB_EVP, EVP_R_UNKNOWN_DIGEST}, ++ #else ++ {"UNKNOWN_DIGEST", 6, 161}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_OPTION ++ {"UNKNOWN_OPTION", ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION}, ++ #else ++ {"UNKNOWN_OPTION", 6, 169}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_PBE_ALGORITHM ++ {"UNKNOWN_PBE_ALGORITHM", ERR_LIB_EVP, EVP_R_UNKNOWN_PBE_ALGORITHM}, ++ #else ++ {"UNKNOWN_PBE_ALGORITHM", 6, 121}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_ALGORITHM ++ {"UNSUPPORTED_ALGORITHM", ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_ALGORITHM", 6, 156}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_CIPHER ++ {"UNSUPPORTED_CIPHER", ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER}, ++ #else ++ {"UNSUPPORTED_CIPHER", 6, 107}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_KEYLENGTH ++ {"UNSUPPORTED_KEYLENGTH", ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEYLENGTH}, ++ #else ++ {"UNSUPPORTED_KEYLENGTH", 6, 123}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION ++ {"UNSUPPORTED_KEY_DERIVATION_FUNCTION", ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION}, ++ #else ++ {"UNSUPPORTED_KEY_DERIVATION_FUNCTION", 6, 124}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_KEY_SIZE ++ {"UNSUPPORTED_KEY_SIZE", ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_SIZE}, ++ #else ++ {"UNSUPPORTED_KEY_SIZE", 6, 108}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS ++ {"UNSUPPORTED_NUMBER_OF_ROUNDS", ERR_LIB_EVP, EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS}, ++ #else ++ {"UNSUPPORTED_NUMBER_OF_ROUNDS", 6, 135}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_PRF ++ {"UNSUPPORTED_PRF", ERR_LIB_EVP, EVP_R_UNSUPPORTED_PRF}, ++ #else ++ {"UNSUPPORTED_PRF", 6, 125}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ++ {"UNSUPPORTED_PRIVATE_KEY_ALGORITHM", ERR_LIB_EVP, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_PRIVATE_KEY_ALGORITHM", 6, 118}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_SALT_TYPE ++ {"UNSUPPORTED_SALT_TYPE", ERR_LIB_EVP, EVP_R_UNSUPPORTED_SALT_TYPE}, ++ #else ++ {"UNSUPPORTED_SALT_TYPE", 6, 126}, ++ #endif ++ #ifdef EVP_R_WRAP_MODE_NOT_ALLOWED ++ {"WRAP_MODE_NOT_ALLOWED", ERR_LIB_EVP, EVP_R_WRAP_MODE_NOT_ALLOWED}, ++ #else ++ {"WRAP_MODE_NOT_ALLOWED", 6, 170}, ++ #endif ++ #ifdef EVP_R_WRONG_FINAL_BLOCK_LENGTH ++ {"WRONG_FINAL_BLOCK_LENGTH", ERR_LIB_EVP, EVP_R_WRONG_FINAL_BLOCK_LENGTH}, ++ #else ++ {"WRONG_FINAL_BLOCK_LENGTH", 6, 109}, ++ #endif ++ #ifdef EVP_R_XTS_DUPLICATED_KEYS ++ {"XTS_DUPLICATED_KEYS", ERR_LIB_EVP, EVP_R_XTS_DUPLICATED_KEYS}, ++ #else ++ {"XTS_DUPLICATED_KEYS", 6, 183}, ++ #endif ++ #ifdef KDF_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_KDF, KDF_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 52, 100}, ++ #endif ++ #ifdef KDF_R_MISSING_ITERATION_COUNT ++ {"MISSING_ITERATION_COUNT", ERR_LIB_KDF, KDF_R_MISSING_ITERATION_COUNT}, ++ #else ++ {"MISSING_ITERATION_COUNT", 52, 109}, ++ #endif ++ #ifdef KDF_R_MISSING_KEY ++ {"MISSING_KEY", ERR_LIB_KDF, KDF_R_MISSING_KEY}, ++ #else ++ {"MISSING_KEY", 52, 104}, ++ #endif ++ #ifdef KDF_R_MISSING_MESSAGE_DIGEST ++ {"MISSING_MESSAGE_DIGEST", ERR_LIB_KDF, KDF_R_MISSING_MESSAGE_DIGEST}, ++ #else ++ {"MISSING_MESSAGE_DIGEST", 52, 105}, ++ #endif ++ #ifdef KDF_R_MISSING_PARAMETER ++ {"MISSING_PARAMETER", ERR_LIB_KDF, KDF_R_MISSING_PARAMETER}, ++ #else ++ {"MISSING_PARAMETER", 52, 101}, ++ #endif ++ #ifdef KDF_R_MISSING_PASS ++ {"MISSING_PASS", ERR_LIB_KDF, KDF_R_MISSING_PASS}, ++ #else ++ {"MISSING_PASS", 52, 110}, ++ #endif ++ #ifdef KDF_R_MISSING_SALT ++ {"MISSING_SALT", ERR_LIB_KDF, KDF_R_MISSING_SALT}, ++ #else ++ {"MISSING_SALT", 52, 111}, ++ #endif ++ #ifdef KDF_R_MISSING_SECRET ++ {"MISSING_SECRET", ERR_LIB_KDF, KDF_R_MISSING_SECRET}, ++ #else ++ {"MISSING_SECRET", 52, 107}, ++ #endif ++ #ifdef KDF_R_MISSING_SEED ++ {"MISSING_SEED", ERR_LIB_KDF, KDF_R_MISSING_SEED}, ++ #else ++ {"MISSING_SEED", 52, 106}, ++ #endif ++ #ifdef KDF_R_UNKNOWN_PARAMETER_TYPE ++ {"UNKNOWN_PARAMETER_TYPE", ERR_LIB_KDF, KDF_R_UNKNOWN_PARAMETER_TYPE}, ++ #else ++ {"UNKNOWN_PARAMETER_TYPE", 52, 103}, ++ #endif ++ #ifdef KDF_R_VALUE_ERROR ++ {"VALUE_ERROR", ERR_LIB_KDF, KDF_R_VALUE_ERROR}, ++ #else ++ {"VALUE_ERROR", 52, 108}, ++ #endif ++ #ifdef KDF_R_VALUE_MISSING ++ {"VALUE_MISSING", ERR_LIB_KDF, KDF_R_VALUE_MISSING}, ++ #else ++ {"VALUE_MISSING", 52, 102}, ++ #endif ++ #ifdef OBJ_R_OID_EXISTS ++ {"OID_EXISTS", ERR_LIB_OBJ, OBJ_R_OID_EXISTS}, ++ #else ++ {"OID_EXISTS", 8, 102}, ++ #endif ++ #ifdef OBJ_R_UNKNOWN_NID ++ {"UNKNOWN_NID", ERR_LIB_OBJ, OBJ_R_UNKNOWN_NID}, ++ #else ++ {"UNKNOWN_NID", 8, 101}, ++ #endif ++ #ifdef OCSP_R_CERTIFICATE_VERIFY_ERROR ++ {"CERTIFICATE_VERIFY_ERROR", ERR_LIB_OCSP, OCSP_R_CERTIFICATE_VERIFY_ERROR}, ++ #else ++ {"CERTIFICATE_VERIFY_ERROR", 39, 101}, ++ #endif ++ #ifdef OCSP_R_DIGEST_ERR ++ {"DIGEST_ERR", ERR_LIB_OCSP, OCSP_R_DIGEST_ERR}, ++ #else ++ {"DIGEST_ERR", 39, 102}, ++ #endif ++ #ifdef OCSP_R_ERROR_IN_NEXTUPDATE_FIELD ++ {"ERROR_IN_NEXTUPDATE_FIELD", ERR_LIB_OCSP, OCSP_R_ERROR_IN_NEXTUPDATE_FIELD}, ++ #else ++ {"ERROR_IN_NEXTUPDATE_FIELD", 39, 122}, ++ #endif ++ #ifdef OCSP_R_ERROR_IN_THISUPDATE_FIELD ++ {"ERROR_IN_THISUPDATE_FIELD", ERR_LIB_OCSP, OCSP_R_ERROR_IN_THISUPDATE_FIELD}, ++ #else ++ {"ERROR_IN_THISUPDATE_FIELD", 39, 123}, ++ #endif ++ #ifdef OCSP_R_ERROR_PARSING_URL ++ {"ERROR_PARSING_URL", ERR_LIB_OCSP, OCSP_R_ERROR_PARSING_URL}, ++ #else ++ {"ERROR_PARSING_URL", 39, 121}, ++ #endif ++ #ifdef OCSP_R_MISSING_OCSPSIGNING_USAGE ++ {"MISSING_OCSPSIGNING_USAGE", ERR_LIB_OCSP, OCSP_R_MISSING_OCSPSIGNING_USAGE}, ++ #else ++ {"MISSING_OCSPSIGNING_USAGE", 39, 103}, ++ #endif ++ #ifdef OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE ++ {"NEXTUPDATE_BEFORE_THISUPDATE", ERR_LIB_OCSP, OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE}, ++ #else ++ {"NEXTUPDATE_BEFORE_THISUPDATE", 39, 124}, ++ #endif ++ #ifdef OCSP_R_NOT_BASIC_RESPONSE ++ {"NOT_BASIC_RESPONSE", ERR_LIB_OCSP, OCSP_R_NOT_BASIC_RESPONSE}, ++ #else ++ {"NOT_BASIC_RESPONSE", 39, 104}, ++ #endif ++ #ifdef OCSP_R_NO_CERTIFICATES_IN_CHAIN ++ {"NO_CERTIFICATES_IN_CHAIN", ERR_LIB_OCSP, OCSP_R_NO_CERTIFICATES_IN_CHAIN}, ++ #else ++ {"NO_CERTIFICATES_IN_CHAIN", 39, 105}, ++ #endif ++ #ifdef OCSP_R_NO_RESPONSE_DATA ++ {"NO_RESPONSE_DATA", ERR_LIB_OCSP, OCSP_R_NO_RESPONSE_DATA}, ++ #else ++ {"NO_RESPONSE_DATA", 39, 108}, ++ #endif ++ #ifdef OCSP_R_NO_REVOKED_TIME ++ {"NO_REVOKED_TIME", ERR_LIB_OCSP, OCSP_R_NO_REVOKED_TIME}, ++ #else ++ {"NO_REVOKED_TIME", 39, 109}, ++ #endif ++ #ifdef OCSP_R_NO_SIGNER_KEY ++ {"NO_SIGNER_KEY", ERR_LIB_OCSP, OCSP_R_NO_SIGNER_KEY}, ++ #else ++ {"NO_SIGNER_KEY", 39, 130}, ++ #endif ++ #ifdef OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", ERR_LIB_OCSP, OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE}, ++ #else ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", 39, 110}, ++ #endif ++ #ifdef OCSP_R_REQUEST_NOT_SIGNED ++ {"REQUEST_NOT_SIGNED", ERR_LIB_OCSP, OCSP_R_REQUEST_NOT_SIGNED}, ++ #else ++ {"REQUEST_NOT_SIGNED", 39, 128}, ++ #endif ++ #ifdef OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA ++ {"RESPONSE_CONTAINS_NO_REVOCATION_DATA", ERR_LIB_OCSP, OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA}, ++ #else ++ {"RESPONSE_CONTAINS_NO_REVOCATION_DATA", 39, 111}, ++ #endif ++ #ifdef OCSP_R_ROOT_CA_NOT_TRUSTED ++ {"ROOT_CA_NOT_TRUSTED", ERR_LIB_OCSP, OCSP_R_ROOT_CA_NOT_TRUSTED}, ++ #else ++ {"ROOT_CA_NOT_TRUSTED", 39, 112}, ++ #endif ++ #ifdef OCSP_R_SERVER_RESPONSE_ERROR ++ {"SERVER_RESPONSE_ERROR", ERR_LIB_OCSP, OCSP_R_SERVER_RESPONSE_ERROR}, ++ #else ++ {"SERVER_RESPONSE_ERROR", 39, 114}, ++ #endif ++ #ifdef OCSP_R_SERVER_RESPONSE_PARSE_ERROR ++ {"SERVER_RESPONSE_PARSE_ERROR", ERR_LIB_OCSP, OCSP_R_SERVER_RESPONSE_PARSE_ERROR}, ++ #else ++ {"SERVER_RESPONSE_PARSE_ERROR", 39, 115}, ++ #endif ++ #ifdef OCSP_R_SIGNATURE_FAILURE ++ {"SIGNATURE_FAILURE", ERR_LIB_OCSP, OCSP_R_SIGNATURE_FAILURE}, ++ #else ++ {"SIGNATURE_FAILURE", 39, 117}, ++ #endif ++ #ifdef OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND ++ {"SIGNER_CERTIFICATE_NOT_FOUND", ERR_LIB_OCSP, OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND}, ++ #else ++ {"SIGNER_CERTIFICATE_NOT_FOUND", 39, 118}, ++ #endif ++ #ifdef OCSP_R_STATUS_EXPIRED ++ {"STATUS_EXPIRED", ERR_LIB_OCSP, OCSP_R_STATUS_EXPIRED}, ++ #else ++ {"STATUS_EXPIRED", 39, 125}, ++ #endif ++ #ifdef OCSP_R_STATUS_NOT_YET_VALID ++ {"STATUS_NOT_YET_VALID", ERR_LIB_OCSP, OCSP_R_STATUS_NOT_YET_VALID}, ++ #else ++ {"STATUS_NOT_YET_VALID", 39, 126}, ++ #endif ++ #ifdef OCSP_R_STATUS_TOO_OLD ++ {"STATUS_TOO_OLD", ERR_LIB_OCSP, OCSP_R_STATUS_TOO_OLD}, ++ #else ++ {"STATUS_TOO_OLD", 39, 127}, ++ #endif ++ #ifdef OCSP_R_UNKNOWN_MESSAGE_DIGEST ++ {"UNKNOWN_MESSAGE_DIGEST", ERR_LIB_OCSP, OCSP_R_UNKNOWN_MESSAGE_DIGEST}, ++ #else ++ {"UNKNOWN_MESSAGE_DIGEST", 39, 119}, ++ #endif ++ #ifdef OCSP_R_UNKNOWN_NID ++ {"UNKNOWN_NID", ERR_LIB_OCSP, OCSP_R_UNKNOWN_NID}, ++ #else ++ {"UNKNOWN_NID", 39, 120}, ++ #endif ++ #ifdef OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE ++ {"UNSUPPORTED_REQUESTORNAME_TYPE", ERR_LIB_OCSP, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE}, ++ #else ++ {"UNSUPPORTED_REQUESTORNAME_TYPE", 39, 129}, ++ #endif ++ #ifdef OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE ++ {"AMBIGUOUS_CONTENT_TYPE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE}, ++ #else ++ {"AMBIGUOUS_CONTENT_TYPE", 44, 107}, ++ #endif ++ #ifdef OSSL_STORE_R_BAD_PASSWORD_READ ++ {"BAD_PASSWORD_READ", ERR_LIB_OSSL_STORE, OSSL_STORE_R_BAD_PASSWORD_READ}, ++ #else ++ {"BAD_PASSWORD_READ", 44, 115}, ++ #endif ++ #ifdef OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC ++ {"ERROR_VERIFYING_PKCS12_MAC", ERR_LIB_OSSL_STORE, OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC}, ++ #else ++ {"ERROR_VERIFYING_PKCS12_MAC", 44, 113}, ++ #endif ++ #ifdef OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST ++ {"FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST", ERR_LIB_OSSL_STORE, OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST}, ++ #else ++ {"FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST", 44, 121}, ++ #endif ++ #ifdef OSSL_STORE_R_INVALID_SCHEME ++ {"INVALID_SCHEME", ERR_LIB_OSSL_STORE, OSSL_STORE_R_INVALID_SCHEME}, ++ #else ++ {"INVALID_SCHEME", 44, 106}, ++ #endif ++ #ifdef OSSL_STORE_R_IS_NOT_A ++ {"IS_NOT_A", ERR_LIB_OSSL_STORE, OSSL_STORE_R_IS_NOT_A}, ++ #else ++ {"IS_NOT_A", 44, 112}, ++ #endif ++ #ifdef OSSL_STORE_R_LOADER_INCOMPLETE ++ {"LOADER_INCOMPLETE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADER_INCOMPLETE}, ++ #else ++ {"LOADER_INCOMPLETE", 44, 116}, ++ #endif ++ #ifdef OSSL_STORE_R_LOADING_STARTED ++ {"LOADING_STARTED", ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADING_STARTED}, ++ #else ++ {"LOADING_STARTED", 44, 117}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_CERTIFICATE ++ {"NOT_A_CERTIFICATE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_CERTIFICATE}, ++ #else ++ {"NOT_A_CERTIFICATE", 44, 100}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_CRL ++ {"NOT_A_CRL", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_CRL}, ++ #else ++ {"NOT_A_CRL", 44, 101}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_KEY ++ {"NOT_A_KEY", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_KEY}, ++ #else ++ {"NOT_A_KEY", 44, 102}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_NAME ++ {"NOT_A_NAME", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_NAME}, ++ #else ++ {"NOT_A_NAME", 44, 103}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_PARAMETERS ++ {"NOT_PARAMETERS", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_PARAMETERS}, ++ #else ++ {"NOT_PARAMETERS", 44, 104}, ++ #endif ++ #ifdef OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR ++ {"PASSPHRASE_CALLBACK_ERROR", ERR_LIB_OSSL_STORE, OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR}, ++ #else ++ {"PASSPHRASE_CALLBACK_ERROR", 44, 114}, ++ #endif ++ #ifdef OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE ++ {"PATH_MUST_BE_ABSOLUTE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE}, ++ #else ++ {"PATH_MUST_BE_ABSOLUTE", 44, 108}, ++ #endif ++ #ifdef OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES ++ {"SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", ERR_LIB_OSSL_STORE, OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES}, ++ #else ++ {"SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", 44, 119}, ++ #endif ++ #ifdef OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED ++ {"UI_PROCESS_INTERRUPTED_OR_CANCELLED", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED}, ++ #else ++ {"UI_PROCESS_INTERRUPTED_OR_CANCELLED", 44, 109}, ++ #endif ++ #ifdef OSSL_STORE_R_UNREGISTERED_SCHEME ++ {"UNREGISTERED_SCHEME", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNREGISTERED_SCHEME}, ++ #else ++ {"UNREGISTERED_SCHEME", 44, 105}, ++ #endif ++ #ifdef OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE ++ {"UNSUPPORTED_CONTENT_TYPE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE}, ++ #else ++ {"UNSUPPORTED_CONTENT_TYPE", 44, 110}, ++ #endif ++ #ifdef OSSL_STORE_R_UNSUPPORTED_OPERATION ++ {"UNSUPPORTED_OPERATION", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_OPERATION}, ++ #else ++ {"UNSUPPORTED_OPERATION", 44, 118}, ++ #endif ++ #ifdef OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE ++ {"UNSUPPORTED_SEARCH_TYPE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE}, ++ #else ++ {"UNSUPPORTED_SEARCH_TYPE", 44, 120}, ++ #endif ++ #ifdef OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED ++ {"URI_AUTHORITY_UNSUPPORTED", ERR_LIB_OSSL_STORE, OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED}, ++ #else ++ {"URI_AUTHORITY_UNSUPPORTED", 44, 111}, ++ #endif ++ #ifdef PEM_R_BAD_BASE64_DECODE ++ {"BAD_BASE64_DECODE", ERR_LIB_PEM, PEM_R_BAD_BASE64_DECODE}, ++ #else ++ {"BAD_BASE64_DECODE", 9, 100}, ++ #endif ++ #ifdef PEM_R_BAD_DECRYPT ++ {"BAD_DECRYPT", ERR_LIB_PEM, PEM_R_BAD_DECRYPT}, ++ #else ++ {"BAD_DECRYPT", 9, 101}, ++ #endif ++ #ifdef PEM_R_BAD_END_LINE ++ {"BAD_END_LINE", ERR_LIB_PEM, PEM_R_BAD_END_LINE}, ++ #else ++ {"BAD_END_LINE", 9, 102}, ++ #endif ++ #ifdef PEM_R_BAD_IV_CHARS ++ {"BAD_IV_CHARS", ERR_LIB_PEM, PEM_R_BAD_IV_CHARS}, ++ #else ++ {"BAD_IV_CHARS", 9, 103}, ++ #endif ++ #ifdef PEM_R_BAD_MAGIC_NUMBER ++ {"BAD_MAGIC_NUMBER", ERR_LIB_PEM, PEM_R_BAD_MAGIC_NUMBER}, ++ #else ++ {"BAD_MAGIC_NUMBER", 9, 116}, ++ #endif ++ #ifdef PEM_R_BAD_PASSWORD_READ ++ {"BAD_PASSWORD_READ", ERR_LIB_PEM, PEM_R_BAD_PASSWORD_READ}, ++ #else ++ {"BAD_PASSWORD_READ", 9, 104}, ++ #endif ++ #ifdef PEM_R_BAD_VERSION_NUMBER ++ {"BAD_VERSION_NUMBER", ERR_LIB_PEM, PEM_R_BAD_VERSION_NUMBER}, ++ #else ++ {"BAD_VERSION_NUMBER", 9, 117}, ++ #endif ++ #ifdef PEM_R_BIO_WRITE_FAILURE ++ {"BIO_WRITE_FAILURE", ERR_LIB_PEM, PEM_R_BIO_WRITE_FAILURE}, ++ #else ++ {"BIO_WRITE_FAILURE", 9, 118}, ++ #endif ++ #ifdef PEM_R_CIPHER_IS_NULL ++ {"CIPHER_IS_NULL", ERR_LIB_PEM, PEM_R_CIPHER_IS_NULL}, ++ #else ++ {"CIPHER_IS_NULL", 9, 127}, ++ #endif ++ #ifdef PEM_R_ERROR_CONVERTING_PRIVATE_KEY ++ {"ERROR_CONVERTING_PRIVATE_KEY", ERR_LIB_PEM, PEM_R_ERROR_CONVERTING_PRIVATE_KEY}, ++ #else ++ {"ERROR_CONVERTING_PRIVATE_KEY", 9, 115}, ++ #endif ++ #ifdef PEM_R_EXPECTING_PRIVATE_KEY_BLOB ++ {"EXPECTING_PRIVATE_KEY_BLOB", ERR_LIB_PEM, PEM_R_EXPECTING_PRIVATE_KEY_BLOB}, ++ #else ++ {"EXPECTING_PRIVATE_KEY_BLOB", 9, 119}, ++ #endif ++ #ifdef PEM_R_EXPECTING_PUBLIC_KEY_BLOB ++ {"EXPECTING_PUBLIC_KEY_BLOB", ERR_LIB_PEM, PEM_R_EXPECTING_PUBLIC_KEY_BLOB}, ++ #else ++ {"EXPECTING_PUBLIC_KEY_BLOB", 9, 120}, ++ #endif ++ #ifdef PEM_R_HEADER_TOO_LONG ++ {"HEADER_TOO_LONG", ERR_LIB_PEM, PEM_R_HEADER_TOO_LONG}, ++ #else ++ {"HEADER_TOO_LONG", 9, 128}, ++ #endif ++ #ifdef PEM_R_INCONSISTENT_HEADER ++ {"INCONSISTENT_HEADER", ERR_LIB_PEM, PEM_R_INCONSISTENT_HEADER}, ++ #else ++ {"INCONSISTENT_HEADER", 9, 121}, ++ #endif ++ #ifdef PEM_R_KEYBLOB_HEADER_PARSE_ERROR ++ {"KEYBLOB_HEADER_PARSE_ERROR", ERR_LIB_PEM, PEM_R_KEYBLOB_HEADER_PARSE_ERROR}, ++ #else ++ {"KEYBLOB_HEADER_PARSE_ERROR", 9, 122}, ++ #endif ++ #ifdef PEM_R_KEYBLOB_TOO_SHORT ++ {"KEYBLOB_TOO_SHORT", ERR_LIB_PEM, PEM_R_KEYBLOB_TOO_SHORT}, ++ #else ++ {"KEYBLOB_TOO_SHORT", 9, 123}, ++ #endif ++ #ifdef PEM_R_MISSING_DEK_IV ++ {"MISSING_DEK_IV", ERR_LIB_PEM, PEM_R_MISSING_DEK_IV}, ++ #else ++ {"MISSING_DEK_IV", 9, 129}, ++ #endif ++ #ifdef PEM_R_NOT_DEK_INFO ++ {"NOT_DEK_INFO", ERR_LIB_PEM, PEM_R_NOT_DEK_INFO}, ++ #else ++ {"NOT_DEK_INFO", 9, 105}, ++ #endif ++ #ifdef PEM_R_NOT_ENCRYPTED ++ {"NOT_ENCRYPTED", ERR_LIB_PEM, PEM_R_NOT_ENCRYPTED}, ++ #else ++ {"NOT_ENCRYPTED", 9, 106}, ++ #endif ++ #ifdef PEM_R_NOT_PROC_TYPE ++ {"NOT_PROC_TYPE", ERR_LIB_PEM, PEM_R_NOT_PROC_TYPE}, ++ #else ++ {"NOT_PROC_TYPE", 9, 107}, ++ #endif ++ #ifdef PEM_R_NO_START_LINE ++ {"NO_START_LINE", ERR_LIB_PEM, PEM_R_NO_START_LINE}, ++ #else ++ {"NO_START_LINE", 9, 108}, ++ #endif ++ #ifdef PEM_R_PROBLEMS_GETTING_PASSWORD ++ {"PROBLEMS_GETTING_PASSWORD", ERR_LIB_PEM, PEM_R_PROBLEMS_GETTING_PASSWORD}, ++ #else ++ {"PROBLEMS_GETTING_PASSWORD", 9, 109}, ++ #endif ++ #ifdef PEM_R_PVK_DATA_TOO_SHORT ++ {"PVK_DATA_TOO_SHORT", ERR_LIB_PEM, PEM_R_PVK_DATA_TOO_SHORT}, ++ #else ++ {"PVK_DATA_TOO_SHORT", 9, 124}, ++ #endif ++ #ifdef PEM_R_PVK_TOO_SHORT ++ {"PVK_TOO_SHORT", ERR_LIB_PEM, PEM_R_PVK_TOO_SHORT}, ++ #else ++ {"PVK_TOO_SHORT", 9, 125}, ++ #endif ++ #ifdef PEM_R_READ_KEY ++ {"READ_KEY", ERR_LIB_PEM, PEM_R_READ_KEY}, ++ #else ++ {"READ_KEY", 9, 111}, ++ #endif ++ #ifdef PEM_R_SHORT_HEADER ++ {"SHORT_HEADER", ERR_LIB_PEM, PEM_R_SHORT_HEADER}, ++ #else ++ {"SHORT_HEADER", 9, 112}, ++ #endif ++ #ifdef PEM_R_UNEXPECTED_DEK_IV ++ {"UNEXPECTED_DEK_IV", ERR_LIB_PEM, PEM_R_UNEXPECTED_DEK_IV}, ++ #else ++ {"UNEXPECTED_DEK_IV", 9, 130}, ++ #endif ++ #ifdef PEM_R_UNSUPPORTED_CIPHER ++ {"UNSUPPORTED_CIPHER", ERR_LIB_PEM, PEM_R_UNSUPPORTED_CIPHER}, ++ #else ++ {"UNSUPPORTED_CIPHER", 9, 113}, ++ #endif ++ #ifdef PEM_R_UNSUPPORTED_ENCRYPTION ++ {"UNSUPPORTED_ENCRYPTION", ERR_LIB_PEM, PEM_R_UNSUPPORTED_ENCRYPTION}, ++ #else ++ {"UNSUPPORTED_ENCRYPTION", 9, 114}, ++ #endif ++ #ifdef PEM_R_UNSUPPORTED_KEY_COMPONENTS ++ {"UNSUPPORTED_KEY_COMPONENTS", ERR_LIB_PEM, PEM_R_UNSUPPORTED_KEY_COMPONENTS}, ++ #else ++ {"UNSUPPORTED_KEY_COMPONENTS", 9, 126}, ++ #endif ++ #ifdef PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE ++ {"UNSUPPORTED_PUBLIC_KEY_TYPE", ERR_LIB_PEM, PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE}, ++ #else ++ {"UNSUPPORTED_PUBLIC_KEY_TYPE", 9, 110}, ++ #endif ++ #ifdef PKCS12_R_CANT_PACK_STRUCTURE ++ {"CANT_PACK_STRUCTURE", ERR_LIB_PKCS12, PKCS12_R_CANT_PACK_STRUCTURE}, ++ #else ++ {"CANT_PACK_STRUCTURE", 35, 100}, ++ #endif ++ #ifdef PKCS12_R_CONTENT_TYPE_NOT_DATA ++ {"CONTENT_TYPE_NOT_DATA", ERR_LIB_PKCS12, PKCS12_R_CONTENT_TYPE_NOT_DATA}, ++ #else ++ {"CONTENT_TYPE_NOT_DATA", 35, 121}, ++ #endif ++ #ifdef PKCS12_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_PKCS12, PKCS12_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 35, 101}, ++ #endif ++ #ifdef PKCS12_R_ENCODE_ERROR ++ {"ENCODE_ERROR", ERR_LIB_PKCS12, PKCS12_R_ENCODE_ERROR}, ++ #else ++ {"ENCODE_ERROR", 35, 102}, ++ #endif ++ #ifdef PKCS12_R_ENCRYPT_ERROR ++ {"ENCRYPT_ERROR", ERR_LIB_PKCS12, PKCS12_R_ENCRYPT_ERROR}, ++ #else ++ {"ENCRYPT_ERROR", 35, 103}, ++ #endif ++ #ifdef PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE ++ {"ERROR_SETTING_ENCRYPTED_DATA_TYPE", ERR_LIB_PKCS12, PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE}, ++ #else ++ {"ERROR_SETTING_ENCRYPTED_DATA_TYPE", 35, 120}, ++ #endif ++ #ifdef PKCS12_R_INVALID_NULL_ARGUMENT ++ {"INVALID_NULL_ARGUMENT", ERR_LIB_PKCS12, PKCS12_R_INVALID_NULL_ARGUMENT}, ++ #else ++ {"INVALID_NULL_ARGUMENT", 35, 104}, ++ #endif ++ #ifdef PKCS12_R_INVALID_NULL_PKCS12_POINTER ++ {"INVALID_NULL_PKCS12_POINTER", ERR_LIB_PKCS12, PKCS12_R_INVALID_NULL_PKCS12_POINTER}, ++ #else ++ {"INVALID_NULL_PKCS12_POINTER", 35, 105}, ++ #endif ++ #ifdef PKCS12_R_IV_GEN_ERROR ++ {"IV_GEN_ERROR", ERR_LIB_PKCS12, PKCS12_R_IV_GEN_ERROR}, ++ #else ++ {"IV_GEN_ERROR", 35, 106}, ++ #endif ++ #ifdef PKCS12_R_KEY_GEN_ERROR ++ {"KEY_GEN_ERROR", ERR_LIB_PKCS12, PKCS12_R_KEY_GEN_ERROR}, ++ #else ++ {"KEY_GEN_ERROR", 35, 107}, ++ #endif ++ #ifdef PKCS12_R_MAC_ABSENT ++ {"MAC_ABSENT", ERR_LIB_PKCS12, PKCS12_R_MAC_ABSENT}, ++ #else ++ {"MAC_ABSENT", 35, 108}, ++ #endif ++ #ifdef PKCS12_R_MAC_GENERATION_ERROR ++ {"MAC_GENERATION_ERROR", ERR_LIB_PKCS12, PKCS12_R_MAC_GENERATION_ERROR}, ++ #else ++ {"MAC_GENERATION_ERROR", 35, 109}, ++ #endif ++ #ifdef PKCS12_R_MAC_SETUP_ERROR ++ {"MAC_SETUP_ERROR", ERR_LIB_PKCS12, PKCS12_R_MAC_SETUP_ERROR}, ++ #else ++ {"MAC_SETUP_ERROR", 35, 110}, ++ #endif ++ #ifdef PKCS12_R_MAC_STRING_SET_ERROR ++ {"MAC_STRING_SET_ERROR", ERR_LIB_PKCS12, PKCS12_R_MAC_STRING_SET_ERROR}, ++ #else ++ {"MAC_STRING_SET_ERROR", 35, 111}, ++ #endif ++ #ifdef PKCS12_R_MAC_VERIFY_FAILURE ++ {"MAC_VERIFY_FAILURE", ERR_LIB_PKCS12, PKCS12_R_MAC_VERIFY_FAILURE}, ++ #else ++ {"MAC_VERIFY_FAILURE", 35, 113}, ++ #endif ++ #ifdef PKCS12_R_PARSE_ERROR ++ {"PARSE_ERROR", ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR}, ++ #else ++ {"PARSE_ERROR", 35, 114}, ++ #endif ++ #ifdef PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR ++ {"PKCS12_ALGOR_CIPHERINIT_ERROR", ERR_LIB_PKCS12, PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR}, ++ #else ++ {"PKCS12_ALGOR_CIPHERINIT_ERROR", 35, 115}, ++ #endif ++ #ifdef PKCS12_R_PKCS12_CIPHERFINAL_ERROR ++ {"PKCS12_CIPHERFINAL_ERROR", ERR_LIB_PKCS12, PKCS12_R_PKCS12_CIPHERFINAL_ERROR}, ++ #else ++ {"PKCS12_CIPHERFINAL_ERROR", 35, 116}, ++ #endif ++ #ifdef PKCS12_R_PKCS12_PBE_CRYPT_ERROR ++ {"PKCS12_PBE_CRYPT_ERROR", ERR_LIB_PKCS12, PKCS12_R_PKCS12_PBE_CRYPT_ERROR}, ++ #else ++ {"PKCS12_PBE_CRYPT_ERROR", 35, 117}, ++ #endif ++ #ifdef PKCS12_R_UNKNOWN_DIGEST_ALGORITHM ++ {"UNKNOWN_DIGEST_ALGORITHM", ERR_LIB_PKCS12, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM}, ++ #else ++ {"UNKNOWN_DIGEST_ALGORITHM", 35, 118}, ++ #endif ++ #ifdef PKCS12_R_UNSUPPORTED_PKCS12_MODE ++ {"UNSUPPORTED_PKCS12_MODE", ERR_LIB_PKCS12, PKCS12_R_UNSUPPORTED_PKCS12_MODE}, ++ #else ++ {"UNSUPPORTED_PKCS12_MODE", 35, 119}, ++ #endif ++ #ifdef PKCS7_R_CERTIFICATE_VERIFY_ERROR ++ {"CERTIFICATE_VERIFY_ERROR", ERR_LIB_PKCS7, PKCS7_R_CERTIFICATE_VERIFY_ERROR}, ++ #else ++ {"CERTIFICATE_VERIFY_ERROR", 33, 117}, ++ #endif ++ #ifdef PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ++ {"CIPHER_HAS_NO_OBJECT_IDENTIFIER", ERR_LIB_PKCS7, PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER}, ++ #else ++ {"CIPHER_HAS_NO_OBJECT_IDENTIFIER", 33, 144}, ++ #endif ++ #ifdef PKCS7_R_CIPHER_NOT_INITIALIZED ++ {"CIPHER_NOT_INITIALIZED", ERR_LIB_PKCS7, PKCS7_R_CIPHER_NOT_INITIALIZED}, ++ #else ++ {"CIPHER_NOT_INITIALIZED", 33, 116}, ++ #endif ++ #ifdef PKCS7_R_CONTENT_AND_DATA_PRESENT ++ {"CONTENT_AND_DATA_PRESENT", ERR_LIB_PKCS7, PKCS7_R_CONTENT_AND_DATA_PRESENT}, ++ #else ++ {"CONTENT_AND_DATA_PRESENT", 33, 118}, ++ #endif ++ #ifdef PKCS7_R_CTRL_ERROR ++ {"CTRL_ERROR", ERR_LIB_PKCS7, PKCS7_R_CTRL_ERROR}, ++ #else ++ {"CTRL_ERROR", 33, 152}, ++ #endif ++ #ifdef PKCS7_R_DECRYPT_ERROR ++ {"DECRYPT_ERROR", ERR_LIB_PKCS7, PKCS7_R_DECRYPT_ERROR}, ++ #else ++ {"DECRYPT_ERROR", 33, 119}, ++ #endif ++ #ifdef PKCS7_R_DIGEST_FAILURE ++ {"DIGEST_FAILURE", ERR_LIB_PKCS7, PKCS7_R_DIGEST_FAILURE}, ++ #else ++ {"DIGEST_FAILURE", 33, 101}, ++ #endif ++ #ifdef PKCS7_R_ENCRYPTION_CTRL_FAILURE ++ {"ENCRYPTION_CTRL_FAILURE", ERR_LIB_PKCS7, PKCS7_R_ENCRYPTION_CTRL_FAILURE}, ++ #else ++ {"ENCRYPTION_CTRL_FAILURE", 33, 149}, ++ #endif ++ #ifdef PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE ++ {"ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", ERR_LIB_PKCS7, PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE}, ++ #else ++ {"ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", 33, 150}, ++ #endif ++ #ifdef PKCS7_R_ERROR_ADDING_RECIPIENT ++ {"ERROR_ADDING_RECIPIENT", ERR_LIB_PKCS7, PKCS7_R_ERROR_ADDING_RECIPIENT}, ++ #else ++ {"ERROR_ADDING_RECIPIENT", 33, 120}, ++ #endif ++ #ifdef PKCS7_R_ERROR_SETTING_CIPHER ++ {"ERROR_SETTING_CIPHER", ERR_LIB_PKCS7, PKCS7_R_ERROR_SETTING_CIPHER}, ++ #else ++ {"ERROR_SETTING_CIPHER", 33, 121}, ++ #endif ++ #ifdef PKCS7_R_INVALID_NULL_POINTER ++ {"INVALID_NULL_POINTER", ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER}, ++ #else ++ {"INVALID_NULL_POINTER", 33, 143}, ++ #endif ++ #ifdef PKCS7_R_INVALID_SIGNED_DATA_TYPE ++ {"INVALID_SIGNED_DATA_TYPE", ERR_LIB_PKCS7, PKCS7_R_INVALID_SIGNED_DATA_TYPE}, ++ #else ++ {"INVALID_SIGNED_DATA_TYPE", 33, 155}, ++ #endif ++ #ifdef PKCS7_R_NO_CONTENT ++ {"NO_CONTENT", ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT}, ++ #else ++ {"NO_CONTENT", 33, 122}, ++ #endif ++ #ifdef PKCS7_R_NO_DEFAULT_DIGEST ++ {"NO_DEFAULT_DIGEST", ERR_LIB_PKCS7, PKCS7_R_NO_DEFAULT_DIGEST}, ++ #else ++ {"NO_DEFAULT_DIGEST", 33, 151}, ++ #endif ++ #ifdef PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND ++ {"NO_MATCHING_DIGEST_TYPE_FOUND", ERR_LIB_PKCS7, PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND}, ++ #else ++ {"NO_MATCHING_DIGEST_TYPE_FOUND", 33, 154}, ++ #endif ++ #ifdef PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE ++ {"NO_RECIPIENT_MATCHES_CERTIFICATE", ERR_LIB_PKCS7, PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE}, ++ #else ++ {"NO_RECIPIENT_MATCHES_CERTIFICATE", 33, 115}, ++ #endif ++ #ifdef PKCS7_R_NO_SIGNATURES_ON_DATA ++ {"NO_SIGNATURES_ON_DATA", ERR_LIB_PKCS7, PKCS7_R_NO_SIGNATURES_ON_DATA}, ++ #else ++ {"NO_SIGNATURES_ON_DATA", 33, 123}, ++ #endif ++ #ifdef PKCS7_R_NO_SIGNERS ++ {"NO_SIGNERS", ERR_LIB_PKCS7, PKCS7_R_NO_SIGNERS}, ++ #else ++ {"NO_SIGNERS", 33, 142}, ++ #endif ++ #ifdef PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE ++ {"OPERATION_NOT_SUPPORTED_ON_THIS_TYPE", ERR_LIB_PKCS7, PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE}, ++ #else ++ {"OPERATION_NOT_SUPPORTED_ON_THIS_TYPE", 33, 104}, ++ #endif ++ #ifdef PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR ++ {"PKCS7_ADD_SIGNATURE_ERROR", ERR_LIB_PKCS7, PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR}, ++ #else ++ {"PKCS7_ADD_SIGNATURE_ERROR", 33, 124}, ++ #endif ++ #ifdef PKCS7_R_PKCS7_ADD_SIGNER_ERROR ++ {"PKCS7_ADD_SIGNER_ERROR", ERR_LIB_PKCS7, PKCS7_R_PKCS7_ADD_SIGNER_ERROR}, ++ #else ++ {"PKCS7_ADD_SIGNER_ERROR", 33, 153}, ++ #endif ++ #ifdef PKCS7_R_PKCS7_DATASIGN ++ {"PKCS7_DATASIGN", ERR_LIB_PKCS7, PKCS7_R_PKCS7_DATASIGN}, ++ #else ++ {"PKCS7_DATASIGN", 33, 145}, ++ #endif ++ #ifdef PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", ERR_LIB_PKCS7, PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE}, ++ #else ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", 33, 127}, ++ #endif ++ #ifdef PKCS7_R_SIGNATURE_FAILURE ++ {"SIGNATURE_FAILURE", ERR_LIB_PKCS7, PKCS7_R_SIGNATURE_FAILURE}, ++ #else ++ {"SIGNATURE_FAILURE", 33, 105}, ++ #endif ++ #ifdef PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND ++ {"SIGNER_CERTIFICATE_NOT_FOUND", ERR_LIB_PKCS7, PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND}, ++ #else ++ {"SIGNER_CERTIFICATE_NOT_FOUND", 33, 128}, ++ #endif ++ #ifdef PKCS7_R_SIGNING_CTRL_FAILURE ++ {"SIGNING_CTRL_FAILURE", ERR_LIB_PKCS7, PKCS7_R_SIGNING_CTRL_FAILURE}, ++ #else ++ {"SIGNING_CTRL_FAILURE", 33, 147}, ++ #endif ++ #ifdef PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE ++ {"SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", ERR_LIB_PKCS7, PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE}, ++ #else ++ {"SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", 33, 148}, ++ #endif ++ #ifdef PKCS7_R_SMIME_TEXT_ERROR ++ {"SMIME_TEXT_ERROR", ERR_LIB_PKCS7, PKCS7_R_SMIME_TEXT_ERROR}, ++ #else ++ {"SMIME_TEXT_ERROR", 33, 129}, ++ #endif ++ #ifdef PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ++ {"UNABLE_TO_FIND_CERTIFICATE", ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_CERTIFICATE}, ++ #else ++ {"UNABLE_TO_FIND_CERTIFICATE", 33, 106}, ++ #endif ++ #ifdef PKCS7_R_UNABLE_TO_FIND_MEM_BIO ++ {"UNABLE_TO_FIND_MEM_BIO", ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MEM_BIO}, ++ #else ++ {"UNABLE_TO_FIND_MEM_BIO", 33, 107}, ++ #endif ++ #ifdef PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ++ {"UNABLE_TO_FIND_MESSAGE_DIGEST", ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST}, ++ #else ++ {"UNABLE_TO_FIND_MESSAGE_DIGEST", 33, 108}, ++ #endif ++ #ifdef PKCS7_R_UNKNOWN_DIGEST_TYPE ++ {"UNKNOWN_DIGEST_TYPE", ERR_LIB_PKCS7, PKCS7_R_UNKNOWN_DIGEST_TYPE}, ++ #else ++ {"UNKNOWN_DIGEST_TYPE", 33, 109}, ++ #endif ++ #ifdef PKCS7_R_UNKNOWN_OPERATION ++ {"UNKNOWN_OPERATION", ERR_LIB_PKCS7, PKCS7_R_UNKNOWN_OPERATION}, ++ #else ++ {"UNKNOWN_OPERATION", 33, 110}, ++ #endif ++ #ifdef PKCS7_R_UNSUPPORTED_CIPHER_TYPE ++ {"UNSUPPORTED_CIPHER_TYPE", ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CIPHER_TYPE}, ++ #else ++ {"UNSUPPORTED_CIPHER_TYPE", 33, 111}, ++ #endif ++ #ifdef PKCS7_R_UNSUPPORTED_CONTENT_TYPE ++ {"UNSUPPORTED_CONTENT_TYPE", ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE}, ++ #else ++ {"UNSUPPORTED_CONTENT_TYPE", 33, 112}, ++ #endif ++ #ifdef PKCS7_R_WRONG_CONTENT_TYPE ++ {"WRONG_CONTENT_TYPE", ERR_LIB_PKCS7, PKCS7_R_WRONG_CONTENT_TYPE}, ++ #else ++ {"WRONG_CONTENT_TYPE", 33, 113}, ++ #endif ++ #ifdef PKCS7_R_WRONG_PKCS7_TYPE ++ {"WRONG_PKCS7_TYPE", ERR_LIB_PKCS7, PKCS7_R_WRONG_PKCS7_TYPE}, ++ #else ++ {"WRONG_PKCS7_TYPE", 33, 114}, ++ #endif ++ #ifdef RAND_R_ADDITIONAL_INPUT_TOO_LONG ++ {"ADDITIONAL_INPUT_TOO_LONG", ERR_LIB_RAND, RAND_R_ADDITIONAL_INPUT_TOO_LONG}, ++ #else ++ {"ADDITIONAL_INPUT_TOO_LONG", 36, 102}, ++ #endif ++ #ifdef RAND_R_ALREADY_INSTANTIATED ++ {"ALREADY_INSTANTIATED", ERR_LIB_RAND, RAND_R_ALREADY_INSTANTIATED}, ++ #else ++ {"ALREADY_INSTANTIATED", 36, 103}, ++ #endif ++ #ifdef RAND_R_ARGUMENT_OUT_OF_RANGE ++ {"ARGUMENT_OUT_OF_RANGE", ERR_LIB_RAND, RAND_R_ARGUMENT_OUT_OF_RANGE}, ++ #else ++ {"ARGUMENT_OUT_OF_RANGE", 36, 105}, ++ #endif ++ #ifdef RAND_R_CANNOT_OPEN_FILE ++ {"CANNOT_OPEN_FILE", ERR_LIB_RAND, RAND_R_CANNOT_OPEN_FILE}, ++ #else ++ {"CANNOT_OPEN_FILE", 36, 121}, ++ #endif ++ #ifdef RAND_R_DRBG_ALREADY_INITIALIZED ++ {"DRBG_ALREADY_INITIALIZED", ERR_LIB_RAND, RAND_R_DRBG_ALREADY_INITIALIZED}, ++ #else ++ {"DRBG_ALREADY_INITIALIZED", 36, 129}, ++ #endif ++ #ifdef RAND_R_DRBG_NOT_INITIALISED ++ {"DRBG_NOT_INITIALISED", ERR_LIB_RAND, RAND_R_DRBG_NOT_INITIALISED}, ++ #else ++ {"DRBG_NOT_INITIALISED", 36, 104}, ++ #endif ++ #ifdef RAND_R_ENTROPY_INPUT_TOO_LONG ++ {"ENTROPY_INPUT_TOO_LONG", ERR_LIB_RAND, RAND_R_ENTROPY_INPUT_TOO_LONG}, ++ #else ++ {"ENTROPY_INPUT_TOO_LONG", 36, 106}, ++ #endif ++ #ifdef RAND_R_ENTROPY_OUT_OF_RANGE ++ {"ENTROPY_OUT_OF_RANGE", ERR_LIB_RAND, RAND_R_ENTROPY_OUT_OF_RANGE}, ++ #else ++ {"ENTROPY_OUT_OF_RANGE", 36, 124}, ++ #endif ++ #ifdef RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED ++ {"ERROR_ENTROPY_POOL_WAS_IGNORED", ERR_LIB_RAND, RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED}, ++ #else ++ {"ERROR_ENTROPY_POOL_WAS_IGNORED", 36, 127}, ++ #endif ++ #ifdef RAND_R_ERROR_INITIALISING_DRBG ++ {"ERROR_INITIALISING_DRBG", ERR_LIB_RAND, RAND_R_ERROR_INITIALISING_DRBG}, ++ #else ++ {"ERROR_INITIALISING_DRBG", 36, 107}, ++ #endif ++ #ifdef RAND_R_ERROR_INSTANTIATING_DRBG ++ {"ERROR_INSTANTIATING_DRBG", ERR_LIB_RAND, RAND_R_ERROR_INSTANTIATING_DRBG}, ++ #else ++ {"ERROR_INSTANTIATING_DRBG", 36, 108}, ++ #endif ++ #ifdef RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT ++ {"ERROR_RETRIEVING_ADDITIONAL_INPUT", ERR_LIB_RAND, RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT}, ++ #else ++ {"ERROR_RETRIEVING_ADDITIONAL_INPUT", 36, 109}, ++ #endif ++ #ifdef RAND_R_ERROR_RETRIEVING_ENTROPY ++ {"ERROR_RETRIEVING_ENTROPY", ERR_LIB_RAND, RAND_R_ERROR_RETRIEVING_ENTROPY}, ++ #else ++ {"ERROR_RETRIEVING_ENTROPY", 36, 110}, ++ #endif ++ #ifdef RAND_R_ERROR_RETRIEVING_NONCE ++ {"ERROR_RETRIEVING_NONCE", ERR_LIB_RAND, RAND_R_ERROR_RETRIEVING_NONCE}, ++ #else ++ {"ERROR_RETRIEVING_NONCE", 36, 111}, ++ #endif ++ #ifdef RAND_R_FAILED_TO_CREATE_LOCK ++ {"FAILED_TO_CREATE_LOCK", ERR_LIB_RAND, RAND_R_FAILED_TO_CREATE_LOCK}, ++ #else ++ {"FAILED_TO_CREATE_LOCK", 36, 126}, ++ #endif ++ #ifdef RAND_R_FUNC_NOT_IMPLEMENTED ++ {"FUNC_NOT_IMPLEMENTED", ERR_LIB_RAND, RAND_R_FUNC_NOT_IMPLEMENTED}, ++ #else ++ {"FUNC_NOT_IMPLEMENTED", 36, 101}, ++ #endif ++ #ifdef RAND_R_FWRITE_ERROR ++ {"FWRITE_ERROR", ERR_LIB_RAND, RAND_R_FWRITE_ERROR}, ++ #else ++ {"FWRITE_ERROR", 36, 123}, ++ #endif ++ #ifdef RAND_R_GENERATE_ERROR ++ {"GENERATE_ERROR", ERR_LIB_RAND, RAND_R_GENERATE_ERROR}, ++ #else ++ {"GENERATE_ERROR", 36, 112}, ++ #endif ++ #ifdef RAND_R_INTERNAL_ERROR ++ {"INTERNAL_ERROR", ERR_LIB_RAND, RAND_R_INTERNAL_ERROR}, ++ #else ++ {"INTERNAL_ERROR", 36, 113}, ++ #endif ++ #ifdef RAND_R_IN_ERROR_STATE ++ {"IN_ERROR_STATE", ERR_LIB_RAND, RAND_R_IN_ERROR_STATE}, ++ #else ++ {"IN_ERROR_STATE", 36, 114}, ++ #endif ++ #ifdef RAND_R_NOT_A_REGULAR_FILE ++ {"NOT_A_REGULAR_FILE", ERR_LIB_RAND, RAND_R_NOT_A_REGULAR_FILE}, ++ #else ++ {"NOT_A_REGULAR_FILE", 36, 122}, ++ #endif ++ #ifdef RAND_R_NOT_INSTANTIATED ++ {"NOT_INSTANTIATED", ERR_LIB_RAND, RAND_R_NOT_INSTANTIATED}, ++ #else ++ {"NOT_INSTANTIATED", 36, 115}, ++ #endif ++ #ifdef RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED ++ {"NO_DRBG_IMPLEMENTATION_SELECTED", ERR_LIB_RAND, RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED}, ++ #else ++ {"NO_DRBG_IMPLEMENTATION_SELECTED", 36, 128}, ++ #endif ++ #ifdef RAND_R_PARENT_LOCKING_NOT_ENABLED ++ {"PARENT_LOCKING_NOT_ENABLED", ERR_LIB_RAND, RAND_R_PARENT_LOCKING_NOT_ENABLED}, ++ #else ++ {"PARENT_LOCKING_NOT_ENABLED", 36, 130}, ++ #endif ++ #ifdef RAND_R_PARENT_STRENGTH_TOO_WEAK ++ {"PARENT_STRENGTH_TOO_WEAK", ERR_LIB_RAND, RAND_R_PARENT_STRENGTH_TOO_WEAK}, ++ #else ++ {"PARENT_STRENGTH_TOO_WEAK", 36, 131}, ++ #endif ++ #ifdef RAND_R_PERSONALISATION_STRING_TOO_LONG ++ {"PERSONALISATION_STRING_TOO_LONG", ERR_LIB_RAND, RAND_R_PERSONALISATION_STRING_TOO_LONG}, ++ #else ++ {"PERSONALISATION_STRING_TOO_LONG", 36, 116}, ++ #endif ++ #ifdef RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED ++ {"PREDICTION_RESISTANCE_NOT_SUPPORTED", ERR_LIB_RAND, RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED}, ++ #else ++ {"PREDICTION_RESISTANCE_NOT_SUPPORTED", 36, 133}, ++ #endif ++ #ifdef RAND_R_PRNG_NOT_SEEDED ++ {"PRNG_NOT_SEEDED", ERR_LIB_RAND, RAND_R_PRNG_NOT_SEEDED}, ++ #else ++ {"PRNG_NOT_SEEDED", 36, 100}, ++ #endif ++ #ifdef RAND_R_RANDOM_POOL_OVERFLOW ++ {"RANDOM_POOL_OVERFLOW", ERR_LIB_RAND, RAND_R_RANDOM_POOL_OVERFLOW}, ++ #else ++ {"RANDOM_POOL_OVERFLOW", 36, 125}, ++ #endif ++ #ifdef RAND_R_RANDOM_POOL_UNDERFLOW ++ {"RANDOM_POOL_UNDERFLOW", ERR_LIB_RAND, RAND_R_RANDOM_POOL_UNDERFLOW}, ++ #else ++ {"RANDOM_POOL_UNDERFLOW", 36, 134}, ++ #endif ++ #ifdef RAND_R_REQUEST_TOO_LARGE_FOR_DRBG ++ {"REQUEST_TOO_LARGE_FOR_DRBG", ERR_LIB_RAND, RAND_R_REQUEST_TOO_LARGE_FOR_DRBG}, ++ #else ++ {"REQUEST_TOO_LARGE_FOR_DRBG", 36, 117}, ++ #endif ++ #ifdef RAND_R_RESEED_ERROR ++ {"RESEED_ERROR", ERR_LIB_RAND, RAND_R_RESEED_ERROR}, ++ #else ++ {"RESEED_ERROR", 36, 118}, ++ #endif ++ #ifdef RAND_R_SELFTEST_FAILURE ++ {"SELFTEST_FAILURE", ERR_LIB_RAND, RAND_R_SELFTEST_FAILURE}, ++ #else ++ {"SELFTEST_FAILURE", 36, 119}, ++ #endif ++ #ifdef RAND_R_TOO_LITTLE_NONCE_REQUESTED ++ {"TOO_LITTLE_NONCE_REQUESTED", ERR_LIB_RAND, RAND_R_TOO_LITTLE_NONCE_REQUESTED}, ++ #else ++ {"TOO_LITTLE_NONCE_REQUESTED", 36, 135}, ++ #endif ++ #ifdef RAND_R_TOO_MUCH_NONCE_REQUESTED ++ {"TOO_MUCH_NONCE_REQUESTED", ERR_LIB_RAND, RAND_R_TOO_MUCH_NONCE_REQUESTED}, ++ #else ++ {"TOO_MUCH_NONCE_REQUESTED", 36, 136}, ++ #endif ++ #ifdef RAND_R_UNSUPPORTED_DRBG_FLAGS ++ {"UNSUPPORTED_DRBG_FLAGS", ERR_LIB_RAND, RAND_R_UNSUPPORTED_DRBG_FLAGS}, ++ #else ++ {"UNSUPPORTED_DRBG_FLAGS", 36, 132}, ++ #endif ++ #ifdef RAND_R_UNSUPPORTED_DRBG_TYPE ++ {"UNSUPPORTED_DRBG_TYPE", ERR_LIB_RAND, RAND_R_UNSUPPORTED_DRBG_TYPE}, ++ #else ++ {"UNSUPPORTED_DRBG_TYPE", 36, 120}, ++ #endif ++ #ifdef RSA_R_ALGORITHM_MISMATCH ++ {"ALGORITHM_MISMATCH", ERR_LIB_RSA, RSA_R_ALGORITHM_MISMATCH}, ++ #else ++ {"ALGORITHM_MISMATCH", 4, 100}, ++ #endif ++ #ifdef RSA_R_BAD_E_VALUE ++ {"BAD_E_VALUE", ERR_LIB_RSA, RSA_R_BAD_E_VALUE}, ++ #else ++ {"BAD_E_VALUE", 4, 101}, ++ #endif ++ #ifdef RSA_R_BAD_FIXED_HEADER_DECRYPT ++ {"BAD_FIXED_HEADER_DECRYPT", ERR_LIB_RSA, RSA_R_BAD_FIXED_HEADER_DECRYPT}, ++ #else ++ {"BAD_FIXED_HEADER_DECRYPT", 4, 102}, ++ #endif ++ #ifdef RSA_R_BAD_PAD_BYTE_COUNT ++ {"BAD_PAD_BYTE_COUNT", ERR_LIB_RSA, RSA_R_BAD_PAD_BYTE_COUNT}, ++ #else ++ {"BAD_PAD_BYTE_COUNT", 4, 103}, ++ #endif ++ #ifdef RSA_R_BAD_SIGNATURE ++ {"BAD_SIGNATURE", ERR_LIB_RSA, RSA_R_BAD_SIGNATURE}, ++ #else ++ {"BAD_SIGNATURE", 4, 104}, ++ #endif ++ #ifdef RSA_R_BLOCK_TYPE_IS_NOT_01 ++ {"BLOCK_TYPE_IS_NOT_01", ERR_LIB_RSA, RSA_R_BLOCK_TYPE_IS_NOT_01}, ++ #else ++ {"BLOCK_TYPE_IS_NOT_01", 4, 106}, ++ #endif ++ #ifdef RSA_R_BLOCK_TYPE_IS_NOT_02 ++ {"BLOCK_TYPE_IS_NOT_02", ERR_LIB_RSA, RSA_R_BLOCK_TYPE_IS_NOT_02}, ++ #else ++ {"BLOCK_TYPE_IS_NOT_02", 4, 107}, ++ #endif ++ #ifdef RSA_R_DATA_GREATER_THAN_MOD_LEN ++ {"DATA_GREATER_THAN_MOD_LEN", ERR_LIB_RSA, RSA_R_DATA_GREATER_THAN_MOD_LEN}, ++ #else ++ {"DATA_GREATER_THAN_MOD_LEN", 4, 108}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_LARGE ++ {"DATA_TOO_LARGE", ERR_LIB_RSA, RSA_R_DATA_TOO_LARGE}, ++ #else ++ {"DATA_TOO_LARGE", 4, 109}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ++ {"DATA_TOO_LARGE_FOR_KEY_SIZE", ERR_LIB_RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE}, ++ #else ++ {"DATA_TOO_LARGE_FOR_KEY_SIZE", 4, 110}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_LARGE_FOR_MODULUS ++ {"DATA_TOO_LARGE_FOR_MODULUS", ERR_LIB_RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS}, ++ #else ++ {"DATA_TOO_LARGE_FOR_MODULUS", 4, 132}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_SMALL ++ {"DATA_TOO_SMALL", ERR_LIB_RSA, RSA_R_DATA_TOO_SMALL}, ++ #else ++ {"DATA_TOO_SMALL", 4, 111}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ++ {"DATA_TOO_SMALL_FOR_KEY_SIZE", ERR_LIB_RSA, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE}, ++ #else ++ {"DATA_TOO_SMALL_FOR_KEY_SIZE", 4, 122}, ++ #endif ++ #ifdef RSA_R_DIGEST_DOES_NOT_MATCH ++ {"DIGEST_DOES_NOT_MATCH", ERR_LIB_RSA, RSA_R_DIGEST_DOES_NOT_MATCH}, ++ #else ++ {"DIGEST_DOES_NOT_MATCH", 4, 158}, ++ #endif ++ #ifdef RSA_R_DIGEST_NOT_ALLOWED ++ {"DIGEST_NOT_ALLOWED", ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED}, ++ #else ++ {"DIGEST_NOT_ALLOWED", 4, 145}, ++ #endif ++ #ifdef RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ++ {"DIGEST_TOO_BIG_FOR_RSA_KEY", ERR_LIB_RSA, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY}, ++ #else ++ {"DIGEST_TOO_BIG_FOR_RSA_KEY", 4, 112}, ++ #endif ++ #ifdef RSA_R_DMP1_NOT_CONGRUENT_TO_D ++ {"DMP1_NOT_CONGRUENT_TO_D", ERR_LIB_RSA, RSA_R_DMP1_NOT_CONGRUENT_TO_D}, ++ #else ++ {"DMP1_NOT_CONGRUENT_TO_D", 4, 124}, ++ #endif ++ #ifdef RSA_R_DMQ1_NOT_CONGRUENT_TO_D ++ {"DMQ1_NOT_CONGRUENT_TO_D", ERR_LIB_RSA, RSA_R_DMQ1_NOT_CONGRUENT_TO_D}, ++ #else ++ {"DMQ1_NOT_CONGRUENT_TO_D", 4, 125}, ++ #endif ++ #ifdef RSA_R_D_E_NOT_CONGRUENT_TO_1 ++ {"D_E_NOT_CONGRUENT_TO_1", ERR_LIB_RSA, RSA_R_D_E_NOT_CONGRUENT_TO_1}, ++ #else ++ {"D_E_NOT_CONGRUENT_TO_1", 4, 123}, ++ #endif ++ #ifdef RSA_R_FIRST_OCTET_INVALID ++ {"FIRST_OCTET_INVALID", ERR_LIB_RSA, RSA_R_FIRST_OCTET_INVALID}, ++ #else ++ {"FIRST_OCTET_INVALID", 4, 133}, ++ #endif ++ #ifdef RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE ++ {"ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", ERR_LIB_RSA, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE}, ++ #else ++ {"ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", 4, 144}, ++ #endif ++ #ifdef RSA_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_RSA, RSA_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 4, 157}, ++ #endif ++ #ifdef RSA_R_INVALID_DIGEST_LENGTH ++ {"INVALID_DIGEST_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_DIGEST_LENGTH}, ++ #else ++ {"INVALID_DIGEST_LENGTH", 4, 143}, ++ #endif ++ #ifdef RSA_R_INVALID_HEADER ++ {"INVALID_HEADER", ERR_LIB_RSA, RSA_R_INVALID_HEADER}, ++ #else ++ {"INVALID_HEADER", 4, 137}, ++ #endif ++ #ifdef RSA_R_INVALID_LABEL ++ {"INVALID_LABEL", ERR_LIB_RSA, RSA_R_INVALID_LABEL}, ++ #else ++ {"INVALID_LABEL", 4, 160}, ++ #endif ++ #ifdef RSA_R_INVALID_MESSAGE_LENGTH ++ {"INVALID_MESSAGE_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_MESSAGE_LENGTH}, ++ #else ++ {"INVALID_MESSAGE_LENGTH", 4, 131}, ++ #endif ++ #ifdef RSA_R_INVALID_MGF1_MD ++ {"INVALID_MGF1_MD", ERR_LIB_RSA, RSA_R_INVALID_MGF1_MD}, ++ #else ++ {"INVALID_MGF1_MD", 4, 156}, ++ #endif ++ #ifdef RSA_R_INVALID_MULTI_PRIME_KEY ++ {"INVALID_MULTI_PRIME_KEY", ERR_LIB_RSA, RSA_R_INVALID_MULTI_PRIME_KEY}, ++ #else ++ {"INVALID_MULTI_PRIME_KEY", 4, 167}, ++ #endif ++ #ifdef RSA_R_INVALID_OAEP_PARAMETERS ++ {"INVALID_OAEP_PARAMETERS", ERR_LIB_RSA, RSA_R_INVALID_OAEP_PARAMETERS}, ++ #else ++ {"INVALID_OAEP_PARAMETERS", 4, 161}, ++ #endif ++ #ifdef RSA_R_INVALID_PADDING ++ {"INVALID_PADDING", ERR_LIB_RSA, RSA_R_INVALID_PADDING}, ++ #else ++ {"INVALID_PADDING", 4, 138}, ++ #endif ++ #ifdef RSA_R_INVALID_PADDING_MODE ++ {"INVALID_PADDING_MODE", ERR_LIB_RSA, RSA_R_INVALID_PADDING_MODE}, ++ #else ++ {"INVALID_PADDING_MODE", 4, 141}, ++ #endif ++ #ifdef RSA_R_INVALID_PSS_PARAMETERS ++ {"INVALID_PSS_PARAMETERS", ERR_LIB_RSA, RSA_R_INVALID_PSS_PARAMETERS}, ++ #else ++ {"INVALID_PSS_PARAMETERS", 4, 149}, ++ #endif ++ #ifdef RSA_R_INVALID_PSS_SALTLEN ++ {"INVALID_PSS_SALTLEN", ERR_LIB_RSA, RSA_R_INVALID_PSS_SALTLEN}, ++ #else ++ {"INVALID_PSS_SALTLEN", 4, 146}, ++ #endif ++ #ifdef RSA_R_INVALID_SALT_LENGTH ++ {"INVALID_SALT_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_SALT_LENGTH}, ++ #else ++ {"INVALID_SALT_LENGTH", 4, 150}, ++ #endif ++ #ifdef RSA_R_INVALID_TRAILER ++ {"INVALID_TRAILER", ERR_LIB_RSA, RSA_R_INVALID_TRAILER}, ++ #else ++ {"INVALID_TRAILER", 4, 139}, ++ #endif ++ #ifdef RSA_R_INVALID_X931_DIGEST ++ {"INVALID_X931_DIGEST", ERR_LIB_RSA, RSA_R_INVALID_X931_DIGEST}, ++ #else ++ {"INVALID_X931_DIGEST", 4, 142}, ++ #endif ++ #ifdef RSA_R_IQMP_NOT_INVERSE_OF_Q ++ {"IQMP_NOT_INVERSE_OF_Q", ERR_LIB_RSA, RSA_R_IQMP_NOT_INVERSE_OF_Q}, ++ #else ++ {"IQMP_NOT_INVERSE_OF_Q", 4, 126}, ++ #endif ++ #ifdef RSA_R_KEY_PRIME_NUM_INVALID ++ {"KEY_PRIME_NUM_INVALID", ERR_LIB_RSA, RSA_R_KEY_PRIME_NUM_INVALID}, ++ #else ++ {"KEY_PRIME_NUM_INVALID", 4, 165}, ++ #endif ++ #ifdef RSA_R_KEY_SIZE_TOO_SMALL ++ {"KEY_SIZE_TOO_SMALL", ERR_LIB_RSA, RSA_R_KEY_SIZE_TOO_SMALL}, ++ #else ++ {"KEY_SIZE_TOO_SMALL", 4, 120}, ++ #endif ++ #ifdef RSA_R_LAST_OCTET_INVALID ++ {"LAST_OCTET_INVALID", ERR_LIB_RSA, RSA_R_LAST_OCTET_INVALID}, ++ #else ++ {"LAST_OCTET_INVALID", 4, 134}, ++ #endif ++ #ifdef RSA_R_MGF1_DIGEST_NOT_ALLOWED ++ {"MGF1_DIGEST_NOT_ALLOWED", ERR_LIB_RSA, RSA_R_MGF1_DIGEST_NOT_ALLOWED}, ++ #else ++ {"MGF1_DIGEST_NOT_ALLOWED", 4, 152}, ++ #endif ++ #ifdef RSA_R_MISSING_PRIVATE_KEY ++ {"MISSING_PRIVATE_KEY", ERR_LIB_RSA, RSA_R_MISSING_PRIVATE_KEY}, ++ #else ++ {"MISSING_PRIVATE_KEY", 4, 179}, ++ #endif ++ #ifdef RSA_R_MODULUS_TOO_LARGE ++ {"MODULUS_TOO_LARGE", ERR_LIB_RSA, RSA_R_MODULUS_TOO_LARGE}, ++ #else ++ {"MODULUS_TOO_LARGE", 4, 105}, ++ #endif ++ #ifdef RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R ++ {"MP_COEFFICIENT_NOT_INVERSE_OF_R", ERR_LIB_RSA, RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R}, ++ #else ++ {"MP_COEFFICIENT_NOT_INVERSE_OF_R", 4, 168}, ++ #endif ++ #ifdef RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D ++ {"MP_EXPONENT_NOT_CONGRUENT_TO_D", ERR_LIB_RSA, RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D}, ++ #else ++ {"MP_EXPONENT_NOT_CONGRUENT_TO_D", 4, 169}, ++ #endif ++ #ifdef RSA_R_MP_R_NOT_PRIME ++ {"MP_R_NOT_PRIME", ERR_LIB_RSA, RSA_R_MP_R_NOT_PRIME}, ++ #else ++ {"MP_R_NOT_PRIME", 4, 170}, ++ #endif ++ #ifdef RSA_R_NO_PUBLIC_EXPONENT ++ {"NO_PUBLIC_EXPONENT", ERR_LIB_RSA, RSA_R_NO_PUBLIC_EXPONENT}, ++ #else ++ {"NO_PUBLIC_EXPONENT", 4, 140}, ++ #endif ++ #ifdef RSA_R_NULL_BEFORE_BLOCK_MISSING ++ {"NULL_BEFORE_BLOCK_MISSING", ERR_LIB_RSA, RSA_R_NULL_BEFORE_BLOCK_MISSING}, ++ #else ++ {"NULL_BEFORE_BLOCK_MISSING", 4, 113}, ++ #endif ++ #ifdef RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES ++ {"N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES", ERR_LIB_RSA, RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES}, ++ #else ++ {"N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES", 4, 172}, ++ #endif ++ #ifdef RSA_R_N_DOES_NOT_EQUAL_P_Q ++ {"N_DOES_NOT_EQUAL_P_Q", ERR_LIB_RSA, RSA_R_N_DOES_NOT_EQUAL_P_Q}, ++ #else ++ {"N_DOES_NOT_EQUAL_P_Q", 4, 127}, ++ #endif ++ #ifdef RSA_R_OAEP_DECODING_ERROR ++ {"OAEP_DECODING_ERROR", ERR_LIB_RSA, RSA_R_OAEP_DECODING_ERROR}, ++ #else ++ {"OAEP_DECODING_ERROR", 4, 121}, ++ #endif ++ #ifdef RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", ERR_LIB_RSA, RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE}, ++ #else ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", 4, 148}, ++ #endif ++ #ifdef RSA_R_PADDING_CHECK_FAILED ++ {"PADDING_CHECK_FAILED", ERR_LIB_RSA, RSA_R_PADDING_CHECK_FAILED}, ++ #else ++ {"PADDING_CHECK_FAILED", 4, 114}, ++ #endif ++ #ifdef RSA_R_PKCS_DECODING_ERROR ++ {"PKCS_DECODING_ERROR", ERR_LIB_RSA, RSA_R_PKCS_DECODING_ERROR}, ++ #else ++ {"PKCS_DECODING_ERROR", 4, 159}, ++ #endif ++ #ifdef RSA_R_PSS_SALTLEN_TOO_SMALL ++ {"PSS_SALTLEN_TOO_SMALL", ERR_LIB_RSA, RSA_R_PSS_SALTLEN_TOO_SMALL}, ++ #else ++ {"PSS_SALTLEN_TOO_SMALL", 4, 164}, ++ #endif ++ #ifdef RSA_R_P_NOT_PRIME ++ {"P_NOT_PRIME", ERR_LIB_RSA, RSA_R_P_NOT_PRIME}, ++ #else ++ {"P_NOT_PRIME", 4, 128}, ++ #endif ++ #ifdef RSA_R_Q_NOT_PRIME ++ {"Q_NOT_PRIME", ERR_LIB_RSA, RSA_R_Q_NOT_PRIME}, ++ #else ++ {"Q_NOT_PRIME", 4, 129}, ++ #endif ++ #ifdef RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ++ {"RSA_OPERATIONS_NOT_SUPPORTED", ERR_LIB_RSA, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED}, ++ #else ++ {"RSA_OPERATIONS_NOT_SUPPORTED", 4, 130}, ++ #endif ++ #ifdef RSA_R_SLEN_CHECK_FAILED ++ {"SLEN_CHECK_FAILED", ERR_LIB_RSA, RSA_R_SLEN_CHECK_FAILED}, ++ #else ++ {"SLEN_CHECK_FAILED", 4, 136}, ++ #endif ++ #ifdef RSA_R_SLEN_RECOVERY_FAILED ++ {"SLEN_RECOVERY_FAILED", ERR_LIB_RSA, RSA_R_SLEN_RECOVERY_FAILED}, ++ #else ++ {"SLEN_RECOVERY_FAILED", 4, 135}, ++ #endif ++ #ifdef RSA_R_SSLV3_ROLLBACK_ATTACK ++ {"SSLV3_ROLLBACK_ATTACK", ERR_LIB_RSA, RSA_R_SSLV3_ROLLBACK_ATTACK}, ++ #else ++ {"SSLV3_ROLLBACK_ATTACK", 4, 115}, ++ #endif ++ #ifdef RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD ++ {"THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", ERR_LIB_RSA, RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD}, ++ #else ++ {"THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", 4, 116}, ++ #endif ++ #ifdef RSA_R_UNKNOWN_ALGORITHM_TYPE ++ {"UNKNOWN_ALGORITHM_TYPE", ERR_LIB_RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE}, ++ #else ++ {"UNKNOWN_ALGORITHM_TYPE", 4, 117}, ++ #endif ++ #ifdef RSA_R_UNKNOWN_DIGEST ++ {"UNKNOWN_DIGEST", ERR_LIB_RSA, RSA_R_UNKNOWN_DIGEST}, ++ #else ++ {"UNKNOWN_DIGEST", 4, 166}, ++ #endif ++ #ifdef RSA_R_UNKNOWN_MASK_DIGEST ++ {"UNKNOWN_MASK_DIGEST", ERR_LIB_RSA, RSA_R_UNKNOWN_MASK_DIGEST}, ++ #else ++ {"UNKNOWN_MASK_DIGEST", 4, 151}, ++ #endif ++ #ifdef RSA_R_UNKNOWN_PADDING_TYPE ++ {"UNKNOWN_PADDING_TYPE", ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE}, ++ #else ++ {"UNKNOWN_PADDING_TYPE", 4, 118}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_ENCRYPTION_TYPE ++ {"UNSUPPORTED_ENCRYPTION_TYPE", ERR_LIB_RSA, RSA_R_UNSUPPORTED_ENCRYPTION_TYPE}, ++ #else ++ {"UNSUPPORTED_ENCRYPTION_TYPE", 4, 162}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_LABEL_SOURCE ++ {"UNSUPPORTED_LABEL_SOURCE", ERR_LIB_RSA, RSA_R_UNSUPPORTED_LABEL_SOURCE}, ++ #else ++ {"UNSUPPORTED_LABEL_SOURCE", 4, 163}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_MASK_ALGORITHM ++ {"UNSUPPORTED_MASK_ALGORITHM", ERR_LIB_RSA, RSA_R_UNSUPPORTED_MASK_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_MASK_ALGORITHM", 4, 153}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_MASK_PARAMETER ++ {"UNSUPPORTED_MASK_PARAMETER", ERR_LIB_RSA, RSA_R_UNSUPPORTED_MASK_PARAMETER}, ++ #else ++ {"UNSUPPORTED_MASK_PARAMETER", 4, 154}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_SIGNATURE_TYPE ++ {"UNSUPPORTED_SIGNATURE_TYPE", ERR_LIB_RSA, RSA_R_UNSUPPORTED_SIGNATURE_TYPE}, ++ #else ++ {"UNSUPPORTED_SIGNATURE_TYPE", 4, 155}, ++ #endif ++ #ifdef RSA_R_VALUE_MISSING ++ {"VALUE_MISSING", ERR_LIB_RSA, RSA_R_VALUE_MISSING}, ++ #else ++ {"VALUE_MISSING", 4, 147}, ++ #endif ++ #ifdef RSA_R_WRONG_SIGNATURE_LENGTH ++ {"WRONG_SIGNATURE_LENGTH", ERR_LIB_RSA, RSA_R_WRONG_SIGNATURE_LENGTH}, ++ #else ++ {"WRONG_SIGNATURE_LENGTH", 4, 119}, ++ #endif ++ #ifdef SM2_R_ASN1_ERROR ++ {"ASN1_ERROR", ERR_LIB_SM2, SM2_R_ASN1_ERROR}, ++ #else ++ {"ASN1_ERROR", 53, 100}, ++ #endif ++ #ifdef SM2_R_BAD_SIGNATURE ++ {"BAD_SIGNATURE", ERR_LIB_SM2, SM2_R_BAD_SIGNATURE}, ++ #else ++ {"BAD_SIGNATURE", 53, 101}, ++ #endif ++ #ifdef SM2_R_BUFFER_TOO_SMALL ++ {"BUFFER_TOO_SMALL", ERR_LIB_SM2, SM2_R_BUFFER_TOO_SMALL}, ++ #else ++ {"BUFFER_TOO_SMALL", 53, 107}, ++ #endif ++ #ifdef SM2_R_DIST_ID_TOO_LARGE ++ {"DIST_ID_TOO_LARGE", ERR_LIB_SM2, SM2_R_DIST_ID_TOO_LARGE}, ++ #else ++ {"DIST_ID_TOO_LARGE", 53, 110}, ++ #endif ++ #ifdef SM2_R_ID_NOT_SET ++ {"ID_NOT_SET", ERR_LIB_SM2, SM2_R_ID_NOT_SET}, ++ #else ++ {"ID_NOT_SET", 53, 112}, ++ #endif ++ #ifdef SM2_R_ID_TOO_LARGE ++ {"ID_TOO_LARGE", ERR_LIB_SM2, SM2_R_ID_TOO_LARGE}, ++ #else ++ {"ID_TOO_LARGE", 53, 111}, ++ #endif ++ #ifdef SM2_R_INVALID_CURVE ++ {"INVALID_CURVE", ERR_LIB_SM2, SM2_R_INVALID_CURVE}, ++ #else ++ {"INVALID_CURVE", 53, 108}, ++ #endif ++ #ifdef SM2_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_SM2, SM2_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 53, 102}, ++ #endif ++ #ifdef SM2_R_INVALID_DIGEST_TYPE ++ {"INVALID_DIGEST_TYPE", ERR_LIB_SM2, SM2_R_INVALID_DIGEST_TYPE}, ++ #else ++ {"INVALID_DIGEST_TYPE", 53, 103}, ++ #endif ++ #ifdef SM2_R_INVALID_ENCODING ++ {"INVALID_ENCODING", ERR_LIB_SM2, SM2_R_INVALID_ENCODING}, ++ #else ++ {"INVALID_ENCODING", 53, 104}, ++ #endif ++ #ifdef SM2_R_INVALID_FIELD ++ {"INVALID_FIELD", ERR_LIB_SM2, SM2_R_INVALID_FIELD}, ++ #else ++ {"INVALID_FIELD", 53, 105}, ++ #endif ++ #ifdef SM2_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_SM2, SM2_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 53, 109}, ++ #endif ++ #ifdef SM2_R_USER_ID_TOO_LARGE ++ {"USER_ID_TOO_LARGE", ERR_LIB_SM2, SM2_R_USER_ID_TOO_LARGE}, ++ #else ++ {"USER_ID_TOO_LARGE", 53, 106}, ++ #endif ++ #ifdef SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY ++ {"APPLICATION_DATA_AFTER_CLOSE_NOTIFY", ERR_LIB_SSL, SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY}, ++ #else ++ {"APPLICATION_DATA_AFTER_CLOSE_NOTIFY", 20, 291}, ++ #endif ++ #ifdef SSL_R_APP_DATA_IN_HANDSHAKE ++ {"APP_DATA_IN_HANDSHAKE", ERR_LIB_SSL, SSL_R_APP_DATA_IN_HANDSHAKE}, ++ #else ++ {"APP_DATA_IN_HANDSHAKE", 20, 100}, ++ #endif ++ #ifdef SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT ++ {"ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT", ERR_LIB_SSL, SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT}, ++ #else ++ {"ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT", 20, 272}, ++ #endif ++ #ifdef SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE ++ {"AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE", ERR_LIB_SSL, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE}, ++ #else ++ {"AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE", 20, 143}, ++ #endif ++ #ifdef SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE ++ {"AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE", ERR_LIB_SSL, SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE}, ++ #else ++ {"AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE", 20, 158}, ++ #endif ++ #ifdef SSL_R_BAD_CHANGE_CIPHER_SPEC ++ {"BAD_CHANGE_CIPHER_SPEC", ERR_LIB_SSL, SSL_R_BAD_CHANGE_CIPHER_SPEC}, ++ #else ++ {"BAD_CHANGE_CIPHER_SPEC", 20, 103}, ++ #endif ++ #ifdef SSL_R_BAD_CIPHER ++ {"BAD_CIPHER", ERR_LIB_SSL, SSL_R_BAD_CIPHER}, ++ #else ++ {"BAD_CIPHER", 20, 186}, ++ #endif ++ #ifdef SSL_R_BAD_DATA ++ {"BAD_DATA", ERR_LIB_SSL, SSL_R_BAD_DATA}, ++ #else ++ {"BAD_DATA", 20, 390}, ++ #endif ++ #ifdef SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ++ {"BAD_DATA_RETURNED_BY_CALLBACK", ERR_LIB_SSL, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK}, ++ #else ++ {"BAD_DATA_RETURNED_BY_CALLBACK", 20, 106}, ++ #endif ++ #ifdef SSL_R_BAD_DECOMPRESSION ++ {"BAD_DECOMPRESSION", ERR_LIB_SSL, SSL_R_BAD_DECOMPRESSION}, ++ #else ++ {"BAD_DECOMPRESSION", 20, 107}, ++ #endif ++ #ifdef SSL_R_BAD_DH_VALUE ++ {"BAD_DH_VALUE", ERR_LIB_SSL, SSL_R_BAD_DH_VALUE}, ++ #else ++ {"BAD_DH_VALUE", 20, 102}, ++ #endif ++ #ifdef SSL_R_BAD_DIGEST_LENGTH ++ {"BAD_DIGEST_LENGTH", ERR_LIB_SSL, SSL_R_BAD_DIGEST_LENGTH}, ++ #else ++ {"BAD_DIGEST_LENGTH", 20, 111}, ++ #endif ++ #ifdef SSL_R_BAD_EARLY_DATA ++ {"BAD_EARLY_DATA", ERR_LIB_SSL, SSL_R_BAD_EARLY_DATA}, ++ #else ++ {"BAD_EARLY_DATA", 20, 233}, ++ #endif ++ #ifdef SSL_R_BAD_ECC_CERT ++ {"BAD_ECC_CERT", ERR_LIB_SSL, SSL_R_BAD_ECC_CERT}, ++ #else ++ {"BAD_ECC_CERT", 20, 304}, ++ #endif ++ #ifdef SSL_R_BAD_ECPOINT ++ {"BAD_ECPOINT", ERR_LIB_SSL, SSL_R_BAD_ECPOINT}, ++ #else ++ {"BAD_ECPOINT", 20, 306}, ++ #endif ++ #ifdef SSL_R_BAD_EXTENSION ++ {"BAD_EXTENSION", ERR_LIB_SSL, SSL_R_BAD_EXTENSION}, ++ #else ++ {"BAD_EXTENSION", 20, 110}, ++ #endif ++ #ifdef SSL_R_BAD_HANDSHAKE_LENGTH ++ {"BAD_HANDSHAKE_LENGTH", ERR_LIB_SSL, SSL_R_BAD_HANDSHAKE_LENGTH}, ++ #else ++ {"BAD_HANDSHAKE_LENGTH", 20, 332}, ++ #endif ++ #ifdef SSL_R_BAD_HANDSHAKE_STATE ++ {"BAD_HANDSHAKE_STATE", ERR_LIB_SSL, SSL_R_BAD_HANDSHAKE_STATE}, ++ #else ++ {"BAD_HANDSHAKE_STATE", 20, 236}, ++ #endif ++ #ifdef SSL_R_BAD_HELLO_REQUEST ++ {"BAD_HELLO_REQUEST", ERR_LIB_SSL, SSL_R_BAD_HELLO_REQUEST}, ++ #else ++ {"BAD_HELLO_REQUEST", 20, 105}, ++ #endif ++ #ifdef SSL_R_BAD_HRR_VERSION ++ {"BAD_HRR_VERSION", ERR_LIB_SSL, SSL_R_BAD_HRR_VERSION}, ++ #else ++ {"BAD_HRR_VERSION", 20, 263}, ++ #endif ++ #ifdef SSL_R_BAD_KEY_SHARE ++ {"BAD_KEY_SHARE", ERR_LIB_SSL, SSL_R_BAD_KEY_SHARE}, ++ #else ++ {"BAD_KEY_SHARE", 20, 108}, ++ #endif ++ #ifdef SSL_R_BAD_KEY_UPDATE ++ {"BAD_KEY_UPDATE", ERR_LIB_SSL, SSL_R_BAD_KEY_UPDATE}, ++ #else ++ {"BAD_KEY_UPDATE", 20, 122}, ++ #endif ++ #ifdef SSL_R_BAD_LEGACY_VERSION ++ {"BAD_LEGACY_VERSION", ERR_LIB_SSL, SSL_R_BAD_LEGACY_VERSION}, ++ #else ++ {"BAD_LEGACY_VERSION", 20, 292}, ++ #endif ++ #ifdef SSL_R_BAD_LENGTH ++ {"BAD_LENGTH", ERR_LIB_SSL, SSL_R_BAD_LENGTH}, ++ #else ++ {"BAD_LENGTH", 20, 271}, ++ #endif ++ #ifdef SSL_R_BAD_PACKET ++ {"BAD_PACKET", ERR_LIB_SSL, SSL_R_BAD_PACKET}, ++ #else ++ {"BAD_PACKET", 20, 240}, ++ #endif ++ #ifdef SSL_R_BAD_PACKET_LENGTH ++ {"BAD_PACKET_LENGTH", ERR_LIB_SSL, SSL_R_BAD_PACKET_LENGTH}, ++ #else ++ {"BAD_PACKET_LENGTH", 20, 115}, ++ #endif ++ #ifdef SSL_R_BAD_PROTOCOL_VERSION_NUMBER ++ {"BAD_PROTOCOL_VERSION_NUMBER", ERR_LIB_SSL, SSL_R_BAD_PROTOCOL_VERSION_NUMBER}, ++ #else ++ {"BAD_PROTOCOL_VERSION_NUMBER", 20, 116}, ++ #endif ++ #ifdef SSL_R_BAD_PSK ++ {"BAD_PSK", ERR_LIB_SSL, SSL_R_BAD_PSK}, ++ #else ++ {"BAD_PSK", 20, 219}, ++ #endif ++ #ifdef SSL_R_BAD_PSK_IDENTITY ++ {"BAD_PSK_IDENTITY", ERR_LIB_SSL, SSL_R_BAD_PSK_IDENTITY}, ++ #else ++ {"BAD_PSK_IDENTITY", 20, 114}, ++ #endif ++ #ifdef SSL_R_BAD_RECORD_TYPE ++ {"BAD_RECORD_TYPE", ERR_LIB_SSL, SSL_R_BAD_RECORD_TYPE}, ++ #else ++ {"BAD_RECORD_TYPE", 20, 443}, ++ #endif ++ #ifdef SSL_R_BAD_RSA_ENCRYPT ++ {"BAD_RSA_ENCRYPT", ERR_LIB_SSL, SSL_R_BAD_RSA_ENCRYPT}, ++ #else ++ {"BAD_RSA_ENCRYPT", 20, 119}, ++ #endif ++ #ifdef SSL_R_BAD_SIGNATURE ++ {"BAD_SIGNATURE", ERR_LIB_SSL, SSL_R_BAD_SIGNATURE}, ++ #else ++ {"BAD_SIGNATURE", 20, 123}, ++ #endif ++ #ifdef SSL_R_BAD_SRP_A_LENGTH ++ {"BAD_SRP_A_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_A_LENGTH}, ++ #else ++ {"BAD_SRP_A_LENGTH", 20, 347}, ++ #endif ++ #ifdef SSL_R_BAD_SRP_PARAMETERS ++ {"BAD_SRP_PARAMETERS", ERR_LIB_SSL, SSL_R_BAD_SRP_PARAMETERS}, ++ #else ++ {"BAD_SRP_PARAMETERS", 20, 371}, ++ #endif ++ #ifdef SSL_R_BAD_SRTP_MKI_VALUE ++ {"BAD_SRTP_MKI_VALUE", ERR_LIB_SSL, SSL_R_BAD_SRTP_MKI_VALUE}, ++ #else ++ {"BAD_SRTP_MKI_VALUE", 20, 352}, ++ #endif ++ #ifdef SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST ++ {"BAD_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST}, ++ #else ++ {"BAD_SRTP_PROTECTION_PROFILE_LIST", 20, 353}, ++ #endif ++ #ifdef SSL_R_BAD_SSL_FILETYPE ++ {"BAD_SSL_FILETYPE", ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE}, ++ #else ++ {"BAD_SSL_FILETYPE", 20, 124}, ++ #endif ++ #ifdef SSL_R_BAD_VALUE ++ {"BAD_VALUE", ERR_LIB_SSL, SSL_R_BAD_VALUE}, ++ #else ++ {"BAD_VALUE", 20, 384}, ++ #endif ++ #ifdef SSL_R_BAD_WRITE_RETRY ++ {"BAD_WRITE_RETRY", ERR_LIB_SSL, SSL_R_BAD_WRITE_RETRY}, ++ #else ++ {"BAD_WRITE_RETRY", 20, 127}, ++ #endif ++ #ifdef SSL_R_BINDER_DOES_NOT_VERIFY ++ {"BINDER_DOES_NOT_VERIFY", ERR_LIB_SSL, SSL_R_BINDER_DOES_NOT_VERIFY}, ++ #else ++ {"BINDER_DOES_NOT_VERIFY", 20, 253}, ++ #endif ++ #ifdef SSL_R_BIO_NOT_SET ++ {"BIO_NOT_SET", ERR_LIB_SSL, SSL_R_BIO_NOT_SET}, ++ #else ++ {"BIO_NOT_SET", 20, 128}, ++ #endif ++ #ifdef SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ++ {"BLOCK_CIPHER_PAD_IS_WRONG", ERR_LIB_SSL, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG}, ++ #else ++ {"BLOCK_CIPHER_PAD_IS_WRONG", 20, 129}, ++ #endif ++ #ifdef SSL_R_BN_LIB ++ {"BN_LIB", ERR_LIB_SSL, SSL_R_BN_LIB}, ++ #else ++ {"BN_LIB", 20, 130}, ++ #endif ++ #ifdef SSL_R_CALLBACK_FAILED ++ {"CALLBACK_FAILED", ERR_LIB_SSL, SSL_R_CALLBACK_FAILED}, ++ #else ++ {"CALLBACK_FAILED", 20, 234}, ++ #endif ++ #ifdef SSL_R_CANNOT_CHANGE_CIPHER ++ {"CANNOT_CHANGE_CIPHER", ERR_LIB_SSL, SSL_R_CANNOT_CHANGE_CIPHER}, ++ #else ++ {"CANNOT_CHANGE_CIPHER", 20, 109}, ++ #endif ++ #ifdef SSL_R_CA_DN_LENGTH_MISMATCH ++ {"CA_DN_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_CA_DN_LENGTH_MISMATCH}, ++ #else ++ {"CA_DN_LENGTH_MISMATCH", 20, 131}, ++ #endif ++ #ifdef SSL_R_CA_KEY_TOO_SMALL ++ {"CA_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_CA_KEY_TOO_SMALL}, ++ #else ++ {"CA_KEY_TOO_SMALL", 20, 397}, ++ #endif ++ #ifdef SSL_R_CA_MD_TOO_WEAK ++ {"CA_MD_TOO_WEAK", ERR_LIB_SSL, SSL_R_CA_MD_TOO_WEAK}, ++ #else ++ {"CA_MD_TOO_WEAK", 20, 398}, ++ #endif ++ #ifdef SSL_R_CCS_RECEIVED_EARLY ++ {"CCS_RECEIVED_EARLY", ERR_LIB_SSL, SSL_R_CCS_RECEIVED_EARLY}, ++ #else ++ {"CCS_RECEIVED_EARLY", 20, 133}, ++ #endif ++ #ifdef SSL_R_CERTIFICATE_VERIFY_FAILED ++ {"CERTIFICATE_VERIFY_FAILED", ERR_LIB_SSL, SSL_R_CERTIFICATE_VERIFY_FAILED}, ++ #else ++ {"CERTIFICATE_VERIFY_FAILED", 20, 134}, ++ #endif ++ #ifdef SSL_R_CERT_CB_ERROR ++ {"CERT_CB_ERROR", ERR_LIB_SSL, SSL_R_CERT_CB_ERROR}, ++ #else ++ {"CERT_CB_ERROR", 20, 377}, ++ #endif ++ #ifdef SSL_R_CERT_LENGTH_MISMATCH ++ {"CERT_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_CERT_LENGTH_MISMATCH}, ++ #else ++ {"CERT_LENGTH_MISMATCH", 20, 135}, ++ #endif ++ #ifdef SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED ++ {"CIPHERSUITE_DIGEST_HAS_CHANGED", ERR_LIB_SSL, SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED}, ++ #else ++ {"CIPHERSUITE_DIGEST_HAS_CHANGED", 20, 218}, ++ #endif ++ #ifdef SSL_R_CIPHER_CODE_WRONG_LENGTH ++ {"CIPHER_CODE_WRONG_LENGTH", ERR_LIB_SSL, SSL_R_CIPHER_CODE_WRONG_LENGTH}, ++ #else ++ {"CIPHER_CODE_WRONG_LENGTH", 20, 137}, ++ #endif ++ #ifdef SSL_R_CIPHER_OR_HASH_UNAVAILABLE ++ {"CIPHER_OR_HASH_UNAVAILABLE", ERR_LIB_SSL, SSL_R_CIPHER_OR_HASH_UNAVAILABLE}, ++ #else ++ {"CIPHER_OR_HASH_UNAVAILABLE", 20, 138}, ++ #endif ++ #ifdef SSL_R_CLIENTHELLO_TLSEXT ++ {"CLIENTHELLO_TLSEXT", ERR_LIB_SSL, SSL_R_CLIENTHELLO_TLSEXT}, ++ #else ++ {"CLIENTHELLO_TLSEXT", 20, 226}, ++ #endif ++ #ifdef SSL_R_COMPRESSED_LENGTH_TOO_LONG ++ {"COMPRESSED_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_COMPRESSED_LENGTH_TOO_LONG}, ++ #else ++ {"COMPRESSED_LENGTH_TOO_LONG", 20, 140}, ++ #endif ++ #ifdef SSL_R_COMPRESSION_DISABLED ++ {"COMPRESSION_DISABLED", ERR_LIB_SSL, SSL_R_COMPRESSION_DISABLED}, ++ #else ++ {"COMPRESSION_DISABLED", 20, 343}, ++ #endif ++ #ifdef SSL_R_COMPRESSION_FAILURE ++ {"COMPRESSION_FAILURE", ERR_LIB_SSL, SSL_R_COMPRESSION_FAILURE}, ++ #else ++ {"COMPRESSION_FAILURE", 20, 141}, ++ #endif ++ #ifdef SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE ++ {"COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE", ERR_LIB_SSL, SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE}, ++ #else ++ {"COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE", 20, 307}, ++ #endif ++ #ifdef SSL_R_COMPRESSION_LIBRARY_ERROR ++ {"COMPRESSION_LIBRARY_ERROR", ERR_LIB_SSL, SSL_R_COMPRESSION_LIBRARY_ERROR}, ++ #else ++ {"COMPRESSION_LIBRARY_ERROR", 20, 142}, ++ #endif ++ #ifdef SSL_R_CONNECTION_TYPE_NOT_SET ++ {"CONNECTION_TYPE_NOT_SET", ERR_LIB_SSL, SSL_R_CONNECTION_TYPE_NOT_SET}, ++ #else ++ {"CONNECTION_TYPE_NOT_SET", 20, 144}, ++ #endif ++ #ifdef SSL_R_CONTEXT_NOT_DANE_ENABLED ++ {"CONTEXT_NOT_DANE_ENABLED", ERR_LIB_SSL, SSL_R_CONTEXT_NOT_DANE_ENABLED}, ++ #else ++ {"CONTEXT_NOT_DANE_ENABLED", 20, 167}, ++ #endif ++ #ifdef SSL_R_COOKIE_GEN_CALLBACK_FAILURE ++ {"COOKIE_GEN_CALLBACK_FAILURE", ERR_LIB_SSL, SSL_R_COOKIE_GEN_CALLBACK_FAILURE}, ++ #else ++ {"COOKIE_GEN_CALLBACK_FAILURE", 20, 400}, ++ #endif ++ #ifdef SSL_R_COOKIE_MISMATCH ++ {"COOKIE_MISMATCH", ERR_LIB_SSL, SSL_R_COOKIE_MISMATCH}, ++ #else ++ {"COOKIE_MISMATCH", 20, 308}, ++ #endif ++ #ifdef SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED ++ {"CUSTOM_EXT_HANDLER_ALREADY_INSTALLED", ERR_LIB_SSL, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED}, ++ #else ++ {"CUSTOM_EXT_HANDLER_ALREADY_INSTALLED", 20, 206}, ++ #endif ++ #ifdef SSL_R_DANE_ALREADY_ENABLED ++ {"DANE_ALREADY_ENABLED", ERR_LIB_SSL, SSL_R_DANE_ALREADY_ENABLED}, ++ #else ++ {"DANE_ALREADY_ENABLED", 20, 172}, ++ #endif ++ #ifdef SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL ++ {"DANE_CANNOT_OVERRIDE_MTYPE_FULL", ERR_LIB_SSL, SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL}, ++ #else ++ {"DANE_CANNOT_OVERRIDE_MTYPE_FULL", 20, 173}, ++ #endif ++ #ifdef SSL_R_DANE_NOT_ENABLED ++ {"DANE_NOT_ENABLED", ERR_LIB_SSL, SSL_R_DANE_NOT_ENABLED}, ++ #else ++ {"DANE_NOT_ENABLED", 20, 175}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_CERTIFICATE ++ {"DANE_TLSA_BAD_CERTIFICATE", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE}, ++ #else ++ {"DANE_TLSA_BAD_CERTIFICATE", 20, 180}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE ++ {"DANE_TLSA_BAD_CERTIFICATE_USAGE", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE}, ++ #else ++ {"DANE_TLSA_BAD_CERTIFICATE_USAGE", 20, 184}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_DATA_LENGTH ++ {"DANE_TLSA_BAD_DATA_LENGTH", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DATA_LENGTH}, ++ #else ++ {"DANE_TLSA_BAD_DATA_LENGTH", 20, 189}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH ++ {"DANE_TLSA_BAD_DIGEST_LENGTH", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH}, ++ #else ++ {"DANE_TLSA_BAD_DIGEST_LENGTH", 20, 192}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_MATCHING_TYPE ++ {"DANE_TLSA_BAD_MATCHING_TYPE", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_MATCHING_TYPE}, ++ #else ++ {"DANE_TLSA_BAD_MATCHING_TYPE", 20, 200}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_PUBLIC_KEY ++ {"DANE_TLSA_BAD_PUBLIC_KEY", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_PUBLIC_KEY}, ++ #else ++ {"DANE_TLSA_BAD_PUBLIC_KEY", 20, 201}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_SELECTOR ++ {"DANE_TLSA_BAD_SELECTOR", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_SELECTOR}, ++ #else ++ {"DANE_TLSA_BAD_SELECTOR", 20, 202}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_NULL_DATA ++ {"DANE_TLSA_NULL_DATA", ERR_LIB_SSL, SSL_R_DANE_TLSA_NULL_DATA}, ++ #else ++ {"DANE_TLSA_NULL_DATA", 20, 203}, ++ #endif ++ #ifdef SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ++ {"DATA_BETWEEN_CCS_AND_FINISHED", ERR_LIB_SSL, SSL_R_DATA_BETWEEN_CCS_AND_FINISHED}, ++ #else ++ {"DATA_BETWEEN_CCS_AND_FINISHED", 20, 145}, ++ #endif ++ #ifdef SSL_R_DATA_LENGTH_TOO_LONG ++ {"DATA_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_DATA_LENGTH_TOO_LONG}, ++ #else ++ {"DATA_LENGTH_TOO_LONG", 20, 146}, ++ #endif ++ #ifdef SSL_R_DECRYPTION_FAILED ++ {"DECRYPTION_FAILED", ERR_LIB_SSL, SSL_R_DECRYPTION_FAILED}, ++ #else ++ {"DECRYPTION_FAILED", 20, 147}, ++ #endif ++ #ifdef SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC ++ {"DECRYPTION_FAILED_OR_BAD_RECORD_MAC", ERR_LIB_SSL, SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC}, ++ #else ++ {"DECRYPTION_FAILED_OR_BAD_RECORD_MAC", 20, 281}, ++ #endif ++ #ifdef SSL_R_DH_KEY_TOO_SMALL ++ {"DH_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL}, ++ #else ++ {"DH_KEY_TOO_SMALL", 20, 394}, ++ #endif ++ #ifdef SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ++ {"DH_PUBLIC_VALUE_LENGTH_IS_WRONG", ERR_LIB_SSL, SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG}, ++ #else ++ {"DH_PUBLIC_VALUE_LENGTH_IS_WRONG", 20, 148}, ++ #endif ++ #ifdef SSL_R_DIGEST_CHECK_FAILED ++ {"DIGEST_CHECK_FAILED", ERR_LIB_SSL, SSL_R_DIGEST_CHECK_FAILED}, ++ #else ++ {"DIGEST_CHECK_FAILED", 20, 149}, ++ #endif ++ #ifdef SSL_R_DTLS_MESSAGE_TOO_BIG ++ {"DTLS_MESSAGE_TOO_BIG", ERR_LIB_SSL, SSL_R_DTLS_MESSAGE_TOO_BIG}, ++ #else ++ {"DTLS_MESSAGE_TOO_BIG", 20, 334}, ++ #endif ++ #ifdef SSL_R_DUPLICATE_COMPRESSION_ID ++ {"DUPLICATE_COMPRESSION_ID", ERR_LIB_SSL, SSL_R_DUPLICATE_COMPRESSION_ID}, ++ #else ++ {"DUPLICATE_COMPRESSION_ID", 20, 309}, ++ #endif ++ #ifdef SSL_R_ECC_CERT_NOT_FOR_SIGNING ++ {"ECC_CERT_NOT_FOR_SIGNING", ERR_LIB_SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING}, ++ #else ++ {"ECC_CERT_NOT_FOR_SIGNING", 20, 318}, ++ #endif ++ #ifdef SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE ++ {"ECDH_REQUIRED_FOR_SUITEB_MODE", ERR_LIB_SSL, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE}, ++ #else ++ {"ECDH_REQUIRED_FOR_SUITEB_MODE", 20, 374}, ++ #endif ++ #ifdef SSL_R_EE_KEY_TOO_SMALL ++ {"EE_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_EE_KEY_TOO_SMALL}, ++ #else ++ {"EE_KEY_TOO_SMALL", 20, 399}, ++ #endif ++ #ifdef SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST ++ {"EMPTY_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST}, ++ #else ++ {"EMPTY_SRTP_PROTECTION_PROFILE_LIST", 20, 354}, ++ #endif ++ #ifdef SSL_R_ENCRYPTED_LENGTH_TOO_LONG ++ {"ENCRYPTED_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_ENCRYPTED_LENGTH_TOO_LONG}, ++ #else ++ {"ENCRYPTED_LENGTH_TOO_LONG", 20, 150}, ++ #endif ++ #ifdef SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ++ {"ERROR_IN_RECEIVED_CIPHER_LIST", ERR_LIB_SSL, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST}, ++ #else ++ {"ERROR_IN_RECEIVED_CIPHER_LIST", 20, 151}, ++ #endif ++ #ifdef SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN ++ {"ERROR_SETTING_TLSA_BASE_DOMAIN", ERR_LIB_SSL, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN}, ++ #else ++ {"ERROR_SETTING_TLSA_BASE_DOMAIN", 20, 204}, ++ #endif ++ #ifdef SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE ++ {"EXCEEDS_MAX_FRAGMENT_SIZE", ERR_LIB_SSL, SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE}, ++ #else ++ {"EXCEEDS_MAX_FRAGMENT_SIZE", 20, 194}, ++ #endif ++ #ifdef SSL_R_EXCESSIVE_MESSAGE_SIZE ++ {"EXCESSIVE_MESSAGE_SIZE", ERR_LIB_SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE}, ++ #else ++ {"EXCESSIVE_MESSAGE_SIZE", 20, 152}, ++ #endif ++ #ifdef SSL_R_EXTENSION_NOT_RECEIVED ++ {"EXTENSION_NOT_RECEIVED", ERR_LIB_SSL, SSL_R_EXTENSION_NOT_RECEIVED}, ++ #else ++ {"EXTENSION_NOT_RECEIVED", 20, 279}, ++ #endif ++ #ifdef SSL_R_EXTRA_DATA_IN_MESSAGE ++ {"EXTRA_DATA_IN_MESSAGE", ERR_LIB_SSL, SSL_R_EXTRA_DATA_IN_MESSAGE}, ++ #else ++ {"EXTRA_DATA_IN_MESSAGE", 20, 153}, ++ #endif ++ #ifdef SSL_R_EXT_LENGTH_MISMATCH ++ {"EXT_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_EXT_LENGTH_MISMATCH}, ++ #else ++ {"EXT_LENGTH_MISMATCH", 20, 163}, ++ #endif ++ #ifdef SSL_R_FAILED_TO_INIT_ASYNC ++ {"FAILED_TO_INIT_ASYNC", ERR_LIB_SSL, SSL_R_FAILED_TO_INIT_ASYNC}, ++ #else ++ {"FAILED_TO_INIT_ASYNC", 20, 405}, ++ #endif ++ #ifdef SSL_R_FRAGMENTED_CLIENT_HELLO ++ {"FRAGMENTED_CLIENT_HELLO", ERR_LIB_SSL, SSL_R_FRAGMENTED_CLIENT_HELLO}, ++ #else ++ {"FRAGMENTED_CLIENT_HELLO", 20, 401}, ++ #endif ++ #ifdef SSL_R_GOT_A_FIN_BEFORE_A_CCS ++ {"GOT_A_FIN_BEFORE_A_CCS", ERR_LIB_SSL, SSL_R_GOT_A_FIN_BEFORE_A_CCS}, ++ #else ++ {"GOT_A_FIN_BEFORE_A_CCS", 20, 154}, ++ #endif ++ #ifdef SSL_R_HTTPS_PROXY_REQUEST ++ {"HTTPS_PROXY_REQUEST", ERR_LIB_SSL, SSL_R_HTTPS_PROXY_REQUEST}, ++ #else ++ {"HTTPS_PROXY_REQUEST", 20, 155}, ++ #endif ++ #ifdef SSL_R_HTTP_REQUEST ++ {"HTTP_REQUEST", ERR_LIB_SSL, SSL_R_HTTP_REQUEST}, ++ #else ++ {"HTTP_REQUEST", 20, 156}, ++ #endif ++ #ifdef SSL_R_ILLEGAL_POINT_COMPRESSION ++ {"ILLEGAL_POINT_COMPRESSION", ERR_LIB_SSL, SSL_R_ILLEGAL_POINT_COMPRESSION}, ++ #else ++ {"ILLEGAL_POINT_COMPRESSION", 20, 162}, ++ #endif ++ #ifdef SSL_R_ILLEGAL_SUITEB_DIGEST ++ {"ILLEGAL_SUITEB_DIGEST", ERR_LIB_SSL, SSL_R_ILLEGAL_SUITEB_DIGEST}, ++ #else ++ {"ILLEGAL_SUITEB_DIGEST", 20, 380}, ++ #endif ++ #ifdef SSL_R_INAPPROPRIATE_FALLBACK ++ {"INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, SSL_R_INAPPROPRIATE_FALLBACK}, ++ #else ++ {"INAPPROPRIATE_FALLBACK", 20, 373}, ++ #endif ++ #ifdef SSL_R_INCONSISTENT_COMPRESSION ++ {"INCONSISTENT_COMPRESSION", ERR_LIB_SSL, SSL_R_INCONSISTENT_COMPRESSION}, ++ #else ++ {"INCONSISTENT_COMPRESSION", 20, 340}, ++ #endif ++ #ifdef SSL_R_INCONSISTENT_EARLY_DATA_ALPN ++ {"INCONSISTENT_EARLY_DATA_ALPN", ERR_LIB_SSL, SSL_R_INCONSISTENT_EARLY_DATA_ALPN}, ++ #else ++ {"INCONSISTENT_EARLY_DATA_ALPN", 20, 222}, ++ #endif ++ #ifdef SSL_R_INCONSISTENT_EARLY_DATA_SNI ++ {"INCONSISTENT_EARLY_DATA_SNI", ERR_LIB_SSL, SSL_R_INCONSISTENT_EARLY_DATA_SNI}, ++ #else ++ {"INCONSISTENT_EARLY_DATA_SNI", 20, 231}, ++ #endif ++ #ifdef SSL_R_INCONSISTENT_EXTMS ++ {"INCONSISTENT_EXTMS", ERR_LIB_SSL, SSL_R_INCONSISTENT_EXTMS}, ++ #else ++ {"INCONSISTENT_EXTMS", 20, 104}, ++ #endif ++ #ifdef SSL_R_INSUFFICIENT_SECURITY ++ {"INSUFFICIENT_SECURITY", ERR_LIB_SSL, SSL_R_INSUFFICIENT_SECURITY}, ++ #else ++ {"INSUFFICIENT_SECURITY", 20, 241}, ++ #endif ++ #ifdef SSL_R_INVALID_ALERT ++ {"INVALID_ALERT", ERR_LIB_SSL, SSL_R_INVALID_ALERT}, ++ #else ++ {"INVALID_ALERT", 20, 205}, ++ #endif ++ #ifdef SSL_R_INVALID_CCS_MESSAGE ++ {"INVALID_CCS_MESSAGE", ERR_LIB_SSL, SSL_R_INVALID_CCS_MESSAGE}, ++ #else ++ {"INVALID_CCS_MESSAGE", 20, 260}, ++ #endif ++ #ifdef SSL_R_INVALID_CERTIFICATE_OR_ALG ++ {"INVALID_CERTIFICATE_OR_ALG", ERR_LIB_SSL, SSL_R_INVALID_CERTIFICATE_OR_ALG}, ++ #else ++ {"INVALID_CERTIFICATE_OR_ALG", 20, 238}, ++ #endif ++ #ifdef SSL_R_INVALID_COMMAND ++ {"INVALID_COMMAND", ERR_LIB_SSL, SSL_R_INVALID_COMMAND}, ++ #else ++ {"INVALID_COMMAND", 20, 280}, ++ #endif ++ #ifdef SSL_R_INVALID_COMPRESSION_ALGORITHM ++ {"INVALID_COMPRESSION_ALGORITHM", ERR_LIB_SSL, SSL_R_INVALID_COMPRESSION_ALGORITHM}, ++ #else ++ {"INVALID_COMPRESSION_ALGORITHM", 20, 341}, ++ #endif ++ #ifdef SSL_R_INVALID_CONFIG ++ {"INVALID_CONFIG", ERR_LIB_SSL, SSL_R_INVALID_CONFIG}, ++ #else ++ {"INVALID_CONFIG", 20, 283}, ++ #endif ++ #ifdef SSL_R_INVALID_CONFIGURATION_NAME ++ {"INVALID_CONFIGURATION_NAME", ERR_LIB_SSL, SSL_R_INVALID_CONFIGURATION_NAME}, ++ #else ++ {"INVALID_CONFIGURATION_NAME", 20, 113}, ++ #endif ++ #ifdef SSL_R_INVALID_CONTEXT ++ {"INVALID_CONTEXT", ERR_LIB_SSL, SSL_R_INVALID_CONTEXT}, ++ #else ++ {"INVALID_CONTEXT", 20, 282}, ++ #endif ++ #ifdef SSL_R_INVALID_CT_VALIDATION_TYPE ++ {"INVALID_CT_VALIDATION_TYPE", ERR_LIB_SSL, SSL_R_INVALID_CT_VALIDATION_TYPE}, ++ #else ++ {"INVALID_CT_VALIDATION_TYPE", 20, 212}, ++ #endif ++ #ifdef SSL_R_INVALID_KEY_UPDATE_TYPE ++ {"INVALID_KEY_UPDATE_TYPE", ERR_LIB_SSL, SSL_R_INVALID_KEY_UPDATE_TYPE}, ++ #else ++ {"INVALID_KEY_UPDATE_TYPE", 20, 120}, ++ #endif ++ #ifdef SSL_R_INVALID_MAX_EARLY_DATA ++ {"INVALID_MAX_EARLY_DATA", ERR_LIB_SSL, SSL_R_INVALID_MAX_EARLY_DATA}, ++ #else ++ {"INVALID_MAX_EARLY_DATA", 20, 174}, ++ #endif ++ #ifdef SSL_R_INVALID_NULL_CMD_NAME ++ {"INVALID_NULL_CMD_NAME", ERR_LIB_SSL, SSL_R_INVALID_NULL_CMD_NAME}, ++ #else ++ {"INVALID_NULL_CMD_NAME", 20, 385}, ++ #endif ++ #ifdef SSL_R_INVALID_SEQUENCE_NUMBER ++ {"INVALID_SEQUENCE_NUMBER", ERR_LIB_SSL, SSL_R_INVALID_SEQUENCE_NUMBER}, ++ #else ++ {"INVALID_SEQUENCE_NUMBER", 20, 402}, ++ #endif ++ #ifdef SSL_R_INVALID_SERVERINFO_DATA ++ {"INVALID_SERVERINFO_DATA", ERR_LIB_SSL, SSL_R_INVALID_SERVERINFO_DATA}, ++ #else ++ {"INVALID_SERVERINFO_DATA", 20, 388}, ++ #endif ++ #ifdef SSL_R_INVALID_SESSION_ID ++ {"INVALID_SESSION_ID", ERR_LIB_SSL, SSL_R_INVALID_SESSION_ID}, ++ #else ++ {"INVALID_SESSION_ID", 20, 999}, ++ #endif ++ #ifdef SSL_R_INVALID_SRP_USERNAME ++ {"INVALID_SRP_USERNAME", ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME}, ++ #else ++ {"INVALID_SRP_USERNAME", 20, 357}, ++ #endif ++ #ifdef SSL_R_INVALID_STATUS_RESPONSE ++ {"INVALID_STATUS_RESPONSE", ERR_LIB_SSL, SSL_R_INVALID_STATUS_RESPONSE}, ++ #else ++ {"INVALID_STATUS_RESPONSE", 20, 328}, ++ #endif ++ #ifdef SSL_R_INVALID_TICKET_KEYS_LENGTH ++ {"INVALID_TICKET_KEYS_LENGTH", ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH}, ++ #else ++ {"INVALID_TICKET_KEYS_LENGTH", 20, 325}, ++ #endif ++ #ifdef SSL_R_LENGTH_MISMATCH ++ {"LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH}, ++ #else ++ {"LENGTH_MISMATCH", 20, 159}, ++ #endif ++ #ifdef SSL_R_LENGTH_TOO_LONG ++ {"LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_LENGTH_TOO_LONG}, ++ #else ++ {"LENGTH_TOO_LONG", 20, 404}, ++ #endif ++ #ifdef SSL_R_LENGTH_TOO_SHORT ++ {"LENGTH_TOO_SHORT", ERR_LIB_SSL, SSL_R_LENGTH_TOO_SHORT}, ++ #else ++ {"LENGTH_TOO_SHORT", 20, 160}, ++ #endif ++ #ifdef SSL_R_LIBRARY_BUG ++ {"LIBRARY_BUG", ERR_LIB_SSL, SSL_R_LIBRARY_BUG}, ++ #else ++ {"LIBRARY_BUG", 20, 274}, ++ #endif ++ #ifdef SSL_R_LIBRARY_HAS_NO_CIPHERS ++ {"LIBRARY_HAS_NO_CIPHERS", ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS}, ++ #else ++ {"LIBRARY_HAS_NO_CIPHERS", 20, 161}, ++ #endif ++ #ifdef SSL_R_MISSING_DSA_SIGNING_CERT ++ {"MISSING_DSA_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_DSA_SIGNING_CERT}, ++ #else ++ {"MISSING_DSA_SIGNING_CERT", 20, 165}, ++ #endif ++ #ifdef SSL_R_MISSING_ECDSA_SIGNING_CERT ++ {"MISSING_ECDSA_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_ECDSA_SIGNING_CERT}, ++ #else ++ {"MISSING_ECDSA_SIGNING_CERT", 20, 381}, ++ #endif ++ #ifdef SSL_R_MISSING_FATAL ++ {"MISSING_FATAL", ERR_LIB_SSL, SSL_R_MISSING_FATAL}, ++ #else ++ {"MISSING_FATAL", 20, 256}, ++ #endif ++ #ifdef SSL_R_MISSING_PARAMETERS ++ {"MISSING_PARAMETERS", ERR_LIB_SSL, SSL_R_MISSING_PARAMETERS}, ++ #else ++ {"MISSING_PARAMETERS", 20, 290}, ++ #endif ++ #ifdef SSL_R_MISSING_RSA_CERTIFICATE ++ {"MISSING_RSA_CERTIFICATE", ERR_LIB_SSL, SSL_R_MISSING_RSA_CERTIFICATE}, ++ #else ++ {"MISSING_RSA_CERTIFICATE", 20, 168}, ++ #endif ++ #ifdef SSL_R_MISSING_RSA_ENCRYPTING_CERT ++ {"MISSING_RSA_ENCRYPTING_CERT", ERR_LIB_SSL, SSL_R_MISSING_RSA_ENCRYPTING_CERT}, ++ #else ++ {"MISSING_RSA_ENCRYPTING_CERT", 20, 169}, ++ #endif ++ #ifdef SSL_R_MISSING_RSA_SIGNING_CERT ++ {"MISSING_RSA_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_RSA_SIGNING_CERT}, ++ #else ++ {"MISSING_RSA_SIGNING_CERT", 20, 170}, ++ #endif ++ #ifdef SSL_R_MISSING_SIGALGS_EXTENSION ++ {"MISSING_SIGALGS_EXTENSION", ERR_LIB_SSL, SSL_R_MISSING_SIGALGS_EXTENSION}, ++ #else ++ {"MISSING_SIGALGS_EXTENSION", 20, 112}, ++ #endif ++ #ifdef SSL_R_MISSING_SIGNING_CERT ++ {"MISSING_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_SIGNING_CERT}, ++ #else ++ {"MISSING_SIGNING_CERT", 20, 221}, ++ #endif ++ #ifdef SSL_R_MISSING_SRP_PARAM ++ {"MISSING_SRP_PARAM", ERR_LIB_SSL, SSL_R_MISSING_SRP_PARAM}, ++ #else ++ {"MISSING_SRP_PARAM", 20, 358}, ++ #endif ++ #ifdef SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION ++ {"MISSING_SUPPORTED_GROUPS_EXTENSION", ERR_LIB_SSL, SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION}, ++ #else ++ {"MISSING_SUPPORTED_GROUPS_EXTENSION", 20, 209}, ++ #endif ++ #ifdef SSL_R_MISSING_TMP_DH_KEY ++ {"MISSING_TMP_DH_KEY", ERR_LIB_SSL, SSL_R_MISSING_TMP_DH_KEY}, ++ #else ++ {"MISSING_TMP_DH_KEY", 20, 171}, ++ #endif ++ #ifdef SSL_R_MISSING_TMP_ECDH_KEY ++ {"MISSING_TMP_ECDH_KEY", ERR_LIB_SSL, SSL_R_MISSING_TMP_ECDH_KEY}, ++ #else ++ {"MISSING_TMP_ECDH_KEY", 20, 311}, ++ #endif ++ #ifdef SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA ++ {"MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA", ERR_LIB_SSL, SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA}, ++ #else ++ {"MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA", 20, 293}, ++ #endif ++ #ifdef SSL_R_NOT_ON_RECORD_BOUNDARY ++ {"NOT_ON_RECORD_BOUNDARY", ERR_LIB_SSL, SSL_R_NOT_ON_RECORD_BOUNDARY}, ++ #else ++ {"NOT_ON_RECORD_BOUNDARY", 20, 182}, ++ #endif ++ #ifdef SSL_R_NOT_REPLACING_CERTIFICATE ++ {"NOT_REPLACING_CERTIFICATE", ERR_LIB_SSL, SSL_R_NOT_REPLACING_CERTIFICATE}, ++ #else ++ {"NOT_REPLACING_CERTIFICATE", 20, 289}, ++ #endif ++ #ifdef SSL_R_NOT_SERVER ++ {"NOT_SERVER", ERR_LIB_SSL, SSL_R_NOT_SERVER}, ++ #else ++ {"NOT_SERVER", 20, 284}, ++ #endif ++ #ifdef SSL_R_NO_APPLICATION_PROTOCOL ++ {"NO_APPLICATION_PROTOCOL", ERR_LIB_SSL, SSL_R_NO_APPLICATION_PROTOCOL}, ++ #else ++ {"NO_APPLICATION_PROTOCOL", 20, 235}, ++ #endif ++ #ifdef SSL_R_NO_CERTIFICATES_RETURNED ++ {"NO_CERTIFICATES_RETURNED", ERR_LIB_SSL, SSL_R_NO_CERTIFICATES_RETURNED}, ++ #else ++ {"NO_CERTIFICATES_RETURNED", 20, 176}, ++ #endif ++ #ifdef SSL_R_NO_CERTIFICATE_ASSIGNED ++ {"NO_CERTIFICATE_ASSIGNED", ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_ASSIGNED}, ++ #else ++ {"NO_CERTIFICATE_ASSIGNED", 20, 177}, ++ #endif ++ #ifdef SSL_R_NO_CERTIFICATE_SET ++ {"NO_CERTIFICATE_SET", ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_SET}, ++ #else ++ {"NO_CERTIFICATE_SET", 20, 179}, ++ #endif ++ #ifdef SSL_R_NO_CHANGE_FOLLOWING_HRR ++ {"NO_CHANGE_FOLLOWING_HRR", ERR_LIB_SSL, SSL_R_NO_CHANGE_FOLLOWING_HRR}, ++ #else ++ {"NO_CHANGE_FOLLOWING_HRR", 20, 214}, ++ #endif ++ #ifdef SSL_R_NO_CIPHERS_AVAILABLE ++ {"NO_CIPHERS_AVAILABLE", ERR_LIB_SSL, SSL_R_NO_CIPHERS_AVAILABLE}, ++ #else ++ {"NO_CIPHERS_AVAILABLE", 20, 181}, ++ #endif ++ #ifdef SSL_R_NO_CIPHERS_SPECIFIED ++ {"NO_CIPHERS_SPECIFIED", ERR_LIB_SSL, SSL_R_NO_CIPHERS_SPECIFIED}, ++ #else ++ {"NO_CIPHERS_SPECIFIED", 20, 183}, ++ #endif ++ #ifdef SSL_R_NO_CIPHER_MATCH ++ {"NO_CIPHER_MATCH", ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH}, ++ #else ++ {"NO_CIPHER_MATCH", 20, 185}, ++ #endif ++ #ifdef SSL_R_NO_CLIENT_CERT_METHOD ++ {"NO_CLIENT_CERT_METHOD", ERR_LIB_SSL, SSL_R_NO_CLIENT_CERT_METHOD}, ++ #else ++ {"NO_CLIENT_CERT_METHOD", 20, 331}, ++ #endif ++ #ifdef SSL_R_NO_COMPRESSION_SPECIFIED ++ {"NO_COMPRESSION_SPECIFIED", ERR_LIB_SSL, SSL_R_NO_COMPRESSION_SPECIFIED}, ++ #else ++ {"NO_COMPRESSION_SPECIFIED", 20, 187}, ++ #endif ++ #ifdef SSL_R_NO_COOKIE_CALLBACK_SET ++ {"NO_COOKIE_CALLBACK_SET", ERR_LIB_SSL, SSL_R_NO_COOKIE_CALLBACK_SET}, ++ #else ++ {"NO_COOKIE_CALLBACK_SET", 20, 287}, ++ #endif ++ #ifdef SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER ++ {"NO_GOST_CERTIFICATE_SENT_BY_PEER", ERR_LIB_SSL, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER}, ++ #else ++ {"NO_GOST_CERTIFICATE_SENT_BY_PEER", 20, 330}, ++ #endif ++ #ifdef SSL_R_NO_METHOD_SPECIFIED ++ {"NO_METHOD_SPECIFIED", ERR_LIB_SSL, SSL_R_NO_METHOD_SPECIFIED}, ++ #else ++ {"NO_METHOD_SPECIFIED", 20, 188}, ++ #endif ++ #ifdef SSL_R_NO_PEM_EXTENSIONS ++ {"NO_PEM_EXTENSIONS", ERR_LIB_SSL, SSL_R_NO_PEM_EXTENSIONS}, ++ #else ++ {"NO_PEM_EXTENSIONS", 20, 389}, ++ #endif ++ #ifdef SSL_R_NO_PRIVATE_KEY_ASSIGNED ++ {"NO_PRIVATE_KEY_ASSIGNED", ERR_LIB_SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED}, ++ #else ++ {"NO_PRIVATE_KEY_ASSIGNED", 20, 190}, ++ #endif ++ #ifdef SSL_R_NO_PROTOCOLS_AVAILABLE ++ {"NO_PROTOCOLS_AVAILABLE", ERR_LIB_SSL, SSL_R_NO_PROTOCOLS_AVAILABLE}, ++ #else ++ {"NO_PROTOCOLS_AVAILABLE", 20, 191}, ++ #endif ++ #ifdef SSL_R_NO_RENEGOTIATION ++ {"NO_RENEGOTIATION", ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION}, ++ #else ++ {"NO_RENEGOTIATION", 20, 339}, ++ #endif ++ #ifdef SSL_R_NO_REQUIRED_DIGEST ++ {"NO_REQUIRED_DIGEST", ERR_LIB_SSL, SSL_R_NO_REQUIRED_DIGEST}, ++ #else ++ {"NO_REQUIRED_DIGEST", 20, 324}, ++ #endif ++ #ifdef SSL_R_NO_SHARED_CIPHER ++ {"NO_SHARED_CIPHER", ERR_LIB_SSL, SSL_R_NO_SHARED_CIPHER}, ++ #else ++ {"NO_SHARED_CIPHER", 20, 193}, ++ #endif ++ #ifdef SSL_R_NO_SHARED_GROUPS ++ {"NO_SHARED_GROUPS", ERR_LIB_SSL, SSL_R_NO_SHARED_GROUPS}, ++ #else ++ {"NO_SHARED_GROUPS", 20, 410}, ++ #endif ++ #ifdef SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS ++ {"NO_SHARED_SIGNATURE_ALGORITHMS", ERR_LIB_SSL, SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS}, ++ #else ++ {"NO_SHARED_SIGNATURE_ALGORITHMS", 20, 376}, ++ #endif ++ #ifdef SSL_R_NO_SRTP_PROFILES ++ {"NO_SRTP_PROFILES", ERR_LIB_SSL, SSL_R_NO_SRTP_PROFILES}, ++ #else ++ {"NO_SRTP_PROFILES", 20, 359}, ++ #endif ++ #ifdef SSL_R_NO_SUITABLE_KEY_SHARE ++ {"NO_SUITABLE_KEY_SHARE", ERR_LIB_SSL, SSL_R_NO_SUITABLE_KEY_SHARE}, ++ #else ++ {"NO_SUITABLE_KEY_SHARE", 20, 101}, ++ #endif ++ #ifdef SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM ++ {"NO_SUITABLE_SIGNATURE_ALGORITHM", ERR_LIB_SSL, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM}, ++ #else ++ {"NO_SUITABLE_SIGNATURE_ALGORITHM", 20, 118}, ++ #endif ++ #ifdef SSL_R_NO_VALID_SCTS ++ {"NO_VALID_SCTS", ERR_LIB_SSL, SSL_R_NO_VALID_SCTS}, ++ #else ++ {"NO_VALID_SCTS", 20, 216}, ++ #endif ++ #ifdef SSL_R_NO_VERIFY_COOKIE_CALLBACK ++ {"NO_VERIFY_COOKIE_CALLBACK", ERR_LIB_SSL, SSL_R_NO_VERIFY_COOKIE_CALLBACK}, ++ #else ++ {"NO_VERIFY_COOKIE_CALLBACK", 20, 403}, ++ #endif ++ #ifdef SSL_R_NULL_SSL_CTX ++ {"NULL_SSL_CTX", ERR_LIB_SSL, SSL_R_NULL_SSL_CTX}, ++ #else ++ {"NULL_SSL_CTX", 20, 195}, ++ #endif ++ #ifdef SSL_R_NULL_SSL_METHOD_PASSED ++ {"NULL_SSL_METHOD_PASSED", ERR_LIB_SSL, SSL_R_NULL_SSL_METHOD_PASSED}, ++ #else ++ {"NULL_SSL_METHOD_PASSED", 20, 196}, ++ #endif ++ #ifdef SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ++ {"OLD_SESSION_CIPHER_NOT_RETURNED", ERR_LIB_SSL, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED}, ++ #else ++ {"OLD_SESSION_CIPHER_NOT_RETURNED", 20, 197}, ++ #endif ++ #ifdef SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED ++ {"OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", ERR_LIB_SSL, SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED}, ++ #else ++ {"OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", 20, 344}, ++ #endif ++ #ifdef SSL_R_OVERFLOW_ERROR ++ {"OVERFLOW_ERROR", ERR_LIB_SSL, SSL_R_OVERFLOW_ERROR}, ++ #else ++ {"OVERFLOW_ERROR", 20, 237}, ++ #endif ++ #ifdef SSL_R_PACKET_LENGTH_TOO_LONG ++ {"PACKET_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_PACKET_LENGTH_TOO_LONG}, ++ #else ++ {"PACKET_LENGTH_TOO_LONG", 20, 198}, ++ #endif ++ #ifdef SSL_R_PARSE_TLSEXT ++ {"PARSE_TLSEXT", ERR_LIB_SSL, SSL_R_PARSE_TLSEXT}, ++ #else ++ {"PARSE_TLSEXT", 20, 227}, ++ #endif ++ #ifdef SSL_R_PATH_TOO_LONG ++ {"PATH_TOO_LONG", ERR_LIB_SSL, SSL_R_PATH_TOO_LONG}, ++ #else ++ {"PATH_TOO_LONG", 20, 270}, ++ #endif ++ #ifdef SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ++ {"PEER_DID_NOT_RETURN_A_CERTIFICATE", ERR_LIB_SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE}, ++ #else ++ {"PEER_DID_NOT_RETURN_A_CERTIFICATE", 20, 199}, ++ #endif ++ #ifdef SSL_R_PEM_NAME_BAD_PREFIX ++ {"PEM_NAME_BAD_PREFIX", ERR_LIB_SSL, SSL_R_PEM_NAME_BAD_PREFIX}, ++ #else ++ {"PEM_NAME_BAD_PREFIX", 20, 391}, ++ #endif ++ #ifdef SSL_R_PEM_NAME_TOO_SHORT ++ {"PEM_NAME_TOO_SHORT", ERR_LIB_SSL, SSL_R_PEM_NAME_TOO_SHORT}, ++ #else ++ {"PEM_NAME_TOO_SHORT", 20, 392}, ++ #endif ++ #ifdef SSL_R_PIPELINE_FAILURE ++ {"PIPELINE_FAILURE", ERR_LIB_SSL, SSL_R_PIPELINE_FAILURE}, ++ #else ++ {"PIPELINE_FAILURE", 20, 406}, ++ #endif ++ #ifdef SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR ++ {"POST_HANDSHAKE_AUTH_ENCODING_ERR", ERR_LIB_SSL, SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR}, ++ #else ++ {"POST_HANDSHAKE_AUTH_ENCODING_ERR", 20, 278}, ++ #endif ++ #ifdef SSL_R_PRIVATE_KEY_MISMATCH ++ {"PRIVATE_KEY_MISMATCH", ERR_LIB_SSL, SSL_R_PRIVATE_KEY_MISMATCH}, ++ #else ++ {"PRIVATE_KEY_MISMATCH", 20, 288}, ++ #endif ++ #ifdef SSL_R_PROTOCOL_IS_SHUTDOWN ++ {"PROTOCOL_IS_SHUTDOWN", ERR_LIB_SSL, SSL_R_PROTOCOL_IS_SHUTDOWN}, ++ #else ++ {"PROTOCOL_IS_SHUTDOWN", 20, 207}, ++ #endif ++ #ifdef SSL_R_PSK_IDENTITY_NOT_FOUND ++ {"PSK_IDENTITY_NOT_FOUND", ERR_LIB_SSL, SSL_R_PSK_IDENTITY_NOT_FOUND}, ++ #else ++ {"PSK_IDENTITY_NOT_FOUND", 20, 223}, ++ #endif ++ #ifdef SSL_R_PSK_NO_CLIENT_CB ++ {"PSK_NO_CLIENT_CB", ERR_LIB_SSL, SSL_R_PSK_NO_CLIENT_CB}, ++ #else ++ {"PSK_NO_CLIENT_CB", 20, 224}, ++ #endif ++ #ifdef SSL_R_PSK_NO_SERVER_CB ++ {"PSK_NO_SERVER_CB", ERR_LIB_SSL, SSL_R_PSK_NO_SERVER_CB}, ++ #else ++ {"PSK_NO_SERVER_CB", 20, 225}, ++ #endif ++ #ifdef SSL_R_READ_BIO_NOT_SET ++ {"READ_BIO_NOT_SET", ERR_LIB_SSL, SSL_R_READ_BIO_NOT_SET}, ++ #else ++ {"READ_BIO_NOT_SET", 20, 211}, ++ #endif ++ #ifdef SSL_R_READ_TIMEOUT_EXPIRED ++ {"READ_TIMEOUT_EXPIRED", ERR_LIB_SSL, SSL_R_READ_TIMEOUT_EXPIRED}, ++ #else ++ {"READ_TIMEOUT_EXPIRED", 20, 312}, ++ #endif ++ #ifdef SSL_R_RECORD_LENGTH_MISMATCH ++ {"RECORD_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_RECORD_LENGTH_MISMATCH}, ++ #else ++ {"RECORD_LENGTH_MISMATCH", 20, 213}, ++ #endif ++ #ifdef SSL_R_RECORD_TOO_SMALL ++ {"RECORD_TOO_SMALL", ERR_LIB_SSL, SSL_R_RECORD_TOO_SMALL}, ++ #else ++ {"RECORD_TOO_SMALL", 20, 298}, ++ #endif ++ #ifdef SSL_R_RENEGOTIATE_EXT_TOO_LONG ++ {"RENEGOTIATE_EXT_TOO_LONG", ERR_LIB_SSL, SSL_R_RENEGOTIATE_EXT_TOO_LONG}, ++ #else ++ {"RENEGOTIATE_EXT_TOO_LONG", 20, 335}, ++ #endif ++ #ifdef SSL_R_RENEGOTIATION_ENCODING_ERR ++ {"RENEGOTIATION_ENCODING_ERR", ERR_LIB_SSL, SSL_R_RENEGOTIATION_ENCODING_ERR}, ++ #else ++ {"RENEGOTIATION_ENCODING_ERR", 20, 336}, ++ #endif ++ #ifdef SSL_R_RENEGOTIATION_MISMATCH ++ {"RENEGOTIATION_MISMATCH", ERR_LIB_SSL, SSL_R_RENEGOTIATION_MISMATCH}, ++ #else ++ {"RENEGOTIATION_MISMATCH", 20, 337}, ++ #endif ++ #ifdef SSL_R_REQUEST_PENDING ++ {"REQUEST_PENDING", ERR_LIB_SSL, SSL_R_REQUEST_PENDING}, ++ #else ++ {"REQUEST_PENDING", 20, 285}, ++ #endif ++ #ifdef SSL_R_REQUEST_SENT ++ {"REQUEST_SENT", ERR_LIB_SSL, SSL_R_REQUEST_SENT}, ++ #else ++ {"REQUEST_SENT", 20, 286}, ++ #endif ++ #ifdef SSL_R_REQUIRED_CIPHER_MISSING ++ {"REQUIRED_CIPHER_MISSING", ERR_LIB_SSL, SSL_R_REQUIRED_CIPHER_MISSING}, ++ #else ++ {"REQUIRED_CIPHER_MISSING", 20, 215}, ++ #endif ++ #ifdef SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING ++ {"REQUIRED_COMPRESSION_ALGORITHM_MISSING", ERR_LIB_SSL, SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING}, ++ #else ++ {"REQUIRED_COMPRESSION_ALGORITHM_MISSING", 20, 342}, ++ #endif ++ #ifdef SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING ++ {"SCSV_RECEIVED_WHEN_RENEGOTIATING", ERR_LIB_SSL, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING}, ++ #else ++ {"SCSV_RECEIVED_WHEN_RENEGOTIATING", 20, 345}, ++ #endif ++ #ifdef SSL_R_SCT_VERIFICATION_FAILED ++ {"SCT_VERIFICATION_FAILED", ERR_LIB_SSL, SSL_R_SCT_VERIFICATION_FAILED}, ++ #else ++ {"SCT_VERIFICATION_FAILED", 20, 208}, ++ #endif ++ #ifdef SSL_R_SERVERHELLO_TLSEXT ++ {"SERVERHELLO_TLSEXT", ERR_LIB_SSL, SSL_R_SERVERHELLO_TLSEXT}, ++ #else ++ {"SERVERHELLO_TLSEXT", 20, 275}, ++ #endif ++ #ifdef SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ++ {"SESSION_ID_CONTEXT_UNINITIALIZED", ERR_LIB_SSL, SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED}, ++ #else ++ {"SESSION_ID_CONTEXT_UNINITIALIZED", 20, 277}, ++ #endif ++ #ifdef SSL_R_SHUTDOWN_WHILE_IN_INIT ++ {"SHUTDOWN_WHILE_IN_INIT", ERR_LIB_SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT}, ++ #else ++ {"SHUTDOWN_WHILE_IN_INIT", 20, 407}, ++ #endif ++ #ifdef SSL_R_SIGNATURE_ALGORITHMS_ERROR ++ {"SIGNATURE_ALGORITHMS_ERROR", ERR_LIB_SSL, SSL_R_SIGNATURE_ALGORITHMS_ERROR}, ++ #else ++ {"SIGNATURE_ALGORITHMS_ERROR", 20, 360}, ++ #endif ++ #ifdef SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE ++ {"SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", ERR_LIB_SSL, SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE}, ++ #else ++ {"SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", 20, 220}, ++ #endif ++ #ifdef SSL_R_SRP_A_CALC ++ {"SRP_A_CALC", ERR_LIB_SSL, SSL_R_SRP_A_CALC}, ++ #else ++ {"SRP_A_CALC", 20, 361}, ++ #endif ++ #ifdef SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES ++ {"SRTP_COULD_NOT_ALLOCATE_PROFILES", ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES}, ++ #else ++ {"SRTP_COULD_NOT_ALLOCATE_PROFILES", 20, 362}, ++ #endif ++ #ifdef SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG ++ {"SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", ERR_LIB_SSL, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG}, ++ #else ++ {"SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", 20, 363}, ++ #endif ++ #ifdef SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE ++ {"SRTP_UNKNOWN_PROTECTION_PROFILE", ERR_LIB_SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE}, ++ #else ++ {"SRTP_UNKNOWN_PROTECTION_PROFILE", 20, 364}, ++ #endif ++ #ifdef SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH ++ {"SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH", ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH}, ++ #else ++ {"SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH", 20, 232}, ++ #endif ++ #ifdef SSL_R_SSL3_EXT_INVALID_SERVERNAME ++ {"SSL3_EXT_INVALID_SERVERNAME", ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME}, ++ #else ++ {"SSL3_EXT_INVALID_SERVERNAME", 20, 319}, ++ #endif ++ #ifdef SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE ++ {"SSL3_EXT_INVALID_SERVERNAME_TYPE", ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE}, ++ #else ++ {"SSL3_EXT_INVALID_SERVERNAME_TYPE", 20, 320}, ++ #endif ++ #ifdef SSL_R_SSL3_SESSION_ID_TOO_LONG ++ {"SSL3_SESSION_ID_TOO_LONG", ERR_LIB_SSL, SSL_R_SSL3_SESSION_ID_TOO_LONG}, ++ #else ++ {"SSL3_SESSION_ID_TOO_LONG", 20, 300}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ++ {"SSLV3_ALERT_BAD_CERTIFICATE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_BAD_CERTIFICATE}, ++ #else ++ {"SSLV3_ALERT_BAD_CERTIFICATE", 20, 1042}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ++ {"SSLV3_ALERT_BAD_RECORD_MAC", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_BAD_RECORD_MAC}, ++ #else ++ {"SSLV3_ALERT_BAD_RECORD_MAC", 20, 1020}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ++ {"SSLV3_ALERT_CERTIFICATE_EXPIRED", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED}, ++ #else ++ {"SSLV3_ALERT_CERTIFICATE_EXPIRED", 20, 1045}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ++ {"SSLV3_ALERT_CERTIFICATE_REVOKED", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED}, ++ #else ++ {"SSLV3_ALERT_CERTIFICATE_REVOKED", 20, 1044}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ++ {"SSLV3_ALERT_CERTIFICATE_UNKNOWN", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN}, ++ #else ++ {"SSLV3_ALERT_CERTIFICATE_UNKNOWN", 20, 1046}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ++ {"SSLV3_ALERT_DECOMPRESSION_FAILURE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE}, ++ #else ++ {"SSLV3_ALERT_DECOMPRESSION_FAILURE", 20, 1030}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ++ {"SSLV3_ALERT_HANDSHAKE_FAILURE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE}, ++ #else ++ {"SSLV3_ALERT_HANDSHAKE_FAILURE", 20, 1040}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ++ {"SSLV3_ALERT_ILLEGAL_PARAMETER", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER}, ++ #else ++ {"SSLV3_ALERT_ILLEGAL_PARAMETER", 20, 1047}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_NO_CERTIFICATE ++ {"SSLV3_ALERT_NO_CERTIFICATE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_NO_CERTIFICATE}, ++ #else ++ {"SSLV3_ALERT_NO_CERTIFICATE", 20, 1041}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ++ {"SSLV3_ALERT_UNEXPECTED_MESSAGE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE}, ++ #else ++ {"SSLV3_ALERT_UNEXPECTED_MESSAGE", 20, 1010}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE ++ {"SSLV3_ALERT_UNSUPPORTED_CERTIFICATE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE}, ++ #else ++ {"SSLV3_ALERT_UNSUPPORTED_CERTIFICATE", 20, 1043}, ++ #endif ++ #ifdef SSL_R_SSL_COMMAND_SECTION_EMPTY ++ {"SSL_COMMAND_SECTION_EMPTY", ERR_LIB_SSL, SSL_R_SSL_COMMAND_SECTION_EMPTY}, ++ #else ++ {"SSL_COMMAND_SECTION_EMPTY", 20, 117}, ++ #endif ++ #ifdef SSL_R_SSL_COMMAND_SECTION_NOT_FOUND ++ {"SSL_COMMAND_SECTION_NOT_FOUND", ERR_LIB_SSL, SSL_R_SSL_COMMAND_SECTION_NOT_FOUND}, ++ #else ++ {"SSL_COMMAND_SECTION_NOT_FOUND", 20, 125}, ++ #endif ++ #ifdef SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION ++ {"SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION", ERR_LIB_SSL, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION}, ++ #else ++ {"SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION", 20, 228}, ++ #endif ++ #ifdef SSL_R_SSL_HANDSHAKE_FAILURE ++ {"SSL_HANDSHAKE_FAILURE", ERR_LIB_SSL, SSL_R_SSL_HANDSHAKE_FAILURE}, ++ #else ++ {"SSL_HANDSHAKE_FAILURE", 20, 229}, ++ #endif ++ #ifdef SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ++ {"SSL_LIBRARY_HAS_NO_CIPHERS", ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS}, ++ #else ++ {"SSL_LIBRARY_HAS_NO_CIPHERS", 20, 230}, ++ #endif ++ #ifdef SSL_R_SSL_NEGATIVE_LENGTH ++ {"SSL_NEGATIVE_LENGTH", ERR_LIB_SSL, SSL_R_SSL_NEGATIVE_LENGTH}, ++ #else ++ {"SSL_NEGATIVE_LENGTH", 20, 372}, ++ #endif ++ #ifdef SSL_R_SSL_SECTION_EMPTY ++ {"SSL_SECTION_EMPTY", ERR_LIB_SSL, SSL_R_SSL_SECTION_EMPTY}, ++ #else ++ {"SSL_SECTION_EMPTY", 20, 126}, ++ #endif ++ #ifdef SSL_R_SSL_SECTION_NOT_FOUND ++ {"SSL_SECTION_NOT_FOUND", ERR_LIB_SSL, SSL_R_SSL_SECTION_NOT_FOUND}, ++ #else ++ {"SSL_SECTION_NOT_FOUND", 20, 136}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_CALLBACK_FAILED ++ {"SSL_SESSION_ID_CALLBACK_FAILED", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED}, ++ #else ++ {"SSL_SESSION_ID_CALLBACK_FAILED", 20, 301}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_CONFLICT ++ {"SSL_SESSION_ID_CONFLICT", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONFLICT}, ++ #else ++ {"SSL_SESSION_ID_CONFLICT", 20, 302}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG ++ {"SSL_SESSION_ID_CONTEXT_TOO_LONG", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG}, ++ #else ++ {"SSL_SESSION_ID_CONTEXT_TOO_LONG", 20, 273}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH ++ {"SSL_SESSION_ID_HAS_BAD_LENGTH", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH}, ++ #else ++ {"SSL_SESSION_ID_HAS_BAD_LENGTH", 20, 303}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_TOO_LONG ++ {"SSL_SESSION_ID_TOO_LONG", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_TOO_LONG}, ++ #else ++ {"SSL_SESSION_ID_TOO_LONG", 20, 408}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_VERSION_MISMATCH ++ {"SSL_SESSION_VERSION_MISMATCH", ERR_LIB_SSL, SSL_R_SSL_SESSION_VERSION_MISMATCH}, ++ #else ++ {"SSL_SESSION_VERSION_MISMATCH", 20, 210}, ++ #endif ++ #ifdef SSL_R_STILL_IN_INIT ++ {"STILL_IN_INIT", ERR_LIB_SSL, SSL_R_STILL_IN_INIT}, ++ #else ++ {"STILL_IN_INIT", 20, 121}, ++ #endif ++ #ifdef SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED ++ {"TLSV13_ALERT_CERTIFICATE_REQUIRED", ERR_LIB_SSL, SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED}, ++ #else ++ {"TLSV13_ALERT_CERTIFICATE_REQUIRED", 20, 1116}, ++ #endif ++ #ifdef SSL_R_TLSV13_ALERT_MISSING_EXTENSION ++ {"TLSV13_ALERT_MISSING_EXTENSION", ERR_LIB_SSL, SSL_R_TLSV13_ALERT_MISSING_EXTENSION}, ++ #else ++ {"TLSV13_ALERT_MISSING_EXTENSION", 20, 1109}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_ACCESS_DENIED ++ {"TLSV1_ALERT_ACCESS_DENIED", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_ACCESS_DENIED}, ++ #else ++ {"TLSV1_ALERT_ACCESS_DENIED", 20, 1049}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_DECODE_ERROR ++ {"TLSV1_ALERT_DECODE_ERROR", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_DECODE_ERROR}, ++ #else ++ {"TLSV1_ALERT_DECODE_ERROR", 20, 1050}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ++ {"TLSV1_ALERT_DECRYPTION_FAILED", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_DECRYPTION_FAILED}, ++ #else ++ {"TLSV1_ALERT_DECRYPTION_FAILED", 20, 1021}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_DECRYPT_ERROR ++ {"TLSV1_ALERT_DECRYPT_ERROR", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_DECRYPT_ERROR}, ++ #else ++ {"TLSV1_ALERT_DECRYPT_ERROR", 20, 1051}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ++ {"TLSV1_ALERT_EXPORT_RESTRICTION", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION}, ++ #else ++ {"TLSV1_ALERT_EXPORT_RESTRICTION", 20, 1060}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK ++ {"TLSV1_ALERT_INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK}, ++ #else ++ {"TLSV1_ALERT_INAPPROPRIATE_FALLBACK", 20, 1086}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ++ {"TLSV1_ALERT_INSUFFICIENT_SECURITY", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY}, ++ #else ++ {"TLSV1_ALERT_INSUFFICIENT_SECURITY", 20, 1071}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_INTERNAL_ERROR ++ {"TLSV1_ALERT_INTERNAL_ERROR", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INTERNAL_ERROR}, ++ #else ++ {"TLSV1_ALERT_INTERNAL_ERROR", 20, 1080}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ++ {"TLSV1_ALERT_NO_RENEGOTIATION", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_NO_RENEGOTIATION}, ++ #else ++ {"TLSV1_ALERT_NO_RENEGOTIATION", 20, 1100}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ++ {"TLSV1_ALERT_PROTOCOL_VERSION", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_PROTOCOL_VERSION}, ++ #else ++ {"TLSV1_ALERT_PROTOCOL_VERSION", 20, 1070}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ++ {"TLSV1_ALERT_RECORD_OVERFLOW", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_RECORD_OVERFLOW}, ++ #else ++ {"TLSV1_ALERT_RECORD_OVERFLOW", 20, 1022}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_UNKNOWN_CA ++ {"TLSV1_ALERT_UNKNOWN_CA", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_UNKNOWN_CA}, ++ #else ++ {"TLSV1_ALERT_UNKNOWN_CA", 20, 1048}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_USER_CANCELLED ++ {"TLSV1_ALERT_USER_CANCELLED", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_USER_CANCELLED}, ++ #else ++ {"TLSV1_ALERT_USER_CANCELLED", 20, 1090}, ++ #endif ++ #ifdef SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE ++ {"TLSV1_BAD_CERTIFICATE_HASH_VALUE", ERR_LIB_SSL, SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE}, ++ #else ++ {"TLSV1_BAD_CERTIFICATE_HASH_VALUE", 20, 1114}, ++ #endif ++ #ifdef SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE ++ {"TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE", ERR_LIB_SSL, SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE}, ++ #else ++ {"TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE", 20, 1113}, ++ #endif ++ #ifdef SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE ++ {"TLSV1_CERTIFICATE_UNOBTAINABLE", ERR_LIB_SSL, SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE}, ++ #else ++ {"TLSV1_CERTIFICATE_UNOBTAINABLE", 20, 1111}, ++ #endif ++ #ifdef SSL_R_TLSV1_UNRECOGNIZED_NAME ++ {"TLSV1_UNRECOGNIZED_NAME", ERR_LIB_SSL, SSL_R_TLSV1_UNRECOGNIZED_NAME}, ++ #else ++ {"TLSV1_UNRECOGNIZED_NAME", 20, 1112}, ++ #endif ++ #ifdef SSL_R_TLSV1_UNSUPPORTED_EXTENSION ++ {"TLSV1_UNSUPPORTED_EXTENSION", ERR_LIB_SSL, SSL_R_TLSV1_UNSUPPORTED_EXTENSION}, ++ #else ++ {"TLSV1_UNSUPPORTED_EXTENSION", 20, 1110}, ++ #endif ++ #ifdef SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT ++ {"TLS_HEARTBEAT_PEER_DOESNT_ACCEPT", ERR_LIB_SSL, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT}, ++ #else ++ {"TLS_HEARTBEAT_PEER_DOESNT_ACCEPT", 20, 365}, ++ #endif ++ #ifdef SSL_R_TLS_HEARTBEAT_PENDING ++ {"TLS_HEARTBEAT_PENDING", ERR_LIB_SSL, SSL_R_TLS_HEARTBEAT_PENDING}, ++ #else ++ {"TLS_HEARTBEAT_PENDING", 20, 366}, ++ #endif ++ #ifdef SSL_R_TLS_ILLEGAL_EXPORTER_LABEL ++ {"TLS_ILLEGAL_EXPORTER_LABEL", ERR_LIB_SSL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL}, ++ #else ++ {"TLS_ILLEGAL_EXPORTER_LABEL", 20, 367}, ++ #endif ++ #ifdef SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST ++ {"TLS_INVALID_ECPOINTFORMAT_LIST", ERR_LIB_SSL, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST}, ++ #else ++ {"TLS_INVALID_ECPOINTFORMAT_LIST", 20, 157}, ++ #endif ++ #ifdef SSL_R_TOO_MANY_KEY_UPDATES ++ {"TOO_MANY_KEY_UPDATES", ERR_LIB_SSL, SSL_R_TOO_MANY_KEY_UPDATES}, ++ #else ++ {"TOO_MANY_KEY_UPDATES", 20, 132}, ++ #endif ++ #ifdef SSL_R_TOO_MANY_WARN_ALERTS ++ {"TOO_MANY_WARN_ALERTS", ERR_LIB_SSL, SSL_R_TOO_MANY_WARN_ALERTS}, ++ #else ++ {"TOO_MANY_WARN_ALERTS", 20, 409}, ++ #endif ++ #ifdef SSL_R_TOO_MUCH_EARLY_DATA ++ {"TOO_MUCH_EARLY_DATA", ERR_LIB_SSL, SSL_R_TOO_MUCH_EARLY_DATA}, ++ #else ++ {"TOO_MUCH_EARLY_DATA", 20, 164}, ++ #endif ++ #ifdef SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS ++ {"UNABLE_TO_FIND_ECDH_PARAMETERS", ERR_LIB_SSL, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS}, ++ #else ++ {"UNABLE_TO_FIND_ECDH_PARAMETERS", 20, 314}, ++ #endif ++ #ifdef SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS ++ {"UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS", ERR_LIB_SSL, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS}, ++ #else ++ {"UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS", 20, 239}, ++ #endif ++ #ifdef SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ++ {"UNABLE_TO_LOAD_SSL3_MD5_ROUTINES", ERR_LIB_SSL, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES}, ++ #else ++ {"UNABLE_TO_LOAD_SSL3_MD5_ROUTINES", 20, 242}, ++ #endif ++ #ifdef SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ++ {"UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES", ERR_LIB_SSL, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES}, ++ #else ++ {"UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES", 20, 243}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_CCS_MESSAGE ++ {"UNEXPECTED_CCS_MESSAGE", ERR_LIB_SSL, SSL_R_UNEXPECTED_CCS_MESSAGE}, ++ #else ++ {"UNEXPECTED_CCS_MESSAGE", 20, 262}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_END_OF_EARLY_DATA ++ {"UNEXPECTED_END_OF_EARLY_DATA", ERR_LIB_SSL, SSL_R_UNEXPECTED_END_OF_EARLY_DATA}, ++ #else ++ {"UNEXPECTED_END_OF_EARLY_DATA", 20, 178}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_MESSAGE ++ {"UNEXPECTED_MESSAGE", ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE}, ++ #else ++ {"UNEXPECTED_MESSAGE", 20, 244}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_RECORD ++ {"UNEXPECTED_RECORD", ERR_LIB_SSL, SSL_R_UNEXPECTED_RECORD}, ++ #else ++ {"UNEXPECTED_RECORD", 20, 245}, ++ #endif ++ #ifdef SSL_R_UNINITIALIZED ++ {"UNINITIALIZED", ERR_LIB_SSL, SSL_R_UNINITIALIZED}, ++ #else ++ {"UNINITIALIZED", 20, 276}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_ALERT_TYPE ++ {"UNKNOWN_ALERT_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_ALERT_TYPE}, ++ #else ++ {"UNKNOWN_ALERT_TYPE", 20, 246}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_CERTIFICATE_TYPE ++ {"UNKNOWN_CERTIFICATE_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE}, ++ #else ++ {"UNKNOWN_CERTIFICATE_TYPE", 20, 247}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_CIPHER_RETURNED ++ {"UNKNOWN_CIPHER_RETURNED", ERR_LIB_SSL, SSL_R_UNKNOWN_CIPHER_RETURNED}, ++ #else ++ {"UNKNOWN_CIPHER_RETURNED", 20, 248}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_CIPHER_TYPE ++ {"UNKNOWN_CIPHER_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_CIPHER_TYPE}, ++ #else ++ {"UNKNOWN_CIPHER_TYPE", 20, 249}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_CMD_NAME ++ {"UNKNOWN_CMD_NAME", ERR_LIB_SSL, SSL_R_UNKNOWN_CMD_NAME}, ++ #else ++ {"UNKNOWN_CMD_NAME", 20, 386}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_COMMAND ++ {"UNKNOWN_COMMAND", ERR_LIB_SSL, SSL_R_UNKNOWN_COMMAND}, ++ #else ++ {"UNKNOWN_COMMAND", 20, 139}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_DIGEST ++ {"UNKNOWN_DIGEST", ERR_LIB_SSL, SSL_R_UNKNOWN_DIGEST}, ++ #else ++ {"UNKNOWN_DIGEST", 20, 368}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ++ {"UNKNOWN_KEY_EXCHANGE_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE}, ++ #else ++ {"UNKNOWN_KEY_EXCHANGE_TYPE", 20, 250}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_PKEY_TYPE ++ {"UNKNOWN_PKEY_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_PKEY_TYPE}, ++ #else ++ {"UNKNOWN_PKEY_TYPE", 20, 251}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_PROTOCOL ++ {"UNKNOWN_PROTOCOL", ERR_LIB_SSL, SSL_R_UNKNOWN_PROTOCOL}, ++ #else ++ {"UNKNOWN_PROTOCOL", 20, 252}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_SSL_VERSION ++ {"UNKNOWN_SSL_VERSION", ERR_LIB_SSL, SSL_R_UNKNOWN_SSL_VERSION}, ++ #else ++ {"UNKNOWN_SSL_VERSION", 20, 254}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_STATE ++ {"UNKNOWN_STATE", ERR_LIB_SSL, SSL_R_UNKNOWN_STATE}, ++ #else ++ {"UNKNOWN_STATE", 20, 255}, ++ #endif ++ #ifdef SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED ++ {"UNSAFE_LEGACY_RENEGOTIATION_DISABLED", ERR_LIB_SSL, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED}, ++ #else ++ {"UNSAFE_LEGACY_RENEGOTIATION_DISABLED", 20, 338}, ++ #endif ++ #ifdef SSL_R_UNSOLICITED_EXTENSION ++ {"UNSOLICITED_EXTENSION", ERR_LIB_SSL, SSL_R_UNSOLICITED_EXTENSION}, ++ #else ++ {"UNSOLICITED_EXTENSION", 20, 217}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ++ {"UNSUPPORTED_COMPRESSION_ALGORITHM", ERR_LIB_SSL, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_COMPRESSION_ALGORITHM", 20, 257}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_ELLIPTIC_CURVE ++ {"UNSUPPORTED_ELLIPTIC_CURVE", ERR_LIB_SSL, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE}, ++ #else ++ {"UNSUPPORTED_ELLIPTIC_CURVE", 20, 315}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_PROTOCOL ++ {"UNSUPPORTED_PROTOCOL", ERR_LIB_SSL, SSL_R_UNSUPPORTED_PROTOCOL}, ++ #else ++ {"UNSUPPORTED_PROTOCOL", 20, 258}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_SSL_VERSION ++ {"UNSUPPORTED_SSL_VERSION", ERR_LIB_SSL, SSL_R_UNSUPPORTED_SSL_VERSION}, ++ #else ++ {"UNSUPPORTED_SSL_VERSION", 20, 259}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_STATUS_TYPE ++ {"UNSUPPORTED_STATUS_TYPE", ERR_LIB_SSL, SSL_R_UNSUPPORTED_STATUS_TYPE}, ++ #else ++ {"UNSUPPORTED_STATUS_TYPE", 20, 329}, ++ #endif ++ #ifdef SSL_R_USE_SRTP_NOT_NEGOTIATED ++ {"USE_SRTP_NOT_NEGOTIATED", ERR_LIB_SSL, SSL_R_USE_SRTP_NOT_NEGOTIATED}, ++ #else ++ {"USE_SRTP_NOT_NEGOTIATED", 20, 369}, ++ #endif ++ #ifdef SSL_R_VERSION_TOO_HIGH ++ {"VERSION_TOO_HIGH", ERR_LIB_SSL, SSL_R_VERSION_TOO_HIGH}, ++ #else ++ {"VERSION_TOO_HIGH", 20, 166}, ++ #endif ++ #ifdef SSL_R_VERSION_TOO_LOW ++ {"VERSION_TOO_LOW", ERR_LIB_SSL, SSL_R_VERSION_TOO_LOW}, ++ #else ++ {"VERSION_TOO_LOW", 20, 396}, ++ #endif ++ #ifdef SSL_R_WRONG_CERTIFICATE_TYPE ++ {"WRONG_CERTIFICATE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_CERTIFICATE_TYPE}, ++ #else ++ {"WRONG_CERTIFICATE_TYPE", 20, 383}, ++ #endif ++ #ifdef SSL_R_WRONG_CIPHER_RETURNED ++ {"WRONG_CIPHER_RETURNED", ERR_LIB_SSL, SSL_R_WRONG_CIPHER_RETURNED}, ++ #else ++ {"WRONG_CIPHER_RETURNED", 20, 261}, ++ #endif ++ #ifdef SSL_R_WRONG_CURVE ++ {"WRONG_CURVE", ERR_LIB_SSL, SSL_R_WRONG_CURVE}, ++ #else ++ {"WRONG_CURVE", 20, 378}, ++ #endif ++ #ifdef SSL_R_WRONG_SIGNATURE_LENGTH ++ {"WRONG_SIGNATURE_LENGTH", ERR_LIB_SSL, SSL_R_WRONG_SIGNATURE_LENGTH}, ++ #else ++ {"WRONG_SIGNATURE_LENGTH", 20, 264}, ++ #endif ++ #ifdef SSL_R_WRONG_SIGNATURE_SIZE ++ {"WRONG_SIGNATURE_SIZE", ERR_LIB_SSL, SSL_R_WRONG_SIGNATURE_SIZE}, ++ #else ++ {"WRONG_SIGNATURE_SIZE", 20, 265}, ++ #endif ++ #ifdef SSL_R_WRONG_SIGNATURE_TYPE ++ {"WRONG_SIGNATURE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_SIGNATURE_TYPE}, ++ #else ++ {"WRONG_SIGNATURE_TYPE", 20, 370}, ++ #endif ++ #ifdef SSL_R_WRONG_SSL_VERSION ++ {"WRONG_SSL_VERSION", ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION}, ++ #else ++ {"WRONG_SSL_VERSION", 20, 266}, ++ #endif ++ #ifdef SSL_R_WRONG_VERSION_NUMBER ++ {"WRONG_VERSION_NUMBER", ERR_LIB_SSL, SSL_R_WRONG_VERSION_NUMBER}, ++ #else ++ {"WRONG_VERSION_NUMBER", 20, 267}, ++ #endif ++ #ifdef SSL_R_X509_LIB ++ {"X509_LIB", ERR_LIB_SSL, SSL_R_X509_LIB}, ++ #else ++ {"X509_LIB", 20, 268}, ++ #endif ++ #ifdef SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ++ {"X509_VERIFICATION_SETUP_PROBLEMS", ERR_LIB_SSL, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS}, ++ #else ++ {"X509_VERIFICATION_SETUP_PROBLEMS", 20, 269}, ++ #endif ++ #ifdef TS_R_BAD_PKCS7_TYPE ++ {"BAD_PKCS7_TYPE", ERR_LIB_TS, TS_R_BAD_PKCS7_TYPE}, ++ #else ++ {"BAD_PKCS7_TYPE", 47, 132}, ++ #endif ++ #ifdef TS_R_BAD_TYPE ++ {"BAD_TYPE", ERR_LIB_TS, TS_R_BAD_TYPE}, ++ #else ++ {"BAD_TYPE", 47, 133}, ++ #endif ++ #ifdef TS_R_CANNOT_LOAD_CERT ++ {"CANNOT_LOAD_CERT", ERR_LIB_TS, TS_R_CANNOT_LOAD_CERT}, ++ #else ++ {"CANNOT_LOAD_CERT", 47, 137}, ++ #endif ++ #ifdef TS_R_CANNOT_LOAD_KEY ++ {"CANNOT_LOAD_KEY", ERR_LIB_TS, TS_R_CANNOT_LOAD_KEY}, ++ #else ++ {"CANNOT_LOAD_KEY", 47, 138}, ++ #endif ++ #ifdef TS_R_CERTIFICATE_VERIFY_ERROR ++ {"CERTIFICATE_VERIFY_ERROR", ERR_LIB_TS, TS_R_CERTIFICATE_VERIFY_ERROR}, ++ #else ++ {"CERTIFICATE_VERIFY_ERROR", 47, 100}, ++ #endif ++ #ifdef TS_R_COULD_NOT_SET_ENGINE ++ {"COULD_NOT_SET_ENGINE", ERR_LIB_TS, TS_R_COULD_NOT_SET_ENGINE}, ++ #else ++ {"COULD_NOT_SET_ENGINE", 47, 127}, ++ #endif ++ #ifdef TS_R_COULD_NOT_SET_TIME ++ {"COULD_NOT_SET_TIME", ERR_LIB_TS, TS_R_COULD_NOT_SET_TIME}, ++ #else ++ {"COULD_NOT_SET_TIME", 47, 115}, ++ #endif ++ #ifdef TS_R_DETACHED_CONTENT ++ {"DETACHED_CONTENT", ERR_LIB_TS, TS_R_DETACHED_CONTENT}, ++ #else ++ {"DETACHED_CONTENT", 47, 134}, ++ #endif ++ #ifdef TS_R_ESS_ADD_SIGNING_CERT_ERROR ++ {"ESS_ADD_SIGNING_CERT_ERROR", ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_ERROR}, ++ #else ++ {"ESS_ADD_SIGNING_CERT_ERROR", 47, 116}, ++ #endif ++ #ifdef TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR ++ {"ESS_ADD_SIGNING_CERT_V2_ERROR", ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR}, ++ #else ++ {"ESS_ADD_SIGNING_CERT_V2_ERROR", 47, 139}, ++ #endif ++ #ifdef TS_R_ESS_SIGNING_CERTIFICATE_ERROR ++ {"ESS_SIGNING_CERTIFICATE_ERROR", ERR_LIB_TS, TS_R_ESS_SIGNING_CERTIFICATE_ERROR}, ++ #else ++ {"ESS_SIGNING_CERTIFICATE_ERROR", 47, 101}, ++ #endif ++ #ifdef TS_R_INVALID_NULL_POINTER ++ {"INVALID_NULL_POINTER", ERR_LIB_TS, TS_R_INVALID_NULL_POINTER}, ++ #else ++ {"INVALID_NULL_POINTER", 47, 102}, ++ #endif ++ #ifdef TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE ++ {"INVALID_SIGNER_CERTIFICATE_PURPOSE", ERR_LIB_TS, TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE}, ++ #else ++ {"INVALID_SIGNER_CERTIFICATE_PURPOSE", 47, 117}, ++ #endif ++ #ifdef TS_R_MESSAGE_IMPRINT_MISMATCH ++ {"MESSAGE_IMPRINT_MISMATCH", ERR_LIB_TS, TS_R_MESSAGE_IMPRINT_MISMATCH}, ++ #else ++ {"MESSAGE_IMPRINT_MISMATCH", 47, 103}, ++ #endif ++ #ifdef TS_R_NONCE_MISMATCH ++ {"NONCE_MISMATCH", ERR_LIB_TS, TS_R_NONCE_MISMATCH}, ++ #else ++ {"NONCE_MISMATCH", 47, 104}, ++ #endif ++ #ifdef TS_R_NONCE_NOT_RETURNED ++ {"NONCE_NOT_RETURNED", ERR_LIB_TS, TS_R_NONCE_NOT_RETURNED}, ++ #else ++ {"NONCE_NOT_RETURNED", 47, 105}, ++ #endif ++ #ifdef TS_R_NO_CONTENT ++ {"NO_CONTENT", ERR_LIB_TS, TS_R_NO_CONTENT}, ++ #else ++ {"NO_CONTENT", 47, 106}, ++ #endif ++ #ifdef TS_R_NO_TIME_STAMP_TOKEN ++ {"NO_TIME_STAMP_TOKEN", ERR_LIB_TS, TS_R_NO_TIME_STAMP_TOKEN}, ++ #else ++ {"NO_TIME_STAMP_TOKEN", 47, 107}, ++ #endif ++ #ifdef TS_R_PKCS7_ADD_SIGNATURE_ERROR ++ {"PKCS7_ADD_SIGNATURE_ERROR", ERR_LIB_TS, TS_R_PKCS7_ADD_SIGNATURE_ERROR}, ++ #else ++ {"PKCS7_ADD_SIGNATURE_ERROR", 47, 118}, ++ #endif ++ #ifdef TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR ++ {"PKCS7_ADD_SIGNED_ATTR_ERROR", ERR_LIB_TS, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR}, ++ #else ++ {"PKCS7_ADD_SIGNED_ATTR_ERROR", 47, 119}, ++ #endif ++ #ifdef TS_R_PKCS7_TO_TS_TST_INFO_FAILED ++ {"PKCS7_TO_TS_TST_INFO_FAILED", ERR_LIB_TS, TS_R_PKCS7_TO_TS_TST_INFO_FAILED}, ++ #else ++ {"PKCS7_TO_TS_TST_INFO_FAILED", 47, 129}, ++ #endif ++ #ifdef TS_R_POLICY_MISMATCH ++ {"POLICY_MISMATCH", ERR_LIB_TS, TS_R_POLICY_MISMATCH}, ++ #else ++ {"POLICY_MISMATCH", 47, 108}, ++ #endif ++ #ifdef TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", ERR_LIB_TS, TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE}, ++ #else ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", 47, 120}, ++ #endif ++ #ifdef TS_R_RESPONSE_SETUP_ERROR ++ {"RESPONSE_SETUP_ERROR", ERR_LIB_TS, TS_R_RESPONSE_SETUP_ERROR}, ++ #else ++ {"RESPONSE_SETUP_ERROR", 47, 121}, ++ #endif ++ #ifdef TS_R_SIGNATURE_FAILURE ++ {"SIGNATURE_FAILURE", ERR_LIB_TS, TS_R_SIGNATURE_FAILURE}, ++ #else ++ {"SIGNATURE_FAILURE", 47, 109}, ++ #endif ++ #ifdef TS_R_THERE_MUST_BE_ONE_SIGNER ++ {"THERE_MUST_BE_ONE_SIGNER", ERR_LIB_TS, TS_R_THERE_MUST_BE_ONE_SIGNER}, ++ #else ++ {"THERE_MUST_BE_ONE_SIGNER", 47, 110}, ++ #endif ++ #ifdef TS_R_TIME_SYSCALL_ERROR ++ {"TIME_SYSCALL_ERROR", ERR_LIB_TS, TS_R_TIME_SYSCALL_ERROR}, ++ #else ++ {"TIME_SYSCALL_ERROR", 47, 122}, ++ #endif ++ #ifdef TS_R_TOKEN_NOT_PRESENT ++ {"TOKEN_NOT_PRESENT", ERR_LIB_TS, TS_R_TOKEN_NOT_PRESENT}, ++ #else ++ {"TOKEN_NOT_PRESENT", 47, 130}, ++ #endif ++ #ifdef TS_R_TOKEN_PRESENT ++ {"TOKEN_PRESENT", ERR_LIB_TS, TS_R_TOKEN_PRESENT}, ++ #else ++ {"TOKEN_PRESENT", 47, 131}, ++ #endif ++ #ifdef TS_R_TSA_NAME_MISMATCH ++ {"TSA_NAME_MISMATCH", ERR_LIB_TS, TS_R_TSA_NAME_MISMATCH}, ++ #else ++ {"TSA_NAME_MISMATCH", 47, 111}, ++ #endif ++ #ifdef TS_R_TSA_UNTRUSTED ++ {"TSA_UNTRUSTED", ERR_LIB_TS, TS_R_TSA_UNTRUSTED}, ++ #else ++ {"TSA_UNTRUSTED", 47, 112}, ++ #endif ++ #ifdef TS_R_TST_INFO_SETUP_ERROR ++ {"TST_INFO_SETUP_ERROR", ERR_LIB_TS, TS_R_TST_INFO_SETUP_ERROR}, ++ #else ++ {"TST_INFO_SETUP_ERROR", 47, 123}, ++ #endif ++ #ifdef TS_R_TS_DATASIGN ++ {"TS_DATASIGN", ERR_LIB_TS, TS_R_TS_DATASIGN}, ++ #else ++ {"TS_DATASIGN", 47, 124}, ++ #endif ++ #ifdef TS_R_UNACCEPTABLE_POLICY ++ {"UNACCEPTABLE_POLICY", ERR_LIB_TS, TS_R_UNACCEPTABLE_POLICY}, ++ #else ++ {"UNACCEPTABLE_POLICY", 47, 125}, ++ #endif ++ #ifdef TS_R_UNSUPPORTED_MD_ALGORITHM ++ {"UNSUPPORTED_MD_ALGORITHM", ERR_LIB_TS, TS_R_UNSUPPORTED_MD_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_MD_ALGORITHM", 47, 126}, ++ #endif ++ #ifdef TS_R_UNSUPPORTED_VERSION ++ {"UNSUPPORTED_VERSION", ERR_LIB_TS, TS_R_UNSUPPORTED_VERSION}, ++ #else ++ {"UNSUPPORTED_VERSION", 47, 113}, ++ #endif ++ #ifdef TS_R_VAR_BAD_VALUE ++ {"VAR_BAD_VALUE", ERR_LIB_TS, TS_R_VAR_BAD_VALUE}, ++ #else ++ {"VAR_BAD_VALUE", 47, 135}, ++ #endif ++ #ifdef TS_R_VAR_LOOKUP_FAILURE ++ {"VAR_LOOKUP_FAILURE", ERR_LIB_TS, TS_R_VAR_LOOKUP_FAILURE}, ++ #else ++ {"VAR_LOOKUP_FAILURE", 47, 136}, ++ #endif ++ #ifdef TS_R_WRONG_CONTENT_TYPE ++ {"WRONG_CONTENT_TYPE", ERR_LIB_TS, TS_R_WRONG_CONTENT_TYPE}, ++ #else ++ {"WRONG_CONTENT_TYPE", 47, 114}, ++ #endif ++ #ifdef UI_R_COMMON_OK_AND_CANCEL_CHARACTERS ++ {"COMMON_OK_AND_CANCEL_CHARACTERS", ERR_LIB_UI, UI_R_COMMON_OK_AND_CANCEL_CHARACTERS}, ++ #else ++ {"COMMON_OK_AND_CANCEL_CHARACTERS", 40, 104}, ++ #endif ++ #ifdef UI_R_INDEX_TOO_LARGE ++ {"INDEX_TOO_LARGE", ERR_LIB_UI, UI_R_INDEX_TOO_LARGE}, ++ #else ++ {"INDEX_TOO_LARGE", 40, 102}, ++ #endif ++ #ifdef UI_R_INDEX_TOO_SMALL ++ {"INDEX_TOO_SMALL", ERR_LIB_UI, UI_R_INDEX_TOO_SMALL}, ++ #else ++ {"INDEX_TOO_SMALL", 40, 103}, ++ #endif ++ #ifdef UI_R_NO_RESULT_BUFFER ++ {"NO_RESULT_BUFFER", ERR_LIB_UI, UI_R_NO_RESULT_BUFFER}, ++ #else ++ {"NO_RESULT_BUFFER", 40, 105}, ++ #endif ++ #ifdef UI_R_PROCESSING_ERROR ++ {"PROCESSING_ERROR", ERR_LIB_UI, UI_R_PROCESSING_ERROR}, ++ #else ++ {"PROCESSING_ERROR", 40, 107}, ++ #endif ++ #ifdef UI_R_RESULT_TOO_LARGE ++ {"RESULT_TOO_LARGE", ERR_LIB_UI, UI_R_RESULT_TOO_LARGE}, ++ #else ++ {"RESULT_TOO_LARGE", 40, 100}, ++ #endif ++ #ifdef UI_R_RESULT_TOO_SMALL ++ {"RESULT_TOO_SMALL", ERR_LIB_UI, UI_R_RESULT_TOO_SMALL}, ++ #else ++ {"RESULT_TOO_SMALL", 40, 101}, ++ #endif ++ #ifdef UI_R_SYSASSIGN_ERROR ++ {"SYSASSIGN_ERROR", ERR_LIB_UI, UI_R_SYSASSIGN_ERROR}, ++ #else ++ {"SYSASSIGN_ERROR", 40, 109}, ++ #endif ++ #ifdef UI_R_SYSDASSGN_ERROR ++ {"SYSDASSGN_ERROR", ERR_LIB_UI, UI_R_SYSDASSGN_ERROR}, ++ #else ++ {"SYSDASSGN_ERROR", 40, 110}, ++ #endif ++ #ifdef UI_R_SYSQIOW_ERROR ++ {"SYSQIOW_ERROR", ERR_LIB_UI, UI_R_SYSQIOW_ERROR}, ++ #else ++ {"SYSQIOW_ERROR", 40, 111}, ++ #endif ++ #ifdef UI_R_UNKNOWN_CONTROL_COMMAND ++ {"UNKNOWN_CONTROL_COMMAND", ERR_LIB_UI, UI_R_UNKNOWN_CONTROL_COMMAND}, ++ #else ++ {"UNKNOWN_CONTROL_COMMAND", 40, 106}, ++ #endif ++ #ifdef UI_R_UNKNOWN_TTYGET_ERRNO_VALUE ++ {"UNKNOWN_TTYGET_ERRNO_VALUE", ERR_LIB_UI, UI_R_UNKNOWN_TTYGET_ERRNO_VALUE}, ++ #else ++ {"UNKNOWN_TTYGET_ERRNO_VALUE", 40, 108}, ++ #endif ++ #ifdef UI_R_USER_DATA_DUPLICATION_UNSUPPORTED ++ {"USER_DATA_DUPLICATION_UNSUPPORTED", ERR_LIB_UI, UI_R_USER_DATA_DUPLICATION_UNSUPPORTED}, ++ #else ++ {"USER_DATA_DUPLICATION_UNSUPPORTED", 40, 112}, ++ #endif ++ #ifdef X509V3_R_BAD_IP_ADDRESS ++ {"BAD_IP_ADDRESS", ERR_LIB_X509V3, X509V3_R_BAD_IP_ADDRESS}, ++ #else ++ {"BAD_IP_ADDRESS", 34, 118}, ++ #endif ++ #ifdef X509V3_R_BAD_OBJECT ++ {"BAD_OBJECT", ERR_LIB_X509V3, X509V3_R_BAD_OBJECT}, ++ #else ++ {"BAD_OBJECT", 34, 119}, ++ #endif ++ #ifdef X509V3_R_BN_DEC2BN_ERROR ++ {"BN_DEC2BN_ERROR", ERR_LIB_X509V3, X509V3_R_BN_DEC2BN_ERROR}, ++ #else ++ {"BN_DEC2BN_ERROR", 34, 100}, ++ #endif ++ #ifdef X509V3_R_BN_TO_ASN1_INTEGER_ERROR ++ {"BN_TO_ASN1_INTEGER_ERROR", ERR_LIB_X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR}, ++ #else ++ {"BN_TO_ASN1_INTEGER_ERROR", 34, 101}, ++ #endif ++ #ifdef X509V3_R_DIRNAME_ERROR ++ {"DIRNAME_ERROR", ERR_LIB_X509V3, X509V3_R_DIRNAME_ERROR}, ++ #else ++ {"DIRNAME_ERROR", 34, 149}, ++ #endif ++ #ifdef X509V3_R_DISTPOINT_ALREADY_SET ++ {"DISTPOINT_ALREADY_SET", ERR_LIB_X509V3, X509V3_R_DISTPOINT_ALREADY_SET}, ++ #else ++ {"DISTPOINT_ALREADY_SET", 34, 160}, ++ #endif ++ #ifdef X509V3_R_DUPLICATE_ZONE_ID ++ {"DUPLICATE_ZONE_ID", ERR_LIB_X509V3, X509V3_R_DUPLICATE_ZONE_ID}, ++ #else ++ {"DUPLICATE_ZONE_ID", 34, 133}, ++ #endif ++ #ifdef X509V3_R_ERROR_CONVERTING_ZONE ++ {"ERROR_CONVERTING_ZONE", ERR_LIB_X509V3, X509V3_R_ERROR_CONVERTING_ZONE}, ++ #else ++ {"ERROR_CONVERTING_ZONE", 34, 131}, ++ #endif ++ #ifdef X509V3_R_ERROR_CREATING_EXTENSION ++ {"ERROR_CREATING_EXTENSION", ERR_LIB_X509V3, X509V3_R_ERROR_CREATING_EXTENSION}, ++ #else ++ {"ERROR_CREATING_EXTENSION", 34, 144}, ++ #endif ++ #ifdef X509V3_R_ERROR_IN_EXTENSION ++ {"ERROR_IN_EXTENSION", ERR_LIB_X509V3, X509V3_R_ERROR_IN_EXTENSION}, ++ #else ++ {"ERROR_IN_EXTENSION", 34, 128}, ++ #endif ++ #ifdef X509V3_R_EXPECTED_A_SECTION_NAME ++ {"EXPECTED_A_SECTION_NAME", ERR_LIB_X509V3, X509V3_R_EXPECTED_A_SECTION_NAME}, ++ #else ++ {"EXPECTED_A_SECTION_NAME", 34, 137}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_EXISTS ++ {"EXTENSION_EXISTS", ERR_LIB_X509V3, X509V3_R_EXTENSION_EXISTS}, ++ #else ++ {"EXTENSION_EXISTS", 34, 145}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_NAME_ERROR ++ {"EXTENSION_NAME_ERROR", ERR_LIB_X509V3, X509V3_R_EXTENSION_NAME_ERROR}, ++ #else ++ {"EXTENSION_NAME_ERROR", 34, 115}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_NOT_FOUND ++ {"EXTENSION_NOT_FOUND", ERR_LIB_X509V3, X509V3_R_EXTENSION_NOT_FOUND}, ++ #else ++ {"EXTENSION_NOT_FOUND", 34, 102}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED ++ {"EXTENSION_SETTING_NOT_SUPPORTED", ERR_LIB_X509V3, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED}, ++ #else ++ {"EXTENSION_SETTING_NOT_SUPPORTED", 34, 103}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_VALUE_ERROR ++ {"EXTENSION_VALUE_ERROR", ERR_LIB_X509V3, X509V3_R_EXTENSION_VALUE_ERROR}, ++ #else ++ {"EXTENSION_VALUE_ERROR", 34, 116}, ++ #endif ++ #ifdef X509V3_R_ILLEGAL_EMPTY_EXTENSION ++ {"ILLEGAL_EMPTY_EXTENSION", ERR_LIB_X509V3, X509V3_R_ILLEGAL_EMPTY_EXTENSION}, ++ #else ++ {"ILLEGAL_EMPTY_EXTENSION", 34, 151}, ++ #endif ++ #ifdef X509V3_R_INCORRECT_POLICY_SYNTAX_TAG ++ {"INCORRECT_POLICY_SYNTAX_TAG", ERR_LIB_X509V3, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG}, ++ #else ++ {"INCORRECT_POLICY_SYNTAX_TAG", 34, 152}, ++ #endif ++ #ifdef X509V3_R_INVALID_ASNUMBER ++ {"INVALID_ASNUMBER", ERR_LIB_X509V3, X509V3_R_INVALID_ASNUMBER}, ++ #else ++ {"INVALID_ASNUMBER", 34, 162}, ++ #endif ++ #ifdef X509V3_R_INVALID_ASRANGE ++ {"INVALID_ASRANGE", ERR_LIB_X509V3, X509V3_R_INVALID_ASRANGE}, ++ #else ++ {"INVALID_ASRANGE", 34, 163}, ++ #endif ++ #ifdef X509V3_R_INVALID_BOOLEAN_STRING ++ {"INVALID_BOOLEAN_STRING", ERR_LIB_X509V3, X509V3_R_INVALID_BOOLEAN_STRING}, ++ #else ++ {"INVALID_BOOLEAN_STRING", 34, 104}, ++ #endif ++ #ifdef X509V3_R_INVALID_EXTENSION_STRING ++ {"INVALID_EXTENSION_STRING", ERR_LIB_X509V3, X509V3_R_INVALID_EXTENSION_STRING}, ++ #else ++ {"INVALID_EXTENSION_STRING", 34, 105}, ++ #endif ++ #ifdef X509V3_R_INVALID_INHERITANCE ++ {"INVALID_INHERITANCE", ERR_LIB_X509V3, X509V3_R_INVALID_INHERITANCE}, ++ #else ++ {"INVALID_INHERITANCE", 34, 165}, ++ #endif ++ #ifdef X509V3_R_INVALID_IPADDRESS ++ {"INVALID_IPADDRESS", ERR_LIB_X509V3, X509V3_R_INVALID_IPADDRESS}, ++ #else ++ {"INVALID_IPADDRESS", 34, 166}, ++ #endif ++ #ifdef X509V3_R_INVALID_MULTIPLE_RDNS ++ {"INVALID_MULTIPLE_RDNS", ERR_LIB_X509V3, X509V3_R_INVALID_MULTIPLE_RDNS}, ++ #else ++ {"INVALID_MULTIPLE_RDNS", 34, 161}, ++ #endif ++ #ifdef X509V3_R_INVALID_NAME ++ {"INVALID_NAME", ERR_LIB_X509V3, X509V3_R_INVALID_NAME}, ++ #else ++ {"INVALID_NAME", 34, 106}, ++ #endif ++ #ifdef X509V3_R_INVALID_NULL_ARGUMENT ++ {"INVALID_NULL_ARGUMENT", ERR_LIB_X509V3, X509V3_R_INVALID_NULL_ARGUMENT}, ++ #else ++ {"INVALID_NULL_ARGUMENT", 34, 107}, ++ #endif ++ #ifdef X509V3_R_INVALID_NULL_NAME ++ {"INVALID_NULL_NAME", ERR_LIB_X509V3, X509V3_R_INVALID_NULL_NAME}, ++ #else ++ {"INVALID_NULL_NAME", 34, 108}, ++ #endif ++ #ifdef X509V3_R_INVALID_NULL_VALUE ++ {"INVALID_NULL_VALUE", ERR_LIB_X509V3, X509V3_R_INVALID_NULL_VALUE}, ++ #else ++ {"INVALID_NULL_VALUE", 34, 109}, ++ #endif ++ #ifdef X509V3_R_INVALID_NUMBER ++ {"INVALID_NUMBER", ERR_LIB_X509V3, X509V3_R_INVALID_NUMBER}, ++ #else ++ {"INVALID_NUMBER", 34, 140}, ++ #endif ++ #ifdef X509V3_R_INVALID_NUMBERS ++ {"INVALID_NUMBERS", ERR_LIB_X509V3, X509V3_R_INVALID_NUMBERS}, ++ #else ++ {"INVALID_NUMBERS", 34, 141}, ++ #endif ++ #ifdef X509V3_R_INVALID_OBJECT_IDENTIFIER ++ {"INVALID_OBJECT_IDENTIFIER", ERR_LIB_X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER}, ++ #else ++ {"INVALID_OBJECT_IDENTIFIER", 34, 110}, ++ #endif ++ #ifdef X509V3_R_INVALID_OPTION ++ {"INVALID_OPTION", ERR_LIB_X509V3, X509V3_R_INVALID_OPTION}, ++ #else ++ {"INVALID_OPTION", 34, 138}, ++ #endif ++ #ifdef X509V3_R_INVALID_POLICY_IDENTIFIER ++ {"INVALID_POLICY_IDENTIFIER", ERR_LIB_X509V3, X509V3_R_INVALID_POLICY_IDENTIFIER}, ++ #else ++ {"INVALID_POLICY_IDENTIFIER", 34, 134}, ++ #endif ++ #ifdef X509V3_R_INVALID_PROXY_POLICY_SETTING ++ {"INVALID_PROXY_POLICY_SETTING", ERR_LIB_X509V3, X509V3_R_INVALID_PROXY_POLICY_SETTING}, ++ #else ++ {"INVALID_PROXY_POLICY_SETTING", 34, 153}, ++ #endif ++ #ifdef X509V3_R_INVALID_PURPOSE ++ {"INVALID_PURPOSE", ERR_LIB_X509V3, X509V3_R_INVALID_PURPOSE}, ++ #else ++ {"INVALID_PURPOSE", 34, 146}, ++ #endif ++ #ifdef X509V3_R_INVALID_SAFI ++ {"INVALID_SAFI", ERR_LIB_X509V3, X509V3_R_INVALID_SAFI}, ++ #else ++ {"INVALID_SAFI", 34, 164}, ++ #endif ++ #ifdef X509V3_R_INVALID_SECTION ++ {"INVALID_SECTION", ERR_LIB_X509V3, X509V3_R_INVALID_SECTION}, ++ #else ++ {"INVALID_SECTION", 34, 135}, ++ #endif ++ #ifdef X509V3_R_INVALID_SYNTAX ++ {"INVALID_SYNTAX", ERR_LIB_X509V3, X509V3_R_INVALID_SYNTAX}, ++ #else ++ {"INVALID_SYNTAX", 34, 143}, ++ #endif ++ #ifdef X509V3_R_ISSUER_DECODE_ERROR ++ {"ISSUER_DECODE_ERROR", ERR_LIB_X509V3, X509V3_R_ISSUER_DECODE_ERROR}, ++ #else ++ {"ISSUER_DECODE_ERROR", 34, 126}, ++ #endif ++ #ifdef X509V3_R_MISSING_VALUE ++ {"MISSING_VALUE", ERR_LIB_X509V3, X509V3_R_MISSING_VALUE}, ++ #else ++ {"MISSING_VALUE", 34, 124}, ++ #endif ++ #ifdef X509V3_R_NEED_ORGANIZATION_AND_NUMBERS ++ {"NEED_ORGANIZATION_AND_NUMBERS", ERR_LIB_X509V3, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS}, ++ #else ++ {"NEED_ORGANIZATION_AND_NUMBERS", 34, 142}, ++ #endif ++ #ifdef X509V3_R_NO_CONFIG_DATABASE ++ {"NO_CONFIG_DATABASE", ERR_LIB_X509V3, X509V3_R_NO_CONFIG_DATABASE}, ++ #else ++ {"NO_CONFIG_DATABASE", 34, 136}, ++ #endif ++ #ifdef X509V3_R_NO_ISSUER_CERTIFICATE ++ {"NO_ISSUER_CERTIFICATE", ERR_LIB_X509V3, X509V3_R_NO_ISSUER_CERTIFICATE}, ++ #else ++ {"NO_ISSUER_CERTIFICATE", 34, 121}, ++ #endif ++ #ifdef X509V3_R_NO_ISSUER_DETAILS ++ {"NO_ISSUER_DETAILS", ERR_LIB_X509V3, X509V3_R_NO_ISSUER_DETAILS}, ++ #else ++ {"NO_ISSUER_DETAILS", 34, 127}, ++ #endif ++ #ifdef X509V3_R_NO_POLICY_IDENTIFIER ++ {"NO_POLICY_IDENTIFIER", ERR_LIB_X509V3, X509V3_R_NO_POLICY_IDENTIFIER}, ++ #else ++ {"NO_POLICY_IDENTIFIER", 34, 139}, ++ #endif ++ #ifdef X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED ++ {"NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED", ERR_LIB_X509V3, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED}, ++ #else ++ {"NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED", 34, 154}, ++ #endif ++ #ifdef X509V3_R_NO_PUBLIC_KEY ++ {"NO_PUBLIC_KEY", ERR_LIB_X509V3, X509V3_R_NO_PUBLIC_KEY}, ++ #else ++ {"NO_PUBLIC_KEY", 34, 114}, ++ #endif ++ #ifdef X509V3_R_NO_SUBJECT_DETAILS ++ {"NO_SUBJECT_DETAILS", ERR_LIB_X509V3, X509V3_R_NO_SUBJECT_DETAILS}, ++ #else ++ {"NO_SUBJECT_DETAILS", 34, 125}, ++ #endif ++ #ifdef X509V3_R_OPERATION_NOT_DEFINED ++ {"OPERATION_NOT_DEFINED", ERR_LIB_X509V3, X509V3_R_OPERATION_NOT_DEFINED}, ++ #else ++ {"OPERATION_NOT_DEFINED", 34, 148}, ++ #endif ++ #ifdef X509V3_R_OTHERNAME_ERROR ++ {"OTHERNAME_ERROR", ERR_LIB_X509V3, X509V3_R_OTHERNAME_ERROR}, ++ #else ++ {"OTHERNAME_ERROR", 34, 147}, ++ #endif ++ #ifdef X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED ++ {"POLICY_LANGUAGE_ALREADY_DEFINED", ERR_LIB_X509V3, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED}, ++ #else ++ {"POLICY_LANGUAGE_ALREADY_DEFINED", 34, 155}, ++ #endif ++ #ifdef X509V3_R_POLICY_PATH_LENGTH ++ {"POLICY_PATH_LENGTH", ERR_LIB_X509V3, X509V3_R_POLICY_PATH_LENGTH}, ++ #else ++ {"POLICY_PATH_LENGTH", 34, 156}, ++ #endif ++ #ifdef X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED ++ {"POLICY_PATH_LENGTH_ALREADY_DEFINED", ERR_LIB_X509V3, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED}, ++ #else ++ {"POLICY_PATH_LENGTH_ALREADY_DEFINED", 34, 157}, ++ #endif ++ #ifdef X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY ++ {"POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY", ERR_LIB_X509V3, X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY}, ++ #else ++ {"POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY", 34, 159}, ++ #endif ++ #ifdef X509V3_R_SECTION_NOT_FOUND ++ {"SECTION_NOT_FOUND", ERR_LIB_X509V3, X509V3_R_SECTION_NOT_FOUND}, ++ #else ++ {"SECTION_NOT_FOUND", 34, 150}, ++ #endif ++ #ifdef X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ++ {"UNABLE_TO_GET_ISSUER_DETAILS", ERR_LIB_X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS}, ++ #else ++ {"UNABLE_TO_GET_ISSUER_DETAILS", 34, 122}, ++ #endif ++ #ifdef X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ++ {"UNABLE_TO_GET_ISSUER_KEYID", ERR_LIB_X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID}, ++ #else ++ {"UNABLE_TO_GET_ISSUER_KEYID", 34, 123}, ++ #endif ++ #ifdef X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ++ {"UNKNOWN_BIT_STRING_ARGUMENT", ERR_LIB_X509V3, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT}, ++ #else ++ {"UNKNOWN_BIT_STRING_ARGUMENT", 34, 111}, ++ #endif ++ #ifdef X509V3_R_UNKNOWN_EXTENSION ++ {"UNKNOWN_EXTENSION", ERR_LIB_X509V3, X509V3_R_UNKNOWN_EXTENSION}, ++ #else ++ {"UNKNOWN_EXTENSION", 34, 129}, ++ #endif ++ #ifdef X509V3_R_UNKNOWN_EXTENSION_NAME ++ {"UNKNOWN_EXTENSION_NAME", ERR_LIB_X509V3, X509V3_R_UNKNOWN_EXTENSION_NAME}, ++ #else ++ {"UNKNOWN_EXTENSION_NAME", 34, 130}, ++ #endif ++ #ifdef X509V3_R_UNKNOWN_OPTION ++ {"UNKNOWN_OPTION", ERR_LIB_X509V3, X509V3_R_UNKNOWN_OPTION}, ++ #else ++ {"UNKNOWN_OPTION", 34, 120}, ++ #endif ++ #ifdef X509V3_R_UNSUPPORTED_OPTION ++ {"UNSUPPORTED_OPTION", ERR_LIB_X509V3, X509V3_R_UNSUPPORTED_OPTION}, ++ #else ++ {"UNSUPPORTED_OPTION", 34, 117}, ++ #endif ++ #ifdef X509V3_R_UNSUPPORTED_TYPE ++ {"UNSUPPORTED_TYPE", ERR_LIB_X509V3, X509V3_R_UNSUPPORTED_TYPE}, ++ #else ++ {"UNSUPPORTED_TYPE", 34, 167}, ++ #endif ++ #ifdef X509V3_R_USER_TOO_LONG ++ {"USER_TOO_LONG", ERR_LIB_X509V3, X509V3_R_USER_TOO_LONG}, ++ #else ++ {"USER_TOO_LONG", 34, 132}, ++ #endif ++ #ifdef X509_R_AKID_MISMATCH ++ {"AKID_MISMATCH", ERR_LIB_X509, X509_R_AKID_MISMATCH}, ++ #else ++ {"AKID_MISMATCH", 11, 110}, ++ #endif ++ #ifdef X509_R_BAD_SELECTOR ++ {"BAD_SELECTOR", ERR_LIB_X509, X509_R_BAD_SELECTOR}, ++ #else ++ {"BAD_SELECTOR", 11, 133}, ++ #endif ++ #ifdef X509_R_BAD_X509_FILETYPE ++ {"BAD_X509_FILETYPE", ERR_LIB_X509, X509_R_BAD_X509_FILETYPE}, ++ #else ++ {"BAD_X509_FILETYPE", 11, 100}, ++ #endif ++ #ifdef X509_R_BASE64_DECODE_ERROR ++ {"BASE64_DECODE_ERROR", ERR_LIB_X509, X509_R_BASE64_DECODE_ERROR}, ++ #else ++ {"BASE64_DECODE_ERROR", 11, 118}, ++ #endif ++ #ifdef X509_R_CANT_CHECK_DH_KEY ++ {"CANT_CHECK_DH_KEY", ERR_LIB_X509, X509_R_CANT_CHECK_DH_KEY}, ++ #else ++ {"CANT_CHECK_DH_KEY", 11, 114}, ++ #endif ++ #ifdef X509_R_CERT_ALREADY_IN_HASH_TABLE ++ {"CERT_ALREADY_IN_HASH_TABLE", ERR_LIB_X509, X509_R_CERT_ALREADY_IN_HASH_TABLE}, ++ #else ++ {"CERT_ALREADY_IN_HASH_TABLE", 11, 101}, ++ #endif ++ #ifdef X509_R_CRL_ALREADY_DELTA ++ {"CRL_ALREADY_DELTA", ERR_LIB_X509, X509_R_CRL_ALREADY_DELTA}, ++ #else ++ {"CRL_ALREADY_DELTA", 11, 127}, ++ #endif ++ #ifdef X509_R_CRL_VERIFY_FAILURE ++ {"CRL_VERIFY_FAILURE", ERR_LIB_X509, X509_R_CRL_VERIFY_FAILURE}, ++ #else ++ {"CRL_VERIFY_FAILURE", 11, 131}, ++ #endif ++ #ifdef X509_R_IDP_MISMATCH ++ {"IDP_MISMATCH", ERR_LIB_X509, X509_R_IDP_MISMATCH}, ++ #else ++ {"IDP_MISMATCH", 11, 128}, ++ #endif ++ #ifdef X509_R_INVALID_ATTRIBUTES ++ {"INVALID_ATTRIBUTES", ERR_LIB_X509, X509_R_INVALID_ATTRIBUTES}, ++ #else ++ {"INVALID_ATTRIBUTES", 11, 138}, ++ #endif ++ #ifdef X509_R_INVALID_DIRECTORY ++ {"INVALID_DIRECTORY", ERR_LIB_X509, X509_R_INVALID_DIRECTORY}, ++ #else ++ {"INVALID_DIRECTORY", 11, 113}, ++ #endif ++ #ifdef X509_R_INVALID_FIELD_NAME ++ {"INVALID_FIELD_NAME", ERR_LIB_X509, X509_R_INVALID_FIELD_NAME}, ++ #else ++ {"INVALID_FIELD_NAME", 11, 119}, ++ #endif ++ #ifdef X509_R_INVALID_TRUST ++ {"INVALID_TRUST", ERR_LIB_X509, X509_R_INVALID_TRUST}, ++ #else ++ {"INVALID_TRUST", 11, 123}, ++ #endif ++ #ifdef X509_R_ISSUER_MISMATCH ++ {"ISSUER_MISMATCH", ERR_LIB_X509, X509_R_ISSUER_MISMATCH}, ++ #else ++ {"ISSUER_MISMATCH", 11, 129}, ++ #endif ++ #ifdef X509_R_KEY_TYPE_MISMATCH ++ {"KEY_TYPE_MISMATCH", ERR_LIB_X509, X509_R_KEY_TYPE_MISMATCH}, ++ #else ++ {"KEY_TYPE_MISMATCH", 11, 115}, ++ #endif ++ #ifdef X509_R_KEY_VALUES_MISMATCH ++ {"KEY_VALUES_MISMATCH", ERR_LIB_X509, X509_R_KEY_VALUES_MISMATCH}, ++ #else ++ {"KEY_VALUES_MISMATCH", 11, 116}, ++ #endif ++ #ifdef X509_R_LOADING_CERT_DIR ++ {"LOADING_CERT_DIR", ERR_LIB_X509, X509_R_LOADING_CERT_DIR}, ++ #else ++ {"LOADING_CERT_DIR", 11, 103}, ++ #endif ++ #ifdef X509_R_LOADING_DEFAULTS ++ {"LOADING_DEFAULTS", ERR_LIB_X509, X509_R_LOADING_DEFAULTS}, ++ #else ++ {"LOADING_DEFAULTS", 11, 104}, ++ #endif ++ #ifdef X509_R_METHOD_NOT_SUPPORTED ++ {"METHOD_NOT_SUPPORTED", ERR_LIB_X509, X509_R_METHOD_NOT_SUPPORTED}, ++ #else ++ {"METHOD_NOT_SUPPORTED", 11, 124}, ++ #endif ++ #ifdef X509_R_NAME_TOO_LONG ++ {"NAME_TOO_LONG", ERR_LIB_X509, X509_R_NAME_TOO_LONG}, ++ #else ++ {"NAME_TOO_LONG", 11, 134}, ++ #endif ++ #ifdef X509_R_NEWER_CRL_NOT_NEWER ++ {"NEWER_CRL_NOT_NEWER", ERR_LIB_X509, X509_R_NEWER_CRL_NOT_NEWER}, ++ #else ++ {"NEWER_CRL_NOT_NEWER", 11, 132}, ++ #endif ++ #ifdef X509_R_NO_CERTIFICATE_FOUND ++ {"NO_CERTIFICATE_FOUND", ERR_LIB_X509, X509_R_NO_CERTIFICATE_FOUND}, ++ #else ++ {"NO_CERTIFICATE_FOUND", 11, 135}, ++ #endif ++ #ifdef X509_R_NO_CERTIFICATE_OR_CRL_FOUND ++ {"NO_CERTIFICATE_OR_CRL_FOUND", ERR_LIB_X509, X509_R_NO_CERTIFICATE_OR_CRL_FOUND}, ++ #else ++ {"NO_CERTIFICATE_OR_CRL_FOUND", 11, 136}, ++ #endif ++ #ifdef X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ++ {"NO_CERT_SET_FOR_US_TO_VERIFY", ERR_LIB_X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY}, ++ #else ++ {"NO_CERT_SET_FOR_US_TO_VERIFY", 11, 105}, ++ #endif ++ #ifdef X509_R_NO_CRL_FOUND ++ {"NO_CRL_FOUND", ERR_LIB_X509, X509_R_NO_CRL_FOUND}, ++ #else ++ {"NO_CRL_FOUND", 11, 137}, ++ #endif ++ #ifdef X509_R_NO_CRL_NUMBER ++ {"NO_CRL_NUMBER", ERR_LIB_X509, X509_R_NO_CRL_NUMBER}, ++ #else ++ {"NO_CRL_NUMBER", 11, 130}, ++ #endif ++ #ifdef X509_R_PUBLIC_KEY_DECODE_ERROR ++ {"PUBLIC_KEY_DECODE_ERROR", ERR_LIB_X509, X509_R_PUBLIC_KEY_DECODE_ERROR}, ++ #else ++ {"PUBLIC_KEY_DECODE_ERROR", 11, 125}, ++ #endif ++ #ifdef X509_R_PUBLIC_KEY_ENCODE_ERROR ++ {"PUBLIC_KEY_ENCODE_ERROR", ERR_LIB_X509, X509_R_PUBLIC_KEY_ENCODE_ERROR}, ++ #else ++ {"PUBLIC_KEY_ENCODE_ERROR", 11, 126}, ++ #endif ++ #ifdef X509_R_SHOULD_RETRY ++ {"SHOULD_RETRY", ERR_LIB_X509, X509_R_SHOULD_RETRY}, ++ #else ++ {"SHOULD_RETRY", 11, 106}, ++ #endif ++ #ifdef X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN ++ {"UNABLE_TO_FIND_PARAMETERS_IN_CHAIN", ERR_LIB_X509, X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN}, ++ #else ++ {"UNABLE_TO_FIND_PARAMETERS_IN_CHAIN", 11, 107}, ++ #endif ++ #ifdef X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ++ {"UNABLE_TO_GET_CERTS_PUBLIC_KEY", ERR_LIB_X509, X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY}, ++ #else ++ {"UNABLE_TO_GET_CERTS_PUBLIC_KEY", 11, 108}, ++ #endif ++ #ifdef X509_R_UNKNOWN_KEY_TYPE ++ {"UNKNOWN_KEY_TYPE", ERR_LIB_X509, X509_R_UNKNOWN_KEY_TYPE}, ++ #else ++ {"UNKNOWN_KEY_TYPE", 11, 117}, ++ #endif ++ #ifdef X509_R_UNKNOWN_NID ++ {"UNKNOWN_NID", ERR_LIB_X509, X509_R_UNKNOWN_NID}, ++ #else ++ {"UNKNOWN_NID", 11, 109}, ++ #endif ++ #ifdef X509_R_UNKNOWN_PURPOSE_ID ++ {"UNKNOWN_PURPOSE_ID", ERR_LIB_X509, X509_R_UNKNOWN_PURPOSE_ID}, ++ #else ++ {"UNKNOWN_PURPOSE_ID", 11, 121}, ++ #endif ++ #ifdef X509_R_UNKNOWN_TRUST_ID ++ {"UNKNOWN_TRUST_ID", ERR_LIB_X509, X509_R_UNKNOWN_TRUST_ID}, ++ #else ++ {"UNKNOWN_TRUST_ID", 11, 120}, ++ #endif ++ #ifdef X509_R_UNSUPPORTED_ALGORITHM ++ {"UNSUPPORTED_ALGORITHM", ERR_LIB_X509, X509_R_UNSUPPORTED_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_ALGORITHM", 11, 111}, ++ #endif ++ #ifdef X509_R_WRONG_LOOKUP_TYPE ++ {"WRONG_LOOKUP_TYPE", ERR_LIB_X509, X509_R_WRONG_LOOKUP_TYPE}, ++ #else ++ {"WRONG_LOOKUP_TYPE", 11, 112}, ++ #endif ++ #ifdef X509_R_WRONG_TYPE ++ {"WRONG_TYPE", ERR_LIB_X509, X509_R_WRONG_TYPE}, ++ #else ++ {"WRONG_TYPE", 11, 122}, ++ #endif ++ { NULL } ++}; ++ +diff --git a/Modules/_ssl_data_300.h b/Modules/_ssl_data_300.h +new file mode 100644 +index 0000000000..6be8b24ee1 +--- /dev/null ++++ b/Modules/_ssl_data_300.h +@@ -0,0 +1,8435 @@ ++/* File generated by Tools/ssl/make_ssl_data.py *//* Generated on 2021-04-09T09:44:43.288448 */ ++static struct py_ssl_library_code library_codes[] = { ++#ifdef ERR_LIB_ASN1 ++ {"ASN1", ERR_LIB_ASN1}, ++#endif ++#ifdef ERR_LIB_ASYNC ++ {"ASYNC", ERR_LIB_ASYNC}, ++#endif ++#ifdef ERR_LIB_BIO ++ {"BIO", ERR_LIB_BIO}, ++#endif ++#ifdef ERR_LIB_BN ++ {"BN", ERR_LIB_BN}, ++#endif ++#ifdef ERR_LIB_BUF ++ {"BUF", ERR_LIB_BUF}, ++#endif ++#ifdef ERR_LIB_CMP ++ {"CMP", ERR_LIB_CMP}, ++#endif ++#ifdef ERR_LIB_CMS ++ {"CMS", ERR_LIB_CMS}, ++#endif ++#ifdef ERR_LIB_COMP ++ {"COMP", ERR_LIB_COMP}, ++#endif ++#ifdef ERR_LIB_CONF ++ {"CONF", ERR_LIB_CONF}, ++#endif ++#ifdef ERR_LIB_CRMF ++ {"CRMF", ERR_LIB_CRMF}, ++#endif ++#ifdef ERR_LIB_CRYPTO ++ {"CRYPTO", ERR_LIB_CRYPTO}, ++#endif ++#ifdef ERR_LIB_CT ++ {"CT", ERR_LIB_CT}, ++#endif ++#ifdef ERR_LIB_DH ++ {"DH", ERR_LIB_DH}, ++#endif ++#ifdef ERR_LIB_DSA ++ {"DSA", ERR_LIB_DSA}, ++#endif ++#ifdef ERR_LIB_DSO ++ {"DSO", ERR_LIB_DSO}, ++#endif ++#ifdef ERR_LIB_EC ++ {"EC", ERR_LIB_EC}, ++#endif ++#ifdef ERR_LIB_ECDH ++ {"ECDH", ERR_LIB_ECDH}, ++#endif ++#ifdef ERR_LIB_ECDSA ++ {"ECDSA", ERR_LIB_ECDSA}, ++#endif ++#ifdef ERR_LIB_ENGINE ++ {"ENGINE", ERR_LIB_ENGINE}, ++#endif ++#ifdef ERR_LIB_ESS ++ {"ESS", ERR_LIB_ESS}, ++#endif ++#ifdef ERR_LIB_EVP ++ {"EVP", ERR_LIB_EVP}, ++#endif ++#ifdef ERR_LIB_FIPS ++ {"FIPS", ERR_LIB_FIPS}, ++#endif ++#ifdef ERR_LIB_HMAC ++ {"HMAC", ERR_LIB_HMAC}, ++#endif ++#ifdef ERR_LIB_HTTP ++ {"HTTP", ERR_LIB_HTTP}, ++#endif ++#ifdef ERR_LIB_JPAKE ++ {"JPAKE", ERR_LIB_JPAKE}, ++#endif ++#ifdef ERR_LIB_KDF ++ {"KDF", ERR_LIB_KDF}, ++#endif ++#ifdef ERR_LIB_MASK ++ {"MASK", ERR_LIB_MASK}, ++#endif ++#ifdef ERR_LIB_METH ++ {"METH", ERR_LIB_METH}, ++#endif ++#ifdef ERR_LIB_NONE ++ {"NONE", ERR_LIB_NONE}, ++#endif ++#ifdef ERR_LIB_OBJ ++ {"OBJ", ERR_LIB_OBJ}, ++#endif ++#ifdef ERR_LIB_OCSP ++ {"OCSP", ERR_LIB_OCSP}, ++#endif ++#ifdef ERR_LIB_OFFSET ++ {"OFFSET", ERR_LIB_OFFSET}, ++#endif ++#ifdef ERR_LIB_OSSL_DECODER ++ {"OSSL_DECODER", ERR_LIB_OSSL_DECODER}, ++#endif ++#ifdef ERR_LIB_OSSL_ENCODER ++ {"OSSL_ENCODER", ERR_LIB_OSSL_ENCODER}, ++#endif ++#ifdef ERR_LIB_OSSL_STORE ++ {"OSSL_STORE", ERR_LIB_OSSL_STORE}, ++#endif ++#ifdef ERR_LIB_PEM ++ {"PEM", ERR_LIB_PEM}, ++#endif ++#ifdef ERR_LIB_PKCS12 ++ {"PKCS12", ERR_LIB_PKCS12}, ++#endif ++#ifdef ERR_LIB_PKCS7 ++ {"PKCS7", ERR_LIB_PKCS7}, ++#endif ++#ifdef ERR_LIB_PROP ++ {"PROP", ERR_LIB_PROP}, ++#endif ++#ifdef ERR_LIB_PROV ++ {"PROV", ERR_LIB_PROV}, ++#endif ++#ifdef ERR_LIB_PROXY ++ {"PROXY", ERR_LIB_PROXY}, ++#endif ++#ifdef ERR_LIB_RAND ++ {"RAND", ERR_LIB_RAND}, ++#endif ++#ifdef ERR_LIB_RSA ++ {"RSA", ERR_LIB_RSA}, ++#endif ++#ifdef ERR_LIB_RSAREF ++ {"RSAREF", ERR_LIB_RSAREF}, ++#endif ++#ifdef ERR_LIB_SM2 ++ {"SM2", ERR_LIB_SM2}, ++#endif ++#ifdef ERR_LIB_SSL ++ {"SSL", ERR_LIB_SSL}, ++#endif ++#ifdef ERR_LIB_SSL2 ++ {"SSL2", ERR_LIB_SSL2}, ++#endif ++#ifdef ERR_LIB_SSL23 ++ {"SSL23", ERR_LIB_SSL23}, ++#endif ++#ifdef ERR_LIB_SSL3 ++ {"SSL3", ERR_LIB_SSL3}, ++#endif ++#ifdef ERR_LIB_SYS ++ {"SYS", ERR_LIB_SYS}, ++#endif ++#ifdef ERR_LIB_TS ++ {"TS", ERR_LIB_TS}, ++#endif ++#ifdef ERR_LIB_UI ++ {"UI", ERR_LIB_UI}, ++#endif ++#ifdef ERR_LIB_USER ++ {"USER", ERR_LIB_USER}, ++#endif ++#ifdef ERR_LIB_X509 ++ {"X509", ERR_LIB_X509}, ++#endif ++#ifdef ERR_LIB_X509V3 ++ {"X509V3", ERR_LIB_X509V3}, ++#endif ++ { NULL } ++}; ++ ++ ++static struct py_ssl_error_code error_codes[] = { ++ #ifdef ASN1_R_ADDING_OBJECT ++ {"ADDING_OBJECT", ERR_LIB_ASN1, ASN1_R_ADDING_OBJECT}, ++ #else ++ {"ADDING_OBJECT", 13, 171}, ++ #endif ++ #ifdef ASN1_R_ASN1_PARSE_ERROR ++ {"ASN1_PARSE_ERROR", ERR_LIB_ASN1, ASN1_R_ASN1_PARSE_ERROR}, ++ #else ++ {"ASN1_PARSE_ERROR", 13, 203}, ++ #endif ++ #ifdef ASN1_R_ASN1_SIG_PARSE_ERROR ++ {"ASN1_SIG_PARSE_ERROR", ERR_LIB_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR}, ++ #else ++ {"ASN1_SIG_PARSE_ERROR", 13, 204}, ++ #endif ++ #ifdef ASN1_R_AUX_ERROR ++ {"AUX_ERROR", ERR_LIB_ASN1, ASN1_R_AUX_ERROR}, ++ #else ++ {"AUX_ERROR", 13, 100}, ++ #endif ++ #ifdef ASN1_R_BAD_OBJECT_HEADER ++ {"BAD_OBJECT_HEADER", ERR_LIB_ASN1, ASN1_R_BAD_OBJECT_HEADER}, ++ #else ++ {"BAD_OBJECT_HEADER", 13, 102}, ++ #endif ++ #ifdef ASN1_R_BAD_TEMPLATE ++ {"BAD_TEMPLATE", ERR_LIB_ASN1, ASN1_R_BAD_TEMPLATE}, ++ #else ++ {"BAD_TEMPLATE", 13, 230}, ++ #endif ++ #ifdef ASN1_R_BMPSTRING_IS_WRONG_LENGTH ++ {"BMPSTRING_IS_WRONG_LENGTH", ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH}, ++ #else ++ {"BMPSTRING_IS_WRONG_LENGTH", 13, 214}, ++ #endif ++ #ifdef ASN1_R_BN_LIB ++ {"BN_LIB", ERR_LIB_ASN1, ASN1_R_BN_LIB}, ++ #else ++ {"BN_LIB", 13, 105}, ++ #endif ++ #ifdef ASN1_R_BOOLEAN_IS_WRONG_LENGTH ++ {"BOOLEAN_IS_WRONG_LENGTH", ERR_LIB_ASN1, ASN1_R_BOOLEAN_IS_WRONG_LENGTH}, ++ #else ++ {"BOOLEAN_IS_WRONG_LENGTH", 13, 106}, ++ #endif ++ #ifdef ASN1_R_BUFFER_TOO_SMALL ++ {"BUFFER_TOO_SMALL", ERR_LIB_ASN1, ASN1_R_BUFFER_TOO_SMALL}, ++ #else ++ {"BUFFER_TOO_SMALL", 13, 107}, ++ #endif ++ #ifdef ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ++ {"CIPHER_HAS_NO_OBJECT_IDENTIFIER", ERR_LIB_ASN1, ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER}, ++ #else ++ {"CIPHER_HAS_NO_OBJECT_IDENTIFIER", 13, 108}, ++ #endif ++ #ifdef ASN1_R_CONTEXT_NOT_INITIALISED ++ {"CONTEXT_NOT_INITIALISED", ERR_LIB_ASN1, ASN1_R_CONTEXT_NOT_INITIALISED}, ++ #else ++ {"CONTEXT_NOT_INITIALISED", 13, 217}, ++ #endif ++ #ifdef ASN1_R_DATA_IS_WRONG ++ {"DATA_IS_WRONG", ERR_LIB_ASN1, ASN1_R_DATA_IS_WRONG}, ++ #else ++ {"DATA_IS_WRONG", 13, 109}, ++ #endif ++ #ifdef ASN1_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_ASN1, ASN1_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 13, 110}, ++ #endif ++ #ifdef ASN1_R_DEPTH_EXCEEDED ++ {"DEPTH_EXCEEDED", ERR_LIB_ASN1, ASN1_R_DEPTH_EXCEEDED}, ++ #else ++ {"DEPTH_EXCEEDED", 13, 174}, ++ #endif ++ #ifdef ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED ++ {"DIGEST_AND_KEY_TYPE_NOT_SUPPORTED", ERR_LIB_ASN1, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED}, ++ #else ++ {"DIGEST_AND_KEY_TYPE_NOT_SUPPORTED", 13, 198}, ++ #endif ++ #ifdef ASN1_R_ENCODE_ERROR ++ {"ENCODE_ERROR", ERR_LIB_ASN1, ASN1_R_ENCODE_ERROR}, ++ #else ++ {"ENCODE_ERROR", 13, 112}, ++ #endif ++ #ifdef ASN1_R_ERROR_GETTING_TIME ++ {"ERROR_GETTING_TIME", ERR_LIB_ASN1, ASN1_R_ERROR_GETTING_TIME}, ++ #else ++ {"ERROR_GETTING_TIME", 13, 173}, ++ #endif ++ #ifdef ASN1_R_ERROR_LOADING_SECTION ++ {"ERROR_LOADING_SECTION", ERR_LIB_ASN1, ASN1_R_ERROR_LOADING_SECTION}, ++ #else ++ {"ERROR_LOADING_SECTION", 13, 172}, ++ #endif ++ #ifdef ASN1_R_ERROR_SETTING_CIPHER_PARAMS ++ {"ERROR_SETTING_CIPHER_PARAMS", ERR_LIB_ASN1, ASN1_R_ERROR_SETTING_CIPHER_PARAMS}, ++ #else ++ {"ERROR_SETTING_CIPHER_PARAMS", 13, 114}, ++ #endif ++ #ifdef ASN1_R_EXPECTING_AN_INTEGER ++ {"EXPECTING_AN_INTEGER", ERR_LIB_ASN1, ASN1_R_EXPECTING_AN_INTEGER}, ++ #else ++ {"EXPECTING_AN_INTEGER", 13, 115}, ++ #endif ++ #ifdef ASN1_R_EXPECTING_AN_OBJECT ++ {"EXPECTING_AN_OBJECT", ERR_LIB_ASN1, ASN1_R_EXPECTING_AN_OBJECT}, ++ #else ++ {"EXPECTING_AN_OBJECT", 13, 116}, ++ #endif ++ #ifdef ASN1_R_EXPLICIT_LENGTH_MISMATCH ++ {"EXPLICIT_LENGTH_MISMATCH", ERR_LIB_ASN1, ASN1_R_EXPLICIT_LENGTH_MISMATCH}, ++ #else ++ {"EXPLICIT_LENGTH_MISMATCH", 13, 119}, ++ #endif ++ #ifdef ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED ++ {"EXPLICIT_TAG_NOT_CONSTRUCTED", ERR_LIB_ASN1, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED}, ++ #else ++ {"EXPLICIT_TAG_NOT_CONSTRUCTED", 13, 120}, ++ #endif ++ #ifdef ASN1_R_FIELD_MISSING ++ {"FIELD_MISSING", ERR_LIB_ASN1, ASN1_R_FIELD_MISSING}, ++ #else ++ {"FIELD_MISSING", 13, 121}, ++ #endif ++ #ifdef ASN1_R_FIRST_NUM_TOO_LARGE ++ {"FIRST_NUM_TOO_LARGE", ERR_LIB_ASN1, ASN1_R_FIRST_NUM_TOO_LARGE}, ++ #else ++ {"FIRST_NUM_TOO_LARGE", 13, 122}, ++ #endif ++ #ifdef ASN1_R_HEADER_TOO_LONG ++ {"HEADER_TOO_LONG", ERR_LIB_ASN1, ASN1_R_HEADER_TOO_LONG}, ++ #else ++ {"HEADER_TOO_LONG", 13, 123}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_BITSTRING_FORMAT ++ {"ILLEGAL_BITSTRING_FORMAT", ERR_LIB_ASN1, ASN1_R_ILLEGAL_BITSTRING_FORMAT}, ++ #else ++ {"ILLEGAL_BITSTRING_FORMAT", 13, 175}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_BOOLEAN ++ {"ILLEGAL_BOOLEAN", ERR_LIB_ASN1, ASN1_R_ILLEGAL_BOOLEAN}, ++ #else ++ {"ILLEGAL_BOOLEAN", 13, 176}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_CHARACTERS ++ {"ILLEGAL_CHARACTERS", ERR_LIB_ASN1, ASN1_R_ILLEGAL_CHARACTERS}, ++ #else ++ {"ILLEGAL_CHARACTERS", 13, 124}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_FORMAT ++ {"ILLEGAL_FORMAT", ERR_LIB_ASN1, ASN1_R_ILLEGAL_FORMAT}, ++ #else ++ {"ILLEGAL_FORMAT", 13, 177}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_HEX ++ {"ILLEGAL_HEX", ERR_LIB_ASN1, ASN1_R_ILLEGAL_HEX}, ++ #else ++ {"ILLEGAL_HEX", 13, 178}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_IMPLICIT_TAG ++ {"ILLEGAL_IMPLICIT_TAG", ERR_LIB_ASN1, ASN1_R_ILLEGAL_IMPLICIT_TAG}, ++ #else ++ {"ILLEGAL_IMPLICIT_TAG", 13, 179}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_INTEGER ++ {"ILLEGAL_INTEGER", ERR_LIB_ASN1, ASN1_R_ILLEGAL_INTEGER}, ++ #else ++ {"ILLEGAL_INTEGER", 13, 180}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_NEGATIVE_VALUE ++ {"ILLEGAL_NEGATIVE_VALUE", ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE}, ++ #else ++ {"ILLEGAL_NEGATIVE_VALUE", 13, 226}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_NESTED_TAGGING ++ {"ILLEGAL_NESTED_TAGGING", ERR_LIB_ASN1, ASN1_R_ILLEGAL_NESTED_TAGGING}, ++ #else ++ {"ILLEGAL_NESTED_TAGGING", 13, 181}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_NULL ++ {"ILLEGAL_NULL", ERR_LIB_ASN1, ASN1_R_ILLEGAL_NULL}, ++ #else ++ {"ILLEGAL_NULL", 13, 125}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_NULL_VALUE ++ {"ILLEGAL_NULL_VALUE", ERR_LIB_ASN1, ASN1_R_ILLEGAL_NULL_VALUE}, ++ #else ++ {"ILLEGAL_NULL_VALUE", 13, 182}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_OBJECT ++ {"ILLEGAL_OBJECT", ERR_LIB_ASN1, ASN1_R_ILLEGAL_OBJECT}, ++ #else ++ {"ILLEGAL_OBJECT", 13, 183}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_OPTIONAL_ANY ++ {"ILLEGAL_OPTIONAL_ANY", ERR_LIB_ASN1, ASN1_R_ILLEGAL_OPTIONAL_ANY}, ++ #else ++ {"ILLEGAL_OPTIONAL_ANY", 13, 126}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE ++ {"ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE", ERR_LIB_ASN1, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE}, ++ #else ++ {"ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE", 13, 170}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_PADDING ++ {"ILLEGAL_PADDING", ERR_LIB_ASN1, ASN1_R_ILLEGAL_PADDING}, ++ #else ++ {"ILLEGAL_PADDING", 13, 221}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_TAGGED_ANY ++ {"ILLEGAL_TAGGED_ANY", ERR_LIB_ASN1, ASN1_R_ILLEGAL_TAGGED_ANY}, ++ #else ++ {"ILLEGAL_TAGGED_ANY", 13, 127}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_TIME_VALUE ++ {"ILLEGAL_TIME_VALUE", ERR_LIB_ASN1, ASN1_R_ILLEGAL_TIME_VALUE}, ++ #else ++ {"ILLEGAL_TIME_VALUE", 13, 184}, ++ #endif ++ #ifdef ASN1_R_ILLEGAL_ZERO_CONTENT ++ {"ILLEGAL_ZERO_CONTENT", ERR_LIB_ASN1, ASN1_R_ILLEGAL_ZERO_CONTENT}, ++ #else ++ {"ILLEGAL_ZERO_CONTENT", 13, 222}, ++ #endif ++ #ifdef ASN1_R_INTEGER_NOT_ASCII_FORMAT ++ {"INTEGER_NOT_ASCII_FORMAT", ERR_LIB_ASN1, ASN1_R_INTEGER_NOT_ASCII_FORMAT}, ++ #else ++ {"INTEGER_NOT_ASCII_FORMAT", 13, 185}, ++ #endif ++ #ifdef ASN1_R_INTEGER_TOO_LARGE_FOR_LONG ++ {"INTEGER_TOO_LARGE_FOR_LONG", ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG}, ++ #else ++ {"INTEGER_TOO_LARGE_FOR_LONG", 13, 128}, ++ #endif ++ #ifdef ASN1_R_INVALID_BIT_STRING_BITS_LEFT ++ {"INVALID_BIT_STRING_BITS_LEFT", ERR_LIB_ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT}, ++ #else ++ {"INVALID_BIT_STRING_BITS_LEFT", 13, 220}, ++ #endif ++ #ifdef ASN1_R_INVALID_BMPSTRING_LENGTH ++ {"INVALID_BMPSTRING_LENGTH", ERR_LIB_ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH}, ++ #else ++ {"INVALID_BMPSTRING_LENGTH", 13, 129}, ++ #endif ++ #ifdef ASN1_R_INVALID_DIGIT ++ {"INVALID_DIGIT", ERR_LIB_ASN1, ASN1_R_INVALID_DIGIT}, ++ #else ++ {"INVALID_DIGIT", 13, 130}, ++ #endif ++ #ifdef ASN1_R_INVALID_MIME_TYPE ++ {"INVALID_MIME_TYPE", ERR_LIB_ASN1, ASN1_R_INVALID_MIME_TYPE}, ++ #else ++ {"INVALID_MIME_TYPE", 13, 205}, ++ #endif ++ #ifdef ASN1_R_INVALID_MODIFIER ++ {"INVALID_MODIFIER", ERR_LIB_ASN1, ASN1_R_INVALID_MODIFIER}, ++ #else ++ {"INVALID_MODIFIER", 13, 186}, ++ #endif ++ #ifdef ASN1_R_INVALID_NUMBER ++ {"INVALID_NUMBER", ERR_LIB_ASN1, ASN1_R_INVALID_NUMBER}, ++ #else ++ {"INVALID_NUMBER", 13, 187}, ++ #endif ++ #ifdef ASN1_R_INVALID_OBJECT_ENCODING ++ {"INVALID_OBJECT_ENCODING", ERR_LIB_ASN1, ASN1_R_INVALID_OBJECT_ENCODING}, ++ #else ++ {"INVALID_OBJECT_ENCODING", 13, 216}, ++ #endif ++ #ifdef ASN1_R_INVALID_SCRYPT_PARAMETERS ++ {"INVALID_SCRYPT_PARAMETERS", ERR_LIB_ASN1, ASN1_R_INVALID_SCRYPT_PARAMETERS}, ++ #else ++ {"INVALID_SCRYPT_PARAMETERS", 13, 227}, ++ #endif ++ #ifdef ASN1_R_INVALID_SEPARATOR ++ {"INVALID_SEPARATOR", ERR_LIB_ASN1, ASN1_R_INVALID_SEPARATOR}, ++ #else ++ {"INVALID_SEPARATOR", 13, 131}, ++ #endif ++ #ifdef ASN1_R_INVALID_STRING_TABLE_VALUE ++ {"INVALID_STRING_TABLE_VALUE", ERR_LIB_ASN1, ASN1_R_INVALID_STRING_TABLE_VALUE}, ++ #else ++ {"INVALID_STRING_TABLE_VALUE", 13, 218}, ++ #endif ++ #ifdef ASN1_R_INVALID_UNIVERSALSTRING_LENGTH ++ {"INVALID_UNIVERSALSTRING_LENGTH", ERR_LIB_ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH}, ++ #else ++ {"INVALID_UNIVERSALSTRING_LENGTH", 13, 133}, ++ #endif ++ #ifdef ASN1_R_INVALID_UTF8STRING ++ {"INVALID_UTF8STRING", ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING}, ++ #else ++ {"INVALID_UTF8STRING", 13, 134}, ++ #endif ++ #ifdef ASN1_R_INVALID_VALUE ++ {"INVALID_VALUE", ERR_LIB_ASN1, ASN1_R_INVALID_VALUE}, ++ #else ++ {"INVALID_VALUE", 13, 219}, ++ #endif ++ #ifdef ASN1_R_LENGTH_TOO_LONG ++ {"LENGTH_TOO_LONG", ERR_LIB_ASN1, ASN1_R_LENGTH_TOO_LONG}, ++ #else ++ {"LENGTH_TOO_LONG", 13, 231}, ++ #endif ++ #ifdef ASN1_R_LIST_ERROR ++ {"LIST_ERROR", ERR_LIB_ASN1, ASN1_R_LIST_ERROR}, ++ #else ++ {"LIST_ERROR", 13, 188}, ++ #endif ++ #ifdef ASN1_R_MIME_NO_CONTENT_TYPE ++ {"MIME_NO_CONTENT_TYPE", ERR_LIB_ASN1, ASN1_R_MIME_NO_CONTENT_TYPE}, ++ #else ++ {"MIME_NO_CONTENT_TYPE", 13, 206}, ++ #endif ++ #ifdef ASN1_R_MIME_PARSE_ERROR ++ {"MIME_PARSE_ERROR", ERR_LIB_ASN1, ASN1_R_MIME_PARSE_ERROR}, ++ #else ++ {"MIME_PARSE_ERROR", 13, 207}, ++ #endif ++ #ifdef ASN1_R_MIME_SIG_PARSE_ERROR ++ {"MIME_SIG_PARSE_ERROR", ERR_LIB_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR}, ++ #else ++ {"MIME_SIG_PARSE_ERROR", 13, 208}, ++ #endif ++ #ifdef ASN1_R_MISSING_EOC ++ {"MISSING_EOC", ERR_LIB_ASN1, ASN1_R_MISSING_EOC}, ++ #else ++ {"MISSING_EOC", 13, 137}, ++ #endif ++ #ifdef ASN1_R_MISSING_SECOND_NUMBER ++ {"MISSING_SECOND_NUMBER", ERR_LIB_ASN1, ASN1_R_MISSING_SECOND_NUMBER}, ++ #else ++ {"MISSING_SECOND_NUMBER", 13, 138}, ++ #endif ++ #ifdef ASN1_R_MISSING_VALUE ++ {"MISSING_VALUE", ERR_LIB_ASN1, ASN1_R_MISSING_VALUE}, ++ #else ++ {"MISSING_VALUE", 13, 189}, ++ #endif ++ #ifdef ASN1_R_MSTRING_NOT_UNIVERSAL ++ {"MSTRING_NOT_UNIVERSAL", ERR_LIB_ASN1, ASN1_R_MSTRING_NOT_UNIVERSAL}, ++ #else ++ {"MSTRING_NOT_UNIVERSAL", 13, 139}, ++ #endif ++ #ifdef ASN1_R_MSTRING_WRONG_TAG ++ {"MSTRING_WRONG_TAG", ERR_LIB_ASN1, ASN1_R_MSTRING_WRONG_TAG}, ++ #else ++ {"MSTRING_WRONG_TAG", 13, 140}, ++ #endif ++ #ifdef ASN1_R_NESTED_ASN1_STRING ++ {"NESTED_ASN1_STRING", ERR_LIB_ASN1, ASN1_R_NESTED_ASN1_STRING}, ++ #else ++ {"NESTED_ASN1_STRING", 13, 197}, ++ #endif ++ #ifdef ASN1_R_NESTED_TOO_DEEP ++ {"NESTED_TOO_DEEP", ERR_LIB_ASN1, ASN1_R_NESTED_TOO_DEEP}, ++ #else ++ {"NESTED_TOO_DEEP", 13, 201}, ++ #endif ++ #ifdef ASN1_R_NON_HEX_CHARACTERS ++ {"NON_HEX_CHARACTERS", ERR_LIB_ASN1, ASN1_R_NON_HEX_CHARACTERS}, ++ #else ++ {"NON_HEX_CHARACTERS", 13, 141}, ++ #endif ++ #ifdef ASN1_R_NOT_ASCII_FORMAT ++ {"NOT_ASCII_FORMAT", ERR_LIB_ASN1, ASN1_R_NOT_ASCII_FORMAT}, ++ #else ++ {"NOT_ASCII_FORMAT", 13, 190}, ++ #endif ++ #ifdef ASN1_R_NOT_ENOUGH_DATA ++ {"NOT_ENOUGH_DATA", ERR_LIB_ASN1, ASN1_R_NOT_ENOUGH_DATA}, ++ #else ++ {"NOT_ENOUGH_DATA", 13, 142}, ++ #endif ++ #ifdef ASN1_R_NO_CONTENT_TYPE ++ {"NO_CONTENT_TYPE", ERR_LIB_ASN1, ASN1_R_NO_CONTENT_TYPE}, ++ #else ++ {"NO_CONTENT_TYPE", 13, 209}, ++ #endif ++ #ifdef ASN1_R_NO_MATCHING_CHOICE_TYPE ++ {"NO_MATCHING_CHOICE_TYPE", ERR_LIB_ASN1, ASN1_R_NO_MATCHING_CHOICE_TYPE}, ++ #else ++ {"NO_MATCHING_CHOICE_TYPE", 13, 143}, ++ #endif ++ #ifdef ASN1_R_NO_MULTIPART_BODY_FAILURE ++ {"NO_MULTIPART_BODY_FAILURE", ERR_LIB_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE}, ++ #else ++ {"NO_MULTIPART_BODY_FAILURE", 13, 210}, ++ #endif ++ #ifdef ASN1_R_NO_MULTIPART_BOUNDARY ++ {"NO_MULTIPART_BOUNDARY", ERR_LIB_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY}, ++ #else ++ {"NO_MULTIPART_BOUNDARY", 13, 211}, ++ #endif ++ #ifdef ASN1_R_NO_SIG_CONTENT_TYPE ++ {"NO_SIG_CONTENT_TYPE", ERR_LIB_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE}, ++ #else ++ {"NO_SIG_CONTENT_TYPE", 13, 212}, ++ #endif ++ #ifdef ASN1_R_NULL_IS_WRONG_LENGTH ++ {"NULL_IS_WRONG_LENGTH", ERR_LIB_ASN1, ASN1_R_NULL_IS_WRONG_LENGTH}, ++ #else ++ {"NULL_IS_WRONG_LENGTH", 13, 144}, ++ #endif ++ #ifdef ASN1_R_OBJECT_NOT_ASCII_FORMAT ++ {"OBJECT_NOT_ASCII_FORMAT", ERR_LIB_ASN1, ASN1_R_OBJECT_NOT_ASCII_FORMAT}, ++ #else ++ {"OBJECT_NOT_ASCII_FORMAT", 13, 191}, ++ #endif ++ #ifdef ASN1_R_ODD_NUMBER_OF_CHARS ++ {"ODD_NUMBER_OF_CHARS", ERR_LIB_ASN1, ASN1_R_ODD_NUMBER_OF_CHARS}, ++ #else ++ {"ODD_NUMBER_OF_CHARS", 13, 145}, ++ #endif ++ #ifdef ASN1_R_SECOND_NUMBER_TOO_LARGE ++ {"SECOND_NUMBER_TOO_LARGE", ERR_LIB_ASN1, ASN1_R_SECOND_NUMBER_TOO_LARGE}, ++ #else ++ {"SECOND_NUMBER_TOO_LARGE", 13, 147}, ++ #endif ++ #ifdef ASN1_R_SEQUENCE_LENGTH_MISMATCH ++ {"SEQUENCE_LENGTH_MISMATCH", ERR_LIB_ASN1, ASN1_R_SEQUENCE_LENGTH_MISMATCH}, ++ #else ++ {"SEQUENCE_LENGTH_MISMATCH", 13, 148}, ++ #endif ++ #ifdef ASN1_R_SEQUENCE_NOT_CONSTRUCTED ++ {"SEQUENCE_NOT_CONSTRUCTED", ERR_LIB_ASN1, ASN1_R_SEQUENCE_NOT_CONSTRUCTED}, ++ #else ++ {"SEQUENCE_NOT_CONSTRUCTED", 13, 149}, ++ #endif ++ #ifdef ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG ++ {"SEQUENCE_OR_SET_NEEDS_CONFIG", ERR_LIB_ASN1, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG}, ++ #else ++ {"SEQUENCE_OR_SET_NEEDS_CONFIG", 13, 192}, ++ #endif ++ #ifdef ASN1_R_SHORT_LINE ++ {"SHORT_LINE", ERR_LIB_ASN1, ASN1_R_SHORT_LINE}, ++ #else ++ {"SHORT_LINE", 13, 150}, ++ #endif ++ #ifdef ASN1_R_SIG_INVALID_MIME_TYPE ++ {"SIG_INVALID_MIME_TYPE", ERR_LIB_ASN1, ASN1_R_SIG_INVALID_MIME_TYPE}, ++ #else ++ {"SIG_INVALID_MIME_TYPE", 13, 213}, ++ #endif ++ #ifdef ASN1_R_STREAMING_NOT_SUPPORTED ++ {"STREAMING_NOT_SUPPORTED", ERR_LIB_ASN1, ASN1_R_STREAMING_NOT_SUPPORTED}, ++ #else ++ {"STREAMING_NOT_SUPPORTED", 13, 202}, ++ #endif ++ #ifdef ASN1_R_STRING_TOO_LONG ++ {"STRING_TOO_LONG", ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG}, ++ #else ++ {"STRING_TOO_LONG", 13, 151}, ++ #endif ++ #ifdef ASN1_R_STRING_TOO_SHORT ++ {"STRING_TOO_SHORT", ERR_LIB_ASN1, ASN1_R_STRING_TOO_SHORT}, ++ #else ++ {"STRING_TOO_SHORT", 13, 152}, ++ #endif ++ #ifdef ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD ++ {"THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", ERR_LIB_ASN1, ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD}, ++ #else ++ {"THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", 13, 154}, ++ #endif ++ #ifdef ASN1_R_TIME_NOT_ASCII_FORMAT ++ {"TIME_NOT_ASCII_FORMAT", ERR_LIB_ASN1, ASN1_R_TIME_NOT_ASCII_FORMAT}, ++ #else ++ {"TIME_NOT_ASCII_FORMAT", 13, 193}, ++ #endif ++ #ifdef ASN1_R_TOO_LARGE ++ {"TOO_LARGE", ERR_LIB_ASN1, ASN1_R_TOO_LARGE}, ++ #else ++ {"TOO_LARGE", 13, 223}, ++ #endif ++ #ifdef ASN1_R_TOO_LONG ++ {"TOO_LONG", ERR_LIB_ASN1, ASN1_R_TOO_LONG}, ++ #else ++ {"TOO_LONG", 13, 155}, ++ #endif ++ #ifdef ASN1_R_TOO_SMALL ++ {"TOO_SMALL", ERR_LIB_ASN1, ASN1_R_TOO_SMALL}, ++ #else ++ {"TOO_SMALL", 13, 224}, ++ #endif ++ #ifdef ASN1_R_TYPE_NOT_CONSTRUCTED ++ {"TYPE_NOT_CONSTRUCTED", ERR_LIB_ASN1, ASN1_R_TYPE_NOT_CONSTRUCTED}, ++ #else ++ {"TYPE_NOT_CONSTRUCTED", 13, 156}, ++ #endif ++ #ifdef ASN1_R_TYPE_NOT_PRIMITIVE ++ {"TYPE_NOT_PRIMITIVE", ERR_LIB_ASN1, ASN1_R_TYPE_NOT_PRIMITIVE}, ++ #else ++ {"TYPE_NOT_PRIMITIVE", 13, 195}, ++ #endif ++ #ifdef ASN1_R_UNEXPECTED_EOC ++ {"UNEXPECTED_EOC", ERR_LIB_ASN1, ASN1_R_UNEXPECTED_EOC}, ++ #else ++ {"UNEXPECTED_EOC", 13, 159}, ++ #endif ++ #ifdef ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH ++ {"UNIVERSALSTRING_IS_WRONG_LENGTH", ERR_LIB_ASN1, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH}, ++ #else ++ {"UNIVERSALSTRING_IS_WRONG_LENGTH", 13, 215}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_DIGEST ++ {"UNKNOWN_DIGEST", ERR_LIB_ASN1, ASN1_R_UNKNOWN_DIGEST}, ++ #else ++ {"UNKNOWN_DIGEST", 13, 229}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_FORMAT ++ {"UNKNOWN_FORMAT", ERR_LIB_ASN1, ASN1_R_UNKNOWN_FORMAT}, ++ #else ++ {"UNKNOWN_FORMAT", 13, 160}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ++ {"UNKNOWN_MESSAGE_DIGEST_ALGORITHM", ERR_LIB_ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM}, ++ #else ++ {"UNKNOWN_MESSAGE_DIGEST_ALGORITHM", 13, 161}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_OBJECT_TYPE ++ {"UNKNOWN_OBJECT_TYPE", ERR_LIB_ASN1, ASN1_R_UNKNOWN_OBJECT_TYPE}, ++ #else ++ {"UNKNOWN_OBJECT_TYPE", 13, 162}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ++ {"UNKNOWN_PUBLIC_KEY_TYPE", ERR_LIB_ASN1, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE}, ++ #else ++ {"UNKNOWN_PUBLIC_KEY_TYPE", 13, 163}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM ++ {"UNKNOWN_SIGNATURE_ALGORITHM", ERR_LIB_ASN1, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM}, ++ #else ++ {"UNKNOWN_SIGNATURE_ALGORITHM", 13, 199}, ++ #endif ++ #ifdef ASN1_R_UNKNOWN_TAG ++ {"UNKNOWN_TAG", ERR_LIB_ASN1, ASN1_R_UNKNOWN_TAG}, ++ #else ++ {"UNKNOWN_TAG", 13, 194}, ++ #endif ++ #ifdef ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE ++ {"UNSUPPORTED_ANY_DEFINED_BY_TYPE", ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE}, ++ #else ++ {"UNSUPPORTED_ANY_DEFINED_BY_TYPE", 13, 164}, ++ #endif ++ #ifdef ASN1_R_UNSUPPORTED_CIPHER ++ {"UNSUPPORTED_CIPHER", ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_CIPHER}, ++ #else ++ {"UNSUPPORTED_CIPHER", 13, 228}, ++ #endif ++ #ifdef ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ++ {"UNSUPPORTED_PUBLIC_KEY_TYPE", ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE}, ++ #else ++ {"UNSUPPORTED_PUBLIC_KEY_TYPE", 13, 167}, ++ #endif ++ #ifdef ASN1_R_UNSUPPORTED_TYPE ++ {"UNSUPPORTED_TYPE", ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_TYPE}, ++ #else ++ {"UNSUPPORTED_TYPE", 13, 196}, ++ #endif ++ #ifdef ASN1_R_WRONG_INTEGER_TYPE ++ {"WRONG_INTEGER_TYPE", ERR_LIB_ASN1, ASN1_R_WRONG_INTEGER_TYPE}, ++ #else ++ {"WRONG_INTEGER_TYPE", 13, 225}, ++ #endif ++ #ifdef ASN1_R_WRONG_PUBLIC_KEY_TYPE ++ {"WRONG_PUBLIC_KEY_TYPE", ERR_LIB_ASN1, ASN1_R_WRONG_PUBLIC_KEY_TYPE}, ++ #else ++ {"WRONG_PUBLIC_KEY_TYPE", 13, 200}, ++ #endif ++ #ifdef ASN1_R_WRONG_TAG ++ {"WRONG_TAG", ERR_LIB_ASN1, ASN1_R_WRONG_TAG}, ++ #else ++ {"WRONG_TAG", 13, 168}, ++ #endif ++ #ifdef ASYNC_R_FAILED_TO_SET_POOL ++ {"FAILED_TO_SET_POOL", ERR_LIB_ASYNC, ASYNC_R_FAILED_TO_SET_POOL}, ++ #else ++ {"FAILED_TO_SET_POOL", 51, 101}, ++ #endif ++ #ifdef ASYNC_R_FAILED_TO_SWAP_CONTEXT ++ {"FAILED_TO_SWAP_CONTEXT", ERR_LIB_ASYNC, ASYNC_R_FAILED_TO_SWAP_CONTEXT}, ++ #else ++ {"FAILED_TO_SWAP_CONTEXT", 51, 102}, ++ #endif ++ #ifdef ASYNC_R_INIT_FAILED ++ {"INIT_FAILED", ERR_LIB_ASYNC, ASYNC_R_INIT_FAILED}, ++ #else ++ {"INIT_FAILED", 51, 105}, ++ #endif ++ #ifdef ASYNC_R_INVALID_POOL_SIZE ++ {"INVALID_POOL_SIZE", ERR_LIB_ASYNC, ASYNC_R_INVALID_POOL_SIZE}, ++ #else ++ {"INVALID_POOL_SIZE", 51, 103}, ++ #endif ++ #ifdef BIO_R_ACCEPT_ERROR ++ {"ACCEPT_ERROR", ERR_LIB_BIO, BIO_R_ACCEPT_ERROR}, ++ #else ++ {"ACCEPT_ERROR", 32, 100}, ++ #endif ++ #ifdef BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET ++ {"ADDRINFO_ADDR_IS_NOT_AF_INET", ERR_LIB_BIO, BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET}, ++ #else ++ {"ADDRINFO_ADDR_IS_NOT_AF_INET", 32, 141}, ++ #endif ++ #ifdef BIO_R_AMBIGUOUS_HOST_OR_SERVICE ++ {"AMBIGUOUS_HOST_OR_SERVICE", ERR_LIB_BIO, BIO_R_AMBIGUOUS_HOST_OR_SERVICE}, ++ #else ++ {"AMBIGUOUS_HOST_OR_SERVICE", 32, 129}, ++ #endif ++ #ifdef BIO_R_BAD_FOPEN_MODE ++ {"BAD_FOPEN_MODE", ERR_LIB_BIO, BIO_R_BAD_FOPEN_MODE}, ++ #else ++ {"BAD_FOPEN_MODE", 32, 101}, ++ #endif ++ #ifdef BIO_R_BROKEN_PIPE ++ {"BROKEN_PIPE", ERR_LIB_BIO, BIO_R_BROKEN_PIPE}, ++ #else ++ {"BROKEN_PIPE", 32, 124}, ++ #endif ++ #ifdef BIO_R_CONNECT_ERROR ++ {"CONNECT_ERROR", ERR_LIB_BIO, BIO_R_CONNECT_ERROR}, ++ #else ++ {"CONNECT_ERROR", 32, 103}, ++ #endif ++ #ifdef BIO_R_CONNECT_TIMEOUT ++ {"CONNECT_TIMEOUT", ERR_LIB_BIO, BIO_R_CONNECT_TIMEOUT}, ++ #else ++ {"CONNECT_TIMEOUT", 32, 147}, ++ #endif ++ #ifdef BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ++ {"GETHOSTBYNAME_ADDR_IS_NOT_AF_INET", ERR_LIB_BIO, BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET}, ++ #else ++ {"GETHOSTBYNAME_ADDR_IS_NOT_AF_INET", 32, 107}, ++ #endif ++ #ifdef BIO_R_GETSOCKNAME_ERROR ++ {"GETSOCKNAME_ERROR", ERR_LIB_BIO, BIO_R_GETSOCKNAME_ERROR}, ++ #else ++ {"GETSOCKNAME_ERROR", 32, 132}, ++ #endif ++ #ifdef BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS ++ {"GETSOCKNAME_TRUNCATED_ADDRESS", ERR_LIB_BIO, BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS}, ++ #else ++ {"GETSOCKNAME_TRUNCATED_ADDRESS", 32, 133}, ++ #endif ++ #ifdef BIO_R_GETTING_SOCKTYPE ++ {"GETTING_SOCKTYPE", ERR_LIB_BIO, BIO_R_GETTING_SOCKTYPE}, ++ #else ++ {"GETTING_SOCKTYPE", 32, 134}, ++ #endif ++ #ifdef BIO_R_INVALID_ARGUMENT ++ {"INVALID_ARGUMENT", ERR_LIB_BIO, BIO_R_INVALID_ARGUMENT}, ++ #else ++ {"INVALID_ARGUMENT", 32, 125}, ++ #endif ++ #ifdef BIO_R_INVALID_SOCKET ++ {"INVALID_SOCKET", ERR_LIB_BIO, BIO_R_INVALID_SOCKET}, ++ #else ++ {"INVALID_SOCKET", 32, 135}, ++ #endif ++ #ifdef BIO_R_IN_USE ++ {"IN_USE", ERR_LIB_BIO, BIO_R_IN_USE}, ++ #else ++ {"IN_USE", 32, 123}, ++ #endif ++ #ifdef BIO_R_LENGTH_TOO_LONG ++ {"LENGTH_TOO_LONG", ERR_LIB_BIO, BIO_R_LENGTH_TOO_LONG}, ++ #else ++ {"LENGTH_TOO_LONG", 32, 102}, ++ #endif ++ #ifdef BIO_R_LISTEN_V6_ONLY ++ {"LISTEN_V6_ONLY", ERR_LIB_BIO, BIO_R_LISTEN_V6_ONLY}, ++ #else ++ {"LISTEN_V6_ONLY", 32, 136}, ++ #endif ++ #ifdef BIO_R_LOOKUP_RETURNED_NOTHING ++ {"LOOKUP_RETURNED_NOTHING", ERR_LIB_BIO, BIO_R_LOOKUP_RETURNED_NOTHING}, ++ #else ++ {"LOOKUP_RETURNED_NOTHING", 32, 142}, ++ #endif ++ #ifdef BIO_R_MALFORMED_HOST_OR_SERVICE ++ {"MALFORMED_HOST_OR_SERVICE", ERR_LIB_BIO, BIO_R_MALFORMED_HOST_OR_SERVICE}, ++ #else ++ {"MALFORMED_HOST_OR_SERVICE", 32, 130}, ++ #endif ++ #ifdef BIO_R_NBIO_CONNECT_ERROR ++ {"NBIO_CONNECT_ERROR", ERR_LIB_BIO, BIO_R_NBIO_CONNECT_ERROR}, ++ #else ++ {"NBIO_CONNECT_ERROR", 32, 110}, ++ #endif ++ #ifdef BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED ++ {"NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED", ERR_LIB_BIO, BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED}, ++ #else ++ {"NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED", 32, 143}, ++ #endif ++ #ifdef BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED ++ {"NO_HOSTNAME_OR_SERVICE_SPECIFIED", ERR_LIB_BIO, BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED}, ++ #else ++ {"NO_HOSTNAME_OR_SERVICE_SPECIFIED", 32, 144}, ++ #endif ++ #ifdef BIO_R_NO_PORT_DEFINED ++ {"NO_PORT_DEFINED", ERR_LIB_BIO, BIO_R_NO_PORT_DEFINED}, ++ #else ++ {"NO_PORT_DEFINED", 32, 113}, ++ #endif ++ #ifdef BIO_R_NO_SUCH_FILE ++ {"NO_SUCH_FILE", ERR_LIB_BIO, BIO_R_NO_SUCH_FILE}, ++ #else ++ {"NO_SUCH_FILE", 32, 128}, ++ #endif ++ #ifdef BIO_R_TRANSFER_ERROR ++ {"TRANSFER_ERROR", ERR_LIB_BIO, BIO_R_TRANSFER_ERROR}, ++ #else ++ {"TRANSFER_ERROR", 32, 104}, ++ #endif ++ #ifdef BIO_R_TRANSFER_TIMEOUT ++ {"TRANSFER_TIMEOUT", ERR_LIB_BIO, BIO_R_TRANSFER_TIMEOUT}, ++ #else ++ {"TRANSFER_TIMEOUT", 32, 105}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_BIND_SOCKET ++ {"UNABLE_TO_BIND_SOCKET", ERR_LIB_BIO, BIO_R_UNABLE_TO_BIND_SOCKET}, ++ #else ++ {"UNABLE_TO_BIND_SOCKET", 32, 117}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_CREATE_SOCKET ++ {"UNABLE_TO_CREATE_SOCKET", ERR_LIB_BIO, BIO_R_UNABLE_TO_CREATE_SOCKET}, ++ #else ++ {"UNABLE_TO_CREATE_SOCKET", 32, 118}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_KEEPALIVE ++ {"UNABLE_TO_KEEPALIVE", ERR_LIB_BIO, BIO_R_UNABLE_TO_KEEPALIVE}, ++ #else ++ {"UNABLE_TO_KEEPALIVE", 32, 137}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_LISTEN_SOCKET ++ {"UNABLE_TO_LISTEN_SOCKET", ERR_LIB_BIO, BIO_R_UNABLE_TO_LISTEN_SOCKET}, ++ #else ++ {"UNABLE_TO_LISTEN_SOCKET", 32, 119}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_NODELAY ++ {"UNABLE_TO_NODELAY", ERR_LIB_BIO, BIO_R_UNABLE_TO_NODELAY}, ++ #else ++ {"UNABLE_TO_NODELAY", 32, 138}, ++ #endif ++ #ifdef BIO_R_UNABLE_TO_REUSEADDR ++ {"UNABLE_TO_REUSEADDR", ERR_LIB_BIO, BIO_R_UNABLE_TO_REUSEADDR}, ++ #else ++ {"UNABLE_TO_REUSEADDR", 32, 139}, ++ #endif ++ #ifdef BIO_R_UNAVAILABLE_IP_FAMILY ++ {"UNAVAILABLE_IP_FAMILY", ERR_LIB_BIO, BIO_R_UNAVAILABLE_IP_FAMILY}, ++ #else ++ {"UNAVAILABLE_IP_FAMILY", 32, 145}, ++ #endif ++ #ifdef BIO_R_UNINITIALIZED ++ {"UNINITIALIZED", ERR_LIB_BIO, BIO_R_UNINITIALIZED}, ++ #else ++ {"UNINITIALIZED", 32, 120}, ++ #endif ++ #ifdef BIO_R_UNKNOWN_INFO_TYPE ++ {"UNKNOWN_INFO_TYPE", ERR_LIB_BIO, BIO_R_UNKNOWN_INFO_TYPE}, ++ #else ++ {"UNKNOWN_INFO_TYPE", 32, 140}, ++ #endif ++ #ifdef BIO_R_UNSUPPORTED_IP_FAMILY ++ {"UNSUPPORTED_IP_FAMILY", ERR_LIB_BIO, BIO_R_UNSUPPORTED_IP_FAMILY}, ++ #else ++ {"UNSUPPORTED_IP_FAMILY", 32, 146}, ++ #endif ++ #ifdef BIO_R_UNSUPPORTED_METHOD ++ {"UNSUPPORTED_METHOD", ERR_LIB_BIO, BIO_R_UNSUPPORTED_METHOD}, ++ #else ++ {"UNSUPPORTED_METHOD", 32, 121}, ++ #endif ++ #ifdef BIO_R_UNSUPPORTED_PROTOCOL_FAMILY ++ {"UNSUPPORTED_PROTOCOL_FAMILY", ERR_LIB_BIO, BIO_R_UNSUPPORTED_PROTOCOL_FAMILY}, ++ #else ++ {"UNSUPPORTED_PROTOCOL_FAMILY", 32, 131}, ++ #endif ++ #ifdef BIO_R_WRITE_TO_READ_ONLY_BIO ++ {"WRITE_TO_READ_ONLY_BIO", ERR_LIB_BIO, BIO_R_WRITE_TO_READ_ONLY_BIO}, ++ #else ++ {"WRITE_TO_READ_ONLY_BIO", 32, 126}, ++ #endif ++ #ifdef BIO_R_WSASTARTUP ++ {"WSASTARTUP", ERR_LIB_BIO, BIO_R_WSASTARTUP}, ++ #else ++ {"WSASTARTUP", 32, 122}, ++ #endif ++ #ifdef BN_R_ARG2_LT_ARG3 ++ {"ARG2_LT_ARG3", ERR_LIB_BN, BN_R_ARG2_LT_ARG3}, ++ #else ++ {"ARG2_LT_ARG3", 3, 100}, ++ #endif ++ #ifdef BN_R_BAD_RECIPROCAL ++ {"BAD_RECIPROCAL", ERR_LIB_BN, BN_R_BAD_RECIPROCAL}, ++ #else ++ {"BAD_RECIPROCAL", 3, 101}, ++ #endif ++ #ifdef BN_R_BIGNUM_TOO_LONG ++ {"BIGNUM_TOO_LONG", ERR_LIB_BN, BN_R_BIGNUM_TOO_LONG}, ++ #else ++ {"BIGNUM_TOO_LONG", 3, 114}, ++ #endif ++ #ifdef BN_R_BITS_TOO_SMALL ++ {"BITS_TOO_SMALL", ERR_LIB_BN, BN_R_BITS_TOO_SMALL}, ++ #else ++ {"BITS_TOO_SMALL", 3, 118}, ++ #endif ++ #ifdef BN_R_CALLED_WITH_EVEN_MODULUS ++ {"CALLED_WITH_EVEN_MODULUS", ERR_LIB_BN, BN_R_CALLED_WITH_EVEN_MODULUS}, ++ #else ++ {"CALLED_WITH_EVEN_MODULUS", 3, 102}, ++ #endif ++ #ifdef BN_R_DIV_BY_ZERO ++ {"DIV_BY_ZERO", ERR_LIB_BN, BN_R_DIV_BY_ZERO}, ++ #else ++ {"DIV_BY_ZERO", 3, 103}, ++ #endif ++ #ifdef BN_R_ENCODING_ERROR ++ {"ENCODING_ERROR", ERR_LIB_BN, BN_R_ENCODING_ERROR}, ++ #else ++ {"ENCODING_ERROR", 3, 104}, ++ #endif ++ #ifdef BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ++ {"EXPAND_ON_STATIC_BIGNUM_DATA", ERR_LIB_BN, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA}, ++ #else ++ {"EXPAND_ON_STATIC_BIGNUM_DATA", 3, 105}, ++ #endif ++ #ifdef BN_R_INPUT_NOT_REDUCED ++ {"INPUT_NOT_REDUCED", ERR_LIB_BN, BN_R_INPUT_NOT_REDUCED}, ++ #else ++ {"INPUT_NOT_REDUCED", 3, 110}, ++ #endif ++ #ifdef BN_R_INVALID_LENGTH ++ {"INVALID_LENGTH", ERR_LIB_BN, BN_R_INVALID_LENGTH}, ++ #else ++ {"INVALID_LENGTH", 3, 106}, ++ #endif ++ #ifdef BN_R_INVALID_RANGE ++ {"INVALID_RANGE", ERR_LIB_BN, BN_R_INVALID_RANGE}, ++ #else ++ {"INVALID_RANGE", 3, 115}, ++ #endif ++ #ifdef BN_R_INVALID_SHIFT ++ {"INVALID_SHIFT", ERR_LIB_BN, BN_R_INVALID_SHIFT}, ++ #else ++ {"INVALID_SHIFT", 3, 119}, ++ #endif ++ #ifdef BN_R_NOT_A_SQUARE ++ {"NOT_A_SQUARE", ERR_LIB_BN, BN_R_NOT_A_SQUARE}, ++ #else ++ {"NOT_A_SQUARE", 3, 111}, ++ #endif ++ #ifdef BN_R_NOT_INITIALIZED ++ {"NOT_INITIALIZED", ERR_LIB_BN, BN_R_NOT_INITIALIZED}, ++ #else ++ {"NOT_INITIALIZED", 3, 107}, ++ #endif ++ #ifdef BN_R_NO_INVERSE ++ {"NO_INVERSE", ERR_LIB_BN, BN_R_NO_INVERSE}, ++ #else ++ {"NO_INVERSE", 3, 108}, ++ #endif ++ #ifdef BN_R_NO_SOLUTION ++ {"NO_SOLUTION", ERR_LIB_BN, BN_R_NO_SOLUTION}, ++ #else ++ {"NO_SOLUTION", 3, 116}, ++ #endif ++ #ifdef BN_R_NO_SUITABLE_DIGEST ++ {"NO_SUITABLE_DIGEST", ERR_LIB_BN, BN_R_NO_SUITABLE_DIGEST}, ++ #else ++ {"NO_SUITABLE_DIGEST", 3, 120}, ++ #endif ++ #ifdef BN_R_PRIVATE_KEY_TOO_LARGE ++ {"PRIVATE_KEY_TOO_LARGE", ERR_LIB_BN, BN_R_PRIVATE_KEY_TOO_LARGE}, ++ #else ++ {"PRIVATE_KEY_TOO_LARGE", 3, 117}, ++ #endif ++ #ifdef BN_R_P_IS_NOT_PRIME ++ {"P_IS_NOT_PRIME", ERR_LIB_BN, BN_R_P_IS_NOT_PRIME}, ++ #else ++ {"P_IS_NOT_PRIME", 3, 112}, ++ #endif ++ #ifdef BN_R_TOO_MANY_ITERATIONS ++ {"TOO_MANY_ITERATIONS", ERR_LIB_BN, BN_R_TOO_MANY_ITERATIONS}, ++ #else ++ {"TOO_MANY_ITERATIONS", 3, 113}, ++ #endif ++ #ifdef BN_R_TOO_MANY_TEMPORARY_VARIABLES ++ {"TOO_MANY_TEMPORARY_VARIABLES", ERR_LIB_BN, BN_R_TOO_MANY_TEMPORARY_VARIABLES}, ++ #else ++ {"TOO_MANY_TEMPORARY_VARIABLES", 3, 109}, ++ #endif ++ #ifdef CMP_R_ALGORITHM_NOT_SUPPORTED ++ {"ALGORITHM_NOT_SUPPORTED", ERR_LIB_CMP, CMP_R_ALGORITHM_NOT_SUPPORTED}, ++ #else ++ {"ALGORITHM_NOT_SUPPORTED", 58, 139}, ++ #endif ++ #ifdef CMP_R_BAD_CHECKAFTER_IN_POLLREP ++ {"BAD_CHECKAFTER_IN_POLLREP", ERR_LIB_CMP, CMP_R_BAD_CHECKAFTER_IN_POLLREP}, ++ #else ++ {"BAD_CHECKAFTER_IN_POLLREP", 58, 167}, ++ #endif ++ #ifdef CMP_R_BAD_REQUEST_ID ++ {"BAD_REQUEST_ID", ERR_LIB_CMP, CMP_R_BAD_REQUEST_ID}, ++ #else ++ {"BAD_REQUEST_ID", 58, 108}, ++ #endif ++ #ifdef CMP_R_CERTHASH_UNMATCHED ++ {"CERTHASH_UNMATCHED", ERR_LIB_CMP, CMP_R_CERTHASH_UNMATCHED}, ++ #else ++ {"CERTHASH_UNMATCHED", 58, 156}, ++ #endif ++ #ifdef CMP_R_CERTID_NOT_FOUND ++ {"CERTID_NOT_FOUND", ERR_LIB_CMP, CMP_R_CERTID_NOT_FOUND}, ++ #else ++ {"CERTID_NOT_FOUND", 58, 109}, ++ #endif ++ #ifdef CMP_R_CERTIFICATE_NOT_ACCEPTED ++ {"CERTIFICATE_NOT_ACCEPTED", ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED}, ++ #else ++ {"CERTIFICATE_NOT_ACCEPTED", 58, 169}, ++ #endif ++ #ifdef CMP_R_CERTIFICATE_NOT_FOUND ++ {"CERTIFICATE_NOT_FOUND", ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_FOUND}, ++ #else ++ {"CERTIFICATE_NOT_FOUND", 58, 112}, ++ #endif ++ #ifdef CMP_R_CERTREQMSG_NOT_FOUND ++ {"CERTREQMSG_NOT_FOUND", ERR_LIB_CMP, CMP_R_CERTREQMSG_NOT_FOUND}, ++ #else ++ {"CERTREQMSG_NOT_FOUND", 58, 157}, ++ #endif ++ #ifdef CMP_R_CERTRESPONSE_NOT_FOUND ++ {"CERTRESPONSE_NOT_FOUND", ERR_LIB_CMP, CMP_R_CERTRESPONSE_NOT_FOUND}, ++ #else ++ {"CERTRESPONSE_NOT_FOUND", 58, 113}, ++ #endif ++ #ifdef CMP_R_CERT_AND_KEY_DO_NOT_MATCH ++ {"CERT_AND_KEY_DO_NOT_MATCH", ERR_LIB_CMP, CMP_R_CERT_AND_KEY_DO_NOT_MATCH}, ++ #else ++ {"CERT_AND_KEY_DO_NOT_MATCH", 58, 114}, ++ #endif ++ #ifdef CMP_R_CHECKAFTER_OUT_OF_RANGE ++ {"CHECKAFTER_OUT_OF_RANGE", ERR_LIB_CMP, CMP_R_CHECKAFTER_OUT_OF_RANGE}, ++ #else ++ {"CHECKAFTER_OUT_OF_RANGE", 58, 181}, ++ #endif ++ #ifdef CMP_R_ENCOUNTERED_KEYUPDATEWARNING ++ {"ENCOUNTERED_KEYUPDATEWARNING", ERR_LIB_CMP, CMP_R_ENCOUNTERED_KEYUPDATEWARNING}, ++ #else ++ {"ENCOUNTERED_KEYUPDATEWARNING", 58, 176}, ++ #endif ++ #ifdef CMP_R_ENCOUNTERED_WAITING ++ {"ENCOUNTERED_WAITING", ERR_LIB_CMP, CMP_R_ENCOUNTERED_WAITING}, ++ #else ++ {"ENCOUNTERED_WAITING", 58, 162}, ++ #endif ++ #ifdef CMP_R_ERROR_CALCULATING_PROTECTION ++ {"ERROR_CALCULATING_PROTECTION", ERR_LIB_CMP, CMP_R_ERROR_CALCULATING_PROTECTION}, ++ #else ++ {"ERROR_CALCULATING_PROTECTION", 58, 115}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_CERTCONF ++ {"ERROR_CREATING_CERTCONF", ERR_LIB_CMP, CMP_R_ERROR_CREATING_CERTCONF}, ++ #else ++ {"ERROR_CREATING_CERTCONF", 58, 116}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_CERTREP ++ {"ERROR_CREATING_CERTREP", ERR_LIB_CMP, CMP_R_ERROR_CREATING_CERTREP}, ++ #else ++ {"ERROR_CREATING_CERTREP", 58, 117}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_CERTREQ ++ {"ERROR_CREATING_CERTREQ", ERR_LIB_CMP, CMP_R_ERROR_CREATING_CERTREQ}, ++ #else ++ {"ERROR_CREATING_CERTREQ", 58, 163}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_ERROR ++ {"ERROR_CREATING_ERROR", ERR_LIB_CMP, CMP_R_ERROR_CREATING_ERROR}, ++ #else ++ {"ERROR_CREATING_ERROR", 58, 118}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_GENM ++ {"ERROR_CREATING_GENM", ERR_LIB_CMP, CMP_R_ERROR_CREATING_GENM}, ++ #else ++ {"ERROR_CREATING_GENM", 58, 119}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_GENP ++ {"ERROR_CREATING_GENP", ERR_LIB_CMP, CMP_R_ERROR_CREATING_GENP}, ++ #else ++ {"ERROR_CREATING_GENP", 58, 120}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_PKICONF ++ {"ERROR_CREATING_PKICONF", ERR_LIB_CMP, CMP_R_ERROR_CREATING_PKICONF}, ++ #else ++ {"ERROR_CREATING_PKICONF", 58, 122}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_POLLREP ++ {"ERROR_CREATING_POLLREP", ERR_LIB_CMP, CMP_R_ERROR_CREATING_POLLREP}, ++ #else ++ {"ERROR_CREATING_POLLREP", 58, 123}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_POLLREQ ++ {"ERROR_CREATING_POLLREQ", ERR_LIB_CMP, CMP_R_ERROR_CREATING_POLLREQ}, ++ #else ++ {"ERROR_CREATING_POLLREQ", 58, 124}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_RP ++ {"ERROR_CREATING_RP", ERR_LIB_CMP, CMP_R_ERROR_CREATING_RP}, ++ #else ++ {"ERROR_CREATING_RP", 58, 125}, ++ #endif ++ #ifdef CMP_R_ERROR_CREATING_RR ++ {"ERROR_CREATING_RR", ERR_LIB_CMP, CMP_R_ERROR_CREATING_RR}, ++ #else ++ {"ERROR_CREATING_RR", 58, 126}, ++ #endif ++ #ifdef CMP_R_ERROR_PARSING_PKISTATUS ++ {"ERROR_PARSING_PKISTATUS", ERR_LIB_CMP, CMP_R_ERROR_PARSING_PKISTATUS}, ++ #else ++ {"ERROR_PARSING_PKISTATUS", 58, 107}, ++ #endif ++ #ifdef CMP_R_ERROR_PROCESSING_MESSAGE ++ {"ERROR_PROCESSING_MESSAGE", ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE}, ++ #else ++ {"ERROR_PROCESSING_MESSAGE", 58, 158}, ++ #endif ++ #ifdef CMP_R_ERROR_PROTECTING_MESSAGE ++ {"ERROR_PROTECTING_MESSAGE", ERR_LIB_CMP, CMP_R_ERROR_PROTECTING_MESSAGE}, ++ #else ++ {"ERROR_PROTECTING_MESSAGE", 58, 127}, ++ #endif ++ #ifdef CMP_R_ERROR_SETTING_CERTHASH ++ {"ERROR_SETTING_CERTHASH", ERR_LIB_CMP, CMP_R_ERROR_SETTING_CERTHASH}, ++ #else ++ {"ERROR_SETTING_CERTHASH", 58, 128}, ++ #endif ++ #ifdef CMP_R_ERROR_UNEXPECTED_CERTCONF ++ {"ERROR_UNEXPECTED_CERTCONF", ERR_LIB_CMP, CMP_R_ERROR_UNEXPECTED_CERTCONF}, ++ #else ++ {"ERROR_UNEXPECTED_CERTCONF", 58, 160}, ++ #endif ++ #ifdef CMP_R_ERROR_VALIDATING_PROTECTION ++ {"ERROR_VALIDATING_PROTECTION", ERR_LIB_CMP, CMP_R_ERROR_VALIDATING_PROTECTION}, ++ #else ++ {"ERROR_VALIDATING_PROTECTION", 58, 140}, ++ #endif ++ #ifdef CMP_R_ERROR_VALIDATING_SIGNATURE ++ {"ERROR_VALIDATING_SIGNATURE", ERR_LIB_CMP, CMP_R_ERROR_VALIDATING_SIGNATURE}, ++ #else ++ {"ERROR_VALIDATING_SIGNATURE", 58, 171}, ++ #endif ++ #ifdef CMP_R_FAILED_BUILDING_OWN_CHAIN ++ {"FAILED_BUILDING_OWN_CHAIN", ERR_LIB_CMP, CMP_R_FAILED_BUILDING_OWN_CHAIN}, ++ #else ++ {"FAILED_BUILDING_OWN_CHAIN", 58, 164}, ++ #endif ++ #ifdef CMP_R_FAILED_EXTRACTING_PUBKEY ++ {"FAILED_EXTRACTING_PUBKEY", ERR_LIB_CMP, CMP_R_FAILED_EXTRACTING_PUBKEY}, ++ #else ++ {"FAILED_EXTRACTING_PUBKEY", 58, 141}, ++ #endif ++ #ifdef CMP_R_FAILURE_OBTAINING_RANDOM ++ {"FAILURE_OBTAINING_RANDOM", ERR_LIB_CMP, CMP_R_FAILURE_OBTAINING_RANDOM}, ++ #else ++ {"FAILURE_OBTAINING_RANDOM", 58, 110}, ++ #endif ++ #ifdef CMP_R_FAIL_INFO_OUT_OF_RANGE ++ {"FAIL_INFO_OUT_OF_RANGE", ERR_LIB_CMP, CMP_R_FAIL_INFO_OUT_OF_RANGE}, ++ #else ++ {"FAIL_INFO_OUT_OF_RANGE", 58, 129}, ++ #endif ++ #ifdef CMP_R_INVALID_ARGS ++ {"INVALID_ARGS", ERR_LIB_CMP, CMP_R_INVALID_ARGS}, ++ #else ++ {"INVALID_ARGS", 58, 100}, ++ #endif ++ #ifdef CMP_R_INVALID_OPTION ++ {"INVALID_OPTION", ERR_LIB_CMP, CMP_R_INVALID_OPTION}, ++ #else ++ {"INVALID_OPTION", 58, 174}, ++ #endif ++ #ifdef CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION ++ {"MISSING_KEY_INPUT_FOR_CREATING_PROTECTION", ERR_LIB_CMP, CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION}, ++ #else ++ {"MISSING_KEY_INPUT_FOR_CREATING_PROTECTION", 58, 130}, ++ #endif ++ #ifdef CMP_R_MISSING_KEY_USAGE_DIGITALSIGNATURE ++ {"MISSING_KEY_USAGE_DIGITALSIGNATURE", ERR_LIB_CMP, CMP_R_MISSING_KEY_USAGE_DIGITALSIGNATURE}, ++ #else ++ {"MISSING_KEY_USAGE_DIGITALSIGNATURE", 58, 142}, ++ #endif ++ #ifdef CMP_R_MISSING_P10CSR ++ {"MISSING_P10CSR", ERR_LIB_CMP, CMP_R_MISSING_P10CSR}, ++ #else ++ {"MISSING_P10CSR", 58, 121}, ++ #endif ++ #ifdef CMP_R_MISSING_PBM_SECRET ++ {"MISSING_PBM_SECRET", ERR_LIB_CMP, CMP_R_MISSING_PBM_SECRET}, ++ #else ++ {"MISSING_PBM_SECRET", 58, 166}, ++ #endif ++ #ifdef CMP_R_MISSING_PRIVATE_KEY ++ {"MISSING_PRIVATE_KEY", ERR_LIB_CMP, CMP_R_MISSING_PRIVATE_KEY}, ++ #else ++ {"MISSING_PRIVATE_KEY", 58, 131}, ++ #endif ++ #ifdef CMP_R_MISSING_PROTECTION ++ {"MISSING_PROTECTION", ERR_LIB_CMP, CMP_R_MISSING_PROTECTION}, ++ #else ++ {"MISSING_PROTECTION", 58, 143}, ++ #endif ++ #ifdef CMP_R_MISSING_REFERENCE_CERT ++ {"MISSING_REFERENCE_CERT", ERR_LIB_CMP, CMP_R_MISSING_REFERENCE_CERT}, ++ #else ++ {"MISSING_REFERENCE_CERT", 58, 168}, ++ #endif ++ #ifdef CMP_R_MISSING_SENDER_IDENTIFICATION ++ {"MISSING_SENDER_IDENTIFICATION", ERR_LIB_CMP, CMP_R_MISSING_SENDER_IDENTIFICATION}, ++ #else ++ {"MISSING_SENDER_IDENTIFICATION", 58, 111}, ++ #endif ++ #ifdef CMP_R_MISSING_TRUST_STORE ++ {"MISSING_TRUST_STORE", ERR_LIB_CMP, CMP_R_MISSING_TRUST_STORE}, ++ #else ++ {"MISSING_TRUST_STORE", 58, 144}, ++ #endif ++ #ifdef CMP_R_MULTIPLE_REQUESTS_NOT_SUPPORTED ++ {"MULTIPLE_REQUESTS_NOT_SUPPORTED", ERR_LIB_CMP, CMP_R_MULTIPLE_REQUESTS_NOT_SUPPORTED}, ++ #else ++ {"MULTIPLE_REQUESTS_NOT_SUPPORTED", 58, 161}, ++ #endif ++ #ifdef CMP_R_MULTIPLE_RESPONSES_NOT_SUPPORTED ++ {"MULTIPLE_RESPONSES_NOT_SUPPORTED", ERR_LIB_CMP, CMP_R_MULTIPLE_RESPONSES_NOT_SUPPORTED}, ++ #else ++ {"MULTIPLE_RESPONSES_NOT_SUPPORTED", 58, 170}, ++ #endif ++ #ifdef CMP_R_MULTIPLE_SAN_SOURCES ++ {"MULTIPLE_SAN_SOURCES", ERR_LIB_CMP, CMP_R_MULTIPLE_SAN_SOURCES}, ++ #else ++ {"MULTIPLE_SAN_SOURCES", 58, 102}, ++ #endif ++ #ifdef CMP_R_NO_STDIO ++ {"NO_STDIO", ERR_LIB_CMP, CMP_R_NO_STDIO}, ++ #else ++ {"NO_STDIO", 58, 194}, ++ #endif ++ #ifdef CMP_R_NO_SUITABLE_SENDER_CERT ++ {"NO_SUITABLE_SENDER_CERT", ERR_LIB_CMP, CMP_R_NO_SUITABLE_SENDER_CERT}, ++ #else ++ {"NO_SUITABLE_SENDER_CERT", 58, 145}, ++ #endif ++ #ifdef CMP_R_NULL_ARGUMENT ++ {"NULL_ARGUMENT", ERR_LIB_CMP, CMP_R_NULL_ARGUMENT}, ++ #else ++ {"NULL_ARGUMENT", 58, 103}, ++ #endif ++ #ifdef CMP_R_PKIBODY_ERROR ++ {"PKIBODY_ERROR", ERR_LIB_CMP, CMP_R_PKIBODY_ERROR}, ++ #else ++ {"PKIBODY_ERROR", 58, 146}, ++ #endif ++ #ifdef CMP_R_PKISTATUSINFO_NOT_FOUND ++ {"PKISTATUSINFO_NOT_FOUND", ERR_LIB_CMP, CMP_R_PKISTATUSINFO_NOT_FOUND}, ++ #else ++ {"PKISTATUSINFO_NOT_FOUND", 58, 132}, ++ #endif ++ #ifdef CMP_R_POLLING_FAILED ++ {"POLLING_FAILED", ERR_LIB_CMP, CMP_R_POLLING_FAILED}, ++ #else ++ {"POLLING_FAILED", 58, 172}, ++ #endif ++ #ifdef CMP_R_POTENTIALLY_INVALID_CERTIFICATE ++ {"POTENTIALLY_INVALID_CERTIFICATE", ERR_LIB_CMP, CMP_R_POTENTIALLY_INVALID_CERTIFICATE}, ++ #else ++ {"POTENTIALLY_INVALID_CERTIFICATE", 58, 147}, ++ #endif ++ #ifdef CMP_R_RECEIVED_ERROR ++ {"RECEIVED_ERROR", ERR_LIB_CMP, CMP_R_RECEIVED_ERROR}, ++ #else ++ {"RECEIVED_ERROR", 58, 180}, ++ #endif ++ #ifdef CMP_R_RECIPNONCE_UNMATCHED ++ {"RECIPNONCE_UNMATCHED", ERR_LIB_CMP, CMP_R_RECIPNONCE_UNMATCHED}, ++ #else ++ {"RECIPNONCE_UNMATCHED", 58, 148}, ++ #endif ++ #ifdef CMP_R_REQUEST_NOT_ACCEPTED ++ {"REQUEST_NOT_ACCEPTED", ERR_LIB_CMP, CMP_R_REQUEST_NOT_ACCEPTED}, ++ #else ++ {"REQUEST_NOT_ACCEPTED", 58, 149}, ++ #endif ++ #ifdef CMP_R_REQUEST_REJECTED_BY_SERVER ++ {"REQUEST_REJECTED_BY_SERVER", ERR_LIB_CMP, CMP_R_REQUEST_REJECTED_BY_SERVER}, ++ #else ++ {"REQUEST_REJECTED_BY_SERVER", 58, 182}, ++ #endif ++ #ifdef CMP_R_SENDER_GENERALNAME_TYPE_NOT_SUPPORTED ++ {"SENDER_GENERALNAME_TYPE_NOT_SUPPORTED", ERR_LIB_CMP, CMP_R_SENDER_GENERALNAME_TYPE_NOT_SUPPORTED}, ++ #else ++ {"SENDER_GENERALNAME_TYPE_NOT_SUPPORTED", 58, 150}, ++ #endif ++ #ifdef CMP_R_SRVCERT_DOES_NOT_VALIDATE_MSG ++ {"SRVCERT_DOES_NOT_VALIDATE_MSG", ERR_LIB_CMP, CMP_R_SRVCERT_DOES_NOT_VALIDATE_MSG}, ++ #else ++ {"SRVCERT_DOES_NOT_VALIDATE_MSG", 58, 151}, ++ #endif ++ #ifdef CMP_R_TOTAL_TIMEOUT ++ {"TOTAL_TIMEOUT", ERR_LIB_CMP, CMP_R_TOTAL_TIMEOUT}, ++ #else ++ {"TOTAL_TIMEOUT", 58, 184}, ++ #endif ++ #ifdef CMP_R_TRANSACTIONID_UNMATCHED ++ {"TRANSACTIONID_UNMATCHED", ERR_LIB_CMP, CMP_R_TRANSACTIONID_UNMATCHED}, ++ #else ++ {"TRANSACTIONID_UNMATCHED", 58, 152}, ++ #endif ++ #ifdef CMP_R_TRANSFER_ERROR ++ {"TRANSFER_ERROR", ERR_LIB_CMP, CMP_R_TRANSFER_ERROR}, ++ #else ++ {"TRANSFER_ERROR", 58, 159}, ++ #endif ++ #ifdef CMP_R_UNEXPECTED_PKIBODY ++ {"UNEXPECTED_PKIBODY", ERR_LIB_CMP, CMP_R_UNEXPECTED_PKIBODY}, ++ #else ++ {"UNEXPECTED_PKIBODY", 58, 133}, ++ #endif ++ #ifdef CMP_R_UNEXPECTED_PKISTATUS ++ {"UNEXPECTED_PKISTATUS", ERR_LIB_CMP, CMP_R_UNEXPECTED_PKISTATUS}, ++ #else ++ {"UNEXPECTED_PKISTATUS", 58, 185}, ++ #endif ++ #ifdef CMP_R_UNEXPECTED_PVNO ++ {"UNEXPECTED_PVNO", ERR_LIB_CMP, CMP_R_UNEXPECTED_PVNO}, ++ #else ++ {"UNEXPECTED_PVNO", 58, 153}, ++ #endif ++ #ifdef CMP_R_UNKNOWN_ALGORITHM_ID ++ {"UNKNOWN_ALGORITHM_ID", ERR_LIB_CMP, CMP_R_UNKNOWN_ALGORITHM_ID}, ++ #else ++ {"UNKNOWN_ALGORITHM_ID", 58, 134}, ++ #endif ++ #ifdef CMP_R_UNKNOWN_CERT_TYPE ++ {"UNKNOWN_CERT_TYPE", ERR_LIB_CMP, CMP_R_UNKNOWN_CERT_TYPE}, ++ #else ++ {"UNKNOWN_CERT_TYPE", 58, 135}, ++ #endif ++ #ifdef CMP_R_UNKNOWN_PKISTATUS ++ {"UNKNOWN_PKISTATUS", ERR_LIB_CMP, CMP_R_UNKNOWN_PKISTATUS}, ++ #else ++ {"UNKNOWN_PKISTATUS", 58, 186}, ++ #endif ++ #ifdef CMP_R_UNSUPPORTED_ALGORITHM ++ {"UNSUPPORTED_ALGORITHM", ERR_LIB_CMP, CMP_R_UNSUPPORTED_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_ALGORITHM", 58, 136}, ++ #endif ++ #ifdef CMP_R_UNSUPPORTED_KEY_TYPE ++ {"UNSUPPORTED_KEY_TYPE", ERR_LIB_CMP, CMP_R_UNSUPPORTED_KEY_TYPE}, ++ #else ++ {"UNSUPPORTED_KEY_TYPE", 58, 137}, ++ #endif ++ #ifdef CMP_R_UNSUPPORTED_PROTECTION_ALG_DHBASEDMAC ++ {"UNSUPPORTED_PROTECTION_ALG_DHBASEDMAC", ERR_LIB_CMP, CMP_R_UNSUPPORTED_PROTECTION_ALG_DHBASEDMAC}, ++ #else ++ {"UNSUPPORTED_PROTECTION_ALG_DHBASEDMAC", 58, 154}, ++ #endif ++ #ifdef CMP_R_VALUE_TOO_LARGE ++ {"VALUE_TOO_LARGE", ERR_LIB_CMP, CMP_R_VALUE_TOO_LARGE}, ++ #else ++ {"VALUE_TOO_LARGE", 58, 175}, ++ #endif ++ #ifdef CMP_R_VALUE_TOO_SMALL ++ {"VALUE_TOO_SMALL", ERR_LIB_CMP, CMP_R_VALUE_TOO_SMALL}, ++ #else ++ {"VALUE_TOO_SMALL", 58, 177}, ++ #endif ++ #ifdef CMP_R_WRONG_ALGORITHM_OID ++ {"WRONG_ALGORITHM_OID", ERR_LIB_CMP, CMP_R_WRONG_ALGORITHM_OID}, ++ #else ++ {"WRONG_ALGORITHM_OID", 58, 138}, ++ #endif ++ #ifdef CMP_R_WRONG_CERTID_IN_RP ++ {"WRONG_CERTID_IN_RP", ERR_LIB_CMP, CMP_R_WRONG_CERTID_IN_RP}, ++ #else ++ {"WRONG_CERTID_IN_RP", 58, 187}, ++ #endif ++ #ifdef CMP_R_WRONG_PBM_VALUE ++ {"WRONG_PBM_VALUE", ERR_LIB_CMP, CMP_R_WRONG_PBM_VALUE}, ++ #else ++ {"WRONG_PBM_VALUE", 58, 155}, ++ #endif ++ #ifdef CMP_R_WRONG_RP_COMPONENT_COUNT ++ {"WRONG_RP_COMPONENT_COUNT", ERR_LIB_CMP, CMP_R_WRONG_RP_COMPONENT_COUNT}, ++ #else ++ {"WRONG_RP_COMPONENT_COUNT", 58, 188}, ++ #endif ++ #ifdef CMP_R_WRONG_SERIAL_IN_RP ++ {"WRONG_SERIAL_IN_RP", ERR_LIB_CMP, CMP_R_WRONG_SERIAL_IN_RP}, ++ #else ++ {"WRONG_SERIAL_IN_RP", 58, 173}, ++ #endif ++ #ifdef CMS_R_ADD_SIGNER_ERROR ++ {"ADD_SIGNER_ERROR", ERR_LIB_CMS, CMS_R_ADD_SIGNER_ERROR}, ++ #else ++ {"ADD_SIGNER_ERROR", 46, 99}, ++ #endif ++ #ifdef CMS_R_ATTRIBUTE_ERROR ++ {"ATTRIBUTE_ERROR", ERR_LIB_CMS, CMS_R_ATTRIBUTE_ERROR}, ++ #else ++ {"ATTRIBUTE_ERROR", 46, 161}, ++ #endif ++ #ifdef CMS_R_CERTIFICATE_ALREADY_PRESENT ++ {"CERTIFICATE_ALREADY_PRESENT", ERR_LIB_CMS, CMS_R_CERTIFICATE_ALREADY_PRESENT}, ++ #else ++ {"CERTIFICATE_ALREADY_PRESENT", 46, 175}, ++ #endif ++ #ifdef CMS_R_CERTIFICATE_HAS_NO_KEYID ++ {"CERTIFICATE_HAS_NO_KEYID", ERR_LIB_CMS, CMS_R_CERTIFICATE_HAS_NO_KEYID}, ++ #else ++ {"CERTIFICATE_HAS_NO_KEYID", 46, 160}, ++ #endif ++ #ifdef CMS_R_CERTIFICATE_VERIFY_ERROR ++ {"CERTIFICATE_VERIFY_ERROR", ERR_LIB_CMS, CMS_R_CERTIFICATE_VERIFY_ERROR}, ++ #else ++ {"CERTIFICATE_VERIFY_ERROR", 46, 100}, ++ #endif ++ #ifdef CMS_R_CIPHER_AEAD_SET_TAG_ERROR ++ {"CIPHER_AEAD_SET_TAG_ERROR", ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR}, ++ #else ++ {"CIPHER_AEAD_SET_TAG_ERROR", 46, 184}, ++ #endif ++ #ifdef CMS_R_CIPHER_GET_TAG ++ {"CIPHER_GET_TAG", ERR_LIB_CMS, CMS_R_CIPHER_GET_TAG}, ++ #else ++ {"CIPHER_GET_TAG", 46, 185}, ++ #endif ++ #ifdef CMS_R_CIPHER_INITIALISATION_ERROR ++ {"CIPHER_INITIALISATION_ERROR", ERR_LIB_CMS, CMS_R_CIPHER_INITIALISATION_ERROR}, ++ #else ++ {"CIPHER_INITIALISATION_ERROR", 46, 101}, ++ #endif ++ #ifdef CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR ++ {"CIPHER_PARAMETER_INITIALISATION_ERROR", ERR_LIB_CMS, CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR}, ++ #else ++ {"CIPHER_PARAMETER_INITIALISATION_ERROR", 46, 102}, ++ #endif ++ #ifdef CMS_R_CMS_DATAFINAL_ERROR ++ {"CMS_DATAFINAL_ERROR", ERR_LIB_CMS, CMS_R_CMS_DATAFINAL_ERROR}, ++ #else ++ {"CMS_DATAFINAL_ERROR", 46, 103}, ++ #endif ++ #ifdef CMS_R_CMS_LIB ++ {"CMS_LIB", ERR_LIB_CMS, CMS_R_CMS_LIB}, ++ #else ++ {"CMS_LIB", 46, 104}, ++ #endif ++ #ifdef CMS_R_CONTENTIDENTIFIER_MISMATCH ++ {"CONTENTIDENTIFIER_MISMATCH", ERR_LIB_CMS, CMS_R_CONTENTIDENTIFIER_MISMATCH}, ++ #else ++ {"CONTENTIDENTIFIER_MISMATCH", 46, 170}, ++ #endif ++ #ifdef CMS_R_CONTENT_NOT_FOUND ++ {"CONTENT_NOT_FOUND", ERR_LIB_CMS, CMS_R_CONTENT_NOT_FOUND}, ++ #else ++ {"CONTENT_NOT_FOUND", 46, 105}, ++ #endif ++ #ifdef CMS_R_CONTENT_TYPE_MISMATCH ++ {"CONTENT_TYPE_MISMATCH", ERR_LIB_CMS, CMS_R_CONTENT_TYPE_MISMATCH}, ++ #else ++ {"CONTENT_TYPE_MISMATCH", 46, 171}, ++ #endif ++ #ifdef CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA ++ {"CONTENT_TYPE_NOT_COMPRESSED_DATA", ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA}, ++ #else ++ {"CONTENT_TYPE_NOT_COMPRESSED_DATA", 46, 106}, ++ #endif ++ #ifdef CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA ++ {"CONTENT_TYPE_NOT_ENVELOPED_DATA", ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA}, ++ #else ++ {"CONTENT_TYPE_NOT_ENVELOPED_DATA", 46, 107}, ++ #endif ++ #ifdef CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA ++ {"CONTENT_TYPE_NOT_SIGNED_DATA", ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA}, ++ #else ++ {"CONTENT_TYPE_NOT_SIGNED_DATA", 46, 108}, ++ #endif ++ #ifdef CMS_R_CONTENT_VERIFY_ERROR ++ {"CONTENT_VERIFY_ERROR", ERR_LIB_CMS, CMS_R_CONTENT_VERIFY_ERROR}, ++ #else ++ {"CONTENT_VERIFY_ERROR", 46, 109}, ++ #endif ++ #ifdef CMS_R_CTRL_ERROR ++ {"CTRL_ERROR", ERR_LIB_CMS, CMS_R_CTRL_ERROR}, ++ #else ++ {"CTRL_ERROR", 46, 110}, ++ #endif ++ #ifdef CMS_R_CTRL_FAILURE ++ {"CTRL_FAILURE", ERR_LIB_CMS, CMS_R_CTRL_FAILURE}, ++ #else ++ {"CTRL_FAILURE", 46, 111}, ++ #endif ++ #ifdef CMS_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_CMS, CMS_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 46, 187}, ++ #endif ++ #ifdef CMS_R_DECRYPT_ERROR ++ {"DECRYPT_ERROR", ERR_LIB_CMS, CMS_R_DECRYPT_ERROR}, ++ #else ++ {"DECRYPT_ERROR", 46, 112}, ++ #endif ++ #ifdef CMS_R_ERROR_GETTING_PUBLIC_KEY ++ {"ERROR_GETTING_PUBLIC_KEY", ERR_LIB_CMS, CMS_R_ERROR_GETTING_PUBLIC_KEY}, ++ #else ++ {"ERROR_GETTING_PUBLIC_KEY", 46, 113}, ++ #endif ++ #ifdef CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE ++ {"ERROR_READING_MESSAGEDIGEST_ATTRIBUTE", ERR_LIB_CMS, CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE}, ++ #else ++ {"ERROR_READING_MESSAGEDIGEST_ATTRIBUTE", 46, 114}, ++ #endif ++ #ifdef CMS_R_ERROR_SETTING_KEY ++ {"ERROR_SETTING_KEY", ERR_LIB_CMS, CMS_R_ERROR_SETTING_KEY}, ++ #else ++ {"ERROR_SETTING_KEY", 46, 115}, ++ #endif ++ #ifdef CMS_R_ERROR_SETTING_RECIPIENTINFO ++ {"ERROR_SETTING_RECIPIENTINFO", ERR_LIB_CMS, CMS_R_ERROR_SETTING_RECIPIENTINFO}, ++ #else ++ {"ERROR_SETTING_RECIPIENTINFO", 46, 116}, ++ #endif ++ #ifdef CMS_R_ESS_SIGNING_CERTID_MISMATCH_ERROR ++ {"ESS_SIGNING_CERTID_MISMATCH_ERROR", ERR_LIB_CMS, CMS_R_ESS_SIGNING_CERTID_MISMATCH_ERROR}, ++ #else ++ {"ESS_SIGNING_CERTID_MISMATCH_ERROR", 46, 183}, ++ #endif ++ #ifdef CMS_R_INVALID_ENCRYPTED_KEY_LENGTH ++ {"INVALID_ENCRYPTED_KEY_LENGTH", ERR_LIB_CMS, CMS_R_INVALID_ENCRYPTED_KEY_LENGTH}, ++ #else ++ {"INVALID_ENCRYPTED_KEY_LENGTH", 46, 117}, ++ #endif ++ #ifdef CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER ++ {"INVALID_KEY_ENCRYPTION_PARAMETER", ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER}, ++ #else ++ {"INVALID_KEY_ENCRYPTION_PARAMETER", 46, 176}, ++ #endif ++ #ifdef CMS_R_INVALID_KEY_LENGTH ++ {"INVALID_KEY_LENGTH", ERR_LIB_CMS, CMS_R_INVALID_KEY_LENGTH}, ++ #else ++ {"INVALID_KEY_LENGTH", 46, 118}, ++ #endif ++ #ifdef CMS_R_INVALID_LABEL ++ {"INVALID_LABEL", ERR_LIB_CMS, CMS_R_INVALID_LABEL}, ++ #else ++ {"INVALID_LABEL", 46, 190}, ++ #endif ++ #ifdef CMS_R_INVALID_OAEP_PARAMETERS ++ {"INVALID_OAEP_PARAMETERS", ERR_LIB_CMS, CMS_R_INVALID_OAEP_PARAMETERS}, ++ #else ++ {"INVALID_OAEP_PARAMETERS", 46, 191}, ++ #endif ++ #ifdef CMS_R_KDF_PARAMETER_ERROR ++ {"KDF_PARAMETER_ERROR", ERR_LIB_CMS, CMS_R_KDF_PARAMETER_ERROR}, ++ #else ++ {"KDF_PARAMETER_ERROR", 46, 186}, ++ #endif ++ #ifdef CMS_R_MD_BIO_INIT_ERROR ++ {"MD_BIO_INIT_ERROR", ERR_LIB_CMS, CMS_R_MD_BIO_INIT_ERROR}, ++ #else ++ {"MD_BIO_INIT_ERROR", 46, 119}, ++ #endif ++ #ifdef CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH ++ {"MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH", ERR_LIB_CMS, CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH}, ++ #else ++ {"MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH", 46, 120}, ++ #endif ++ #ifdef CMS_R_MESSAGEDIGEST_WRONG_LENGTH ++ {"MESSAGEDIGEST_WRONG_LENGTH", ERR_LIB_CMS, CMS_R_MESSAGEDIGEST_WRONG_LENGTH}, ++ #else ++ {"MESSAGEDIGEST_WRONG_LENGTH", 46, 121}, ++ #endif ++ #ifdef CMS_R_MSGSIGDIGEST_ERROR ++ {"MSGSIGDIGEST_ERROR", ERR_LIB_CMS, CMS_R_MSGSIGDIGEST_ERROR}, ++ #else ++ {"MSGSIGDIGEST_ERROR", 46, 172}, ++ #endif ++ #ifdef CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE ++ {"MSGSIGDIGEST_VERIFICATION_FAILURE", ERR_LIB_CMS, CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE}, ++ #else ++ {"MSGSIGDIGEST_VERIFICATION_FAILURE", 46, 162}, ++ #endif ++ #ifdef CMS_R_MSGSIGDIGEST_WRONG_LENGTH ++ {"MSGSIGDIGEST_WRONG_LENGTH", ERR_LIB_CMS, CMS_R_MSGSIGDIGEST_WRONG_LENGTH}, ++ #else ++ {"MSGSIGDIGEST_WRONG_LENGTH", 46, 163}, ++ #endif ++ #ifdef CMS_R_NEED_ONE_SIGNER ++ {"NEED_ONE_SIGNER", ERR_LIB_CMS, CMS_R_NEED_ONE_SIGNER}, ++ #else ++ {"NEED_ONE_SIGNER", 46, 164}, ++ #endif ++ #ifdef CMS_R_NOT_A_SIGNED_RECEIPT ++ {"NOT_A_SIGNED_RECEIPT", ERR_LIB_CMS, CMS_R_NOT_A_SIGNED_RECEIPT}, ++ #else ++ {"NOT_A_SIGNED_RECEIPT", 46, 165}, ++ #endif ++ #ifdef CMS_R_NOT_ENCRYPTED_DATA ++ {"NOT_ENCRYPTED_DATA", ERR_LIB_CMS, CMS_R_NOT_ENCRYPTED_DATA}, ++ #else ++ {"NOT_ENCRYPTED_DATA", 46, 122}, ++ #endif ++ #ifdef CMS_R_NOT_KEK ++ {"NOT_KEK", ERR_LIB_CMS, CMS_R_NOT_KEK}, ++ #else ++ {"NOT_KEK", 46, 123}, ++ #endif ++ #ifdef CMS_R_NOT_KEY_AGREEMENT ++ {"NOT_KEY_AGREEMENT", ERR_LIB_CMS, CMS_R_NOT_KEY_AGREEMENT}, ++ #else ++ {"NOT_KEY_AGREEMENT", 46, 181}, ++ #endif ++ #ifdef CMS_R_NOT_KEY_TRANSPORT ++ {"NOT_KEY_TRANSPORT", ERR_LIB_CMS, CMS_R_NOT_KEY_TRANSPORT}, ++ #else ++ {"NOT_KEY_TRANSPORT", 46, 124}, ++ #endif ++ #ifdef CMS_R_NOT_PWRI ++ {"NOT_PWRI", ERR_LIB_CMS, CMS_R_NOT_PWRI}, ++ #else ++ {"NOT_PWRI", 46, 177}, ++ #endif ++ #ifdef CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE ++ {"NOT_SUPPORTED_FOR_THIS_KEY_TYPE", ERR_LIB_CMS, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE}, ++ #else ++ {"NOT_SUPPORTED_FOR_THIS_KEY_TYPE", 46, 125}, ++ #endif ++ #ifdef CMS_R_NO_CIPHER ++ {"NO_CIPHER", ERR_LIB_CMS, CMS_R_NO_CIPHER}, ++ #else ++ {"NO_CIPHER", 46, 126}, ++ #endif ++ #ifdef CMS_R_NO_CONTENT ++ {"NO_CONTENT", ERR_LIB_CMS, CMS_R_NO_CONTENT}, ++ #else ++ {"NO_CONTENT", 46, 127}, ++ #endif ++ #ifdef CMS_R_NO_CONTENT_TYPE ++ {"NO_CONTENT_TYPE", ERR_LIB_CMS, CMS_R_NO_CONTENT_TYPE}, ++ #else ++ {"NO_CONTENT_TYPE", 46, 173}, ++ #endif ++ #ifdef CMS_R_NO_DEFAULT_DIGEST ++ {"NO_DEFAULT_DIGEST", ERR_LIB_CMS, CMS_R_NO_DEFAULT_DIGEST}, ++ #else ++ {"NO_DEFAULT_DIGEST", 46, 128}, ++ #endif ++ #ifdef CMS_R_NO_DIGEST_SET ++ {"NO_DIGEST_SET", ERR_LIB_CMS, CMS_R_NO_DIGEST_SET}, ++ #else ++ {"NO_DIGEST_SET", 46, 129}, ++ #endif ++ #ifdef CMS_R_NO_KEY ++ {"NO_KEY", ERR_LIB_CMS, CMS_R_NO_KEY}, ++ #else ++ {"NO_KEY", 46, 130}, ++ #endif ++ #ifdef CMS_R_NO_KEY_OR_CERT ++ {"NO_KEY_OR_CERT", ERR_LIB_CMS, CMS_R_NO_KEY_OR_CERT}, ++ #else ++ {"NO_KEY_OR_CERT", 46, 174}, ++ #endif ++ #ifdef CMS_R_NO_MATCHING_DIGEST ++ {"NO_MATCHING_DIGEST", ERR_LIB_CMS, CMS_R_NO_MATCHING_DIGEST}, ++ #else ++ {"NO_MATCHING_DIGEST", 46, 131}, ++ #endif ++ #ifdef CMS_R_NO_MATCHING_RECIPIENT ++ {"NO_MATCHING_RECIPIENT", ERR_LIB_CMS, CMS_R_NO_MATCHING_RECIPIENT}, ++ #else ++ {"NO_MATCHING_RECIPIENT", 46, 132}, ++ #endif ++ #ifdef CMS_R_NO_MATCHING_SIGNATURE ++ {"NO_MATCHING_SIGNATURE", ERR_LIB_CMS, CMS_R_NO_MATCHING_SIGNATURE}, ++ #else ++ {"NO_MATCHING_SIGNATURE", 46, 166}, ++ #endif ++ #ifdef CMS_R_NO_MSGSIGDIGEST ++ {"NO_MSGSIGDIGEST", ERR_LIB_CMS, CMS_R_NO_MSGSIGDIGEST}, ++ #else ++ {"NO_MSGSIGDIGEST", 46, 167}, ++ #endif ++ #ifdef CMS_R_NO_PASSWORD ++ {"NO_PASSWORD", ERR_LIB_CMS, CMS_R_NO_PASSWORD}, ++ #else ++ {"NO_PASSWORD", 46, 178}, ++ #endif ++ #ifdef CMS_R_NO_PRIVATE_KEY ++ {"NO_PRIVATE_KEY", ERR_LIB_CMS, CMS_R_NO_PRIVATE_KEY}, ++ #else ++ {"NO_PRIVATE_KEY", 46, 133}, ++ #endif ++ #ifdef CMS_R_NO_PUBLIC_KEY ++ {"NO_PUBLIC_KEY", ERR_LIB_CMS, CMS_R_NO_PUBLIC_KEY}, ++ #else ++ {"NO_PUBLIC_KEY", 46, 134}, ++ #endif ++ #ifdef CMS_R_NO_RECEIPT_REQUEST ++ {"NO_RECEIPT_REQUEST", ERR_LIB_CMS, CMS_R_NO_RECEIPT_REQUEST}, ++ #else ++ {"NO_RECEIPT_REQUEST", 46, 168}, ++ #endif ++ #ifdef CMS_R_NO_SIGNERS ++ {"NO_SIGNERS", ERR_LIB_CMS, CMS_R_NO_SIGNERS}, ++ #else ++ {"NO_SIGNERS", 46, 135}, ++ #endif ++ #ifdef CMS_R_PEER_KEY_ERROR ++ {"PEER_KEY_ERROR", ERR_LIB_CMS, CMS_R_PEER_KEY_ERROR}, ++ #else ++ {"PEER_KEY_ERROR", 46, 188}, ++ #endif ++ #ifdef CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", ERR_LIB_CMS, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE}, ++ #else ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", 46, 136}, ++ #endif ++ #ifdef CMS_R_RECEIPT_DECODE_ERROR ++ {"RECEIPT_DECODE_ERROR", ERR_LIB_CMS, CMS_R_RECEIPT_DECODE_ERROR}, ++ #else ++ {"RECEIPT_DECODE_ERROR", 46, 169}, ++ #endif ++ #ifdef CMS_R_RECIPIENT_ERROR ++ {"RECIPIENT_ERROR", ERR_LIB_CMS, CMS_R_RECIPIENT_ERROR}, ++ #else ++ {"RECIPIENT_ERROR", 46, 137}, ++ #endif ++ #ifdef CMS_R_SHARED_INFO_ERROR ++ {"SHARED_INFO_ERROR", ERR_LIB_CMS, CMS_R_SHARED_INFO_ERROR}, ++ #else ++ {"SHARED_INFO_ERROR", 46, 189}, ++ #endif ++ #ifdef CMS_R_SIGNER_CERTIFICATE_NOT_FOUND ++ {"SIGNER_CERTIFICATE_NOT_FOUND", ERR_LIB_CMS, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND}, ++ #else ++ {"SIGNER_CERTIFICATE_NOT_FOUND", 46, 138}, ++ #endif ++ #ifdef CMS_R_SIGNFINAL_ERROR ++ {"SIGNFINAL_ERROR", ERR_LIB_CMS, CMS_R_SIGNFINAL_ERROR}, ++ #else ++ {"SIGNFINAL_ERROR", 46, 139}, ++ #endif ++ #ifdef CMS_R_SMIME_TEXT_ERROR ++ {"SMIME_TEXT_ERROR", ERR_LIB_CMS, CMS_R_SMIME_TEXT_ERROR}, ++ #else ++ {"SMIME_TEXT_ERROR", 46, 140}, ++ #endif ++ #ifdef CMS_R_STORE_INIT_ERROR ++ {"STORE_INIT_ERROR", ERR_LIB_CMS, CMS_R_STORE_INIT_ERROR}, ++ #else ++ {"STORE_INIT_ERROR", 46, 141}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_COMPRESSED_DATA ++ {"TYPE_NOT_COMPRESSED_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_COMPRESSED_DATA}, ++ #else ++ {"TYPE_NOT_COMPRESSED_DATA", 46, 142}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_DATA ++ {"TYPE_NOT_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_DATA}, ++ #else ++ {"TYPE_NOT_DATA", 46, 143}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_DIGESTED_DATA ++ {"TYPE_NOT_DIGESTED_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_DIGESTED_DATA}, ++ #else ++ {"TYPE_NOT_DIGESTED_DATA", 46, 144}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_ENCRYPTED_DATA ++ {"TYPE_NOT_ENCRYPTED_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_ENCRYPTED_DATA}, ++ #else ++ {"TYPE_NOT_ENCRYPTED_DATA", 46, 145}, ++ #endif ++ #ifdef CMS_R_TYPE_NOT_ENVELOPED_DATA ++ {"TYPE_NOT_ENVELOPED_DATA", ERR_LIB_CMS, CMS_R_TYPE_NOT_ENVELOPED_DATA}, ++ #else ++ {"TYPE_NOT_ENVELOPED_DATA", 46, 146}, ++ #endif ++ #ifdef CMS_R_UNABLE_TO_FINALIZE_CONTEXT ++ {"UNABLE_TO_FINALIZE_CONTEXT", ERR_LIB_CMS, CMS_R_UNABLE_TO_FINALIZE_CONTEXT}, ++ #else ++ {"UNABLE_TO_FINALIZE_CONTEXT", 46, 147}, ++ #endif ++ #ifdef CMS_R_UNKNOWN_CIPHER ++ {"UNKNOWN_CIPHER", ERR_LIB_CMS, CMS_R_UNKNOWN_CIPHER}, ++ #else ++ {"UNKNOWN_CIPHER", 46, 148}, ++ #endif ++ #ifdef CMS_R_UNKNOWN_DIGEST_ALGORITHM ++ {"UNKNOWN_DIGEST_ALGORITHM", ERR_LIB_CMS, CMS_R_UNKNOWN_DIGEST_ALGORITHM}, ++ #else ++ {"UNKNOWN_DIGEST_ALGORITHM", 46, 149}, ++ #endif ++ #ifdef CMS_R_UNKNOWN_ID ++ {"UNKNOWN_ID", ERR_LIB_CMS, CMS_R_UNKNOWN_ID}, ++ #else ++ {"UNKNOWN_ID", 46, 150}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM ++ {"UNSUPPORTED_COMPRESSION_ALGORITHM", ERR_LIB_CMS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_COMPRESSION_ALGORITHM", 46, 151}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_CONTENT_TYPE ++ {"UNSUPPORTED_CONTENT_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_TYPE}, ++ #else ++ {"UNSUPPORTED_CONTENT_TYPE", 46, 152}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_ENCRYPTION_TYPE ++ {"UNSUPPORTED_ENCRYPTION_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_ENCRYPTION_TYPE}, ++ #else ++ {"UNSUPPORTED_ENCRYPTION_TYPE", 46, 192}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_KEK_ALGORITHM ++ {"UNSUPPORTED_KEK_ALGORITHM", ERR_LIB_CMS, CMS_R_UNSUPPORTED_KEK_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_KEK_ALGORITHM", 46, 153}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM ++ {"UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM", ERR_LIB_CMS, CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM", 46, 179}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_LABEL_SOURCE ++ {"UNSUPPORTED_LABEL_SOURCE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_LABEL_SOURCE}, ++ #else ++ {"UNSUPPORTED_LABEL_SOURCE", 46, 193}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE ++ {"UNSUPPORTED_RECIPIENTINFO_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE}, ++ #else ++ {"UNSUPPORTED_RECIPIENTINFO_TYPE", 46, 155}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_RECIPIENT_TYPE ++ {"UNSUPPORTED_RECIPIENT_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENT_TYPE}, ++ #else ++ {"UNSUPPORTED_RECIPIENT_TYPE", 46, 154}, ++ #endif ++ #ifdef CMS_R_UNSUPPORTED_TYPE ++ {"UNSUPPORTED_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_TYPE}, ++ #else ++ {"UNSUPPORTED_TYPE", 46, 156}, ++ #endif ++ #ifdef CMS_R_UNWRAP_ERROR ++ {"UNWRAP_ERROR", ERR_LIB_CMS, CMS_R_UNWRAP_ERROR}, ++ #else ++ {"UNWRAP_ERROR", 46, 157}, ++ #endif ++ #ifdef CMS_R_UNWRAP_FAILURE ++ {"UNWRAP_FAILURE", ERR_LIB_CMS, CMS_R_UNWRAP_FAILURE}, ++ #else ++ {"UNWRAP_FAILURE", 46, 180}, ++ #endif ++ #ifdef CMS_R_VERIFICATION_FAILURE ++ {"VERIFICATION_FAILURE", ERR_LIB_CMS, CMS_R_VERIFICATION_FAILURE}, ++ #else ++ {"VERIFICATION_FAILURE", 46, 158}, ++ #endif ++ #ifdef CMS_R_WRAP_ERROR ++ {"WRAP_ERROR", ERR_LIB_CMS, CMS_R_WRAP_ERROR}, ++ #else ++ {"WRAP_ERROR", 46, 159}, ++ #endif ++ #ifdef COMP_R_ZLIB_DEFLATE_ERROR ++ {"ZLIB_DEFLATE_ERROR", ERR_LIB_COMP, COMP_R_ZLIB_DEFLATE_ERROR}, ++ #else ++ {"ZLIB_DEFLATE_ERROR", 41, 99}, ++ #endif ++ #ifdef COMP_R_ZLIB_INFLATE_ERROR ++ {"ZLIB_INFLATE_ERROR", ERR_LIB_COMP, COMP_R_ZLIB_INFLATE_ERROR}, ++ #else ++ {"ZLIB_INFLATE_ERROR", 41, 100}, ++ #endif ++ #ifdef COMP_R_ZLIB_NOT_SUPPORTED ++ {"ZLIB_NOT_SUPPORTED", ERR_LIB_COMP, COMP_R_ZLIB_NOT_SUPPORTED}, ++ #else ++ {"ZLIB_NOT_SUPPORTED", 41, 101}, ++ #endif ++ #ifdef CONF_R_ERROR_LOADING_DSO ++ {"ERROR_LOADING_DSO", ERR_LIB_CONF, CONF_R_ERROR_LOADING_DSO}, ++ #else ++ {"ERROR_LOADING_DSO", 14, 110}, ++ #endif ++ #ifdef CONF_R_INVALID_PRAGMA ++ {"INVALID_PRAGMA", ERR_LIB_CONF, CONF_R_INVALID_PRAGMA}, ++ #else ++ {"INVALID_PRAGMA", 14, 122}, ++ #endif ++ #ifdef CONF_R_LIST_CANNOT_BE_NULL ++ {"LIST_CANNOT_BE_NULL", ERR_LIB_CONF, CONF_R_LIST_CANNOT_BE_NULL}, ++ #else ++ {"LIST_CANNOT_BE_NULL", 14, 115}, ++ #endif ++ #ifdef CONF_R_MANDATORY_BRACES_IN_VARIABLE_EXPANSION ++ {"MANDATORY_BRACES_IN_VARIABLE_EXPANSION", ERR_LIB_CONF, CONF_R_MANDATORY_BRACES_IN_VARIABLE_EXPANSION}, ++ #else ++ {"MANDATORY_BRACES_IN_VARIABLE_EXPANSION", 14, 123}, ++ #endif ++ #ifdef CONF_R_MISSING_CLOSE_SQUARE_BRACKET ++ {"MISSING_CLOSE_SQUARE_BRACKET", ERR_LIB_CONF, CONF_R_MISSING_CLOSE_SQUARE_BRACKET}, ++ #else ++ {"MISSING_CLOSE_SQUARE_BRACKET", 14, 100}, ++ #endif ++ #ifdef CONF_R_MISSING_EQUAL_SIGN ++ {"MISSING_EQUAL_SIGN", ERR_LIB_CONF, CONF_R_MISSING_EQUAL_SIGN}, ++ #else ++ {"MISSING_EQUAL_SIGN", 14, 101}, ++ #endif ++ #ifdef CONF_R_MISSING_INIT_FUNCTION ++ {"MISSING_INIT_FUNCTION", ERR_LIB_CONF, CONF_R_MISSING_INIT_FUNCTION}, ++ #else ++ {"MISSING_INIT_FUNCTION", 14, 112}, ++ #endif ++ #ifdef CONF_R_MODULE_INITIALIZATION_ERROR ++ {"MODULE_INITIALIZATION_ERROR", ERR_LIB_CONF, CONF_R_MODULE_INITIALIZATION_ERROR}, ++ #else ++ {"MODULE_INITIALIZATION_ERROR", 14, 109}, ++ #endif ++ #ifdef CONF_R_NO_CLOSE_BRACE ++ {"NO_CLOSE_BRACE", ERR_LIB_CONF, CONF_R_NO_CLOSE_BRACE}, ++ #else ++ {"NO_CLOSE_BRACE", 14, 102}, ++ #endif ++ #ifdef CONF_R_NO_CONF ++ {"NO_CONF", ERR_LIB_CONF, CONF_R_NO_CONF}, ++ #else ++ {"NO_CONF", 14, 105}, ++ #endif ++ #ifdef CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE ++ {"NO_CONF_OR_ENVIRONMENT_VARIABLE", ERR_LIB_CONF, CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE}, ++ #else ++ {"NO_CONF_OR_ENVIRONMENT_VARIABLE", 14, 106}, ++ #endif ++ #ifdef CONF_R_NO_SECTION ++ {"NO_SECTION", ERR_LIB_CONF, CONF_R_NO_SECTION}, ++ #else ++ {"NO_SECTION", 14, 107}, ++ #endif ++ #ifdef CONF_R_NO_SUCH_FILE ++ {"NO_SUCH_FILE", ERR_LIB_CONF, CONF_R_NO_SUCH_FILE}, ++ #else ++ {"NO_SUCH_FILE", 14, 114}, ++ #endif ++ #ifdef CONF_R_NO_VALUE ++ {"NO_VALUE", ERR_LIB_CONF, CONF_R_NO_VALUE}, ++ #else ++ {"NO_VALUE", 14, 108}, ++ #endif ++ #ifdef CONF_R_NUMBER_TOO_LARGE ++ {"NUMBER_TOO_LARGE", ERR_LIB_CONF, CONF_R_NUMBER_TOO_LARGE}, ++ #else ++ {"NUMBER_TOO_LARGE", 14, 121}, ++ #endif ++ #ifdef CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION ++ {"OPENSSL_CONF_REFERENCES_MISSING_SECTION", ERR_LIB_CONF, CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION}, ++ #else ++ {"OPENSSL_CONF_REFERENCES_MISSING_SECTION", 14, 124}, ++ #endif ++ #ifdef CONF_R_RECURSIVE_DIRECTORY_INCLUDE ++ {"RECURSIVE_DIRECTORY_INCLUDE", ERR_LIB_CONF, CONF_R_RECURSIVE_DIRECTORY_INCLUDE}, ++ #else ++ {"RECURSIVE_DIRECTORY_INCLUDE", 14, 111}, ++ #endif ++ #ifdef CONF_R_SSL_COMMAND_SECTION_EMPTY ++ {"SSL_COMMAND_SECTION_EMPTY", ERR_LIB_CONF, CONF_R_SSL_COMMAND_SECTION_EMPTY}, ++ #else ++ {"SSL_COMMAND_SECTION_EMPTY", 14, 117}, ++ #endif ++ #ifdef CONF_R_SSL_COMMAND_SECTION_NOT_FOUND ++ {"SSL_COMMAND_SECTION_NOT_FOUND", ERR_LIB_CONF, CONF_R_SSL_COMMAND_SECTION_NOT_FOUND}, ++ #else ++ {"SSL_COMMAND_SECTION_NOT_FOUND", 14, 118}, ++ #endif ++ #ifdef CONF_R_SSL_SECTION_EMPTY ++ {"SSL_SECTION_EMPTY", ERR_LIB_CONF, CONF_R_SSL_SECTION_EMPTY}, ++ #else ++ {"SSL_SECTION_EMPTY", 14, 119}, ++ #endif ++ #ifdef CONF_R_SSL_SECTION_NOT_FOUND ++ {"SSL_SECTION_NOT_FOUND", ERR_LIB_CONF, CONF_R_SSL_SECTION_NOT_FOUND}, ++ #else ++ {"SSL_SECTION_NOT_FOUND", 14, 120}, ++ #endif ++ #ifdef CONF_R_UNABLE_TO_CREATE_NEW_SECTION ++ {"UNABLE_TO_CREATE_NEW_SECTION", ERR_LIB_CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION}, ++ #else ++ {"UNABLE_TO_CREATE_NEW_SECTION", 14, 103}, ++ #endif ++ #ifdef CONF_R_UNKNOWN_MODULE_NAME ++ {"UNKNOWN_MODULE_NAME", ERR_LIB_CONF, CONF_R_UNKNOWN_MODULE_NAME}, ++ #else ++ {"UNKNOWN_MODULE_NAME", 14, 113}, ++ #endif ++ #ifdef CONF_R_VARIABLE_EXPANSION_TOO_LONG ++ {"VARIABLE_EXPANSION_TOO_LONG", ERR_LIB_CONF, CONF_R_VARIABLE_EXPANSION_TOO_LONG}, ++ #else ++ {"VARIABLE_EXPANSION_TOO_LONG", 14, 116}, ++ #endif ++ #ifdef CONF_R_VARIABLE_HAS_NO_VALUE ++ {"VARIABLE_HAS_NO_VALUE", ERR_LIB_CONF, CONF_R_VARIABLE_HAS_NO_VALUE}, ++ #else ++ {"VARIABLE_HAS_NO_VALUE", 14, 104}, ++ #endif ++ #ifdef CRMF_R_BAD_PBM_ITERATIONCOUNT ++ {"BAD_PBM_ITERATIONCOUNT", ERR_LIB_CRMF, CRMF_R_BAD_PBM_ITERATIONCOUNT}, ++ #else ++ {"BAD_PBM_ITERATIONCOUNT", 56, 100}, ++ #endif ++ #ifdef CRMF_R_CRMFERROR ++ {"CRMFERROR", ERR_LIB_CRMF, CRMF_R_CRMFERROR}, ++ #else ++ {"CRMFERROR", 56, 102}, ++ #endif ++ #ifdef CRMF_R_ERROR ++ {"ERROR", ERR_LIB_CRMF, CRMF_R_ERROR}, ++ #else ++ {"ERROR", 56, 103}, ++ #endif ++ #ifdef CRMF_R_ERROR_DECODING_CERTIFICATE ++ {"ERROR_DECODING_CERTIFICATE", ERR_LIB_CRMF, CRMF_R_ERROR_DECODING_CERTIFICATE}, ++ #else ++ {"ERROR_DECODING_CERTIFICATE", 56, 104}, ++ #endif ++ #ifdef CRMF_R_ERROR_DECRYPTING_CERTIFICATE ++ {"ERROR_DECRYPTING_CERTIFICATE", ERR_LIB_CRMF, CRMF_R_ERROR_DECRYPTING_CERTIFICATE}, ++ #else ++ {"ERROR_DECRYPTING_CERTIFICATE", 56, 105}, ++ #endif ++ #ifdef CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY ++ {"ERROR_DECRYPTING_SYMMETRIC_KEY", ERR_LIB_CRMF, CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY}, ++ #else ++ {"ERROR_DECRYPTING_SYMMETRIC_KEY", 56, 106}, ++ #endif ++ #ifdef CRMF_R_FAILURE_OBTAINING_RANDOM ++ {"FAILURE_OBTAINING_RANDOM", ERR_LIB_CRMF, CRMF_R_FAILURE_OBTAINING_RANDOM}, ++ #else ++ {"FAILURE_OBTAINING_RANDOM", 56, 107}, ++ #endif ++ #ifdef CRMF_R_ITERATIONCOUNT_BELOW_100 ++ {"ITERATIONCOUNT_BELOW_100", ERR_LIB_CRMF, CRMF_R_ITERATIONCOUNT_BELOW_100}, ++ #else ++ {"ITERATIONCOUNT_BELOW_100", 56, 108}, ++ #endif ++ #ifdef CRMF_R_MALFORMED_IV ++ {"MALFORMED_IV", ERR_LIB_CRMF, CRMF_R_MALFORMED_IV}, ++ #else ++ {"MALFORMED_IV", 56, 101}, ++ #endif ++ #ifdef CRMF_R_NULL_ARGUMENT ++ {"NULL_ARGUMENT", ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT}, ++ #else ++ {"NULL_ARGUMENT", 56, 109}, ++ #endif ++ #ifdef CRMF_R_POPOSKINPUT_NOT_SUPPORTED ++ {"POPOSKINPUT_NOT_SUPPORTED", ERR_LIB_CRMF, CRMF_R_POPOSKINPUT_NOT_SUPPORTED}, ++ #else ++ {"POPOSKINPUT_NOT_SUPPORTED", 56, 113}, ++ #endif ++ #ifdef CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY ++ {"POPO_INCONSISTENT_PUBLIC_KEY", ERR_LIB_CRMF, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY}, ++ #else ++ {"POPO_INCONSISTENT_PUBLIC_KEY", 56, 117}, ++ #endif ++ #ifdef CRMF_R_POPO_MISSING ++ {"POPO_MISSING", ERR_LIB_CRMF, CRMF_R_POPO_MISSING}, ++ #else ++ {"POPO_MISSING", 56, 121}, ++ #endif ++ #ifdef CRMF_R_POPO_MISSING_PUBLIC_KEY ++ {"POPO_MISSING_PUBLIC_KEY", ERR_LIB_CRMF, CRMF_R_POPO_MISSING_PUBLIC_KEY}, ++ #else ++ {"POPO_MISSING_PUBLIC_KEY", 56, 118}, ++ #endif ++ #ifdef CRMF_R_POPO_MISSING_SUBJECT ++ {"POPO_MISSING_SUBJECT", ERR_LIB_CRMF, CRMF_R_POPO_MISSING_SUBJECT}, ++ #else ++ {"POPO_MISSING_SUBJECT", 56, 119}, ++ #endif ++ #ifdef CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED ++ {"POPO_RAVERIFIED_NOT_ACCEPTED", ERR_LIB_CRMF, CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED}, ++ #else ++ {"POPO_RAVERIFIED_NOT_ACCEPTED", 56, 120}, ++ #endif ++ #ifdef CRMF_R_SETTING_MAC_ALGOR_FAILURE ++ {"SETTING_MAC_ALGOR_FAILURE", ERR_LIB_CRMF, CRMF_R_SETTING_MAC_ALGOR_FAILURE}, ++ #else ++ {"SETTING_MAC_ALGOR_FAILURE", 56, 110}, ++ #endif ++ #ifdef CRMF_R_SETTING_OWF_ALGOR_FAILURE ++ {"SETTING_OWF_ALGOR_FAILURE", ERR_LIB_CRMF, CRMF_R_SETTING_OWF_ALGOR_FAILURE}, ++ #else ++ {"SETTING_OWF_ALGOR_FAILURE", 56, 111}, ++ #endif ++ #ifdef CRMF_R_UNSUPPORTED_ALGORITHM ++ {"UNSUPPORTED_ALGORITHM", ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_ALGORITHM", 56, 112}, ++ #endif ++ #ifdef CRMF_R_UNSUPPORTED_CIPHER ++ {"UNSUPPORTED_CIPHER", ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_CIPHER}, ++ #else ++ {"UNSUPPORTED_CIPHER", 56, 114}, ++ #endif ++ #ifdef CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO ++ {"UNSUPPORTED_METHOD_FOR_CREATING_POPO", ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO}, ++ #else ++ {"UNSUPPORTED_METHOD_FOR_CREATING_POPO", 56, 115}, ++ #endif ++ #ifdef CRMF_R_UNSUPPORTED_POPO_METHOD ++ {"UNSUPPORTED_POPO_METHOD", ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_POPO_METHOD}, ++ #else ++ {"UNSUPPORTED_POPO_METHOD", 56, 116}, ++ #endif ++ #ifdef CRYPTO_R_BAD_ALGORITHM_NAME ++ {"BAD_ALGORITHM_NAME", ERR_LIB_CRYPTO, CRYPTO_R_BAD_ALGORITHM_NAME}, ++ #else ++ {"BAD_ALGORITHM_NAME", 15, 117}, ++ #endif ++ #ifdef CRYPTO_R_CONFLICTING_NAMES ++ {"CONFLICTING_NAMES", ERR_LIB_CRYPTO, CRYPTO_R_CONFLICTING_NAMES}, ++ #else ++ {"CONFLICTING_NAMES", 15, 118}, ++ #endif ++ #ifdef CRYPTO_R_FIPS_MODE_NOT_SUPPORTED ++ {"FIPS_MODE_NOT_SUPPORTED", ERR_LIB_CRYPTO, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED}, ++ #else ++ {"FIPS_MODE_NOT_SUPPORTED", 15, 101}, ++ #endif ++ #ifdef CRYPTO_R_HEX_STRING_TOO_SHORT ++ {"HEX_STRING_TOO_SHORT", ERR_LIB_CRYPTO, CRYPTO_R_HEX_STRING_TOO_SHORT}, ++ #else ++ {"HEX_STRING_TOO_SHORT", 15, 121}, ++ #endif ++ #ifdef CRYPTO_R_ILLEGAL_HEX_DIGIT ++ {"ILLEGAL_HEX_DIGIT", ERR_LIB_CRYPTO, CRYPTO_R_ILLEGAL_HEX_DIGIT}, ++ #else ++ {"ILLEGAL_HEX_DIGIT", 15, 102}, ++ #endif ++ #ifdef CRYPTO_R_INSUFFICIENT_DATA_SPACE ++ {"INSUFFICIENT_DATA_SPACE", ERR_LIB_CRYPTO, CRYPTO_R_INSUFFICIENT_DATA_SPACE}, ++ #else ++ {"INSUFFICIENT_DATA_SPACE", 15, 106}, ++ #endif ++ #ifdef CRYPTO_R_INSUFFICIENT_PARAM_SIZE ++ {"INSUFFICIENT_PARAM_SIZE", ERR_LIB_CRYPTO, CRYPTO_R_INSUFFICIENT_PARAM_SIZE}, ++ #else ++ {"INSUFFICIENT_PARAM_SIZE", 15, 107}, ++ #endif ++ #ifdef CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE ++ {"INSUFFICIENT_SECURE_DATA_SPACE", ERR_LIB_CRYPTO, CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE}, ++ #else ++ {"INSUFFICIENT_SECURE_DATA_SPACE", 15, 108}, ++ #endif ++ #ifdef CRYPTO_R_INVALID_NULL_ARGUMENT ++ {"INVALID_NULL_ARGUMENT", ERR_LIB_CRYPTO, CRYPTO_R_INVALID_NULL_ARGUMENT}, ++ #else ++ {"INVALID_NULL_ARGUMENT", 15, 109}, ++ #endif ++ #ifdef CRYPTO_R_INVALID_OSSL_PARAM_TYPE ++ {"INVALID_OSSL_PARAM_TYPE", ERR_LIB_CRYPTO, CRYPTO_R_INVALID_OSSL_PARAM_TYPE}, ++ #else ++ {"INVALID_OSSL_PARAM_TYPE", 15, 110}, ++ #endif ++ #ifdef CRYPTO_R_ODD_NUMBER_OF_DIGITS ++ {"ODD_NUMBER_OF_DIGITS", ERR_LIB_CRYPTO, CRYPTO_R_ODD_NUMBER_OF_DIGITS}, ++ #else ++ {"ODD_NUMBER_OF_DIGITS", 15, 103}, ++ #endif ++ #ifdef CRYPTO_R_PROVIDER_ALREADY_EXISTS ++ {"PROVIDER_ALREADY_EXISTS", ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_ALREADY_EXISTS}, ++ #else ++ {"PROVIDER_ALREADY_EXISTS", 15, 104}, ++ #endif ++ #ifdef CRYPTO_R_PROVIDER_SECTION_ERROR ++ {"PROVIDER_SECTION_ERROR", ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_SECTION_ERROR}, ++ #else ++ {"PROVIDER_SECTION_ERROR", 15, 105}, ++ #endif ++ #ifdef CRYPTO_R_RANDOM_SECTION_ERROR ++ {"RANDOM_SECTION_ERROR", ERR_LIB_CRYPTO, CRYPTO_R_RANDOM_SECTION_ERROR}, ++ #else ++ {"RANDOM_SECTION_ERROR", 15, 119}, ++ #endif ++ #ifdef CRYPTO_R_SECURE_MALLOC_FAILURE ++ {"SECURE_MALLOC_FAILURE", ERR_LIB_CRYPTO, CRYPTO_R_SECURE_MALLOC_FAILURE}, ++ #else ++ {"SECURE_MALLOC_FAILURE", 15, 111}, ++ #endif ++ #ifdef CRYPTO_R_STRING_TOO_LONG ++ {"STRING_TOO_LONG", ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG}, ++ #else ++ {"STRING_TOO_LONG", 15, 112}, ++ #endif ++ #ifdef CRYPTO_R_TOO_MANY_BYTES ++ {"TOO_MANY_BYTES", ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES}, ++ #else ++ {"TOO_MANY_BYTES", 15, 113}, ++ #endif ++ #ifdef CRYPTO_R_TOO_MANY_RECORDS ++ {"TOO_MANY_RECORDS", ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_RECORDS}, ++ #else ++ {"TOO_MANY_RECORDS", 15, 114}, ++ #endif ++ #ifdef CRYPTO_R_TOO_SMALL_BUFFER ++ {"TOO_SMALL_BUFFER", ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER}, ++ #else ++ {"TOO_SMALL_BUFFER", 15, 116}, ++ #endif ++ #ifdef CRYPTO_R_UNKNOWN_NAME_IN_RANDOM_SECTION ++ {"UNKNOWN_NAME_IN_RANDOM_SECTION", ERR_LIB_CRYPTO, CRYPTO_R_UNKNOWN_NAME_IN_RANDOM_SECTION}, ++ #else ++ {"UNKNOWN_NAME_IN_RANDOM_SECTION", 15, 120}, ++ #endif ++ #ifdef CRYPTO_R_ZERO_LENGTH_NUMBER ++ {"ZERO_LENGTH_NUMBER", ERR_LIB_CRYPTO, CRYPTO_R_ZERO_LENGTH_NUMBER}, ++ #else ++ {"ZERO_LENGTH_NUMBER", 15, 115}, ++ #endif ++ #ifdef CT_R_BASE64_DECODE_ERROR ++ {"BASE64_DECODE_ERROR", ERR_LIB_CT, CT_R_BASE64_DECODE_ERROR}, ++ #else ++ {"BASE64_DECODE_ERROR", 50, 108}, ++ #endif ++ #ifdef CT_R_INVALID_LOG_ID_LENGTH ++ {"INVALID_LOG_ID_LENGTH", ERR_LIB_CT, CT_R_INVALID_LOG_ID_LENGTH}, ++ #else ++ {"INVALID_LOG_ID_LENGTH", 50, 100}, ++ #endif ++ #ifdef CT_R_LOG_CONF_INVALID ++ {"LOG_CONF_INVALID", ERR_LIB_CT, CT_R_LOG_CONF_INVALID}, ++ #else ++ {"LOG_CONF_INVALID", 50, 109}, ++ #endif ++ #ifdef CT_R_LOG_CONF_INVALID_KEY ++ {"LOG_CONF_INVALID_KEY", ERR_LIB_CT, CT_R_LOG_CONF_INVALID_KEY}, ++ #else ++ {"LOG_CONF_INVALID_KEY", 50, 110}, ++ #endif ++ #ifdef CT_R_LOG_CONF_MISSING_DESCRIPTION ++ {"LOG_CONF_MISSING_DESCRIPTION", ERR_LIB_CT, CT_R_LOG_CONF_MISSING_DESCRIPTION}, ++ #else ++ {"LOG_CONF_MISSING_DESCRIPTION", 50, 111}, ++ #endif ++ #ifdef CT_R_LOG_CONF_MISSING_KEY ++ {"LOG_CONF_MISSING_KEY", ERR_LIB_CT, CT_R_LOG_CONF_MISSING_KEY}, ++ #else ++ {"LOG_CONF_MISSING_KEY", 50, 112}, ++ #endif ++ #ifdef CT_R_LOG_KEY_INVALID ++ {"LOG_KEY_INVALID", ERR_LIB_CT, CT_R_LOG_KEY_INVALID}, ++ #else ++ {"LOG_KEY_INVALID", 50, 113}, ++ #endif ++ #ifdef CT_R_SCT_FUTURE_TIMESTAMP ++ {"SCT_FUTURE_TIMESTAMP", ERR_LIB_CT, CT_R_SCT_FUTURE_TIMESTAMP}, ++ #else ++ {"SCT_FUTURE_TIMESTAMP", 50, 116}, ++ #endif ++ #ifdef CT_R_SCT_INVALID ++ {"SCT_INVALID", ERR_LIB_CT, CT_R_SCT_INVALID}, ++ #else ++ {"SCT_INVALID", 50, 104}, ++ #endif ++ #ifdef CT_R_SCT_INVALID_SIGNATURE ++ {"SCT_INVALID_SIGNATURE", ERR_LIB_CT, CT_R_SCT_INVALID_SIGNATURE}, ++ #else ++ {"SCT_INVALID_SIGNATURE", 50, 107}, ++ #endif ++ #ifdef CT_R_SCT_LIST_INVALID ++ {"SCT_LIST_INVALID", ERR_LIB_CT, CT_R_SCT_LIST_INVALID}, ++ #else ++ {"SCT_LIST_INVALID", 50, 105}, ++ #endif ++ #ifdef CT_R_SCT_LOG_ID_MISMATCH ++ {"SCT_LOG_ID_MISMATCH", ERR_LIB_CT, CT_R_SCT_LOG_ID_MISMATCH}, ++ #else ++ {"SCT_LOG_ID_MISMATCH", 50, 114}, ++ #endif ++ #ifdef CT_R_SCT_NOT_SET ++ {"SCT_NOT_SET", ERR_LIB_CT, CT_R_SCT_NOT_SET}, ++ #else ++ {"SCT_NOT_SET", 50, 106}, ++ #endif ++ #ifdef CT_R_SCT_UNSUPPORTED_VERSION ++ {"SCT_UNSUPPORTED_VERSION", ERR_LIB_CT, CT_R_SCT_UNSUPPORTED_VERSION}, ++ #else ++ {"SCT_UNSUPPORTED_VERSION", 50, 115}, ++ #endif ++ #ifdef CT_R_UNRECOGNIZED_SIGNATURE_NID ++ {"UNRECOGNIZED_SIGNATURE_NID", ERR_LIB_CT, CT_R_UNRECOGNIZED_SIGNATURE_NID}, ++ #else ++ {"UNRECOGNIZED_SIGNATURE_NID", 50, 101}, ++ #endif ++ #ifdef CT_R_UNSUPPORTED_ENTRY_TYPE ++ {"UNSUPPORTED_ENTRY_TYPE", ERR_LIB_CT, CT_R_UNSUPPORTED_ENTRY_TYPE}, ++ #else ++ {"UNSUPPORTED_ENTRY_TYPE", 50, 102}, ++ #endif ++ #ifdef CT_R_UNSUPPORTED_VERSION ++ {"UNSUPPORTED_VERSION", ERR_LIB_CT, CT_R_UNSUPPORTED_VERSION}, ++ #else ++ {"UNSUPPORTED_VERSION", 50, 103}, ++ #endif ++ #ifdef DH_R_BAD_FFC_PARAMETERS ++ {"BAD_FFC_PARAMETERS", ERR_LIB_DH, DH_R_BAD_FFC_PARAMETERS}, ++ #else ++ {"BAD_FFC_PARAMETERS", 5, 127}, ++ #endif ++ #ifdef DH_R_BAD_GENERATOR ++ {"BAD_GENERATOR", ERR_LIB_DH, DH_R_BAD_GENERATOR}, ++ #else ++ {"BAD_GENERATOR", 5, 101}, ++ #endif ++ #ifdef DH_R_BN_DECODE_ERROR ++ {"BN_DECODE_ERROR", ERR_LIB_DH, DH_R_BN_DECODE_ERROR}, ++ #else ++ {"BN_DECODE_ERROR", 5, 109}, ++ #endif ++ #ifdef DH_R_BN_ERROR ++ {"BN_ERROR", ERR_LIB_DH, DH_R_BN_ERROR}, ++ #else ++ {"BN_ERROR", 5, 106}, ++ #endif ++ #ifdef DH_R_CHECK_INVALID_J_VALUE ++ {"CHECK_INVALID_J_VALUE", ERR_LIB_DH, DH_R_CHECK_INVALID_J_VALUE}, ++ #else ++ {"CHECK_INVALID_J_VALUE", 5, 115}, ++ #endif ++ #ifdef DH_R_CHECK_INVALID_Q_VALUE ++ {"CHECK_INVALID_Q_VALUE", ERR_LIB_DH, DH_R_CHECK_INVALID_Q_VALUE}, ++ #else ++ {"CHECK_INVALID_Q_VALUE", 5, 116}, ++ #endif ++ #ifdef DH_R_CHECK_PUBKEY_INVALID ++ {"CHECK_PUBKEY_INVALID", ERR_LIB_DH, DH_R_CHECK_PUBKEY_INVALID}, ++ #else ++ {"CHECK_PUBKEY_INVALID", 5, 122}, ++ #endif ++ #ifdef DH_R_CHECK_PUBKEY_TOO_LARGE ++ {"CHECK_PUBKEY_TOO_LARGE", ERR_LIB_DH, DH_R_CHECK_PUBKEY_TOO_LARGE}, ++ #else ++ {"CHECK_PUBKEY_TOO_LARGE", 5, 123}, ++ #endif ++ #ifdef DH_R_CHECK_PUBKEY_TOO_SMALL ++ {"CHECK_PUBKEY_TOO_SMALL", ERR_LIB_DH, DH_R_CHECK_PUBKEY_TOO_SMALL}, ++ #else ++ {"CHECK_PUBKEY_TOO_SMALL", 5, 124}, ++ #endif ++ #ifdef DH_R_CHECK_P_NOT_PRIME ++ {"CHECK_P_NOT_PRIME", ERR_LIB_DH, DH_R_CHECK_P_NOT_PRIME}, ++ #else ++ {"CHECK_P_NOT_PRIME", 5, 117}, ++ #endif ++ #ifdef DH_R_CHECK_P_NOT_SAFE_PRIME ++ {"CHECK_P_NOT_SAFE_PRIME", ERR_LIB_DH, DH_R_CHECK_P_NOT_SAFE_PRIME}, ++ #else ++ {"CHECK_P_NOT_SAFE_PRIME", 5, 118}, ++ #endif ++ #ifdef DH_R_CHECK_Q_NOT_PRIME ++ {"CHECK_Q_NOT_PRIME", ERR_LIB_DH, DH_R_CHECK_Q_NOT_PRIME}, ++ #else ++ {"CHECK_Q_NOT_PRIME", 5, 119}, ++ #endif ++ #ifdef DH_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_DH, DH_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 5, 104}, ++ #endif ++ #ifdef DH_R_INVALID_PARAMETER_NAME ++ {"INVALID_PARAMETER_NAME", ERR_LIB_DH, DH_R_INVALID_PARAMETER_NAME}, ++ #else ++ {"INVALID_PARAMETER_NAME", 5, 110}, ++ #endif ++ #ifdef DH_R_INVALID_PARAMETER_NID ++ {"INVALID_PARAMETER_NID", ERR_LIB_DH, DH_R_INVALID_PARAMETER_NID}, ++ #else ++ {"INVALID_PARAMETER_NID", 5, 114}, ++ #endif ++ #ifdef DH_R_INVALID_PUBKEY ++ {"INVALID_PUBKEY", ERR_LIB_DH, DH_R_INVALID_PUBKEY}, ++ #else ++ {"INVALID_PUBKEY", 5, 102}, ++ #endif ++ #ifdef DH_R_INVALID_SECRET ++ {"INVALID_SECRET", ERR_LIB_DH, DH_R_INVALID_SECRET}, ++ #else ++ {"INVALID_SECRET", 5, 128}, ++ #endif ++ #ifdef DH_R_KDF_PARAMETER_ERROR ++ {"KDF_PARAMETER_ERROR", ERR_LIB_DH, DH_R_KDF_PARAMETER_ERROR}, ++ #else ++ {"KDF_PARAMETER_ERROR", 5, 112}, ++ #endif ++ #ifdef DH_R_KEYS_NOT_SET ++ {"KEYS_NOT_SET", ERR_LIB_DH, DH_R_KEYS_NOT_SET}, ++ #else ++ {"KEYS_NOT_SET", 5, 108}, ++ #endif ++ #ifdef DH_R_MISSING_PUBKEY ++ {"MISSING_PUBKEY", ERR_LIB_DH, DH_R_MISSING_PUBKEY}, ++ #else ++ {"MISSING_PUBKEY", 5, 125}, ++ #endif ++ #ifdef DH_R_MODULUS_TOO_LARGE ++ {"MODULUS_TOO_LARGE", ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE}, ++ #else ++ {"MODULUS_TOO_LARGE", 5, 103}, ++ #endif ++ #ifdef DH_R_MODULUS_TOO_SMALL ++ {"MODULUS_TOO_SMALL", ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL}, ++ #else ++ {"MODULUS_TOO_SMALL", 5, 126}, ++ #endif ++ #ifdef DH_R_NOT_SUITABLE_GENERATOR ++ {"NOT_SUITABLE_GENERATOR", ERR_LIB_DH, DH_R_NOT_SUITABLE_GENERATOR}, ++ #else ++ {"NOT_SUITABLE_GENERATOR", 5, 120}, ++ #endif ++ #ifdef DH_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_DH, DH_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 5, 107}, ++ #endif ++ #ifdef DH_R_NO_PRIVATE_VALUE ++ {"NO_PRIVATE_VALUE", ERR_LIB_DH, DH_R_NO_PRIVATE_VALUE}, ++ #else ++ {"NO_PRIVATE_VALUE", 5, 100}, ++ #endif ++ #ifdef DH_R_PARAMETER_ENCODING_ERROR ++ {"PARAMETER_ENCODING_ERROR", ERR_LIB_DH, DH_R_PARAMETER_ENCODING_ERROR}, ++ #else ++ {"PARAMETER_ENCODING_ERROR", 5, 105}, ++ #endif ++ #ifdef DH_R_PEER_KEY_ERROR ++ {"PEER_KEY_ERROR", ERR_LIB_DH, DH_R_PEER_KEY_ERROR}, ++ #else ++ {"PEER_KEY_ERROR", 5, 111}, ++ #endif ++ #ifdef DH_R_SHARED_INFO_ERROR ++ {"SHARED_INFO_ERROR", ERR_LIB_DH, DH_R_SHARED_INFO_ERROR}, ++ #else ++ {"SHARED_INFO_ERROR", 5, 113}, ++ #endif ++ #ifdef DH_R_UNABLE_TO_CHECK_GENERATOR ++ {"UNABLE_TO_CHECK_GENERATOR", ERR_LIB_DH, DH_R_UNABLE_TO_CHECK_GENERATOR}, ++ #else ++ {"UNABLE_TO_CHECK_GENERATOR", 5, 121}, ++ #endif ++ #ifdef DSA_R_BAD_FFC_PARAMETERS ++ {"BAD_FFC_PARAMETERS", ERR_LIB_DSA, DSA_R_BAD_FFC_PARAMETERS}, ++ #else ++ {"BAD_FFC_PARAMETERS", 10, 114}, ++ #endif ++ #ifdef DSA_R_BAD_Q_VALUE ++ {"BAD_Q_VALUE", ERR_LIB_DSA, DSA_R_BAD_Q_VALUE}, ++ #else ++ {"BAD_Q_VALUE", 10, 102}, ++ #endif ++ #ifdef DSA_R_BN_DECODE_ERROR ++ {"BN_DECODE_ERROR", ERR_LIB_DSA, DSA_R_BN_DECODE_ERROR}, ++ #else ++ {"BN_DECODE_ERROR", 10, 108}, ++ #endif ++ #ifdef DSA_R_BN_ERROR ++ {"BN_ERROR", ERR_LIB_DSA, DSA_R_BN_ERROR}, ++ #else ++ {"BN_ERROR", 10, 109}, ++ #endif ++ #ifdef DSA_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_DSA, DSA_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 10, 104}, ++ #endif ++ #ifdef DSA_R_INVALID_DIGEST_TYPE ++ {"INVALID_DIGEST_TYPE", ERR_LIB_DSA, DSA_R_INVALID_DIGEST_TYPE}, ++ #else ++ {"INVALID_DIGEST_TYPE", 10, 106}, ++ #endif ++ #ifdef DSA_R_INVALID_PARAMETERS ++ {"INVALID_PARAMETERS", ERR_LIB_DSA, DSA_R_INVALID_PARAMETERS}, ++ #else ++ {"INVALID_PARAMETERS", 10, 112}, ++ #endif ++ #ifdef DSA_R_MISSING_PARAMETERS ++ {"MISSING_PARAMETERS", ERR_LIB_DSA, DSA_R_MISSING_PARAMETERS}, ++ #else ++ {"MISSING_PARAMETERS", 10, 101}, ++ #endif ++ #ifdef DSA_R_MISSING_PRIVATE_KEY ++ {"MISSING_PRIVATE_KEY", ERR_LIB_DSA, DSA_R_MISSING_PRIVATE_KEY}, ++ #else ++ {"MISSING_PRIVATE_KEY", 10, 111}, ++ #endif ++ #ifdef DSA_R_MODULUS_TOO_LARGE ++ {"MODULUS_TOO_LARGE", ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE}, ++ #else ++ {"MODULUS_TOO_LARGE", 10, 103}, ++ #endif ++ #ifdef DSA_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_DSA, DSA_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 10, 107}, ++ #endif ++ #ifdef DSA_R_PARAMETER_ENCODING_ERROR ++ {"PARAMETER_ENCODING_ERROR", ERR_LIB_DSA, DSA_R_PARAMETER_ENCODING_ERROR}, ++ #else ++ {"PARAMETER_ENCODING_ERROR", 10, 105}, ++ #endif ++ #ifdef DSA_R_P_NOT_PRIME ++ {"P_NOT_PRIME", ERR_LIB_DSA, DSA_R_P_NOT_PRIME}, ++ #else ++ {"P_NOT_PRIME", 10, 115}, ++ #endif ++ #ifdef DSA_R_Q_NOT_PRIME ++ {"Q_NOT_PRIME", ERR_LIB_DSA, DSA_R_Q_NOT_PRIME}, ++ #else ++ {"Q_NOT_PRIME", 10, 113}, ++ #endif ++ #ifdef DSA_R_SEED_LEN_SMALL ++ {"SEED_LEN_SMALL", ERR_LIB_DSA, DSA_R_SEED_LEN_SMALL}, ++ #else ++ {"SEED_LEN_SMALL", 10, 110}, ++ #endif ++ #ifdef DSO_R_CTRL_FAILED ++ {"CTRL_FAILED", ERR_LIB_DSO, DSO_R_CTRL_FAILED}, ++ #else ++ {"CTRL_FAILED", 37, 100}, ++ #endif ++ #ifdef DSO_R_DSO_ALREADY_LOADED ++ {"DSO_ALREADY_LOADED", ERR_LIB_DSO, DSO_R_DSO_ALREADY_LOADED}, ++ #else ++ {"DSO_ALREADY_LOADED", 37, 110}, ++ #endif ++ #ifdef DSO_R_EMPTY_FILE_STRUCTURE ++ {"EMPTY_FILE_STRUCTURE", ERR_LIB_DSO, DSO_R_EMPTY_FILE_STRUCTURE}, ++ #else ++ {"EMPTY_FILE_STRUCTURE", 37, 113}, ++ #endif ++ #ifdef DSO_R_FAILURE ++ {"FAILURE", ERR_LIB_DSO, DSO_R_FAILURE}, ++ #else ++ {"FAILURE", 37, 114}, ++ #endif ++ #ifdef DSO_R_FILENAME_TOO_BIG ++ {"FILENAME_TOO_BIG", ERR_LIB_DSO, DSO_R_FILENAME_TOO_BIG}, ++ #else ++ {"FILENAME_TOO_BIG", 37, 101}, ++ #endif ++ #ifdef DSO_R_FINISH_FAILED ++ {"FINISH_FAILED", ERR_LIB_DSO, DSO_R_FINISH_FAILED}, ++ #else ++ {"FINISH_FAILED", 37, 102}, ++ #endif ++ #ifdef DSO_R_INCORRECT_FILE_SYNTAX ++ {"INCORRECT_FILE_SYNTAX", ERR_LIB_DSO, DSO_R_INCORRECT_FILE_SYNTAX}, ++ #else ++ {"INCORRECT_FILE_SYNTAX", 37, 115}, ++ #endif ++ #ifdef DSO_R_LOAD_FAILED ++ {"LOAD_FAILED", ERR_LIB_DSO, DSO_R_LOAD_FAILED}, ++ #else ++ {"LOAD_FAILED", 37, 103}, ++ #endif ++ #ifdef DSO_R_NAME_TRANSLATION_FAILED ++ {"NAME_TRANSLATION_FAILED", ERR_LIB_DSO, DSO_R_NAME_TRANSLATION_FAILED}, ++ #else ++ {"NAME_TRANSLATION_FAILED", 37, 109}, ++ #endif ++ #ifdef DSO_R_NO_FILENAME ++ {"NO_FILENAME", ERR_LIB_DSO, DSO_R_NO_FILENAME}, ++ #else ++ {"NO_FILENAME", 37, 111}, ++ #endif ++ #ifdef DSO_R_NULL_HANDLE ++ {"NULL_HANDLE", ERR_LIB_DSO, DSO_R_NULL_HANDLE}, ++ #else ++ {"NULL_HANDLE", 37, 104}, ++ #endif ++ #ifdef DSO_R_SET_FILENAME_FAILED ++ {"SET_FILENAME_FAILED", ERR_LIB_DSO, DSO_R_SET_FILENAME_FAILED}, ++ #else ++ {"SET_FILENAME_FAILED", 37, 112}, ++ #endif ++ #ifdef DSO_R_STACK_ERROR ++ {"STACK_ERROR", ERR_LIB_DSO, DSO_R_STACK_ERROR}, ++ #else ++ {"STACK_ERROR", 37, 105}, ++ #endif ++ #ifdef DSO_R_SYM_FAILURE ++ {"SYM_FAILURE", ERR_LIB_DSO, DSO_R_SYM_FAILURE}, ++ #else ++ {"SYM_FAILURE", 37, 106}, ++ #endif ++ #ifdef DSO_R_UNLOAD_FAILED ++ {"UNLOAD_FAILED", ERR_LIB_DSO, DSO_R_UNLOAD_FAILED}, ++ #else ++ {"UNLOAD_FAILED", 37, 107}, ++ #endif ++ #ifdef DSO_R_UNSUPPORTED ++ {"UNSUPPORTED", ERR_LIB_DSO, DSO_R_UNSUPPORTED}, ++ #else ++ {"UNSUPPORTED", 37, 108}, ++ #endif ++ #ifdef EC_R_ASN1_ERROR ++ {"ASN1_ERROR", ERR_LIB_EC, EC_R_ASN1_ERROR}, ++ #else ++ {"ASN1_ERROR", 16, 115}, ++ #endif ++ #ifdef EC_R_BAD_SIGNATURE ++ {"BAD_SIGNATURE", ERR_LIB_EC, EC_R_BAD_SIGNATURE}, ++ #else ++ {"BAD_SIGNATURE", 16, 156}, ++ #endif ++ #ifdef EC_R_BIGNUM_OUT_OF_RANGE ++ {"BIGNUM_OUT_OF_RANGE", ERR_LIB_EC, EC_R_BIGNUM_OUT_OF_RANGE}, ++ #else ++ {"BIGNUM_OUT_OF_RANGE", 16, 144}, ++ #endif ++ #ifdef EC_R_BUFFER_TOO_SMALL ++ {"BUFFER_TOO_SMALL", ERR_LIB_EC, EC_R_BUFFER_TOO_SMALL}, ++ #else ++ {"BUFFER_TOO_SMALL", 16, 100}, ++ #endif ++ #ifdef EC_R_CANNOT_INVERT ++ {"CANNOT_INVERT", ERR_LIB_EC, EC_R_CANNOT_INVERT}, ++ #else ++ {"CANNOT_INVERT", 16, 165}, ++ #endif ++ #ifdef EC_R_COORDINATES_OUT_OF_RANGE ++ {"COORDINATES_OUT_OF_RANGE", ERR_LIB_EC, EC_R_COORDINATES_OUT_OF_RANGE}, ++ #else ++ {"COORDINATES_OUT_OF_RANGE", 16, 146}, ++ #endif ++ #ifdef EC_R_CURVE_DOES_NOT_SUPPORT_ECDH ++ {"CURVE_DOES_NOT_SUPPORT_ECDH", ERR_LIB_EC, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH}, ++ #else ++ {"CURVE_DOES_NOT_SUPPORT_ECDH", 16, 160}, ++ #endif ++ #ifdef EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA ++ {"CURVE_DOES_NOT_SUPPORT_ECDSA", ERR_LIB_EC, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA}, ++ #else ++ {"CURVE_DOES_NOT_SUPPORT_ECDSA", 16, 170}, ++ #endif ++ #ifdef EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING ++ {"CURVE_DOES_NOT_SUPPORT_SIGNING", ERR_LIB_EC, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING}, ++ #else ++ {"CURVE_DOES_NOT_SUPPORT_SIGNING", 16, 159}, ++ #endif ++ #ifdef EC_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_EC, EC_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 16, 142}, ++ #endif ++ #ifdef EC_R_DISCRIMINANT_IS_ZERO ++ {"DISCRIMINANT_IS_ZERO", ERR_LIB_EC, EC_R_DISCRIMINANT_IS_ZERO}, ++ #else ++ {"DISCRIMINANT_IS_ZERO", 16, 118}, ++ #endif ++ #ifdef EC_R_EC_GROUP_NEW_BY_NAME_FAILURE ++ {"EC_GROUP_NEW_BY_NAME_FAILURE", ERR_LIB_EC, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE}, ++ #else ++ {"EC_GROUP_NEW_BY_NAME_FAILURE", 16, 119}, ++ #endif ++ #ifdef EC_R_FAILED_MAKING_PUBLIC_KEY ++ {"FAILED_MAKING_PUBLIC_KEY", ERR_LIB_EC, EC_R_FAILED_MAKING_PUBLIC_KEY}, ++ #else ++ {"FAILED_MAKING_PUBLIC_KEY", 16, 166}, ++ #endif ++ #ifdef EC_R_FIELD_TOO_LARGE ++ {"FIELD_TOO_LARGE", ERR_LIB_EC, EC_R_FIELD_TOO_LARGE}, ++ #else ++ {"FIELD_TOO_LARGE", 16, 143}, ++ #endif ++ #ifdef EC_R_GF2M_NOT_SUPPORTED ++ {"GF2M_NOT_SUPPORTED", ERR_LIB_EC, EC_R_GF2M_NOT_SUPPORTED}, ++ #else ++ {"GF2M_NOT_SUPPORTED", 16, 147}, ++ #endif ++ #ifdef EC_R_GROUP2PKPARAMETERS_FAILURE ++ {"GROUP2PKPARAMETERS_FAILURE", ERR_LIB_EC, EC_R_GROUP2PKPARAMETERS_FAILURE}, ++ #else ++ {"GROUP2PKPARAMETERS_FAILURE", 16, 120}, ++ #endif ++ #ifdef EC_R_I2D_ECPKPARAMETERS_FAILURE ++ {"I2D_ECPKPARAMETERS_FAILURE", ERR_LIB_EC, EC_R_I2D_ECPKPARAMETERS_FAILURE}, ++ #else ++ {"I2D_ECPKPARAMETERS_FAILURE", 16, 121}, ++ #endif ++ #ifdef EC_R_INCOMPATIBLE_OBJECTS ++ {"INCOMPATIBLE_OBJECTS", ERR_LIB_EC, EC_R_INCOMPATIBLE_OBJECTS}, ++ #else ++ {"INCOMPATIBLE_OBJECTS", 16, 101}, ++ #endif ++ #ifdef EC_R_INVALID_A ++ {"INVALID_A", ERR_LIB_EC, EC_R_INVALID_A}, ++ #else ++ {"INVALID_A", 16, 168}, ++ #endif ++ #ifdef EC_R_INVALID_ARGUMENT ++ {"INVALID_ARGUMENT", ERR_LIB_EC, EC_R_INVALID_ARGUMENT}, ++ #else ++ {"INVALID_ARGUMENT", 16, 112}, ++ #endif ++ #ifdef EC_R_INVALID_B ++ {"INVALID_B", ERR_LIB_EC, EC_R_INVALID_B}, ++ #else ++ {"INVALID_B", 16, 169}, ++ #endif ++ #ifdef EC_R_INVALID_COFACTOR ++ {"INVALID_COFACTOR", ERR_LIB_EC, EC_R_INVALID_COFACTOR}, ++ #else ++ {"INVALID_COFACTOR", 16, 171}, ++ #endif ++ #ifdef EC_R_INVALID_COMPRESSED_POINT ++ {"INVALID_COMPRESSED_POINT", ERR_LIB_EC, EC_R_INVALID_COMPRESSED_POINT}, ++ #else ++ {"INVALID_COMPRESSED_POINT", 16, 110}, ++ #endif ++ #ifdef EC_R_INVALID_COMPRESSION_BIT ++ {"INVALID_COMPRESSION_BIT", ERR_LIB_EC, EC_R_INVALID_COMPRESSION_BIT}, ++ #else ++ {"INVALID_COMPRESSION_BIT", 16, 109}, ++ #endif ++ #ifdef EC_R_INVALID_CURVE ++ {"INVALID_CURVE", ERR_LIB_EC, EC_R_INVALID_CURVE}, ++ #else ++ {"INVALID_CURVE", 16, 141}, ++ #endif ++ #ifdef EC_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_EC, EC_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 16, 151}, ++ #endif ++ #ifdef EC_R_INVALID_DIGEST_TYPE ++ {"INVALID_DIGEST_TYPE", ERR_LIB_EC, EC_R_INVALID_DIGEST_TYPE}, ++ #else ++ {"INVALID_DIGEST_TYPE", 16, 138}, ++ #endif ++ #ifdef EC_R_INVALID_ENCODING ++ {"INVALID_ENCODING", ERR_LIB_EC, EC_R_INVALID_ENCODING}, ++ #else ++ {"INVALID_ENCODING", 16, 102}, ++ #endif ++ #ifdef EC_R_INVALID_FIELD ++ {"INVALID_FIELD", ERR_LIB_EC, EC_R_INVALID_FIELD}, ++ #else ++ {"INVALID_FIELD", 16, 103}, ++ #endif ++ #ifdef EC_R_INVALID_FORM ++ {"INVALID_FORM", ERR_LIB_EC, EC_R_INVALID_FORM}, ++ #else ++ {"INVALID_FORM", 16, 104}, ++ #endif ++ #ifdef EC_R_INVALID_GENERATOR ++ {"INVALID_GENERATOR", ERR_LIB_EC, EC_R_INVALID_GENERATOR}, ++ #else ++ {"INVALID_GENERATOR", 16, 173}, ++ #endif ++ #ifdef EC_R_INVALID_GROUP_ORDER ++ {"INVALID_GROUP_ORDER", ERR_LIB_EC, EC_R_INVALID_GROUP_ORDER}, ++ #else ++ {"INVALID_GROUP_ORDER", 16, 122}, ++ #endif ++ #ifdef EC_R_INVALID_KEY ++ {"INVALID_KEY", ERR_LIB_EC, EC_R_INVALID_KEY}, ++ #else ++ {"INVALID_KEY", 16, 116}, ++ #endif ++ #ifdef EC_R_INVALID_NAMED_GROUP_CONVERSION ++ {"INVALID_NAMED_GROUP_CONVERSION", ERR_LIB_EC, EC_R_INVALID_NAMED_GROUP_CONVERSION}, ++ #else ++ {"INVALID_NAMED_GROUP_CONVERSION", 16, 174}, ++ #endif ++ #ifdef EC_R_INVALID_OUTPUT_LENGTH ++ {"INVALID_OUTPUT_LENGTH", ERR_LIB_EC, EC_R_INVALID_OUTPUT_LENGTH}, ++ #else ++ {"INVALID_OUTPUT_LENGTH", 16, 161}, ++ #endif ++ #ifdef EC_R_INVALID_P ++ {"INVALID_P", ERR_LIB_EC, EC_R_INVALID_P}, ++ #else ++ {"INVALID_P", 16, 172}, ++ #endif ++ #ifdef EC_R_INVALID_PEER_KEY ++ {"INVALID_PEER_KEY", ERR_LIB_EC, EC_R_INVALID_PEER_KEY}, ++ #else ++ {"INVALID_PEER_KEY", 16, 133}, ++ #endif ++ #ifdef EC_R_INVALID_PENTANOMIAL_BASIS ++ {"INVALID_PENTANOMIAL_BASIS", ERR_LIB_EC, EC_R_INVALID_PENTANOMIAL_BASIS}, ++ #else ++ {"INVALID_PENTANOMIAL_BASIS", 16, 132}, ++ #endif ++ #ifdef EC_R_INVALID_PRIVATE_KEY ++ {"INVALID_PRIVATE_KEY", ERR_LIB_EC, EC_R_INVALID_PRIVATE_KEY}, ++ #else ++ {"INVALID_PRIVATE_KEY", 16, 123}, ++ #endif ++ #ifdef EC_R_INVALID_SEED ++ {"INVALID_SEED", ERR_LIB_EC, EC_R_INVALID_SEED}, ++ #else ++ {"INVALID_SEED", 16, 175}, ++ #endif ++ #ifdef EC_R_INVALID_TRINOMIAL_BASIS ++ {"INVALID_TRINOMIAL_BASIS", ERR_LIB_EC, EC_R_INVALID_TRINOMIAL_BASIS}, ++ #else ++ {"INVALID_TRINOMIAL_BASIS", 16, 137}, ++ #endif ++ #ifdef EC_R_KDF_PARAMETER_ERROR ++ {"KDF_PARAMETER_ERROR", ERR_LIB_EC, EC_R_KDF_PARAMETER_ERROR}, ++ #else ++ {"KDF_PARAMETER_ERROR", 16, 148}, ++ #endif ++ #ifdef EC_R_KEYS_NOT_SET ++ {"KEYS_NOT_SET", ERR_LIB_EC, EC_R_KEYS_NOT_SET}, ++ #else ++ {"KEYS_NOT_SET", 16, 140}, ++ #endif ++ #ifdef EC_R_LADDER_POST_FAILURE ++ {"LADDER_POST_FAILURE", ERR_LIB_EC, EC_R_LADDER_POST_FAILURE}, ++ #else ++ {"LADDER_POST_FAILURE", 16, 136}, ++ #endif ++ #ifdef EC_R_LADDER_PRE_FAILURE ++ {"LADDER_PRE_FAILURE", ERR_LIB_EC, EC_R_LADDER_PRE_FAILURE}, ++ #else ++ {"LADDER_PRE_FAILURE", 16, 153}, ++ #endif ++ #ifdef EC_R_LADDER_STEP_FAILURE ++ {"LADDER_STEP_FAILURE", ERR_LIB_EC, EC_R_LADDER_STEP_FAILURE}, ++ #else ++ {"LADDER_STEP_FAILURE", 16, 162}, ++ #endif ++ #ifdef EC_R_MISSING_OID ++ {"MISSING_OID", ERR_LIB_EC, EC_R_MISSING_OID}, ++ #else ++ {"MISSING_OID", 16, 167}, ++ #endif ++ #ifdef EC_R_MISSING_PARAMETERS ++ {"MISSING_PARAMETERS", ERR_LIB_EC, EC_R_MISSING_PARAMETERS}, ++ #else ++ {"MISSING_PARAMETERS", 16, 124}, ++ #endif ++ #ifdef EC_R_MISSING_PRIVATE_KEY ++ {"MISSING_PRIVATE_KEY", ERR_LIB_EC, EC_R_MISSING_PRIVATE_KEY}, ++ #else ++ {"MISSING_PRIVATE_KEY", 16, 125}, ++ #endif ++ #ifdef EC_R_NEED_NEW_SETUP_VALUES ++ {"NEED_NEW_SETUP_VALUES", ERR_LIB_EC, EC_R_NEED_NEW_SETUP_VALUES}, ++ #else ++ {"NEED_NEW_SETUP_VALUES", 16, 157}, ++ #endif ++ #ifdef EC_R_NOT_A_NIST_PRIME ++ {"NOT_A_NIST_PRIME", ERR_LIB_EC, EC_R_NOT_A_NIST_PRIME}, ++ #else ++ {"NOT_A_NIST_PRIME", 16, 135}, ++ #endif ++ #ifdef EC_R_NOT_IMPLEMENTED ++ {"NOT_IMPLEMENTED", ERR_LIB_EC, EC_R_NOT_IMPLEMENTED}, ++ #else ++ {"NOT_IMPLEMENTED", 16, 126}, ++ #endif ++ #ifdef EC_R_NOT_INITIALIZED ++ {"NOT_INITIALIZED", ERR_LIB_EC, EC_R_NOT_INITIALIZED}, ++ #else ++ {"NOT_INITIALIZED", 16, 111}, ++ #endif ++ #ifdef EC_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_EC, EC_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 16, 139}, ++ #endif ++ #ifdef EC_R_NO_PRIVATE_VALUE ++ {"NO_PRIVATE_VALUE", ERR_LIB_EC, EC_R_NO_PRIVATE_VALUE}, ++ #else ++ {"NO_PRIVATE_VALUE", 16, 154}, ++ #endif ++ #ifdef EC_R_OPERATION_NOT_SUPPORTED ++ {"OPERATION_NOT_SUPPORTED", ERR_LIB_EC, EC_R_OPERATION_NOT_SUPPORTED}, ++ #else ++ {"OPERATION_NOT_SUPPORTED", 16, 152}, ++ #endif ++ #ifdef EC_R_PASSED_NULL_PARAMETER ++ {"PASSED_NULL_PARAMETER", ERR_LIB_EC, EC_R_PASSED_NULL_PARAMETER}, ++ #else ++ {"PASSED_NULL_PARAMETER", 16, 134}, ++ #endif ++ #ifdef EC_R_PEER_KEY_ERROR ++ {"PEER_KEY_ERROR", ERR_LIB_EC, EC_R_PEER_KEY_ERROR}, ++ #else ++ {"PEER_KEY_ERROR", 16, 149}, ++ #endif ++ #ifdef EC_R_POINT_ARITHMETIC_FAILURE ++ {"POINT_ARITHMETIC_FAILURE", ERR_LIB_EC, EC_R_POINT_ARITHMETIC_FAILURE}, ++ #else ++ {"POINT_ARITHMETIC_FAILURE", 16, 155}, ++ #endif ++ #ifdef EC_R_POINT_AT_INFINITY ++ {"POINT_AT_INFINITY", ERR_LIB_EC, EC_R_POINT_AT_INFINITY}, ++ #else ++ {"POINT_AT_INFINITY", 16, 106}, ++ #endif ++ #ifdef EC_R_POINT_COORDINATES_BLIND_FAILURE ++ {"POINT_COORDINATES_BLIND_FAILURE", ERR_LIB_EC, EC_R_POINT_COORDINATES_BLIND_FAILURE}, ++ #else ++ {"POINT_COORDINATES_BLIND_FAILURE", 16, 163}, ++ #endif ++ #ifdef EC_R_POINT_IS_NOT_ON_CURVE ++ {"POINT_IS_NOT_ON_CURVE", ERR_LIB_EC, EC_R_POINT_IS_NOT_ON_CURVE}, ++ #else ++ {"POINT_IS_NOT_ON_CURVE", 16, 107}, ++ #endif ++ #ifdef EC_R_RANDOM_NUMBER_GENERATION_FAILED ++ {"RANDOM_NUMBER_GENERATION_FAILED", ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED}, ++ #else ++ {"RANDOM_NUMBER_GENERATION_FAILED", 16, 158}, ++ #endif ++ #ifdef EC_R_SHARED_INFO_ERROR ++ {"SHARED_INFO_ERROR", ERR_LIB_EC, EC_R_SHARED_INFO_ERROR}, ++ #else ++ {"SHARED_INFO_ERROR", 16, 150}, ++ #endif ++ #ifdef EC_R_SLOT_FULL ++ {"SLOT_FULL", ERR_LIB_EC, EC_R_SLOT_FULL}, ++ #else ++ {"SLOT_FULL", 16, 108}, ++ #endif ++ #ifdef EC_R_UNDEFINED_GENERATOR ++ {"UNDEFINED_GENERATOR", ERR_LIB_EC, EC_R_UNDEFINED_GENERATOR}, ++ #else ++ {"UNDEFINED_GENERATOR", 16, 113}, ++ #endif ++ #ifdef EC_R_UNDEFINED_ORDER ++ {"UNDEFINED_ORDER", ERR_LIB_EC, EC_R_UNDEFINED_ORDER}, ++ #else ++ {"UNDEFINED_ORDER", 16, 128}, ++ #endif ++ #ifdef EC_R_UNKNOWN_COFACTOR ++ {"UNKNOWN_COFACTOR", ERR_LIB_EC, EC_R_UNKNOWN_COFACTOR}, ++ #else ++ {"UNKNOWN_COFACTOR", 16, 164}, ++ #endif ++ #ifdef EC_R_UNKNOWN_GROUP ++ {"UNKNOWN_GROUP", ERR_LIB_EC, EC_R_UNKNOWN_GROUP}, ++ #else ++ {"UNKNOWN_GROUP", 16, 129}, ++ #endif ++ #ifdef EC_R_UNKNOWN_ORDER ++ {"UNKNOWN_ORDER", ERR_LIB_EC, EC_R_UNKNOWN_ORDER}, ++ #else ++ {"UNKNOWN_ORDER", 16, 114}, ++ #endif ++ #ifdef EC_R_UNSUPPORTED_FIELD ++ {"UNSUPPORTED_FIELD", ERR_LIB_EC, EC_R_UNSUPPORTED_FIELD}, ++ #else ++ {"UNSUPPORTED_FIELD", 16, 131}, ++ #endif ++ #ifdef EC_R_WRONG_CURVE_PARAMETERS ++ {"WRONG_CURVE_PARAMETERS", ERR_LIB_EC, EC_R_WRONG_CURVE_PARAMETERS}, ++ #else ++ {"WRONG_CURVE_PARAMETERS", 16, 145}, ++ #endif ++ #ifdef EC_R_WRONG_ORDER ++ {"WRONG_ORDER", ERR_LIB_EC, EC_R_WRONG_ORDER}, ++ #else ++ {"WRONG_ORDER", 16, 130}, ++ #endif ++ #ifdef ENGINE_R_ALREADY_LOADED ++ {"ALREADY_LOADED", ERR_LIB_ENGINE, ENGINE_R_ALREADY_LOADED}, ++ #else ++ {"ALREADY_LOADED", 38, 100}, ++ #endif ++ #ifdef ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER ++ {"ARGUMENT_IS_NOT_A_NUMBER", ERR_LIB_ENGINE, ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER}, ++ #else ++ {"ARGUMENT_IS_NOT_A_NUMBER", 38, 133}, ++ #endif ++ #ifdef ENGINE_R_CMD_NOT_EXECUTABLE ++ {"CMD_NOT_EXECUTABLE", ERR_LIB_ENGINE, ENGINE_R_CMD_NOT_EXECUTABLE}, ++ #else ++ {"CMD_NOT_EXECUTABLE", 38, 134}, ++ #endif ++ #ifdef ENGINE_R_COMMAND_TAKES_INPUT ++ {"COMMAND_TAKES_INPUT", ERR_LIB_ENGINE, ENGINE_R_COMMAND_TAKES_INPUT}, ++ #else ++ {"COMMAND_TAKES_INPUT", 38, 135}, ++ #endif ++ #ifdef ENGINE_R_COMMAND_TAKES_NO_INPUT ++ {"COMMAND_TAKES_NO_INPUT", ERR_LIB_ENGINE, ENGINE_R_COMMAND_TAKES_NO_INPUT}, ++ #else ++ {"COMMAND_TAKES_NO_INPUT", 38, 136}, ++ #endif ++ #ifdef ENGINE_R_CONFLICTING_ENGINE_ID ++ {"CONFLICTING_ENGINE_ID", ERR_LIB_ENGINE, ENGINE_R_CONFLICTING_ENGINE_ID}, ++ #else ++ {"CONFLICTING_ENGINE_ID", 38, 103}, ++ #endif ++ #ifdef ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED ++ {"CTRL_COMMAND_NOT_IMPLEMENTED", ERR_LIB_ENGINE, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED}, ++ #else ++ {"CTRL_COMMAND_NOT_IMPLEMENTED", 38, 119}, ++ #endif ++ #ifdef ENGINE_R_DSO_FAILURE ++ {"DSO_FAILURE", ERR_LIB_ENGINE, ENGINE_R_DSO_FAILURE}, ++ #else ++ {"DSO_FAILURE", 38, 104}, ++ #endif ++ #ifdef ENGINE_R_DSO_NOT_FOUND ++ {"DSO_NOT_FOUND", ERR_LIB_ENGINE, ENGINE_R_DSO_NOT_FOUND}, ++ #else ++ {"DSO_NOT_FOUND", 38, 132}, ++ #endif ++ #ifdef ENGINE_R_ENGINES_SECTION_ERROR ++ {"ENGINES_SECTION_ERROR", ERR_LIB_ENGINE, ENGINE_R_ENGINES_SECTION_ERROR}, ++ #else ++ {"ENGINES_SECTION_ERROR", 38, 148}, ++ #endif ++ #ifdef ENGINE_R_ENGINE_CONFIGURATION_ERROR ++ {"ENGINE_CONFIGURATION_ERROR", ERR_LIB_ENGINE, ENGINE_R_ENGINE_CONFIGURATION_ERROR}, ++ #else ++ {"ENGINE_CONFIGURATION_ERROR", 38, 102}, ++ #endif ++ #ifdef ENGINE_R_ENGINE_IS_NOT_IN_LIST ++ {"ENGINE_IS_NOT_IN_LIST", ERR_LIB_ENGINE, ENGINE_R_ENGINE_IS_NOT_IN_LIST}, ++ #else ++ {"ENGINE_IS_NOT_IN_LIST", 38, 105}, ++ #endif ++ #ifdef ENGINE_R_ENGINE_SECTION_ERROR ++ {"ENGINE_SECTION_ERROR", ERR_LIB_ENGINE, ENGINE_R_ENGINE_SECTION_ERROR}, ++ #else ++ {"ENGINE_SECTION_ERROR", 38, 149}, ++ #endif ++ #ifdef ENGINE_R_FAILED_LOADING_PRIVATE_KEY ++ {"FAILED_LOADING_PRIVATE_KEY", ERR_LIB_ENGINE, ENGINE_R_FAILED_LOADING_PRIVATE_KEY}, ++ #else ++ {"FAILED_LOADING_PRIVATE_KEY", 38, 128}, ++ #endif ++ #ifdef ENGINE_R_FAILED_LOADING_PUBLIC_KEY ++ {"FAILED_LOADING_PUBLIC_KEY", ERR_LIB_ENGINE, ENGINE_R_FAILED_LOADING_PUBLIC_KEY}, ++ #else ++ {"FAILED_LOADING_PUBLIC_KEY", 38, 129}, ++ #endif ++ #ifdef ENGINE_R_FINISH_FAILED ++ {"FINISH_FAILED", ERR_LIB_ENGINE, ENGINE_R_FINISH_FAILED}, ++ #else ++ {"FINISH_FAILED", 38, 106}, ++ #endif ++ #ifdef ENGINE_R_ID_OR_NAME_MISSING ++ {"ID_OR_NAME_MISSING", ERR_LIB_ENGINE, ENGINE_R_ID_OR_NAME_MISSING}, ++ #else ++ {"ID_OR_NAME_MISSING", 38, 108}, ++ #endif ++ #ifdef ENGINE_R_INIT_FAILED ++ {"INIT_FAILED", ERR_LIB_ENGINE, ENGINE_R_INIT_FAILED}, ++ #else ++ {"INIT_FAILED", 38, 109}, ++ #endif ++ #ifdef ENGINE_R_INTERNAL_LIST_ERROR ++ {"INTERNAL_LIST_ERROR", ERR_LIB_ENGINE, ENGINE_R_INTERNAL_LIST_ERROR}, ++ #else ++ {"INTERNAL_LIST_ERROR", 38, 110}, ++ #endif ++ #ifdef ENGINE_R_INVALID_ARGUMENT ++ {"INVALID_ARGUMENT", ERR_LIB_ENGINE, ENGINE_R_INVALID_ARGUMENT}, ++ #else ++ {"INVALID_ARGUMENT", 38, 143}, ++ #endif ++ #ifdef ENGINE_R_INVALID_CMD_NAME ++ {"INVALID_CMD_NAME", ERR_LIB_ENGINE, ENGINE_R_INVALID_CMD_NAME}, ++ #else ++ {"INVALID_CMD_NAME", 38, 137}, ++ #endif ++ #ifdef ENGINE_R_INVALID_CMD_NUMBER ++ {"INVALID_CMD_NUMBER", ERR_LIB_ENGINE, ENGINE_R_INVALID_CMD_NUMBER}, ++ #else ++ {"INVALID_CMD_NUMBER", 38, 138}, ++ #endif ++ #ifdef ENGINE_R_INVALID_INIT_VALUE ++ {"INVALID_INIT_VALUE", ERR_LIB_ENGINE, ENGINE_R_INVALID_INIT_VALUE}, ++ #else ++ {"INVALID_INIT_VALUE", 38, 151}, ++ #endif ++ #ifdef ENGINE_R_INVALID_STRING ++ {"INVALID_STRING", ERR_LIB_ENGINE, ENGINE_R_INVALID_STRING}, ++ #else ++ {"INVALID_STRING", 38, 150}, ++ #endif ++ #ifdef ENGINE_R_NOT_INITIALISED ++ {"NOT_INITIALISED", ERR_LIB_ENGINE, ENGINE_R_NOT_INITIALISED}, ++ #else ++ {"NOT_INITIALISED", 38, 117}, ++ #endif ++ #ifdef ENGINE_R_NOT_LOADED ++ {"NOT_LOADED", ERR_LIB_ENGINE, ENGINE_R_NOT_LOADED}, ++ #else ++ {"NOT_LOADED", 38, 112}, ++ #endif ++ #ifdef ENGINE_R_NO_CONTROL_FUNCTION ++ {"NO_CONTROL_FUNCTION", ERR_LIB_ENGINE, ENGINE_R_NO_CONTROL_FUNCTION}, ++ #else ++ {"NO_CONTROL_FUNCTION", 38, 120}, ++ #endif ++ #ifdef ENGINE_R_NO_INDEX ++ {"NO_INDEX", ERR_LIB_ENGINE, ENGINE_R_NO_INDEX}, ++ #else ++ {"NO_INDEX", 38, 144}, ++ #endif ++ #ifdef ENGINE_R_NO_LOAD_FUNCTION ++ {"NO_LOAD_FUNCTION", ERR_LIB_ENGINE, ENGINE_R_NO_LOAD_FUNCTION}, ++ #else ++ {"NO_LOAD_FUNCTION", 38, 125}, ++ #endif ++ #ifdef ENGINE_R_NO_REFERENCE ++ {"NO_REFERENCE", ERR_LIB_ENGINE, ENGINE_R_NO_REFERENCE}, ++ #else ++ {"NO_REFERENCE", 38, 130}, ++ #endif ++ #ifdef ENGINE_R_NO_SUCH_ENGINE ++ {"NO_SUCH_ENGINE", ERR_LIB_ENGINE, ENGINE_R_NO_SUCH_ENGINE}, ++ #else ++ {"NO_SUCH_ENGINE", 38, 116}, ++ #endif ++ #ifdef ENGINE_R_UNIMPLEMENTED_CIPHER ++ {"UNIMPLEMENTED_CIPHER", ERR_LIB_ENGINE, ENGINE_R_UNIMPLEMENTED_CIPHER}, ++ #else ++ {"UNIMPLEMENTED_CIPHER", 38, 146}, ++ #endif ++ #ifdef ENGINE_R_UNIMPLEMENTED_DIGEST ++ {"UNIMPLEMENTED_DIGEST", ERR_LIB_ENGINE, ENGINE_R_UNIMPLEMENTED_DIGEST}, ++ #else ++ {"UNIMPLEMENTED_DIGEST", 38, 147}, ++ #endif ++ #ifdef ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD ++ {"UNIMPLEMENTED_PUBLIC_KEY_METHOD", ERR_LIB_ENGINE, ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD}, ++ #else ++ {"UNIMPLEMENTED_PUBLIC_KEY_METHOD", 38, 101}, ++ #endif ++ #ifdef ENGINE_R_VERSION_INCOMPATIBILITY ++ {"VERSION_INCOMPATIBILITY", ERR_LIB_ENGINE, ENGINE_R_VERSION_INCOMPATIBILITY}, ++ #else ++ {"VERSION_INCOMPATIBILITY", 38, 145}, ++ #endif ++ #ifdef ESS_R_EMPTY_ESS_CERT_ID_LIST ++ {"EMPTY_ESS_CERT_ID_LIST", ERR_LIB_ESS, ESS_R_EMPTY_ESS_CERT_ID_LIST}, ++ #else ++ {"EMPTY_ESS_CERT_ID_LIST", 54, 107}, ++ #endif ++ #ifdef ESS_R_ESS_CERT_DIGEST_ERROR ++ {"ESS_CERT_DIGEST_ERROR", ERR_LIB_ESS, ESS_R_ESS_CERT_DIGEST_ERROR}, ++ #else ++ {"ESS_CERT_DIGEST_ERROR", 54, 103}, ++ #endif ++ #ifdef ESS_R_ESS_CERT_ID_NOT_FOUND ++ {"ESS_CERT_ID_NOT_FOUND", ERR_LIB_ESS, ESS_R_ESS_CERT_ID_NOT_FOUND}, ++ #else ++ {"ESS_CERT_ID_NOT_FOUND", 54, 104}, ++ #endif ++ #ifdef ESS_R_ESS_CERT_ID_WRONG_ORDER ++ {"ESS_CERT_ID_WRONG_ORDER", ERR_LIB_ESS, ESS_R_ESS_CERT_ID_WRONG_ORDER}, ++ #else ++ {"ESS_CERT_ID_WRONG_ORDER", 54, 105}, ++ #endif ++ #ifdef ESS_R_ESS_DIGEST_ALG_UNKNOWN ++ {"ESS_DIGEST_ALG_UNKNOWN", ERR_LIB_ESS, ESS_R_ESS_DIGEST_ALG_UNKNOWN}, ++ #else ++ {"ESS_DIGEST_ALG_UNKNOWN", 54, 106}, ++ #endif ++ #ifdef ESS_R_ESS_SIGNING_CERTIFICATE_ERROR ++ {"ESS_SIGNING_CERTIFICATE_ERROR", ERR_LIB_ESS, ESS_R_ESS_SIGNING_CERTIFICATE_ERROR}, ++ #else ++ {"ESS_SIGNING_CERTIFICATE_ERROR", 54, 102}, ++ #endif ++ #ifdef ESS_R_ESS_SIGNING_CERT_ADD_ERROR ++ {"ESS_SIGNING_CERT_ADD_ERROR", ERR_LIB_ESS, ESS_R_ESS_SIGNING_CERT_ADD_ERROR}, ++ #else ++ {"ESS_SIGNING_CERT_ADD_ERROR", 54, 100}, ++ #endif ++ #ifdef ESS_R_ESS_SIGNING_CERT_V2_ADD_ERROR ++ {"ESS_SIGNING_CERT_V2_ADD_ERROR", ERR_LIB_ESS, ESS_R_ESS_SIGNING_CERT_V2_ADD_ERROR}, ++ #else ++ {"ESS_SIGNING_CERT_V2_ADD_ERROR", 54, 101}, ++ #endif ++ #ifdef ESS_R_MISSING_SIGNING_CERTIFICATE_ATTRIBUTE ++ {"MISSING_SIGNING_CERTIFICATE_ATTRIBUTE", ERR_LIB_ESS, ESS_R_MISSING_SIGNING_CERTIFICATE_ATTRIBUTE}, ++ #else ++ {"MISSING_SIGNING_CERTIFICATE_ATTRIBUTE", 54, 108}, ++ #endif ++ #ifdef EVP_R_AES_KEY_SETUP_FAILED ++ {"AES_KEY_SETUP_FAILED", ERR_LIB_EVP, EVP_R_AES_KEY_SETUP_FAILED}, ++ #else ++ {"AES_KEY_SETUP_FAILED", 6, 143}, ++ #endif ++ #ifdef EVP_R_ARIA_KEY_SETUP_FAILED ++ {"ARIA_KEY_SETUP_FAILED", ERR_LIB_EVP, EVP_R_ARIA_KEY_SETUP_FAILED}, ++ #else ++ {"ARIA_KEY_SETUP_FAILED", 6, 176}, ++ #endif ++ #ifdef EVP_R_BAD_ALGORITHM_NAME ++ {"BAD_ALGORITHM_NAME", ERR_LIB_EVP, EVP_R_BAD_ALGORITHM_NAME}, ++ #else ++ {"BAD_ALGORITHM_NAME", 6, 200}, ++ #endif ++ #ifdef EVP_R_BAD_DECRYPT ++ {"BAD_DECRYPT", ERR_LIB_EVP, EVP_R_BAD_DECRYPT}, ++ #else ++ {"BAD_DECRYPT", 6, 100}, ++ #endif ++ #ifdef EVP_R_BAD_KEY_LENGTH ++ {"BAD_KEY_LENGTH", ERR_LIB_EVP, EVP_R_BAD_KEY_LENGTH}, ++ #else ++ {"BAD_KEY_LENGTH", 6, 195}, ++ #endif ++ #ifdef EVP_R_BUFFER_TOO_SMALL ++ {"BUFFER_TOO_SMALL", ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL}, ++ #else ++ {"BUFFER_TOO_SMALL", 6, 155}, ++ #endif ++ #ifdef EVP_R_CACHE_CONSTANTS_FAILED ++ {"CACHE_CONSTANTS_FAILED", ERR_LIB_EVP, EVP_R_CACHE_CONSTANTS_FAILED}, ++ #else ++ {"CACHE_CONSTANTS_FAILED", 6, 225}, ++ #endif ++ #ifdef EVP_R_CAMELLIA_KEY_SETUP_FAILED ++ {"CAMELLIA_KEY_SETUP_FAILED", ERR_LIB_EVP, EVP_R_CAMELLIA_KEY_SETUP_FAILED}, ++ #else ++ {"CAMELLIA_KEY_SETUP_FAILED", 6, 157}, ++ #endif ++ #ifdef EVP_R_CANNOT_GET_PARAMETERS ++ {"CANNOT_GET_PARAMETERS", ERR_LIB_EVP, EVP_R_CANNOT_GET_PARAMETERS}, ++ #else ++ {"CANNOT_GET_PARAMETERS", 6, 197}, ++ #endif ++ #ifdef EVP_R_CANNOT_SET_PARAMETERS ++ {"CANNOT_SET_PARAMETERS", ERR_LIB_EVP, EVP_R_CANNOT_SET_PARAMETERS}, ++ #else ++ {"CANNOT_SET_PARAMETERS", 6, 198}, ++ #endif ++ #ifdef EVP_R_CIPHER_NOT_GCM_MODE ++ {"CIPHER_NOT_GCM_MODE", ERR_LIB_EVP, EVP_R_CIPHER_NOT_GCM_MODE}, ++ #else ++ {"CIPHER_NOT_GCM_MODE", 6, 184}, ++ #endif ++ #ifdef EVP_R_CIPHER_PARAMETER_ERROR ++ {"CIPHER_PARAMETER_ERROR", ERR_LIB_EVP, EVP_R_CIPHER_PARAMETER_ERROR}, ++ #else ++ {"CIPHER_PARAMETER_ERROR", 6, 122}, ++ #endif ++ #ifdef EVP_R_COMMAND_NOT_SUPPORTED ++ {"COMMAND_NOT_SUPPORTED", ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED}, ++ #else ++ {"COMMAND_NOT_SUPPORTED", 6, 147}, ++ #endif ++ #ifdef EVP_R_CONFLICTING_ALGORITHM_NAME ++ {"CONFLICTING_ALGORITHM_NAME", ERR_LIB_EVP, EVP_R_CONFLICTING_ALGORITHM_NAME}, ++ #else ++ {"CONFLICTING_ALGORITHM_NAME", 6, 201}, ++ #endif ++ #ifdef EVP_R_COPY_ERROR ++ {"COPY_ERROR", ERR_LIB_EVP, EVP_R_COPY_ERROR}, ++ #else ++ {"COPY_ERROR", 6, 173}, ++ #endif ++ #ifdef EVP_R_CTRL_NOT_IMPLEMENTED ++ {"CTRL_NOT_IMPLEMENTED", ERR_LIB_EVP, EVP_R_CTRL_NOT_IMPLEMENTED}, ++ #else ++ {"CTRL_NOT_IMPLEMENTED", 6, 132}, ++ #endif ++ #ifdef EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ++ {"CTRL_OPERATION_NOT_IMPLEMENTED", ERR_LIB_EVP, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED}, ++ #else ++ {"CTRL_OPERATION_NOT_IMPLEMENTED", 6, 133}, ++ #endif ++ #ifdef EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ++ {"DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH", ERR_LIB_EVP, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH}, ++ #else ++ {"DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH", 6, 138}, ++ #endif ++ #ifdef EVP_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_EVP, EVP_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 6, 114}, ++ #endif ++ #ifdef EVP_R_DEFAULT_QUERY_PARSE_ERROR ++ {"DEFAULT_QUERY_PARSE_ERROR", ERR_LIB_EVP, EVP_R_DEFAULT_QUERY_PARSE_ERROR}, ++ #else ++ {"DEFAULT_QUERY_PARSE_ERROR", 6, 210}, ++ #endif ++ #ifdef EVP_R_DIFFERENT_KEY_TYPES ++ {"DIFFERENT_KEY_TYPES", ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES}, ++ #else ++ {"DIFFERENT_KEY_TYPES", 6, 101}, ++ #endif ++ #ifdef EVP_R_DIFFERENT_PARAMETERS ++ {"DIFFERENT_PARAMETERS", ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS}, ++ #else ++ {"DIFFERENT_PARAMETERS", 6, 153}, ++ #endif ++ #ifdef EVP_R_ERROR_LOADING_SECTION ++ {"ERROR_LOADING_SECTION", ERR_LIB_EVP, EVP_R_ERROR_LOADING_SECTION}, ++ #else ++ {"ERROR_LOADING_SECTION", 6, 165}, ++ #endif ++ #ifdef EVP_R_ERROR_SETTING_FIPS_MODE ++ {"ERROR_SETTING_FIPS_MODE", ERR_LIB_EVP, EVP_R_ERROR_SETTING_FIPS_MODE}, ++ #else ++ {"ERROR_SETTING_FIPS_MODE", 6, 166}, ++ #endif ++ #ifdef EVP_R_EXPECTING_AN_HMAC_KEY ++ {"EXPECTING_AN_HMAC_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_AN_HMAC_KEY}, ++ #else ++ {"EXPECTING_AN_HMAC_KEY", 6, 174}, ++ #endif ++ #ifdef EVP_R_EXPECTING_AN_RSA_KEY ++ {"EXPECTING_AN_RSA_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_AN_RSA_KEY}, ++ #else ++ {"EXPECTING_AN_RSA_KEY", 6, 127}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_DH_KEY ++ {"EXPECTING_A_DH_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_DH_KEY}, ++ #else ++ {"EXPECTING_A_DH_KEY", 6, 128}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_DSA_KEY ++ {"EXPECTING_A_DSA_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_DSA_KEY}, ++ #else ++ {"EXPECTING_A_DSA_KEY", 6, 129}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_ECX_KEY ++ {"EXPECTING_A_ECX_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_ECX_KEY}, ++ #else ++ {"EXPECTING_A_ECX_KEY", 6, 219}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_EC_KEY ++ {"EXPECTING_A_EC_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_EC_KEY}, ++ #else ++ {"EXPECTING_A_EC_KEY", 6, 142}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_POLY1305_KEY ++ {"EXPECTING_A_POLY1305_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_POLY1305_KEY}, ++ #else ++ {"EXPECTING_A_POLY1305_KEY", 6, 164}, ++ #endif ++ #ifdef EVP_R_EXPECTING_A_SIPHASH_KEY ++ {"EXPECTING_A_SIPHASH_KEY", ERR_LIB_EVP, EVP_R_EXPECTING_A_SIPHASH_KEY}, ++ #else ++ {"EXPECTING_A_SIPHASH_KEY", 6, 175}, ++ #endif ++ #ifdef EVP_R_FINAL_ERROR ++ {"FINAL_ERROR", ERR_LIB_EVP, EVP_R_FINAL_ERROR}, ++ #else ++ {"FINAL_ERROR", 6, 188}, ++ #endif ++ #ifdef EVP_R_FIPS_MODE_NOT_SUPPORTED ++ {"FIPS_MODE_NOT_SUPPORTED", ERR_LIB_EVP, EVP_R_FIPS_MODE_NOT_SUPPORTED}, ++ #else ++ {"FIPS_MODE_NOT_SUPPORTED", 6, 167}, ++ #endif ++ #ifdef EVP_R_GENERATE_ERROR ++ {"GENERATE_ERROR", ERR_LIB_EVP, EVP_R_GENERATE_ERROR}, ++ #else ++ {"GENERATE_ERROR", 6, 214}, ++ #endif ++ #ifdef EVP_R_GET_RAW_KEY_FAILED ++ {"GET_RAW_KEY_FAILED", ERR_LIB_EVP, EVP_R_GET_RAW_KEY_FAILED}, ++ #else ++ {"GET_RAW_KEY_FAILED", 6, 182}, ++ #endif ++ #ifdef EVP_R_ILLEGAL_SCRYPT_PARAMETERS ++ {"ILLEGAL_SCRYPT_PARAMETERS", ERR_LIB_EVP, EVP_R_ILLEGAL_SCRYPT_PARAMETERS}, ++ #else ++ {"ILLEGAL_SCRYPT_PARAMETERS", 6, 171}, ++ #endif ++ #ifdef EVP_R_INACCESSIBLE_DOMAIN_PARAMETERS ++ {"INACCESSIBLE_DOMAIN_PARAMETERS", ERR_LIB_EVP, EVP_R_INACCESSIBLE_DOMAIN_PARAMETERS}, ++ #else ++ {"INACCESSIBLE_DOMAIN_PARAMETERS", 6, 204}, ++ #endif ++ #ifdef EVP_R_INACCESSIBLE_KEY ++ {"INACCESSIBLE_KEY", ERR_LIB_EVP, EVP_R_INACCESSIBLE_KEY}, ++ #else ++ {"INACCESSIBLE_KEY", 6, 203}, ++ #endif ++ #ifdef EVP_R_INITIALIZATION_ERROR ++ {"INITIALIZATION_ERROR", ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR}, ++ #else ++ {"INITIALIZATION_ERROR", 6, 134}, ++ #endif ++ #ifdef EVP_R_INPUT_NOT_INITIALIZED ++ {"INPUT_NOT_INITIALIZED", ERR_LIB_EVP, EVP_R_INPUT_NOT_INITIALIZED}, ++ #else ++ {"INPUT_NOT_INITIALIZED", 6, 111}, ++ #endif ++ #ifdef EVP_R_INVALID_CUSTOM_LENGTH ++ {"INVALID_CUSTOM_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_CUSTOM_LENGTH}, ++ #else ++ {"INVALID_CUSTOM_LENGTH", 6, 185}, ++ #endif ++ #ifdef EVP_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_EVP, EVP_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 6, 152}, ++ #endif ++ #ifdef EVP_R_INVALID_FIPS_MODE ++ {"INVALID_FIPS_MODE", ERR_LIB_EVP, EVP_R_INVALID_FIPS_MODE}, ++ #else ++ {"INVALID_FIPS_MODE", 6, 168}, ++ #endif ++ #ifdef EVP_R_INVALID_IV_LENGTH ++ {"INVALID_IV_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH}, ++ #else ++ {"INVALID_IV_LENGTH", 6, 194}, ++ #endif ++ #ifdef EVP_R_INVALID_KEY ++ {"INVALID_KEY", ERR_LIB_EVP, EVP_R_INVALID_KEY}, ++ #else ++ {"INVALID_KEY", 6, 163}, ++ #endif ++ #ifdef EVP_R_INVALID_KEY_LENGTH ++ {"INVALID_KEY_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH}, ++ #else ++ {"INVALID_KEY_LENGTH", 6, 130}, ++ #endif ++ #ifdef EVP_R_INVALID_LENGTH ++ {"INVALID_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_LENGTH}, ++ #else ++ {"INVALID_LENGTH", 6, 221}, ++ #endif ++ #ifdef EVP_R_INVALID_NULL_ALGORITHM ++ {"INVALID_NULL_ALGORITHM", ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM}, ++ #else ++ {"INVALID_NULL_ALGORITHM", 6, 218}, ++ #endif ++ #ifdef EVP_R_INVALID_OPERATION ++ {"INVALID_OPERATION", ERR_LIB_EVP, EVP_R_INVALID_OPERATION}, ++ #else ++ {"INVALID_OPERATION", 6, 148}, ++ #endif ++ #ifdef EVP_R_INVALID_PROVIDER_FUNCTIONS ++ {"INVALID_PROVIDER_FUNCTIONS", ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS}, ++ #else ++ {"INVALID_PROVIDER_FUNCTIONS", 6, 193}, ++ #endif ++ #ifdef EVP_R_INVALID_SALT_LENGTH ++ {"INVALID_SALT_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_SALT_LENGTH}, ++ #else ++ {"INVALID_SALT_LENGTH", 6, 186}, ++ #endif ++ #ifdef EVP_R_INVALID_SECRET_LENGTH ++ {"INVALID_SECRET_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_SECRET_LENGTH}, ++ #else ++ {"INVALID_SECRET_LENGTH", 6, 223}, ++ #endif ++ #ifdef EVP_R_INVALID_SEED_LENGTH ++ {"INVALID_SEED_LENGTH", ERR_LIB_EVP, EVP_R_INVALID_SEED_LENGTH}, ++ #else ++ {"INVALID_SEED_LENGTH", 6, 220}, ++ #endif ++ #ifdef EVP_R_INVALID_VALUE ++ {"INVALID_VALUE", ERR_LIB_EVP, EVP_R_INVALID_VALUE}, ++ #else ++ {"INVALID_VALUE", 6, 222}, ++ #endif ++ #ifdef EVP_R_KEYMGMT_EXPORT_FAILURE ++ {"KEYMGMT_EXPORT_FAILURE", ERR_LIB_EVP, EVP_R_KEYMGMT_EXPORT_FAILURE}, ++ #else ++ {"KEYMGMT_EXPORT_FAILURE", 6, 205}, ++ #endif ++ #ifdef EVP_R_KEY_SETUP_FAILED ++ {"KEY_SETUP_FAILED", ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED}, ++ #else ++ {"KEY_SETUP_FAILED", 6, 180}, ++ #endif ++ #ifdef EVP_R_LOCKING_NOT_SUPPORTED ++ {"LOCKING_NOT_SUPPORTED", ERR_LIB_EVP, EVP_R_LOCKING_NOT_SUPPORTED}, ++ #else ++ {"LOCKING_NOT_SUPPORTED", 6, 213}, ++ #endif ++ #ifdef EVP_R_MEMORY_LIMIT_EXCEEDED ++ {"MEMORY_LIMIT_EXCEEDED", ERR_LIB_EVP, EVP_R_MEMORY_LIMIT_EXCEEDED}, ++ #else ++ {"MEMORY_LIMIT_EXCEEDED", 6, 172}, ++ #endif ++ #ifdef EVP_R_MESSAGE_DIGEST_IS_NULL ++ {"MESSAGE_DIGEST_IS_NULL", ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL}, ++ #else ++ {"MESSAGE_DIGEST_IS_NULL", 6, 159}, ++ #endif ++ #ifdef EVP_R_METHOD_NOT_SUPPORTED ++ {"METHOD_NOT_SUPPORTED", ERR_LIB_EVP, EVP_R_METHOD_NOT_SUPPORTED}, ++ #else ++ {"METHOD_NOT_SUPPORTED", 6, 144}, ++ #endif ++ #ifdef EVP_R_MISSING_PARAMETERS ++ {"MISSING_PARAMETERS", ERR_LIB_EVP, EVP_R_MISSING_PARAMETERS}, ++ #else ++ {"MISSING_PARAMETERS", 6, 103}, ++ #endif ++ #ifdef EVP_R_NOT_ABLE_TO_COPY_CTX ++ {"NOT_ABLE_TO_COPY_CTX", ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX}, ++ #else ++ {"NOT_ABLE_TO_COPY_CTX", 6, 190}, ++ #endif ++ #ifdef EVP_R_NOT_XOF_OR_INVALID_LENGTH ++ {"NOT_XOF_OR_INVALID_LENGTH", ERR_LIB_EVP, EVP_R_NOT_XOF_OR_INVALID_LENGTH}, ++ #else ++ {"NOT_XOF_OR_INVALID_LENGTH", 6, 178}, ++ #endif ++ #ifdef EVP_R_NO_CIPHER_SET ++ {"NO_CIPHER_SET", ERR_LIB_EVP, EVP_R_NO_CIPHER_SET}, ++ #else ++ {"NO_CIPHER_SET", 6, 131}, ++ #endif ++ #ifdef EVP_R_NO_DEFAULT_DIGEST ++ {"NO_DEFAULT_DIGEST", ERR_LIB_EVP, EVP_R_NO_DEFAULT_DIGEST}, ++ #else ++ {"NO_DEFAULT_DIGEST", 6, 158}, ++ #endif ++ #ifdef EVP_R_NO_DIGEST_SET ++ {"NO_DIGEST_SET", ERR_LIB_EVP, EVP_R_NO_DIGEST_SET}, ++ #else ++ {"NO_DIGEST_SET", 6, 139}, ++ #endif ++ #ifdef EVP_R_NO_IMPORT_FUNCTION ++ {"NO_IMPORT_FUNCTION", ERR_LIB_EVP, EVP_R_NO_IMPORT_FUNCTION}, ++ #else ++ {"NO_IMPORT_FUNCTION", 6, 206}, ++ #endif ++ #ifdef EVP_R_NO_KEYMGMT_AVAILABLE ++ {"NO_KEYMGMT_AVAILABLE", ERR_LIB_EVP, EVP_R_NO_KEYMGMT_AVAILABLE}, ++ #else ++ {"NO_KEYMGMT_AVAILABLE", 6, 199}, ++ #endif ++ #ifdef EVP_R_NO_KEYMGMT_PRESENT ++ {"NO_KEYMGMT_PRESENT", ERR_LIB_EVP, EVP_R_NO_KEYMGMT_PRESENT}, ++ #else ++ {"NO_KEYMGMT_PRESENT", 6, 196}, ++ #endif ++ #ifdef EVP_R_NO_KEY_SET ++ {"NO_KEY_SET", ERR_LIB_EVP, EVP_R_NO_KEY_SET}, ++ #else ++ {"NO_KEY_SET", 6, 154}, ++ #endif ++ #ifdef EVP_R_NO_OPERATION_SET ++ {"NO_OPERATION_SET", ERR_LIB_EVP, EVP_R_NO_OPERATION_SET}, ++ #else ++ {"NO_OPERATION_SET", 6, 149}, ++ #endif ++ #ifdef EVP_R_NULL_MAC_PKEY_CTX ++ {"NULL_MAC_PKEY_CTX", ERR_LIB_EVP, EVP_R_NULL_MAC_PKEY_CTX}, ++ #else ++ {"NULL_MAC_PKEY_CTX", 6, 208}, ++ #endif ++ #ifdef EVP_R_ONLY_ONESHOT_SUPPORTED ++ {"ONLY_ONESHOT_SUPPORTED", ERR_LIB_EVP, EVP_R_ONLY_ONESHOT_SUPPORTED}, ++ #else ++ {"ONLY_ONESHOT_SUPPORTED", 6, 177}, ++ #endif ++ #ifdef EVP_R_OPERATION_NOT_INITIALIZED ++ {"OPERATION_NOT_INITIALIZED", ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED}, ++ #else ++ {"OPERATION_NOT_INITIALIZED", 6, 151}, ++ #endif ++ #ifdef EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE}, ++ #else ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", 6, 150}, ++ #endif ++ #ifdef EVP_R_OUTPUT_WOULD_OVERFLOW ++ {"OUTPUT_WOULD_OVERFLOW", ERR_LIB_EVP, EVP_R_OUTPUT_WOULD_OVERFLOW}, ++ #else ++ {"OUTPUT_WOULD_OVERFLOW", 6, 202}, ++ #endif ++ #ifdef EVP_R_PARAMETER_TOO_LARGE ++ {"PARAMETER_TOO_LARGE", ERR_LIB_EVP, EVP_R_PARAMETER_TOO_LARGE}, ++ #else ++ {"PARAMETER_TOO_LARGE", 6, 187}, ++ #endif ++ #ifdef EVP_R_PARTIALLY_OVERLAPPING ++ {"PARTIALLY_OVERLAPPING", ERR_LIB_EVP, EVP_R_PARTIALLY_OVERLAPPING}, ++ #else ++ {"PARTIALLY_OVERLAPPING", 6, 162}, ++ #endif ++ #ifdef EVP_R_PBKDF2_ERROR ++ {"PBKDF2_ERROR", ERR_LIB_EVP, EVP_R_PBKDF2_ERROR}, ++ #else ++ {"PBKDF2_ERROR", 6, 181}, ++ #endif ++ #ifdef EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED ++ {"PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED", ERR_LIB_EVP, EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED}, ++ #else ++ {"PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED", 6, 179}, ++ #endif ++ #ifdef EVP_R_PRIVATE_KEY_DECODE_ERROR ++ {"PRIVATE_KEY_DECODE_ERROR", ERR_LIB_EVP, EVP_R_PRIVATE_KEY_DECODE_ERROR}, ++ #else ++ {"PRIVATE_KEY_DECODE_ERROR", 6, 145}, ++ #endif ++ #ifdef EVP_R_PRIVATE_KEY_ENCODE_ERROR ++ {"PRIVATE_KEY_ENCODE_ERROR", ERR_LIB_EVP, EVP_R_PRIVATE_KEY_ENCODE_ERROR}, ++ #else ++ {"PRIVATE_KEY_ENCODE_ERROR", 6, 146}, ++ #endif ++ #ifdef EVP_R_PUBLIC_KEY_NOT_RSA ++ {"PUBLIC_KEY_NOT_RSA", ERR_LIB_EVP, EVP_R_PUBLIC_KEY_NOT_RSA}, ++ #else ++ {"PUBLIC_KEY_NOT_RSA", 6, 106}, ++ #endif ++ #ifdef EVP_R_SET_DEFAULT_PROPERTY_FAILURE ++ {"SET_DEFAULT_PROPERTY_FAILURE", ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE}, ++ #else ++ {"SET_DEFAULT_PROPERTY_FAILURE", 6, 209}, ++ #endif ++ #ifdef EVP_R_TOO_MANY_RECORDS ++ {"TOO_MANY_RECORDS", ERR_LIB_EVP, EVP_R_TOO_MANY_RECORDS}, ++ #else ++ {"TOO_MANY_RECORDS", 6, 183}, ++ #endif ++ #ifdef EVP_R_UNABLE_TO_ENABLE_LOCKING ++ {"UNABLE_TO_ENABLE_LOCKING", ERR_LIB_EVP, EVP_R_UNABLE_TO_ENABLE_LOCKING}, ++ #else ++ {"UNABLE_TO_ENABLE_LOCKING", 6, 212}, ++ #endif ++ #ifdef EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE ++ {"UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE", ERR_LIB_EVP, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE}, ++ #else ++ {"UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE", 6, 215}, ++ #endif ++ #ifdef EVP_R_UNABLE_TO_GET_RANDOM_STRENGTH ++ {"UNABLE_TO_GET_RANDOM_STRENGTH", ERR_LIB_EVP, EVP_R_UNABLE_TO_GET_RANDOM_STRENGTH}, ++ #else ++ {"UNABLE_TO_GET_RANDOM_STRENGTH", 6, 216}, ++ #endif ++ #ifdef EVP_R_UNABLE_TO_LOCK_CONTEXT ++ {"UNABLE_TO_LOCK_CONTEXT", ERR_LIB_EVP, EVP_R_UNABLE_TO_LOCK_CONTEXT}, ++ #else ++ {"UNABLE_TO_LOCK_CONTEXT", 6, 211}, ++ #endif ++ #ifdef EVP_R_UNABLE_TO_SET_CALLBACKS ++ {"UNABLE_TO_SET_CALLBACKS", ERR_LIB_EVP, EVP_R_UNABLE_TO_SET_CALLBACKS}, ++ #else ++ {"UNABLE_TO_SET_CALLBACKS", 6, 217}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_CIPHER ++ {"UNKNOWN_CIPHER", ERR_LIB_EVP, EVP_R_UNKNOWN_CIPHER}, ++ #else ++ {"UNKNOWN_CIPHER", 6, 160}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_DIGEST ++ {"UNKNOWN_DIGEST", ERR_LIB_EVP, EVP_R_UNKNOWN_DIGEST}, ++ #else ++ {"UNKNOWN_DIGEST", 6, 161}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_KEY_TYPE ++ {"UNKNOWN_KEY_TYPE", ERR_LIB_EVP, EVP_R_UNKNOWN_KEY_TYPE}, ++ #else ++ {"UNKNOWN_KEY_TYPE", 6, 207}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_OPTION ++ {"UNKNOWN_OPTION", ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION}, ++ #else ++ {"UNKNOWN_OPTION", 6, 169}, ++ #endif ++ #ifdef EVP_R_UNKNOWN_PBE_ALGORITHM ++ {"UNKNOWN_PBE_ALGORITHM", ERR_LIB_EVP, EVP_R_UNKNOWN_PBE_ALGORITHM}, ++ #else ++ {"UNKNOWN_PBE_ALGORITHM", 6, 121}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_ALGORITHM ++ {"UNSUPPORTED_ALGORITHM", ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_ALGORITHM", 6, 156}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_CIPHER ++ {"UNSUPPORTED_CIPHER", ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER}, ++ #else ++ {"UNSUPPORTED_CIPHER", 6, 107}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_KEYLENGTH ++ {"UNSUPPORTED_KEYLENGTH", ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEYLENGTH}, ++ #else ++ {"UNSUPPORTED_KEYLENGTH", 6, 123}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION ++ {"UNSUPPORTED_KEY_DERIVATION_FUNCTION", ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION}, ++ #else ++ {"UNSUPPORTED_KEY_DERIVATION_FUNCTION", 6, 124}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_KEY_SIZE ++ {"UNSUPPORTED_KEY_SIZE", ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_SIZE}, ++ #else ++ {"UNSUPPORTED_KEY_SIZE", 6, 108}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_KEY_TYPE ++ {"UNSUPPORTED_KEY_TYPE", ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE}, ++ #else ++ {"UNSUPPORTED_KEY_TYPE", 6, 224}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS ++ {"UNSUPPORTED_NUMBER_OF_ROUNDS", ERR_LIB_EVP, EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS}, ++ #else ++ {"UNSUPPORTED_NUMBER_OF_ROUNDS", 6, 135}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_PRF ++ {"UNSUPPORTED_PRF", ERR_LIB_EVP, EVP_R_UNSUPPORTED_PRF}, ++ #else ++ {"UNSUPPORTED_PRF", 6, 125}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ++ {"UNSUPPORTED_PRIVATE_KEY_ALGORITHM", ERR_LIB_EVP, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_PRIVATE_KEY_ALGORITHM", 6, 118}, ++ #endif ++ #ifdef EVP_R_UNSUPPORTED_SALT_TYPE ++ {"UNSUPPORTED_SALT_TYPE", ERR_LIB_EVP, EVP_R_UNSUPPORTED_SALT_TYPE}, ++ #else ++ {"UNSUPPORTED_SALT_TYPE", 6, 126}, ++ #endif ++ #ifdef EVP_R_UPDATE_ERROR ++ {"UPDATE_ERROR", ERR_LIB_EVP, EVP_R_UPDATE_ERROR}, ++ #else ++ {"UPDATE_ERROR", 6, 189}, ++ #endif ++ #ifdef EVP_R_WRAP_MODE_NOT_ALLOWED ++ {"WRAP_MODE_NOT_ALLOWED", ERR_LIB_EVP, EVP_R_WRAP_MODE_NOT_ALLOWED}, ++ #else ++ {"WRAP_MODE_NOT_ALLOWED", 6, 170}, ++ #endif ++ #ifdef EVP_R_WRONG_FINAL_BLOCK_LENGTH ++ {"WRONG_FINAL_BLOCK_LENGTH", ERR_LIB_EVP, EVP_R_WRONG_FINAL_BLOCK_LENGTH}, ++ #else ++ {"WRONG_FINAL_BLOCK_LENGTH", 6, 109}, ++ #endif ++ #ifdef EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE ++ {"XTS_DATA_UNIT_IS_TOO_LARGE", ERR_LIB_EVP, EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE}, ++ #else ++ {"XTS_DATA_UNIT_IS_TOO_LARGE", 6, 191}, ++ #endif ++ #ifdef EVP_R_XTS_DUPLICATED_KEYS ++ {"XTS_DUPLICATED_KEYS", ERR_LIB_EVP, EVP_R_XTS_DUPLICATED_KEYS}, ++ #else ++ {"XTS_DUPLICATED_KEYS", 6, 192}, ++ #endif ++ #ifdef HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN ++ {"ASN1_LEN_EXCEEDS_MAX_RESP_LEN", ERR_LIB_HTTP, HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN}, ++ #else ++ {"ASN1_LEN_EXCEEDS_MAX_RESP_LEN", 61, 108}, ++ #endif ++ #ifdef HTTP_R_CONNECT_FAILURE ++ {"CONNECT_FAILURE", ERR_LIB_HTTP, HTTP_R_CONNECT_FAILURE}, ++ #else ++ {"CONNECT_FAILURE", 61, 100}, ++ #endif ++ #ifdef HTTP_R_ERROR_PARSING_ASN1_LENGTH ++ {"ERROR_PARSING_ASN1_LENGTH", ERR_LIB_HTTP, HTTP_R_ERROR_PARSING_ASN1_LENGTH}, ++ #else ++ {"ERROR_PARSING_ASN1_LENGTH", 61, 109}, ++ #endif ++ #ifdef HTTP_R_ERROR_PARSING_CONTENT_LENGTH ++ {"ERROR_PARSING_CONTENT_LENGTH", ERR_LIB_HTTP, HTTP_R_ERROR_PARSING_CONTENT_LENGTH}, ++ #else ++ {"ERROR_PARSING_CONTENT_LENGTH", 61, 119}, ++ #endif ++ #ifdef HTTP_R_ERROR_PARSING_URL ++ {"ERROR_PARSING_URL", ERR_LIB_HTTP, HTTP_R_ERROR_PARSING_URL}, ++ #else ++ {"ERROR_PARSING_URL", 61, 101}, ++ #endif ++ #ifdef HTTP_R_ERROR_RECEIVING ++ {"ERROR_RECEIVING", ERR_LIB_HTTP, HTTP_R_ERROR_RECEIVING}, ++ #else ++ {"ERROR_RECEIVING", 61, 103}, ++ #endif ++ #ifdef HTTP_R_ERROR_SENDING ++ {"ERROR_SENDING", ERR_LIB_HTTP, HTTP_R_ERROR_SENDING}, ++ #else ++ {"ERROR_SENDING", 61, 102}, ++ #endif ++ #ifdef HTTP_R_FAILED_READING_DATA ++ {"FAILED_READING_DATA", ERR_LIB_HTTP, HTTP_R_FAILED_READING_DATA}, ++ #else ++ {"FAILED_READING_DATA", 61, 128}, ++ #endif ++ #ifdef HTTP_R_INCONSISTENT_CONTENT_LENGTH ++ {"INCONSISTENT_CONTENT_LENGTH", ERR_LIB_HTTP, HTTP_R_INCONSISTENT_CONTENT_LENGTH}, ++ #else ++ {"INCONSISTENT_CONTENT_LENGTH", 61, 120}, ++ #endif ++ #ifdef HTTP_R_INVALID_PORT_NUMBER ++ {"INVALID_PORT_NUMBER", ERR_LIB_HTTP, HTTP_R_INVALID_PORT_NUMBER}, ++ #else ++ {"INVALID_PORT_NUMBER", 61, 123}, ++ #endif ++ #ifdef HTTP_R_INVALID_URL_PATH ++ {"INVALID_URL_PATH", ERR_LIB_HTTP, HTTP_R_INVALID_URL_PATH}, ++ #else ++ {"INVALID_URL_PATH", 61, 125}, ++ #endif ++ #ifdef HTTP_R_INVALID_URL_SCHEME ++ {"INVALID_URL_SCHEME", ERR_LIB_HTTP, HTTP_R_INVALID_URL_SCHEME}, ++ #else ++ {"INVALID_URL_SCHEME", 61, 124}, ++ #endif ++ #ifdef HTTP_R_MAX_RESP_LEN_EXCEEDED ++ {"MAX_RESP_LEN_EXCEEDED", ERR_LIB_HTTP, HTTP_R_MAX_RESP_LEN_EXCEEDED}, ++ #else ++ {"MAX_RESP_LEN_EXCEEDED", 61, 117}, ++ #endif ++ #ifdef HTTP_R_MISSING_ASN1_ENCODING ++ {"MISSING_ASN1_ENCODING", ERR_LIB_HTTP, HTTP_R_MISSING_ASN1_ENCODING}, ++ #else ++ {"MISSING_ASN1_ENCODING", 61, 110}, ++ #endif ++ #ifdef HTTP_R_MISSING_CONTENT_TYPE ++ {"MISSING_CONTENT_TYPE", ERR_LIB_HTTP, HTTP_R_MISSING_CONTENT_TYPE}, ++ #else ++ {"MISSING_CONTENT_TYPE", 61, 121}, ++ #endif ++ #ifdef HTTP_R_MISSING_REDIRECT_LOCATION ++ {"MISSING_REDIRECT_LOCATION", ERR_LIB_HTTP, HTTP_R_MISSING_REDIRECT_LOCATION}, ++ #else ++ {"MISSING_REDIRECT_LOCATION", 61, 111}, ++ #endif ++ #ifdef HTTP_R_RECEIVED_ERROR ++ {"RECEIVED_ERROR", ERR_LIB_HTTP, HTTP_R_RECEIVED_ERROR}, ++ #else ++ {"RECEIVED_ERROR", 61, 105}, ++ #endif ++ #ifdef HTTP_R_RECEIVED_WRONG_HTTP_VERSION ++ {"RECEIVED_WRONG_HTTP_VERSION", ERR_LIB_HTTP, HTTP_R_RECEIVED_WRONG_HTTP_VERSION}, ++ #else ++ {"RECEIVED_WRONG_HTTP_VERSION", 61, 106}, ++ #endif ++ #ifdef HTTP_R_REDIRECTION_FROM_HTTPS_TO_HTTP ++ {"REDIRECTION_FROM_HTTPS_TO_HTTP", ERR_LIB_HTTP, HTTP_R_REDIRECTION_FROM_HTTPS_TO_HTTP}, ++ #else ++ {"REDIRECTION_FROM_HTTPS_TO_HTTP", 61, 112}, ++ #endif ++ #ifdef HTTP_R_REDIRECTION_NOT_ENABLED ++ {"REDIRECTION_NOT_ENABLED", ERR_LIB_HTTP, HTTP_R_REDIRECTION_NOT_ENABLED}, ++ #else ++ {"REDIRECTION_NOT_ENABLED", 61, 116}, ++ #endif ++ #ifdef HTTP_R_RESPONSE_LINE_TOO_LONG ++ {"RESPONSE_LINE_TOO_LONG", ERR_LIB_HTTP, HTTP_R_RESPONSE_LINE_TOO_LONG}, ++ #else ++ {"RESPONSE_LINE_TOO_LONG", 61, 113}, ++ #endif ++ #ifdef HTTP_R_RESPONSE_PARSE_ERROR ++ {"RESPONSE_PARSE_ERROR", ERR_LIB_HTTP, HTTP_R_RESPONSE_PARSE_ERROR}, ++ #else ++ {"RESPONSE_PARSE_ERROR", 61, 104}, ++ #endif ++ #ifdef HTTP_R_SOCK_NOT_SUPPORTED ++ {"SOCK_NOT_SUPPORTED", ERR_LIB_HTTP, HTTP_R_SOCK_NOT_SUPPORTED}, ++ #else ++ {"SOCK_NOT_SUPPORTED", 61, 122}, ++ #endif ++ #ifdef HTTP_R_STATUS_CODE_UNSUPPORTED ++ {"STATUS_CODE_UNSUPPORTED", ERR_LIB_HTTP, HTTP_R_STATUS_CODE_UNSUPPORTED}, ++ #else ++ {"STATUS_CODE_UNSUPPORTED", 61, 114}, ++ #endif ++ #ifdef HTTP_R_TLS_NOT_ENABLED ++ {"TLS_NOT_ENABLED", ERR_LIB_HTTP, HTTP_R_TLS_NOT_ENABLED}, ++ #else ++ {"TLS_NOT_ENABLED", 61, 107}, ++ #endif ++ #ifdef HTTP_R_TOO_MANY_REDIRECTIONS ++ {"TOO_MANY_REDIRECTIONS", ERR_LIB_HTTP, HTTP_R_TOO_MANY_REDIRECTIONS}, ++ #else ++ {"TOO_MANY_REDIRECTIONS", 61, 115}, ++ #endif ++ #ifdef HTTP_R_UNEXPECTED_CONTENT_TYPE ++ {"UNEXPECTED_CONTENT_TYPE", ERR_LIB_HTTP, HTTP_R_UNEXPECTED_CONTENT_TYPE}, ++ #else ++ {"UNEXPECTED_CONTENT_TYPE", 61, 118}, ++ #endif ++ #ifdef OBJ_R_OID_EXISTS ++ {"OID_EXISTS", ERR_LIB_OBJ, OBJ_R_OID_EXISTS}, ++ #else ++ {"OID_EXISTS", 8, 102}, ++ #endif ++ #ifdef OBJ_R_UNKNOWN_NID ++ {"UNKNOWN_NID", ERR_LIB_OBJ, OBJ_R_UNKNOWN_NID}, ++ #else ++ {"UNKNOWN_NID", 8, 101}, ++ #endif ++ #ifdef OBJ_R_UNKNOWN_OBJECT_NAME ++ {"UNKNOWN_OBJECT_NAME", ERR_LIB_OBJ, OBJ_R_UNKNOWN_OBJECT_NAME}, ++ #else ++ {"UNKNOWN_OBJECT_NAME", 8, 103}, ++ #endif ++ #ifdef OCSP_R_CERTIFICATE_VERIFY_ERROR ++ {"CERTIFICATE_VERIFY_ERROR", ERR_LIB_OCSP, OCSP_R_CERTIFICATE_VERIFY_ERROR}, ++ #else ++ {"CERTIFICATE_VERIFY_ERROR", 39, 101}, ++ #endif ++ #ifdef OCSP_R_DIGEST_ERR ++ {"DIGEST_ERR", ERR_LIB_OCSP, OCSP_R_DIGEST_ERR}, ++ #else ++ {"DIGEST_ERR", 39, 102}, ++ #endif ++ #ifdef OCSP_R_DIGEST_NAME_ERR ++ {"DIGEST_NAME_ERR", ERR_LIB_OCSP, OCSP_R_DIGEST_NAME_ERR}, ++ #else ++ {"DIGEST_NAME_ERR", 39, 106}, ++ #endif ++ #ifdef OCSP_R_DIGEST_SIZE_ERR ++ {"DIGEST_SIZE_ERR", ERR_LIB_OCSP, OCSP_R_DIGEST_SIZE_ERR}, ++ #else ++ {"DIGEST_SIZE_ERR", 39, 107}, ++ #endif ++ #ifdef OCSP_R_ERROR_IN_NEXTUPDATE_FIELD ++ {"ERROR_IN_NEXTUPDATE_FIELD", ERR_LIB_OCSP, OCSP_R_ERROR_IN_NEXTUPDATE_FIELD}, ++ #else ++ {"ERROR_IN_NEXTUPDATE_FIELD", 39, 122}, ++ #endif ++ #ifdef OCSP_R_ERROR_IN_THISUPDATE_FIELD ++ {"ERROR_IN_THISUPDATE_FIELD", ERR_LIB_OCSP, OCSP_R_ERROR_IN_THISUPDATE_FIELD}, ++ #else ++ {"ERROR_IN_THISUPDATE_FIELD", 39, 123}, ++ #endif ++ #ifdef OCSP_R_MISSING_OCSPSIGNING_USAGE ++ {"MISSING_OCSPSIGNING_USAGE", ERR_LIB_OCSP, OCSP_R_MISSING_OCSPSIGNING_USAGE}, ++ #else ++ {"MISSING_OCSPSIGNING_USAGE", 39, 103}, ++ #endif ++ #ifdef OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE ++ {"NEXTUPDATE_BEFORE_THISUPDATE", ERR_LIB_OCSP, OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE}, ++ #else ++ {"NEXTUPDATE_BEFORE_THISUPDATE", 39, 124}, ++ #endif ++ #ifdef OCSP_R_NOT_BASIC_RESPONSE ++ {"NOT_BASIC_RESPONSE", ERR_LIB_OCSP, OCSP_R_NOT_BASIC_RESPONSE}, ++ #else ++ {"NOT_BASIC_RESPONSE", 39, 104}, ++ #endif ++ #ifdef OCSP_R_NO_CERTIFICATES_IN_CHAIN ++ {"NO_CERTIFICATES_IN_CHAIN", ERR_LIB_OCSP, OCSP_R_NO_CERTIFICATES_IN_CHAIN}, ++ #else ++ {"NO_CERTIFICATES_IN_CHAIN", 39, 105}, ++ #endif ++ #ifdef OCSP_R_NO_RESPONSE_DATA ++ {"NO_RESPONSE_DATA", ERR_LIB_OCSP, OCSP_R_NO_RESPONSE_DATA}, ++ #else ++ {"NO_RESPONSE_DATA", 39, 108}, ++ #endif ++ #ifdef OCSP_R_NO_REVOKED_TIME ++ {"NO_REVOKED_TIME", ERR_LIB_OCSP, OCSP_R_NO_REVOKED_TIME}, ++ #else ++ {"NO_REVOKED_TIME", 39, 109}, ++ #endif ++ #ifdef OCSP_R_NO_SIGNER_KEY ++ {"NO_SIGNER_KEY", ERR_LIB_OCSP, OCSP_R_NO_SIGNER_KEY}, ++ #else ++ {"NO_SIGNER_KEY", 39, 130}, ++ #endif ++ #ifdef OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", ERR_LIB_OCSP, OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE}, ++ #else ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", 39, 110}, ++ #endif ++ #ifdef OCSP_R_REQUEST_NOT_SIGNED ++ {"REQUEST_NOT_SIGNED", ERR_LIB_OCSP, OCSP_R_REQUEST_NOT_SIGNED}, ++ #else ++ {"REQUEST_NOT_SIGNED", 39, 128}, ++ #endif ++ #ifdef OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA ++ {"RESPONSE_CONTAINS_NO_REVOCATION_DATA", ERR_LIB_OCSP, OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA}, ++ #else ++ {"RESPONSE_CONTAINS_NO_REVOCATION_DATA", 39, 111}, ++ #endif ++ #ifdef OCSP_R_ROOT_CA_NOT_TRUSTED ++ {"ROOT_CA_NOT_TRUSTED", ERR_LIB_OCSP, OCSP_R_ROOT_CA_NOT_TRUSTED}, ++ #else ++ {"ROOT_CA_NOT_TRUSTED", 39, 112}, ++ #endif ++ #ifdef OCSP_R_SIGNATURE_FAILURE ++ {"SIGNATURE_FAILURE", ERR_LIB_OCSP, OCSP_R_SIGNATURE_FAILURE}, ++ #else ++ {"SIGNATURE_FAILURE", 39, 117}, ++ #endif ++ #ifdef OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND ++ {"SIGNER_CERTIFICATE_NOT_FOUND", ERR_LIB_OCSP, OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND}, ++ #else ++ {"SIGNER_CERTIFICATE_NOT_FOUND", 39, 118}, ++ #endif ++ #ifdef OCSP_R_STATUS_EXPIRED ++ {"STATUS_EXPIRED", ERR_LIB_OCSP, OCSP_R_STATUS_EXPIRED}, ++ #else ++ {"STATUS_EXPIRED", 39, 125}, ++ #endif ++ #ifdef OCSP_R_STATUS_NOT_YET_VALID ++ {"STATUS_NOT_YET_VALID", ERR_LIB_OCSP, OCSP_R_STATUS_NOT_YET_VALID}, ++ #else ++ {"STATUS_NOT_YET_VALID", 39, 126}, ++ #endif ++ #ifdef OCSP_R_STATUS_TOO_OLD ++ {"STATUS_TOO_OLD", ERR_LIB_OCSP, OCSP_R_STATUS_TOO_OLD}, ++ #else ++ {"STATUS_TOO_OLD", 39, 127}, ++ #endif ++ #ifdef OCSP_R_UNKNOWN_MESSAGE_DIGEST ++ {"UNKNOWN_MESSAGE_DIGEST", ERR_LIB_OCSP, OCSP_R_UNKNOWN_MESSAGE_DIGEST}, ++ #else ++ {"UNKNOWN_MESSAGE_DIGEST", 39, 119}, ++ #endif ++ #ifdef OCSP_R_UNKNOWN_NID ++ {"UNKNOWN_NID", ERR_LIB_OCSP, OCSP_R_UNKNOWN_NID}, ++ #else ++ {"UNKNOWN_NID", 39, 120}, ++ #endif ++ #ifdef OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE ++ {"UNSUPPORTED_REQUESTORNAME_TYPE", ERR_LIB_OCSP, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE}, ++ #else ++ {"UNSUPPORTED_REQUESTORNAME_TYPE", 39, 129}, ++ #endif ++ #ifdef OSSL_DECODER_R_MISSING_GET_PARAMS ++ {"MISSING_GET_PARAMS", ERR_LIB_OSSL_DECODER, OSSL_DECODER_R_MISSING_GET_PARAMS}, ++ #else ++ {"MISSING_GET_PARAMS", 60, 100}, ++ #endif ++ #ifdef OSSL_ENCODER_R_ENCODER_NOT_FOUND ++ {"ENCODER_NOT_FOUND", ERR_LIB_OSSL_ENCODER, OSSL_ENCODER_R_ENCODER_NOT_FOUND}, ++ #else ++ {"ENCODER_NOT_FOUND", 59, 101}, ++ #endif ++ #ifdef OSSL_ENCODER_R_INCORRECT_PROPERTY_QUERY ++ {"INCORRECT_PROPERTY_QUERY", ERR_LIB_OSSL_ENCODER, OSSL_ENCODER_R_INCORRECT_PROPERTY_QUERY}, ++ #else ++ {"INCORRECT_PROPERTY_QUERY", 59, 100}, ++ #endif ++ #ifdef OSSL_ENCODER_R_MISSING_GET_PARAMS ++ {"MISSING_GET_PARAMS", ERR_LIB_OSSL_ENCODER, OSSL_ENCODER_R_MISSING_GET_PARAMS}, ++ #else ++ {"MISSING_GET_PARAMS", 59, 102}, ++ #endif ++ #ifdef OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE ++ {"AMBIGUOUS_CONTENT_TYPE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE}, ++ #else ++ {"AMBIGUOUS_CONTENT_TYPE", 44, 107}, ++ #endif ++ #ifdef OSSL_STORE_R_BAD_PASSWORD_READ ++ {"BAD_PASSWORD_READ", ERR_LIB_OSSL_STORE, OSSL_STORE_R_BAD_PASSWORD_READ}, ++ #else ++ {"BAD_PASSWORD_READ", 44, 115}, ++ #endif ++ #ifdef OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC ++ {"ERROR_VERIFYING_PKCS12_MAC", ERR_LIB_OSSL_STORE, OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC}, ++ #else ++ {"ERROR_VERIFYING_PKCS12_MAC", 44, 113}, ++ #endif ++ #ifdef OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST ++ {"FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST", ERR_LIB_OSSL_STORE, OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST}, ++ #else ++ {"FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST", 44, 121}, ++ #endif ++ #ifdef OSSL_STORE_R_INVALID_SCHEME ++ {"INVALID_SCHEME", ERR_LIB_OSSL_STORE, OSSL_STORE_R_INVALID_SCHEME}, ++ #else ++ {"INVALID_SCHEME", 44, 106}, ++ #endif ++ #ifdef OSSL_STORE_R_IS_NOT_A ++ {"IS_NOT_A", ERR_LIB_OSSL_STORE, OSSL_STORE_R_IS_NOT_A}, ++ #else ++ {"IS_NOT_A", 44, 112}, ++ #endif ++ #ifdef OSSL_STORE_R_LOADER_INCOMPLETE ++ {"LOADER_INCOMPLETE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADER_INCOMPLETE}, ++ #else ++ {"LOADER_INCOMPLETE", 44, 116}, ++ #endif ++ #ifdef OSSL_STORE_R_LOADING_STARTED ++ {"LOADING_STARTED", ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADING_STARTED}, ++ #else ++ {"LOADING_STARTED", 44, 117}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_CERTIFICATE ++ {"NOT_A_CERTIFICATE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_CERTIFICATE}, ++ #else ++ {"NOT_A_CERTIFICATE", 44, 100}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_CRL ++ {"NOT_A_CRL", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_CRL}, ++ #else ++ {"NOT_A_CRL", 44, 101}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_NAME ++ {"NOT_A_NAME", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_NAME}, ++ #else ++ {"NOT_A_NAME", 44, 103}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_PRIVATE_KEY ++ {"NOT_A_PRIVATE_KEY", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_PRIVATE_KEY}, ++ #else ++ {"NOT_A_PRIVATE_KEY", 44, 102}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_A_PUBLIC_KEY ++ {"NOT_A_PUBLIC_KEY", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_PUBLIC_KEY}, ++ #else ++ {"NOT_A_PUBLIC_KEY", 44, 122}, ++ #endif ++ #ifdef OSSL_STORE_R_NOT_PARAMETERS ++ {"NOT_PARAMETERS", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_PARAMETERS}, ++ #else ++ {"NOT_PARAMETERS", 44, 104}, ++ #endif ++ #ifdef OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR ++ {"PASSPHRASE_CALLBACK_ERROR", ERR_LIB_OSSL_STORE, OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR}, ++ #else ++ {"PASSPHRASE_CALLBACK_ERROR", 44, 114}, ++ #endif ++ #ifdef OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE ++ {"PATH_MUST_BE_ABSOLUTE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE}, ++ #else ++ {"PATH_MUST_BE_ABSOLUTE", 44, 108}, ++ #endif ++ #ifdef OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES ++ {"SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", ERR_LIB_OSSL_STORE, OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES}, ++ #else ++ {"SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", 44, 119}, ++ #endif ++ #ifdef OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED ++ {"UI_PROCESS_INTERRUPTED_OR_CANCELLED", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED}, ++ #else ++ {"UI_PROCESS_INTERRUPTED_OR_CANCELLED", 44, 109}, ++ #endif ++ #ifdef OSSL_STORE_R_UNREGISTERED_SCHEME ++ {"UNREGISTERED_SCHEME", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNREGISTERED_SCHEME}, ++ #else ++ {"UNREGISTERED_SCHEME", 44, 105}, ++ #endif ++ #ifdef OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE ++ {"UNSUPPORTED_CONTENT_TYPE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE}, ++ #else ++ {"UNSUPPORTED_CONTENT_TYPE", 44, 110}, ++ #endif ++ #ifdef OSSL_STORE_R_UNSUPPORTED_OPERATION ++ {"UNSUPPORTED_OPERATION", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_OPERATION}, ++ #else ++ {"UNSUPPORTED_OPERATION", 44, 118}, ++ #endif ++ #ifdef OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE ++ {"UNSUPPORTED_SEARCH_TYPE", ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE}, ++ #else ++ {"UNSUPPORTED_SEARCH_TYPE", 44, 120}, ++ #endif ++ #ifdef OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED ++ {"URI_AUTHORITY_UNSUPPORTED", ERR_LIB_OSSL_STORE, OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED}, ++ #else ++ {"URI_AUTHORITY_UNSUPPORTED", 44, 111}, ++ #endif ++ #ifdef PEM_R_BAD_BASE64_DECODE ++ {"BAD_BASE64_DECODE", ERR_LIB_PEM, PEM_R_BAD_BASE64_DECODE}, ++ #else ++ {"BAD_BASE64_DECODE", 9, 100}, ++ #endif ++ #ifdef PEM_R_BAD_DECRYPT ++ {"BAD_DECRYPT", ERR_LIB_PEM, PEM_R_BAD_DECRYPT}, ++ #else ++ {"BAD_DECRYPT", 9, 101}, ++ #endif ++ #ifdef PEM_R_BAD_END_LINE ++ {"BAD_END_LINE", ERR_LIB_PEM, PEM_R_BAD_END_LINE}, ++ #else ++ {"BAD_END_LINE", 9, 102}, ++ #endif ++ #ifdef PEM_R_BAD_IV_CHARS ++ {"BAD_IV_CHARS", ERR_LIB_PEM, PEM_R_BAD_IV_CHARS}, ++ #else ++ {"BAD_IV_CHARS", 9, 103}, ++ #endif ++ #ifdef PEM_R_BAD_MAGIC_NUMBER ++ {"BAD_MAGIC_NUMBER", ERR_LIB_PEM, PEM_R_BAD_MAGIC_NUMBER}, ++ #else ++ {"BAD_MAGIC_NUMBER", 9, 116}, ++ #endif ++ #ifdef PEM_R_BAD_PASSWORD_READ ++ {"BAD_PASSWORD_READ", ERR_LIB_PEM, PEM_R_BAD_PASSWORD_READ}, ++ #else ++ {"BAD_PASSWORD_READ", 9, 104}, ++ #endif ++ #ifdef PEM_R_BAD_VERSION_NUMBER ++ {"BAD_VERSION_NUMBER", ERR_LIB_PEM, PEM_R_BAD_VERSION_NUMBER}, ++ #else ++ {"BAD_VERSION_NUMBER", 9, 117}, ++ #endif ++ #ifdef PEM_R_BIO_WRITE_FAILURE ++ {"BIO_WRITE_FAILURE", ERR_LIB_PEM, PEM_R_BIO_WRITE_FAILURE}, ++ #else ++ {"BIO_WRITE_FAILURE", 9, 118}, ++ #endif ++ #ifdef PEM_R_CIPHER_IS_NULL ++ {"CIPHER_IS_NULL", ERR_LIB_PEM, PEM_R_CIPHER_IS_NULL}, ++ #else ++ {"CIPHER_IS_NULL", 9, 127}, ++ #endif ++ #ifdef PEM_R_ERROR_CONVERTING_PRIVATE_KEY ++ {"ERROR_CONVERTING_PRIVATE_KEY", ERR_LIB_PEM, PEM_R_ERROR_CONVERTING_PRIVATE_KEY}, ++ #else ++ {"ERROR_CONVERTING_PRIVATE_KEY", 9, 115}, ++ #endif ++ #ifdef PEM_R_EXPECTING_DSS_KEY_BLOB ++ {"EXPECTING_DSS_KEY_BLOB", ERR_LIB_PEM, PEM_R_EXPECTING_DSS_KEY_BLOB}, ++ #else ++ {"EXPECTING_DSS_KEY_BLOB", 9, 131}, ++ #endif ++ #ifdef PEM_R_EXPECTING_PRIVATE_KEY_BLOB ++ {"EXPECTING_PRIVATE_KEY_BLOB", ERR_LIB_PEM, PEM_R_EXPECTING_PRIVATE_KEY_BLOB}, ++ #else ++ {"EXPECTING_PRIVATE_KEY_BLOB", 9, 119}, ++ #endif ++ #ifdef PEM_R_EXPECTING_PUBLIC_KEY_BLOB ++ {"EXPECTING_PUBLIC_KEY_BLOB", ERR_LIB_PEM, PEM_R_EXPECTING_PUBLIC_KEY_BLOB}, ++ #else ++ {"EXPECTING_PUBLIC_KEY_BLOB", 9, 120}, ++ #endif ++ #ifdef PEM_R_EXPECTING_RSA_KEY_BLOB ++ {"EXPECTING_RSA_KEY_BLOB", ERR_LIB_PEM, PEM_R_EXPECTING_RSA_KEY_BLOB}, ++ #else ++ {"EXPECTING_RSA_KEY_BLOB", 9, 132}, ++ #endif ++ #ifdef PEM_R_HEADER_TOO_LONG ++ {"HEADER_TOO_LONG", ERR_LIB_PEM, PEM_R_HEADER_TOO_LONG}, ++ #else ++ {"HEADER_TOO_LONG", 9, 128}, ++ #endif ++ #ifdef PEM_R_INCONSISTENT_HEADER ++ {"INCONSISTENT_HEADER", ERR_LIB_PEM, PEM_R_INCONSISTENT_HEADER}, ++ #else ++ {"INCONSISTENT_HEADER", 9, 121}, ++ #endif ++ #ifdef PEM_R_KEYBLOB_HEADER_PARSE_ERROR ++ {"KEYBLOB_HEADER_PARSE_ERROR", ERR_LIB_PEM, PEM_R_KEYBLOB_HEADER_PARSE_ERROR}, ++ #else ++ {"KEYBLOB_HEADER_PARSE_ERROR", 9, 122}, ++ #endif ++ #ifdef PEM_R_KEYBLOB_TOO_SHORT ++ {"KEYBLOB_TOO_SHORT", ERR_LIB_PEM, PEM_R_KEYBLOB_TOO_SHORT}, ++ #else ++ {"KEYBLOB_TOO_SHORT", 9, 123}, ++ #endif ++ #ifdef PEM_R_MISSING_DEK_IV ++ {"MISSING_DEK_IV", ERR_LIB_PEM, PEM_R_MISSING_DEK_IV}, ++ #else ++ {"MISSING_DEK_IV", 9, 129}, ++ #endif ++ #ifdef PEM_R_NOT_DEK_INFO ++ {"NOT_DEK_INFO", ERR_LIB_PEM, PEM_R_NOT_DEK_INFO}, ++ #else ++ {"NOT_DEK_INFO", 9, 105}, ++ #endif ++ #ifdef PEM_R_NOT_ENCRYPTED ++ {"NOT_ENCRYPTED", ERR_LIB_PEM, PEM_R_NOT_ENCRYPTED}, ++ #else ++ {"NOT_ENCRYPTED", 9, 106}, ++ #endif ++ #ifdef PEM_R_NOT_PROC_TYPE ++ {"NOT_PROC_TYPE", ERR_LIB_PEM, PEM_R_NOT_PROC_TYPE}, ++ #else ++ {"NOT_PROC_TYPE", 9, 107}, ++ #endif ++ #ifdef PEM_R_NO_START_LINE ++ {"NO_START_LINE", ERR_LIB_PEM, PEM_R_NO_START_LINE}, ++ #else ++ {"NO_START_LINE", 9, 108}, ++ #endif ++ #ifdef PEM_R_PROBLEMS_GETTING_PASSWORD ++ {"PROBLEMS_GETTING_PASSWORD", ERR_LIB_PEM, PEM_R_PROBLEMS_GETTING_PASSWORD}, ++ #else ++ {"PROBLEMS_GETTING_PASSWORD", 9, 109}, ++ #endif ++ #ifdef PEM_R_PVK_DATA_TOO_SHORT ++ {"PVK_DATA_TOO_SHORT", ERR_LIB_PEM, PEM_R_PVK_DATA_TOO_SHORT}, ++ #else ++ {"PVK_DATA_TOO_SHORT", 9, 124}, ++ #endif ++ #ifdef PEM_R_PVK_TOO_SHORT ++ {"PVK_TOO_SHORT", ERR_LIB_PEM, PEM_R_PVK_TOO_SHORT}, ++ #else ++ {"PVK_TOO_SHORT", 9, 125}, ++ #endif ++ #ifdef PEM_R_READ_KEY ++ {"READ_KEY", ERR_LIB_PEM, PEM_R_READ_KEY}, ++ #else ++ {"READ_KEY", 9, 111}, ++ #endif ++ #ifdef PEM_R_SHORT_HEADER ++ {"SHORT_HEADER", ERR_LIB_PEM, PEM_R_SHORT_HEADER}, ++ #else ++ {"SHORT_HEADER", 9, 112}, ++ #endif ++ #ifdef PEM_R_UNEXPECTED_DEK_IV ++ {"UNEXPECTED_DEK_IV", ERR_LIB_PEM, PEM_R_UNEXPECTED_DEK_IV}, ++ #else ++ {"UNEXPECTED_DEK_IV", 9, 130}, ++ #endif ++ #ifdef PEM_R_UNSUPPORTED_CIPHER ++ {"UNSUPPORTED_CIPHER", ERR_LIB_PEM, PEM_R_UNSUPPORTED_CIPHER}, ++ #else ++ {"UNSUPPORTED_CIPHER", 9, 113}, ++ #endif ++ #ifdef PEM_R_UNSUPPORTED_ENCRYPTION ++ {"UNSUPPORTED_ENCRYPTION", ERR_LIB_PEM, PEM_R_UNSUPPORTED_ENCRYPTION}, ++ #else ++ {"UNSUPPORTED_ENCRYPTION", 9, 114}, ++ #endif ++ #ifdef PEM_R_UNSUPPORTED_KEY_COMPONENTS ++ {"UNSUPPORTED_KEY_COMPONENTS", ERR_LIB_PEM, PEM_R_UNSUPPORTED_KEY_COMPONENTS}, ++ #else ++ {"UNSUPPORTED_KEY_COMPONENTS", 9, 126}, ++ #endif ++ #ifdef PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE ++ {"UNSUPPORTED_PUBLIC_KEY_TYPE", ERR_LIB_PEM, PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE}, ++ #else ++ {"UNSUPPORTED_PUBLIC_KEY_TYPE", 9, 110}, ++ #endif ++ #ifdef PKCS12_R_CANT_PACK_STRUCTURE ++ {"CANT_PACK_STRUCTURE", ERR_LIB_PKCS12, PKCS12_R_CANT_PACK_STRUCTURE}, ++ #else ++ {"CANT_PACK_STRUCTURE", 35, 100}, ++ #endif ++ #ifdef PKCS12_R_CONTENT_TYPE_NOT_DATA ++ {"CONTENT_TYPE_NOT_DATA", ERR_LIB_PKCS12, PKCS12_R_CONTENT_TYPE_NOT_DATA}, ++ #else ++ {"CONTENT_TYPE_NOT_DATA", 35, 121}, ++ #endif ++ #ifdef PKCS12_R_DECODE_ERROR ++ {"DECODE_ERROR", ERR_LIB_PKCS12, PKCS12_R_DECODE_ERROR}, ++ #else ++ {"DECODE_ERROR", 35, 101}, ++ #endif ++ #ifdef PKCS12_R_ENCODE_ERROR ++ {"ENCODE_ERROR", ERR_LIB_PKCS12, PKCS12_R_ENCODE_ERROR}, ++ #else ++ {"ENCODE_ERROR", 35, 102}, ++ #endif ++ #ifdef PKCS12_R_ENCRYPT_ERROR ++ {"ENCRYPT_ERROR", ERR_LIB_PKCS12, PKCS12_R_ENCRYPT_ERROR}, ++ #else ++ {"ENCRYPT_ERROR", 35, 103}, ++ #endif ++ #ifdef PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE ++ {"ERROR_SETTING_ENCRYPTED_DATA_TYPE", ERR_LIB_PKCS12, PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE}, ++ #else ++ {"ERROR_SETTING_ENCRYPTED_DATA_TYPE", 35, 120}, ++ #endif ++ #ifdef PKCS12_R_INVALID_NULL_ARGUMENT ++ {"INVALID_NULL_ARGUMENT", ERR_LIB_PKCS12, PKCS12_R_INVALID_NULL_ARGUMENT}, ++ #else ++ {"INVALID_NULL_ARGUMENT", 35, 104}, ++ #endif ++ #ifdef PKCS12_R_INVALID_NULL_PKCS12_POINTER ++ {"INVALID_NULL_PKCS12_POINTER", ERR_LIB_PKCS12, PKCS12_R_INVALID_NULL_PKCS12_POINTER}, ++ #else ++ {"INVALID_NULL_PKCS12_POINTER", 35, 105}, ++ #endif ++ #ifdef PKCS12_R_INVALID_TYPE ++ {"INVALID_TYPE", ERR_LIB_PKCS12, PKCS12_R_INVALID_TYPE}, ++ #else ++ {"INVALID_TYPE", 35, 112}, ++ #endif ++ #ifdef PKCS12_R_IV_GEN_ERROR ++ {"IV_GEN_ERROR", ERR_LIB_PKCS12, PKCS12_R_IV_GEN_ERROR}, ++ #else ++ {"IV_GEN_ERROR", 35, 106}, ++ #endif ++ #ifdef PKCS12_R_KEY_GEN_ERROR ++ {"KEY_GEN_ERROR", ERR_LIB_PKCS12, PKCS12_R_KEY_GEN_ERROR}, ++ #else ++ {"KEY_GEN_ERROR", 35, 107}, ++ #endif ++ #ifdef PKCS12_R_MAC_ABSENT ++ {"MAC_ABSENT", ERR_LIB_PKCS12, PKCS12_R_MAC_ABSENT}, ++ #else ++ {"MAC_ABSENT", 35, 108}, ++ #endif ++ #ifdef PKCS12_R_MAC_GENERATION_ERROR ++ {"MAC_GENERATION_ERROR", ERR_LIB_PKCS12, PKCS12_R_MAC_GENERATION_ERROR}, ++ #else ++ {"MAC_GENERATION_ERROR", 35, 109}, ++ #endif ++ #ifdef PKCS12_R_MAC_SETUP_ERROR ++ {"MAC_SETUP_ERROR", ERR_LIB_PKCS12, PKCS12_R_MAC_SETUP_ERROR}, ++ #else ++ {"MAC_SETUP_ERROR", 35, 110}, ++ #endif ++ #ifdef PKCS12_R_MAC_STRING_SET_ERROR ++ {"MAC_STRING_SET_ERROR", ERR_LIB_PKCS12, PKCS12_R_MAC_STRING_SET_ERROR}, ++ #else ++ {"MAC_STRING_SET_ERROR", 35, 111}, ++ #endif ++ #ifdef PKCS12_R_MAC_VERIFY_FAILURE ++ {"MAC_VERIFY_FAILURE", ERR_LIB_PKCS12, PKCS12_R_MAC_VERIFY_FAILURE}, ++ #else ++ {"MAC_VERIFY_FAILURE", 35, 113}, ++ #endif ++ #ifdef PKCS12_R_PARSE_ERROR ++ {"PARSE_ERROR", ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR}, ++ #else ++ {"PARSE_ERROR", 35, 114}, ++ #endif ++ #ifdef PKCS12_R_PKCS12_CIPHERFINAL_ERROR ++ {"PKCS12_CIPHERFINAL_ERROR", ERR_LIB_PKCS12, PKCS12_R_PKCS12_CIPHERFINAL_ERROR}, ++ #else ++ {"PKCS12_CIPHERFINAL_ERROR", 35, 116}, ++ #endif ++ #ifdef PKCS12_R_UNKNOWN_DIGEST_ALGORITHM ++ {"UNKNOWN_DIGEST_ALGORITHM", ERR_LIB_PKCS12, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM}, ++ #else ++ {"UNKNOWN_DIGEST_ALGORITHM", 35, 118}, ++ #endif ++ #ifdef PKCS12_R_UNSUPPORTED_PKCS12_MODE ++ {"UNSUPPORTED_PKCS12_MODE", ERR_LIB_PKCS12, PKCS12_R_UNSUPPORTED_PKCS12_MODE}, ++ #else ++ {"UNSUPPORTED_PKCS12_MODE", 35, 119}, ++ #endif ++ #ifdef PKCS7_R_CERTIFICATE_VERIFY_ERROR ++ {"CERTIFICATE_VERIFY_ERROR", ERR_LIB_PKCS7, PKCS7_R_CERTIFICATE_VERIFY_ERROR}, ++ #else ++ {"CERTIFICATE_VERIFY_ERROR", 33, 117}, ++ #endif ++ #ifdef PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ++ {"CIPHER_HAS_NO_OBJECT_IDENTIFIER", ERR_LIB_PKCS7, PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER}, ++ #else ++ {"CIPHER_HAS_NO_OBJECT_IDENTIFIER", 33, 144}, ++ #endif ++ #ifdef PKCS7_R_CIPHER_NOT_INITIALIZED ++ {"CIPHER_NOT_INITIALIZED", ERR_LIB_PKCS7, PKCS7_R_CIPHER_NOT_INITIALIZED}, ++ #else ++ {"CIPHER_NOT_INITIALIZED", 33, 116}, ++ #endif ++ #ifdef PKCS7_R_CONTENT_AND_DATA_PRESENT ++ {"CONTENT_AND_DATA_PRESENT", ERR_LIB_PKCS7, PKCS7_R_CONTENT_AND_DATA_PRESENT}, ++ #else ++ {"CONTENT_AND_DATA_PRESENT", 33, 118}, ++ #endif ++ #ifdef PKCS7_R_CTRL_ERROR ++ {"CTRL_ERROR", ERR_LIB_PKCS7, PKCS7_R_CTRL_ERROR}, ++ #else ++ {"CTRL_ERROR", 33, 152}, ++ #endif ++ #ifdef PKCS7_R_DECRYPT_ERROR ++ {"DECRYPT_ERROR", ERR_LIB_PKCS7, PKCS7_R_DECRYPT_ERROR}, ++ #else ++ {"DECRYPT_ERROR", 33, 119}, ++ #endif ++ #ifdef PKCS7_R_DIGEST_FAILURE ++ {"DIGEST_FAILURE", ERR_LIB_PKCS7, PKCS7_R_DIGEST_FAILURE}, ++ #else ++ {"DIGEST_FAILURE", 33, 101}, ++ #endif ++ #ifdef PKCS7_R_ENCRYPTION_CTRL_FAILURE ++ {"ENCRYPTION_CTRL_FAILURE", ERR_LIB_PKCS7, PKCS7_R_ENCRYPTION_CTRL_FAILURE}, ++ #else ++ {"ENCRYPTION_CTRL_FAILURE", 33, 149}, ++ #endif ++ #ifdef PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE ++ {"ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", ERR_LIB_PKCS7, PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE}, ++ #else ++ {"ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", 33, 150}, ++ #endif ++ #ifdef PKCS7_R_ERROR_ADDING_RECIPIENT ++ {"ERROR_ADDING_RECIPIENT", ERR_LIB_PKCS7, PKCS7_R_ERROR_ADDING_RECIPIENT}, ++ #else ++ {"ERROR_ADDING_RECIPIENT", 33, 120}, ++ #endif ++ #ifdef PKCS7_R_ERROR_SETTING_CIPHER ++ {"ERROR_SETTING_CIPHER", ERR_LIB_PKCS7, PKCS7_R_ERROR_SETTING_CIPHER}, ++ #else ++ {"ERROR_SETTING_CIPHER", 33, 121}, ++ #endif ++ #ifdef PKCS7_R_INVALID_NULL_POINTER ++ {"INVALID_NULL_POINTER", ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER}, ++ #else ++ {"INVALID_NULL_POINTER", 33, 143}, ++ #endif ++ #ifdef PKCS7_R_INVALID_SIGNED_DATA_TYPE ++ {"INVALID_SIGNED_DATA_TYPE", ERR_LIB_PKCS7, PKCS7_R_INVALID_SIGNED_DATA_TYPE}, ++ #else ++ {"INVALID_SIGNED_DATA_TYPE", 33, 155}, ++ #endif ++ #ifdef PKCS7_R_NO_CONTENT ++ {"NO_CONTENT", ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT}, ++ #else ++ {"NO_CONTENT", 33, 122}, ++ #endif ++ #ifdef PKCS7_R_NO_DEFAULT_DIGEST ++ {"NO_DEFAULT_DIGEST", ERR_LIB_PKCS7, PKCS7_R_NO_DEFAULT_DIGEST}, ++ #else ++ {"NO_DEFAULT_DIGEST", 33, 151}, ++ #endif ++ #ifdef PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND ++ {"NO_MATCHING_DIGEST_TYPE_FOUND", ERR_LIB_PKCS7, PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND}, ++ #else ++ {"NO_MATCHING_DIGEST_TYPE_FOUND", 33, 154}, ++ #endif ++ #ifdef PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE ++ {"NO_RECIPIENT_MATCHES_CERTIFICATE", ERR_LIB_PKCS7, PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE}, ++ #else ++ {"NO_RECIPIENT_MATCHES_CERTIFICATE", 33, 115}, ++ #endif ++ #ifdef PKCS7_R_NO_SIGNATURES_ON_DATA ++ {"NO_SIGNATURES_ON_DATA", ERR_LIB_PKCS7, PKCS7_R_NO_SIGNATURES_ON_DATA}, ++ #else ++ {"NO_SIGNATURES_ON_DATA", 33, 123}, ++ #endif ++ #ifdef PKCS7_R_NO_SIGNERS ++ {"NO_SIGNERS", ERR_LIB_PKCS7, PKCS7_R_NO_SIGNERS}, ++ #else ++ {"NO_SIGNERS", 33, 142}, ++ #endif ++ #ifdef PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE ++ {"OPERATION_NOT_SUPPORTED_ON_THIS_TYPE", ERR_LIB_PKCS7, PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE}, ++ #else ++ {"OPERATION_NOT_SUPPORTED_ON_THIS_TYPE", 33, 104}, ++ #endif ++ #ifdef PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR ++ {"PKCS7_ADD_SIGNATURE_ERROR", ERR_LIB_PKCS7, PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR}, ++ #else ++ {"PKCS7_ADD_SIGNATURE_ERROR", 33, 124}, ++ #endif ++ #ifdef PKCS7_R_PKCS7_ADD_SIGNER_ERROR ++ {"PKCS7_ADD_SIGNER_ERROR", ERR_LIB_PKCS7, PKCS7_R_PKCS7_ADD_SIGNER_ERROR}, ++ #else ++ {"PKCS7_ADD_SIGNER_ERROR", 33, 153}, ++ #endif ++ #ifdef PKCS7_R_PKCS7_DATASIGN ++ {"PKCS7_DATASIGN", ERR_LIB_PKCS7, PKCS7_R_PKCS7_DATASIGN}, ++ #else ++ {"PKCS7_DATASIGN", 33, 145}, ++ #endif ++ #ifdef PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", ERR_LIB_PKCS7, PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE}, ++ #else ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", 33, 127}, ++ #endif ++ #ifdef PKCS7_R_SIGNATURE_FAILURE ++ {"SIGNATURE_FAILURE", ERR_LIB_PKCS7, PKCS7_R_SIGNATURE_FAILURE}, ++ #else ++ {"SIGNATURE_FAILURE", 33, 105}, ++ #endif ++ #ifdef PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND ++ {"SIGNER_CERTIFICATE_NOT_FOUND", ERR_LIB_PKCS7, PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND}, ++ #else ++ {"SIGNER_CERTIFICATE_NOT_FOUND", 33, 128}, ++ #endif ++ #ifdef PKCS7_R_SIGNING_CTRL_FAILURE ++ {"SIGNING_CTRL_FAILURE", ERR_LIB_PKCS7, PKCS7_R_SIGNING_CTRL_FAILURE}, ++ #else ++ {"SIGNING_CTRL_FAILURE", 33, 147}, ++ #endif ++ #ifdef PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE ++ {"SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", ERR_LIB_PKCS7, PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE}, ++ #else ++ {"SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", 33, 148}, ++ #endif ++ #ifdef PKCS7_R_SMIME_TEXT_ERROR ++ {"SMIME_TEXT_ERROR", ERR_LIB_PKCS7, PKCS7_R_SMIME_TEXT_ERROR}, ++ #else ++ {"SMIME_TEXT_ERROR", 33, 129}, ++ #endif ++ #ifdef PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ++ {"UNABLE_TO_FIND_CERTIFICATE", ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_CERTIFICATE}, ++ #else ++ {"UNABLE_TO_FIND_CERTIFICATE", 33, 106}, ++ #endif ++ #ifdef PKCS7_R_UNABLE_TO_FIND_MEM_BIO ++ {"UNABLE_TO_FIND_MEM_BIO", ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MEM_BIO}, ++ #else ++ {"UNABLE_TO_FIND_MEM_BIO", 33, 107}, ++ #endif ++ #ifdef PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ++ {"UNABLE_TO_FIND_MESSAGE_DIGEST", ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST}, ++ #else ++ {"UNABLE_TO_FIND_MESSAGE_DIGEST", 33, 108}, ++ #endif ++ #ifdef PKCS7_R_UNKNOWN_DIGEST_TYPE ++ {"UNKNOWN_DIGEST_TYPE", ERR_LIB_PKCS7, PKCS7_R_UNKNOWN_DIGEST_TYPE}, ++ #else ++ {"UNKNOWN_DIGEST_TYPE", 33, 109}, ++ #endif ++ #ifdef PKCS7_R_UNKNOWN_OPERATION ++ {"UNKNOWN_OPERATION", ERR_LIB_PKCS7, PKCS7_R_UNKNOWN_OPERATION}, ++ #else ++ {"UNKNOWN_OPERATION", 33, 110}, ++ #endif ++ #ifdef PKCS7_R_UNSUPPORTED_CIPHER_TYPE ++ {"UNSUPPORTED_CIPHER_TYPE", ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CIPHER_TYPE}, ++ #else ++ {"UNSUPPORTED_CIPHER_TYPE", 33, 111}, ++ #endif ++ #ifdef PKCS7_R_UNSUPPORTED_CONTENT_TYPE ++ {"UNSUPPORTED_CONTENT_TYPE", ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE}, ++ #else ++ {"UNSUPPORTED_CONTENT_TYPE", 33, 112}, ++ #endif ++ #ifdef PKCS7_R_WRONG_CONTENT_TYPE ++ {"WRONG_CONTENT_TYPE", ERR_LIB_PKCS7, PKCS7_R_WRONG_CONTENT_TYPE}, ++ #else ++ {"WRONG_CONTENT_TYPE", 33, 113}, ++ #endif ++ #ifdef PKCS7_R_WRONG_PKCS7_TYPE ++ {"WRONG_PKCS7_TYPE", ERR_LIB_PKCS7, PKCS7_R_WRONG_PKCS7_TYPE}, ++ #else ++ {"WRONG_PKCS7_TYPE", 33, 114}, ++ #endif ++ #ifdef PROP_R_NAME_TOO_LONG ++ {"NAME_TOO_LONG", ERR_LIB_PROP, PROP_R_NAME_TOO_LONG}, ++ #else ++ {"NAME_TOO_LONG", 55, 100}, ++ #endif ++ #ifdef PROP_R_NOT_AN_ASCII_CHARACTER ++ {"NOT_AN_ASCII_CHARACTER", ERR_LIB_PROP, PROP_R_NOT_AN_ASCII_CHARACTER}, ++ #else ++ {"NOT_AN_ASCII_CHARACTER", 55, 101}, ++ #endif ++ #ifdef PROP_R_NOT_AN_HEXADECIMAL_DIGIT ++ {"NOT_AN_HEXADECIMAL_DIGIT", ERR_LIB_PROP, PROP_R_NOT_AN_HEXADECIMAL_DIGIT}, ++ #else ++ {"NOT_AN_HEXADECIMAL_DIGIT", 55, 102}, ++ #endif ++ #ifdef PROP_R_NOT_AN_IDENTIFIER ++ {"NOT_AN_IDENTIFIER", ERR_LIB_PROP, PROP_R_NOT_AN_IDENTIFIER}, ++ #else ++ {"NOT_AN_IDENTIFIER", 55, 103}, ++ #endif ++ #ifdef PROP_R_NOT_AN_OCTAL_DIGIT ++ {"NOT_AN_OCTAL_DIGIT", ERR_LIB_PROP, PROP_R_NOT_AN_OCTAL_DIGIT}, ++ #else ++ {"NOT_AN_OCTAL_DIGIT", 55, 104}, ++ #endif ++ #ifdef PROP_R_NOT_A_DECIMAL_DIGIT ++ {"NOT_A_DECIMAL_DIGIT", ERR_LIB_PROP, PROP_R_NOT_A_DECIMAL_DIGIT}, ++ #else ++ {"NOT_A_DECIMAL_DIGIT", 55, 105}, ++ #endif ++ #ifdef PROP_R_NO_MATCHING_STRING_DELIMITER ++ {"NO_MATCHING_STRING_DELIMITER", ERR_LIB_PROP, PROP_R_NO_MATCHING_STRING_DELIMITER}, ++ #else ++ {"NO_MATCHING_STRING_DELIMITER", 55, 106}, ++ #endif ++ #ifdef PROP_R_NO_VALUE ++ {"NO_VALUE", ERR_LIB_PROP, PROP_R_NO_VALUE}, ++ #else ++ {"NO_VALUE", 55, 107}, ++ #endif ++ #ifdef PROP_R_PARSE_FAILED ++ {"PARSE_FAILED", ERR_LIB_PROP, PROP_R_PARSE_FAILED}, ++ #else ++ {"PARSE_FAILED", 55, 108}, ++ #endif ++ #ifdef PROP_R_STRING_TOO_LONG ++ {"STRING_TOO_LONG", ERR_LIB_PROP, PROP_R_STRING_TOO_LONG}, ++ #else ++ {"STRING_TOO_LONG", 55, 109}, ++ #endif ++ #ifdef PROP_R_TRAILING_CHARACTERS ++ {"TRAILING_CHARACTERS", ERR_LIB_PROP, PROP_R_TRAILING_CHARACTERS}, ++ #else ++ {"TRAILING_CHARACTERS", 55, 110}, ++ #endif ++ #ifdef PROV_R_ADDITIONAL_INPUT_TOO_LONG ++ {"ADDITIONAL_INPUT_TOO_LONG", ERR_LIB_PROV, PROV_R_ADDITIONAL_INPUT_TOO_LONG}, ++ #else ++ {"ADDITIONAL_INPUT_TOO_LONG", 57, 184}, ++ #endif ++ #ifdef PROV_R_ALGORITHM_MISMATCH ++ {"ALGORITHM_MISMATCH", ERR_LIB_PROV, PROV_R_ALGORITHM_MISMATCH}, ++ #else ++ {"ALGORITHM_MISMATCH", 57, 173}, ++ #endif ++ #ifdef PROV_R_ALREADY_INSTANTIATED ++ {"ALREADY_INSTANTIATED", ERR_LIB_PROV, PROV_R_ALREADY_INSTANTIATED}, ++ #else ++ {"ALREADY_INSTANTIATED", 57, 185}, ++ #endif ++ #ifdef PROV_R_BAD_DECRYPT ++ {"BAD_DECRYPT", ERR_LIB_PROV, PROV_R_BAD_DECRYPT}, ++ #else ++ {"BAD_DECRYPT", 57, 100}, ++ #endif ++ #ifdef PROV_R_BAD_ENCODING ++ {"BAD_ENCODING", ERR_LIB_PROV, PROV_R_BAD_ENCODING}, ++ #else ++ {"BAD_ENCODING", 57, 141}, ++ #endif ++ #ifdef PROV_R_BAD_LENGTH ++ {"BAD_LENGTH", ERR_LIB_PROV, PROV_R_BAD_LENGTH}, ++ #else ++ {"BAD_LENGTH", 57, 142}, ++ #endif ++ #ifdef PROV_R_BAD_TLS_CLIENT_VERSION ++ {"BAD_TLS_CLIENT_VERSION", ERR_LIB_PROV, PROV_R_BAD_TLS_CLIENT_VERSION}, ++ #else ++ {"BAD_TLS_CLIENT_VERSION", 57, 161}, ++ #endif ++ #ifdef PROV_R_BN_ERROR ++ {"BN_ERROR", ERR_LIB_PROV, PROV_R_BN_ERROR}, ++ #else ++ {"BN_ERROR", 57, 160}, ++ #endif ++ #ifdef PROV_R_CIPHER_OPERATION_FAILED ++ {"CIPHER_OPERATION_FAILED", ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED}, ++ #else ++ {"CIPHER_OPERATION_FAILED", 57, 102}, ++ #endif ++ #ifdef PROV_R_DERIVATION_FUNCTION_INIT_FAILED ++ {"DERIVATION_FUNCTION_INIT_FAILED", ERR_LIB_PROV, PROV_R_DERIVATION_FUNCTION_INIT_FAILED}, ++ #else ++ {"DERIVATION_FUNCTION_INIT_FAILED", 57, 205}, ++ #endif ++ #ifdef PROV_R_DIGEST_NOT_ALLOWED ++ {"DIGEST_NOT_ALLOWED", ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED}, ++ #else ++ {"DIGEST_NOT_ALLOWED", 57, 174}, ++ #endif ++ #ifdef PROV_R_ENTROPY_SOURCE_STRENGTH_TOO_WEAK ++ {"ENTROPY_SOURCE_STRENGTH_TOO_WEAK", ERR_LIB_PROV, PROV_R_ENTROPY_SOURCE_STRENGTH_TOO_WEAK}, ++ #else ++ {"ENTROPY_SOURCE_STRENGTH_TOO_WEAK", 57, 186}, ++ #endif ++ #ifdef PROV_R_ERROR_INSTANTIATING_DRBG ++ {"ERROR_INSTANTIATING_DRBG", ERR_LIB_PROV, PROV_R_ERROR_INSTANTIATING_DRBG}, ++ #else ++ {"ERROR_INSTANTIATING_DRBG", 57, 188}, ++ #endif ++ #ifdef PROV_R_ERROR_RETRIEVING_ENTROPY ++ {"ERROR_RETRIEVING_ENTROPY", ERR_LIB_PROV, PROV_R_ERROR_RETRIEVING_ENTROPY}, ++ #else ++ {"ERROR_RETRIEVING_ENTROPY", 57, 189}, ++ #endif ++ #ifdef PROV_R_ERROR_RETRIEVING_NONCE ++ {"ERROR_RETRIEVING_NONCE", ERR_LIB_PROV, PROV_R_ERROR_RETRIEVING_NONCE}, ++ #else ++ {"ERROR_RETRIEVING_NONCE", 57, 190}, ++ #endif ++ #ifdef PROV_R_FAILED_DURING_DERIVATION ++ {"FAILED_DURING_DERIVATION", ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION}, ++ #else ++ {"FAILED_DURING_DERIVATION", 57, 164}, ++ #endif ++ #ifdef PROV_R_FAILED_TO_CREATE_LOCK ++ {"FAILED_TO_CREATE_LOCK", ERR_LIB_PROV, PROV_R_FAILED_TO_CREATE_LOCK}, ++ #else ++ {"FAILED_TO_CREATE_LOCK", 57, 180}, ++ #endif ++ #ifdef PROV_R_FAILED_TO_DECRYPT ++ {"FAILED_TO_DECRYPT", ERR_LIB_PROV, PROV_R_FAILED_TO_DECRYPT}, ++ #else ++ {"FAILED_TO_DECRYPT", 57, 162}, ++ #endif ++ #ifdef PROV_R_FAILED_TO_GENERATE_KEY ++ {"FAILED_TO_GENERATE_KEY", ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY}, ++ #else ++ {"FAILED_TO_GENERATE_KEY", 57, 121}, ++ #endif ++ #ifdef PROV_R_FAILED_TO_GET_PARAMETER ++ {"FAILED_TO_GET_PARAMETER", ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER}, ++ #else ++ {"FAILED_TO_GET_PARAMETER", 57, 103}, ++ #endif ++ #ifdef PROV_R_FAILED_TO_SET_PARAMETER ++ {"FAILED_TO_SET_PARAMETER", ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER}, ++ #else ++ {"FAILED_TO_SET_PARAMETER", 57, 104}, ++ #endif ++ #ifdef PROV_R_FAILED_TO_SIGN ++ {"FAILED_TO_SIGN", ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN}, ++ #else ++ {"FAILED_TO_SIGN", 57, 175}, ++ #endif ++ #ifdef PROV_R_FIPS_MODULE_CONDITIONAL_ERROR ++ {"FIPS_MODULE_CONDITIONAL_ERROR", ERR_LIB_PROV, PROV_R_FIPS_MODULE_CONDITIONAL_ERROR}, ++ #else ++ {"FIPS_MODULE_CONDITIONAL_ERROR", 57, 227}, ++ #endif ++ #ifdef PROV_R_FIPS_MODULE_ENTERING_ERROR_STATE ++ {"FIPS_MODULE_ENTERING_ERROR_STATE", ERR_LIB_PROV, PROV_R_FIPS_MODULE_ENTERING_ERROR_STATE}, ++ #else ++ {"FIPS_MODULE_ENTERING_ERROR_STATE", 57, 224}, ++ #endif ++ #ifdef PROV_R_FIPS_MODULE_IN_ERROR_STATE ++ {"FIPS_MODULE_IN_ERROR_STATE", ERR_LIB_PROV, PROV_R_FIPS_MODULE_IN_ERROR_STATE}, ++ #else ++ {"FIPS_MODULE_IN_ERROR_STATE", 57, 225}, ++ #endif ++ #ifdef PROV_R_GENERATE_ERROR ++ {"GENERATE_ERROR", ERR_LIB_PROV, PROV_R_GENERATE_ERROR}, ++ #else ++ {"GENERATE_ERROR", 57, 191}, ++ #endif ++ #ifdef PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE ++ {"ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", ERR_LIB_PROV, PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE}, ++ #else ++ {"ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", 57, 165}, ++ #endif ++ #ifdef PROV_R_INDICATOR_INTEGRITY_FAILURE ++ {"INDICATOR_INTEGRITY_FAILURE", ERR_LIB_PROV, PROV_R_INDICATOR_INTEGRITY_FAILURE}, ++ #else ++ {"INDICATOR_INTEGRITY_FAILURE", 57, 210}, ++ #endif ++ #ifdef PROV_R_INSUFFICIENT_DRBG_STRENGTH ++ {"INSUFFICIENT_DRBG_STRENGTH", ERR_LIB_PROV, PROV_R_INSUFFICIENT_DRBG_STRENGTH}, ++ #else ++ {"INSUFFICIENT_DRBG_STRENGTH", 57, 181}, ++ #endif ++ #ifdef PROV_R_INVALID_AAD ++ {"INVALID_AAD", ERR_LIB_PROV, PROV_R_INVALID_AAD}, ++ #else ++ {"INVALID_AAD", 57, 108}, ++ #endif ++ #ifdef PROV_R_INVALID_CONFIG_DATA ++ {"INVALID_CONFIG_DATA", ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA}, ++ #else ++ {"INVALID_CONFIG_DATA", 57, 211}, ++ #endif ++ #ifdef PROV_R_INVALID_CONSTANT_LENGTH ++ {"INVALID_CONSTANT_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_CONSTANT_LENGTH}, ++ #else ++ {"INVALID_CONSTANT_LENGTH", 57, 157}, ++ #endif ++ #ifdef PROV_R_INVALID_CURVE ++ {"INVALID_CURVE", ERR_LIB_PROV, PROV_R_INVALID_CURVE}, ++ #else ++ {"INVALID_CURVE", 57, 176}, ++ #endif ++ #ifdef PROV_R_INVALID_CUSTOM_LENGTH ++ {"INVALID_CUSTOM_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_CUSTOM_LENGTH}, ++ #else ++ {"INVALID_CUSTOM_LENGTH", 57, 111}, ++ #endif ++ #ifdef PROV_R_INVALID_DATA ++ {"INVALID_DATA", ERR_LIB_PROV, PROV_R_INVALID_DATA}, ++ #else ++ {"INVALID_DATA", 57, 115}, ++ #endif ++ #ifdef PROV_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_PROV, PROV_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 57, 122}, ++ #endif ++ #ifdef PROV_R_INVALID_DIGEST_LENGTH ++ {"INVALID_DIGEST_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_DIGEST_LENGTH}, ++ #else ++ {"INVALID_DIGEST_LENGTH", 57, 166}, ++ #endif ++ #ifdef PROV_R_INVALID_DIGEST_SIZE ++ {"INVALID_DIGEST_SIZE", ERR_LIB_PROV, PROV_R_INVALID_DIGEST_SIZE}, ++ #else ++ {"INVALID_DIGEST_SIZE", 57, 218}, ++ #endif ++ #ifdef PROV_R_INVALID_ITERATION_COUNT ++ {"INVALID_ITERATION_COUNT", ERR_LIB_PROV, PROV_R_INVALID_ITERATION_COUNT}, ++ #else ++ {"INVALID_ITERATION_COUNT", 57, 123}, ++ #endif ++ #ifdef PROV_R_INVALID_IV_LENGTH ++ {"INVALID_IV_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH}, ++ #else ++ {"INVALID_IV_LENGTH", 57, 109}, ++ #endif ++ #ifdef PROV_R_INVALID_KEY ++ {"INVALID_KEY", ERR_LIB_PROV, PROV_R_INVALID_KEY}, ++ #else ++ {"INVALID_KEY", 57, 158}, ++ #endif ++ #ifdef PROV_R_INVALID_KEY_LENGTH ++ {"INVALID_KEY_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH}, ++ #else ++ {"INVALID_KEY_LENGTH", 57, 105}, ++ #endif ++ #ifdef PROV_R_INVALID_MAC ++ {"INVALID_MAC", ERR_LIB_PROV, PROV_R_INVALID_MAC}, ++ #else ++ {"INVALID_MAC", 57, 151}, ++ #endif ++ #ifdef PROV_R_INVALID_MGF1_MD ++ {"INVALID_MGF1_MD", ERR_LIB_PROV, PROV_R_INVALID_MGF1_MD}, ++ #else ++ {"INVALID_MGF1_MD", 57, 167}, ++ #endif ++ #ifdef PROV_R_INVALID_MODE ++ {"INVALID_MODE", ERR_LIB_PROV, PROV_R_INVALID_MODE}, ++ #else ++ {"INVALID_MODE", 57, 125}, ++ #endif ++ #ifdef PROV_R_INVALID_PADDING_MODE ++ {"INVALID_PADDING_MODE", ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE}, ++ #else ++ {"INVALID_PADDING_MODE", 57, 168}, ++ #endif ++ #ifdef PROV_R_INVALID_PUBINFO ++ {"INVALID_PUBINFO", ERR_LIB_PROV, PROV_R_INVALID_PUBINFO}, ++ #else ++ {"INVALID_PUBINFO", 57, 198}, ++ #endif ++ #ifdef PROV_R_INVALID_SALT_LENGTH ++ {"INVALID_SALT_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH}, ++ #else ++ {"INVALID_SALT_LENGTH", 57, 112}, ++ #endif ++ #ifdef PROV_R_INVALID_SEED_LENGTH ++ {"INVALID_SEED_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_SEED_LENGTH}, ++ #else ++ {"INVALID_SEED_LENGTH", 57, 154}, ++ #endif ++ #ifdef PROV_R_INVALID_SIGNATURE_SIZE ++ {"INVALID_SIGNATURE_SIZE", ERR_LIB_PROV, PROV_R_INVALID_SIGNATURE_SIZE}, ++ #else ++ {"INVALID_SIGNATURE_SIZE", 57, 179}, ++ #endif ++ #ifdef PROV_R_INVALID_STATE ++ {"INVALID_STATE", ERR_LIB_PROV, PROV_R_INVALID_STATE}, ++ #else ++ {"INVALID_STATE", 57, 212}, ++ #endif ++ #ifdef PROV_R_INVALID_TAG ++ {"INVALID_TAG", ERR_LIB_PROV, PROV_R_INVALID_TAG}, ++ #else ++ {"INVALID_TAG", 57, 110}, ++ #endif ++ #ifdef PROV_R_INVALID_TAG_LENGTH ++ {"INVALID_TAG_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH}, ++ #else ++ {"INVALID_TAG_LENGTH", 57, 118}, ++ #endif ++ #ifdef PROV_R_INVALID_UKM_LENGTH ++ {"INVALID_UKM_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_UKM_LENGTH}, ++ #else ++ {"INVALID_UKM_LENGTH", 57, 200}, ++ #endif ++ #ifdef PROV_R_INVALID_X931_DIGEST ++ {"INVALID_X931_DIGEST", ERR_LIB_PROV, PROV_R_INVALID_X931_DIGEST}, ++ #else ++ {"INVALID_X931_DIGEST", 57, 170}, ++ #endif ++ #ifdef PROV_R_IN_ERROR_STATE ++ {"IN_ERROR_STATE", ERR_LIB_PROV, PROV_R_IN_ERROR_STATE}, ++ #else ++ {"IN_ERROR_STATE", 57, 192}, ++ #endif ++ #ifdef PROV_R_KEY_SETUP_FAILED ++ {"KEY_SETUP_FAILED", ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED}, ++ #else ++ {"KEY_SETUP_FAILED", 57, 101}, ++ #endif ++ #ifdef PROV_R_KEY_SIZE_TOO_SMALL ++ {"KEY_SIZE_TOO_SMALL", ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL}, ++ #else ++ {"KEY_SIZE_TOO_SMALL", 57, 171}, ++ #endif ++ #ifdef PROV_R_MISSING_CEK_ALG ++ {"MISSING_CEK_ALG", ERR_LIB_PROV, PROV_R_MISSING_CEK_ALG}, ++ #else ++ {"MISSING_CEK_ALG", 57, 144}, ++ #endif ++ #ifdef PROV_R_MISSING_CIPHER ++ {"MISSING_CIPHER", ERR_LIB_PROV, PROV_R_MISSING_CIPHER}, ++ #else ++ {"MISSING_CIPHER", 57, 155}, ++ #endif ++ #ifdef PROV_R_MISSING_CONFIG_DATA ++ {"MISSING_CONFIG_DATA", ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA}, ++ #else ++ {"MISSING_CONFIG_DATA", 57, 213}, ++ #endif ++ #ifdef PROV_R_MISSING_CONSTANT ++ {"MISSING_CONSTANT", ERR_LIB_PROV, PROV_R_MISSING_CONSTANT}, ++ #else ++ {"MISSING_CONSTANT", 57, 156}, ++ #endif ++ #ifdef PROV_R_MISSING_KEY ++ {"MISSING_KEY", ERR_LIB_PROV, PROV_R_MISSING_KEY}, ++ #else ++ {"MISSING_KEY", 57, 128}, ++ #endif ++ #ifdef PROV_R_MISSING_MAC ++ {"MISSING_MAC", ERR_LIB_PROV, PROV_R_MISSING_MAC}, ++ #else ++ {"MISSING_MAC", 57, 150}, ++ #endif ++ #ifdef PROV_R_MISSING_MESSAGE_DIGEST ++ {"MISSING_MESSAGE_DIGEST", ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST}, ++ #else ++ {"MISSING_MESSAGE_DIGEST", 57, 129}, ++ #endif ++ #ifdef PROV_R_MISSING_OID ++ {"MISSING_OID", ERR_LIB_PROV, PROV_R_MISSING_OID}, ++ #else ++ {"MISSING_OID", 57, 209}, ++ #endif ++ #ifdef PROV_R_MISSING_PASS ++ {"MISSING_PASS", ERR_LIB_PROV, PROV_R_MISSING_PASS}, ++ #else ++ {"MISSING_PASS", 57, 130}, ++ #endif ++ #ifdef PROV_R_MISSING_SALT ++ {"MISSING_SALT", ERR_LIB_PROV, PROV_R_MISSING_SALT}, ++ #else ++ {"MISSING_SALT", 57, 131}, ++ #endif ++ #ifdef PROV_R_MISSING_SECRET ++ {"MISSING_SECRET", ERR_LIB_PROV, PROV_R_MISSING_SECRET}, ++ #else ++ {"MISSING_SECRET", 57, 132}, ++ #endif ++ #ifdef PROV_R_MISSING_SEED ++ {"MISSING_SEED", ERR_LIB_PROV, PROV_R_MISSING_SEED}, ++ #else ++ {"MISSING_SEED", 57, 140}, ++ #endif ++ #ifdef PROV_R_MISSING_SESSION_ID ++ {"MISSING_SESSION_ID", ERR_LIB_PROV, PROV_R_MISSING_SESSION_ID}, ++ #else ++ {"MISSING_SESSION_ID", 57, 133}, ++ #endif ++ #ifdef PROV_R_MISSING_TYPE ++ {"MISSING_TYPE", ERR_LIB_PROV, PROV_R_MISSING_TYPE}, ++ #else ++ {"MISSING_TYPE", 57, 134}, ++ #endif ++ #ifdef PROV_R_MISSING_XCGHASH ++ {"MISSING_XCGHASH", ERR_LIB_PROV, PROV_R_MISSING_XCGHASH}, ++ #else ++ {"MISSING_XCGHASH", 57, 135}, ++ #endif ++ #ifdef PROV_R_MODULE_INTEGRITY_FAILURE ++ {"MODULE_INTEGRITY_FAILURE", ERR_LIB_PROV, PROV_R_MODULE_INTEGRITY_FAILURE}, ++ #else ++ {"MODULE_INTEGRITY_FAILURE", 57, 214}, ++ #endif ++ #ifdef PROV_R_NOT_A_PRIVATE_KEY ++ {"NOT_A_PRIVATE_KEY", ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY}, ++ #else ++ {"NOT_A_PRIVATE_KEY", 57, 221}, ++ #endif ++ #ifdef PROV_R_NOT_A_PUBLIC_KEY ++ {"NOT_A_PUBLIC_KEY", ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY}, ++ #else ++ {"NOT_A_PUBLIC_KEY", 57, 220}, ++ #endif ++ #ifdef PROV_R_NOT_INSTANTIATED ++ {"NOT_INSTANTIATED", ERR_LIB_PROV, PROV_R_NOT_INSTANTIATED}, ++ #else ++ {"NOT_INSTANTIATED", 57, 193}, ++ #endif ++ #ifdef PROV_R_NOT_PARAMETERS ++ {"NOT_PARAMETERS", ERR_LIB_PROV, PROV_R_NOT_PARAMETERS}, ++ #else ++ {"NOT_PARAMETERS", 57, 226}, ++ #endif ++ #ifdef PROV_R_NOT_SUPPORTED ++ {"NOT_SUPPORTED", ERR_LIB_PROV, PROV_R_NOT_SUPPORTED}, ++ #else ++ {"NOT_SUPPORTED", 57, 136}, ++ #endif ++ #ifdef PROV_R_NOT_XOF_OR_INVALID_LENGTH ++ {"NOT_XOF_OR_INVALID_LENGTH", ERR_LIB_PROV, PROV_R_NOT_XOF_OR_INVALID_LENGTH}, ++ #else ++ {"NOT_XOF_OR_INVALID_LENGTH", 57, 113}, ++ #endif ++ #ifdef PROV_R_NO_KEY_SET ++ {"NO_KEY_SET", ERR_LIB_PROV, PROV_R_NO_KEY_SET}, ++ #else ++ {"NO_KEY_SET", 57, 114}, ++ #endif ++ #ifdef PROV_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_PROV, PROV_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 57, 177}, ++ #endif ++ #ifdef PROV_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", ERR_LIB_PROV, PROV_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE}, ++ #else ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", 57, 178}, ++ #endif ++ #ifdef PROV_R_OUTPUT_BUFFER_TOO_SMALL ++ {"OUTPUT_BUFFER_TOO_SMALL", ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL}, ++ #else ++ {"OUTPUT_BUFFER_TOO_SMALL", 57, 106}, ++ #endif ++ #ifdef PROV_R_PARENT_CANNOT_GENERATE_RANDOM_NUMBERS ++ {"PARENT_CANNOT_GENERATE_RANDOM_NUMBERS", ERR_LIB_PROV, PROV_R_PARENT_CANNOT_GENERATE_RANDOM_NUMBERS}, ++ #else ++ {"PARENT_CANNOT_GENERATE_RANDOM_NUMBERS", 57, 228}, ++ #endif ++ #ifdef PROV_R_PARENT_CANNOT_SUPPLY_ENTROPY_SEED ++ {"PARENT_CANNOT_SUPPLY_ENTROPY_SEED", ERR_LIB_PROV, PROV_R_PARENT_CANNOT_SUPPLY_ENTROPY_SEED}, ++ #else ++ {"PARENT_CANNOT_SUPPLY_ENTROPY_SEED", 57, 187}, ++ #endif ++ #ifdef PROV_R_PARENT_LOCKING_NOT_ENABLED ++ {"PARENT_LOCKING_NOT_ENABLED", ERR_LIB_PROV, PROV_R_PARENT_LOCKING_NOT_ENABLED}, ++ #else ++ {"PARENT_LOCKING_NOT_ENABLED", 57, 182}, ++ #endif ++ #ifdef PROV_R_PARENT_STRENGTH_TOO_WEAK ++ {"PARENT_STRENGTH_TOO_WEAK", ERR_LIB_PROV, PROV_R_PARENT_STRENGTH_TOO_WEAK}, ++ #else ++ {"PARENT_STRENGTH_TOO_WEAK", 57, 194}, ++ #endif ++ #ifdef PROV_R_PATH_MUST_BE_ABSOLUTE ++ {"PATH_MUST_BE_ABSOLUTE", ERR_LIB_PROV, PROV_R_PATH_MUST_BE_ABSOLUTE}, ++ #else ++ {"PATH_MUST_BE_ABSOLUTE", 57, 219}, ++ #endif ++ #ifdef PROV_R_PERSONALISATION_STRING_TOO_LONG ++ {"PERSONALISATION_STRING_TOO_LONG", ERR_LIB_PROV, PROV_R_PERSONALISATION_STRING_TOO_LONG}, ++ #else ++ {"PERSONALISATION_STRING_TOO_LONG", 57, 195}, ++ #endif ++ #ifdef PROV_R_PSS_SALTLEN_TOO_SMALL ++ {"PSS_SALTLEN_TOO_SMALL", ERR_LIB_PROV, PROV_R_PSS_SALTLEN_TOO_SMALL}, ++ #else ++ {"PSS_SALTLEN_TOO_SMALL", 57, 172}, ++ #endif ++ #ifdef PROV_R_REQUEST_TOO_LARGE_FOR_DRBG ++ {"REQUEST_TOO_LARGE_FOR_DRBG", ERR_LIB_PROV, PROV_R_REQUEST_TOO_LARGE_FOR_DRBG}, ++ #else ++ {"REQUEST_TOO_LARGE_FOR_DRBG", 57, 196}, ++ #endif ++ #ifdef PROV_R_REQUIRE_CTR_MODE_CIPHER ++ {"REQUIRE_CTR_MODE_CIPHER", ERR_LIB_PROV, PROV_R_REQUIRE_CTR_MODE_CIPHER}, ++ #else ++ {"REQUIRE_CTR_MODE_CIPHER", 57, 206}, ++ #endif ++ #ifdef PROV_R_RESEED_ERROR ++ {"RESEED_ERROR", ERR_LIB_PROV, PROV_R_RESEED_ERROR}, ++ #else ++ {"RESEED_ERROR", 57, 197}, ++ #endif ++ #ifdef PROV_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES ++ {"SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", ERR_LIB_PROV, PROV_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES}, ++ #else ++ {"SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", 57, 222}, ++ #endif ++ #ifdef PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT ++ {"SEED_SOURCES_MUST_NOT_HAVE_A_PARENT", ERR_LIB_PROV, PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT}, ++ #else ++ {"SEED_SOURCES_MUST_NOT_HAVE_A_PARENT", 57, 229}, ++ #endif ++ #ifdef PROV_R_SELF_TEST_KAT_FAILURE ++ {"SELF_TEST_KAT_FAILURE", ERR_LIB_PROV, PROV_R_SELF_TEST_KAT_FAILURE}, ++ #else ++ {"SELF_TEST_KAT_FAILURE", 57, 215}, ++ #endif ++ #ifdef PROV_R_SELF_TEST_POST_FAILURE ++ {"SELF_TEST_POST_FAILURE", ERR_LIB_PROV, PROV_R_SELF_TEST_POST_FAILURE}, ++ #else ++ {"SELF_TEST_POST_FAILURE", 57, 216}, ++ #endif ++ #ifdef PROV_R_TAG_NOT_NEEDED ++ {"TAG_NOT_NEEDED", ERR_LIB_PROV, PROV_R_TAG_NOT_NEEDED}, ++ #else ++ {"TAG_NOT_NEEDED", 57, 120}, ++ #endif ++ #ifdef PROV_R_TAG_NOT_SET ++ {"TAG_NOT_SET", ERR_LIB_PROV, PROV_R_TAG_NOT_SET}, ++ #else ++ {"TAG_NOT_SET", 57, 119}, ++ #endif ++ #ifdef PROV_R_TOO_MANY_RECORDS ++ {"TOO_MANY_RECORDS", ERR_LIB_PROV, PROV_R_TOO_MANY_RECORDS}, ++ #else ++ {"TOO_MANY_RECORDS", 57, 126}, ++ #endif ++ #ifdef PROV_R_UNABLE_TO_FIND_CIPHERS ++ {"UNABLE_TO_FIND_CIPHERS", ERR_LIB_PROV, PROV_R_UNABLE_TO_FIND_CIPHERS}, ++ #else ++ {"UNABLE_TO_FIND_CIPHERS", 57, 207}, ++ #endif ++ #ifdef PROV_R_UNABLE_TO_GET_PARENT_STRENGTH ++ {"UNABLE_TO_GET_PARENT_STRENGTH", ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PARENT_STRENGTH}, ++ #else ++ {"UNABLE_TO_GET_PARENT_STRENGTH", 57, 199}, ++ #endif ++ #ifdef PROV_R_UNABLE_TO_GET_PASSPHRASE ++ {"UNABLE_TO_GET_PASSPHRASE", ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE}, ++ #else ++ {"UNABLE_TO_GET_PASSPHRASE", 57, 159}, ++ #endif ++ #ifdef PROV_R_UNABLE_TO_INITIALISE_CIPHERS ++ {"UNABLE_TO_INITIALISE_CIPHERS", ERR_LIB_PROV, PROV_R_UNABLE_TO_INITIALISE_CIPHERS}, ++ #else ++ {"UNABLE_TO_INITIALISE_CIPHERS", 57, 208}, ++ #endif ++ #ifdef PROV_R_UNABLE_TO_LOAD_SHA256 ++ {"UNABLE_TO_LOAD_SHA256", ERR_LIB_PROV, PROV_R_UNABLE_TO_LOAD_SHA256}, ++ #else ++ {"UNABLE_TO_LOAD_SHA256", 57, 147}, ++ #endif ++ #ifdef PROV_R_UNABLE_TO_LOCK_PARENT ++ {"UNABLE_TO_LOCK_PARENT", ERR_LIB_PROV, PROV_R_UNABLE_TO_LOCK_PARENT}, ++ #else ++ {"UNABLE_TO_LOCK_PARENT", 57, 201}, ++ #endif ++ #ifdef PROV_R_UNABLE_TO_RESEED ++ {"UNABLE_TO_RESEED", ERR_LIB_PROV, PROV_R_UNABLE_TO_RESEED}, ++ #else ++ {"UNABLE_TO_RESEED", 57, 204}, ++ #endif ++ #ifdef PROV_R_UNSUPPORTED_CEK_ALG ++ {"UNSUPPORTED_CEK_ALG", ERR_LIB_PROV, PROV_R_UNSUPPORTED_CEK_ALG}, ++ #else ++ {"UNSUPPORTED_CEK_ALG", 57, 145}, ++ #endif ++ #ifdef PROV_R_UNSUPPORTED_KEY_SIZE ++ {"UNSUPPORTED_KEY_SIZE", ERR_LIB_PROV, PROV_R_UNSUPPORTED_KEY_SIZE}, ++ #else ++ {"UNSUPPORTED_KEY_SIZE", 57, 153}, ++ #endif ++ #ifdef PROV_R_UNSUPPORTED_MAC_TYPE ++ {"UNSUPPORTED_MAC_TYPE", ERR_LIB_PROV, PROV_R_UNSUPPORTED_MAC_TYPE}, ++ #else ++ {"UNSUPPORTED_MAC_TYPE", 57, 137}, ++ #endif ++ #ifdef PROV_R_UNSUPPORTED_NUMBER_OF_ROUNDS ++ {"UNSUPPORTED_NUMBER_OF_ROUNDS", ERR_LIB_PROV, PROV_R_UNSUPPORTED_NUMBER_OF_ROUNDS}, ++ #else ++ {"UNSUPPORTED_NUMBER_OF_ROUNDS", 57, 152}, ++ #endif ++ #ifdef PROV_R_URI_AUTHORITY_UNSUPPORTED ++ {"URI_AUTHORITY_UNSUPPORTED", ERR_LIB_PROV, PROV_R_URI_AUTHORITY_UNSUPPORTED}, ++ #else ++ {"URI_AUTHORITY_UNSUPPORTED", 57, 223}, ++ #endif ++ #ifdef PROV_R_VALUE_ERROR ++ {"VALUE_ERROR", ERR_LIB_PROV, PROV_R_VALUE_ERROR}, ++ #else ++ {"VALUE_ERROR", 57, 138}, ++ #endif ++ #ifdef PROV_R_WRONG_FINAL_BLOCK_LENGTH ++ {"WRONG_FINAL_BLOCK_LENGTH", ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH}, ++ #else ++ {"WRONG_FINAL_BLOCK_LENGTH", 57, 107}, ++ #endif ++ #ifdef PROV_R_WRONG_OUTPUT_BUFFER_SIZE ++ {"WRONG_OUTPUT_BUFFER_SIZE", ERR_LIB_PROV, PROV_R_WRONG_OUTPUT_BUFFER_SIZE}, ++ #else ++ {"WRONG_OUTPUT_BUFFER_SIZE", 57, 139}, ++ #endif ++ #ifdef PROV_R_XOF_DIGESTS_NOT_ALLOWED ++ {"XOF_DIGESTS_NOT_ALLOWED", ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED}, ++ #else ++ {"XOF_DIGESTS_NOT_ALLOWED", 57, 183}, ++ #endif ++ #ifdef PROV_R_XTS_DATA_UNIT_IS_TOO_LARGE ++ {"XTS_DATA_UNIT_IS_TOO_LARGE", ERR_LIB_PROV, PROV_R_XTS_DATA_UNIT_IS_TOO_LARGE}, ++ #else ++ {"XTS_DATA_UNIT_IS_TOO_LARGE", 57, 148}, ++ #endif ++ #ifdef PROV_R_XTS_DUPLICATED_KEYS ++ {"XTS_DUPLICATED_KEYS", ERR_LIB_PROV, PROV_R_XTS_DUPLICATED_KEYS}, ++ #else ++ {"XTS_DUPLICATED_KEYS", 57, 149}, ++ #endif ++ #ifdef RAND_R_ADDITIONAL_INPUT_TOO_LONG ++ {"ADDITIONAL_INPUT_TOO_LONG", ERR_LIB_RAND, RAND_R_ADDITIONAL_INPUT_TOO_LONG}, ++ #else ++ {"ADDITIONAL_INPUT_TOO_LONG", 36, 102}, ++ #endif ++ #ifdef RAND_R_ALREADY_INSTANTIATED ++ {"ALREADY_INSTANTIATED", ERR_LIB_RAND, RAND_R_ALREADY_INSTANTIATED}, ++ #else ++ {"ALREADY_INSTANTIATED", 36, 103}, ++ #endif ++ #ifdef RAND_R_ARGUMENT_OUT_OF_RANGE ++ {"ARGUMENT_OUT_OF_RANGE", ERR_LIB_RAND, RAND_R_ARGUMENT_OUT_OF_RANGE}, ++ #else ++ {"ARGUMENT_OUT_OF_RANGE", 36, 105}, ++ #endif ++ #ifdef RAND_R_CANNOT_OPEN_FILE ++ {"CANNOT_OPEN_FILE", ERR_LIB_RAND, RAND_R_CANNOT_OPEN_FILE}, ++ #else ++ {"CANNOT_OPEN_FILE", 36, 121}, ++ #endif ++ #ifdef RAND_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS ++ {"DERIVATION_FUNCTION_MANDATORY_FOR_FIPS", ERR_LIB_RAND, RAND_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS}, ++ #else ++ {"DERIVATION_FUNCTION_MANDATORY_FOR_FIPS", 36, 137}, ++ #endif ++ #ifdef RAND_R_DRBG_ALREADY_INITIALIZED ++ {"DRBG_ALREADY_INITIALIZED", ERR_LIB_RAND, RAND_R_DRBG_ALREADY_INITIALIZED}, ++ #else ++ {"DRBG_ALREADY_INITIALIZED", 36, 129}, ++ #endif ++ #ifdef RAND_R_DRBG_NOT_INITIALISED ++ {"DRBG_NOT_INITIALISED", ERR_LIB_RAND, RAND_R_DRBG_NOT_INITIALISED}, ++ #else ++ {"DRBG_NOT_INITIALISED", 36, 104}, ++ #endif ++ #ifdef RAND_R_ENTROPY_INPUT_TOO_LONG ++ {"ENTROPY_INPUT_TOO_LONG", ERR_LIB_RAND, RAND_R_ENTROPY_INPUT_TOO_LONG}, ++ #else ++ {"ENTROPY_INPUT_TOO_LONG", 36, 106}, ++ #endif ++ #ifdef RAND_R_ENTROPY_OUT_OF_RANGE ++ {"ENTROPY_OUT_OF_RANGE", ERR_LIB_RAND, RAND_R_ENTROPY_OUT_OF_RANGE}, ++ #else ++ {"ENTROPY_OUT_OF_RANGE", 36, 124}, ++ #endif ++ #ifdef RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED ++ {"ERROR_ENTROPY_POOL_WAS_IGNORED", ERR_LIB_RAND, RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED}, ++ #else ++ {"ERROR_ENTROPY_POOL_WAS_IGNORED", 36, 127}, ++ #endif ++ #ifdef RAND_R_ERROR_INITIALISING_DRBG ++ {"ERROR_INITIALISING_DRBG", ERR_LIB_RAND, RAND_R_ERROR_INITIALISING_DRBG}, ++ #else ++ {"ERROR_INITIALISING_DRBG", 36, 107}, ++ #endif ++ #ifdef RAND_R_ERROR_INSTANTIATING_DRBG ++ {"ERROR_INSTANTIATING_DRBG", ERR_LIB_RAND, RAND_R_ERROR_INSTANTIATING_DRBG}, ++ #else ++ {"ERROR_INSTANTIATING_DRBG", 36, 108}, ++ #endif ++ #ifdef RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT ++ {"ERROR_RETRIEVING_ADDITIONAL_INPUT", ERR_LIB_RAND, RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT}, ++ #else ++ {"ERROR_RETRIEVING_ADDITIONAL_INPUT", 36, 109}, ++ #endif ++ #ifdef RAND_R_ERROR_RETRIEVING_ENTROPY ++ {"ERROR_RETRIEVING_ENTROPY", ERR_LIB_RAND, RAND_R_ERROR_RETRIEVING_ENTROPY}, ++ #else ++ {"ERROR_RETRIEVING_ENTROPY", 36, 110}, ++ #endif ++ #ifdef RAND_R_ERROR_RETRIEVING_NONCE ++ {"ERROR_RETRIEVING_NONCE", ERR_LIB_RAND, RAND_R_ERROR_RETRIEVING_NONCE}, ++ #else ++ {"ERROR_RETRIEVING_NONCE", 36, 111}, ++ #endif ++ #ifdef RAND_R_FAILED_TO_CREATE_LOCK ++ {"FAILED_TO_CREATE_LOCK", ERR_LIB_RAND, RAND_R_FAILED_TO_CREATE_LOCK}, ++ #else ++ {"FAILED_TO_CREATE_LOCK", 36, 126}, ++ #endif ++ #ifdef RAND_R_FUNC_NOT_IMPLEMENTED ++ {"FUNC_NOT_IMPLEMENTED", ERR_LIB_RAND, RAND_R_FUNC_NOT_IMPLEMENTED}, ++ #else ++ {"FUNC_NOT_IMPLEMENTED", 36, 101}, ++ #endif ++ #ifdef RAND_R_FWRITE_ERROR ++ {"FWRITE_ERROR", ERR_LIB_RAND, RAND_R_FWRITE_ERROR}, ++ #else ++ {"FWRITE_ERROR", 36, 123}, ++ #endif ++ #ifdef RAND_R_GENERATE_ERROR ++ {"GENERATE_ERROR", ERR_LIB_RAND, RAND_R_GENERATE_ERROR}, ++ #else ++ {"GENERATE_ERROR", 36, 112}, ++ #endif ++ #ifdef RAND_R_INSUFFICIENT_DRBG_STRENGTH ++ {"INSUFFICIENT_DRBG_STRENGTH", ERR_LIB_RAND, RAND_R_INSUFFICIENT_DRBG_STRENGTH}, ++ #else ++ {"INSUFFICIENT_DRBG_STRENGTH", 36, 139}, ++ #endif ++ #ifdef RAND_R_INTERNAL_ERROR ++ {"INTERNAL_ERROR", ERR_LIB_RAND, RAND_R_INTERNAL_ERROR}, ++ #else ++ {"INTERNAL_ERROR", 36, 113}, ++ #endif ++ #ifdef RAND_R_IN_ERROR_STATE ++ {"IN_ERROR_STATE", ERR_LIB_RAND, RAND_R_IN_ERROR_STATE}, ++ #else ++ {"IN_ERROR_STATE", 36, 114}, ++ #endif ++ #ifdef RAND_R_NOT_A_REGULAR_FILE ++ {"NOT_A_REGULAR_FILE", ERR_LIB_RAND, RAND_R_NOT_A_REGULAR_FILE}, ++ #else ++ {"NOT_A_REGULAR_FILE", 36, 122}, ++ #endif ++ #ifdef RAND_R_NOT_INSTANTIATED ++ {"NOT_INSTANTIATED", ERR_LIB_RAND, RAND_R_NOT_INSTANTIATED}, ++ #else ++ {"NOT_INSTANTIATED", 36, 115}, ++ #endif ++ #ifdef RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED ++ {"NO_DRBG_IMPLEMENTATION_SELECTED", ERR_LIB_RAND, RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED}, ++ #else ++ {"NO_DRBG_IMPLEMENTATION_SELECTED", 36, 128}, ++ #endif ++ #ifdef RAND_R_PARENT_LOCKING_NOT_ENABLED ++ {"PARENT_LOCKING_NOT_ENABLED", ERR_LIB_RAND, RAND_R_PARENT_LOCKING_NOT_ENABLED}, ++ #else ++ {"PARENT_LOCKING_NOT_ENABLED", 36, 130}, ++ #endif ++ #ifdef RAND_R_PARENT_STRENGTH_TOO_WEAK ++ {"PARENT_STRENGTH_TOO_WEAK", ERR_LIB_RAND, RAND_R_PARENT_STRENGTH_TOO_WEAK}, ++ #else ++ {"PARENT_STRENGTH_TOO_WEAK", 36, 131}, ++ #endif ++ #ifdef RAND_R_PERSONALISATION_STRING_TOO_LONG ++ {"PERSONALISATION_STRING_TOO_LONG", ERR_LIB_RAND, RAND_R_PERSONALISATION_STRING_TOO_LONG}, ++ #else ++ {"PERSONALISATION_STRING_TOO_LONG", 36, 116}, ++ #endif ++ #ifdef RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED ++ {"PREDICTION_RESISTANCE_NOT_SUPPORTED", ERR_LIB_RAND, RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED}, ++ #else ++ {"PREDICTION_RESISTANCE_NOT_SUPPORTED", 36, 133}, ++ #endif ++ #ifdef RAND_R_PRNG_NOT_SEEDED ++ {"PRNG_NOT_SEEDED", ERR_LIB_RAND, RAND_R_PRNG_NOT_SEEDED}, ++ #else ++ {"PRNG_NOT_SEEDED", 36, 100}, ++ #endif ++ #ifdef RAND_R_RANDOM_POOL_OVERFLOW ++ {"RANDOM_POOL_OVERFLOW", ERR_LIB_RAND, RAND_R_RANDOM_POOL_OVERFLOW}, ++ #else ++ {"RANDOM_POOL_OVERFLOW", 36, 125}, ++ #endif ++ #ifdef RAND_R_RANDOM_POOL_UNDERFLOW ++ {"RANDOM_POOL_UNDERFLOW", ERR_LIB_RAND, RAND_R_RANDOM_POOL_UNDERFLOW}, ++ #else ++ {"RANDOM_POOL_UNDERFLOW", 36, 134}, ++ #endif ++ #ifdef RAND_R_REQUEST_TOO_LARGE_FOR_DRBG ++ {"REQUEST_TOO_LARGE_FOR_DRBG", ERR_LIB_RAND, RAND_R_REQUEST_TOO_LARGE_FOR_DRBG}, ++ #else ++ {"REQUEST_TOO_LARGE_FOR_DRBG", 36, 117}, ++ #endif ++ #ifdef RAND_R_RESEED_ERROR ++ {"RESEED_ERROR", ERR_LIB_RAND, RAND_R_RESEED_ERROR}, ++ #else ++ {"RESEED_ERROR", 36, 118}, ++ #endif ++ #ifdef RAND_R_SELFTEST_FAILURE ++ {"SELFTEST_FAILURE", ERR_LIB_RAND, RAND_R_SELFTEST_FAILURE}, ++ #else ++ {"SELFTEST_FAILURE", 36, 119}, ++ #endif ++ #ifdef RAND_R_TOO_LITTLE_NONCE_REQUESTED ++ {"TOO_LITTLE_NONCE_REQUESTED", ERR_LIB_RAND, RAND_R_TOO_LITTLE_NONCE_REQUESTED}, ++ #else ++ {"TOO_LITTLE_NONCE_REQUESTED", 36, 135}, ++ #endif ++ #ifdef RAND_R_TOO_MUCH_NONCE_REQUESTED ++ {"TOO_MUCH_NONCE_REQUESTED", ERR_LIB_RAND, RAND_R_TOO_MUCH_NONCE_REQUESTED}, ++ #else ++ {"TOO_MUCH_NONCE_REQUESTED", 36, 136}, ++ #endif ++ #ifdef RAND_R_UNABLE_TO_CREATE_DRBG ++ {"UNABLE_TO_CREATE_DRBG", ERR_LIB_RAND, RAND_R_UNABLE_TO_CREATE_DRBG}, ++ #else ++ {"UNABLE_TO_CREATE_DRBG", 36, 143}, ++ #endif ++ #ifdef RAND_R_UNABLE_TO_FETCH_DRBG ++ {"UNABLE_TO_FETCH_DRBG", ERR_LIB_RAND, RAND_R_UNABLE_TO_FETCH_DRBG}, ++ #else ++ {"UNABLE_TO_FETCH_DRBG", 36, 144}, ++ #endif ++ #ifdef RAND_R_UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER ++ {"UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER", ERR_LIB_RAND, RAND_R_UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER}, ++ #else ++ {"UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER", 36, 141}, ++ #endif ++ #ifdef RAND_R_UNABLE_TO_GET_PARENT_STRENGTH ++ {"UNABLE_TO_GET_PARENT_STRENGTH", ERR_LIB_RAND, RAND_R_UNABLE_TO_GET_PARENT_STRENGTH}, ++ #else ++ {"UNABLE_TO_GET_PARENT_STRENGTH", 36, 138}, ++ #endif ++ #ifdef RAND_R_UNABLE_TO_LOCK_PARENT ++ {"UNABLE_TO_LOCK_PARENT", ERR_LIB_RAND, RAND_R_UNABLE_TO_LOCK_PARENT}, ++ #else ++ {"UNABLE_TO_LOCK_PARENT", 36, 140}, ++ #endif ++ #ifdef RAND_R_UNSUPPORTED_DRBG_FLAGS ++ {"UNSUPPORTED_DRBG_FLAGS", ERR_LIB_RAND, RAND_R_UNSUPPORTED_DRBG_FLAGS}, ++ #else ++ {"UNSUPPORTED_DRBG_FLAGS", 36, 132}, ++ #endif ++ #ifdef RAND_R_UNSUPPORTED_DRBG_TYPE ++ {"UNSUPPORTED_DRBG_TYPE", ERR_LIB_RAND, RAND_R_UNSUPPORTED_DRBG_TYPE}, ++ #else ++ {"UNSUPPORTED_DRBG_TYPE", 36, 120}, ++ #endif ++ #ifdef RSA_R_ALGORITHM_MISMATCH ++ {"ALGORITHM_MISMATCH", ERR_LIB_RSA, RSA_R_ALGORITHM_MISMATCH}, ++ #else ++ {"ALGORITHM_MISMATCH", 4, 100}, ++ #endif ++ #ifdef RSA_R_BAD_E_VALUE ++ {"BAD_E_VALUE", ERR_LIB_RSA, RSA_R_BAD_E_VALUE}, ++ #else ++ {"BAD_E_VALUE", 4, 101}, ++ #endif ++ #ifdef RSA_R_BAD_FIXED_HEADER_DECRYPT ++ {"BAD_FIXED_HEADER_DECRYPT", ERR_LIB_RSA, RSA_R_BAD_FIXED_HEADER_DECRYPT}, ++ #else ++ {"BAD_FIXED_HEADER_DECRYPT", 4, 102}, ++ #endif ++ #ifdef RSA_R_BAD_PAD_BYTE_COUNT ++ {"BAD_PAD_BYTE_COUNT", ERR_LIB_RSA, RSA_R_BAD_PAD_BYTE_COUNT}, ++ #else ++ {"BAD_PAD_BYTE_COUNT", 4, 103}, ++ #endif ++ #ifdef RSA_R_BAD_SIGNATURE ++ {"BAD_SIGNATURE", ERR_LIB_RSA, RSA_R_BAD_SIGNATURE}, ++ #else ++ {"BAD_SIGNATURE", 4, 104}, ++ #endif ++ #ifdef RSA_R_BLOCK_TYPE_IS_NOT_01 ++ {"BLOCK_TYPE_IS_NOT_01", ERR_LIB_RSA, RSA_R_BLOCK_TYPE_IS_NOT_01}, ++ #else ++ {"BLOCK_TYPE_IS_NOT_01", 4, 106}, ++ #endif ++ #ifdef RSA_R_BLOCK_TYPE_IS_NOT_02 ++ {"BLOCK_TYPE_IS_NOT_02", ERR_LIB_RSA, RSA_R_BLOCK_TYPE_IS_NOT_02}, ++ #else ++ {"BLOCK_TYPE_IS_NOT_02", 4, 107}, ++ #endif ++ #ifdef RSA_R_DATA_GREATER_THAN_MOD_LEN ++ {"DATA_GREATER_THAN_MOD_LEN", ERR_LIB_RSA, RSA_R_DATA_GREATER_THAN_MOD_LEN}, ++ #else ++ {"DATA_GREATER_THAN_MOD_LEN", 4, 108}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_LARGE ++ {"DATA_TOO_LARGE", ERR_LIB_RSA, RSA_R_DATA_TOO_LARGE}, ++ #else ++ {"DATA_TOO_LARGE", 4, 109}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ++ {"DATA_TOO_LARGE_FOR_KEY_SIZE", ERR_LIB_RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE}, ++ #else ++ {"DATA_TOO_LARGE_FOR_KEY_SIZE", 4, 110}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_LARGE_FOR_MODULUS ++ {"DATA_TOO_LARGE_FOR_MODULUS", ERR_LIB_RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS}, ++ #else ++ {"DATA_TOO_LARGE_FOR_MODULUS", 4, 132}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_SMALL ++ {"DATA_TOO_SMALL", ERR_LIB_RSA, RSA_R_DATA_TOO_SMALL}, ++ #else ++ {"DATA_TOO_SMALL", 4, 111}, ++ #endif ++ #ifdef RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ++ {"DATA_TOO_SMALL_FOR_KEY_SIZE", ERR_LIB_RSA, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE}, ++ #else ++ {"DATA_TOO_SMALL_FOR_KEY_SIZE", 4, 122}, ++ #endif ++ #ifdef RSA_R_DIGEST_DOES_NOT_MATCH ++ {"DIGEST_DOES_NOT_MATCH", ERR_LIB_RSA, RSA_R_DIGEST_DOES_NOT_MATCH}, ++ #else ++ {"DIGEST_DOES_NOT_MATCH", 4, 158}, ++ #endif ++ #ifdef RSA_R_DIGEST_NOT_ALLOWED ++ {"DIGEST_NOT_ALLOWED", ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED}, ++ #else ++ {"DIGEST_NOT_ALLOWED", 4, 145}, ++ #endif ++ #ifdef RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ++ {"DIGEST_TOO_BIG_FOR_RSA_KEY", ERR_LIB_RSA, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY}, ++ #else ++ {"DIGEST_TOO_BIG_FOR_RSA_KEY", 4, 112}, ++ #endif ++ #ifdef RSA_R_DMP1_NOT_CONGRUENT_TO_D ++ {"DMP1_NOT_CONGRUENT_TO_D", ERR_LIB_RSA, RSA_R_DMP1_NOT_CONGRUENT_TO_D}, ++ #else ++ {"DMP1_NOT_CONGRUENT_TO_D", 4, 124}, ++ #endif ++ #ifdef RSA_R_DMQ1_NOT_CONGRUENT_TO_D ++ {"DMQ1_NOT_CONGRUENT_TO_D", ERR_LIB_RSA, RSA_R_DMQ1_NOT_CONGRUENT_TO_D}, ++ #else ++ {"DMQ1_NOT_CONGRUENT_TO_D", 4, 125}, ++ #endif ++ #ifdef RSA_R_D_E_NOT_CONGRUENT_TO_1 ++ {"D_E_NOT_CONGRUENT_TO_1", ERR_LIB_RSA, RSA_R_D_E_NOT_CONGRUENT_TO_1}, ++ #else ++ {"D_E_NOT_CONGRUENT_TO_1", 4, 123}, ++ #endif ++ #ifdef RSA_R_FIRST_OCTET_INVALID ++ {"FIRST_OCTET_INVALID", ERR_LIB_RSA, RSA_R_FIRST_OCTET_INVALID}, ++ #else ++ {"FIRST_OCTET_INVALID", 4, 133}, ++ #endif ++ #ifdef RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE ++ {"ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", ERR_LIB_RSA, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE}, ++ #else ++ {"ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", 4, 144}, ++ #endif ++ #ifdef RSA_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_RSA, RSA_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 4, 157}, ++ #endif ++ #ifdef RSA_R_INVALID_DIGEST_LENGTH ++ {"INVALID_DIGEST_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_DIGEST_LENGTH}, ++ #else ++ {"INVALID_DIGEST_LENGTH", 4, 143}, ++ #endif ++ #ifdef RSA_R_INVALID_HEADER ++ {"INVALID_HEADER", ERR_LIB_RSA, RSA_R_INVALID_HEADER}, ++ #else ++ {"INVALID_HEADER", 4, 137}, ++ #endif ++ #ifdef RSA_R_INVALID_KEYPAIR ++ {"INVALID_KEYPAIR", ERR_LIB_RSA, RSA_R_INVALID_KEYPAIR}, ++ #else ++ {"INVALID_KEYPAIR", 4, 171}, ++ #endif ++ #ifdef RSA_R_INVALID_KEY_LENGTH ++ {"INVALID_KEY_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_KEY_LENGTH}, ++ #else ++ {"INVALID_KEY_LENGTH", 4, 173}, ++ #endif ++ #ifdef RSA_R_INVALID_LABEL ++ {"INVALID_LABEL", ERR_LIB_RSA, RSA_R_INVALID_LABEL}, ++ #else ++ {"INVALID_LABEL", 4, 160}, ++ #endif ++ #ifdef RSA_R_INVALID_MESSAGE_LENGTH ++ {"INVALID_MESSAGE_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_MESSAGE_LENGTH}, ++ #else ++ {"INVALID_MESSAGE_LENGTH", 4, 131}, ++ #endif ++ #ifdef RSA_R_INVALID_MGF1_MD ++ {"INVALID_MGF1_MD", ERR_LIB_RSA, RSA_R_INVALID_MGF1_MD}, ++ #else ++ {"INVALID_MGF1_MD", 4, 156}, ++ #endif ++ #ifdef RSA_R_INVALID_MODULUS ++ {"INVALID_MODULUS", ERR_LIB_RSA, RSA_R_INVALID_MODULUS}, ++ #else ++ {"INVALID_MODULUS", 4, 174}, ++ #endif ++ #ifdef RSA_R_INVALID_MULTI_PRIME_KEY ++ {"INVALID_MULTI_PRIME_KEY", ERR_LIB_RSA, RSA_R_INVALID_MULTI_PRIME_KEY}, ++ #else ++ {"INVALID_MULTI_PRIME_KEY", 4, 167}, ++ #endif ++ #ifdef RSA_R_INVALID_OAEP_PARAMETERS ++ {"INVALID_OAEP_PARAMETERS", ERR_LIB_RSA, RSA_R_INVALID_OAEP_PARAMETERS}, ++ #else ++ {"INVALID_OAEP_PARAMETERS", 4, 161}, ++ #endif ++ #ifdef RSA_R_INVALID_PADDING ++ {"INVALID_PADDING", ERR_LIB_RSA, RSA_R_INVALID_PADDING}, ++ #else ++ {"INVALID_PADDING", 4, 138}, ++ #endif ++ #ifdef RSA_R_INVALID_PADDING_MODE ++ {"INVALID_PADDING_MODE", ERR_LIB_RSA, RSA_R_INVALID_PADDING_MODE}, ++ #else ++ {"INVALID_PADDING_MODE", 4, 141}, ++ #endif ++ #ifdef RSA_R_INVALID_PSS_PARAMETERS ++ {"INVALID_PSS_PARAMETERS", ERR_LIB_RSA, RSA_R_INVALID_PSS_PARAMETERS}, ++ #else ++ {"INVALID_PSS_PARAMETERS", 4, 149}, ++ #endif ++ #ifdef RSA_R_INVALID_PSS_SALTLEN ++ {"INVALID_PSS_SALTLEN", ERR_LIB_RSA, RSA_R_INVALID_PSS_SALTLEN}, ++ #else ++ {"INVALID_PSS_SALTLEN", 4, 146}, ++ #endif ++ #ifdef RSA_R_INVALID_REQUEST ++ {"INVALID_REQUEST", ERR_LIB_RSA, RSA_R_INVALID_REQUEST}, ++ #else ++ {"INVALID_REQUEST", 4, 175}, ++ #endif ++ #ifdef RSA_R_INVALID_SALT_LENGTH ++ {"INVALID_SALT_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_SALT_LENGTH}, ++ #else ++ {"INVALID_SALT_LENGTH", 4, 150}, ++ #endif ++ #ifdef RSA_R_INVALID_STRENGTH ++ {"INVALID_STRENGTH", ERR_LIB_RSA, RSA_R_INVALID_STRENGTH}, ++ #else ++ {"INVALID_STRENGTH", 4, 176}, ++ #endif ++ #ifdef RSA_R_INVALID_TRAILER ++ {"INVALID_TRAILER", ERR_LIB_RSA, RSA_R_INVALID_TRAILER}, ++ #else ++ {"INVALID_TRAILER", 4, 139}, ++ #endif ++ #ifdef RSA_R_INVALID_X931_DIGEST ++ {"INVALID_X931_DIGEST", ERR_LIB_RSA, RSA_R_INVALID_X931_DIGEST}, ++ #else ++ {"INVALID_X931_DIGEST", 4, 142}, ++ #endif ++ #ifdef RSA_R_IQMP_NOT_INVERSE_OF_Q ++ {"IQMP_NOT_INVERSE_OF_Q", ERR_LIB_RSA, RSA_R_IQMP_NOT_INVERSE_OF_Q}, ++ #else ++ {"IQMP_NOT_INVERSE_OF_Q", 4, 126}, ++ #endif ++ #ifdef RSA_R_KEY_PRIME_NUM_INVALID ++ {"KEY_PRIME_NUM_INVALID", ERR_LIB_RSA, RSA_R_KEY_PRIME_NUM_INVALID}, ++ #else ++ {"KEY_PRIME_NUM_INVALID", 4, 165}, ++ #endif ++ #ifdef RSA_R_KEY_SIZE_TOO_SMALL ++ {"KEY_SIZE_TOO_SMALL", ERR_LIB_RSA, RSA_R_KEY_SIZE_TOO_SMALL}, ++ #else ++ {"KEY_SIZE_TOO_SMALL", 4, 120}, ++ #endif ++ #ifdef RSA_R_LAST_OCTET_INVALID ++ {"LAST_OCTET_INVALID", ERR_LIB_RSA, RSA_R_LAST_OCTET_INVALID}, ++ #else ++ {"LAST_OCTET_INVALID", 4, 134}, ++ #endif ++ #ifdef RSA_R_MGF1_DIGEST_NOT_ALLOWED ++ {"MGF1_DIGEST_NOT_ALLOWED", ERR_LIB_RSA, RSA_R_MGF1_DIGEST_NOT_ALLOWED}, ++ #else ++ {"MGF1_DIGEST_NOT_ALLOWED", 4, 152}, ++ #endif ++ #ifdef RSA_R_MISSING_PRIVATE_KEY ++ {"MISSING_PRIVATE_KEY", ERR_LIB_RSA, RSA_R_MISSING_PRIVATE_KEY}, ++ #else ++ {"MISSING_PRIVATE_KEY", 4, 179}, ++ #endif ++ #ifdef RSA_R_MODULUS_TOO_LARGE ++ {"MODULUS_TOO_LARGE", ERR_LIB_RSA, RSA_R_MODULUS_TOO_LARGE}, ++ #else ++ {"MODULUS_TOO_LARGE", 4, 105}, ++ #endif ++ #ifdef RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R ++ {"MP_COEFFICIENT_NOT_INVERSE_OF_R", ERR_LIB_RSA, RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R}, ++ #else ++ {"MP_COEFFICIENT_NOT_INVERSE_OF_R", 4, 168}, ++ #endif ++ #ifdef RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D ++ {"MP_EXPONENT_NOT_CONGRUENT_TO_D", ERR_LIB_RSA, RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D}, ++ #else ++ {"MP_EXPONENT_NOT_CONGRUENT_TO_D", 4, 169}, ++ #endif ++ #ifdef RSA_R_MP_R_NOT_PRIME ++ {"MP_R_NOT_PRIME", ERR_LIB_RSA, RSA_R_MP_R_NOT_PRIME}, ++ #else ++ {"MP_R_NOT_PRIME", 4, 170}, ++ #endif ++ #ifdef RSA_R_NO_PUBLIC_EXPONENT ++ {"NO_PUBLIC_EXPONENT", ERR_LIB_RSA, RSA_R_NO_PUBLIC_EXPONENT}, ++ #else ++ {"NO_PUBLIC_EXPONENT", 4, 140}, ++ #endif ++ #ifdef RSA_R_NULL_BEFORE_BLOCK_MISSING ++ {"NULL_BEFORE_BLOCK_MISSING", ERR_LIB_RSA, RSA_R_NULL_BEFORE_BLOCK_MISSING}, ++ #else ++ {"NULL_BEFORE_BLOCK_MISSING", 4, 113}, ++ #endif ++ #ifdef RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES ++ {"N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES", ERR_LIB_RSA, RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES}, ++ #else ++ {"N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES", 4, 172}, ++ #endif ++ #ifdef RSA_R_N_DOES_NOT_EQUAL_P_Q ++ {"N_DOES_NOT_EQUAL_P_Q", ERR_LIB_RSA, RSA_R_N_DOES_NOT_EQUAL_P_Q}, ++ #else ++ {"N_DOES_NOT_EQUAL_P_Q", 4, 127}, ++ #endif ++ #ifdef RSA_R_OAEP_DECODING_ERROR ++ {"OAEP_DECODING_ERROR", ERR_LIB_RSA, RSA_R_OAEP_DECODING_ERROR}, ++ #else ++ {"OAEP_DECODING_ERROR", 4, 121}, ++ #endif ++ #ifdef RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", ERR_LIB_RSA, RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE}, ++ #else ++ {"OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", 4, 148}, ++ #endif ++ #ifdef RSA_R_PADDING_CHECK_FAILED ++ {"PADDING_CHECK_FAILED", ERR_LIB_RSA, RSA_R_PADDING_CHECK_FAILED}, ++ #else ++ {"PADDING_CHECK_FAILED", 4, 114}, ++ #endif ++ #ifdef RSA_R_PAIRWISE_TEST_FAILURE ++ {"PAIRWISE_TEST_FAILURE", ERR_LIB_RSA, RSA_R_PAIRWISE_TEST_FAILURE}, ++ #else ++ {"PAIRWISE_TEST_FAILURE", 4, 177}, ++ #endif ++ #ifdef RSA_R_PKCS_DECODING_ERROR ++ {"PKCS_DECODING_ERROR", ERR_LIB_RSA, RSA_R_PKCS_DECODING_ERROR}, ++ #else ++ {"PKCS_DECODING_ERROR", 4, 159}, ++ #endif ++ #ifdef RSA_R_PSS_SALTLEN_TOO_SMALL ++ {"PSS_SALTLEN_TOO_SMALL", ERR_LIB_RSA, RSA_R_PSS_SALTLEN_TOO_SMALL}, ++ #else ++ {"PSS_SALTLEN_TOO_SMALL", 4, 164}, ++ #endif ++ #ifdef RSA_R_PUB_EXPONENT_OUT_OF_RANGE ++ {"PUB_EXPONENT_OUT_OF_RANGE", ERR_LIB_RSA, RSA_R_PUB_EXPONENT_OUT_OF_RANGE}, ++ #else ++ {"PUB_EXPONENT_OUT_OF_RANGE", 4, 178}, ++ #endif ++ #ifdef RSA_R_P_NOT_PRIME ++ {"P_NOT_PRIME", ERR_LIB_RSA, RSA_R_P_NOT_PRIME}, ++ #else ++ {"P_NOT_PRIME", 4, 128}, ++ #endif ++ #ifdef RSA_R_Q_NOT_PRIME ++ {"Q_NOT_PRIME", ERR_LIB_RSA, RSA_R_Q_NOT_PRIME}, ++ #else ++ {"Q_NOT_PRIME", 4, 129}, ++ #endif ++ #ifdef RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ++ {"RSA_OPERATIONS_NOT_SUPPORTED", ERR_LIB_RSA, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED}, ++ #else ++ {"RSA_OPERATIONS_NOT_SUPPORTED", 4, 130}, ++ #endif ++ #ifdef RSA_R_SLEN_CHECK_FAILED ++ {"SLEN_CHECK_FAILED", ERR_LIB_RSA, RSA_R_SLEN_CHECK_FAILED}, ++ #else ++ {"SLEN_CHECK_FAILED", 4, 136}, ++ #endif ++ #ifdef RSA_R_SLEN_RECOVERY_FAILED ++ {"SLEN_RECOVERY_FAILED", ERR_LIB_RSA, RSA_R_SLEN_RECOVERY_FAILED}, ++ #else ++ {"SLEN_RECOVERY_FAILED", 4, 135}, ++ #endif ++ #ifdef RSA_R_SSLV3_ROLLBACK_ATTACK ++ {"SSLV3_ROLLBACK_ATTACK", ERR_LIB_RSA, RSA_R_SSLV3_ROLLBACK_ATTACK}, ++ #else ++ {"SSLV3_ROLLBACK_ATTACK", 4, 115}, ++ #endif ++ #ifdef RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD ++ {"THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", ERR_LIB_RSA, RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD}, ++ #else ++ {"THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", 4, 116}, ++ #endif ++ #ifdef RSA_R_UNKNOWN_ALGORITHM_TYPE ++ {"UNKNOWN_ALGORITHM_TYPE", ERR_LIB_RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE}, ++ #else ++ {"UNKNOWN_ALGORITHM_TYPE", 4, 117}, ++ #endif ++ #ifdef RSA_R_UNKNOWN_DIGEST ++ {"UNKNOWN_DIGEST", ERR_LIB_RSA, RSA_R_UNKNOWN_DIGEST}, ++ #else ++ {"UNKNOWN_DIGEST", 4, 166}, ++ #endif ++ #ifdef RSA_R_UNKNOWN_MASK_DIGEST ++ {"UNKNOWN_MASK_DIGEST", ERR_LIB_RSA, RSA_R_UNKNOWN_MASK_DIGEST}, ++ #else ++ {"UNKNOWN_MASK_DIGEST", 4, 151}, ++ #endif ++ #ifdef RSA_R_UNKNOWN_PADDING_TYPE ++ {"UNKNOWN_PADDING_TYPE", ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE}, ++ #else ++ {"UNKNOWN_PADDING_TYPE", 4, 118}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_ENCRYPTION_TYPE ++ {"UNSUPPORTED_ENCRYPTION_TYPE", ERR_LIB_RSA, RSA_R_UNSUPPORTED_ENCRYPTION_TYPE}, ++ #else ++ {"UNSUPPORTED_ENCRYPTION_TYPE", 4, 162}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_LABEL_SOURCE ++ {"UNSUPPORTED_LABEL_SOURCE", ERR_LIB_RSA, RSA_R_UNSUPPORTED_LABEL_SOURCE}, ++ #else ++ {"UNSUPPORTED_LABEL_SOURCE", 4, 163}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_MASK_ALGORITHM ++ {"UNSUPPORTED_MASK_ALGORITHM", ERR_LIB_RSA, RSA_R_UNSUPPORTED_MASK_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_MASK_ALGORITHM", 4, 153}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_MASK_PARAMETER ++ {"UNSUPPORTED_MASK_PARAMETER", ERR_LIB_RSA, RSA_R_UNSUPPORTED_MASK_PARAMETER}, ++ #else ++ {"UNSUPPORTED_MASK_PARAMETER", 4, 154}, ++ #endif ++ #ifdef RSA_R_UNSUPPORTED_SIGNATURE_TYPE ++ {"UNSUPPORTED_SIGNATURE_TYPE", ERR_LIB_RSA, RSA_R_UNSUPPORTED_SIGNATURE_TYPE}, ++ #else ++ {"UNSUPPORTED_SIGNATURE_TYPE", 4, 155}, ++ #endif ++ #ifdef RSA_R_VALUE_MISSING ++ {"VALUE_MISSING", ERR_LIB_RSA, RSA_R_VALUE_MISSING}, ++ #else ++ {"VALUE_MISSING", 4, 147}, ++ #endif ++ #ifdef RSA_R_WRONG_SIGNATURE_LENGTH ++ {"WRONG_SIGNATURE_LENGTH", ERR_LIB_RSA, RSA_R_WRONG_SIGNATURE_LENGTH}, ++ #else ++ {"WRONG_SIGNATURE_LENGTH", 4, 119}, ++ #endif ++ #ifdef SM2_R_ASN1_ERROR ++ {"ASN1_ERROR", ERR_LIB_SM2, SM2_R_ASN1_ERROR}, ++ #else ++ {"ASN1_ERROR", 53, 100}, ++ #endif ++ #ifdef SM2_R_BAD_SIGNATURE ++ {"BAD_SIGNATURE", ERR_LIB_SM2, SM2_R_BAD_SIGNATURE}, ++ #else ++ {"BAD_SIGNATURE", 53, 101}, ++ #endif ++ #ifdef SM2_R_BUFFER_TOO_SMALL ++ {"BUFFER_TOO_SMALL", ERR_LIB_SM2, SM2_R_BUFFER_TOO_SMALL}, ++ #else ++ {"BUFFER_TOO_SMALL", 53, 107}, ++ #endif ++ #ifdef SM2_R_DIST_ID_TOO_LARGE ++ {"DIST_ID_TOO_LARGE", ERR_LIB_SM2, SM2_R_DIST_ID_TOO_LARGE}, ++ #else ++ {"DIST_ID_TOO_LARGE", 53, 110}, ++ #endif ++ #ifdef SM2_R_ID_NOT_SET ++ {"ID_NOT_SET", ERR_LIB_SM2, SM2_R_ID_NOT_SET}, ++ #else ++ {"ID_NOT_SET", 53, 112}, ++ #endif ++ #ifdef SM2_R_ID_TOO_LARGE ++ {"ID_TOO_LARGE", ERR_LIB_SM2, SM2_R_ID_TOO_LARGE}, ++ #else ++ {"ID_TOO_LARGE", 53, 111}, ++ #endif ++ #ifdef SM2_R_INVALID_CURVE ++ {"INVALID_CURVE", ERR_LIB_SM2, SM2_R_INVALID_CURVE}, ++ #else ++ {"INVALID_CURVE", 53, 108}, ++ #endif ++ #ifdef SM2_R_INVALID_DIGEST ++ {"INVALID_DIGEST", ERR_LIB_SM2, SM2_R_INVALID_DIGEST}, ++ #else ++ {"INVALID_DIGEST", 53, 102}, ++ #endif ++ #ifdef SM2_R_INVALID_DIGEST_TYPE ++ {"INVALID_DIGEST_TYPE", ERR_LIB_SM2, SM2_R_INVALID_DIGEST_TYPE}, ++ #else ++ {"INVALID_DIGEST_TYPE", 53, 103}, ++ #endif ++ #ifdef SM2_R_INVALID_ENCODING ++ {"INVALID_ENCODING", ERR_LIB_SM2, SM2_R_INVALID_ENCODING}, ++ #else ++ {"INVALID_ENCODING", 53, 104}, ++ #endif ++ #ifdef SM2_R_INVALID_FIELD ++ {"INVALID_FIELD", ERR_LIB_SM2, SM2_R_INVALID_FIELD}, ++ #else ++ {"INVALID_FIELD", 53, 105}, ++ #endif ++ #ifdef SM2_R_INVALID_PRIVATE_KEY ++ {"INVALID_PRIVATE_KEY", ERR_LIB_SM2, SM2_R_INVALID_PRIVATE_KEY}, ++ #else ++ {"INVALID_PRIVATE_KEY", 53, 113}, ++ #endif ++ #ifdef SM2_R_NO_PARAMETERS_SET ++ {"NO_PARAMETERS_SET", ERR_LIB_SM2, SM2_R_NO_PARAMETERS_SET}, ++ #else ++ {"NO_PARAMETERS_SET", 53, 109}, ++ #endif ++ #ifdef SM2_R_USER_ID_TOO_LARGE ++ {"USER_ID_TOO_LARGE", ERR_LIB_SM2, SM2_R_USER_ID_TOO_LARGE}, ++ #else ++ {"USER_ID_TOO_LARGE", 53, 106}, ++ #endif ++ #ifdef SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY ++ {"APPLICATION_DATA_AFTER_CLOSE_NOTIFY", ERR_LIB_SSL, SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY}, ++ #else ++ {"APPLICATION_DATA_AFTER_CLOSE_NOTIFY", 20, 291}, ++ #endif ++ #ifdef SSL_R_APP_DATA_IN_HANDSHAKE ++ {"APP_DATA_IN_HANDSHAKE", ERR_LIB_SSL, SSL_R_APP_DATA_IN_HANDSHAKE}, ++ #else ++ {"APP_DATA_IN_HANDSHAKE", 20, 100}, ++ #endif ++ #ifdef SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT ++ {"ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT", ERR_LIB_SSL, SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT}, ++ #else ++ {"ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT", 20, 272}, ++ #endif ++ #ifdef SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE ++ {"AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE", ERR_LIB_SSL, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE}, ++ #else ++ {"AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE", 20, 143}, ++ #endif ++ #ifdef SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE ++ {"AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE", ERR_LIB_SSL, SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE}, ++ #else ++ {"AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE", 20, 158}, ++ #endif ++ #ifdef SSL_R_BAD_CHANGE_CIPHER_SPEC ++ {"BAD_CHANGE_CIPHER_SPEC", ERR_LIB_SSL, SSL_R_BAD_CHANGE_CIPHER_SPEC}, ++ #else ++ {"BAD_CHANGE_CIPHER_SPEC", 20, 103}, ++ #endif ++ #ifdef SSL_R_BAD_CIPHER ++ {"BAD_CIPHER", ERR_LIB_SSL, SSL_R_BAD_CIPHER}, ++ #else ++ {"BAD_CIPHER", 20, 186}, ++ #endif ++ #ifdef SSL_R_BAD_DATA ++ {"BAD_DATA", ERR_LIB_SSL, SSL_R_BAD_DATA}, ++ #else ++ {"BAD_DATA", 20, 390}, ++ #endif ++ #ifdef SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ++ {"BAD_DATA_RETURNED_BY_CALLBACK", ERR_LIB_SSL, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK}, ++ #else ++ {"BAD_DATA_RETURNED_BY_CALLBACK", 20, 106}, ++ #endif ++ #ifdef SSL_R_BAD_DECOMPRESSION ++ {"BAD_DECOMPRESSION", ERR_LIB_SSL, SSL_R_BAD_DECOMPRESSION}, ++ #else ++ {"BAD_DECOMPRESSION", 20, 107}, ++ #endif ++ #ifdef SSL_R_BAD_DH_VALUE ++ {"BAD_DH_VALUE", ERR_LIB_SSL, SSL_R_BAD_DH_VALUE}, ++ #else ++ {"BAD_DH_VALUE", 20, 102}, ++ #endif ++ #ifdef SSL_R_BAD_DIGEST_LENGTH ++ {"BAD_DIGEST_LENGTH", ERR_LIB_SSL, SSL_R_BAD_DIGEST_LENGTH}, ++ #else ++ {"BAD_DIGEST_LENGTH", 20, 111}, ++ #endif ++ #ifdef SSL_R_BAD_EARLY_DATA ++ {"BAD_EARLY_DATA", ERR_LIB_SSL, SSL_R_BAD_EARLY_DATA}, ++ #else ++ {"BAD_EARLY_DATA", 20, 233}, ++ #endif ++ #ifdef SSL_R_BAD_ECC_CERT ++ {"BAD_ECC_CERT", ERR_LIB_SSL, SSL_R_BAD_ECC_CERT}, ++ #else ++ {"BAD_ECC_CERT", 20, 304}, ++ #endif ++ #ifdef SSL_R_BAD_ECPOINT ++ {"BAD_ECPOINT", ERR_LIB_SSL, SSL_R_BAD_ECPOINT}, ++ #else ++ {"BAD_ECPOINT", 20, 306}, ++ #endif ++ #ifdef SSL_R_BAD_EXTENSION ++ {"BAD_EXTENSION", ERR_LIB_SSL, SSL_R_BAD_EXTENSION}, ++ #else ++ {"BAD_EXTENSION", 20, 110}, ++ #endif ++ #ifdef SSL_R_BAD_HANDSHAKE_LENGTH ++ {"BAD_HANDSHAKE_LENGTH", ERR_LIB_SSL, SSL_R_BAD_HANDSHAKE_LENGTH}, ++ #else ++ {"BAD_HANDSHAKE_LENGTH", 20, 332}, ++ #endif ++ #ifdef SSL_R_BAD_HANDSHAKE_STATE ++ {"BAD_HANDSHAKE_STATE", ERR_LIB_SSL, SSL_R_BAD_HANDSHAKE_STATE}, ++ #else ++ {"BAD_HANDSHAKE_STATE", 20, 236}, ++ #endif ++ #ifdef SSL_R_BAD_HELLO_REQUEST ++ {"BAD_HELLO_REQUEST", ERR_LIB_SSL, SSL_R_BAD_HELLO_REQUEST}, ++ #else ++ {"BAD_HELLO_REQUEST", 20, 105}, ++ #endif ++ #ifdef SSL_R_BAD_HRR_VERSION ++ {"BAD_HRR_VERSION", ERR_LIB_SSL, SSL_R_BAD_HRR_VERSION}, ++ #else ++ {"BAD_HRR_VERSION", 20, 263}, ++ #endif ++ #ifdef SSL_R_BAD_KEY_SHARE ++ {"BAD_KEY_SHARE", ERR_LIB_SSL, SSL_R_BAD_KEY_SHARE}, ++ #else ++ {"BAD_KEY_SHARE", 20, 108}, ++ #endif ++ #ifdef SSL_R_BAD_KEY_UPDATE ++ {"BAD_KEY_UPDATE", ERR_LIB_SSL, SSL_R_BAD_KEY_UPDATE}, ++ #else ++ {"BAD_KEY_UPDATE", 20, 122}, ++ #endif ++ #ifdef SSL_R_BAD_LEGACY_VERSION ++ {"BAD_LEGACY_VERSION", ERR_LIB_SSL, SSL_R_BAD_LEGACY_VERSION}, ++ #else ++ {"BAD_LEGACY_VERSION", 20, 292}, ++ #endif ++ #ifdef SSL_R_BAD_LENGTH ++ {"BAD_LENGTH", ERR_LIB_SSL, SSL_R_BAD_LENGTH}, ++ #else ++ {"BAD_LENGTH", 20, 271}, ++ #endif ++ #ifdef SSL_R_BAD_PACKET ++ {"BAD_PACKET", ERR_LIB_SSL, SSL_R_BAD_PACKET}, ++ #else ++ {"BAD_PACKET", 20, 240}, ++ #endif ++ #ifdef SSL_R_BAD_PACKET_LENGTH ++ {"BAD_PACKET_LENGTH", ERR_LIB_SSL, SSL_R_BAD_PACKET_LENGTH}, ++ #else ++ {"BAD_PACKET_LENGTH", 20, 115}, ++ #endif ++ #ifdef SSL_R_BAD_PROTOCOL_VERSION_NUMBER ++ {"BAD_PROTOCOL_VERSION_NUMBER", ERR_LIB_SSL, SSL_R_BAD_PROTOCOL_VERSION_NUMBER}, ++ #else ++ {"BAD_PROTOCOL_VERSION_NUMBER", 20, 116}, ++ #endif ++ #ifdef SSL_R_BAD_PSK ++ {"BAD_PSK", ERR_LIB_SSL, SSL_R_BAD_PSK}, ++ #else ++ {"BAD_PSK", 20, 219}, ++ #endif ++ #ifdef SSL_R_BAD_PSK_IDENTITY ++ {"BAD_PSK_IDENTITY", ERR_LIB_SSL, SSL_R_BAD_PSK_IDENTITY}, ++ #else ++ {"BAD_PSK_IDENTITY", 20, 114}, ++ #endif ++ #ifdef SSL_R_BAD_RECORD_TYPE ++ {"BAD_RECORD_TYPE", ERR_LIB_SSL, SSL_R_BAD_RECORD_TYPE}, ++ #else ++ {"BAD_RECORD_TYPE", 20, 443}, ++ #endif ++ #ifdef SSL_R_BAD_RSA_ENCRYPT ++ {"BAD_RSA_ENCRYPT", ERR_LIB_SSL, SSL_R_BAD_RSA_ENCRYPT}, ++ #else ++ {"BAD_RSA_ENCRYPT", 20, 119}, ++ #endif ++ #ifdef SSL_R_BAD_SIGNATURE ++ {"BAD_SIGNATURE", ERR_LIB_SSL, SSL_R_BAD_SIGNATURE}, ++ #else ++ {"BAD_SIGNATURE", 20, 123}, ++ #endif ++ #ifdef SSL_R_BAD_SRP_A_LENGTH ++ {"BAD_SRP_A_LENGTH", ERR_LIB_SSL, SSL_R_BAD_SRP_A_LENGTH}, ++ #else ++ {"BAD_SRP_A_LENGTH", 20, 347}, ++ #endif ++ #ifdef SSL_R_BAD_SRP_PARAMETERS ++ {"BAD_SRP_PARAMETERS", ERR_LIB_SSL, SSL_R_BAD_SRP_PARAMETERS}, ++ #else ++ {"BAD_SRP_PARAMETERS", 20, 371}, ++ #endif ++ #ifdef SSL_R_BAD_SRTP_MKI_VALUE ++ {"BAD_SRTP_MKI_VALUE", ERR_LIB_SSL, SSL_R_BAD_SRTP_MKI_VALUE}, ++ #else ++ {"BAD_SRTP_MKI_VALUE", 20, 352}, ++ #endif ++ #ifdef SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST ++ {"BAD_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST}, ++ #else ++ {"BAD_SRTP_PROTECTION_PROFILE_LIST", 20, 353}, ++ #endif ++ #ifdef SSL_R_BAD_SSL_FILETYPE ++ {"BAD_SSL_FILETYPE", ERR_LIB_SSL, SSL_R_BAD_SSL_FILETYPE}, ++ #else ++ {"BAD_SSL_FILETYPE", 20, 124}, ++ #endif ++ #ifdef SSL_R_BAD_VALUE ++ {"BAD_VALUE", ERR_LIB_SSL, SSL_R_BAD_VALUE}, ++ #else ++ {"BAD_VALUE", 20, 384}, ++ #endif ++ #ifdef SSL_R_BAD_WRITE_RETRY ++ {"BAD_WRITE_RETRY", ERR_LIB_SSL, SSL_R_BAD_WRITE_RETRY}, ++ #else ++ {"BAD_WRITE_RETRY", 20, 127}, ++ #endif ++ #ifdef SSL_R_BINDER_DOES_NOT_VERIFY ++ {"BINDER_DOES_NOT_VERIFY", ERR_LIB_SSL, SSL_R_BINDER_DOES_NOT_VERIFY}, ++ #else ++ {"BINDER_DOES_NOT_VERIFY", 20, 253}, ++ #endif ++ #ifdef SSL_R_BIO_NOT_SET ++ {"BIO_NOT_SET", ERR_LIB_SSL, SSL_R_BIO_NOT_SET}, ++ #else ++ {"BIO_NOT_SET", 20, 128}, ++ #endif ++ #ifdef SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ++ {"BLOCK_CIPHER_PAD_IS_WRONG", ERR_LIB_SSL, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG}, ++ #else ++ {"BLOCK_CIPHER_PAD_IS_WRONG", 20, 129}, ++ #endif ++ #ifdef SSL_R_BN_LIB ++ {"BN_LIB", ERR_LIB_SSL, SSL_R_BN_LIB}, ++ #else ++ {"BN_LIB", 20, 130}, ++ #endif ++ #ifdef SSL_R_CALLBACK_FAILED ++ {"CALLBACK_FAILED", ERR_LIB_SSL, SSL_R_CALLBACK_FAILED}, ++ #else ++ {"CALLBACK_FAILED", 20, 234}, ++ #endif ++ #ifdef SSL_R_CANNOT_CHANGE_CIPHER ++ {"CANNOT_CHANGE_CIPHER", ERR_LIB_SSL, SSL_R_CANNOT_CHANGE_CIPHER}, ++ #else ++ {"CANNOT_CHANGE_CIPHER", 20, 109}, ++ #endif ++ #ifdef SSL_R_CANNOT_GET_GROUP_NAME ++ {"CANNOT_GET_GROUP_NAME", ERR_LIB_SSL, SSL_R_CANNOT_GET_GROUP_NAME}, ++ #else ++ {"CANNOT_GET_GROUP_NAME", 20, 299}, ++ #endif ++ #ifdef SSL_R_CA_DN_LENGTH_MISMATCH ++ {"CA_DN_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_CA_DN_LENGTH_MISMATCH}, ++ #else ++ {"CA_DN_LENGTH_MISMATCH", 20, 131}, ++ #endif ++ #ifdef SSL_R_CA_KEY_TOO_SMALL ++ {"CA_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_CA_KEY_TOO_SMALL}, ++ #else ++ {"CA_KEY_TOO_SMALL", 20, 397}, ++ #endif ++ #ifdef SSL_R_CA_MD_TOO_WEAK ++ {"CA_MD_TOO_WEAK", ERR_LIB_SSL, SSL_R_CA_MD_TOO_WEAK}, ++ #else ++ {"CA_MD_TOO_WEAK", 20, 398}, ++ #endif ++ #ifdef SSL_R_CCS_RECEIVED_EARLY ++ {"CCS_RECEIVED_EARLY", ERR_LIB_SSL, SSL_R_CCS_RECEIVED_EARLY}, ++ #else ++ {"CCS_RECEIVED_EARLY", 20, 133}, ++ #endif ++ #ifdef SSL_R_CERTIFICATE_VERIFY_FAILED ++ {"CERTIFICATE_VERIFY_FAILED", ERR_LIB_SSL, SSL_R_CERTIFICATE_VERIFY_FAILED}, ++ #else ++ {"CERTIFICATE_VERIFY_FAILED", 20, 134}, ++ #endif ++ #ifdef SSL_R_CERT_CB_ERROR ++ {"CERT_CB_ERROR", ERR_LIB_SSL, SSL_R_CERT_CB_ERROR}, ++ #else ++ {"CERT_CB_ERROR", 20, 377}, ++ #endif ++ #ifdef SSL_R_CERT_LENGTH_MISMATCH ++ {"CERT_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_CERT_LENGTH_MISMATCH}, ++ #else ++ {"CERT_LENGTH_MISMATCH", 20, 135}, ++ #endif ++ #ifdef SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED ++ {"CIPHERSUITE_DIGEST_HAS_CHANGED", ERR_LIB_SSL, SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED}, ++ #else ++ {"CIPHERSUITE_DIGEST_HAS_CHANGED", 20, 218}, ++ #endif ++ #ifdef SSL_R_CIPHER_CODE_WRONG_LENGTH ++ {"CIPHER_CODE_WRONG_LENGTH", ERR_LIB_SSL, SSL_R_CIPHER_CODE_WRONG_LENGTH}, ++ #else ++ {"CIPHER_CODE_WRONG_LENGTH", 20, 137}, ++ #endif ++ #ifdef SSL_R_CLIENTHELLO_TLSEXT ++ {"CLIENTHELLO_TLSEXT", ERR_LIB_SSL, SSL_R_CLIENTHELLO_TLSEXT}, ++ #else ++ {"CLIENTHELLO_TLSEXT", 20, 226}, ++ #endif ++ #ifdef SSL_R_COMPRESSED_LENGTH_TOO_LONG ++ {"COMPRESSED_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_COMPRESSED_LENGTH_TOO_LONG}, ++ #else ++ {"COMPRESSED_LENGTH_TOO_LONG", 20, 140}, ++ #endif ++ #ifdef SSL_R_COMPRESSION_DISABLED ++ {"COMPRESSION_DISABLED", ERR_LIB_SSL, SSL_R_COMPRESSION_DISABLED}, ++ #else ++ {"COMPRESSION_DISABLED", 20, 343}, ++ #endif ++ #ifdef SSL_R_COMPRESSION_FAILURE ++ {"COMPRESSION_FAILURE", ERR_LIB_SSL, SSL_R_COMPRESSION_FAILURE}, ++ #else ++ {"COMPRESSION_FAILURE", 20, 141}, ++ #endif ++ #ifdef SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE ++ {"COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE", ERR_LIB_SSL, SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE}, ++ #else ++ {"COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE", 20, 307}, ++ #endif ++ #ifdef SSL_R_COMPRESSION_LIBRARY_ERROR ++ {"COMPRESSION_LIBRARY_ERROR", ERR_LIB_SSL, SSL_R_COMPRESSION_LIBRARY_ERROR}, ++ #else ++ {"COMPRESSION_LIBRARY_ERROR", 20, 142}, ++ #endif ++ #ifdef SSL_R_CONNECTION_TYPE_NOT_SET ++ {"CONNECTION_TYPE_NOT_SET", ERR_LIB_SSL, SSL_R_CONNECTION_TYPE_NOT_SET}, ++ #else ++ {"CONNECTION_TYPE_NOT_SET", 20, 144}, ++ #endif ++ #ifdef SSL_R_CONTEXT_NOT_DANE_ENABLED ++ {"CONTEXT_NOT_DANE_ENABLED", ERR_LIB_SSL, SSL_R_CONTEXT_NOT_DANE_ENABLED}, ++ #else ++ {"CONTEXT_NOT_DANE_ENABLED", 20, 167}, ++ #endif ++ #ifdef SSL_R_COOKIE_GEN_CALLBACK_FAILURE ++ {"COOKIE_GEN_CALLBACK_FAILURE", ERR_LIB_SSL, SSL_R_COOKIE_GEN_CALLBACK_FAILURE}, ++ #else ++ {"COOKIE_GEN_CALLBACK_FAILURE", 20, 400}, ++ #endif ++ #ifdef SSL_R_COOKIE_MISMATCH ++ {"COOKIE_MISMATCH", ERR_LIB_SSL, SSL_R_COOKIE_MISMATCH}, ++ #else ++ {"COOKIE_MISMATCH", 20, 308}, ++ #endif ++ #ifdef SSL_R_COPY_PARAMETERS_FAILED ++ {"COPY_PARAMETERS_FAILED", ERR_LIB_SSL, SSL_R_COPY_PARAMETERS_FAILED}, ++ #else ++ {"COPY_PARAMETERS_FAILED", 20, 296}, ++ #endif ++ #ifdef SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED ++ {"CUSTOM_EXT_HANDLER_ALREADY_INSTALLED", ERR_LIB_SSL, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED}, ++ #else ++ {"CUSTOM_EXT_HANDLER_ALREADY_INSTALLED", 20, 206}, ++ #endif ++ #ifdef SSL_R_DANE_ALREADY_ENABLED ++ {"DANE_ALREADY_ENABLED", ERR_LIB_SSL, SSL_R_DANE_ALREADY_ENABLED}, ++ #else ++ {"DANE_ALREADY_ENABLED", 20, 172}, ++ #endif ++ #ifdef SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL ++ {"DANE_CANNOT_OVERRIDE_MTYPE_FULL", ERR_LIB_SSL, SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL}, ++ #else ++ {"DANE_CANNOT_OVERRIDE_MTYPE_FULL", 20, 173}, ++ #endif ++ #ifdef SSL_R_DANE_NOT_ENABLED ++ {"DANE_NOT_ENABLED", ERR_LIB_SSL, SSL_R_DANE_NOT_ENABLED}, ++ #else ++ {"DANE_NOT_ENABLED", 20, 175}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_CERTIFICATE ++ {"DANE_TLSA_BAD_CERTIFICATE", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE}, ++ #else ++ {"DANE_TLSA_BAD_CERTIFICATE", 20, 180}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE ++ {"DANE_TLSA_BAD_CERTIFICATE_USAGE", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE}, ++ #else ++ {"DANE_TLSA_BAD_CERTIFICATE_USAGE", 20, 184}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_DATA_LENGTH ++ {"DANE_TLSA_BAD_DATA_LENGTH", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DATA_LENGTH}, ++ #else ++ {"DANE_TLSA_BAD_DATA_LENGTH", 20, 189}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH ++ {"DANE_TLSA_BAD_DIGEST_LENGTH", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH}, ++ #else ++ {"DANE_TLSA_BAD_DIGEST_LENGTH", 20, 192}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_MATCHING_TYPE ++ {"DANE_TLSA_BAD_MATCHING_TYPE", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_MATCHING_TYPE}, ++ #else ++ {"DANE_TLSA_BAD_MATCHING_TYPE", 20, 200}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_PUBLIC_KEY ++ {"DANE_TLSA_BAD_PUBLIC_KEY", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_PUBLIC_KEY}, ++ #else ++ {"DANE_TLSA_BAD_PUBLIC_KEY", 20, 201}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_BAD_SELECTOR ++ {"DANE_TLSA_BAD_SELECTOR", ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_SELECTOR}, ++ #else ++ {"DANE_TLSA_BAD_SELECTOR", 20, 202}, ++ #endif ++ #ifdef SSL_R_DANE_TLSA_NULL_DATA ++ {"DANE_TLSA_NULL_DATA", ERR_LIB_SSL, SSL_R_DANE_TLSA_NULL_DATA}, ++ #else ++ {"DANE_TLSA_NULL_DATA", 20, 203}, ++ #endif ++ #ifdef SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ++ {"DATA_BETWEEN_CCS_AND_FINISHED", ERR_LIB_SSL, SSL_R_DATA_BETWEEN_CCS_AND_FINISHED}, ++ #else ++ {"DATA_BETWEEN_CCS_AND_FINISHED", 20, 145}, ++ #endif ++ #ifdef SSL_R_DATA_LENGTH_TOO_LONG ++ {"DATA_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_DATA_LENGTH_TOO_LONG}, ++ #else ++ {"DATA_LENGTH_TOO_LONG", 20, 146}, ++ #endif ++ #ifdef SSL_R_DECRYPTION_FAILED ++ {"DECRYPTION_FAILED", ERR_LIB_SSL, SSL_R_DECRYPTION_FAILED}, ++ #else ++ {"DECRYPTION_FAILED", 20, 147}, ++ #endif ++ #ifdef SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC ++ {"DECRYPTION_FAILED_OR_BAD_RECORD_MAC", ERR_LIB_SSL, SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC}, ++ #else ++ {"DECRYPTION_FAILED_OR_BAD_RECORD_MAC", 20, 281}, ++ #endif ++ #ifdef SSL_R_DH_KEY_TOO_SMALL ++ {"DH_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL}, ++ #else ++ {"DH_KEY_TOO_SMALL", 20, 394}, ++ #endif ++ #ifdef SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ++ {"DH_PUBLIC_VALUE_LENGTH_IS_WRONG", ERR_LIB_SSL, SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG}, ++ #else ++ {"DH_PUBLIC_VALUE_LENGTH_IS_WRONG", 20, 148}, ++ #endif ++ #ifdef SSL_R_DIGEST_CHECK_FAILED ++ {"DIGEST_CHECK_FAILED", ERR_LIB_SSL, SSL_R_DIGEST_CHECK_FAILED}, ++ #else ++ {"DIGEST_CHECK_FAILED", 20, 149}, ++ #endif ++ #ifdef SSL_R_DTLS_MESSAGE_TOO_BIG ++ {"DTLS_MESSAGE_TOO_BIG", ERR_LIB_SSL, SSL_R_DTLS_MESSAGE_TOO_BIG}, ++ #else ++ {"DTLS_MESSAGE_TOO_BIG", 20, 334}, ++ #endif ++ #ifdef SSL_R_DUPLICATE_COMPRESSION_ID ++ {"DUPLICATE_COMPRESSION_ID", ERR_LIB_SSL, SSL_R_DUPLICATE_COMPRESSION_ID}, ++ #else ++ {"DUPLICATE_COMPRESSION_ID", 20, 309}, ++ #endif ++ #ifdef SSL_R_ECC_CERT_NOT_FOR_SIGNING ++ {"ECC_CERT_NOT_FOR_SIGNING", ERR_LIB_SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING}, ++ #else ++ {"ECC_CERT_NOT_FOR_SIGNING", 20, 318}, ++ #endif ++ #ifdef SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE ++ {"ECDH_REQUIRED_FOR_SUITEB_MODE", ERR_LIB_SSL, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE}, ++ #else ++ {"ECDH_REQUIRED_FOR_SUITEB_MODE", 20, 374}, ++ #endif ++ #ifdef SSL_R_EE_KEY_TOO_SMALL ++ {"EE_KEY_TOO_SMALL", ERR_LIB_SSL, SSL_R_EE_KEY_TOO_SMALL}, ++ #else ++ {"EE_KEY_TOO_SMALL", 20, 399}, ++ #endif ++ #ifdef SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST ++ {"EMPTY_SRTP_PROTECTION_PROFILE_LIST", ERR_LIB_SSL, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST}, ++ #else ++ {"EMPTY_SRTP_PROTECTION_PROFILE_LIST", 20, 354}, ++ #endif ++ #ifdef SSL_R_ENCRYPTED_LENGTH_TOO_LONG ++ {"ENCRYPTED_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_ENCRYPTED_LENGTH_TOO_LONG}, ++ #else ++ {"ENCRYPTED_LENGTH_TOO_LONG", 20, 150}, ++ #endif ++ #ifdef SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ++ {"ERROR_IN_RECEIVED_CIPHER_LIST", ERR_LIB_SSL, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST}, ++ #else ++ {"ERROR_IN_RECEIVED_CIPHER_LIST", 20, 151}, ++ #endif ++ #ifdef SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN ++ {"ERROR_SETTING_TLSA_BASE_DOMAIN", ERR_LIB_SSL, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN}, ++ #else ++ {"ERROR_SETTING_TLSA_BASE_DOMAIN", 20, 204}, ++ #endif ++ #ifdef SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE ++ {"EXCEEDS_MAX_FRAGMENT_SIZE", ERR_LIB_SSL, SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE}, ++ #else ++ {"EXCEEDS_MAX_FRAGMENT_SIZE", 20, 194}, ++ #endif ++ #ifdef SSL_R_EXCESSIVE_MESSAGE_SIZE ++ {"EXCESSIVE_MESSAGE_SIZE", ERR_LIB_SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE}, ++ #else ++ {"EXCESSIVE_MESSAGE_SIZE", 20, 152}, ++ #endif ++ #ifdef SSL_R_EXTENSION_NOT_RECEIVED ++ {"EXTENSION_NOT_RECEIVED", ERR_LIB_SSL, SSL_R_EXTENSION_NOT_RECEIVED}, ++ #else ++ {"EXTENSION_NOT_RECEIVED", 20, 279}, ++ #endif ++ #ifdef SSL_R_EXTRA_DATA_IN_MESSAGE ++ {"EXTRA_DATA_IN_MESSAGE", ERR_LIB_SSL, SSL_R_EXTRA_DATA_IN_MESSAGE}, ++ #else ++ {"EXTRA_DATA_IN_MESSAGE", 20, 153}, ++ #endif ++ #ifdef SSL_R_EXT_LENGTH_MISMATCH ++ {"EXT_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_EXT_LENGTH_MISMATCH}, ++ #else ++ {"EXT_LENGTH_MISMATCH", 20, 163}, ++ #endif ++ #ifdef SSL_R_FAILED_TO_INIT_ASYNC ++ {"FAILED_TO_INIT_ASYNC", ERR_LIB_SSL, SSL_R_FAILED_TO_INIT_ASYNC}, ++ #else ++ {"FAILED_TO_INIT_ASYNC", 20, 405}, ++ #endif ++ #ifdef SSL_R_FRAGMENTED_CLIENT_HELLO ++ {"FRAGMENTED_CLIENT_HELLO", ERR_LIB_SSL, SSL_R_FRAGMENTED_CLIENT_HELLO}, ++ #else ++ {"FRAGMENTED_CLIENT_HELLO", 20, 401}, ++ #endif ++ #ifdef SSL_R_GOT_A_FIN_BEFORE_A_CCS ++ {"GOT_A_FIN_BEFORE_A_CCS", ERR_LIB_SSL, SSL_R_GOT_A_FIN_BEFORE_A_CCS}, ++ #else ++ {"GOT_A_FIN_BEFORE_A_CCS", 20, 154}, ++ #endif ++ #ifdef SSL_R_HTTPS_PROXY_REQUEST ++ {"HTTPS_PROXY_REQUEST", ERR_LIB_SSL, SSL_R_HTTPS_PROXY_REQUEST}, ++ #else ++ {"HTTPS_PROXY_REQUEST", 20, 155}, ++ #endif ++ #ifdef SSL_R_HTTP_REQUEST ++ {"HTTP_REQUEST", ERR_LIB_SSL, SSL_R_HTTP_REQUEST}, ++ #else ++ {"HTTP_REQUEST", 20, 156}, ++ #endif ++ #ifdef SSL_R_ILLEGAL_POINT_COMPRESSION ++ {"ILLEGAL_POINT_COMPRESSION", ERR_LIB_SSL, SSL_R_ILLEGAL_POINT_COMPRESSION}, ++ #else ++ {"ILLEGAL_POINT_COMPRESSION", 20, 162}, ++ #endif ++ #ifdef SSL_R_ILLEGAL_SUITEB_DIGEST ++ {"ILLEGAL_SUITEB_DIGEST", ERR_LIB_SSL, SSL_R_ILLEGAL_SUITEB_DIGEST}, ++ #else ++ {"ILLEGAL_SUITEB_DIGEST", 20, 380}, ++ #endif ++ #ifdef SSL_R_INAPPROPRIATE_FALLBACK ++ {"INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, SSL_R_INAPPROPRIATE_FALLBACK}, ++ #else ++ {"INAPPROPRIATE_FALLBACK", 20, 373}, ++ #endif ++ #ifdef SSL_R_INCONSISTENT_COMPRESSION ++ {"INCONSISTENT_COMPRESSION", ERR_LIB_SSL, SSL_R_INCONSISTENT_COMPRESSION}, ++ #else ++ {"INCONSISTENT_COMPRESSION", 20, 340}, ++ #endif ++ #ifdef SSL_R_INCONSISTENT_EARLY_DATA_ALPN ++ {"INCONSISTENT_EARLY_DATA_ALPN", ERR_LIB_SSL, SSL_R_INCONSISTENT_EARLY_DATA_ALPN}, ++ #else ++ {"INCONSISTENT_EARLY_DATA_ALPN", 20, 222}, ++ #endif ++ #ifdef SSL_R_INCONSISTENT_EARLY_DATA_SNI ++ {"INCONSISTENT_EARLY_DATA_SNI", ERR_LIB_SSL, SSL_R_INCONSISTENT_EARLY_DATA_SNI}, ++ #else ++ {"INCONSISTENT_EARLY_DATA_SNI", 20, 231}, ++ #endif ++ #ifdef SSL_R_INCONSISTENT_EXTMS ++ {"INCONSISTENT_EXTMS", ERR_LIB_SSL, SSL_R_INCONSISTENT_EXTMS}, ++ #else ++ {"INCONSISTENT_EXTMS", 20, 104}, ++ #endif ++ #ifdef SSL_R_INSUFFICIENT_SECURITY ++ {"INSUFFICIENT_SECURITY", ERR_LIB_SSL, SSL_R_INSUFFICIENT_SECURITY}, ++ #else ++ {"INSUFFICIENT_SECURITY", 20, 241}, ++ #endif ++ #ifdef SSL_R_INVALID_ALERT ++ {"INVALID_ALERT", ERR_LIB_SSL, SSL_R_INVALID_ALERT}, ++ #else ++ {"INVALID_ALERT", 20, 205}, ++ #endif ++ #ifdef SSL_R_INVALID_CCS_MESSAGE ++ {"INVALID_CCS_MESSAGE", ERR_LIB_SSL, SSL_R_INVALID_CCS_MESSAGE}, ++ #else ++ {"INVALID_CCS_MESSAGE", 20, 260}, ++ #endif ++ #ifdef SSL_R_INVALID_CERTIFICATE_OR_ALG ++ {"INVALID_CERTIFICATE_OR_ALG", ERR_LIB_SSL, SSL_R_INVALID_CERTIFICATE_OR_ALG}, ++ #else ++ {"INVALID_CERTIFICATE_OR_ALG", 20, 238}, ++ #endif ++ #ifdef SSL_R_INVALID_COMMAND ++ {"INVALID_COMMAND", ERR_LIB_SSL, SSL_R_INVALID_COMMAND}, ++ #else ++ {"INVALID_COMMAND", 20, 280}, ++ #endif ++ #ifdef SSL_R_INVALID_COMPRESSION_ALGORITHM ++ {"INVALID_COMPRESSION_ALGORITHM", ERR_LIB_SSL, SSL_R_INVALID_COMPRESSION_ALGORITHM}, ++ #else ++ {"INVALID_COMPRESSION_ALGORITHM", 20, 341}, ++ #endif ++ #ifdef SSL_R_INVALID_CONFIG ++ {"INVALID_CONFIG", ERR_LIB_SSL, SSL_R_INVALID_CONFIG}, ++ #else ++ {"INVALID_CONFIG", 20, 283}, ++ #endif ++ #ifdef SSL_R_INVALID_CONFIGURATION_NAME ++ {"INVALID_CONFIGURATION_NAME", ERR_LIB_SSL, SSL_R_INVALID_CONFIGURATION_NAME}, ++ #else ++ {"INVALID_CONFIGURATION_NAME", 20, 113}, ++ #endif ++ #ifdef SSL_R_INVALID_CONTEXT ++ {"INVALID_CONTEXT", ERR_LIB_SSL, SSL_R_INVALID_CONTEXT}, ++ #else ++ {"INVALID_CONTEXT", 20, 282}, ++ #endif ++ #ifdef SSL_R_INVALID_CT_VALIDATION_TYPE ++ {"INVALID_CT_VALIDATION_TYPE", ERR_LIB_SSL, SSL_R_INVALID_CT_VALIDATION_TYPE}, ++ #else ++ {"INVALID_CT_VALIDATION_TYPE", 20, 212}, ++ #endif ++ #ifdef SSL_R_INVALID_KEY_UPDATE_TYPE ++ {"INVALID_KEY_UPDATE_TYPE", ERR_LIB_SSL, SSL_R_INVALID_KEY_UPDATE_TYPE}, ++ #else ++ {"INVALID_KEY_UPDATE_TYPE", 20, 120}, ++ #endif ++ #ifdef SSL_R_INVALID_MAX_EARLY_DATA ++ {"INVALID_MAX_EARLY_DATA", ERR_LIB_SSL, SSL_R_INVALID_MAX_EARLY_DATA}, ++ #else ++ {"INVALID_MAX_EARLY_DATA", 20, 174}, ++ #endif ++ #ifdef SSL_R_INVALID_NULL_CMD_NAME ++ {"INVALID_NULL_CMD_NAME", ERR_LIB_SSL, SSL_R_INVALID_NULL_CMD_NAME}, ++ #else ++ {"INVALID_NULL_CMD_NAME", 20, 385}, ++ #endif ++ #ifdef SSL_R_INVALID_SEQUENCE_NUMBER ++ {"INVALID_SEQUENCE_NUMBER", ERR_LIB_SSL, SSL_R_INVALID_SEQUENCE_NUMBER}, ++ #else ++ {"INVALID_SEQUENCE_NUMBER", 20, 402}, ++ #endif ++ #ifdef SSL_R_INVALID_SERVERINFO_DATA ++ {"INVALID_SERVERINFO_DATA", ERR_LIB_SSL, SSL_R_INVALID_SERVERINFO_DATA}, ++ #else ++ {"INVALID_SERVERINFO_DATA", 20, 388}, ++ #endif ++ #ifdef SSL_R_INVALID_SESSION_ID ++ {"INVALID_SESSION_ID", ERR_LIB_SSL, SSL_R_INVALID_SESSION_ID}, ++ #else ++ {"INVALID_SESSION_ID", 20, 999}, ++ #endif ++ #ifdef SSL_R_INVALID_SRP_USERNAME ++ {"INVALID_SRP_USERNAME", ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME}, ++ #else ++ {"INVALID_SRP_USERNAME", 20, 357}, ++ #endif ++ #ifdef SSL_R_INVALID_STATUS_RESPONSE ++ {"INVALID_STATUS_RESPONSE", ERR_LIB_SSL, SSL_R_INVALID_STATUS_RESPONSE}, ++ #else ++ {"INVALID_STATUS_RESPONSE", 20, 328}, ++ #endif ++ #ifdef SSL_R_INVALID_TICKET_KEYS_LENGTH ++ {"INVALID_TICKET_KEYS_LENGTH", ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH}, ++ #else ++ {"INVALID_TICKET_KEYS_LENGTH", 20, 325}, ++ #endif ++ #ifdef SSL_R_LENGTH_MISMATCH ++ {"LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH}, ++ #else ++ {"LENGTH_MISMATCH", 20, 159}, ++ #endif ++ #ifdef SSL_R_LENGTH_TOO_LONG ++ {"LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_LENGTH_TOO_LONG}, ++ #else ++ {"LENGTH_TOO_LONG", 20, 404}, ++ #endif ++ #ifdef SSL_R_LENGTH_TOO_SHORT ++ {"LENGTH_TOO_SHORT", ERR_LIB_SSL, SSL_R_LENGTH_TOO_SHORT}, ++ #else ++ {"LENGTH_TOO_SHORT", 20, 160}, ++ #endif ++ #ifdef SSL_R_LIBRARY_BUG ++ {"LIBRARY_BUG", ERR_LIB_SSL, SSL_R_LIBRARY_BUG}, ++ #else ++ {"LIBRARY_BUG", 20, 274}, ++ #endif ++ #ifdef SSL_R_LIBRARY_HAS_NO_CIPHERS ++ {"LIBRARY_HAS_NO_CIPHERS", ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS}, ++ #else ++ {"LIBRARY_HAS_NO_CIPHERS", 20, 161}, ++ #endif ++ #ifdef SSL_R_MISSING_DSA_SIGNING_CERT ++ {"MISSING_DSA_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_DSA_SIGNING_CERT}, ++ #else ++ {"MISSING_DSA_SIGNING_CERT", 20, 165}, ++ #endif ++ #ifdef SSL_R_MISSING_ECDSA_SIGNING_CERT ++ {"MISSING_ECDSA_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_ECDSA_SIGNING_CERT}, ++ #else ++ {"MISSING_ECDSA_SIGNING_CERT", 20, 381}, ++ #endif ++ #ifdef SSL_R_MISSING_FATAL ++ {"MISSING_FATAL", ERR_LIB_SSL, SSL_R_MISSING_FATAL}, ++ #else ++ {"MISSING_FATAL", 20, 256}, ++ #endif ++ #ifdef SSL_R_MISSING_PARAMETERS ++ {"MISSING_PARAMETERS", ERR_LIB_SSL, SSL_R_MISSING_PARAMETERS}, ++ #else ++ {"MISSING_PARAMETERS", 20, 290}, ++ #endif ++ #ifdef SSL_R_MISSING_RSA_CERTIFICATE ++ {"MISSING_RSA_CERTIFICATE", ERR_LIB_SSL, SSL_R_MISSING_RSA_CERTIFICATE}, ++ #else ++ {"MISSING_RSA_CERTIFICATE", 20, 168}, ++ #endif ++ #ifdef SSL_R_MISSING_RSA_ENCRYPTING_CERT ++ {"MISSING_RSA_ENCRYPTING_CERT", ERR_LIB_SSL, SSL_R_MISSING_RSA_ENCRYPTING_CERT}, ++ #else ++ {"MISSING_RSA_ENCRYPTING_CERT", 20, 169}, ++ #endif ++ #ifdef SSL_R_MISSING_RSA_SIGNING_CERT ++ {"MISSING_RSA_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_RSA_SIGNING_CERT}, ++ #else ++ {"MISSING_RSA_SIGNING_CERT", 20, 170}, ++ #endif ++ #ifdef SSL_R_MISSING_SIGALGS_EXTENSION ++ {"MISSING_SIGALGS_EXTENSION", ERR_LIB_SSL, SSL_R_MISSING_SIGALGS_EXTENSION}, ++ #else ++ {"MISSING_SIGALGS_EXTENSION", 20, 112}, ++ #endif ++ #ifdef SSL_R_MISSING_SIGNING_CERT ++ {"MISSING_SIGNING_CERT", ERR_LIB_SSL, SSL_R_MISSING_SIGNING_CERT}, ++ #else ++ {"MISSING_SIGNING_CERT", 20, 221}, ++ #endif ++ #ifdef SSL_R_MISSING_SRP_PARAM ++ {"MISSING_SRP_PARAM", ERR_LIB_SSL, SSL_R_MISSING_SRP_PARAM}, ++ #else ++ {"MISSING_SRP_PARAM", 20, 358}, ++ #endif ++ #ifdef SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION ++ {"MISSING_SUPPORTED_GROUPS_EXTENSION", ERR_LIB_SSL, SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION}, ++ #else ++ {"MISSING_SUPPORTED_GROUPS_EXTENSION", 20, 209}, ++ #endif ++ #ifdef SSL_R_MISSING_TMP_DH_KEY ++ {"MISSING_TMP_DH_KEY", ERR_LIB_SSL, SSL_R_MISSING_TMP_DH_KEY}, ++ #else ++ {"MISSING_TMP_DH_KEY", 20, 171}, ++ #endif ++ #ifdef SSL_R_MISSING_TMP_ECDH_KEY ++ {"MISSING_TMP_ECDH_KEY", ERR_LIB_SSL, SSL_R_MISSING_TMP_ECDH_KEY}, ++ #else ++ {"MISSING_TMP_ECDH_KEY", 20, 311}, ++ #endif ++ #ifdef SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA ++ {"MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA", ERR_LIB_SSL, SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA}, ++ #else ++ {"MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA", 20, 293}, ++ #endif ++ #ifdef SSL_R_NOT_ON_RECORD_BOUNDARY ++ {"NOT_ON_RECORD_BOUNDARY", ERR_LIB_SSL, SSL_R_NOT_ON_RECORD_BOUNDARY}, ++ #else ++ {"NOT_ON_RECORD_BOUNDARY", 20, 182}, ++ #endif ++ #ifdef SSL_R_NOT_REPLACING_CERTIFICATE ++ {"NOT_REPLACING_CERTIFICATE", ERR_LIB_SSL, SSL_R_NOT_REPLACING_CERTIFICATE}, ++ #else ++ {"NOT_REPLACING_CERTIFICATE", 20, 289}, ++ #endif ++ #ifdef SSL_R_NOT_SERVER ++ {"NOT_SERVER", ERR_LIB_SSL, SSL_R_NOT_SERVER}, ++ #else ++ {"NOT_SERVER", 20, 284}, ++ #endif ++ #ifdef SSL_R_NO_APPLICATION_PROTOCOL ++ {"NO_APPLICATION_PROTOCOL", ERR_LIB_SSL, SSL_R_NO_APPLICATION_PROTOCOL}, ++ #else ++ {"NO_APPLICATION_PROTOCOL", 20, 235}, ++ #endif ++ #ifdef SSL_R_NO_CERTIFICATES_RETURNED ++ {"NO_CERTIFICATES_RETURNED", ERR_LIB_SSL, SSL_R_NO_CERTIFICATES_RETURNED}, ++ #else ++ {"NO_CERTIFICATES_RETURNED", 20, 176}, ++ #endif ++ #ifdef SSL_R_NO_CERTIFICATE_ASSIGNED ++ {"NO_CERTIFICATE_ASSIGNED", ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_ASSIGNED}, ++ #else ++ {"NO_CERTIFICATE_ASSIGNED", 20, 177}, ++ #endif ++ #ifdef SSL_R_NO_CERTIFICATE_SET ++ {"NO_CERTIFICATE_SET", ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_SET}, ++ #else ++ {"NO_CERTIFICATE_SET", 20, 179}, ++ #endif ++ #ifdef SSL_R_NO_CHANGE_FOLLOWING_HRR ++ {"NO_CHANGE_FOLLOWING_HRR", ERR_LIB_SSL, SSL_R_NO_CHANGE_FOLLOWING_HRR}, ++ #else ++ {"NO_CHANGE_FOLLOWING_HRR", 20, 214}, ++ #endif ++ #ifdef SSL_R_NO_CIPHERS_AVAILABLE ++ {"NO_CIPHERS_AVAILABLE", ERR_LIB_SSL, SSL_R_NO_CIPHERS_AVAILABLE}, ++ #else ++ {"NO_CIPHERS_AVAILABLE", 20, 181}, ++ #endif ++ #ifdef SSL_R_NO_CIPHERS_SPECIFIED ++ {"NO_CIPHERS_SPECIFIED", ERR_LIB_SSL, SSL_R_NO_CIPHERS_SPECIFIED}, ++ #else ++ {"NO_CIPHERS_SPECIFIED", 20, 183}, ++ #endif ++ #ifdef SSL_R_NO_CIPHER_MATCH ++ {"NO_CIPHER_MATCH", ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH}, ++ #else ++ {"NO_CIPHER_MATCH", 20, 185}, ++ #endif ++ #ifdef SSL_R_NO_CLIENT_CERT_METHOD ++ {"NO_CLIENT_CERT_METHOD", ERR_LIB_SSL, SSL_R_NO_CLIENT_CERT_METHOD}, ++ #else ++ {"NO_CLIENT_CERT_METHOD", 20, 331}, ++ #endif ++ #ifdef SSL_R_NO_COMPRESSION_SPECIFIED ++ {"NO_COMPRESSION_SPECIFIED", ERR_LIB_SSL, SSL_R_NO_COMPRESSION_SPECIFIED}, ++ #else ++ {"NO_COMPRESSION_SPECIFIED", 20, 187}, ++ #endif ++ #ifdef SSL_R_NO_COOKIE_CALLBACK_SET ++ {"NO_COOKIE_CALLBACK_SET", ERR_LIB_SSL, SSL_R_NO_COOKIE_CALLBACK_SET}, ++ #else ++ {"NO_COOKIE_CALLBACK_SET", 20, 287}, ++ #endif ++ #ifdef SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER ++ {"NO_GOST_CERTIFICATE_SENT_BY_PEER", ERR_LIB_SSL, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER}, ++ #else ++ {"NO_GOST_CERTIFICATE_SENT_BY_PEER", 20, 330}, ++ #endif ++ #ifdef SSL_R_NO_METHOD_SPECIFIED ++ {"NO_METHOD_SPECIFIED", ERR_LIB_SSL, SSL_R_NO_METHOD_SPECIFIED}, ++ #else ++ {"NO_METHOD_SPECIFIED", 20, 188}, ++ #endif ++ #ifdef SSL_R_NO_PEM_EXTENSIONS ++ {"NO_PEM_EXTENSIONS", ERR_LIB_SSL, SSL_R_NO_PEM_EXTENSIONS}, ++ #else ++ {"NO_PEM_EXTENSIONS", 20, 389}, ++ #endif ++ #ifdef SSL_R_NO_PRIVATE_KEY_ASSIGNED ++ {"NO_PRIVATE_KEY_ASSIGNED", ERR_LIB_SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED}, ++ #else ++ {"NO_PRIVATE_KEY_ASSIGNED", 20, 190}, ++ #endif ++ #ifdef SSL_R_NO_PROTOCOLS_AVAILABLE ++ {"NO_PROTOCOLS_AVAILABLE", ERR_LIB_SSL, SSL_R_NO_PROTOCOLS_AVAILABLE}, ++ #else ++ {"NO_PROTOCOLS_AVAILABLE", 20, 191}, ++ #endif ++ #ifdef SSL_R_NO_RENEGOTIATION ++ {"NO_RENEGOTIATION", ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION}, ++ #else ++ {"NO_RENEGOTIATION", 20, 339}, ++ #endif ++ #ifdef SSL_R_NO_REQUIRED_DIGEST ++ {"NO_REQUIRED_DIGEST", ERR_LIB_SSL, SSL_R_NO_REQUIRED_DIGEST}, ++ #else ++ {"NO_REQUIRED_DIGEST", 20, 324}, ++ #endif ++ #ifdef SSL_R_NO_SHARED_CIPHER ++ {"NO_SHARED_CIPHER", ERR_LIB_SSL, SSL_R_NO_SHARED_CIPHER}, ++ #else ++ {"NO_SHARED_CIPHER", 20, 193}, ++ #endif ++ #ifdef SSL_R_NO_SHARED_GROUPS ++ {"NO_SHARED_GROUPS", ERR_LIB_SSL, SSL_R_NO_SHARED_GROUPS}, ++ #else ++ {"NO_SHARED_GROUPS", 20, 410}, ++ #endif ++ #ifdef SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS ++ {"NO_SHARED_SIGNATURE_ALGORITHMS", ERR_LIB_SSL, SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS}, ++ #else ++ {"NO_SHARED_SIGNATURE_ALGORITHMS", 20, 376}, ++ #endif ++ #ifdef SSL_R_NO_SRTP_PROFILES ++ {"NO_SRTP_PROFILES", ERR_LIB_SSL, SSL_R_NO_SRTP_PROFILES}, ++ #else ++ {"NO_SRTP_PROFILES", 20, 359}, ++ #endif ++ #ifdef SSL_R_NO_SUITABLE_DIGEST_ALGORITHM ++ {"NO_SUITABLE_DIGEST_ALGORITHM", ERR_LIB_SSL, SSL_R_NO_SUITABLE_DIGEST_ALGORITHM}, ++ #else ++ {"NO_SUITABLE_DIGEST_ALGORITHM", 20, 297}, ++ #endif ++ #ifdef SSL_R_NO_SUITABLE_GROUPS ++ {"NO_SUITABLE_GROUPS", ERR_LIB_SSL, SSL_R_NO_SUITABLE_GROUPS}, ++ #else ++ {"NO_SUITABLE_GROUPS", 20, 295}, ++ #endif ++ #ifdef SSL_R_NO_SUITABLE_KEY_SHARE ++ {"NO_SUITABLE_KEY_SHARE", ERR_LIB_SSL, SSL_R_NO_SUITABLE_KEY_SHARE}, ++ #else ++ {"NO_SUITABLE_KEY_SHARE", 20, 101}, ++ #endif ++ #ifdef SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM ++ {"NO_SUITABLE_SIGNATURE_ALGORITHM", ERR_LIB_SSL, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM}, ++ #else ++ {"NO_SUITABLE_SIGNATURE_ALGORITHM", 20, 118}, ++ #endif ++ #ifdef SSL_R_NO_VALID_SCTS ++ {"NO_VALID_SCTS", ERR_LIB_SSL, SSL_R_NO_VALID_SCTS}, ++ #else ++ {"NO_VALID_SCTS", 20, 216}, ++ #endif ++ #ifdef SSL_R_NO_VERIFY_COOKIE_CALLBACK ++ {"NO_VERIFY_COOKIE_CALLBACK", ERR_LIB_SSL, SSL_R_NO_VERIFY_COOKIE_CALLBACK}, ++ #else ++ {"NO_VERIFY_COOKIE_CALLBACK", 20, 403}, ++ #endif ++ #ifdef SSL_R_NULL_SSL_CTX ++ {"NULL_SSL_CTX", ERR_LIB_SSL, SSL_R_NULL_SSL_CTX}, ++ #else ++ {"NULL_SSL_CTX", 20, 195}, ++ #endif ++ #ifdef SSL_R_NULL_SSL_METHOD_PASSED ++ {"NULL_SSL_METHOD_PASSED", ERR_LIB_SSL, SSL_R_NULL_SSL_METHOD_PASSED}, ++ #else ++ {"NULL_SSL_METHOD_PASSED", 20, 196}, ++ #endif ++ #ifdef SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ++ {"OLD_SESSION_CIPHER_NOT_RETURNED", ERR_LIB_SSL, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED}, ++ #else ++ {"OLD_SESSION_CIPHER_NOT_RETURNED", 20, 197}, ++ #endif ++ #ifdef SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED ++ {"OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", ERR_LIB_SSL, SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED}, ++ #else ++ {"OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", 20, 344}, ++ #endif ++ #ifdef SSL_R_OVERFLOW_ERROR ++ {"OVERFLOW_ERROR", ERR_LIB_SSL, SSL_R_OVERFLOW_ERROR}, ++ #else ++ {"OVERFLOW_ERROR", 20, 237}, ++ #endif ++ #ifdef SSL_R_PACKET_LENGTH_TOO_LONG ++ {"PACKET_LENGTH_TOO_LONG", ERR_LIB_SSL, SSL_R_PACKET_LENGTH_TOO_LONG}, ++ #else ++ {"PACKET_LENGTH_TOO_LONG", 20, 198}, ++ #endif ++ #ifdef SSL_R_PARSE_TLSEXT ++ {"PARSE_TLSEXT", ERR_LIB_SSL, SSL_R_PARSE_TLSEXT}, ++ #else ++ {"PARSE_TLSEXT", 20, 227}, ++ #endif ++ #ifdef SSL_R_PATH_TOO_LONG ++ {"PATH_TOO_LONG", ERR_LIB_SSL, SSL_R_PATH_TOO_LONG}, ++ #else ++ {"PATH_TOO_LONG", 20, 270}, ++ #endif ++ #ifdef SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ++ {"PEER_DID_NOT_RETURN_A_CERTIFICATE", ERR_LIB_SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE}, ++ #else ++ {"PEER_DID_NOT_RETURN_A_CERTIFICATE", 20, 199}, ++ #endif ++ #ifdef SSL_R_PEM_NAME_BAD_PREFIX ++ {"PEM_NAME_BAD_PREFIX", ERR_LIB_SSL, SSL_R_PEM_NAME_BAD_PREFIX}, ++ #else ++ {"PEM_NAME_BAD_PREFIX", 20, 391}, ++ #endif ++ #ifdef SSL_R_PEM_NAME_TOO_SHORT ++ {"PEM_NAME_TOO_SHORT", ERR_LIB_SSL, SSL_R_PEM_NAME_TOO_SHORT}, ++ #else ++ {"PEM_NAME_TOO_SHORT", 20, 392}, ++ #endif ++ #ifdef SSL_R_PIPELINE_FAILURE ++ {"PIPELINE_FAILURE", ERR_LIB_SSL, SSL_R_PIPELINE_FAILURE}, ++ #else ++ {"PIPELINE_FAILURE", 20, 406}, ++ #endif ++ #ifdef SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR ++ {"POST_HANDSHAKE_AUTH_ENCODING_ERR", ERR_LIB_SSL, SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR}, ++ #else ++ {"POST_HANDSHAKE_AUTH_ENCODING_ERR", 20, 278}, ++ #endif ++ #ifdef SSL_R_PRIVATE_KEY_MISMATCH ++ {"PRIVATE_KEY_MISMATCH", ERR_LIB_SSL, SSL_R_PRIVATE_KEY_MISMATCH}, ++ #else ++ {"PRIVATE_KEY_MISMATCH", 20, 288}, ++ #endif ++ #ifdef SSL_R_PROTOCOL_IS_SHUTDOWN ++ {"PROTOCOL_IS_SHUTDOWN", ERR_LIB_SSL, SSL_R_PROTOCOL_IS_SHUTDOWN}, ++ #else ++ {"PROTOCOL_IS_SHUTDOWN", 20, 207}, ++ #endif ++ #ifdef SSL_R_PSK_IDENTITY_NOT_FOUND ++ {"PSK_IDENTITY_NOT_FOUND", ERR_LIB_SSL, SSL_R_PSK_IDENTITY_NOT_FOUND}, ++ #else ++ {"PSK_IDENTITY_NOT_FOUND", 20, 223}, ++ #endif ++ #ifdef SSL_R_PSK_NO_CLIENT_CB ++ {"PSK_NO_CLIENT_CB", ERR_LIB_SSL, SSL_R_PSK_NO_CLIENT_CB}, ++ #else ++ {"PSK_NO_CLIENT_CB", 20, 224}, ++ #endif ++ #ifdef SSL_R_PSK_NO_SERVER_CB ++ {"PSK_NO_SERVER_CB", ERR_LIB_SSL, SSL_R_PSK_NO_SERVER_CB}, ++ #else ++ {"PSK_NO_SERVER_CB", 20, 225}, ++ #endif ++ #ifdef SSL_R_READ_BIO_NOT_SET ++ {"READ_BIO_NOT_SET", ERR_LIB_SSL, SSL_R_READ_BIO_NOT_SET}, ++ #else ++ {"READ_BIO_NOT_SET", 20, 211}, ++ #endif ++ #ifdef SSL_R_READ_TIMEOUT_EXPIRED ++ {"READ_TIMEOUT_EXPIRED", ERR_LIB_SSL, SSL_R_READ_TIMEOUT_EXPIRED}, ++ #else ++ {"READ_TIMEOUT_EXPIRED", 20, 312}, ++ #endif ++ #ifdef SSL_R_RECORD_LENGTH_MISMATCH ++ {"RECORD_LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_RECORD_LENGTH_MISMATCH}, ++ #else ++ {"RECORD_LENGTH_MISMATCH", 20, 213}, ++ #endif ++ #ifdef SSL_R_RECORD_TOO_SMALL ++ {"RECORD_TOO_SMALL", ERR_LIB_SSL, SSL_R_RECORD_TOO_SMALL}, ++ #else ++ {"RECORD_TOO_SMALL", 20, 298}, ++ #endif ++ #ifdef SSL_R_RENEGOTIATE_EXT_TOO_LONG ++ {"RENEGOTIATE_EXT_TOO_LONG", ERR_LIB_SSL, SSL_R_RENEGOTIATE_EXT_TOO_LONG}, ++ #else ++ {"RENEGOTIATE_EXT_TOO_LONG", 20, 335}, ++ #endif ++ #ifdef SSL_R_RENEGOTIATION_ENCODING_ERR ++ {"RENEGOTIATION_ENCODING_ERR", ERR_LIB_SSL, SSL_R_RENEGOTIATION_ENCODING_ERR}, ++ #else ++ {"RENEGOTIATION_ENCODING_ERR", 20, 336}, ++ #endif ++ #ifdef SSL_R_RENEGOTIATION_MISMATCH ++ {"RENEGOTIATION_MISMATCH", ERR_LIB_SSL, SSL_R_RENEGOTIATION_MISMATCH}, ++ #else ++ {"RENEGOTIATION_MISMATCH", 20, 337}, ++ #endif ++ #ifdef SSL_R_REQUEST_PENDING ++ {"REQUEST_PENDING", ERR_LIB_SSL, SSL_R_REQUEST_PENDING}, ++ #else ++ {"REQUEST_PENDING", 20, 285}, ++ #endif ++ #ifdef SSL_R_REQUEST_SENT ++ {"REQUEST_SENT", ERR_LIB_SSL, SSL_R_REQUEST_SENT}, ++ #else ++ {"REQUEST_SENT", 20, 286}, ++ #endif ++ #ifdef SSL_R_REQUIRED_CIPHER_MISSING ++ {"REQUIRED_CIPHER_MISSING", ERR_LIB_SSL, SSL_R_REQUIRED_CIPHER_MISSING}, ++ #else ++ {"REQUIRED_CIPHER_MISSING", 20, 215}, ++ #endif ++ #ifdef SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING ++ {"REQUIRED_COMPRESSION_ALGORITHM_MISSING", ERR_LIB_SSL, SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING}, ++ #else ++ {"REQUIRED_COMPRESSION_ALGORITHM_MISSING", 20, 342}, ++ #endif ++ #ifdef SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING ++ {"SCSV_RECEIVED_WHEN_RENEGOTIATING", ERR_LIB_SSL, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING}, ++ #else ++ {"SCSV_RECEIVED_WHEN_RENEGOTIATING", 20, 345}, ++ #endif ++ #ifdef SSL_R_SCT_VERIFICATION_FAILED ++ {"SCT_VERIFICATION_FAILED", ERR_LIB_SSL, SSL_R_SCT_VERIFICATION_FAILED}, ++ #else ++ {"SCT_VERIFICATION_FAILED", 20, 208}, ++ #endif ++ #ifdef SSL_R_SERVERHELLO_TLSEXT ++ {"SERVERHELLO_TLSEXT", ERR_LIB_SSL, SSL_R_SERVERHELLO_TLSEXT}, ++ #else ++ {"SERVERHELLO_TLSEXT", 20, 275}, ++ #endif ++ #ifdef SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ++ {"SESSION_ID_CONTEXT_UNINITIALIZED", ERR_LIB_SSL, SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED}, ++ #else ++ {"SESSION_ID_CONTEXT_UNINITIALIZED", 20, 277}, ++ #endif ++ #ifdef SSL_R_SHUTDOWN_WHILE_IN_INIT ++ {"SHUTDOWN_WHILE_IN_INIT", ERR_LIB_SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT}, ++ #else ++ {"SHUTDOWN_WHILE_IN_INIT", 20, 407}, ++ #endif ++ #ifdef SSL_R_SIGNATURE_ALGORITHMS_ERROR ++ {"SIGNATURE_ALGORITHMS_ERROR", ERR_LIB_SSL, SSL_R_SIGNATURE_ALGORITHMS_ERROR}, ++ #else ++ {"SIGNATURE_ALGORITHMS_ERROR", 20, 360}, ++ #endif ++ #ifdef SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE ++ {"SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", ERR_LIB_SSL, SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE}, ++ #else ++ {"SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", 20, 220}, ++ #endif ++ #ifdef SSL_R_SRP_A_CALC ++ {"SRP_A_CALC", ERR_LIB_SSL, SSL_R_SRP_A_CALC}, ++ #else ++ {"SRP_A_CALC", 20, 361}, ++ #endif ++ #ifdef SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES ++ {"SRTP_COULD_NOT_ALLOCATE_PROFILES", ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES}, ++ #else ++ {"SRTP_COULD_NOT_ALLOCATE_PROFILES", 20, 362}, ++ #endif ++ #ifdef SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG ++ {"SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", ERR_LIB_SSL, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG}, ++ #else ++ {"SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", 20, 363}, ++ #endif ++ #ifdef SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE ++ {"SRTP_UNKNOWN_PROTECTION_PROFILE", ERR_LIB_SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE}, ++ #else ++ {"SRTP_UNKNOWN_PROTECTION_PROFILE", 20, 364}, ++ #endif ++ #ifdef SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH ++ {"SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH", ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH}, ++ #else ++ {"SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH", 20, 232}, ++ #endif ++ #ifdef SSL_R_SSL3_EXT_INVALID_SERVERNAME ++ {"SSL3_EXT_INVALID_SERVERNAME", ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME}, ++ #else ++ {"SSL3_EXT_INVALID_SERVERNAME", 20, 319}, ++ #endif ++ #ifdef SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE ++ {"SSL3_EXT_INVALID_SERVERNAME_TYPE", ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE}, ++ #else ++ {"SSL3_EXT_INVALID_SERVERNAME_TYPE", 20, 320}, ++ #endif ++ #ifdef SSL_R_SSL3_SESSION_ID_TOO_LONG ++ {"SSL3_SESSION_ID_TOO_LONG", ERR_LIB_SSL, SSL_R_SSL3_SESSION_ID_TOO_LONG}, ++ #else ++ {"SSL3_SESSION_ID_TOO_LONG", 20, 300}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ++ {"SSLV3_ALERT_BAD_CERTIFICATE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_BAD_CERTIFICATE}, ++ #else ++ {"SSLV3_ALERT_BAD_CERTIFICATE", 20, 1042}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ++ {"SSLV3_ALERT_BAD_RECORD_MAC", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_BAD_RECORD_MAC}, ++ #else ++ {"SSLV3_ALERT_BAD_RECORD_MAC", 20, 1020}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ++ {"SSLV3_ALERT_CERTIFICATE_EXPIRED", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED}, ++ #else ++ {"SSLV3_ALERT_CERTIFICATE_EXPIRED", 20, 1045}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ++ {"SSLV3_ALERT_CERTIFICATE_REVOKED", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED}, ++ #else ++ {"SSLV3_ALERT_CERTIFICATE_REVOKED", 20, 1044}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ++ {"SSLV3_ALERT_CERTIFICATE_UNKNOWN", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN}, ++ #else ++ {"SSLV3_ALERT_CERTIFICATE_UNKNOWN", 20, 1046}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ++ {"SSLV3_ALERT_DECOMPRESSION_FAILURE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE}, ++ #else ++ {"SSLV3_ALERT_DECOMPRESSION_FAILURE", 20, 1030}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ++ {"SSLV3_ALERT_HANDSHAKE_FAILURE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE}, ++ #else ++ {"SSLV3_ALERT_HANDSHAKE_FAILURE", 20, 1040}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ++ {"SSLV3_ALERT_ILLEGAL_PARAMETER", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER}, ++ #else ++ {"SSLV3_ALERT_ILLEGAL_PARAMETER", 20, 1047}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_NO_CERTIFICATE ++ {"SSLV3_ALERT_NO_CERTIFICATE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_NO_CERTIFICATE}, ++ #else ++ {"SSLV3_ALERT_NO_CERTIFICATE", 20, 1041}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ++ {"SSLV3_ALERT_UNEXPECTED_MESSAGE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE}, ++ #else ++ {"SSLV3_ALERT_UNEXPECTED_MESSAGE", 20, 1010}, ++ #endif ++ #ifdef SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE ++ {"SSLV3_ALERT_UNSUPPORTED_CERTIFICATE", ERR_LIB_SSL, SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE}, ++ #else ++ {"SSLV3_ALERT_UNSUPPORTED_CERTIFICATE", 20, 1043}, ++ #endif ++ #ifdef SSL_R_SSL_COMMAND_SECTION_EMPTY ++ {"SSL_COMMAND_SECTION_EMPTY", ERR_LIB_SSL, SSL_R_SSL_COMMAND_SECTION_EMPTY}, ++ #else ++ {"SSL_COMMAND_SECTION_EMPTY", 20, 117}, ++ #endif ++ #ifdef SSL_R_SSL_COMMAND_SECTION_NOT_FOUND ++ {"SSL_COMMAND_SECTION_NOT_FOUND", ERR_LIB_SSL, SSL_R_SSL_COMMAND_SECTION_NOT_FOUND}, ++ #else ++ {"SSL_COMMAND_SECTION_NOT_FOUND", 20, 125}, ++ #endif ++ #ifdef SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION ++ {"SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION", ERR_LIB_SSL, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION}, ++ #else ++ {"SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION", 20, 228}, ++ #endif ++ #ifdef SSL_R_SSL_HANDSHAKE_FAILURE ++ {"SSL_HANDSHAKE_FAILURE", ERR_LIB_SSL, SSL_R_SSL_HANDSHAKE_FAILURE}, ++ #else ++ {"SSL_HANDSHAKE_FAILURE", 20, 229}, ++ #endif ++ #ifdef SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ++ {"SSL_LIBRARY_HAS_NO_CIPHERS", ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS}, ++ #else ++ {"SSL_LIBRARY_HAS_NO_CIPHERS", 20, 230}, ++ #endif ++ #ifdef SSL_R_SSL_NEGATIVE_LENGTH ++ {"SSL_NEGATIVE_LENGTH", ERR_LIB_SSL, SSL_R_SSL_NEGATIVE_LENGTH}, ++ #else ++ {"SSL_NEGATIVE_LENGTH", 20, 372}, ++ #endif ++ #ifdef SSL_R_SSL_SECTION_EMPTY ++ {"SSL_SECTION_EMPTY", ERR_LIB_SSL, SSL_R_SSL_SECTION_EMPTY}, ++ #else ++ {"SSL_SECTION_EMPTY", 20, 126}, ++ #endif ++ #ifdef SSL_R_SSL_SECTION_NOT_FOUND ++ {"SSL_SECTION_NOT_FOUND", ERR_LIB_SSL, SSL_R_SSL_SECTION_NOT_FOUND}, ++ #else ++ {"SSL_SECTION_NOT_FOUND", 20, 136}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_CALLBACK_FAILED ++ {"SSL_SESSION_ID_CALLBACK_FAILED", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED}, ++ #else ++ {"SSL_SESSION_ID_CALLBACK_FAILED", 20, 301}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_CONFLICT ++ {"SSL_SESSION_ID_CONFLICT", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONFLICT}, ++ #else ++ {"SSL_SESSION_ID_CONFLICT", 20, 302}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG ++ {"SSL_SESSION_ID_CONTEXT_TOO_LONG", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG}, ++ #else ++ {"SSL_SESSION_ID_CONTEXT_TOO_LONG", 20, 273}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH ++ {"SSL_SESSION_ID_HAS_BAD_LENGTH", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH}, ++ #else ++ {"SSL_SESSION_ID_HAS_BAD_LENGTH", 20, 303}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_ID_TOO_LONG ++ {"SSL_SESSION_ID_TOO_LONG", ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_TOO_LONG}, ++ #else ++ {"SSL_SESSION_ID_TOO_LONG", 20, 408}, ++ #endif ++ #ifdef SSL_R_SSL_SESSION_VERSION_MISMATCH ++ {"SSL_SESSION_VERSION_MISMATCH", ERR_LIB_SSL, SSL_R_SSL_SESSION_VERSION_MISMATCH}, ++ #else ++ {"SSL_SESSION_VERSION_MISMATCH", 20, 210}, ++ #endif ++ #ifdef SSL_R_STILL_IN_INIT ++ {"STILL_IN_INIT", ERR_LIB_SSL, SSL_R_STILL_IN_INIT}, ++ #else ++ {"STILL_IN_INIT", 20, 121}, ++ #endif ++ #ifdef SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED ++ {"TLSV13_ALERT_CERTIFICATE_REQUIRED", ERR_LIB_SSL, SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED}, ++ #else ++ {"TLSV13_ALERT_CERTIFICATE_REQUIRED", 20, 1116}, ++ #endif ++ #ifdef SSL_R_TLSV13_ALERT_MISSING_EXTENSION ++ {"TLSV13_ALERT_MISSING_EXTENSION", ERR_LIB_SSL, SSL_R_TLSV13_ALERT_MISSING_EXTENSION}, ++ #else ++ {"TLSV13_ALERT_MISSING_EXTENSION", 20, 1109}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_ACCESS_DENIED ++ {"TLSV1_ALERT_ACCESS_DENIED", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_ACCESS_DENIED}, ++ #else ++ {"TLSV1_ALERT_ACCESS_DENIED", 20, 1049}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_DECODE_ERROR ++ {"TLSV1_ALERT_DECODE_ERROR", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_DECODE_ERROR}, ++ #else ++ {"TLSV1_ALERT_DECODE_ERROR", 20, 1050}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ++ {"TLSV1_ALERT_DECRYPTION_FAILED", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_DECRYPTION_FAILED}, ++ #else ++ {"TLSV1_ALERT_DECRYPTION_FAILED", 20, 1021}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_DECRYPT_ERROR ++ {"TLSV1_ALERT_DECRYPT_ERROR", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_DECRYPT_ERROR}, ++ #else ++ {"TLSV1_ALERT_DECRYPT_ERROR", 20, 1051}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ++ {"TLSV1_ALERT_EXPORT_RESTRICTION", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION}, ++ #else ++ {"TLSV1_ALERT_EXPORT_RESTRICTION", 20, 1060}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK ++ {"TLSV1_ALERT_INAPPROPRIATE_FALLBACK", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK}, ++ #else ++ {"TLSV1_ALERT_INAPPROPRIATE_FALLBACK", 20, 1086}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ++ {"TLSV1_ALERT_INSUFFICIENT_SECURITY", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY}, ++ #else ++ {"TLSV1_ALERT_INSUFFICIENT_SECURITY", 20, 1071}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_INTERNAL_ERROR ++ {"TLSV1_ALERT_INTERNAL_ERROR", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_INTERNAL_ERROR}, ++ #else ++ {"TLSV1_ALERT_INTERNAL_ERROR", 20, 1080}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ++ {"TLSV1_ALERT_NO_RENEGOTIATION", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_NO_RENEGOTIATION}, ++ #else ++ {"TLSV1_ALERT_NO_RENEGOTIATION", 20, 1100}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ++ {"TLSV1_ALERT_PROTOCOL_VERSION", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_PROTOCOL_VERSION}, ++ #else ++ {"TLSV1_ALERT_PROTOCOL_VERSION", 20, 1070}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ++ {"TLSV1_ALERT_RECORD_OVERFLOW", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_RECORD_OVERFLOW}, ++ #else ++ {"TLSV1_ALERT_RECORD_OVERFLOW", 20, 1022}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_UNKNOWN_CA ++ {"TLSV1_ALERT_UNKNOWN_CA", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_UNKNOWN_CA}, ++ #else ++ {"TLSV1_ALERT_UNKNOWN_CA", 20, 1048}, ++ #endif ++ #ifdef SSL_R_TLSV1_ALERT_USER_CANCELLED ++ {"TLSV1_ALERT_USER_CANCELLED", ERR_LIB_SSL, SSL_R_TLSV1_ALERT_USER_CANCELLED}, ++ #else ++ {"TLSV1_ALERT_USER_CANCELLED", 20, 1090}, ++ #endif ++ #ifdef SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE ++ {"TLSV1_BAD_CERTIFICATE_HASH_VALUE", ERR_LIB_SSL, SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE}, ++ #else ++ {"TLSV1_BAD_CERTIFICATE_HASH_VALUE", 20, 1114}, ++ #endif ++ #ifdef SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE ++ {"TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE", ERR_LIB_SSL, SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE}, ++ #else ++ {"TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE", 20, 1113}, ++ #endif ++ #ifdef SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE ++ {"TLSV1_CERTIFICATE_UNOBTAINABLE", ERR_LIB_SSL, SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE}, ++ #else ++ {"TLSV1_CERTIFICATE_UNOBTAINABLE", 20, 1111}, ++ #endif ++ #ifdef SSL_R_TLSV1_UNRECOGNIZED_NAME ++ {"TLSV1_UNRECOGNIZED_NAME", ERR_LIB_SSL, SSL_R_TLSV1_UNRECOGNIZED_NAME}, ++ #else ++ {"TLSV1_UNRECOGNIZED_NAME", 20, 1112}, ++ #endif ++ #ifdef SSL_R_TLSV1_UNSUPPORTED_EXTENSION ++ {"TLSV1_UNSUPPORTED_EXTENSION", ERR_LIB_SSL, SSL_R_TLSV1_UNSUPPORTED_EXTENSION}, ++ #else ++ {"TLSV1_UNSUPPORTED_EXTENSION", 20, 1110}, ++ #endif ++ #ifdef SSL_R_TLS_ILLEGAL_EXPORTER_LABEL ++ {"TLS_ILLEGAL_EXPORTER_LABEL", ERR_LIB_SSL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL}, ++ #else ++ {"TLS_ILLEGAL_EXPORTER_LABEL", 20, 367}, ++ #endif ++ #ifdef SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST ++ {"TLS_INVALID_ECPOINTFORMAT_LIST", ERR_LIB_SSL, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST}, ++ #else ++ {"TLS_INVALID_ECPOINTFORMAT_LIST", 20, 157}, ++ #endif ++ #ifdef SSL_R_TOO_MANY_KEY_UPDATES ++ {"TOO_MANY_KEY_UPDATES", ERR_LIB_SSL, SSL_R_TOO_MANY_KEY_UPDATES}, ++ #else ++ {"TOO_MANY_KEY_UPDATES", 20, 132}, ++ #endif ++ #ifdef SSL_R_TOO_MANY_WARN_ALERTS ++ {"TOO_MANY_WARN_ALERTS", ERR_LIB_SSL, SSL_R_TOO_MANY_WARN_ALERTS}, ++ #else ++ {"TOO_MANY_WARN_ALERTS", 20, 409}, ++ #endif ++ #ifdef SSL_R_TOO_MUCH_EARLY_DATA ++ {"TOO_MUCH_EARLY_DATA", ERR_LIB_SSL, SSL_R_TOO_MUCH_EARLY_DATA}, ++ #else ++ {"TOO_MUCH_EARLY_DATA", 20, 164}, ++ #endif ++ #ifdef SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS ++ {"UNABLE_TO_FIND_ECDH_PARAMETERS", ERR_LIB_SSL, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS}, ++ #else ++ {"UNABLE_TO_FIND_ECDH_PARAMETERS", 20, 314}, ++ #endif ++ #ifdef SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS ++ {"UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS", ERR_LIB_SSL, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS}, ++ #else ++ {"UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS", 20, 239}, ++ #endif ++ #ifdef SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ++ {"UNABLE_TO_LOAD_SSL3_MD5_ROUTINES", ERR_LIB_SSL, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES}, ++ #else ++ {"UNABLE_TO_LOAD_SSL3_MD5_ROUTINES", 20, 242}, ++ #endif ++ #ifdef SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ++ {"UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES", ERR_LIB_SSL, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES}, ++ #else ++ {"UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES", 20, 243}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_CCS_MESSAGE ++ {"UNEXPECTED_CCS_MESSAGE", ERR_LIB_SSL, SSL_R_UNEXPECTED_CCS_MESSAGE}, ++ #else ++ {"UNEXPECTED_CCS_MESSAGE", 20, 262}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_END_OF_EARLY_DATA ++ {"UNEXPECTED_END_OF_EARLY_DATA", ERR_LIB_SSL, SSL_R_UNEXPECTED_END_OF_EARLY_DATA}, ++ #else ++ {"UNEXPECTED_END_OF_EARLY_DATA", 20, 178}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_EOF_WHILE_READING ++ {"UNEXPECTED_EOF_WHILE_READING", ERR_LIB_SSL, SSL_R_UNEXPECTED_EOF_WHILE_READING}, ++ #else ++ {"UNEXPECTED_EOF_WHILE_READING", 20, 294}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_MESSAGE ++ {"UNEXPECTED_MESSAGE", ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE}, ++ #else ++ {"UNEXPECTED_MESSAGE", 20, 244}, ++ #endif ++ #ifdef SSL_R_UNEXPECTED_RECORD ++ {"UNEXPECTED_RECORD", ERR_LIB_SSL, SSL_R_UNEXPECTED_RECORD}, ++ #else ++ {"UNEXPECTED_RECORD", 20, 245}, ++ #endif ++ #ifdef SSL_R_UNINITIALIZED ++ {"UNINITIALIZED", ERR_LIB_SSL, SSL_R_UNINITIALIZED}, ++ #else ++ {"UNINITIALIZED", 20, 276}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_ALERT_TYPE ++ {"UNKNOWN_ALERT_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_ALERT_TYPE}, ++ #else ++ {"UNKNOWN_ALERT_TYPE", 20, 246}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_CERTIFICATE_TYPE ++ {"UNKNOWN_CERTIFICATE_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE}, ++ #else ++ {"UNKNOWN_CERTIFICATE_TYPE", 20, 247}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_CIPHER_RETURNED ++ {"UNKNOWN_CIPHER_RETURNED", ERR_LIB_SSL, SSL_R_UNKNOWN_CIPHER_RETURNED}, ++ #else ++ {"UNKNOWN_CIPHER_RETURNED", 20, 248}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_CIPHER_TYPE ++ {"UNKNOWN_CIPHER_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_CIPHER_TYPE}, ++ #else ++ {"UNKNOWN_CIPHER_TYPE", 20, 249}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_CMD_NAME ++ {"UNKNOWN_CMD_NAME", ERR_LIB_SSL, SSL_R_UNKNOWN_CMD_NAME}, ++ #else ++ {"UNKNOWN_CMD_NAME", 20, 386}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_COMMAND ++ {"UNKNOWN_COMMAND", ERR_LIB_SSL, SSL_R_UNKNOWN_COMMAND}, ++ #else ++ {"UNKNOWN_COMMAND", 20, 139}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_DIGEST ++ {"UNKNOWN_DIGEST", ERR_LIB_SSL, SSL_R_UNKNOWN_DIGEST}, ++ #else ++ {"UNKNOWN_DIGEST", 20, 368}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ++ {"UNKNOWN_KEY_EXCHANGE_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE}, ++ #else ++ {"UNKNOWN_KEY_EXCHANGE_TYPE", 20, 250}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_PKEY_TYPE ++ {"UNKNOWN_PKEY_TYPE", ERR_LIB_SSL, SSL_R_UNKNOWN_PKEY_TYPE}, ++ #else ++ {"UNKNOWN_PKEY_TYPE", 20, 251}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_PROTOCOL ++ {"UNKNOWN_PROTOCOL", ERR_LIB_SSL, SSL_R_UNKNOWN_PROTOCOL}, ++ #else ++ {"UNKNOWN_PROTOCOL", 20, 252}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_SSL_VERSION ++ {"UNKNOWN_SSL_VERSION", ERR_LIB_SSL, SSL_R_UNKNOWN_SSL_VERSION}, ++ #else ++ {"UNKNOWN_SSL_VERSION", 20, 254}, ++ #endif ++ #ifdef SSL_R_UNKNOWN_STATE ++ {"UNKNOWN_STATE", ERR_LIB_SSL, SSL_R_UNKNOWN_STATE}, ++ #else ++ {"UNKNOWN_STATE", 20, 255}, ++ #endif ++ #ifdef SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED ++ {"UNSAFE_LEGACY_RENEGOTIATION_DISABLED", ERR_LIB_SSL, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED}, ++ #else ++ {"UNSAFE_LEGACY_RENEGOTIATION_DISABLED", 20, 338}, ++ #endif ++ #ifdef SSL_R_UNSOLICITED_EXTENSION ++ {"UNSOLICITED_EXTENSION", ERR_LIB_SSL, SSL_R_UNSOLICITED_EXTENSION}, ++ #else ++ {"UNSOLICITED_EXTENSION", 20, 217}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ++ {"UNSUPPORTED_COMPRESSION_ALGORITHM", ERR_LIB_SSL, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_COMPRESSION_ALGORITHM", 20, 257}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_ELLIPTIC_CURVE ++ {"UNSUPPORTED_ELLIPTIC_CURVE", ERR_LIB_SSL, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE}, ++ #else ++ {"UNSUPPORTED_ELLIPTIC_CURVE", 20, 315}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_PROTOCOL ++ {"UNSUPPORTED_PROTOCOL", ERR_LIB_SSL, SSL_R_UNSUPPORTED_PROTOCOL}, ++ #else ++ {"UNSUPPORTED_PROTOCOL", 20, 258}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_SSL_VERSION ++ {"UNSUPPORTED_SSL_VERSION", ERR_LIB_SSL, SSL_R_UNSUPPORTED_SSL_VERSION}, ++ #else ++ {"UNSUPPORTED_SSL_VERSION", 20, 259}, ++ #endif ++ #ifdef SSL_R_UNSUPPORTED_STATUS_TYPE ++ {"UNSUPPORTED_STATUS_TYPE", ERR_LIB_SSL, SSL_R_UNSUPPORTED_STATUS_TYPE}, ++ #else ++ {"UNSUPPORTED_STATUS_TYPE", 20, 329}, ++ #endif ++ #ifdef SSL_R_USE_SRTP_NOT_NEGOTIATED ++ {"USE_SRTP_NOT_NEGOTIATED", ERR_LIB_SSL, SSL_R_USE_SRTP_NOT_NEGOTIATED}, ++ #else ++ {"USE_SRTP_NOT_NEGOTIATED", 20, 369}, ++ #endif ++ #ifdef SSL_R_VERSION_TOO_HIGH ++ {"VERSION_TOO_HIGH", ERR_LIB_SSL, SSL_R_VERSION_TOO_HIGH}, ++ #else ++ {"VERSION_TOO_HIGH", 20, 166}, ++ #endif ++ #ifdef SSL_R_VERSION_TOO_LOW ++ {"VERSION_TOO_LOW", ERR_LIB_SSL, SSL_R_VERSION_TOO_LOW}, ++ #else ++ {"VERSION_TOO_LOW", 20, 396}, ++ #endif ++ #ifdef SSL_R_WRONG_CERTIFICATE_TYPE ++ {"WRONG_CERTIFICATE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_CERTIFICATE_TYPE}, ++ #else ++ {"WRONG_CERTIFICATE_TYPE", 20, 383}, ++ #endif ++ #ifdef SSL_R_WRONG_CIPHER_RETURNED ++ {"WRONG_CIPHER_RETURNED", ERR_LIB_SSL, SSL_R_WRONG_CIPHER_RETURNED}, ++ #else ++ {"WRONG_CIPHER_RETURNED", 20, 261}, ++ #endif ++ #ifdef SSL_R_WRONG_CURVE ++ {"WRONG_CURVE", ERR_LIB_SSL, SSL_R_WRONG_CURVE}, ++ #else ++ {"WRONG_CURVE", 20, 378}, ++ #endif ++ #ifdef SSL_R_WRONG_SIGNATURE_LENGTH ++ {"WRONG_SIGNATURE_LENGTH", ERR_LIB_SSL, SSL_R_WRONG_SIGNATURE_LENGTH}, ++ #else ++ {"WRONG_SIGNATURE_LENGTH", 20, 264}, ++ #endif ++ #ifdef SSL_R_WRONG_SIGNATURE_SIZE ++ {"WRONG_SIGNATURE_SIZE", ERR_LIB_SSL, SSL_R_WRONG_SIGNATURE_SIZE}, ++ #else ++ {"WRONG_SIGNATURE_SIZE", 20, 265}, ++ #endif ++ #ifdef SSL_R_WRONG_SIGNATURE_TYPE ++ {"WRONG_SIGNATURE_TYPE", ERR_LIB_SSL, SSL_R_WRONG_SIGNATURE_TYPE}, ++ #else ++ {"WRONG_SIGNATURE_TYPE", 20, 370}, ++ #endif ++ #ifdef SSL_R_WRONG_SSL_VERSION ++ {"WRONG_SSL_VERSION", ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION}, ++ #else ++ {"WRONG_SSL_VERSION", 20, 266}, ++ #endif ++ #ifdef SSL_R_WRONG_VERSION_NUMBER ++ {"WRONG_VERSION_NUMBER", ERR_LIB_SSL, SSL_R_WRONG_VERSION_NUMBER}, ++ #else ++ {"WRONG_VERSION_NUMBER", 20, 267}, ++ #endif ++ #ifdef SSL_R_X509_LIB ++ {"X509_LIB", ERR_LIB_SSL, SSL_R_X509_LIB}, ++ #else ++ {"X509_LIB", 20, 268}, ++ #endif ++ #ifdef SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ++ {"X509_VERIFICATION_SETUP_PROBLEMS", ERR_LIB_SSL, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS}, ++ #else ++ {"X509_VERIFICATION_SETUP_PROBLEMS", 20, 269}, ++ #endif ++ #ifdef TS_R_BAD_PKCS7_TYPE ++ {"BAD_PKCS7_TYPE", ERR_LIB_TS, TS_R_BAD_PKCS7_TYPE}, ++ #else ++ {"BAD_PKCS7_TYPE", 47, 132}, ++ #endif ++ #ifdef TS_R_BAD_TYPE ++ {"BAD_TYPE", ERR_LIB_TS, TS_R_BAD_TYPE}, ++ #else ++ {"BAD_TYPE", 47, 133}, ++ #endif ++ #ifdef TS_R_CANNOT_LOAD_CERT ++ {"CANNOT_LOAD_CERT", ERR_LIB_TS, TS_R_CANNOT_LOAD_CERT}, ++ #else ++ {"CANNOT_LOAD_CERT", 47, 137}, ++ #endif ++ #ifdef TS_R_CANNOT_LOAD_KEY ++ {"CANNOT_LOAD_KEY", ERR_LIB_TS, TS_R_CANNOT_LOAD_KEY}, ++ #else ++ {"CANNOT_LOAD_KEY", 47, 138}, ++ #endif ++ #ifdef TS_R_CERTIFICATE_VERIFY_ERROR ++ {"CERTIFICATE_VERIFY_ERROR", ERR_LIB_TS, TS_R_CERTIFICATE_VERIFY_ERROR}, ++ #else ++ {"CERTIFICATE_VERIFY_ERROR", 47, 100}, ++ #endif ++ #ifdef TS_R_COULD_NOT_SET_ENGINE ++ {"COULD_NOT_SET_ENGINE", ERR_LIB_TS, TS_R_COULD_NOT_SET_ENGINE}, ++ #else ++ {"COULD_NOT_SET_ENGINE", 47, 127}, ++ #endif ++ #ifdef TS_R_COULD_NOT_SET_TIME ++ {"COULD_NOT_SET_TIME", ERR_LIB_TS, TS_R_COULD_NOT_SET_TIME}, ++ #else ++ {"COULD_NOT_SET_TIME", 47, 115}, ++ #endif ++ #ifdef TS_R_DETACHED_CONTENT ++ {"DETACHED_CONTENT", ERR_LIB_TS, TS_R_DETACHED_CONTENT}, ++ #else ++ {"DETACHED_CONTENT", 47, 134}, ++ #endif ++ #ifdef TS_R_ESS_ADD_SIGNING_CERT_ERROR ++ {"ESS_ADD_SIGNING_CERT_ERROR", ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_ERROR}, ++ #else ++ {"ESS_ADD_SIGNING_CERT_ERROR", 47, 116}, ++ #endif ++ #ifdef TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR ++ {"ESS_ADD_SIGNING_CERT_V2_ERROR", ERR_LIB_TS, TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR}, ++ #else ++ {"ESS_ADD_SIGNING_CERT_V2_ERROR", 47, 139}, ++ #endif ++ #ifdef TS_R_ESS_SIGNING_CERTIFICATE_ERROR ++ {"ESS_SIGNING_CERTIFICATE_ERROR", ERR_LIB_TS, TS_R_ESS_SIGNING_CERTIFICATE_ERROR}, ++ #else ++ {"ESS_SIGNING_CERTIFICATE_ERROR", 47, 101}, ++ #endif ++ #ifdef TS_R_INVALID_NULL_POINTER ++ {"INVALID_NULL_POINTER", ERR_LIB_TS, TS_R_INVALID_NULL_POINTER}, ++ #else ++ {"INVALID_NULL_POINTER", 47, 102}, ++ #endif ++ #ifdef TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE ++ {"INVALID_SIGNER_CERTIFICATE_PURPOSE", ERR_LIB_TS, TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE}, ++ #else ++ {"INVALID_SIGNER_CERTIFICATE_PURPOSE", 47, 117}, ++ #endif ++ #ifdef TS_R_MESSAGE_IMPRINT_MISMATCH ++ {"MESSAGE_IMPRINT_MISMATCH", ERR_LIB_TS, TS_R_MESSAGE_IMPRINT_MISMATCH}, ++ #else ++ {"MESSAGE_IMPRINT_MISMATCH", 47, 103}, ++ #endif ++ #ifdef TS_R_NONCE_MISMATCH ++ {"NONCE_MISMATCH", ERR_LIB_TS, TS_R_NONCE_MISMATCH}, ++ #else ++ {"NONCE_MISMATCH", 47, 104}, ++ #endif ++ #ifdef TS_R_NONCE_NOT_RETURNED ++ {"NONCE_NOT_RETURNED", ERR_LIB_TS, TS_R_NONCE_NOT_RETURNED}, ++ #else ++ {"NONCE_NOT_RETURNED", 47, 105}, ++ #endif ++ #ifdef TS_R_NO_CONTENT ++ {"NO_CONTENT", ERR_LIB_TS, TS_R_NO_CONTENT}, ++ #else ++ {"NO_CONTENT", 47, 106}, ++ #endif ++ #ifdef TS_R_NO_TIME_STAMP_TOKEN ++ {"NO_TIME_STAMP_TOKEN", ERR_LIB_TS, TS_R_NO_TIME_STAMP_TOKEN}, ++ #else ++ {"NO_TIME_STAMP_TOKEN", 47, 107}, ++ #endif ++ #ifdef TS_R_PKCS7_ADD_SIGNATURE_ERROR ++ {"PKCS7_ADD_SIGNATURE_ERROR", ERR_LIB_TS, TS_R_PKCS7_ADD_SIGNATURE_ERROR}, ++ #else ++ {"PKCS7_ADD_SIGNATURE_ERROR", 47, 118}, ++ #endif ++ #ifdef TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR ++ {"PKCS7_ADD_SIGNED_ATTR_ERROR", ERR_LIB_TS, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR}, ++ #else ++ {"PKCS7_ADD_SIGNED_ATTR_ERROR", 47, 119}, ++ #endif ++ #ifdef TS_R_PKCS7_TO_TS_TST_INFO_FAILED ++ {"PKCS7_TO_TS_TST_INFO_FAILED", ERR_LIB_TS, TS_R_PKCS7_TO_TS_TST_INFO_FAILED}, ++ #else ++ {"PKCS7_TO_TS_TST_INFO_FAILED", 47, 129}, ++ #endif ++ #ifdef TS_R_POLICY_MISMATCH ++ {"POLICY_MISMATCH", ERR_LIB_TS, TS_R_POLICY_MISMATCH}, ++ #else ++ {"POLICY_MISMATCH", 47, 108}, ++ #endif ++ #ifdef TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", ERR_LIB_TS, TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE}, ++ #else ++ {"PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", 47, 120}, ++ #endif ++ #ifdef TS_R_RESPONSE_SETUP_ERROR ++ {"RESPONSE_SETUP_ERROR", ERR_LIB_TS, TS_R_RESPONSE_SETUP_ERROR}, ++ #else ++ {"RESPONSE_SETUP_ERROR", 47, 121}, ++ #endif ++ #ifdef TS_R_SIGNATURE_FAILURE ++ {"SIGNATURE_FAILURE", ERR_LIB_TS, TS_R_SIGNATURE_FAILURE}, ++ #else ++ {"SIGNATURE_FAILURE", 47, 109}, ++ #endif ++ #ifdef TS_R_THERE_MUST_BE_ONE_SIGNER ++ {"THERE_MUST_BE_ONE_SIGNER", ERR_LIB_TS, TS_R_THERE_MUST_BE_ONE_SIGNER}, ++ #else ++ {"THERE_MUST_BE_ONE_SIGNER", 47, 110}, ++ #endif ++ #ifdef TS_R_TIME_SYSCALL_ERROR ++ {"TIME_SYSCALL_ERROR", ERR_LIB_TS, TS_R_TIME_SYSCALL_ERROR}, ++ #else ++ {"TIME_SYSCALL_ERROR", 47, 122}, ++ #endif ++ #ifdef TS_R_TOKEN_NOT_PRESENT ++ {"TOKEN_NOT_PRESENT", ERR_LIB_TS, TS_R_TOKEN_NOT_PRESENT}, ++ #else ++ {"TOKEN_NOT_PRESENT", 47, 130}, ++ #endif ++ #ifdef TS_R_TOKEN_PRESENT ++ {"TOKEN_PRESENT", ERR_LIB_TS, TS_R_TOKEN_PRESENT}, ++ #else ++ {"TOKEN_PRESENT", 47, 131}, ++ #endif ++ #ifdef TS_R_TSA_NAME_MISMATCH ++ {"TSA_NAME_MISMATCH", ERR_LIB_TS, TS_R_TSA_NAME_MISMATCH}, ++ #else ++ {"TSA_NAME_MISMATCH", 47, 111}, ++ #endif ++ #ifdef TS_R_TSA_UNTRUSTED ++ {"TSA_UNTRUSTED", ERR_LIB_TS, TS_R_TSA_UNTRUSTED}, ++ #else ++ {"TSA_UNTRUSTED", 47, 112}, ++ #endif ++ #ifdef TS_R_TST_INFO_SETUP_ERROR ++ {"TST_INFO_SETUP_ERROR", ERR_LIB_TS, TS_R_TST_INFO_SETUP_ERROR}, ++ #else ++ {"TST_INFO_SETUP_ERROR", 47, 123}, ++ #endif ++ #ifdef TS_R_TS_DATASIGN ++ {"TS_DATASIGN", ERR_LIB_TS, TS_R_TS_DATASIGN}, ++ #else ++ {"TS_DATASIGN", 47, 124}, ++ #endif ++ #ifdef TS_R_UNACCEPTABLE_POLICY ++ {"UNACCEPTABLE_POLICY", ERR_LIB_TS, TS_R_UNACCEPTABLE_POLICY}, ++ #else ++ {"UNACCEPTABLE_POLICY", 47, 125}, ++ #endif ++ #ifdef TS_R_UNSUPPORTED_MD_ALGORITHM ++ {"UNSUPPORTED_MD_ALGORITHM", ERR_LIB_TS, TS_R_UNSUPPORTED_MD_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_MD_ALGORITHM", 47, 126}, ++ #endif ++ #ifdef TS_R_UNSUPPORTED_VERSION ++ {"UNSUPPORTED_VERSION", ERR_LIB_TS, TS_R_UNSUPPORTED_VERSION}, ++ #else ++ {"UNSUPPORTED_VERSION", 47, 113}, ++ #endif ++ #ifdef TS_R_VAR_BAD_VALUE ++ {"VAR_BAD_VALUE", ERR_LIB_TS, TS_R_VAR_BAD_VALUE}, ++ #else ++ {"VAR_BAD_VALUE", 47, 135}, ++ #endif ++ #ifdef TS_R_VAR_LOOKUP_FAILURE ++ {"VAR_LOOKUP_FAILURE", ERR_LIB_TS, TS_R_VAR_LOOKUP_FAILURE}, ++ #else ++ {"VAR_LOOKUP_FAILURE", 47, 136}, ++ #endif ++ #ifdef TS_R_WRONG_CONTENT_TYPE ++ {"WRONG_CONTENT_TYPE", ERR_LIB_TS, TS_R_WRONG_CONTENT_TYPE}, ++ #else ++ {"WRONG_CONTENT_TYPE", 47, 114}, ++ #endif ++ #ifdef UI_R_COMMON_OK_AND_CANCEL_CHARACTERS ++ {"COMMON_OK_AND_CANCEL_CHARACTERS", ERR_LIB_UI, UI_R_COMMON_OK_AND_CANCEL_CHARACTERS}, ++ #else ++ {"COMMON_OK_AND_CANCEL_CHARACTERS", 40, 104}, ++ #endif ++ #ifdef UI_R_INDEX_TOO_LARGE ++ {"INDEX_TOO_LARGE", ERR_LIB_UI, UI_R_INDEX_TOO_LARGE}, ++ #else ++ {"INDEX_TOO_LARGE", 40, 102}, ++ #endif ++ #ifdef UI_R_INDEX_TOO_SMALL ++ {"INDEX_TOO_SMALL", ERR_LIB_UI, UI_R_INDEX_TOO_SMALL}, ++ #else ++ {"INDEX_TOO_SMALL", 40, 103}, ++ #endif ++ #ifdef UI_R_NO_RESULT_BUFFER ++ {"NO_RESULT_BUFFER", ERR_LIB_UI, UI_R_NO_RESULT_BUFFER}, ++ #else ++ {"NO_RESULT_BUFFER", 40, 105}, ++ #endif ++ #ifdef UI_R_PROCESSING_ERROR ++ {"PROCESSING_ERROR", ERR_LIB_UI, UI_R_PROCESSING_ERROR}, ++ #else ++ {"PROCESSING_ERROR", 40, 107}, ++ #endif ++ #ifdef UI_R_RESULT_TOO_LARGE ++ {"RESULT_TOO_LARGE", ERR_LIB_UI, UI_R_RESULT_TOO_LARGE}, ++ #else ++ {"RESULT_TOO_LARGE", 40, 100}, ++ #endif ++ #ifdef UI_R_RESULT_TOO_SMALL ++ {"RESULT_TOO_SMALL", ERR_LIB_UI, UI_R_RESULT_TOO_SMALL}, ++ #else ++ {"RESULT_TOO_SMALL", 40, 101}, ++ #endif ++ #ifdef UI_R_SYSASSIGN_ERROR ++ {"SYSASSIGN_ERROR", ERR_LIB_UI, UI_R_SYSASSIGN_ERROR}, ++ #else ++ {"SYSASSIGN_ERROR", 40, 109}, ++ #endif ++ #ifdef UI_R_SYSDASSGN_ERROR ++ {"SYSDASSGN_ERROR", ERR_LIB_UI, UI_R_SYSDASSGN_ERROR}, ++ #else ++ {"SYSDASSGN_ERROR", 40, 110}, ++ #endif ++ #ifdef UI_R_SYSQIOW_ERROR ++ {"SYSQIOW_ERROR", ERR_LIB_UI, UI_R_SYSQIOW_ERROR}, ++ #else ++ {"SYSQIOW_ERROR", 40, 111}, ++ #endif ++ #ifdef UI_R_UNKNOWN_CONTROL_COMMAND ++ {"UNKNOWN_CONTROL_COMMAND", ERR_LIB_UI, UI_R_UNKNOWN_CONTROL_COMMAND}, ++ #else ++ {"UNKNOWN_CONTROL_COMMAND", 40, 106}, ++ #endif ++ #ifdef UI_R_UNKNOWN_TTYGET_ERRNO_VALUE ++ {"UNKNOWN_TTYGET_ERRNO_VALUE", ERR_LIB_UI, UI_R_UNKNOWN_TTYGET_ERRNO_VALUE}, ++ #else ++ {"UNKNOWN_TTYGET_ERRNO_VALUE", 40, 108}, ++ #endif ++ #ifdef UI_R_USER_DATA_DUPLICATION_UNSUPPORTED ++ {"USER_DATA_DUPLICATION_UNSUPPORTED", ERR_LIB_UI, UI_R_USER_DATA_DUPLICATION_UNSUPPORTED}, ++ #else ++ {"USER_DATA_DUPLICATION_UNSUPPORTED", 40, 112}, ++ #endif ++ #ifdef X509V3_R_BAD_IP_ADDRESS ++ {"BAD_IP_ADDRESS", ERR_LIB_X509V3, X509V3_R_BAD_IP_ADDRESS}, ++ #else ++ {"BAD_IP_ADDRESS", 34, 118}, ++ #endif ++ #ifdef X509V3_R_BAD_OBJECT ++ {"BAD_OBJECT", ERR_LIB_X509V3, X509V3_R_BAD_OBJECT}, ++ #else ++ {"BAD_OBJECT", 34, 119}, ++ #endif ++ #ifdef X509V3_R_BN_DEC2BN_ERROR ++ {"BN_DEC2BN_ERROR", ERR_LIB_X509V3, X509V3_R_BN_DEC2BN_ERROR}, ++ #else ++ {"BN_DEC2BN_ERROR", 34, 100}, ++ #endif ++ #ifdef X509V3_R_BN_TO_ASN1_INTEGER_ERROR ++ {"BN_TO_ASN1_INTEGER_ERROR", ERR_LIB_X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR}, ++ #else ++ {"BN_TO_ASN1_INTEGER_ERROR", 34, 101}, ++ #endif ++ #ifdef X509V3_R_DIRNAME_ERROR ++ {"DIRNAME_ERROR", ERR_LIB_X509V3, X509V3_R_DIRNAME_ERROR}, ++ #else ++ {"DIRNAME_ERROR", 34, 149}, ++ #endif ++ #ifdef X509V3_R_DISTPOINT_ALREADY_SET ++ {"DISTPOINT_ALREADY_SET", ERR_LIB_X509V3, X509V3_R_DISTPOINT_ALREADY_SET}, ++ #else ++ {"DISTPOINT_ALREADY_SET", 34, 160}, ++ #endif ++ #ifdef X509V3_R_DUPLICATE_ZONE_ID ++ {"DUPLICATE_ZONE_ID", ERR_LIB_X509V3, X509V3_R_DUPLICATE_ZONE_ID}, ++ #else ++ {"DUPLICATE_ZONE_ID", 34, 133}, ++ #endif ++ #ifdef X509V3_R_EMPTY_KEY_USAGE ++ {"EMPTY_KEY_USAGE", ERR_LIB_X509V3, X509V3_R_EMPTY_KEY_USAGE}, ++ #else ++ {"EMPTY_KEY_USAGE", 34, 169}, ++ #endif ++ #ifdef X509V3_R_ERROR_CONVERTING_ZONE ++ {"ERROR_CONVERTING_ZONE", ERR_LIB_X509V3, X509V3_R_ERROR_CONVERTING_ZONE}, ++ #else ++ {"ERROR_CONVERTING_ZONE", 34, 131}, ++ #endif ++ #ifdef X509V3_R_ERROR_CREATING_EXTENSION ++ {"ERROR_CREATING_EXTENSION", ERR_LIB_X509V3, X509V3_R_ERROR_CREATING_EXTENSION}, ++ #else ++ {"ERROR_CREATING_EXTENSION", 34, 144}, ++ #endif ++ #ifdef X509V3_R_ERROR_IN_EXTENSION ++ {"ERROR_IN_EXTENSION", ERR_LIB_X509V3, X509V3_R_ERROR_IN_EXTENSION}, ++ #else ++ {"ERROR_IN_EXTENSION", 34, 128}, ++ #endif ++ #ifdef X509V3_R_EXPECTED_A_SECTION_NAME ++ {"EXPECTED_A_SECTION_NAME", ERR_LIB_X509V3, X509V3_R_EXPECTED_A_SECTION_NAME}, ++ #else ++ {"EXPECTED_A_SECTION_NAME", 34, 137}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_EXISTS ++ {"EXTENSION_EXISTS", ERR_LIB_X509V3, X509V3_R_EXTENSION_EXISTS}, ++ #else ++ {"EXTENSION_EXISTS", 34, 145}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_NAME_ERROR ++ {"EXTENSION_NAME_ERROR", ERR_LIB_X509V3, X509V3_R_EXTENSION_NAME_ERROR}, ++ #else ++ {"EXTENSION_NAME_ERROR", 34, 115}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_NOT_FOUND ++ {"EXTENSION_NOT_FOUND", ERR_LIB_X509V3, X509V3_R_EXTENSION_NOT_FOUND}, ++ #else ++ {"EXTENSION_NOT_FOUND", 34, 102}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED ++ {"EXTENSION_SETTING_NOT_SUPPORTED", ERR_LIB_X509V3, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED}, ++ #else ++ {"EXTENSION_SETTING_NOT_SUPPORTED", 34, 103}, ++ #endif ++ #ifdef X509V3_R_EXTENSION_VALUE_ERROR ++ {"EXTENSION_VALUE_ERROR", ERR_LIB_X509V3, X509V3_R_EXTENSION_VALUE_ERROR}, ++ #else ++ {"EXTENSION_VALUE_ERROR", 34, 116}, ++ #endif ++ #ifdef X509V3_R_ILLEGAL_EMPTY_EXTENSION ++ {"ILLEGAL_EMPTY_EXTENSION", ERR_LIB_X509V3, X509V3_R_ILLEGAL_EMPTY_EXTENSION}, ++ #else ++ {"ILLEGAL_EMPTY_EXTENSION", 34, 151}, ++ #endif ++ #ifdef X509V3_R_INCORRECT_POLICY_SYNTAX_TAG ++ {"INCORRECT_POLICY_SYNTAX_TAG", ERR_LIB_X509V3, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG}, ++ #else ++ {"INCORRECT_POLICY_SYNTAX_TAG", 34, 152}, ++ #endif ++ #ifdef X509V3_R_INVALID_ASNUMBER ++ {"INVALID_ASNUMBER", ERR_LIB_X509V3, X509V3_R_INVALID_ASNUMBER}, ++ #else ++ {"INVALID_ASNUMBER", 34, 162}, ++ #endif ++ #ifdef X509V3_R_INVALID_ASRANGE ++ {"INVALID_ASRANGE", ERR_LIB_X509V3, X509V3_R_INVALID_ASRANGE}, ++ #else ++ {"INVALID_ASRANGE", 34, 163}, ++ #endif ++ #ifdef X509V3_R_INVALID_BOOLEAN_STRING ++ {"INVALID_BOOLEAN_STRING", ERR_LIB_X509V3, X509V3_R_INVALID_BOOLEAN_STRING}, ++ #else ++ {"INVALID_BOOLEAN_STRING", 34, 104}, ++ #endif ++ #ifdef X509V3_R_INVALID_CERTIFICATE ++ {"INVALID_CERTIFICATE", ERR_LIB_X509V3, X509V3_R_INVALID_CERTIFICATE}, ++ #else ++ {"INVALID_CERTIFICATE", 34, 158}, ++ #endif ++ #ifdef X509V3_R_INVALID_EMPTY_NAME ++ {"INVALID_EMPTY_NAME", ERR_LIB_X509V3, X509V3_R_INVALID_EMPTY_NAME}, ++ #else ++ {"INVALID_EMPTY_NAME", 34, 108}, ++ #endif ++ #ifdef X509V3_R_INVALID_EXTENSION_STRING ++ {"INVALID_EXTENSION_STRING", ERR_LIB_X509V3, X509V3_R_INVALID_EXTENSION_STRING}, ++ #else ++ {"INVALID_EXTENSION_STRING", 34, 105}, ++ #endif ++ #ifdef X509V3_R_INVALID_INHERITANCE ++ {"INVALID_INHERITANCE", ERR_LIB_X509V3, X509V3_R_INVALID_INHERITANCE}, ++ #else ++ {"INVALID_INHERITANCE", 34, 165}, ++ #endif ++ #ifdef X509V3_R_INVALID_IPADDRESS ++ {"INVALID_IPADDRESS", ERR_LIB_X509V3, X509V3_R_INVALID_IPADDRESS}, ++ #else ++ {"INVALID_IPADDRESS", 34, 166}, ++ #endif ++ #ifdef X509V3_R_INVALID_MULTIPLE_RDNS ++ {"INVALID_MULTIPLE_RDNS", ERR_LIB_X509V3, X509V3_R_INVALID_MULTIPLE_RDNS}, ++ #else ++ {"INVALID_MULTIPLE_RDNS", 34, 161}, ++ #endif ++ #ifdef X509V3_R_INVALID_NAME ++ {"INVALID_NAME", ERR_LIB_X509V3, X509V3_R_INVALID_NAME}, ++ #else ++ {"INVALID_NAME", 34, 106}, ++ #endif ++ #ifdef X509V3_R_INVALID_NULL_ARGUMENT ++ {"INVALID_NULL_ARGUMENT", ERR_LIB_X509V3, X509V3_R_INVALID_NULL_ARGUMENT}, ++ #else ++ {"INVALID_NULL_ARGUMENT", 34, 107}, ++ #endif ++ #ifdef X509V3_R_INVALID_NULL_VALUE ++ {"INVALID_NULL_VALUE", ERR_LIB_X509V3, X509V3_R_INVALID_NULL_VALUE}, ++ #else ++ {"INVALID_NULL_VALUE", 34, 109}, ++ #endif ++ #ifdef X509V3_R_INVALID_NUMBER ++ {"INVALID_NUMBER", ERR_LIB_X509V3, X509V3_R_INVALID_NUMBER}, ++ #else ++ {"INVALID_NUMBER", 34, 140}, ++ #endif ++ #ifdef X509V3_R_INVALID_NUMBERS ++ {"INVALID_NUMBERS", ERR_LIB_X509V3, X509V3_R_INVALID_NUMBERS}, ++ #else ++ {"INVALID_NUMBERS", 34, 141}, ++ #endif ++ #ifdef X509V3_R_INVALID_OBJECT_IDENTIFIER ++ {"INVALID_OBJECT_IDENTIFIER", ERR_LIB_X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER}, ++ #else ++ {"INVALID_OBJECT_IDENTIFIER", 34, 110}, ++ #endif ++ #ifdef X509V3_R_INVALID_OPTION ++ {"INVALID_OPTION", ERR_LIB_X509V3, X509V3_R_INVALID_OPTION}, ++ #else ++ {"INVALID_OPTION", 34, 138}, ++ #endif ++ #ifdef X509V3_R_INVALID_POLICY_IDENTIFIER ++ {"INVALID_POLICY_IDENTIFIER", ERR_LIB_X509V3, X509V3_R_INVALID_POLICY_IDENTIFIER}, ++ #else ++ {"INVALID_POLICY_IDENTIFIER", 34, 134}, ++ #endif ++ #ifdef X509V3_R_INVALID_PROXY_POLICY_SETTING ++ {"INVALID_PROXY_POLICY_SETTING", ERR_LIB_X509V3, X509V3_R_INVALID_PROXY_POLICY_SETTING}, ++ #else ++ {"INVALID_PROXY_POLICY_SETTING", 34, 153}, ++ #endif ++ #ifdef X509V3_R_INVALID_PURPOSE ++ {"INVALID_PURPOSE", ERR_LIB_X509V3, X509V3_R_INVALID_PURPOSE}, ++ #else ++ {"INVALID_PURPOSE", 34, 146}, ++ #endif ++ #ifdef X509V3_R_INVALID_SAFI ++ {"INVALID_SAFI", ERR_LIB_X509V3, X509V3_R_INVALID_SAFI}, ++ #else ++ {"INVALID_SAFI", 34, 164}, ++ #endif ++ #ifdef X509V3_R_INVALID_SECTION ++ {"INVALID_SECTION", ERR_LIB_X509V3, X509V3_R_INVALID_SECTION}, ++ #else ++ {"INVALID_SECTION", 34, 135}, ++ #endif ++ #ifdef X509V3_R_INVALID_SYNTAX ++ {"INVALID_SYNTAX", ERR_LIB_X509V3, X509V3_R_INVALID_SYNTAX}, ++ #else ++ {"INVALID_SYNTAX", 34, 143}, ++ #endif ++ #ifdef X509V3_R_ISSUER_DECODE_ERROR ++ {"ISSUER_DECODE_ERROR", ERR_LIB_X509V3, X509V3_R_ISSUER_DECODE_ERROR}, ++ #else ++ {"ISSUER_DECODE_ERROR", 34, 126}, ++ #endif ++ #ifdef X509V3_R_MISSING_VALUE ++ {"MISSING_VALUE", ERR_LIB_X509V3, X509V3_R_MISSING_VALUE}, ++ #else ++ {"MISSING_VALUE", 34, 124}, ++ #endif ++ #ifdef X509V3_R_NEED_ORGANIZATION_AND_NUMBERS ++ {"NEED_ORGANIZATION_AND_NUMBERS", ERR_LIB_X509V3, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS}, ++ #else ++ {"NEED_ORGANIZATION_AND_NUMBERS", 34, 142}, ++ #endif ++ #ifdef X509V3_R_NEGATIVE_PATHLEN ++ {"NEGATIVE_PATHLEN", ERR_LIB_X509V3, X509V3_R_NEGATIVE_PATHLEN}, ++ #else ++ {"NEGATIVE_PATHLEN", 34, 168}, ++ #endif ++ #ifdef X509V3_R_NO_CONFIG_DATABASE ++ {"NO_CONFIG_DATABASE", ERR_LIB_X509V3, X509V3_R_NO_CONFIG_DATABASE}, ++ #else ++ {"NO_CONFIG_DATABASE", 34, 136}, ++ #endif ++ #ifdef X509V3_R_NO_ISSUER_CERTIFICATE ++ {"NO_ISSUER_CERTIFICATE", ERR_LIB_X509V3, X509V3_R_NO_ISSUER_CERTIFICATE}, ++ #else ++ {"NO_ISSUER_CERTIFICATE", 34, 121}, ++ #endif ++ #ifdef X509V3_R_NO_ISSUER_DETAILS ++ {"NO_ISSUER_DETAILS", ERR_LIB_X509V3, X509V3_R_NO_ISSUER_DETAILS}, ++ #else ++ {"NO_ISSUER_DETAILS", 34, 127}, ++ #endif ++ #ifdef X509V3_R_NO_POLICY_IDENTIFIER ++ {"NO_POLICY_IDENTIFIER", ERR_LIB_X509V3, X509V3_R_NO_POLICY_IDENTIFIER}, ++ #else ++ {"NO_POLICY_IDENTIFIER", 34, 139}, ++ #endif ++ #ifdef X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED ++ {"NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED", ERR_LIB_X509V3, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED}, ++ #else ++ {"NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED", 34, 154}, ++ #endif ++ #ifdef X509V3_R_NO_PUBLIC_KEY ++ {"NO_PUBLIC_KEY", ERR_LIB_X509V3, X509V3_R_NO_PUBLIC_KEY}, ++ #else ++ {"NO_PUBLIC_KEY", 34, 114}, ++ #endif ++ #ifdef X509V3_R_NO_SUBJECT_DETAILS ++ {"NO_SUBJECT_DETAILS", ERR_LIB_X509V3, X509V3_R_NO_SUBJECT_DETAILS}, ++ #else ++ {"NO_SUBJECT_DETAILS", 34, 125}, ++ #endif ++ #ifdef X509V3_R_OPERATION_NOT_DEFINED ++ {"OPERATION_NOT_DEFINED", ERR_LIB_X509V3, X509V3_R_OPERATION_NOT_DEFINED}, ++ #else ++ {"OPERATION_NOT_DEFINED", 34, 148}, ++ #endif ++ #ifdef X509V3_R_OTHERNAME_ERROR ++ {"OTHERNAME_ERROR", ERR_LIB_X509V3, X509V3_R_OTHERNAME_ERROR}, ++ #else ++ {"OTHERNAME_ERROR", 34, 147}, ++ #endif ++ #ifdef X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED ++ {"POLICY_LANGUAGE_ALREADY_DEFINED", ERR_LIB_X509V3, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED}, ++ #else ++ {"POLICY_LANGUAGE_ALREADY_DEFINED", 34, 155}, ++ #endif ++ #ifdef X509V3_R_POLICY_PATH_LENGTH ++ {"POLICY_PATH_LENGTH", ERR_LIB_X509V3, X509V3_R_POLICY_PATH_LENGTH}, ++ #else ++ {"POLICY_PATH_LENGTH", 34, 156}, ++ #endif ++ #ifdef X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED ++ {"POLICY_PATH_LENGTH_ALREADY_DEFINED", ERR_LIB_X509V3, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED}, ++ #else ++ {"POLICY_PATH_LENGTH_ALREADY_DEFINED", 34, 157}, ++ #endif ++ #ifdef X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY ++ {"POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY", ERR_LIB_X509V3, X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY}, ++ #else ++ {"POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY", 34, 159}, ++ #endif ++ #ifdef X509V3_R_SECTION_NOT_FOUND ++ {"SECTION_NOT_FOUND", ERR_LIB_X509V3, X509V3_R_SECTION_NOT_FOUND}, ++ #else ++ {"SECTION_NOT_FOUND", 34, 150}, ++ #endif ++ #ifdef X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ++ {"UNABLE_TO_GET_ISSUER_DETAILS", ERR_LIB_X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS}, ++ #else ++ {"UNABLE_TO_GET_ISSUER_DETAILS", 34, 122}, ++ #endif ++ #ifdef X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ++ {"UNABLE_TO_GET_ISSUER_KEYID", ERR_LIB_X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID}, ++ #else ++ {"UNABLE_TO_GET_ISSUER_KEYID", 34, 123}, ++ #endif ++ #ifdef X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ++ {"UNKNOWN_BIT_STRING_ARGUMENT", ERR_LIB_X509V3, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT}, ++ #else ++ {"UNKNOWN_BIT_STRING_ARGUMENT", 34, 111}, ++ #endif ++ #ifdef X509V3_R_UNKNOWN_EXTENSION ++ {"UNKNOWN_EXTENSION", ERR_LIB_X509V3, X509V3_R_UNKNOWN_EXTENSION}, ++ #else ++ {"UNKNOWN_EXTENSION", 34, 129}, ++ #endif ++ #ifdef X509V3_R_UNKNOWN_EXTENSION_NAME ++ {"UNKNOWN_EXTENSION_NAME", ERR_LIB_X509V3, X509V3_R_UNKNOWN_EXTENSION_NAME}, ++ #else ++ {"UNKNOWN_EXTENSION_NAME", 34, 130}, ++ #endif ++ #ifdef X509V3_R_UNKNOWN_OPTION ++ {"UNKNOWN_OPTION", ERR_LIB_X509V3, X509V3_R_UNKNOWN_OPTION}, ++ #else ++ {"UNKNOWN_OPTION", 34, 120}, ++ #endif ++ #ifdef X509V3_R_UNSUPPORTED_OPTION ++ {"UNSUPPORTED_OPTION", ERR_LIB_X509V3, X509V3_R_UNSUPPORTED_OPTION}, ++ #else ++ {"UNSUPPORTED_OPTION", 34, 117}, ++ #endif ++ #ifdef X509V3_R_UNSUPPORTED_TYPE ++ {"UNSUPPORTED_TYPE", ERR_LIB_X509V3, X509V3_R_UNSUPPORTED_TYPE}, ++ #else ++ {"UNSUPPORTED_TYPE", 34, 167}, ++ #endif ++ #ifdef X509V3_R_USER_TOO_LONG ++ {"USER_TOO_LONG", ERR_LIB_X509V3, X509V3_R_USER_TOO_LONG}, ++ #else ++ {"USER_TOO_LONG", 34, 132}, ++ #endif ++ #ifdef X509_R_AKID_MISMATCH ++ {"AKID_MISMATCH", ERR_LIB_X509, X509_R_AKID_MISMATCH}, ++ #else ++ {"AKID_MISMATCH", 11, 110}, ++ #endif ++ #ifdef X509_R_BAD_SELECTOR ++ {"BAD_SELECTOR", ERR_LIB_X509, X509_R_BAD_SELECTOR}, ++ #else ++ {"BAD_SELECTOR", 11, 133}, ++ #endif ++ #ifdef X509_R_BAD_X509_FILETYPE ++ {"BAD_X509_FILETYPE", ERR_LIB_X509, X509_R_BAD_X509_FILETYPE}, ++ #else ++ {"BAD_X509_FILETYPE", 11, 100}, ++ #endif ++ #ifdef X509_R_BASE64_DECODE_ERROR ++ {"BASE64_DECODE_ERROR", ERR_LIB_X509, X509_R_BASE64_DECODE_ERROR}, ++ #else ++ {"BASE64_DECODE_ERROR", 11, 118}, ++ #endif ++ #ifdef X509_R_CANT_CHECK_DH_KEY ++ {"CANT_CHECK_DH_KEY", ERR_LIB_X509, X509_R_CANT_CHECK_DH_KEY}, ++ #else ++ {"CANT_CHECK_DH_KEY", 11, 114}, ++ #endif ++ #ifdef X509_R_CERTIFICATE_VERIFICATION_FAILED ++ {"CERTIFICATE_VERIFICATION_FAILED", ERR_LIB_X509, X509_R_CERTIFICATE_VERIFICATION_FAILED}, ++ #else ++ {"CERTIFICATE_VERIFICATION_FAILED", 11, 139}, ++ #endif ++ #ifdef X509_R_CERT_ALREADY_IN_HASH_TABLE ++ {"CERT_ALREADY_IN_HASH_TABLE", ERR_LIB_X509, X509_R_CERT_ALREADY_IN_HASH_TABLE}, ++ #else ++ {"CERT_ALREADY_IN_HASH_TABLE", 11, 101}, ++ #endif ++ #ifdef X509_R_CRL_ALREADY_DELTA ++ {"CRL_ALREADY_DELTA", ERR_LIB_X509, X509_R_CRL_ALREADY_DELTA}, ++ #else ++ {"CRL_ALREADY_DELTA", 11, 127}, ++ #endif ++ #ifdef X509_R_CRL_VERIFY_FAILURE ++ {"CRL_VERIFY_FAILURE", ERR_LIB_X509, X509_R_CRL_VERIFY_FAILURE}, ++ #else ++ {"CRL_VERIFY_FAILURE", 11, 131}, ++ #endif ++ #ifdef X509_R_ERROR_GETTING_MD_BY_NID ++ {"ERROR_GETTING_MD_BY_NID", ERR_LIB_X509, X509_R_ERROR_GETTING_MD_BY_NID}, ++ #else ++ {"ERROR_GETTING_MD_BY_NID", 11, 141}, ++ #endif ++ #ifdef X509_R_ERROR_USING_SIGINF_SET ++ {"ERROR_USING_SIGINF_SET", ERR_LIB_X509, X509_R_ERROR_USING_SIGINF_SET}, ++ #else ++ {"ERROR_USING_SIGINF_SET", 11, 142}, ++ #endif ++ #ifdef X509_R_IDP_MISMATCH ++ {"IDP_MISMATCH", ERR_LIB_X509, X509_R_IDP_MISMATCH}, ++ #else ++ {"IDP_MISMATCH", 11, 128}, ++ #endif ++ #ifdef X509_R_INVALID_ATTRIBUTES ++ {"INVALID_ATTRIBUTES", ERR_LIB_X509, X509_R_INVALID_ATTRIBUTES}, ++ #else ++ {"INVALID_ATTRIBUTES", 11, 138}, ++ #endif ++ #ifdef X509_R_INVALID_DIRECTORY ++ {"INVALID_DIRECTORY", ERR_LIB_X509, X509_R_INVALID_DIRECTORY}, ++ #else ++ {"INVALID_DIRECTORY", 11, 113}, ++ #endif ++ #ifdef X509_R_INVALID_DISTPOINT ++ {"INVALID_DISTPOINT", ERR_LIB_X509, X509_R_INVALID_DISTPOINT}, ++ #else ++ {"INVALID_DISTPOINT", 11, 143}, ++ #endif ++ #ifdef X509_R_INVALID_FIELD_NAME ++ {"INVALID_FIELD_NAME", ERR_LIB_X509, X509_R_INVALID_FIELD_NAME}, ++ #else ++ {"INVALID_FIELD_NAME", 11, 119}, ++ #endif ++ #ifdef X509_R_INVALID_TRUST ++ {"INVALID_TRUST", ERR_LIB_X509, X509_R_INVALID_TRUST}, ++ #else ++ {"INVALID_TRUST", 11, 123}, ++ #endif ++ #ifdef X509_R_ISSUER_MISMATCH ++ {"ISSUER_MISMATCH", ERR_LIB_X509, X509_R_ISSUER_MISMATCH}, ++ #else ++ {"ISSUER_MISMATCH", 11, 129}, ++ #endif ++ #ifdef X509_R_KEY_TYPE_MISMATCH ++ {"KEY_TYPE_MISMATCH", ERR_LIB_X509, X509_R_KEY_TYPE_MISMATCH}, ++ #else ++ {"KEY_TYPE_MISMATCH", 11, 115}, ++ #endif ++ #ifdef X509_R_KEY_VALUES_MISMATCH ++ {"KEY_VALUES_MISMATCH", ERR_LIB_X509, X509_R_KEY_VALUES_MISMATCH}, ++ #else ++ {"KEY_VALUES_MISMATCH", 11, 116}, ++ #endif ++ #ifdef X509_R_LOADING_CERT_DIR ++ {"LOADING_CERT_DIR", ERR_LIB_X509, X509_R_LOADING_CERT_DIR}, ++ #else ++ {"LOADING_CERT_DIR", 11, 103}, ++ #endif ++ #ifdef X509_R_LOADING_DEFAULTS ++ {"LOADING_DEFAULTS", ERR_LIB_X509, X509_R_LOADING_DEFAULTS}, ++ #else ++ {"LOADING_DEFAULTS", 11, 104}, ++ #endif ++ #ifdef X509_R_METHOD_NOT_SUPPORTED ++ {"METHOD_NOT_SUPPORTED", ERR_LIB_X509, X509_R_METHOD_NOT_SUPPORTED}, ++ #else ++ {"METHOD_NOT_SUPPORTED", 11, 124}, ++ #endif ++ #ifdef X509_R_NAME_TOO_LONG ++ {"NAME_TOO_LONG", ERR_LIB_X509, X509_R_NAME_TOO_LONG}, ++ #else ++ {"NAME_TOO_LONG", 11, 134}, ++ #endif ++ #ifdef X509_R_NEWER_CRL_NOT_NEWER ++ {"NEWER_CRL_NOT_NEWER", ERR_LIB_X509, X509_R_NEWER_CRL_NOT_NEWER}, ++ #else ++ {"NEWER_CRL_NOT_NEWER", 11, 132}, ++ #endif ++ #ifdef X509_R_NO_CERTIFICATE_FOUND ++ {"NO_CERTIFICATE_FOUND", ERR_LIB_X509, X509_R_NO_CERTIFICATE_FOUND}, ++ #else ++ {"NO_CERTIFICATE_FOUND", 11, 135}, ++ #endif ++ #ifdef X509_R_NO_CERTIFICATE_OR_CRL_FOUND ++ {"NO_CERTIFICATE_OR_CRL_FOUND", ERR_LIB_X509, X509_R_NO_CERTIFICATE_OR_CRL_FOUND}, ++ #else ++ {"NO_CERTIFICATE_OR_CRL_FOUND", 11, 136}, ++ #endif ++ #ifdef X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ++ {"NO_CERT_SET_FOR_US_TO_VERIFY", ERR_LIB_X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY}, ++ #else ++ {"NO_CERT_SET_FOR_US_TO_VERIFY", 11, 105}, ++ #endif ++ #ifdef X509_R_NO_CRL_FOUND ++ {"NO_CRL_FOUND", ERR_LIB_X509, X509_R_NO_CRL_FOUND}, ++ #else ++ {"NO_CRL_FOUND", 11, 137}, ++ #endif ++ #ifdef X509_R_NO_CRL_NUMBER ++ {"NO_CRL_NUMBER", ERR_LIB_X509, X509_R_NO_CRL_NUMBER}, ++ #else ++ {"NO_CRL_NUMBER", 11, 130}, ++ #endif ++ #ifdef X509_R_PUBLIC_KEY_DECODE_ERROR ++ {"PUBLIC_KEY_DECODE_ERROR", ERR_LIB_X509, X509_R_PUBLIC_KEY_DECODE_ERROR}, ++ #else ++ {"PUBLIC_KEY_DECODE_ERROR", 11, 125}, ++ #endif ++ #ifdef X509_R_PUBLIC_KEY_ENCODE_ERROR ++ {"PUBLIC_KEY_ENCODE_ERROR", ERR_LIB_X509, X509_R_PUBLIC_KEY_ENCODE_ERROR}, ++ #else ++ {"PUBLIC_KEY_ENCODE_ERROR", 11, 126}, ++ #endif ++ #ifdef X509_R_SHOULD_RETRY ++ {"SHOULD_RETRY", ERR_LIB_X509, X509_R_SHOULD_RETRY}, ++ #else ++ {"SHOULD_RETRY", 11, 106}, ++ #endif ++ #ifdef X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN ++ {"UNABLE_TO_FIND_PARAMETERS_IN_CHAIN", ERR_LIB_X509, X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN}, ++ #else ++ {"UNABLE_TO_FIND_PARAMETERS_IN_CHAIN", 11, 107}, ++ #endif ++ #ifdef X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ++ {"UNABLE_TO_GET_CERTS_PUBLIC_KEY", ERR_LIB_X509, X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY}, ++ #else ++ {"UNABLE_TO_GET_CERTS_PUBLIC_KEY", 11, 108}, ++ #endif ++ #ifdef X509_R_UNKNOWN_KEY_TYPE ++ {"UNKNOWN_KEY_TYPE", ERR_LIB_X509, X509_R_UNKNOWN_KEY_TYPE}, ++ #else ++ {"UNKNOWN_KEY_TYPE", 11, 117}, ++ #endif ++ #ifdef X509_R_UNKNOWN_NID ++ {"UNKNOWN_NID", ERR_LIB_X509, X509_R_UNKNOWN_NID}, ++ #else ++ {"UNKNOWN_NID", 11, 109}, ++ #endif ++ #ifdef X509_R_UNKNOWN_PURPOSE_ID ++ {"UNKNOWN_PURPOSE_ID", ERR_LIB_X509, X509_R_UNKNOWN_PURPOSE_ID}, ++ #else ++ {"UNKNOWN_PURPOSE_ID", 11, 121}, ++ #endif ++ #ifdef X509_R_UNKNOWN_SIGID_ALGS ++ {"UNKNOWN_SIGID_ALGS", ERR_LIB_X509, X509_R_UNKNOWN_SIGID_ALGS}, ++ #else ++ {"UNKNOWN_SIGID_ALGS", 11, 144}, ++ #endif ++ #ifdef X509_R_UNKNOWN_TRUST_ID ++ {"UNKNOWN_TRUST_ID", ERR_LIB_X509, X509_R_UNKNOWN_TRUST_ID}, ++ #else ++ {"UNKNOWN_TRUST_ID", 11, 120}, ++ #endif ++ #ifdef X509_R_UNSUPPORTED_ALGORITHM ++ {"UNSUPPORTED_ALGORITHM", ERR_LIB_X509, X509_R_UNSUPPORTED_ALGORITHM}, ++ #else ++ {"UNSUPPORTED_ALGORITHM", 11, 111}, ++ #endif ++ #ifdef X509_R_WRONG_LOOKUP_TYPE ++ {"WRONG_LOOKUP_TYPE", ERR_LIB_X509, X509_R_WRONG_LOOKUP_TYPE}, ++ #else ++ {"WRONG_LOOKUP_TYPE", 11, 112}, ++ #endif ++ #ifdef X509_R_WRONG_TYPE ++ {"WRONG_TYPE", ERR_LIB_X509, X509_R_WRONG_TYPE}, ++ #else ++ {"WRONG_TYPE", 11, 122}, ++ #endif ++ { NULL } ++}; ++ +diff --git a/Tools/ssl/make_ssl_data.py b/Tools/ssl/make_ssl_data.py +index 3fb49852f4..ca8ecfb260 100755 +--- a/Tools/ssl/make_ssl_data.py ++++ b/Tools/ssl/make_ssl_data.py +@@ -6,82 +6,129 @@ This script should be called *manually* when we want to upgrade SSLError + + It takes two arguments: + - the path to the OpenSSL source tree (e.g. git checkout) +-- the path to the C file to be generated +- (probably Modules/_ssl_data.h) ++- the path to the header file to be generated Modules/_ssl_data_{version}.h ++- error codes are version specific + """ + ++import argparse + import datetime ++import operator + import os + import re + import sys +-import _ssl + + +-def parse_error_codes(h_file, prefix, libcode): +- pat = re.compile(r"#define\W+(%s([\w]+))\W+(\d+)\b" % re.escape(prefix)) +- codes = [] +- with open(h_file, "r", encoding="latin1") as f: ++parser = argparse.ArgumentParser( ++ description="Generate ssl_data.h from OpenSSL sources" ++) ++parser.add_argument("srcdir", help="OpenSSL source directory") ++parser.add_argument( ++ "output", nargs="?", type=argparse.FileType("w"), default=sys.stdout ++) ++ ++ ++def _file_search(fname, pat): ++ with open(fname, encoding="utf-8") as f: + for line in f: + match = pat.search(line) +- if match: +- code, name, num = match.groups() +- num = int(num) +- # e.g. ("SSL_R_BAD_DATA", ("ERR_LIB_SSL", "BAD_DATA", 390)) +- codes.append((code, (libcode, name, num))) +- return codes ++ if match is not None: ++ yield match ++ ++ ++def parse_err_h(args): ++ """Parse err codes, e.g. ERR_LIB_X509: 11""" ++ pat = re.compile(r"#\s*define\W+ERR_LIB_(\w+)\s+(\d+)") ++ lib2errnum = {} ++ for match in _file_search(args.err_h, pat): ++ libname, num = match.groups() ++ lib2errnum[libname] = int(num) ++ ++ return lib2errnum ++ ++ ++def parse_openssl_error_text(args): ++ """Parse error reasons, X509_R_AKID_MISMATCH""" ++ # ignore backslash line continuation for now ++ pat = re.compile(r"^((\w+?)_R_(\w+)):(\d+):") ++ for match in _file_search(args.errtxt, pat): ++ reason, libname, errname, num = match.groups() ++ if "_F_" in reason: ++ # ignore function codes ++ continue ++ num = int(num) ++ yield reason, libname, errname, num ++ ++ ++def parse_extra_reasons(args): ++ """Parse extra reasons from openssl.ec""" ++ pat = re.compile(r"^R\s+((\w+)_R_(\w+))\s+(\d+)") ++ for match in _file_search(args.errcodes, pat): ++ reason, libname, errname, num = match.groups() ++ num = int(num) ++ yield reason, libname, errname, num ++ ++ ++def gen_library_codes(args): ++ """Generate table short libname to numeric code""" ++ yield "static struct py_ssl_library_code library_codes[] = {" ++ for libname in sorted(args.lib2errnum): ++ yield f"#ifdef ERR_LIB_{libname}" ++ yield f' {{"{libname}", ERR_LIB_{libname}}},' ++ yield "#endif" ++ yield " { NULL }" ++ yield "};" ++ yield "" ++ ++ ++def gen_error_codes(args): ++ """Generate error code table for error reasons""" ++ yield "static struct py_ssl_error_code error_codes[] = {" ++ for reason, libname, errname, num in args.reasons: ++ yield f" #ifdef {reason}" ++ yield f' {{"{errname}", ERR_LIB_{libname}, {reason}}},' ++ yield " #else" ++ yield f' {{"{errname}", {args.lib2errnum[libname]}, {num}}},' ++ yield " #endif" ++ ++ yield " { NULL }" ++ yield "};" ++ yield "" ++ ++ ++def main(): ++ args = parser.parse_args() ++ ++ args.err_h = os.path.join(args.srcdir, "include", "openssl", "err.h") ++ if not os.path.isfile(args.err_h): ++ # Fall back to infile for OpenSSL 3.0.0 ++ args.err_h += ".in" ++ args.errcodes = os.path.join(args.srcdir, "crypto", "err", "openssl.ec") ++ args.errtxt = os.path.join(args.srcdir, "crypto", "err", "openssl.txt") ++ ++ if not os.path.isfile(args.errtxt): ++ parser.error(f"File {args.errtxt} not found in srcdir\n.") ++ ++ # {X509: 11, ...} ++ args.lib2errnum = parse_err_h(args) ++ ++ # [('X509_R_AKID_MISMATCH', 'X509', 'AKID_MISMATCH', 110), ...] ++ reasons = [] ++ reasons.extend(parse_openssl_error_text(args)) ++ reasons.extend(parse_extra_reasons(args)) ++ # sort by libname, numeric error code ++ args.reasons = sorted(reasons, key=operator.itemgetter(0, 3)) ++ ++ lines = [ ++ "/* File generated by Tools/ssl/make_ssl_data.py */" ++ f"/* Generated on {datetime.datetime.utcnow().isoformat()} */" ++ ] ++ lines.extend(gen_library_codes(args)) ++ lines.append("") ++ lines.extend(gen_error_codes(args)) ++ ++ for line in lines: ++ args.output.write(line + "\n") ++ + + if __name__ == "__main__": +- openssl_inc = sys.argv[1] +- outfile = sys.argv[2] +- use_stdout = outfile == '-' +- f = sys.stdout if use_stdout else open(outfile, "w") +- error_libraries = { +- # mnemonic -> (library code, error prefix, header file) +- 'PEM': ('ERR_LIB_PEM', 'PEM_R_', 'crypto/pem/pem.h'), +- 'SSL': ('ERR_LIB_SSL', 'SSL_R_', 'ssl/ssl.h'), +- 'X509': ('ERR_LIB_X509', 'X509_R_', 'crypto/x509/x509.h'), +- } +- +- # Read codes from libraries +- new_codes = [] +- for libcode, prefix, h_file in sorted(error_libraries.values()): +- new_codes += parse_error_codes(os.path.join(openssl_inc, h_file), +- prefix, libcode) +- new_code_nums = set((libcode, num) +- for (code, (libcode, name, num)) in new_codes) +- +- # Merge with existing codes (in case some old codes disappeared). +- codes = {} +- for errname, (libnum, errnum) in _ssl.err_names_to_codes.items(): +- lib = error_libraries[_ssl.lib_codes_to_names[libnum]] +- libcode = lib[0] # e.g. ERR_LIB_PEM +- errcode = lib[1] + errname # e.g. SSL_R_BAD_SSL_SESSION_ID_LENGTH +- # Only keep it if the numeric codes weren't reused +- if (libcode, errnum) not in new_code_nums: +- codes[errcode] = libcode, errname, errnum +- codes.update(dict(new_codes)) +- +- def w(l): +- f.write(l + "\n") +- w("/* File generated by Tools/ssl/make_ssl_data.py */") +- w("/* Generated on %s */" % datetime.datetime.now().isoformat()) +- w("") +- +- w("static struct py_ssl_library_code library_codes[] = {") +- for mnemo, (libcode, _, _) in sorted(error_libraries.items()): +- w(' {"%s", %s},' % (mnemo, libcode)) +- w(' { NULL }') +- w('};') +- w("") +- +- w("static struct py_ssl_error_code error_codes[] = {") +- for errcode, (libcode, name, num) in sorted(codes.items()): +- w(' #ifdef %s' % (errcode)) +- w(' {"%s", %s, %s},' % (name, libcode, errcode)) +- w(' #else') +- w(' {"%s", %s, %d},' % (name, libcode, num)) +- w(' #endif') +- w(' { NULL }') +- w('};') +- if not use_stdout: +- f.close() ++ main() +diff --git a/Tools/ssl/multissltests.py b/Tools/ssl/multissltests.py +index 2264c93310..c73e2b7842 100755 +--- a/Tools/ssl/multissltests.py ++++ b/Tools/ssl/multissltests.py +@@ -49,7 +49,8 @@ OPENSSL_OLD_VERSIONS = [ + OPENSSL_RECENT_VERSIONS = [ + "1.0.2p", + "1.1.0i", +- "1.1.1", ++ "1.1.1k", ++ "3.0.3", + ] + + LIBRESSL_OLD_VERSIONS = [ +diff --git a/setup.py b/setup.py +index 64d948d79c..4be70f88c1 100644 +--- a/setup.py ++++ b/setup.py +@@ -869,37 +869,17 @@ class PyBuildExt(build_ext): + include_dirs = ssl_incs, + library_dirs = ssl_libs, + libraries = ['ssl', 'crypto'], +- depends = ['socketmodule.h']), ) ++ depends = [ ++ 'socketmodule.h', ++ '_ssl_data.h', ++ '_ssl_data_111.h', ++ '_ssl_data_300.h', ++ ])) + else: + missing.append('_ssl') + +- # find out which version of OpenSSL we have +- openssl_ver = 0 +- openssl_ver_re = re.compile( +- r'^\s*#\s*define\s+OPENSSL_VERSION_NUMBER\s+(0x[0-9a-fA-F]+)' ) +- +- # look for the openssl version header on the compiler search path. +- opensslv_h = find_file('openssl/opensslv.h', [], +- inc_dirs + search_for_ssl_incs_in) +- if opensslv_h: +- name = os.path.join(opensslv_h[0], 'openssl/opensslv.h') +- if host_platform == 'darwin' and is_macosx_sdk_path(name): +- name = os.path.join(macosx_sdk_root(), name[1:]) +- try: +- with open(name, 'r') as incfile: +- for line in incfile: +- m = openssl_ver_re.match(line) +- if m: +- openssl_ver = int(m.group(1), 16) +- break +- except IOError as msg: +- print("IOError while reading opensshv.h:", msg) +- +- #print('openssl_ver = 0x%08x' % openssl_ver) +- min_openssl_ver = 0x00907000 + have_any_openssl = ssl_incs is not None and ssl_libs is not None +- have_usable_openssl = (have_any_openssl and +- openssl_ver >= min_openssl_ver) ++ have_usable_openssl = have_any_openssl + + if have_any_openssl: + if have_usable_openssl: diff --git a/00375-fix-test_distance-to-enable-build-on-i686.patch b/00375-fix-test_distance-to-enable-build-on-i686.patch new file mode 100644 index 0000000..f9bf53a --- /dev/null +++ b/00375-fix-test_distance-to-enable-build-on-i686.patch @@ -0,0 +1,33 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Karolina Surma +Date: Mon, 24 Jan 2022 09:28:30 +0100 +Subject: 00375: Fix test_distance to enable build on i686 + +Fix precision in test_distance (test.test_turtle.TestVec2D). +See: https://bugzilla.redhat.com/show_bug.cgi?id=2038843 +--- + Lib/test/test_turtle.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/Lib/test/test_turtle.py b/Lib/test/test_turtle.py +index 2fd10ccd50..2d2034ef8a 100644 +--- a/Lib/test/test_turtle.py ++++ b/Lib/test/test_turtle.py +@@ -220,7 +220,7 @@ class TestVec2D(VectorComparisonMixin, unittest.TestCase): + def test_distance(self): + vec = Vec2D(6, 8) + expected = 10 +- self.assertEqual(abs(vec), expected) ++ self.assertAlmostEqual(abs(vec), expected) + + vec = Vec2D(0, 0) + expected = 0 +@@ -228,7 +228,7 @@ class TestVec2D(VectorComparisonMixin, unittest.TestCase): + + vec = Vec2D(2.5, 6) + expected = 6.5 +- self.assertEqual(abs(vec), expected) ++ self.assertAlmostEqual(abs(vec), expected) + + def test_rotate(self): + diff --git a/00378-support-expat-2-4-5.patch b/00378-support-expat-2-4-5.patch new file mode 100644 index 0000000..29d2fc0 --- /dev/null +++ b/00378-support-expat-2-4-5.patch @@ -0,0 +1,100 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping +Date: Mon, 21 Feb 2022 15:48:32 +0100 +Subject: 00378: Support expat 2.4.5 + +Curly brackets were never allowed in namespace URIs +according to RFC 3986, and so-called namespace-validating +XML parsers have the right to reject them a invalid URIs. + +libexpat >=2.4.5 has become strcter in that regard due to +related security issues; with ET.XML instantiating a +namespace-aware parser under the hood, this test has no +future in CPython. + +References: +- https://datatracker.ietf.org/doc/html/rfc3968 +- https://www.w3.org/TR/xml-names/ + +Also, test_minidom.py: Support Expat >=2.4.5 + +Upstream: https://bugs.python.org/issue46811 + +Co-authored-by: Sebastian Pipping +--- + Lib/test/test_minidom.py | 17 +++++++++++++++-- + Lib/test/test_xml_etree.py | 6 ------ + .../2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst | 1 + + 3 files changed, 16 insertions(+), 8 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst + +diff --git a/Lib/test/test_minidom.py b/Lib/test/test_minidom.py +index d55e25edba..03fee2704e 100644 +--- a/Lib/test/test_minidom.py ++++ b/Lib/test/test_minidom.py +@@ -5,10 +5,12 @@ import pickle + from test import support + import unittest + ++import pyexpat + import xml.dom.minidom + + from xml.dom.minidom import parse, Node, Document, parseString + from xml.dom.minidom import getDOMImplementation ++from xml.parsers.expat import ExpatError + + + tstfile = support.findfile("test.xml", subdir="xmltestdata") +@@ -1156,7 +1158,13 @@ class MinidomTest(unittest.TestCase): + + # Verify that character decoding errors raise exceptions instead + # of crashing +- self.assertRaises(UnicodeDecodeError, parseString, ++ if pyexpat.version_info >= (2, 4, 5): ++ self.assertRaises(ExpatError, parseString, ++ b'') ++ self.assertRaises(ExpatError, parseString, ++ b'Comment \xe7a va ? Tr\xe8s bien ?') ++ else: ++ self.assertRaises(UnicodeDecodeError, parseString, + b'Comment \xe7a va ? Tr\xe8s bien ?') + + doc.unlink() +@@ -1602,7 +1610,12 @@ class MinidomTest(unittest.TestCase): + self.confirm(doc2.namespaceURI == xml.dom.EMPTY_NAMESPACE) + + def testExceptionOnSpacesInXMLNSValue(self): +- with self.assertRaisesRegex(ValueError, 'Unsupported syntax'): ++ if pyexpat.version_info >= (2, 4, 5): ++ context = self.assertRaisesRegex(ExpatError, 'syntax error') ++ else: ++ context = self.assertRaisesRegex(ValueError, 'Unsupported syntax') ++ ++ with context: + parseString('') + + def testDocRemoveChild(self): +diff --git a/Lib/test/test_xml_etree.py b/Lib/test/test_xml_etree.py +index b01709e901..acaa519f42 100644 +--- a/Lib/test/test_xml_etree.py ++++ b/Lib/test/test_xml_etree.py +@@ -1668,12 +1668,6 @@ class BugsTest(unittest.TestCase): + b"\n" + b'tãg') + +- def test_issue3151(self): +- e = ET.XML('') +- self.assertEqual(e.tag, '{${stuff}}localname') +- t = ET.ElementTree(e) +- self.assertEqual(ET.tostring(e), b'') +- + def test_issue6565(self): + elem = ET.XML("") + self.assertEqual(summarize_list(elem), ['tag']) +diff --git a/Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst b/Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst +new file mode 100644 +index 0000000000..6969bd1898 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2022-02-20-21-03-31.bpo-46811.8BxgdQ.rst +@@ -0,0 +1 @@ ++Make test suite support Expat >=2.4.5 diff --git a/00382-cve-2015-20107.patch b/00382-cve-2015-20107.patch new file mode 100644 index 0000000..54ee58b --- /dev/null +++ b/00382-cve-2015-20107.patch @@ -0,0 +1,150 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Petr Viktorin +Date: Fri, 3 Jun 2022 11:43:35 +0200 +Subject: 00382: CVE-2015-20107 + +Make mailcap refuse to match unsafe filenames/types/params (GH-91993) + +Upstream: https://github.com/python/cpython/issues/68966 + +Tracker bug: https://bugzilla.redhat.com/show_bug.cgi?id=2075390 +--- + Doc/library/mailcap.rst | 12 +++++++++ + Lib/mailcap.py | 26 +++++++++++++++++-- + Lib/test/test_mailcap.py | 8 ++++-- + ...2-04-27-18-25-30.gh-issue-68966.gjS8zs.rst | 4 +++ + 4 files changed, 46 insertions(+), 4 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2022-04-27-18-25-30.gh-issue-68966.gjS8zs.rst + +diff --git a/Doc/library/mailcap.rst b/Doc/library/mailcap.rst +index 896afd1d73..849d0bc05f 100644 +--- a/Doc/library/mailcap.rst ++++ b/Doc/library/mailcap.rst +@@ -54,6 +54,18 @@ standard. However, mailcap files are supported on most Unix systems. + use) to determine whether or not the mailcap line applies. :func:`findmatch` + will automatically check such conditions and skip the entry if the check fails. + ++ .. versionchanged:: 3.11 ++ ++ To prevent security issues with shell metacharacters (symbols that have ++ special effects in a shell command line), ``findmatch`` will refuse ++ to inject ASCII characters other than alphanumerics and ``@+=:,./-_`` ++ into the returned command line. ++ ++ If a disallowed character appears in *filename*, ``findmatch`` will always ++ return ``(None, None)`` as if no entry was found. ++ If such a character appears elsewhere (a value in *plist* or in *MIMEtype*), ++ ``findmatch`` will ignore all mailcap entries which use that value. ++ A :mod:`warning ` will be raised in either case. + + .. function:: getcaps() + +diff --git a/Lib/mailcap.py b/Lib/mailcap.py +index bd0fc0981c..dcd4b449e8 100644 +--- a/Lib/mailcap.py ++++ b/Lib/mailcap.py +@@ -2,6 +2,7 @@ + + import os + import warnings ++import re + + __all__ = ["getcaps","findmatch"] + +@@ -13,6 +14,11 @@ def lineno_sort_key(entry): + else: + return 1, 0 + ++_find_unsafe = re.compile(r'[^\xa1-\U0010FFFF\w@+=:,./-]').search ++ ++class UnsafeMailcapInput(Warning): ++ """Warning raised when refusing unsafe input""" ++ + + # Part 1: top-level interface. + +@@ -165,15 +171,22 @@ def findmatch(caps, MIMEtype, key='view', filename="/dev/null", plist=[]): + entry to use. + + """ ++ if _find_unsafe(filename): ++ msg = "Refusing to use mailcap with filename %r. Use a safe temporary filename." % (filename,) ++ warnings.warn(msg, UnsafeMailcapInput) ++ return None, None + entries = lookup(caps, MIMEtype, key) + # XXX This code should somehow check for the needsterminal flag. + for e in entries: + if 'test' in e: + test = subst(e['test'], filename, plist) ++ if test is None: ++ continue + if test and os.system(test) != 0: + continue + command = subst(e[key], MIMEtype, filename, plist) +- return command, e ++ if command is not None: ++ return command, e + return None, None + + def lookup(caps, MIMEtype, key=None): +@@ -206,6 +219,10 @@ def subst(field, MIMEtype, filename, plist=[]): + elif c == 's': + res = res + filename + elif c == 't': ++ if _find_unsafe(MIMEtype): ++ msg = "Refusing to substitute MIME type %r into a shell command." % (MIMEtype,) ++ warnings.warn(msg, UnsafeMailcapInput) ++ return None + res = res + MIMEtype + elif c == '{': + start = i +@@ -213,7 +230,12 @@ def subst(field, MIMEtype, filename, plist=[]): + i = i+1 + name = field[start:i] + i = i+1 +- res = res + findparam(name, plist) ++ param = findparam(name, plist) ++ if _find_unsafe(param): ++ msg = "Refusing to substitute parameter %r (%s) into a shell command" % (param, name) ++ warnings.warn(msg, UnsafeMailcapInput) ++ return None ++ res = res + param + # XXX To do: + # %n == number of parts if type is multipart/* + # %F == list of alternating type and filename for parts +diff --git a/Lib/test/test_mailcap.py b/Lib/test/test_mailcap.py +index c08423c670..920283d9a2 100644 +--- a/Lib/test/test_mailcap.py ++++ b/Lib/test/test_mailcap.py +@@ -121,7 +121,8 @@ class HelperFunctionTest(unittest.TestCase): + (["", "audio/*", "foo.txt"], ""), + (["echo foo", "audio/*", "foo.txt"], "echo foo"), + (["echo %s", "audio/*", "foo.txt"], "echo foo.txt"), +- (["echo %t", "audio/*", "foo.txt"], "echo audio/*"), ++ (["echo %t", "audio/*", "foo.txt"], None), ++ (["echo %t", "audio/wav", "foo.txt"], "echo audio/wav"), + (["echo \\%t", "audio/*", "foo.txt"], "echo %t"), + (["echo foo", "audio/*", "foo.txt", plist], "echo foo"), + (["echo %{total}", "audio/*", "foo.txt", plist], "echo 3") +@@ -205,7 +206,10 @@ class FindmatchTest(unittest.TestCase): + ('"An audio fragment"', audio_basic_entry)), + ([c, "audio/*"], + {"filename": fname}, +- ("/usr/local/bin/showaudio audio/*", audio_entry)), ++ (None, None)), ++ ([c, "audio/wav"], ++ {"filename": fname}, ++ ("/usr/local/bin/showaudio audio/wav", audio_entry)), + ([c, "message/external-body"], + {"plist": plist}, + ("showexternal /dev/null default john python.org /tmp foo bar", message_entry)) +diff --git a/Misc/NEWS.d/next/Security/2022-04-27-18-25-30.gh-issue-68966.gjS8zs.rst b/Misc/NEWS.d/next/Security/2022-04-27-18-25-30.gh-issue-68966.gjS8zs.rst +new file mode 100644 +index 0000000000..da81a1f699 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2022-04-27-18-25-30.gh-issue-68966.gjS8zs.rst +@@ -0,0 +1,4 @@ ++The deprecated mailcap module now refuses to inject unsafe text (filenames, ++MIME types, parameters) into shell commands. Instead of using such text, it ++will warn and act as if a match was not found (or for test commands, as if ++the test failed). diff --git a/00386-cve-2021-28861.patch b/00386-cve-2021-28861.patch new file mode 100644 index 0000000..aee9311 --- /dev/null +++ b/00386-cve-2021-28861.patch @@ -0,0 +1,130 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Wed, 22 Jun 2022 15:05:00 -0700 +Subject: 00386: CVE-2021-28861 + +Fix an open redirection vulnerability in the `http.server` module when +an URI path starts with `//` that could produce a 301 Location header +with a misleading target. Vulnerability discovered, and logic fix +proposed, by Hamza Avvan (@hamzaavvan). + +Test and comments authored by Gregory P. Smith [Google]. +(cherry picked from commit 4abab6b603dd38bec1168e9a37c40a48ec89508e) + +Upstream: https://github.com/python/cpython/pull/93879 +Tracking bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2120642 + +Co-authored-by: Gregory P. Smith +--- + Lib/http/server.py | 7 +++ + Lib/test/test_httpservers.py | 53 ++++++++++++++++++- + ...2-06-15-20-09-23.gh-issue-87389.QVaC3f.rst | 3 ++ + 3 files changed, 61 insertions(+), 2 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst + +diff --git a/Lib/http/server.py b/Lib/http/server.py +index 60a4dadf03..ce05be13d3 100644 +--- a/Lib/http/server.py ++++ b/Lib/http/server.py +@@ -323,6 +323,13 @@ class BaseHTTPRequestHandler(socketserver.StreamRequestHandler): + return False + self.command, self.path, self.request_version = command, path, version + ++ # gh-87389: The purpose of replacing '//' with '/' is to protect ++ # against open redirect attacks possibly triggered if the path starts ++ # with '//' because http clients treat //path as an absolute URI ++ # without scheme (similar to http://path) rather than a path. ++ if self.path.startswith('//'): ++ self.path = '/' + self.path.lstrip('/') # Reduce to a single / ++ + # Examine the headers and look for a Connection directive. + try: + self.headers = http.client.parse_headers(self.rfile, +diff --git a/Lib/test/test_httpservers.py b/Lib/test/test_httpservers.py +index 66e937e04b..5a0a7c3f74 100644 +--- a/Lib/test/test_httpservers.py ++++ b/Lib/test/test_httpservers.py +@@ -324,7 +324,7 @@ class SimpleHTTPServerTestCase(BaseTestCase): + pass + + def setUp(self): +- BaseTestCase.setUp(self) ++ super().setUp() + self.cwd = os.getcwd() + basetempdir = tempfile.gettempdir() + os.chdir(basetempdir) +@@ -343,7 +343,7 @@ class SimpleHTTPServerTestCase(BaseTestCase): + except: + pass + finally: +- BaseTestCase.tearDown(self) ++ super().tearDown() + + def check_status_and_reason(self, response, status, data=None): + def close_conn(): +@@ -399,6 +399,55 @@ class SimpleHTTPServerTestCase(BaseTestCase): + self.check_status_and_reason(response, HTTPStatus.OK, + data=support.TESTFN_UNDECODABLE) + ++ def test_get_dir_redirect_location_domain_injection_bug(self): ++ """Ensure //evil.co/..%2f../../X does not put //evil.co/ in Location. ++ ++ //netloc/ in a Location header is a redirect to a new host. ++ https://github.com/python/cpython/issues/87389 ++ ++ This checks that a path resolving to a directory on our server cannot ++ resolve into a redirect to another server. ++ """ ++ os.mkdir(os.path.join(self.tempdir, 'existing_directory')) ++ url = f'/python.org/..%2f..%2f..%2f..%2f..%2f../%0a%0d/../{self.tempdir_name}/existing_directory' ++ expected_location = f'{url}/' # /python.org.../ single slash single prefix, trailing slash ++ # Canonicalizes to /tmp/tempdir_name/existing_directory which does ++ # exist and is a dir, triggering the 301 redirect logic. ++ response = self.request(url) ++ self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY) ++ location = response.getheader('Location') ++ self.assertEqual(location, expected_location, msg='non-attack failed!') ++ ++ # //python.org... multi-slash prefix, no trailing slash ++ attack_url = f'/{url}' ++ response = self.request(attack_url) ++ self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY) ++ location = response.getheader('Location') ++ self.assertFalse(location.startswith('//'), msg=location) ++ self.assertEqual(location, expected_location, ++ msg='Expected Location header to start with a single / and ' ++ 'end with a / as this is a directory redirect.') ++ ++ # ///python.org... triple-slash prefix, no trailing slash ++ attack3_url = f'//{url}' ++ response = self.request(attack3_url) ++ self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY) ++ self.assertEqual(response.getheader('Location'), expected_location) ++ ++ # If the second word in the http request (Request-URI for the http ++ # method) is a full URI, we don't worry about it, as that'll be parsed ++ # and reassembled as a full URI within BaseHTTPRequestHandler.send_head ++ # so no errant scheme-less //netloc//evil.co/ domain mixup can happen. ++ attack_scheme_netloc_2slash_url = f'https://pypi.org/{url}' ++ expected_scheme_netloc_location = f'{attack_scheme_netloc_2slash_url}/' ++ response = self.request(attack_scheme_netloc_2slash_url) ++ self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY) ++ location = response.getheader('Location') ++ # We're just ensuring that the scheme and domain make it through, if ++ # there are or aren't multiple slashes at the start of the path that ++ # follows that isn't important in this Location: header. ++ self.assertTrue(location.startswith('https://pypi.org/'), msg=location) ++ + def test_get(self): + #constructs the path relative to the root directory of the HTTPServer + response = self.request(self.base_url + '/test') +diff --git a/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst b/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst +new file mode 100644 +index 0000000000..029d437190 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst +@@ -0,0 +1,3 @@ ++:mod:`http.server`: Fix an open redirection vulnerability in the HTTP server ++when an URI path starts with ``//``. Vulnerability discovered, and initial ++fix proposed, by Hamza Avvan. diff --git a/00387-cve-2020-10735-prevent-dos-by-very-large-int.patch b/00387-cve-2020-10735-prevent-dos-by-very-large-int.patch new file mode 100644 index 0000000..7b6dfa0 --- /dev/null +++ b/00387-cve-2020-10735-prevent-dos-by-very-large-int.patch @@ -0,0 +1,1411 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Victor Stinner +Date: Thu, 15 Sep 2022 17:35:24 +0200 +Subject: 00387: CVE-2020-10735: Prevent DoS by very large int() + +gh-95778: CVE-2020-10735: Prevent DoS by very large int() (GH-96504) + +Converting between `int` and `str` in bases other than 2 +(binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now +raises a `ValueError` if the number of digits in string form is above a +limit to avoid potential denial of service attacks due to the algorithmic +complexity. This is a mitigation for CVE-2020-10735 +(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735). + +This new limit can be configured or disabled by environment variable, command +line flag, or :mod:`sys` APIs. See the `Integer String Conversion Length +Limitation` documentation. The default limit is 4300 +digits in string form. + +Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback +from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson. + +Notes on the backport to Python 3.6: + +* Use "Python 3.6.15-13" version in the documentation, whereas this + version will never be released +* Only add _Py_global_config_int_max_str_digits global variable: + Python 3.6 doesn't have PyConfig API (PEP 597) nor _PyRuntime. +* sys.flags.int_max_str_digits cannot be -1 on Python 3.6: it is + set to the default limit. Adapt test_int_max_str_digits() for that. +* Declare _PY_LONG_DEFAULT_MAX_STR_DIGITS and + _PY_LONG_MAX_STR_DIGITS_THRESHOLD macros in longobject.h but only + if the Py_BUILD_CORE macro is defined. +* Declare _Py_global_config_int_max_str_digits in pydebug.h. + +(cherry picked from commit 511ca9452033ef95bc7d7fc404b8161068226002) + +gh-95778: Mention sys.set_int_max_str_digits() in error message (#96874) + +When ValueError is raised if an integer is larger than the limit, +mention sys.set_int_max_str_digits() in the error message. + +(cherry picked from commit e841ffc915e82e5ea6e3b473205417d63494808d) + +gh-96848: Fix -X int_max_str_digits option parsing (#96988) + +Fix command line parsing: reject "-X int_max_str_digits" option with +no value (invalid) when the PYTHONINTMAXSTRDIGITS environment +variable is set to a valid limit. + +(cherry picked from commit 41351662bcd21672d8ccfa62fe44d72027e6bcf8) +--- + Doc/library/functions.rst | 8 + + Doc/library/json.rst | 11 + + Doc/library/stdtypes.rst | 159 ++++++++++++++ + Doc/library/sys.rst | 53 ++++- + Doc/library/test.rst | 10 + + Doc/using/cmdline.rst | 14 ++ + Doc/whatsnew/3.6.rst | 15 ++ + Include/longobject.h | 38 ++++ + Include/pydebug.h | 2 + + Lib/test/support/__init__.py | 10 + + Lib/test/test_ast.py | 8 + + Lib/test/test_cmd_line.py | 35 ++++ + Lib/test/test_compile.py | 13 ++ + Lib/test/test_decimal.py | 18 ++ + Lib/test/test_int.py | 196 ++++++++++++++++++ + Lib/test/test_json/test_decode.py | 8 + + Lib/test/test_sys.py | 11 +- + Lib/test/test_xmlrpc.py | 10 + + ...2-09-16-19-02-40.gh-issue-95778.cJmnst.rst | 3 + + ...08-07-16-53-38.gh-issue-95778.ch010gps.rst | 14 ++ + Modules/main.c | 7 + + Objects/longobject.c | 168 ++++++++++++++- + Python/ast.c | 26 ++- + Python/pylifecycle.c | 2 + + Python/sysmodule.c | 46 +++- + 25 files changed, 870 insertions(+), 15 deletions(-) + create mode 100644 Misc/NEWS.d/next/Core and Builtins/2022-09-16-19-02-40.gh-issue-95778.cJmnst.rst + create mode 100644 Misc/NEWS.d/next/Security/2022-08-07-16-53-38.gh-issue-95778.ch010gps.rst + +diff --git a/Doc/library/functions.rst b/Doc/library/functions.rst +index bc528dd171..72eaf17f64 100644 +--- a/Doc/library/functions.rst ++++ b/Doc/library/functions.rst +@@ -748,6 +748,14 @@ are always available. They are listed here in alphabetical order. + .. versionchanged:: 3.6 + Grouping digits with underscores as in code literals is allowed. + ++ .. versionchanged:: 3.6.15-13 ++ :class:`int` string inputs and string representations can be limited to ++ help avoid denial of service attacks. A :exc:`ValueError` is raised when ++ the limit is exceeded while converting a string *x* to an :class:`int` or ++ when converting an :class:`int` into a string would exceed the limit. ++ See the :ref:`integer string conversion length limitation ++ ` documentation. ++ + + .. function:: isinstance(object, classinfo) + +diff --git a/Doc/library/json.rst b/Doc/library/json.rst +index 98ca86e4b9..51adb4a2ff 100644 +--- a/Doc/library/json.rst ++++ b/Doc/library/json.rst +@@ -18,6 +18,11 @@ is a lightweight data interchange format inspired by + `JavaScript `_ object literal syntax + (although it is not a strict subset of JavaScript [#rfc-errata]_ ). + ++.. warning:: ++ Be cautious when parsing JSON data from untrusted sources. A malicious ++ JSON string may cause the decoder to consume considerable CPU and memory ++ resources. Limiting the size of data to be parsed is recommended. ++ + :mod:`json` exposes an API familiar to users of the standard library + :mod:`marshal` and :mod:`pickle` modules. + +@@ -245,6 +250,12 @@ Basic Usage + be used to use another datatype or parser for JSON integers + (e.g. :class:`float`). + ++ .. versionchanged:: 3.6.15-13 ++ The default *parse_int* of :func:`int` now limits the maximum length of ++ the integer string via the interpreter's :ref:`integer string ++ conversion length limitation ` to help avoid denial ++ of service attacks. ++ + *parse_constant*, if specified, will be called with one of the following + strings: ``'-Infinity'``, ``'Infinity'``, ``'NaN'``. + This can be used to raise an exception if invalid JSON numbers +diff --git a/Doc/library/stdtypes.rst b/Doc/library/stdtypes.rst +index 00e1f4c1bf..7ae0f58c44 100644 +--- a/Doc/library/stdtypes.rst ++++ b/Doc/library/stdtypes.rst +@@ -4671,6 +4671,165 @@ types, where they are relevant. Some of these are not reported by the + [] + + ++.. _int_max_str_digits: ++ ++Integer string conversion length limitation ++=========================================== ++ ++CPython has a global limit for converting between :class:`int` and :class:`str` ++to mitigate denial of service attacks. This limit *only* applies to decimal or ++other non-power-of-two number bases. Hexadecimal, octal, and binary conversions ++are unlimited. The limit can be configured. ++ ++The :class:`int` type in CPython is an abitrary length number stored in binary ++form (commonly known as a "bignum"). There exists no algorithm that can convert ++a string to a binary integer or a binary integer to a string in linear time, ++*unless* the base is a power of 2. Even the best known algorithms for base 10 ++have sub-quadratic complexity. Converting a large value such as ``int('1' * ++500_000)`` can take over a second on a fast CPU. ++ ++Limiting conversion size offers a practical way to avoid `CVE-2020-10735 ++`_. ++ ++The limit is applied to the number of digit characters in the input or output ++string when a non-linear conversion algorithm would be involved. Underscores ++and the sign are not counted towards the limit. ++ ++When an operation would exceed the limit, a :exc:`ValueError` is raised: ++ ++.. doctest:: ++ ++ >>> import sys ++ >>> sys.set_int_max_str_digits(4300) # Illustrative, this is the default. ++ >>> _ = int('2' * 5432) ++ Traceback (most recent call last): ++ ... ++ ValueError: Exceeds the limit (4300) for integer string conversion: value has 5432 digits; use sys.set_int_max_str_digits() to increase the limit. ++ >>> i = int('2' * 4300) ++ >>> len(str(i)) ++ 4300 ++ >>> i_squared = i*i ++ >>> len(str(i_squared)) ++ Traceback (most recent call last): ++ ... ++ ValueError: Exceeds the limit (4300) for integer string conversion: value has 8599 digits; use sys.set_int_max_str_digits() to increase the limit. ++ >>> len(hex(i_squared)) ++ 7144 ++ >>> assert int(hex(i_squared), base=16) == i*i # Hexadecimal is unlimited. ++ ++The default limit is 4300 digits as provided in ++:data:`sys.int_info.default_max_str_digits `. ++The lowest limit that can be configured is 640 digits as provided in ++:data:`sys.int_info.str_digits_check_threshold `. ++ ++Verification: ++ ++.. doctest:: ++ ++ >>> import sys ++ >>> assert sys.int_info.default_max_str_digits == 4300, sys.int_info ++ >>> assert sys.int_info.str_digits_check_threshold == 640, sys.int_info ++ >>> msg = int('578966293710682886880994035146873798396722250538762761564' ++ ... '9252925514383915483333812743580549779436104706260696366600' ++ ... '571186405732').to_bytes(53, 'big') ++ ... ++ ++.. versionadded:: 3.6.15-13 ++ ++Affected APIs ++------------- ++ ++The limitation only applies to potentially slow conversions between :class:`int` ++and :class:`str` or :class:`bytes`: ++ ++* ``int(string)`` with default base 10. ++* ``int(string, base)`` for all bases that are not a power of 2. ++* ``str(integer)``. ++* ``repr(integer)`` ++* any other string conversion to base 10, for example ``f"{integer}"``, ++ ``"{}".format(integer)``, or ``b"%d" % integer``. ++ ++The limitations do not apply to functions with a linear algorithm: ++ ++* ``int(string, base)`` with base 2, 4, 8, 16, or 32. ++* :func:`int.from_bytes` and :func:`int.to_bytes`. ++* :func:`hex`, :func:`oct`, :func:`bin`. ++* :ref:`formatspec` for hex, octal, and binary numbers. ++* :class:`str` to :class:`float`. ++* :class:`str` to :class:`decimal.Decimal`. ++ ++Configuring the limit ++--------------------- ++ ++Before Python starts up you can use an environment variable or an interpreter ++command line flag to configure the limit: ++ ++* :envvar:`PYTHONINTMAXSTRDIGITS`, e.g. ++ ``PYTHONINTMAXSTRDIGITS=640 python3`` to set the limit to 640 or ++ ``PYTHONINTMAXSTRDIGITS=0 python3`` to disable the limitation. ++* :option:`-X int_max_str_digits <-X>`, e.g. ++ ``python3 -X int_max_str_digits=640`` ++* :data:`sys.flags.int_max_str_digits` contains the value of ++ :envvar:`PYTHONINTMAXSTRDIGITS` or :option:`-X int_max_str_digits <-X>`. ++ If both the env var and the ``-X`` option are set, the ``-X`` option takes ++ precedence. A value of *-1* indicates that both were unset, thus a value of ++ :data:`sys.int_info.default_max_str_digits` was used during initilization. ++ ++From code, you can inspect the current limit and set a new one using these ++:mod:`sys` APIs: ++ ++* :func:`sys.get_int_max_str_digits` and :func:`sys.set_int_max_str_digits` are ++ a getter and setter for the interpreter-wide limit. Subinterpreters have ++ their own limit. ++ ++Information about the default and minimum can be found in :attr:`sys.int_info`: ++ ++* :data:`sys.int_info.default_max_str_digits ` is the compiled-in ++ default limit. ++* :data:`sys.int_info.str_digits_check_threshold ` is the lowest ++ accepted value for the limit (other than 0 which disables it). ++ ++.. versionadded:: 3.6.15-13 ++ ++.. caution:: ++ ++ Setting a low limit *can* lead to problems. While rare, code exists that ++ contains integer constants in decimal in their source that exceed the ++ minimum threshold. A consequence of setting the limit is that Python source ++ code containing decimal integer literals longer than the limit will ++ encounter an error during parsing, usually at startup time or import time or ++ even at installation time - anytime an up to date ``.pyc`` does not already ++ exist for the code. A workaround for source that contains such large ++ constants is to convert them to ``0x`` hexadecimal form as it has no limit. ++ ++ Test your application thoroughly if you use a low limit. Ensure your tests ++ run with the limit set early via the environment or flag so that it applies ++ during startup and even during any installation step that may invoke Python ++ to precompile ``.py`` sources to ``.pyc`` files. ++ ++Recommended configuration ++------------------------- ++ ++The default :data:`sys.int_info.default_max_str_digits` is expected to be ++reasonable for most applications. If your application requires a different ++limit, set it from your main entry point using Python version agnostic code as ++these APIs were added in security patch releases in versions before 3.11. ++ ++Example:: ++ ++ >>> import sys ++ >>> if hasattr(sys, "set_int_max_str_digits"): ++ ... upper_bound = 68000 ++ ... lower_bound = 4004 ++ ... current_limit = sys.get_int_max_str_digits() ++ ... if current_limit == 0 or current_limit > upper_bound: ++ ... sys.set_int_max_str_digits(upper_bound) ++ ... elif current_limit < lower_bound: ++ ... sys.set_int_max_str_digits(lower_bound) ++ ++If you need to disable it entirely, set it to ``0``. ++ ++ + .. rubric:: Footnotes + + .. [1] Additional information on these special methods may be found in the Python +diff --git a/Doc/library/sys.rst b/Doc/library/sys.rst +index 91984667bf..f1e6f3bcf0 100644 +--- a/Doc/library/sys.rst ++++ b/Doc/library/sys.rst +@@ -296,6 +296,7 @@ always available. + :const:`bytes_warning` :option:`-b` + :const:`quiet` :option:`-q` + :const:`hash_randomization` :option:`-R` ++ :const:`int_max_str_digits` :option:`-X int_max_str_digits <-X>` (:ref:`integer string conversion length limitation `) + ============================= ============================= + + .. versionchanged:: 3.2 +@@ -310,6 +311,9 @@ always available. + .. versionchanged:: 3.4 + Added ``isolated`` attribute for :option:`-I` ``isolated`` flag. + ++ .. versionchanged:: 3.6.15-13 ++ Added the ``int_max_str_digits`` attribute. ++ + .. data:: float_info + + A :term:`struct sequence` holding information about the float type. It +@@ -468,6 +472,15 @@ always available. + + .. versionadded:: 3.6 + ++ ++.. function:: get_int_max_str_digits() ++ ++ Returns the current value for the :ref:`integer string conversion length ++ limitation `. See also :func:`set_int_max_str_digits`. ++ ++ .. versionadded:: 3.6.15-13 ++ ++ + .. function:: getrefcount(object) + + Return the reference count of the *object*. The count returned is generally one +@@ -730,19 +743,31 @@ always available. + + .. tabularcolumns:: |l|L| + +- +-------------------------+----------------------------------------------+ +- | Attribute | Explanation | +- +=========================+==============================================+ +- | :const:`bits_per_digit` | number of bits held in each digit. Python | +- | | integers are stored internally in base | +- | | ``2**int_info.bits_per_digit`` | +- +-------------------------+----------------------------------------------+ +- | :const:`sizeof_digit` | size in bytes of the C type used to | +- | | represent a digit | +- +-------------------------+----------------------------------------------+ ++ +----------------------------------------+-----------------------------------------------+ ++ | Attribute | Explanation | ++ +========================================+===============================================+ ++ | :const:`bits_per_digit` | number of bits held in each digit. Python | ++ | | integers are stored internally in base | ++ | | ``2**int_info.bits_per_digit`` | ++ +----------------------------------------+-----------------------------------------------+ ++ | :const:`sizeof_digit` | size in bytes of the C type used to | ++ | | represent a digit | ++ +----------------------------------------+-----------------------------------------------+ ++ | :const:`default_max_str_digits` | default value for | ++ | | :func:`sys.get_int_max_str_digits` when it | ++ | | is not otherwise explicitly configured. | ++ +----------------------------------------+-----------------------------------------------+ ++ | :const:`str_digits_check_threshold` | minimum non-zero value for | ++ | | :func:`sys.set_int_max_str_digits`, | ++ | | :envvar:`PYTHONINTMAXSTRDIGITS`, or | ++ | | :option:`-X int_max_str_digits <-X>`. | ++ +----------------------------------------+-----------------------------------------------+ + + .. versionadded:: 3.1 + ++ .. versionchanged:: 3.6.15-13 ++ Added ``default_max_str_digits`` and ``str_digits_check_threshold``. ++ + + .. data:: __interactivehook__ + +@@ -1001,6 +1026,14 @@ always available. + + Availability: Unix. + ++.. function:: set_int_max_str_digits(n) ++ ++ Set the :ref:`integer string conversion length limitation ++ ` used by this interpreter. See also ++ :func:`get_int_max_str_digits`. ++ ++ .. versionadded:: 3.6.15-13 ++ + .. function:: setprofile(profilefunc) + + .. index:: +diff --git a/Doc/library/test.rst b/Doc/library/test.rst +index 04d6cd87ea..a15e7768bb 100644 +--- a/Doc/library/test.rst ++++ b/Doc/library/test.rst +@@ -625,6 +625,16 @@ The :mod:`test.support` module defines the following functions: + .. versionadded:: 3.6 + + ++.. function:: adjust_int_max_str_digits(max_digits) ++ ++ This function returns a context manager that will change the global ++ :func:`sys.set_int_max_str_digits` setting for the duration of the ++ context to allow execution of test code that needs a different limit ++ on the number of digits when converting between an integer and string. ++ ++ .. versionadded:: 3.6.15-13 ++ ++ + The :mod:`test.support` module defines the following classes: + + .. class:: TransientResource(exc, **kwargs) +diff --git a/Doc/using/cmdline.rst b/Doc/using/cmdline.rst +index 65aa3ad0f5..fe7a926ba1 100644 +--- a/Doc/using/cmdline.rst ++++ b/Doc/using/cmdline.rst +@@ -422,6 +422,9 @@ Miscellaneous options + * ``-X showalloccount`` to output the total count of allocated objects for + each type when the program finishes. This only works when Python was built with + ``COUNT_ALLOCS`` defined. ++ * ``-X int_max_str_digits`` configures the :ref:`integer string conversion ++ length limitation `. See also ++ :envvar:`PYTHONINTMAXSTRDIGITS`. + + It also allows passing arbitrary values and retrieving them through the + :data:`sys._xoptions` dictionary. +@@ -438,6 +441,9 @@ Miscellaneous options + .. versionadded:: 3.6 + The ``-X showalloccount`` option. + ++ .. versionadded:: 3.6.15-13 ++ The ``-X int_max_str_digits`` option. ++ + + Options you shouldn't use + ~~~~~~~~~~~~~~~~~~~~~~~~~ +@@ -571,6 +577,14 @@ conflict. + .. versionadded:: 3.2.3 + + ++.. envvar:: PYTHONINTMAXSTRDIGITS ++ ++ If this variable is set to an integer, it is used to configure the ++ interpreter's global :ref:`integer string conversion length limitation ++ `. ++ ++ .. versionadded:: 3.6.15-13 ++ + .. envvar:: PYTHONIOENCODING + + If this is set before running the interpreter, it overrides the encoding used +diff --git a/Doc/whatsnew/3.6.rst b/Doc/whatsnew/3.6.rst +index 5f8f478eb3..19811f4a81 100644 +--- a/Doc/whatsnew/3.6.rst ++++ b/Doc/whatsnew/3.6.rst +@@ -2488,3 +2488,18 @@ ASCII newline ``\n``, ``\r`` and tab ``\t`` characters are stripped from the + URL by the parser :func:`urllib.parse` preventing such attacks. The removal + characters are controlled by a new module level variable + ``urllib.parse._UNSAFE_URL_BYTES_TO_REMOVE``. (See :issue:`43882`) ++ ++ ++Notable security feature in 3.6.15-13 ++===================================== ++ ++Converting between :class:`int` and :class:`str` in bases other than 2 ++(binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) ++now raises a :exc:`ValueError` if the number of digits in string form is ++above a limit to avoid potential denial of service attacks due to the ++algorithmic complexity. This is a mitigation for `CVE-2020-10735 ++`_. ++This limit can be configured or disabled by environment variable, command ++line flag, or :mod:`sys` APIs. See the :ref:`integer string conversion ++length limitation ` documentation. The default limit ++is 4300 digits in string form. +diff --git a/Include/longobject.h b/Include/longobject.h +index efd409c75a..d8a080a3bc 100644 +--- a/Include/longobject.h ++++ b/Include/longobject.h +@@ -209,6 +209,44 @@ PyAPI_FUNC(long) PyOS_strtol(const char *, char **, int); + PyAPI_FUNC(PyObject *) _PyLong_GCD(PyObject *, PyObject *); + #endif /* !Py_LIMITED_API */ + ++#ifdef Py_BUILD_CORE ++/* ++ * Default int base conversion size limitation: Denial of Service prevention. ++ * ++ * Chosen such that this isn't wildly slow on modern hardware and so that ++ * everyone's existing deployed numpy test suite passes before ++ * https://github.com/numpy/numpy/issues/22098 is widely available. ++ * ++ * $ python -m timeit -s 's = "1"*4300' 'int(s)' ++ * 2000 loops, best of 5: 125 usec per loop ++ * $ python -m timeit -s 's = "1"*4300; v = int(s)' 'str(v)' ++ * 1000 loops, best of 5: 311 usec per loop ++ * (zen2 cloud VM) ++ * ++ * 4300 decimal digits fits a ~14284 bit number. ++ */ ++#define _PY_LONG_DEFAULT_MAX_STR_DIGITS 4300 ++/* ++ * Threshold for max digits check. For performance reasons int() and ++ * int.__str__() don't checks values that are smaller than this ++ * threshold. Acts as a guaranteed minimum size limit for bignums that ++ * applications can expect from CPython. ++ * ++ * % python -m timeit -s 's = "1"*640; v = int(s)' 'str(int(s))' ++ * 20000 loops, best of 5: 12 usec per loop ++ * ++ * "640 digits should be enough for anyone." - gps ++ * fits a ~2126 bit decimal number. ++ */ ++#define _PY_LONG_MAX_STR_DIGITS_THRESHOLD 640 ++ ++#if ((_PY_LONG_DEFAULT_MAX_STR_DIGITS != 0) && \ ++ (_PY_LONG_DEFAULT_MAX_STR_DIGITS < _PY_LONG_MAX_STR_DIGITS_THRESHOLD)) ++# error "_PY_LONG_DEFAULT_MAX_STR_DIGITS smaller than threshold." ++#endif ++ ++#endif /* Py_BUILD_CORE */ ++ + #ifdef __cplusplus + } + #endif +diff --git a/Include/pydebug.h b/Include/pydebug.h +index 6e23a896c3..657c55266a 100644 +--- a/Include/pydebug.h ++++ b/Include/pydebug.h +@@ -28,6 +28,8 @@ PyAPI_DATA(int) Py_IsolatedFlag; + PyAPI_DATA(int) Py_LegacyWindowsStdioFlag; + #endif + ++PyAPI_DATA(int) _Py_global_config_int_max_str_digits; ++ + /* this is a wrapper around getenv() that pays attention to + Py_IgnoreEnvironmentFlag. It should be used for getting variables like + PYTHONPATH and PYTHONHOME from the environment */ +diff --git a/Lib/test/support/__init__.py b/Lib/test/support/__init__.py +index 66c0fed841..9ca9ae79e6 100644 +--- a/Lib/test/support/__init__.py ++++ b/Lib/test/support/__init__.py +@@ -2868,3 +2868,13 @@ class FakePath: + raise self.path + else: + return self.path ++ ++@contextlib.contextmanager ++def adjust_int_max_str_digits(max_digits): ++ """Temporarily change the integer string conversion length limit.""" ++ current = sys.get_int_max_str_digits() ++ try: ++ sys.set_int_max_str_digits(max_digits) ++ yield ++ finally: ++ sys.set_int_max_str_digits(current) +diff --git a/Lib/test/test_ast.py b/Lib/test/test_ast.py +index e68d0de2f8..7f2d793634 100644 +--- a/Lib/test/test_ast.py ++++ b/Lib/test/test_ast.py +@@ -571,6 +571,14 @@ class ASTHelpers_Test(unittest.TestCase): + exec(code, ns) + self.assertIn('sleep', ns) + ++ def test_literal_eval_str_int_limit(self): ++ with support.adjust_int_max_str_digits(4000): ++ ast.literal_eval('3'*4000) # no error ++ with self.assertRaises(SyntaxError) as err_ctx: ++ ast.literal_eval('3'*4001) ++ self.assertIn('Exceeds the limit ', str(err_ctx.exception)) ++ self.assertIn(' Consider hexadecimal ', str(err_ctx.exception)) ++ + + class ASTValidatorTests(unittest.TestCase): + +diff --git a/Lib/test/test_cmd_line.py b/Lib/test/test_cmd_line.py +index 5922ed917c..fe456eece8 100644 +--- a/Lib/test/test_cmd_line.py ++++ b/Lib/test/test_cmd_line.py +@@ -502,6 +502,41 @@ class CmdLineTest(unittest.TestCase): + self.assertEqual(proc.returncode, 0, proc) + self.assertEqual(proc.stdout.strip(), b'0') + ++ def test_int_max_str_digits(self): ++ code = "import sys; print(sys.flags.int_max_str_digits, sys.get_int_max_str_digits())" ++ ++ assert_python_failure('-X', 'int_max_str_digits', '-c', code) ++ assert_python_failure('-X', 'int_max_str_digits=foo', '-c', code) ++ assert_python_failure('-X', 'int_max_str_digits=100', '-c', code) ++ assert_python_failure('-X', 'int_max_str_digits', '-c', code, ++ PYTHONINTMAXSTRDIGITS='4000') ++ ++ assert_python_failure('-c', code, PYTHONINTMAXSTRDIGITS='foo') ++ assert_python_failure('-c', code, PYTHONINTMAXSTRDIGITS='100') ++ ++ def res2int(res): ++ out = res.out.strip().decode("utf-8") ++ return tuple(int(i) for i in out.split()) ++ ++ res = assert_python_ok('-c', code) ++ self.assertEqual(res2int(res), (sys.get_int_max_str_digits(), sys.get_int_max_str_digits())) ++ res = assert_python_ok('-X', 'int_max_str_digits=0', '-c', code) ++ self.assertEqual(res2int(res), (0, 0)) ++ res = assert_python_ok('-X', 'int_max_str_digits=4000', '-c', code) ++ self.assertEqual(res2int(res), (4000, 4000)) ++ res = assert_python_ok('-X', 'int_max_str_digits=100000', '-c', code) ++ self.assertEqual(res2int(res), (100000, 100000)) ++ ++ res = assert_python_ok('-c', code, PYTHONINTMAXSTRDIGITS='0') ++ self.assertEqual(res2int(res), (0, 0)) ++ res = assert_python_ok('-c', code, PYTHONINTMAXSTRDIGITS='4000') ++ self.assertEqual(res2int(res), (4000, 4000)) ++ res = assert_python_ok( ++ '-X', 'int_max_str_digits=6000', '-c', code, ++ PYTHONINTMAXSTRDIGITS='4000' ++ ) ++ self.assertEqual(res2int(res), (6000, 6000)) ++ + + def test_main(): + test.support.run_unittest(CmdLineTest) +diff --git a/Lib/test/test_compile.py b/Lib/test/test_compile.py +index 13cc8821b0..00e6468141 100644 +--- a/Lib/test/test_compile.py ++++ b/Lib/test/test_compile.py +@@ -189,6 +189,19 @@ if 1: + self.assertEqual(eval("0o777"), 511) + self.assertEqual(eval("-0o0000010"), -8) + ++ def test_int_literals_too_long(self): ++ n = 3000 ++ source = f"a = 1\nb = 2\nc = {'3'*n}\nd = 4" ++ with support.adjust_int_max_str_digits(n): ++ compile(source, "", "exec") # no errors. ++ with support.adjust_int_max_str_digits(n-1): ++ with self.assertRaises(SyntaxError) as err_ctx: ++ compile(source, "", "exec") ++ exc = err_ctx.exception ++ self.assertEqual(exc.lineno, 3) ++ self.assertIn('Exceeds the limit ', str(exc)) ++ self.assertIn(' Consider hexadecimal ', str(exc)) ++ + def test_unary_minus(self): + # Verify treatment of unary minus on negative numbers SF bug #660455 + if sys.maxsize == 2147483647: +diff --git a/Lib/test/test_decimal.py b/Lib/test/test_decimal.py +index 8808a670f9..4459b82cff 100644 +--- a/Lib/test/test_decimal.py ++++ b/Lib/test/test_decimal.py +@@ -2442,6 +2442,15 @@ class CUsabilityTest(UsabilityTest): + class PyUsabilityTest(UsabilityTest): + decimal = P + ++ def setUp(self): ++ super().setUp() ++ self._previous_int_limit = sys.get_int_max_str_digits() ++ sys.set_int_max_str_digits(7000) ++ ++ def tearDown(self): ++ sys.set_int_max_str_digits(self._previous_int_limit) ++ super().tearDown() ++ + class PythonAPItests(unittest.TestCase): + + def test_abc(self): +@@ -4499,6 +4508,15 @@ class CCoverage(Coverage): + class PyCoverage(Coverage): + decimal = P + ++ def setUp(self): ++ super().setUp() ++ self._previous_int_limit = sys.get_int_max_str_digits() ++ sys.set_int_max_str_digits(7000) ++ ++ def tearDown(self): ++ sys.set_int_max_str_digits(self._previous_int_limit) ++ super().tearDown() ++ + class PyFunctionality(unittest.TestCase): + """Extra functionality in decimal.py""" + +diff --git a/Lib/test/test_int.py b/Lib/test/test_int.py +index a36076e010..6cd9a5ed89 100644 +--- a/Lib/test/test_int.py ++++ b/Lib/test/test_int.py +@@ -1,4 +1,5 @@ + import sys ++import time + + import unittest + from test import support +@@ -514,5 +515,200 @@ class IntTestCases(unittest.TestCase): + self.assertEqual(int('1_2_3_4_5_6_7', 32), 1144132807) + + ++class IntStrDigitLimitsTests(unittest.TestCase): ++ ++ int_class = int # Override this in subclasses to reuse the suite. ++ ++ def setUp(self): ++ super().setUp() ++ self._previous_limit = sys.get_int_max_str_digits() ++ sys.set_int_max_str_digits(2048) ++ ++ def tearDown(self): ++ sys.set_int_max_str_digits(self._previous_limit) ++ super().tearDown() ++ ++ def test_disabled_limit(self): ++ self.assertGreater(sys.get_int_max_str_digits(), 0) ++ self.assertLess(sys.get_int_max_str_digits(), 20_000) ++ with support.adjust_int_max_str_digits(0): ++ self.assertEqual(sys.get_int_max_str_digits(), 0) ++ i = self.int_class('1' * 20_000) ++ str(i) ++ self.assertGreater(sys.get_int_max_str_digits(), 0) ++ ++ def test_max_str_digits_edge_cases(self): ++ """Ignore the +/- sign and space padding.""" ++ int_class = self.int_class ++ maxdigits = sys.get_int_max_str_digits() ++ ++ int_class('1' * maxdigits) ++ int_class(' ' + '1' * maxdigits) ++ int_class('1' * maxdigits + ' ') ++ int_class('+' + '1' * maxdigits) ++ int_class('-' + '1' * maxdigits) ++ self.assertEqual(len(str(10 ** (maxdigits - 1))), maxdigits) ++ ++ def check(self, i, base=None): ++ with self.assertRaises(ValueError): ++ if base is None: ++ self.int_class(i) ++ else: ++ self.int_class(i, base) ++ ++ def test_max_str_digits(self): ++ maxdigits = sys.get_int_max_str_digits() ++ ++ self.check('1' * (maxdigits + 1)) ++ self.check(' ' + '1' * (maxdigits + 1)) ++ self.check('1' * (maxdigits + 1) + ' ') ++ self.check('+' + '1' * (maxdigits + 1)) ++ self.check('-' + '1' * (maxdigits + 1)) ++ self.check('1' * (maxdigits + 1)) ++ ++ i = 10 ** maxdigits ++ with self.assertRaises(ValueError): ++ str(i) ++ ++ def test_denial_of_service_prevented_int_to_str(self): ++ """Regression test: ensure we fail before performing O(N**2) work.""" ++ maxdigits = sys.get_int_max_str_digits() ++ assert maxdigits < 50_000, maxdigits # A test prerequisite. ++ get_time = time.process_time ++ if get_time() <= 0: # some platforms like WASM lack process_time() ++ get_time = time.monotonic ++ ++ huge_int = int(f'0x{"c"*65_000}', base=16) # 78268 decimal digits. ++ digits = 78_268 ++ with support.adjust_int_max_str_digits(digits): ++ start = get_time() ++ huge_decimal = str(huge_int) ++ seconds_to_convert = get_time() - start ++ self.assertEqual(len(huge_decimal), digits) ++ # Ensuring that we chose a slow enough conversion to measure. ++ # It takes 0.1 seconds on a Zen based cloud VM in an opt build. ++ if seconds_to_convert < 0.005: ++ raise unittest.SkipTest('"slow" conversion took only ' ++ f'{seconds_to_convert} seconds.') ++ ++ # We test with the limit almost at the size needed to check performance. ++ # The performant limit check is slightly fuzzy, give it a some room. ++ with support.adjust_int_max_str_digits(int(.995 * digits)): ++ with self.assertRaises(ValueError) as err: ++ start = get_time() ++ str(huge_int) ++ seconds_to_fail_huge = get_time() - start ++ self.assertIn('conversion', str(err.exception)) ++ self.assertLess(seconds_to_fail_huge, seconds_to_convert/8) ++ ++ # Now we test that a conversion that would take 30x as long also fails ++ # in a similarly fast fashion. ++ extra_huge_int = int(f'0x{"c"*500_000}', base=16) # 602060 digits. ++ with self.assertRaises(ValueError) as err: ++ start = get_time() ++ # If not limited, 8 seconds said Zen based cloud VM. ++ str(extra_huge_int) ++ seconds_to_fail_extra_huge = get_time() - start ++ self.assertIn('conversion', str(err.exception)) ++ self.assertLess(seconds_to_fail_extra_huge, seconds_to_convert/8) ++ ++ def test_denial_of_service_prevented_str_to_int(self): ++ """Regression test: ensure we fail before performing O(N**2) work.""" ++ maxdigits = sys.get_int_max_str_digits() ++ assert maxdigits < 100_000, maxdigits # A test prerequisite. ++ get_time = time.process_time ++ if get_time() <= 0: # some platforms like WASM lack process_time() ++ get_time = time.monotonic ++ ++ digits = 133700 ++ huge = '8'*digits ++ with support.adjust_int_max_str_digits(digits): ++ start = get_time() ++ int(huge) ++ seconds_to_convert = get_time() - start ++ # Ensuring that we chose a slow enough conversion to measure. ++ # It takes 0.1 seconds on a Zen based cloud VM in an opt build. ++ if seconds_to_convert < 0.005: ++ raise unittest.SkipTest('"slow" conversion took only ' ++ f'{seconds_to_convert} seconds.') ++ ++ with support.adjust_int_max_str_digits(digits - 1): ++ with self.assertRaises(ValueError) as err: ++ start = get_time() ++ int(huge) ++ seconds_to_fail_huge = get_time() - start ++ self.assertIn('conversion', str(err.exception)) ++ self.assertLess(seconds_to_fail_huge, seconds_to_convert/8) ++ ++ # Now we test that a conversion that would take 30x as long also fails ++ # in a similarly fast fashion. ++ extra_huge = '7'*1_200_000 ++ with self.assertRaises(ValueError) as err: ++ start = get_time() ++ # If not limited, 8 seconds in the Zen based cloud VM. ++ int(extra_huge) ++ seconds_to_fail_extra_huge = get_time() - start ++ self.assertIn('conversion', str(err.exception)) ++ self.assertLess(seconds_to_fail_extra_huge, seconds_to_convert/8) ++ ++ def test_power_of_two_bases_unlimited(self): ++ """The limit does not apply to power of 2 bases.""" ++ maxdigits = sys.get_int_max_str_digits() ++ ++ for base in (2, 4, 8, 16, 32): ++ with self.subTest(base=base): ++ self.int_class('1' * (maxdigits + 1), base) ++ assert maxdigits < 100_000 ++ self.int_class('1' * 100_000, base) ++ ++ def test_underscores_ignored(self): ++ maxdigits = sys.get_int_max_str_digits() ++ ++ triples = maxdigits // 3 ++ s = '111' * triples ++ s_ = '1_11' * triples ++ self.int_class(s) # succeeds ++ self.int_class(s_) # succeeds ++ self.check(f'{s}111') ++ self.check(f'{s_}_111') ++ ++ def test_sign_not_counted(self): ++ int_class = self.int_class ++ max_digits = sys.get_int_max_str_digits() ++ s = '5' * max_digits ++ i = int_class(s) ++ pos_i = int_class(f'+{s}') ++ assert i == pos_i ++ neg_i = int_class(f'-{s}') ++ assert -pos_i == neg_i ++ str(pos_i) ++ str(neg_i) ++ ++ def _other_base_helper(self, base): ++ int_class = self.int_class ++ max_digits = sys.get_int_max_str_digits() ++ s = '2' * max_digits ++ i = int_class(s, base) ++ if base > 10: ++ with self.assertRaises(ValueError): ++ str(i) ++ elif base < 10: ++ str(i) ++ with self.assertRaises(ValueError) as err: ++ int_class(f'{s}1', base) ++ ++ def test_int_from_other_bases(self): ++ base = 3 ++ with self.subTest(base=base): ++ self._other_base_helper(base) ++ base = 36 ++ with self.subTest(base=base): ++ self._other_base_helper(base) ++ ++ ++class IntSubclassStrDigitLimitsTests(IntStrDigitLimitsTests): ++ int_class = IntSubclass ++ ++ + if __name__ == "__main__": + unittest.main() +diff --git a/Lib/test/test_json/test_decode.py b/Lib/test/test_json/test_decode.py +index 738f109fe6..b5fd4f2291 100644 +--- a/Lib/test/test_json/test_decode.py ++++ b/Lib/test/test_json/test_decode.py +@@ -2,6 +2,7 @@ import decimal + from io import StringIO, BytesIO + from collections import OrderedDict + from test.test_json import PyTest, CTest ++from test import support + + + class TestDecode: +@@ -95,5 +96,12 @@ class TestDecode: + d = self.json.JSONDecoder() + self.assertRaises(ValueError, d.raw_decode, 'a'*42, -50000) + ++ def test_limit_int(self): ++ maxdigits = 5000 ++ with support.adjust_int_max_str_digits(maxdigits): ++ self.loads('1' * maxdigits) ++ with self.assertRaises(ValueError): ++ self.loads('1' * (maxdigits + 1)) ++ + class TestPyDecode(TestDecode, PyTest): pass + class TestCDecode(TestDecode, CTest): pass +diff --git a/Lib/test/test_sys.py b/Lib/test/test_sys.py +index b41239ab7a..f2b9e08017 100644 +--- a/Lib/test/test_sys.py ++++ b/Lib/test/test_sys.py +@@ -444,11 +444,17 @@ class SysModuleTest(unittest.TestCase): + self.assertIsInstance(sys.executable, str) + self.assertEqual(len(sys.float_info), 11) + self.assertEqual(sys.float_info.radix, 2) +- self.assertEqual(len(sys.int_info), 2) ++ self.assertEqual(len(sys.int_info), 4) + self.assertTrue(sys.int_info.bits_per_digit % 5 == 0) + self.assertTrue(sys.int_info.sizeof_digit >= 1) ++ self.assertGreaterEqual(sys.int_info.default_max_str_digits, 500) ++ self.assertGreaterEqual(sys.int_info.str_digits_check_threshold, 100) ++ self.assertGreater(sys.int_info.default_max_str_digits, ++ sys.int_info.str_digits_check_threshold) + self.assertEqual(type(sys.int_info.bits_per_digit), int) + self.assertEqual(type(sys.int_info.sizeof_digit), int) ++ self.assertIsInstance(sys.int_info.default_max_str_digits, int) ++ self.assertIsInstance(sys.int_info.str_digits_check_threshold, int) + self.assertIsInstance(sys.hexversion, int) + + self.assertEqual(len(sys.hash_info), 9) +@@ -552,7 +558,8 @@ class SysModuleTest(unittest.TestCase): + attrs = ("debug", + "inspect", "interactive", "optimize", "dont_write_bytecode", + "no_user_site", "no_site", "ignore_environment", "verbose", +- "bytes_warning", "quiet", "hash_randomization", "isolated") ++ "bytes_warning", "quiet", "hash_randomization", "isolated", ++ "int_max_str_digits") + for attr in attrs: + self.assertTrue(hasattr(sys.flags, attr), attr) + self.assertEqual(type(getattr(sys.flags, attr)), int, attr) +diff --git a/Lib/test/test_xmlrpc.py b/Lib/test/test_xmlrpc.py +index fc601d4552..58553dd91a 100644 +--- a/Lib/test/test_xmlrpc.py ++++ b/Lib/test/test_xmlrpc.py +@@ -286,6 +286,16 @@ class XMLRPCTestCase(unittest.TestCase): + check('9876543210.0123456789', + decimal.Decimal('9876543210.0123456789')) + ++ def test_limit_int(self): ++ check = self.check_loads ++ maxdigits = 5000 ++ with support.adjust_int_max_str_digits(maxdigits): ++ s = '1' * (maxdigits + 1) ++ with self.assertRaises(ValueError): ++ check(f'{s}', None) ++ with self.assertRaises(ValueError): ++ check(f'{s}', None) ++ + def test_get_host_info(self): + # see bug #3613, this raised a TypeError + transp = xmlrpc.client.Transport() +diff --git a/Misc/NEWS.d/next/Core and Builtins/2022-09-16-19-02-40.gh-issue-95778.cJmnst.rst b/Misc/NEWS.d/next/Core and Builtins/2022-09-16-19-02-40.gh-issue-95778.cJmnst.rst +new file mode 100644 +index 0000000000..ebf63778a6 +--- /dev/null ++++ b/Misc/NEWS.d/next/Core and Builtins/2022-09-16-19-02-40.gh-issue-95778.cJmnst.rst +@@ -0,0 +1,3 @@ ++When :exc:`ValueError` is raised if an integer is larger than the limit, ++mention the :func:`sys.set_int_max_str_digits` function in the error message. ++Patch by Victor Stinner. +diff --git a/Misc/NEWS.d/next/Security/2022-08-07-16-53-38.gh-issue-95778.ch010gps.rst b/Misc/NEWS.d/next/Security/2022-08-07-16-53-38.gh-issue-95778.ch010gps.rst +new file mode 100644 +index 0000000000..8eb8a34884 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2022-08-07-16-53-38.gh-issue-95778.ch010gps.rst +@@ -0,0 +1,14 @@ ++Converting between :class:`int` and :class:`str` in bases other than 2 ++(binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now ++raises a :exc:`ValueError` if the number of digits in string form is above a ++limit to avoid potential denial of service attacks due to the algorithmic ++complexity. This is a mitigation for `CVE-2020-10735 ++`_. ++ ++This new limit can be configured or disabled by environment variable, command ++line flag, or :mod:`sys` APIs. See the :ref:`integer string conversion length ++limitation ` documentation. The default limit is 4300 ++digits in string form. ++ ++Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback ++from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson. +diff --git a/Modules/main.c b/Modules/main.c +index 96d8be4685..405e8838c7 100644 +--- a/Modules/main.c ++++ b/Modules/main.c +@@ -84,6 +84,9 @@ static const char usage_3[] = "\ + also PYTHONWARNINGS=arg\n\ + -x : skip first line of source, allowing use of non-Unix forms of #!cmd\n\ + -X opt : set implementation-specific option\n\ ++-X int_max_str_digits=number: limit the size of int<->str conversions.\n\ ++ This helps avoid denial of service attacks when parsing untrusted data.\n\ ++ The default is sys.int_info.default_max_str_digits. 0 disables.\n\ + "; + static const char usage_4[] = "\ + file : program read from script file\n\ +@@ -105,6 +108,10 @@ static const char usage_6[] = + " to seed the hashes of str, bytes and datetime objects. It can also be\n" + " set to an integer in the range [0,4294967295] to get hash values with a\n" + " predictable seed.\n" ++"PYTHONINTMAXSTRDIGITS: limits the maximum digit characters in an int value\n" ++" when converting from a string and when converting an int back to a str.\n" ++" A value of 0 disables the limit. Conversions to or from bases 2, 4, 8,\n" ++" 16, and 32 are never limited.\n" + "PYTHONMALLOC: set the Python memory allocators and/or install debug hooks\n" + " on Python memory allocators. Use PYTHONMALLOC=debug to install debug\n" + " hooks.\n" +diff --git a/Objects/longobject.c b/Objects/longobject.c +index 3864cec97a..ea0116908f 100644 +--- a/Objects/longobject.c ++++ b/Objects/longobject.c +@@ -33,6 +33,9 @@ static PyLongObject small_ints[NSMALLNEGINTS + NSMALLPOSINTS]; + Py_ssize_t quick_int_allocs, quick_neg_int_allocs; + #endif + ++#define _MAX_STR_DIGITS_ERROR_FMT_TO_INT "Exceeds the limit (%d) for integer string conversion: value has %zd digits; use sys.set_int_max_str_digits() to increase the limit" ++#define _MAX_STR_DIGITS_ERROR_FMT_TO_STR "Exceeds the limit (%d) for integer string conversion; use sys.set_int_max_str_digits() to increase the limit" ++ + static PyObject * + get_small_int(sdigit ival) + { +@@ -1593,6 +1596,22 @@ long_to_decimal_string_internal(PyObject *aa, + size_a = Py_ABS(Py_SIZE(a)); + negative = Py_SIZE(a) < 0; + ++ /* quick and dirty pre-check for overflowing the decimal digit limit, ++ based on the inequality 10/3 >= log2(10) ++ ++ explanation in https://github.com/python/cpython/pull/96537 ++ */ ++ if (size_a >= 10 * _PY_LONG_MAX_STR_DIGITS_THRESHOLD ++ / (3 * PyLong_SHIFT) + 2) { ++ int max_str_digits = _Py_global_config_int_max_str_digits ; ++ if ((max_str_digits > 0) && ++ (max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10)) { ++ PyErr_Format(PyExc_ValueError, _MAX_STR_DIGITS_ERROR_FMT_TO_STR, ++ max_str_digits); ++ return -1; ++ } ++ } ++ + /* quick and dirty upper bound for the number of digits + required to express a in base _PyLong_DECIMAL_BASE: + +@@ -1652,6 +1671,16 @@ long_to_decimal_string_internal(PyObject *aa, + tenpow *= 10; + strlen++; + } ++ if (strlen > _PY_LONG_MAX_STR_DIGITS_THRESHOLD) { ++ int max_str_digits = _Py_global_config_int_max_str_digits ; ++ Py_ssize_t strlen_nosign = strlen - negative; ++ if ((max_str_digits > 0) && (strlen_nosign > max_str_digits)) { ++ Py_DECREF(scratch); ++ PyErr_Format(PyExc_ValueError, _MAX_STR_DIGITS_ERROR_FMT_TO_STR, ++ max_str_digits); ++ return -1; ++ } ++ } + if (writer) { + if (_PyUnicodeWriter_Prepare(writer, strlen, '9') == -1) { + Py_DECREF(scratch); +@@ -2166,6 +2195,7 @@ PyLong_FromString(const char *str, char **pend, int base) + + start = str; + if ((base & (base - 1)) == 0) { ++ /* binary bases are not limited by int_max_str_digits */ + int res = long_from_binary_base(&str, base, &z); + if (res < 0) { + /* Syntax error. */ +@@ -2318,6 +2348,16 @@ digit beyond the first. + goto onError; + } + ++ /* Limit the size to avoid excessive computation attacks. */ ++ if (digits > _PY_LONG_MAX_STR_DIGITS_THRESHOLD) { ++ int max_str_digits = _Py_global_config_int_max_str_digits ; ++ if ((max_str_digits > 0) && (digits > max_str_digits)) { ++ PyErr_Format(PyExc_ValueError, _MAX_STR_DIGITS_ERROR_FMT_TO_INT, ++ max_str_digits, digits); ++ return NULL; ++ } ++ } ++ + /* Create an int object that can contain the largest possible + * integer with this base and length. Note that there's no + * need to initialize z->ob_digit -- no slot is read up before +@@ -4820,6 +4860,7 @@ long_new(PyTypeObject *type, PyObject *args, PyObject *kwds) + } + return PyLong_FromLong(0L); + } ++ /* default base and limit, forward to standard implementation */ + if (obase == NULL) + return PyNumber_Long(x); + +@@ -5482,6 +5523,8 @@ internal representation of integers. The attributes are read only."); + static PyStructSequence_Field int_info_fields[] = { + {"bits_per_digit", "size of a digit in bits"}, + {"sizeof_digit", "size in bytes of the C type used to represent a digit"}, ++ {"default_max_str_digits", "maximum string conversion digits limitation"}, ++ {"str_digits_check_threshold", "minimum positive value for int_max_str_digits"}, + {NULL, NULL} + }; + +@@ -5489,7 +5532,7 @@ static PyStructSequence_Desc int_info_desc = { + "sys.int_info", /* name */ + int_info__doc__, /* doc */ + int_info_fields, /* fields */ +- 2 /* number of fields */ ++ 4 /* number of fields */ + }; + + PyObject * +@@ -5504,6 +5547,17 @@ PyLong_GetInfo(void) + PyLong_FromLong(PyLong_SHIFT)); + PyStructSequence_SET_ITEM(int_info, field++, + PyLong_FromLong(sizeof(digit))); ++ /* ++ * The following two fields were added after investigating uses of ++ * sys.int_info in the wild: Exceedingly rarely used. The ONLY use found was ++ * numba using sys.int_info.bits_per_digit as attribute access rather than ++ * sequence unpacking. Cython and sympy also refer to sys.int_info but only ++ * as info for debugging. No concern about adding these in a backport. ++ */ ++ PyStructSequence_SET_ITEM(int_info, field++, ++ PyLong_FromLong(_PY_LONG_DEFAULT_MAX_STR_DIGITS)); ++ PyStructSequence_SET_ITEM(int_info, field++, ++ PyLong_FromLong(_PY_LONG_MAX_STR_DIGITS_THRESHOLD)); + if (PyErr_Occurred()) { + Py_CLEAR(int_info); + return NULL; +@@ -5511,6 +5565,116 @@ PyLong_GetInfo(void) + return int_info; + } + ++ ++static int ++pymain_str_to_int(const char *str, int *result) ++{ ++ errno = 0; ++ const char *endptr = str; ++ long value = strtol(str, (char **)&endptr, 10); ++ if (*endptr != '\0' || errno == ERANGE) { ++ return -1; ++ } ++ if (value < INT_MIN || value > INT_MAX) { ++ return -1; ++ } ++ ++ *result = (int)value; ++ return 0; ++} ++ ++ ++static int ++long_get_max_str_digits_xoption(int *pmaxdigits) ++{ ++ PyObject *xoptions = PySys_GetXOptions(); ++ if (xoptions == NULL) { ++ return -1; ++ } ++ ++ PyObject *key = PyUnicode_FromString("int_max_str_digits"); ++ if (key == NULL) { ++ return -1; ++ } ++ ++ PyObject *value = PyDict_GetItemWithError(xoptions, key); /* borrowed */ ++ Py_DECREF(key); ++ if (value == NULL) { ++ if (PyErr_Occurred()) { ++ return -1; ++ } ++ return 0; ++ } ++ ++ if (!PyUnicode_Check(value)) { ++ return -1; ++ } ++ ++ PyObject *valuelong = PyLong_FromUnicodeObject(value, 10); ++ if (valuelong == NULL) { ++ return -1; ++ } ++ ++ int maxdigits = _PyLong_AsInt(valuelong); ++ Py_DECREF(valuelong); ++ if (maxdigits == -1 && PyErr_Occurred()) { ++ return -1; ++ } ++ ++ *pmaxdigits = maxdigits; ++ return 1; ++} ++ ++ ++static void ++long_init_max_str_digits(void) ++{ ++ // PYTHONINTMAXSTRDIGITS env var ++ char *opt = Py_GETENV("PYTHONINTMAXSTRDIGITS"); ++ int maxdigits; ++ if (opt) { ++ int valid = 0; ++ if (!pymain_str_to_int(opt, &maxdigits)) { ++ valid = ((maxdigits == 0) || (maxdigits >= _PY_LONG_MAX_STR_DIGITS_THRESHOLD)); ++ } ++ if (!valid) { ++#define STRINGIFY(VAL) _STRINGIFY(VAL) ++#define _STRINGIFY(VAL) #VAL ++ fprintf(stderr, "Error in PYTHONINTMAXSTRDIGITS: " ++ "invalid limit; must be >= " ++ STRINGIFY(_PY_LONG_MAX_STR_DIGITS_THRESHOLD) ++ " or 0 for unlimited.\n"); ++ exit(1); ++ } ++ _Py_global_config_int_max_str_digits = maxdigits; ++ } ++ ++ // -X int_max_str_digits command line option ++ int res = long_get_max_str_digits_xoption(&maxdigits); ++ if (res == 1) { ++ int valid = ((maxdigits == 0) || (maxdigits >= _PY_LONG_MAX_STR_DIGITS_THRESHOLD)); ++ if (!valid) { ++ res = -1; ++ } ++ } ++ if (res < 0) { ++ fprintf(stderr, "Error in -X int_max_str_digits: " ++ "invalid limit; must be >= " ++ STRINGIFY(_PY_LONG_MAX_STR_DIGITS_THRESHOLD) ++ " or 0 for unlimited.\n"); ++ exit(1); ++ } ++ if (res == 1) { ++ _Py_global_config_int_max_str_digits = maxdigits; ++ } ++ ++ // Default value ++ if (_Py_global_config_int_max_str_digits == -1) { ++ _Py_global_config_int_max_str_digits = _PY_LONG_DEFAULT_MAX_STR_DIGITS; ++ } ++} ++ ++ + int + _PyLong_Init(void) + { +@@ -5549,6 +5713,8 @@ _PyLong_Init(void) + return 0; + } + ++ long_init_max_str_digits(); ++ + return 1; + } + +diff --git a/Python/ast.c b/Python/ast.c +index 675063eff0..4b69d8664e 100644 +--- a/Python/ast.c ++++ b/Python/ast.c +@@ -2149,8 +2149,32 @@ ast_for_atom(struct compiling *c, const node *n) + } + case NUMBER: { + PyObject *pynum = parsenumber(c, STR(ch)); +- if (!pynum) ++ if (!pynum) { ++ PyThreadState *tstate = PyThreadState_GET(); ++ // The only way a ValueError should happen in _this_ code is via ++ // PyLong_FromString hitting a length limit. ++ if (tstate->curexc_type == PyExc_ValueError && ++ tstate->curexc_value != NULL) { ++ PyObject *type, *value, *tb; ++ // This acts as PyErr_Clear() as we're replacing curexc. ++ PyErr_Fetch(&type, &value, &tb); ++ Py_XDECREF(tb); ++ Py_DECREF(type); ++ PyObject *helpful_msg = PyUnicode_FromFormat( ++ "%S - Consider hexadecimal for huge integer literals " ++ "to avoid decimal conversion limits.", ++ value); ++ if (helpful_msg) { ++ const char* error_msg = PyUnicode_AsUTF8(helpful_msg); ++ if (error_msg) { ++ ast_error(c, ch, error_msg); ++ } ++ Py_DECREF(helpful_msg); ++ } ++ Py_DECREF(value); ++ } + return NULL; ++ } + + if (PyArena_AddPyObject(c->c_arena, pynum) < 0) { + Py_DECREF(pynum); +diff --git a/Python/pylifecycle.c b/Python/pylifecycle.c +index 0b985bf78b..095d1ef84f 100644 +--- a/Python/pylifecycle.c ++++ b/Python/pylifecycle.c +@@ -97,6 +97,8 @@ int Py_IsolatedFlag = 0; /* for -I, isolate from user's env */ + int Py_LegacyWindowsFSEncodingFlag = 0; /* Uses mbcs instead of utf-8 */ + int Py_LegacyWindowsStdioFlag = 0; /* Uses FileIO instead of WindowsConsoleIO */ + #endif ++/* Unusual name compared to the above for backporting from 3.12 reasons. */ ++int _Py_global_config_int_max_str_digits = -1; /* -X int_max_str_digits or PYTHONINTMAXSTRDIGITS */ + + PyThreadState *_Py_Finalizing = NULL; + +diff --git a/Python/sysmodule.c b/Python/sysmodule.c +index 7d1493cbe1..ecdb62cd1a 100644 +--- a/Python/sysmodule.c ++++ b/Python/sysmodule.c +@@ -1079,6 +1079,46 @@ sys_mdebug(PyObject *self, PyObject *args) + } + #endif /* USE_MALLOPT */ + ++static PyObject * ++sys_get_int_max_str_digits(PyObject *module, PyObject *Py_UNUSED(ignored)) ++{ ++ return PyLong_FromSsize_t(_Py_global_config_int_max_str_digits); ++} ++ ++PyDoc_STRVAR(sys_get_int_max_str_digits__doc__, ++"get_int_max_str_digits($module, /)\n" ++"--\n" ++"\n" ++"Set the maximum string digits limit for non-binary int<->str conversions."); ++ ++static PyObject * ++sys_set_int_max_str_digits(PyObject *module, PyObject *args, PyObject *kwds) ++{ ++ static char *kwlist[] = {"maxdigits", NULL}; ++ int maxdigits; ++ ++ if (!PyArg_ParseTupleAndKeywords(args, kwds, "i:set_int_max_str_digits", ++ kwlist, &maxdigits)) ++ return NULL; ++ ++ if ((!maxdigits) || (maxdigits >= _PY_LONG_MAX_STR_DIGITS_THRESHOLD)) { ++ _Py_global_config_int_max_str_digits = maxdigits; ++ Py_RETURN_NONE; ++ } else { ++ PyErr_Format( ++ PyExc_ValueError, "maxdigits must be 0 or larger than %d", ++ _PY_LONG_MAX_STR_DIGITS_THRESHOLD); ++ return NULL; ++ } ++} ++ ++PyDoc_STRVAR(sys_set_int_max_str_digits__doc__, ++"set_int_max_str_digits($module, /, maxdigits)\n" ++"--\n" ++"\n" ++"Set the maximum string digits limit for non-binary int<->str conversions."); ++ ++ + size_t + _PySys_GetSizeOf(PyObject *o) + { +@@ -1434,6 +1474,8 @@ static PyMethodDef sys_methods[] = { + METH_VARARGS | METH_KEYWORDS, set_asyncgen_hooks_doc}, + {"get_asyncgen_hooks", sys_get_asyncgen_hooks, METH_NOARGS, + get_asyncgen_hooks_doc}, ++ {"get_int_max_str_digits", sys_get_int_max_str_digits, METH_NOARGS, sys_get_int_max_str_digits__doc__}, ++ {"set_int_max_str_digits", (PyCFunction)sys_set_int_max_str_digits, METH_VARARGS|METH_KEYWORDS, sys_set_int_max_str_digits__doc__}, + {NULL, NULL} /* sentinel */ + }; + +@@ -1681,6 +1723,7 @@ static PyStructSequence_Field flags_fields[] = { + {"quiet", "-q"}, + {"hash_randomization", "-R"}, + {"isolated", "-I"}, ++ {"int_max_str_digits", "-X int_max_str_digits"}, + {0} + }; + +@@ -1688,7 +1731,7 @@ static PyStructSequence_Desc flags_desc = { + "sys.flags", /* name */ + flags__doc__, /* doc */ + flags_fields, /* fields */ +- 13 ++ 14 + }; + + static PyObject* +@@ -1719,6 +1762,7 @@ make_flags(void) + SetFlag(Py_QuietFlag); + SetFlag(Py_HashRandomizationFlag); + SetFlag(Py_IsolatedFlag); ++ SetFlag(_Py_global_config_int_max_str_digits); + #undef SetFlag + + if (PyErr_Occurred()) { diff --git a/00392-cve-2022-37454-fix-buffer-overflows-in-_sha3-module.patch b/00392-cve-2022-37454-fix-buffer-overflows-in-_sha3-module.patch new file mode 100644 index 0000000..7f3e9cf --- /dev/null +++ b/00392-cve-2022-37454-fix-buffer-overflows-in-_sha3-module.patch @@ -0,0 +1,98 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Theo Buehler +Date: Fri, 21 Oct 2022 20:37:54 -0700 +Subject: 00392: CVE-2022-37454: Fix buffer overflows in _sha3 module + +This is a port of the applicable part of XKCP's fix [1] for +CVE-2022-37454 and avoids the segmentation fault and the infinite +loop in the test cases published in [2]. + +[1]: https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a +[2]: https://mouha.be/sha-3-buffer-overflow/ + +(cherry picked from commit 0e4e058602d93b88256ff90bbef501ba20be9dd3) + +Co-authored-by: Gregory P. Smith [Google LLC] +--- + Lib/test/test_hashlib.py | 9 +++++++++ + .../2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst | 1 + + Modules/_sha3/kcp/KeccakSponge.inc | 15 ++++++++------- + 3 files changed, 18 insertions(+), 7 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst + +diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py +index 9711856853..08f0af3748 100644 +--- a/Lib/test/test_hashlib.py ++++ b/Lib/test/test_hashlib.py +@@ -418,6 +418,15 @@ class HashLibTestCase(unittest.TestCase): + def test_case_md5_uintmax(self, size): + self.check('md5', b'A'*size, '28138d306ff1b8281f1a9067e1a1a2b3') + ++ @unittest.skipIf(sys.maxsize < _4G - 1, 'test cannot run on 32-bit systems') ++ @bigmemtest(size=_4G - 1, memuse=1, dry_run=False) ++ def test_sha3_update_overflow(self, size): ++ """Regression test for gh-98517 CVE-2022-37454.""" ++ h = hashlib.sha3_224() ++ h.update(b'\x01') ++ h.update(b'\x01'*0xffff_ffff) ++ self.assertEqual(h.hexdigest(), '80762e8ce6700f114fec0f621fd97c4b9c00147fa052215294cceeed') ++ + # use the three examples from Federal Information Processing Standards + # Publication 180-1, Secure Hash Standard, 1995 April 17 + # http://www.itl.nist.gov/div897/pubs/fip180-1.htm +diff --git a/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst b/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst +new file mode 100644 +index 0000000000..2d23a6ad93 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst +@@ -0,0 +1 @@ ++Port XKCP's fix for the buffer overflows in SHA-3 (CVE-2022-37454). +diff --git a/Modules/_sha3/kcp/KeccakSponge.inc b/Modules/_sha3/kcp/KeccakSponge.inc +index e10739deaf..cf92e4db4d 100644 +--- a/Modules/_sha3/kcp/KeccakSponge.inc ++++ b/Modules/_sha3/kcp/KeccakSponge.inc +@@ -171,7 +171,7 @@ int SpongeAbsorb(SpongeInstance *instance, const unsigned char *data, size_t dat + i = 0; + curData = data; + while(i < dataByteLen) { +- if ((instance->byteIOIndex == 0) && (dataByteLen >= (i + rateInBytes))) { ++ if ((instance->byteIOIndex == 0) && (dataByteLen-i >= rateInBytes)) { + #ifdef SnP_FastLoop_Absorb + /* processing full blocks first */ + +@@ -199,10 +199,10 @@ int SpongeAbsorb(SpongeInstance *instance, const unsigned char *data, size_t dat + } + else { + /* normal lane: using the message queue */ +- +- partialBlock = (unsigned int)(dataByteLen - i); +- if (partialBlock+instance->byteIOIndex > rateInBytes) ++ if (dataByteLen-i > rateInBytes-instance->byteIOIndex) + partialBlock = rateInBytes-instance->byteIOIndex; ++ else ++ partialBlock = (unsigned int)(dataByteLen - i); + #ifdef KeccakReference + displayBytes(1, "Block to be absorbed (part)", curData, partialBlock); + #endif +@@ -281,7 +281,7 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned char *data, size_t dataByte + i = 0; + curData = data; + while(i < dataByteLen) { +- if ((instance->byteIOIndex == rateInBytes) && (dataByteLen >= (i + rateInBytes))) { ++ if ((instance->byteIOIndex == rateInBytes) && (dataByteLen-i >= rateInBytes)) { + for(j=dataByteLen-i; j>=rateInBytes; j-=rateInBytes) { + SnP_Permute(instance->state); + SnP_ExtractBytes(instance->state, curData, 0, rateInBytes); +@@ -299,9 +299,10 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned char *data, size_t dataByte + SnP_Permute(instance->state); + instance->byteIOIndex = 0; + } +- partialBlock = (unsigned int)(dataByteLen - i); +- if (partialBlock+instance->byteIOIndex > rateInBytes) ++ if (dataByteLen-i > rateInBytes-instance->byteIOIndex) + partialBlock = rateInBytes-instance->byteIOIndex; ++ else ++ partialBlock = (unsigned int)(dataByteLen - i); + i += partialBlock; + + SnP_ExtractBytes(instance->state, curData, instance->byteIOIndex, partialBlock); diff --git a/00394-cve-2022-45061-cpu-denial-of-service-via-inefficient-idna-decoder.patch b/00394-cve-2022-45061-cpu-denial-of-service-via-inefficient-idna-decoder.patch new file mode 100644 index 0000000..23caf79 --- /dev/null +++ b/00394-cve-2022-45061-cpu-denial-of-service-via-inefficient-idna-decoder.patch @@ -0,0 +1,95 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Mon, 7 Nov 2022 19:22:14 -0800 +Subject: 00394: CVE-2022-45061: CPU denial of service via inefficient IDNA + decoder + +gh-98433: Fix quadratic time idna decoding. + +There was an unnecessary quadratic loop in idna decoding. This restores +the behavior to linear. + +(cherry picked from commit a6f6c3a3d6f2b580f2d87885c9b8a9350ad7bf15) + +Co-authored-by: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> +Co-authored-by: Gregory P. Smith +--- + Lib/encodings/idna.py | 32 +++++++++---------- + Lib/test/test_codecs.py | 6 ++++ + ...2-11-04-09-29-36.gh-issue-98433.l76c5G.rst | 6 ++++ + 3 files changed, 27 insertions(+), 17 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2022-11-04-09-29-36.gh-issue-98433.l76c5G.rst + +diff --git a/Lib/encodings/idna.py b/Lib/encodings/idna.py +index ea4058512f..bf98f51336 100644 +--- a/Lib/encodings/idna.py ++++ b/Lib/encodings/idna.py +@@ -39,23 +39,21 @@ def nameprep(label): + + # Check bidi + RandAL = [stringprep.in_table_d1(x) for x in label] +- for c in RandAL: +- if c: +- # There is a RandAL char in the string. Must perform further +- # tests: +- # 1) The characters in section 5.8 MUST be prohibited. +- # This is table C.8, which was already checked +- # 2) If a string contains any RandALCat character, the string +- # MUST NOT contain any LCat character. +- if any(stringprep.in_table_d2(x) for x in label): +- raise UnicodeError("Violation of BIDI requirement 2") +- +- # 3) If a string contains any RandALCat character, a +- # RandALCat character MUST be the first character of the +- # string, and a RandALCat character MUST be the last +- # character of the string. +- if not RandAL[0] or not RandAL[-1]: +- raise UnicodeError("Violation of BIDI requirement 3") ++ if any(RandAL): ++ # There is a RandAL char in the string. Must perform further ++ # tests: ++ # 1) The characters in section 5.8 MUST be prohibited. ++ # This is table C.8, which was already checked ++ # 2) If a string contains any RandALCat character, the string ++ # MUST NOT contain any LCat character. ++ if any(stringprep.in_table_d2(x) for x in label): ++ raise UnicodeError("Violation of BIDI requirement 2") ++ # 3) If a string contains any RandALCat character, a ++ # RandALCat character MUST be the first character of the ++ # string, and a RandALCat character MUST be the last ++ # character of the string. ++ if not RandAL[0] or not RandAL[-1]: ++ raise UnicodeError("Violation of BIDI requirement 3") + + return label + +diff --git a/Lib/test/test_codecs.py b/Lib/test/test_codecs.py +index 56485de3f6..a798d1f287 100644 +--- a/Lib/test/test_codecs.py ++++ b/Lib/test/test_codecs.py +@@ -1640,6 +1640,12 @@ class IDNACodecTest(unittest.TestCase): + self.assertEqual("pyth\xf6n.org".encode("idna"), b"xn--pythn-mua.org") + self.assertEqual("pyth\xf6n.org.".encode("idna"), b"xn--pythn-mua.org.") + ++ def test_builtin_decode_length_limit(self): ++ with self.assertRaisesRegex(UnicodeError, "too long"): ++ (b"xn--016c"+b"a"*1100).decode("idna") ++ with self.assertRaisesRegex(UnicodeError, "too long"): ++ (b"xn--016c"+b"a"*70).decode("idna") ++ + def test_stream(self): + r = codecs.getreader("idna")(io.BytesIO(b"abc")) + r.read(3) +diff --git a/Misc/NEWS.d/next/Security/2022-11-04-09-29-36.gh-issue-98433.l76c5G.rst b/Misc/NEWS.d/next/Security/2022-11-04-09-29-36.gh-issue-98433.l76c5G.rst +new file mode 100644 +index 0000000000..5185fac2e2 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2022-11-04-09-29-36.gh-issue-98433.l76c5G.rst +@@ -0,0 +1,6 @@ ++The IDNA codec decoder used on DNS hostnames by :mod:`socket` or :mod:`asyncio` ++related name resolution functions no longer involves a quadratic algorithm. ++This prevents a potential CPU denial of service if an out-of-spec excessive ++length hostname involving bidirectional characters were decoded. Some protocols ++such as :mod:`urllib` http ``3xx`` redirects potentially allow for an attacker ++to supply such a name. diff --git a/00397-pep-706-cve-2007-4559-filter-api-for-tarfile-extractall.patch b/00397-pep-706-cve-2007-4559-filter-api-for-tarfile-extractall.patch new file mode 100644 index 0000000..745981a --- /dev/null +++ b/00397-pep-706-cve-2007-4559-filter-api-for-tarfile-extractall.patch @@ -0,0 +1,2464 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Petr Viktorin +Date: Wed, 7 Jun 2023 14:53:48 +0200 +Subject: 00397: PEP 706, CVE-2007-4559: Filter API for tarfile.extractall + +Add API for allowing checks on the content of tar files, allowing callers to mitigate +directory traversal (CVE-2007-4559) and related issues. + +Python 3.12 will warn if this API is not used. +Python 3.14 will fail if it's not used. + +Backport from https://github.com/python/cpython/issues/102950 + +Change document: https://peps.python.org/pep-0706/ +--- + Doc/library/shutil.rst | 31 +- + Doc/library/tarfile.rst | 447 ++++++++- + Doc/whatsnew/3.6.rst | 17 +- + Lib/shutil.py | 18 +- + Lib/tarfile.py | 359 ++++++- + Lib/test/support/__init__.py | 24 + + Lib/test/test_shutil.py | 40 +- + Lib/test/test_tarfile.py | 926 +++++++++++++++++- + ...-03-23-15-24-38.gh-issue-102953.YR4KaK.rst | 4 + + 9 files changed, 1789 insertions(+), 77 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst + +diff --git a/Doc/library/shutil.rst b/Doc/library/shutil.rst +index c3f7bd6640..29ef5259cb 100644 +--- a/Doc/library/shutil.rst ++++ b/Doc/library/shutil.rst +@@ -537,7 +537,7 @@ provided. They rely on the :mod:`zipfile` and :mod:`tarfile` modules. + Remove the archive format *name* from the list of supported formats. + + +-.. function:: unpack_archive(filename[, extract_dir[, format]]) ++.. function:: unpack_archive(filename[, extract_dir[, format[, filter]]]) + + Unpack an archive. *filename* is the full path of the archive. + +@@ -551,6 +551,24 @@ provided. They rely on the :mod:`zipfile` and :mod:`tarfile` modules. + registered for that extension. In case none is found, + a :exc:`ValueError` is raised. + ++ The keyword-only *filter* argument, which was added in Python 3.6.16, ++ is passed to the underlying unpacking function. ++ For zip files, *filter* is not accepted. ++ For tar files, it is recommended to set it to ``'data'``, ++ unless using features specific to tar and UNIX-like filesystems. ++ (See :ref:`tarfile-extraction-filter` for details.) ++ The ``'data'`` filter will become the default for tar files ++ in Python 3.14. ++ ++ .. warning:: ++ ++ Never extract archives from untrusted sources without prior inspection. ++ It is possible that files are created outside of the path specified in ++ the *extract_dir* argument, e.g. members that have absolute filenames ++ starting with "/" or filenames with two dots "..". ++ ++ .. versionchanged:: 3.6.16 ++ Added the *filter* argument. + + .. function:: register_unpack_format(name, extensions, function[, extra_args[, description]]) + +@@ -559,11 +577,14 @@ provided. They rely on the :mod:`zipfile` and :mod:`tarfile` modules. + ``.zip`` for Zip files. + + *function* is the callable that will be used to unpack archives. The +- callable will receive the path of the archive, followed by the directory +- the archive must be extracted to. ++ callable will receive: + +- When provided, *extra_args* is a sequence of ``(name, value)`` tuples that +- will be passed as keywords arguments to the callable. ++ - the path of the archive, as a positional argument; ++ - the directory the archive must be extracted to, as a positional argument; ++ - possibly a *filter* keyword argument, if it was given to ++ :func:`unpack_archive`; ++ - additional keyword arguments, specified by *extra_args* as a sequence ++ of ``(name, value)`` tuples. + + *description* can be provided to describe the format, and will be returned + by the :func:`get_unpack_formats` function. +diff --git a/Doc/library/tarfile.rst b/Doc/library/tarfile.rst +index 337c061107..f6dc9a7038 100644 +--- a/Doc/library/tarfile.rst ++++ b/Doc/library/tarfile.rst +@@ -199,6 +199,38 @@ The :mod:`tarfile` module defines the following exceptions: + Is raised by :meth:`TarInfo.frombuf` if the buffer it gets is invalid. + + ++.. exception:: FilterError ++ ++ Base class for members :ref:`refused ` by ++ filters. ++ ++ .. attribute:: tarinfo ++ ++ Information about the member that the filter refused to extract, ++ as :ref:`TarInfo `. ++ ++.. exception:: AbsolutePathError ++ ++ Raised to refuse extracting a member with an absolute path. ++ ++.. exception:: OutsideDestinationError ++ ++ Raised to refuse extracting a member outside the destination directory. ++ ++.. exception:: SpecialFileError ++ ++ Raised to refuse extracting a special file (e.g. a device or pipe). ++ ++.. exception:: AbsoluteLinkError ++ ++ Raised to refuse extracting a symbolic link with an absolute path. ++ ++.. exception:: LinkOutsideDestinationError ++ ++ Raised to refuse extracting a symbolic link pointing outside the destination ++ directory. ++ ++ + The following constants are available at the module level: + + .. data:: ENCODING +@@ -304,11 +336,8 @@ be finalized; only the internally used file object will be closed. See the + *debug* can be set from ``0`` (no debug messages) up to ``3`` (all debug + messages). The messages are written to ``sys.stderr``. + +- If *errorlevel* is ``0``, all errors are ignored when using :meth:`TarFile.extract`. +- Nevertheless, they appear as error messages in the debug output, when debugging +- is enabled. If ``1``, all *fatal* errors are raised as :exc:`OSError` +- exceptions. If ``2``, all *non-fatal* errors are raised as :exc:`TarError` +- exceptions as well. ++ *errorlevel* controls how extraction errors are handled, ++ see :attr:`the corresponding attribute <~TarFile.errorlevel>`. + + The *encoding* and *errors* arguments define the character encoding to be + used for reading or writing the archive and how conversion errors are going +@@ -375,7 +404,7 @@ be finalized; only the internally used file object will be closed. See the + available. + + +-.. method:: TarFile.extractall(path=".", members=None, *, numeric_owner=False) ++.. method:: TarFile.extractall(path=".", members=None, *, numeric_owner=False, filter=None) + + Extract all members from the archive to the current working directory or + directory *path*. If optional *members* is given, it must be a subset of the +@@ -389,6 +418,12 @@ be finalized; only the internally used file object will be closed. See the + are used to set the owner/group for the extracted files. Otherwise, the named + values from the tarfile are used. + ++ The *filter* argument, which was added in Python 3.6.16, specifies how ++ ``members`` are modified or rejected before extraction. ++ See :ref:`tarfile-extraction-filter` for details. ++ It is recommended to set this explicitly depending on which *tar* features ++ you need to support. ++ + .. warning:: + + Never extract archives from untrusted sources without prior inspection. +@@ -396,14 +431,20 @@ be finalized; only the internally used file object will be closed. See the + that have absolute filenames starting with ``"/"`` or filenames with two + dots ``".."``. + ++ Set ``filter='data'`` to prevent the most dangerous security issues, ++ and read the :ref:`tarfile-extraction-filter` section for details. ++ + .. versionchanged:: 3.5 + Added the *numeric_owner* parameter. + + .. versionchanged:: 3.6 + The *path* parameter accepts a :term:`path-like object`. + ++ .. versionchanged:: 3.6.16 ++ Added the *filter* parameter. + +-.. method:: TarFile.extract(member, path="", set_attrs=True, *, numeric_owner=False) ++ ++.. method:: TarFile.extract(member, path="", set_attrs=True, *, numeric_owner=False, filter=None) + + Extract a member from the archive to the current working directory, using its + full name. Its file information is extracted as accurately as possible. *member* +@@ -411,9 +452,8 @@ be finalized; only the internally used file object will be closed. See the + directory using *path*. *path* may be a :term:`path-like object`. + File attributes (owner, mtime, mode) are set unless *set_attrs* is false. + +- If *numeric_owner* is :const:`True`, the uid and gid numbers from the tarfile +- are used to set the owner/group for the extracted files. Otherwise, the named +- values from the tarfile are used. ++ The *numeric_owner* and *filter* arguments are the same as ++ for :meth:`extractall`. + + .. note:: + +@@ -424,6 +464,9 @@ be finalized; only the internally used file object will be closed. See the + + See the warning for :meth:`extractall`. + ++ Set ``filter='data'`` to prevent the most dangerous security issues, ++ and read the :ref:`tarfile-extraction-filter` section for details. ++ + .. versionchanged:: 3.2 + Added the *set_attrs* parameter. + +@@ -433,6 +476,9 @@ be finalized; only the internally used file object will be closed. See the + .. versionchanged:: 3.6 + The *path* parameter accepts a :term:`path-like object`. + ++ .. versionchanged:: 3.6.16 ++ Added the *filter* parameter. ++ + + .. method:: TarFile.extractfile(member) + +@@ -444,6 +490,56 @@ be finalized; only the internally used file object will be closed. See the + .. versionchanged:: 3.3 + Return an :class:`io.BufferedReader` object. + ++.. attribute:: TarFile.errorlevel ++ ++ If *errorlevel* is ``0``, errors are ignored when using :meth:`TarFile.extract` ++ and :meth:`TarFile.extractall`. ++ Nevertheless, they appear as error messages in the debug output when ++ *debug* is greater than 0. ++ If ``1`` (the default), all *fatal* errors are raised as :exc:`OSError` or ++ :exc:`FilterError` exceptions. If ``2``, all *non-fatal* errors are raised ++ as :exc:`TarError` exceptions as well. ++ ++ Some exceptions, e.g. ones caused by wrong argument types or data ++ corruption, are always raised. ++ ++ Custom :ref:`extraction filters ` ++ should raise :exc:`FilterError` for *fatal* errors ++ and :exc:`ExtractError` for *non-fatal* ones. ++ ++ Note that when an exception is raised, the archive may be partially ++ extracted. It is the user’s responsibility to clean up. ++ ++.. attribute:: TarFile.extraction_filter ++ ++ .. versionadded:: 3.6.16 ++ ++ The :ref:`extraction filter ` used ++ as a default for the *filter* argument of :meth:`~TarFile.extract` ++ and :meth:`~TarFile.extractall`. ++ ++ The attribute may be ``None`` or a callable. ++ String names are not allowed for this attribute, unlike the *filter* ++ argument to :meth:`~TarFile.extract`. ++ ++ If ``extraction_filter`` is ``None`` (the default), ++ calling an extraction method without a *filter* argument will ++ use the :func:`fully_trusted ` filter for ++ compatibility with previous Python versions. ++ ++ In Python 3.12+, leaving ``extraction_filter=None`` will emit a ++ ``DeprecationWarning``. ++ ++ In Python 3.14+, leaving ``extraction_filter=None`` will cause ++ extraction methods to use the :func:`data ` filter by default. ++ ++ The attribute may be set on instances or overridden in subclasses. ++ It also is possible to set it on the ``TarFile`` class itself to set a ++ global default, although, since it affects all uses of *tarfile*, ++ it is best practice to only do so in top-level applications or ++ :mod:`site configuration `. ++ To set a global default this way, a filter function needs to be wrapped in ++ :func:`staticmethod()` to prevent injection of a ``self`` argument. + + .. method:: TarFile.add(name, arcname=None, recursive=True, exclude=None, *, filter=None) + +@@ -522,7 +618,27 @@ permissions, owner etc.), it provides some useful methods to determine its type. + It does *not* contain the file's data itself. + + :class:`TarInfo` objects are returned by :class:`TarFile`'s methods +-:meth:`getmember`, :meth:`getmembers` and :meth:`gettarinfo`. ++:meth:`~TarFile.getmember`, :meth:`~TarFile.getmembers` and ++:meth:`~TarFile.gettarinfo`. ++ ++Modifying the objects returned by :meth:`~!TarFile.getmember` or ++:meth:`~!TarFile.getmembers` will affect all subsequent ++operations on the archive. ++For cases where this is unwanted, you can use :mod:`copy.copy() ` or ++call the :meth:`~TarInfo.replace` method to create a modified copy in one step. ++ ++Several attributes can be set to ``None`` to indicate that a piece of metadata ++is unused or unknown. ++Different :class:`TarInfo` methods handle ``None`` differently: ++ ++- The :meth:`~TarFile.extract` or :meth:`~TarFile.extractall` methods will ++ ignore the corresponding metadata, leaving it set to a default. ++- :meth:`~TarFile.addfile` will fail. ++- :meth:`~TarFile.list` will print a placeholder string. ++ ++ ++.. versionchanged:: 3.6.16 ++ Added :meth:`~TarInfo.replace` and handling of ``None``. + + + .. class:: TarInfo(name="") +@@ -567,13 +683,24 @@ A ``TarInfo`` object has the following public data attributes: + + .. attribute:: TarInfo.mtime + +- Time of last modification. ++ Time of last modification in seconds since the :ref:`epoch `, ++ as in :attr:`os.stat_result.st_mtime`. + ++ .. versionchanged:: 3.6.16 ++ ++ Can be set to ``None`` for :meth:`~TarFile.extract` and ++ :meth:`~TarFile.extractall`, causing extraction to skip applying this ++ attribute. + + .. attribute:: TarInfo.mode + +- Permission bits. ++ Permission bits, as for :func:`os.chmod`. + ++ .. versionchanged:: 3.6.16 ++ ++ Can be set to ``None`` for :meth:`~TarFile.extract` and ++ :meth:`~TarFile.extractall`, causing extraction to skip applying this ++ attribute. + + .. attribute:: TarInfo.type + +@@ -594,26 +721,61 @@ A ``TarInfo`` object has the following public data attributes: + + User ID of the user who originally stored this member. + ++ .. versionchanged:: 3.6.16 ++ ++ Can be set to ``None`` for :meth:`~TarFile.extract` and ++ :meth:`~TarFile.extractall`, causing extraction to skip applying this ++ attribute. + + .. attribute:: TarInfo.gid + + Group ID of the user who originally stored this member. + ++ .. versionchanged:: 3.6.16 ++ ++ Can be set to ``None`` for :meth:`~TarFile.extract` and ++ :meth:`~TarFile.extractall`, causing extraction to skip applying this ++ attribute. + + .. attribute:: TarInfo.uname + + User name. + ++ .. versionchanged:: 3.6.16 ++ ++ Can be set to ``None`` for :meth:`~TarFile.extract` and ++ :meth:`~TarFile.extractall`, causing extraction to skip applying this ++ attribute. + + .. attribute:: TarInfo.gname + + Group name. + ++ .. versionchanged:: 3.6.16 ++ ++ Can be set to ``None`` for :meth:`~TarFile.extract` and ++ :meth:`~TarFile.extractall`, causing extraction to skip applying this ++ attribute. + + .. attribute:: TarInfo.pax_headers + + A dictionary containing key-value pairs of an associated pax extended header. + ++.. method:: TarInfo.replace(name=..., mtime=..., mode=..., linkname=..., ++ uid=..., gid=..., uname=..., gname=..., ++ deep=True) ++ ++ .. versionadded:: 3.6.16 ++ ++ Return a *new* copy of the :class:`!TarInfo` object with the given attributes ++ changed. For example, to return a ``TarInfo`` with the group name set to ++ ``'staff'``, use:: ++ ++ new_tarinfo = old_tarinfo.replace(gname='staff') ++ ++ By default, a deep copy is made. ++ If *deep* is false, the copy is shallow, i.e. ``pax_headers`` ++ and any custom attributes are shared with the original ``TarInfo`` object. + + A :class:`TarInfo` object also provides some convenient query methods: + +@@ -663,9 +825,259 @@ A :class:`TarInfo` object also provides some convenient query methods: + Return :const:`True` if it is one of character device, block device or FIFO. + + ++.. _tarfile-extraction-filter: ++ ++Extraction filters ++------------------ ++ ++.. versionadded:: 3.6.16 ++ ++The *tar* format is designed to capture all details of a UNIX-like filesystem, ++which makes it very powerful. ++Unfortunately, the features make it easy to create tar files that have ++unintended -- and possibly malicious -- effects when extracted. ++For example, extracting a tar file can overwrite arbitrary files in various ++ways (e.g. by using absolute paths, ``..`` path components, or symlinks that ++affect later members). ++ ++In most cases, the full functionality is not needed. ++Therefore, *tarfile* supports extraction filters: a mechanism to limit ++functionality, and thus mitigate some of the security issues. ++ ++.. seealso:: ++ ++ :pep:`706` ++ Contains further motivation and rationale behind the design. ++ ++The *filter* argument to :meth:`TarFile.extract` or :meth:`~TarFile.extractall` ++can be: ++ ++* the string ``'fully_trusted'``: Honor all metadata as specified in the ++ archive. ++ Should be used if the user trusts the archive completely, or implements ++ their own complex verification. ++ ++* the string ``'tar'``: Honor most *tar*-specific features (i.e. features of ++ UNIX-like filesystems), but block features that are very likely to be ++ surprising or malicious. See :func:`tar_filter` for details. ++ ++* the string ``'data'``: Ignore or block most features specific to UNIX-like ++ filesystems. Intended for extracting cross-platform data archives. ++ See :func:`data_filter` for details. ++ ++* ``None`` (default): Use :attr:`TarFile.extraction_filter`. ++ ++ If that is also ``None`` (the default), the ``'fully_trusted'`` ++ filter will be used (for compatibility with earlier versions of Python). ++ ++ In Python 3.12, the default will emit a ``DeprecationWarning``. ++ ++ In Python 3.14, the ``'data'`` filter will become the default instead. ++ It's possible to switch earlier; see :attr:`TarFile.extraction_filter`. ++ ++* A callable which will be called for each extracted member with a ++ :ref:`TarInfo ` describing the member and the destination ++ path to where the archive is extracted (i.e. the same path is used for all ++ members):: ++ ++ filter(/, member: TarInfo, path: str) -> TarInfo | None ++ ++ The callable is called just before each member is extracted, so it can ++ take the current state of the disk into account. ++ It can: ++ ++ - return a :class:`TarInfo` object which will be used instead of the metadata ++ in the archive, or ++ - return ``None``, in which case the member will be skipped, or ++ - raise an exception to abort the operation or skip the member, ++ depending on :attr:`~TarFile.errorlevel`. ++ Note that when extraction is aborted, :meth:`~TarFile.extractall` may leave ++ the archive partially extracted. It does not attempt to clean up. ++ ++Default named filters ++~~~~~~~~~~~~~~~~~~~~~ ++ ++The pre-defined, named filters are available as functions, so they can be ++reused in custom filters: ++ ++.. function:: fully_trusted_filter(/, member, path) ++ ++ Return *member* unchanged. ++ ++ This implements the ``'fully_trusted'`` filter. ++ ++.. function:: tar_filter(/, member, path) ++ ++ Implements the ``'tar'`` filter. ++ ++ - Strip leading slashes (``/`` and :attr:`os.sep`) from filenames. ++ - :ref:`Refuse ` to extract files with absolute ++ paths (in case the name is absolute ++ even after stripping slashes, e.g. ``C:/foo`` on Windows). ++ This raises :class:`~tarfile.AbsolutePathError`. ++ - :ref:`Refuse ` to extract files whose absolute ++ path (after following symlinks) would end up outside the destination. ++ This raises :class:`~tarfile.OutsideDestinationError`. ++ - Clear high mode bits (setuid, setgid, sticky) and group/other write bits ++ (:attr:`~stat.S_IWGRP`|:attr:`~stat.S_IWOTH`). ++ ++ Return the modified ``TarInfo`` member. ++ ++.. function:: data_filter(/, member, path) ++ ++ Implements the ``'data'`` filter. ++ In addition to what ``tar_filter`` does: ++ ++ - :ref:`Refuse ` to extract links (hard or soft) ++ that link to absolute paths, or ones that link outside the destination. ++ ++ This raises :class:`~tarfile.AbsoluteLinkError` or ++ :class:`~tarfile.LinkOutsideDestinationError`. ++ ++ Note that such files are refused even on platforms that do not support ++ symbolic links. ++ ++ - :ref:`Refuse ` to extract device files ++ (including pipes). ++ This raises :class:`~tarfile.SpecialFileError`. ++ ++ - For regular files, including hard links: ++ ++ - Set the owner read and write permissions ++ (:attr:`~stat.S_IRUSR`|:attr:`~stat.S_IWUSR`). ++ - Remove the group & other executable permission ++ (:attr:`~stat.S_IXGRP`|:attr:`~stat.S_IXOTH`) ++ if the owner doesn’t have it (:attr:`~stat.S_IXUSR`). ++ ++ - For other files (directories), set ``mode`` to ``None``, so ++ that extraction methods skip applying permission bits. ++ - Set user and group info (``uid``, ``gid``, ``uname``, ``gname``) ++ to ``None``, so that extraction methods skip setting it. ++ ++ Return the modified ``TarInfo`` member. ++ ++ ++.. _tarfile-extraction-refuse: ++ ++Filter errors ++~~~~~~~~~~~~~ ++ ++When a filter refuses to extract a file, it will raise an appropriate exception, ++a subclass of :class:`~tarfile.FilterError`. ++This will abort the extraction if :attr:`TarFile.errorlevel` is 1 or more. ++With ``errorlevel=0`` the error will be logged and the member will be skipped, ++but extraction will continue. ++ ++ ++Hints for further verification ++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ++ ++Even with ``filter='data'``, *tarfile* is not suited for extracting untrusted ++files without prior inspection. ++Among other issues, the pre-defined filters do not prevent denial-of-service ++attacks. Users should do additional checks. ++ ++Here is an incomplete list of things to consider: ++ ++* Extract to a :func:`new temporary directory ` ++ to prevent e.g. exploiting pre-existing links, and to make it easier to ++ clean up after a failed extraction. ++* When working with untrusted data, use external (e.g. OS-level) limits on ++ disk, memory and CPU usage. ++* Check filenames against an allow-list of characters ++ (to filter out control characters, confusables, foreign path separators, ++ etc.). ++* Check that filenames have expected extensions (discouraging files that ++ execute when you “click on them”, or extension-less files like Windows special device names). ++* Limit the number of extracted files, total size of extracted data, ++ filename length (including symlink length), and size of individual files. ++* Check for files that would be shadowed on case-insensitive filesystems. ++ ++Also note that: ++ ++* Tar files may contain multiple versions of the same file. ++ Later ones are expected to overwrite any earlier ones. ++ This feature is crucial to allow updating tape archives, but can be abused ++ maliciously. ++* *tarfile* does not protect against issues with “live” data, ++ e.g. an attacker tinkering with the destination (or source) directory while ++ extraction (or archiving) is in progress. ++ ++ ++Supporting older Python versions ++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ++ ++Extraction filters were added to Python 3.12, and are backported to older ++versions as security updates. ++To check whether the feature is available, use e.g. ++``hasattr(tarfile, 'data_filter')`` rather than checking the Python version. ++ ++The following examples show how to support Python versions with and without ++the feature. ++Note that setting ``extraction_filter`` will affect any subsequent operations. ++ ++* Fully trusted archive:: ++ ++ my_tarfile.extraction_filter = (lambda member, path: member) ++ my_tarfile.extractall() ++ ++* Use the ``'data'`` filter if available, but revert to Python 3.11 behavior ++ (``'fully_trusted'``) if this feature is not available:: ++ ++ my_tarfile.extraction_filter = getattr(tarfile, 'data_filter', ++ (lambda member, path: member)) ++ my_tarfile.extractall() ++ ++* Use the ``'data'`` filter; *fail* if it is not available:: ++ ++ my_tarfile.extractall(filter=tarfile.data_filter) ++ ++ or:: ++ ++ my_tarfile.extraction_filter = tarfile.data_filter ++ my_tarfile.extractall() ++ ++* Use the ``'data'`` filter; *warn* if it is not available:: ++ ++ if hasattr(tarfile, 'data_filter'): ++ my_tarfile.extractall(filter='data') ++ else: ++ # remove this when no longer needed ++ warn_the_user('Extracting may be unsafe; consider updating Python') ++ my_tarfile.extractall() ++ ++ ++Stateful extraction filter example ++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ++ ++While *tarfile*'s extraction methods take a simple *filter* callable, ++custom filters may be more complex objects with an internal state. ++It may be useful to write these as context managers, to be used like this:: ++ ++ with StatefulFilter() as filter_func: ++ tar.extractall(path, filter=filter_func) ++ ++Such a filter can be written as, for example:: ++ ++ class StatefulFilter: ++ def __init__(self): ++ self.file_count = 0 ++ ++ def __enter__(self): ++ return self ++ ++ def __call__(self, member, path): ++ self.file_count += 1 ++ return member ++ ++ def __exit__(self, *exc_info): ++ print(f'{self.file_count} files extracted') ++ ++ + .. _tarfile-commandline: + .. program:: tarfile + ++ + Command-Line Interface + ---------------------- + +@@ -735,6 +1147,15 @@ Command-line options + + Verbose output. + ++.. cmdoption:: --filter ++ ++ Specifies the *filter* for ``--extract``. ++ See :ref:`tarfile-extraction-filter` for details. ++ Only string names are accepted (that is, ``fully_trusted``, ``tar``, ++ and ``data``). ++ ++ .. versionadded:: 3.6.16 ++ + .. _tar-examples: + + Examples +diff --git a/Doc/whatsnew/3.6.rst b/Doc/whatsnew/3.6.rst +index 19811f4a81..7b018dfed7 100644 +--- a/Doc/whatsnew/3.6.rst ++++ b/Doc/whatsnew/3.6.rst +@@ -2489,7 +2489,6 @@ URL by the parser :func:`urllib.parse` preventing such attacks. The removal + characters are controlled by a new module level variable + ``urllib.parse._UNSAFE_URL_BYTES_TO_REMOVE``. (See :issue:`43882`) + +- + Notable security feature in 3.6.15-13 + ===================================== + +@@ -2503,3 +2502,19 @@ This limit can be configured or disabled by environment variable, command + line flag, or :mod:`sys` APIs. See the :ref:`integer string conversion + length limitation ` documentation. The default limit + is 4300 digits in string form. ++ ++Notable Changes in a backport ++============================= ++ ++tarfile ++------- ++ ++* The extraction methods in :mod:`tarfile`, and :func:`shutil.unpack_archive`, ++ have a new a *filter* argument that allows limiting tar features than may be ++ surprising or dangerous, such as creating files outside the destination ++ directory. ++ See :ref:`tarfile-extraction-filter` for details. ++ In Python 3.12, use without the *filter* argument will show a ++ :exc:`DeprecationWarning`. ++ In Python 3.14, the default will switch to ``'data'``. ++ (Contributed by Petr Viktorin in :pep:`706`.) +diff --git a/Lib/shutil.py b/Lib/shutil.py +index dd12448454..d687de1bbf 100644 +--- a/Lib/shutil.py ++++ b/Lib/shutil.py +@@ -908,7 +908,7 @@ def _unpack_zipfile(filename, extract_dir): + finally: + zip.close() + +-def _unpack_tarfile(filename, extract_dir): ++def _unpack_tarfile(filename, extract_dir, *, filter=None): + """Unpack tar/tar.gz/tar.bz2/tar.xz `filename` to `extract_dir` + """ + import tarfile # late import for breaking circular dependency +@@ -918,7 +918,7 @@ def _unpack_tarfile(filename, extract_dir): + raise ReadError( + "%s is not a compressed or uncompressed tar file" % filename) + try: +- tarobj.extractall(extract_dir) ++ tarobj.extractall(extract_dir, filter=filter) + finally: + tarobj.close() + +@@ -946,7 +946,7 @@ def _find_unpack_format(filename): + return name + return None + +-def unpack_archive(filename, extract_dir=None, format=None): ++def unpack_archive(filename, extract_dir=None, format=None, *, filter=None): + """Unpack an archive. + + `filename` is the name of the archive. +@@ -960,10 +960,19 @@ def unpack_archive(filename, extract_dir=None, format=None): + was registered for that extension. + + In case none is found, a ValueError is raised. ++ ++ If `filter` is given, it is passed to the underlying ++ extraction function. + """ + if extract_dir is None: + extract_dir = os.getcwd() + ++ ++ if filter is None: ++ filter_kwargs = {} ++ else: ++ filter_kwargs = {'filter': filter} ++ + if format is not None: + try: + format_info = _UNPACK_FORMATS[format] +@@ -971,7 +980,7 @@ def unpack_archive(filename, extract_dir=None, format=None): + raise ValueError("Unknown unpack format '{0}'".format(format)) + + func = format_info[1] +- func(filename, extract_dir, **dict(format_info[2])) ++ func(filename, extract_dir, **dict(format_info[2]), **filter_kwargs) + else: + # we need to look at the registered unpackers supported extensions + format = _find_unpack_format(filename) +@@ -980,6 +989,7 @@ def unpack_archive(filename, extract_dir=None, format=None): + + func = _UNPACK_FORMATS[format][1] + kwargs = dict(_UNPACK_FORMATS[format][2]) ++ kwargs.update(filter_kwargs) + func(filename, extract_dir, **kwargs) + + +diff --git a/Lib/tarfile.py b/Lib/tarfile.py +index 2ea47978ff..c18590325a 100755 +--- a/Lib/tarfile.py ++++ b/Lib/tarfile.py +@@ -48,6 +48,7 @@ import time + import struct + import copy + import re ++import warnings + + try: + import pwd +@@ -73,6 +74,7 @@ __all__ = ["TarFile", "TarInfo", "is_tarfile", "TarError", "ReadError", + "ENCODING", "USTAR_FORMAT", "GNU_FORMAT", "PAX_FORMAT", + "DEFAULT_FORMAT", "open"] + ++ + #--------------------------------------------------------- + # tar constants + #--------------------------------------------------------- +@@ -160,6 +162,8 @@ else: + def stn(s, length, encoding, errors): + """Convert a string to a null-terminated bytes object. + """ ++ if s is None: ++ raise ValueError("metadata cannot contain None") + s = s.encode(encoding, errors) + return s[:length] + (length - len(s)) * NUL + +@@ -721,9 +725,127 @@ class ExFileObject(io.BufferedReader): + super().__init__(fileobj) + #class ExFileObject + ++ ++#----------------------------- ++# extraction filters (PEP 706) ++#----------------------------- ++ ++class FilterError(TarError): ++ pass ++ ++class AbsolutePathError(FilterError): ++ def __init__(self, tarinfo): ++ self.tarinfo = tarinfo ++ super().__init__(f'member {tarinfo.name!r} has an absolute path') ++ ++class OutsideDestinationError(FilterError): ++ def __init__(self, tarinfo, path): ++ self.tarinfo = tarinfo ++ self._path = path ++ super().__init__(f'{tarinfo.name!r} would be extracted to {path!r}, ' ++ + 'which is outside the destination') ++ ++class SpecialFileError(FilterError): ++ def __init__(self, tarinfo): ++ self.tarinfo = tarinfo ++ super().__init__(f'{tarinfo.name!r} is a special file') ++ ++class AbsoluteLinkError(FilterError): ++ def __init__(self, tarinfo): ++ self.tarinfo = tarinfo ++ super().__init__(f'{tarinfo.name!r} is a symlink to an absolute path') ++ ++class LinkOutsideDestinationError(FilterError): ++ def __init__(self, tarinfo, path): ++ self.tarinfo = tarinfo ++ self._path = path ++ super().__init__(f'{tarinfo.name!r} would link to {path!r}, ' ++ + 'which is outside the destination') ++ ++def _get_filtered_attrs(member, dest_path, for_data=True): ++ new_attrs = {} ++ name = member.name ++ dest_path = os.path.realpath(dest_path) ++ # Strip leading / (tar's directory separator) from filenames. ++ # Include os.sep (target OS directory separator) as well. ++ if name.startswith(('/', os.sep)): ++ name = new_attrs['name'] = member.path.lstrip('/' + os.sep) ++ if os.path.isabs(name): ++ # Path is absolute even after stripping. ++ # For example, 'C:/foo' on Windows. ++ raise AbsolutePathError(member) ++ # Ensure we stay in the destination ++ target_path = os.path.realpath(os.path.join(dest_path, name)) ++ if os.path.commonpath([target_path, dest_path]) != dest_path: ++ raise OutsideDestinationError(member, target_path) ++ # Limit permissions (no high bits, and go-w) ++ mode = member.mode ++ if mode is not None: ++ # Strip high bits & group/other write bits ++ mode = mode & 0o755 ++ if for_data: ++ # For data, handle permissions & file types ++ if member.isreg() or member.islnk(): ++ if not mode & 0o100: ++ # Clear executable bits if not executable by user ++ mode &= ~0o111 ++ # Ensure owner can read & write ++ mode |= 0o600 ++ elif member.isdir() or member.issym(): ++ # Ignore mode for directories & symlinks ++ mode = None ++ else: ++ # Reject special files ++ raise SpecialFileError(member) ++ if mode != member.mode: ++ new_attrs['mode'] = mode ++ if for_data: ++ # Ignore ownership for 'data' ++ if member.uid is not None: ++ new_attrs['uid'] = None ++ if member.gid is not None: ++ new_attrs['gid'] = None ++ if member.uname is not None: ++ new_attrs['uname'] = None ++ if member.gname is not None: ++ new_attrs['gname'] = None ++ # Check link destination for 'data' ++ if member.islnk() or member.issym(): ++ if os.path.isabs(member.linkname): ++ raise AbsoluteLinkError(member) ++ target_path = os.path.realpath(os.path.join(dest_path, member.linkname)) ++ if os.path.commonpath([target_path, dest_path]) != dest_path: ++ raise LinkOutsideDestinationError(member, target_path) ++ return new_attrs ++ ++def fully_trusted_filter(member, dest_path): ++ return member ++ ++def tar_filter(member, dest_path): ++ new_attrs = _get_filtered_attrs(member, dest_path, False) ++ if new_attrs: ++ return member.replace(**new_attrs, deep=False) ++ return member ++ ++def data_filter(member, dest_path): ++ new_attrs = _get_filtered_attrs(member, dest_path, True) ++ if new_attrs: ++ return member.replace(**new_attrs, deep=False) ++ return member ++ ++_NAMED_FILTERS = { ++ "fully_trusted": fully_trusted_filter, ++ "tar": tar_filter, ++ "data": data_filter, ++} ++ + #------------------ + # Exported Classes + #------------------ ++ ++# Sentinel for replace() defaults, meaning "don't change the attribute" ++_KEEP = object() ++ + class TarInfo(object): + """Informational class which holds the details about an + archive member given by a tar header block. +@@ -779,12 +901,44 @@ class TarInfo(object): + def __repr__(self): + return "<%s %r at %#x>" % (self.__class__.__name__,self.name,id(self)) + ++ def replace(self, *, ++ name=_KEEP, mtime=_KEEP, mode=_KEEP, linkname=_KEEP, ++ uid=_KEEP, gid=_KEEP, uname=_KEEP, gname=_KEEP, ++ deep=True, _KEEP=_KEEP): ++ """Return a deep copy of self with the given attributes replaced. ++ """ ++ if deep: ++ result = copy.deepcopy(self) ++ else: ++ result = copy.copy(self) ++ if name is not _KEEP: ++ result.name = name ++ if mtime is not _KEEP: ++ result.mtime = mtime ++ if mode is not _KEEP: ++ result.mode = mode ++ if linkname is not _KEEP: ++ result.linkname = linkname ++ if uid is not _KEEP: ++ result.uid = uid ++ if gid is not _KEEP: ++ result.gid = gid ++ if uname is not _KEEP: ++ result.uname = uname ++ if gname is not _KEEP: ++ result.gname = gname ++ return result ++ + def get_info(self): + """Return the TarInfo's attributes as a dictionary. + """ ++ if self.mode is None: ++ mode = None ++ else: ++ mode = self.mode & 0o7777 + info = { + "name": self.name, +- "mode": self.mode & 0o7777, ++ "mode": mode, + "uid": self.uid, + "gid": self.gid, + "size": self.size, +@@ -807,6 +961,9 @@ class TarInfo(object): + """Return a tar header as a string of 512 byte blocks. + """ + info = self.get_info() ++ for name, value in info.items(): ++ if value is None: ++ raise ValueError("%s may not be None" % name) + + if format == USTAR_FORMAT: + return self.create_ustar_header(info, encoding, errors) +@@ -920,6 +1077,20 @@ class TarInfo(object): + """Return a header block. info is a dictionary with file + information, format must be one of the *_FORMAT constants. + """ ++ has_device_fields = info.get("type") in (CHRTYPE, BLKTYPE) ++ if has_device_fields: ++ devmajor = itn(info.get("devmajor", 0), 8, format) ++ devminor = itn(info.get("devminor", 0), 8, format) ++ else: ++ devmajor = stn("", 8, encoding, errors) ++ devminor = stn("", 8, encoding, errors) ++ ++ # None values in metadata should cause ValueError. ++ # itn()/stn() do this for all fields except type. ++ filetype = info.get("type", REGTYPE) ++ if filetype is None: ++ raise ValueError("TarInfo.type must not be None") ++ + parts = [ + stn(info.get("name", ""), 100, encoding, errors), + itn(info.get("mode", 0) & 0o7777, 8, format), +@@ -928,7 +1099,7 @@ class TarInfo(object): + itn(info.get("size", 0), 12, format), + itn(info.get("mtime", 0), 12, format), + b" ", # checksum field +- info.get("type", REGTYPE), ++ filetype, + stn(info.get("linkname", ""), 100, encoding, errors), + info.get("magic", POSIX_MAGIC), + stn(info.get("uname", ""), 32, encoding, errors), +@@ -1410,6 +1581,8 @@ class TarFile(object): + + fileobject = ExFileObject # The file-object for extractfile(). + ++ extraction_filter = None # The default filter for extraction. ++ + def __init__(self, name=None, mode="r", fileobj=None, format=None, + tarinfo=None, dereference=None, ignore_zeros=None, encoding=None, + errors="surrogateescape", pax_headers=None, debug=None, +@@ -1882,7 +2055,10 @@ class TarFile(object): + members = self + for tarinfo in members: + if verbose: +- _safe_print(stat.filemode(tarinfo.mode)) ++ if tarinfo.mode is None: ++ _safe_print("??????????") ++ else: ++ _safe_print(stat.filemode(tarinfo.mode)) + _safe_print("%s/%s" % (tarinfo.uname or tarinfo.uid, + tarinfo.gname or tarinfo.gid)) + if tarinfo.ischr() or tarinfo.isblk(): +@@ -1890,8 +2066,11 @@ class TarFile(object): + ("%d,%d" % (tarinfo.devmajor, tarinfo.devminor))) + else: + _safe_print("%10d" % tarinfo.size) +- _safe_print("%d-%02d-%02d %02d:%02d:%02d" \ +- % time.localtime(tarinfo.mtime)[:6]) ++ if tarinfo.mtime is None: ++ _safe_print("????-??-?? ??:??:??") ++ else: ++ _safe_print("%d-%02d-%02d %02d:%02d:%02d" \ ++ % time.localtime(tarinfo.mtime)[:6]) + + _safe_print(tarinfo.name + ("/" if tarinfo.isdir() else "")) + +@@ -1988,32 +2167,58 @@ class TarFile(object): + + self.members.append(tarinfo) + +- def extractall(self, path=".", members=None, *, numeric_owner=False): ++ def _get_filter_function(self, filter): ++ if filter is None: ++ filter = self.extraction_filter ++ if filter is None: ++ return fully_trusted_filter ++ if isinstance(filter, str): ++ raise TypeError( ++ 'String names are not supported for ' ++ + 'TarFile.extraction_filter. Use a function such as ' ++ + 'tarfile.data_filter directly.') ++ return filter ++ if callable(filter): ++ return filter ++ try: ++ return _NAMED_FILTERS[filter] ++ except KeyError: ++ raise ValueError(f"filter {filter!r} not found") from None ++ ++ def extractall(self, path=".", members=None, *, numeric_owner=False, ++ filter=None): + """Extract all members from the archive to the current working + directory and set owner, modification time and permissions on + directories afterwards. `path' specifies a different directory + to extract to. `members' is optional and must be a subset of the + list returned by getmembers(). If `numeric_owner` is True, only + the numbers for user/group names are used and not the names. ++ ++ The `filter` function will be called on each member just ++ before extraction. ++ It can return a changed TarInfo or None to skip the member. ++ String names of common filters are accepted. + """ + directories = [] + ++ filter_function = self._get_filter_function(filter) + if members is None: + members = self + +- for tarinfo in members: ++ for member in members: ++ tarinfo = self._get_extract_tarinfo(member, filter_function, path) ++ if tarinfo is None: ++ continue + if tarinfo.isdir(): +- # Extract directories with a safe mode. ++ # For directories, delay setting attributes until later, ++ # since permissions can interfere with extraction and ++ # extracting contents can reset mtime. + directories.append(tarinfo) +- tarinfo = copy.copy(tarinfo) +- tarinfo.mode = 0o700 +- # Do not set_attrs directories, as we will do that further down +- self.extract(tarinfo, path, set_attrs=not tarinfo.isdir(), +- numeric_owner=numeric_owner) ++ self._extract_one(tarinfo, path, set_attrs=not tarinfo.isdir(), ++ numeric_owner=numeric_owner) + + # Reverse sort directories. +- directories.sort(key=lambda a: a.name) +- directories.reverse() ++ directories.sort(key=lambda a: a.name, reverse=True) + + # Set correct owner, mtime and filemode on directories. + for tarinfo in directories: +@@ -2023,12 +2228,10 @@ class TarFile(object): + self.utime(tarinfo, dirpath) + self.chmod(tarinfo, dirpath) + except ExtractError as e: +- if self.errorlevel > 1: +- raise +- else: +- self._dbg(1, "tarfile: %s" % e) ++ self._handle_nonfatal_error(e) + +- def extract(self, member, path="", set_attrs=True, *, numeric_owner=False): ++ def extract(self, member, path="", set_attrs=True, *, numeric_owner=False, ++ filter=None): + """Extract a member from the archive to the current working directory, + using its full name. Its file information is extracted as accurately + as possible. `member' may be a filename or a TarInfo object. You can +@@ -2036,35 +2239,70 @@ class TarFile(object): + mtime, mode) are set unless `set_attrs' is False. If `numeric_owner` + is True, only the numbers for user/group names are used and not + the names. ++ ++ The `filter` function will be called before extraction. ++ It can return a changed TarInfo or None to skip the member. ++ String names of common filters are accepted. + """ +- self._check("r") ++ filter_function = self._get_filter_function(filter) ++ tarinfo = self._get_extract_tarinfo(member, filter_function, path) ++ if tarinfo is not None: ++ self._extract_one(tarinfo, path, set_attrs, numeric_owner) + ++ def _get_extract_tarinfo(self, member, filter_function, path): ++ """Get filtered TarInfo (or None) from member, which might be a str""" + if isinstance(member, str): + tarinfo = self.getmember(member) + else: + tarinfo = member + ++ unfiltered = tarinfo ++ try: ++ tarinfo = filter_function(tarinfo, path) ++ except (OSError, FilterError) as e: ++ self._handle_fatal_error(e) ++ except ExtractError as e: ++ self._handle_nonfatal_error(e) ++ if tarinfo is None: ++ self._dbg(2, "tarfile: Excluded %r" % unfiltered.name) ++ return None + # Prepare the link target for makelink(). + if tarinfo.islnk(): ++ tarinfo = copy.copy(tarinfo) + tarinfo._link_target = os.path.join(path, tarinfo.linkname) ++ return tarinfo ++ ++ def _extract_one(self, tarinfo, path, set_attrs, numeric_owner): ++ """Extract from filtered tarinfo to disk""" ++ self._check("r") + + try: + self._extract_member(tarinfo, os.path.join(path, tarinfo.name), + set_attrs=set_attrs, + numeric_owner=numeric_owner) + except OSError as e: +- if self.errorlevel > 0: +- raise +- else: +- if e.filename is None: +- self._dbg(1, "tarfile: %s" % e.strerror) +- else: +- self._dbg(1, "tarfile: %s %r" % (e.strerror, e.filename)) ++ self._handle_fatal_error(e) + except ExtractError as e: +- if self.errorlevel > 1: +- raise ++ self._handle_nonfatal_error(e) ++ ++ def _handle_nonfatal_error(self, e): ++ """Handle non-fatal error (ExtractError) according to errorlevel""" ++ if self.errorlevel > 1: ++ raise ++ else: ++ self._dbg(1, "tarfile: %s" % e) ++ ++ def _handle_fatal_error(self, e): ++ """Handle "fatal" error according to self.errorlevel""" ++ if self.errorlevel > 0: ++ raise ++ elif isinstance(e, OSError): ++ if e.filename is None: ++ self._dbg(1, "tarfile: %s" % e.strerror) + else: +- self._dbg(1, "tarfile: %s" % e) ++ self._dbg(1, "tarfile: %s %r" % (e.strerror, e.filename)) ++ else: ++ self._dbg(1, "tarfile: %s %s" % (type(e).__name__, e)) + + def extractfile(self, member): + """Extract a member from the archive as a file object. `member' may be +@@ -2150,9 +2388,13 @@ class TarFile(object): + """Make a directory called targetpath. + """ + try: +- # Use a safe mode for the directory, the real mode is set +- # later in _extract_member(). +- os.mkdir(targetpath, 0o700) ++ if tarinfo.mode is None: ++ # Use the system's default mode ++ os.mkdir(targetpath) ++ else: ++ # Use a safe mode for the directory, the real mode is set ++ # later in _extract_member(). ++ os.mkdir(targetpath, 0o700) + except FileExistsError: + pass + +@@ -2195,6 +2437,9 @@ class TarFile(object): + raise ExtractError("special devices not supported by system") + + mode = tarinfo.mode ++ if mode is None: ++ # Use mknod's default ++ mode = 0o600 + if tarinfo.isblk(): + mode |= stat.S_IFBLK + else: +@@ -2213,7 +2458,6 @@ class TarFile(object): + if tarinfo.issym(): + os.symlink(tarinfo.linkname, targetpath) + else: +- # See extract(). + if os.path.exists(tarinfo._link_target): + os.link(tarinfo._link_target, targetpath) + else: +@@ -2238,15 +2482,19 @@ class TarFile(object): + u = tarinfo.uid + if not numeric_owner: + try: +- if grp: ++ if grp and tarinfo.gname: + g = grp.getgrnam(tarinfo.gname)[2] + except KeyError: + pass + try: +- if pwd: ++ if pwd and tarinfo.uname: + u = pwd.getpwnam(tarinfo.uname)[2] + except KeyError: + pass ++ if g is None: ++ g = -1 ++ if u is None: ++ u = -1 + try: + if tarinfo.issym() and hasattr(os, "lchown"): + os.lchown(targetpath, u, g) +@@ -2258,6 +2506,8 @@ class TarFile(object): + def chmod(self, tarinfo, targetpath): + """Set file permissions of targetpath according to tarinfo. + """ ++ if tarinfo.mode is None: ++ return + if hasattr(os, 'chmod'): + try: + os.chmod(targetpath, tarinfo.mode) +@@ -2267,10 +2517,13 @@ class TarFile(object): + def utime(self, tarinfo, targetpath): + """Set modification time of targetpath according to tarinfo. + """ ++ mtime = tarinfo.mtime ++ if mtime is None: ++ return + if not hasattr(os, 'utime'): + return + try: +- os.utime(targetpath, (tarinfo.mtime, tarinfo.mtime)) ++ os.utime(targetpath, (mtime, mtime)) + except OSError: + raise ExtractError("could not change modification time") + +@@ -2337,13 +2590,26 @@ class TarFile(object): + members = self.getmembers() + + # Limit the member search list up to tarinfo. ++ skipping = False + if tarinfo is not None: +- members = members[:members.index(tarinfo)] ++ try: ++ index = members.index(tarinfo) ++ except ValueError: ++ # The given starting point might be a (modified) copy. ++ # We'll later skip members until we find an equivalent. ++ skipping = True ++ else: ++ # Happy fast path ++ members = members[:index] + + if normalize: + name = os.path.normpath(name) + + for member in reversed(members): ++ if skipping: ++ if tarinfo.offset == member.offset: ++ skipping = False ++ continue + if normalize: + member_name = os.path.normpath(member.name) + else: +@@ -2352,6 +2618,10 @@ class TarFile(object): + if name == member_name: + return member + ++ if skipping: ++ # Starting point was not found ++ raise ValueError(tarinfo) ++ + def _load(self): + """Read through the entire archive file and look for readable + members. +@@ -2444,6 +2714,7 @@ class TarFile(object): + #-------------------- + # exported functions + #-------------------- ++ + def is_tarfile(name): + """Return True if name points to a tar archive that we + are able to handle, else return False. +@@ -2465,6 +2736,10 @@ def main(): + parser = argparse.ArgumentParser(description=description) + parser.add_argument('-v', '--verbose', action='store_true', default=False, + help='Verbose output') ++ parser.add_argument('--filter', metavar='', ++ choices=_NAMED_FILTERS, ++ help='Filter for extraction') ++ + group = parser.add_mutually_exclusive_group() + group.add_argument('-l', '--list', metavar='', + help='Show listing of a tarfile') +@@ -2476,8 +2751,12 @@ def main(): + help='Create tarfile from sources') + group.add_argument('-t', '--test', metavar='', + help='Test if a tarfile is valid') ++ + args = parser.parse_args() + ++ if args.filter and not args.extract: ++ parser.exit(1, '--filter is only valid for extraction\n') ++ + if args.test: + src = args.test + if is_tarfile(src): +@@ -2508,7 +2787,7 @@ def main(): + + if is_tarfile(src): + with TarFile.open(src, 'r:*') as tf: +- tf.extractall(path=curdir) ++ tf.extractall(path=curdir, filter=args.filter) + if args.verbose: + if curdir == '.': + msg = '{!r} file is extracted.'.format(src) +diff --git a/Lib/test/support/__init__.py b/Lib/test/support/__init__.py +index 9ca9ae79e6..da1f2ee719 100644 +--- a/Lib/test/support/__init__.py ++++ b/Lib/test/support/__init__.py +@@ -1244,6 +1244,30 @@ def check_warnings(*filters, **kwargs): + return _filterwarnings(filters, quiet) + + ++@contextlib.contextmanager ++def check_no_warnings(testcase, message='', category=Warning, force_gc=False): ++ """Context manager to check that no warnings are emitted. ++ ++ This context manager enables a given warning within its scope ++ and checks that no warnings are emitted even with that warning ++ enabled. ++ ++ If force_gc is True, a garbage collection is attempted before checking ++ for warnings. This may help to catch warnings emitted when objects ++ are deleted, such as ResourceWarning. ++ ++ Other keyword arguments are passed to warnings.filterwarnings(). ++ """ ++ with warnings.catch_warnings(record=True) as warns: ++ warnings.filterwarnings('always', ++ message=message, ++ category=category) ++ yield ++ if force_gc: ++ gc_collect() ++ testcase.assertEqual(warns, []) ++ ++ + @contextlib.contextmanager + def check_no_resource_warning(testcase): + """Context manager to check that no ResourceWarning is emitted. +diff --git a/Lib/test/test_shutil.py b/Lib/test/test_shutil.py +index 81457c8f09..77101251ac 100644 +--- a/Lib/test/test_shutil.py ++++ b/Lib/test/test_shutil.py +@@ -1234,12 +1234,16 @@ class TestShutil(unittest.TestCase): + formats = [name for name, params in get_archive_formats()] + self.assertNotIn('xxx', formats) + +- def check_unpack_archive(self, format): +- self.check_unpack_archive_with_converter(format, lambda path: path) +- self.check_unpack_archive_with_converter(format, pathlib.Path) +- self.check_unpack_archive_with_converter(format, FakePath) ++ ### shutil.unpack_archive + +- def check_unpack_archive_with_converter(self, format, converter): ++ def check_unpack_archive(self, format, **kwargs): ++ self.check_unpack_archive_with_converter( ++ format, lambda path: path, **kwargs) ++ self.check_unpack_archive_with_converter( ++ format, pathlib.Path, **kwargs) ++ self.check_unpack_archive_with_converter(format, FakePath, **kwargs) ++ ++ def check_unpack_archive_with_converter(self, format, converter, **kwargs): + root_dir, base_dir = self._create_files() + expected = rlistdir(root_dir) + expected.remove('outer') +@@ -1249,35 +1253,45 @@ class TestShutil(unittest.TestCase): + + # let's try to unpack it now + tmpdir2 = self.mkdtemp() +- unpack_archive(filename, tmpdir2) ++ unpack_archive(filename, tmpdir2, **kwargs) + self.assertEqual(rlistdir(tmpdir2), expected) + + # and again, this time with the format specified + tmpdir3 = self.mkdtemp() +- unpack_archive(filename, tmpdir3, format=format) ++ unpack_archive(filename, tmpdir3, format=format, **kwargs) + self.assertEqual(rlistdir(tmpdir3), expected) + +- self.assertRaises(shutil.ReadError, unpack_archive, TESTFN) +- self.assertRaises(ValueError, unpack_archive, TESTFN, format='xxx') ++ with self.assertRaises(shutil.ReadError): ++ unpack_archive(TESTFN, **kwargs) ++ with self.assertRaises(ValueError): ++ unpack_archive(TESTFN, format='xxx', **kwargs) ++ ++ def check_unpack_tarball(self, format): ++ self.check_unpack_archive(format, filter='fully_trusted') ++ self.check_unpack_archive(format, filter='data') ++ with support.check_no_warnings(self): ++ self.check_unpack_archive(format) + + def test_unpack_archive_tar(self): +- self.check_unpack_archive('tar') ++ self.check_unpack_tarball('tar') + + @support.requires_zlib + def test_unpack_archive_gztar(self): +- self.check_unpack_archive('gztar') ++ self.check_unpack_tarball('gztar') + + @support.requires_bz2 + def test_unpack_archive_bztar(self): +- self.check_unpack_archive('bztar') ++ self.check_unpack_tarball('bztar') + + @support.requires_lzma + def test_unpack_archive_xztar(self): +- self.check_unpack_archive('xztar') ++ self.check_unpack_tarball('xztar') + + @support.requires_zlib + def test_unpack_archive_zip(self): + self.check_unpack_archive('zip') ++ with self.assertRaises(TypeError): ++ self.check_unpack_archive('zip', filter='data') + + def test_unpack_registry(self): + +diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py +index 8e0b275972..f261048615 100644 +--- a/Lib/test/test_tarfile.py ++++ b/Lib/test/test_tarfile.py +@@ -5,6 +5,10 @@ from hashlib import md5 + from contextlib import contextmanager + from random import Random + import pathlib ++import shutil ++import re ++import warnings ++import stat + + import unittest + import unittest.mock +@@ -2191,7 +2195,12 @@ class MiscTest(unittest.TestCase): + 'EmptyHeaderError', 'TruncatedHeaderError', + 'EOFHeaderError', 'InvalidHeaderError', + 'SubsequentHeaderError', 'ExFileObject', +- 'main'} ++ 'main', ++ 'fully_trusted_filter', 'data_filter', ++ 'tar_filter', 'FilterError', 'AbsoluteLinkError', ++ 'OutsideDestinationError', 'SpecialFileError', ++ 'AbsolutePathError', 'LinkOutsideDestinationError', ++ } + support.check__all__(self, tarfile, blacklist=blacklist) + + +@@ -2214,6 +2223,15 @@ class CommandLineTest(unittest.TestCase): + for tardata in files: + tf.add(tardata, arcname=os.path.basename(tardata)) + ++ def make_evil_tarfile(self, tar_name): ++ files = [support.findfile('tokenize_tests.txt')] ++ self.addCleanup(support.unlink, tar_name) ++ with tarfile.open(tar_name, 'w') as tf: ++ benign = tarfile.TarInfo('benign') ++ tf.addfile(benign, fileobj=io.BytesIO(b'')) ++ evil = tarfile.TarInfo('../evil') ++ tf.addfile(evil, fileobj=io.BytesIO(b'')) ++ + def test_test_command(self): + for tar_name in testtarnames: + for opt in '-t', '--test': +@@ -2357,6 +2375,25 @@ class CommandLineTest(unittest.TestCase): + finally: + support.rmtree(tarextdir) + ++ def test_extract_command_filter(self): ++ self.make_evil_tarfile(tmpname) ++ # Make an inner directory, so the member named '../evil' ++ # is still extracted into `tarextdir` ++ destdir = os.path.join(tarextdir, 'dest') ++ os.mkdir(tarextdir) ++ try: ++ with support.temp_cwd(destdir): ++ self.tarfilecmd_failure('-e', tmpname, ++ '-v', ++ '--filter', 'data') ++ out = self.tarfilecmd('-e', tmpname, ++ '-v', ++ '--filter', 'fully_trusted', ++ PYTHONIOENCODING='utf-8') ++ self.assertIn(b' file is extracted.', out) ++ finally: ++ support.rmtree(tarextdir) ++ + def test_extract_command_different_directory(self): + self.make_simple_tarfile(tmpname) + try: +@@ -2630,6 +2667,893 @@ class NumericOwnerTest(unittest.TestCase): + tarfl.extract, filename_1, TEMPDIR, False, True) + + ++class ReplaceTests(ReadTest, unittest.TestCase): ++ def test_replace_name(self): ++ member = self.tar.getmember('ustar/regtype') ++ replaced = member.replace(name='misc/other') ++ self.assertEqual(replaced.name, 'misc/other') ++ self.assertEqual(member.name, 'ustar/regtype') ++ self.assertEqual(self.tar.getmember('ustar/regtype').name, ++ 'ustar/regtype') ++ ++ def test_replace_deep(self): ++ member = self.tar.getmember('pax/regtype1') ++ replaced = member.replace() ++ replaced.pax_headers['gname'] = 'not-bar' ++ self.assertEqual(member.pax_headers['gname'], 'bar') ++ self.assertEqual( ++ self.tar.getmember('pax/regtype1').pax_headers['gname'], 'bar') ++ ++ def test_replace_shallow(self): ++ member = self.tar.getmember('pax/regtype1') ++ replaced = member.replace(deep=False) ++ replaced.pax_headers['gname'] = 'not-bar' ++ self.assertEqual(member.pax_headers['gname'], 'not-bar') ++ self.assertEqual( ++ self.tar.getmember('pax/regtype1').pax_headers['gname'], 'not-bar') ++ ++ def test_replace_all(self): ++ member = self.tar.getmember('ustar/regtype') ++ for attr_name in ('name', 'mtime', 'mode', 'linkname', ++ 'uid', 'gid', 'uname', 'gname'): ++ with self.subTest(attr_name=attr_name): ++ replaced = member.replace(**{attr_name: None}) ++ self.assertEqual(getattr(replaced, attr_name), None) ++ self.assertNotEqual(getattr(member, attr_name), None) ++ ++ def test_replace_internal(self): ++ member = self.tar.getmember('ustar/regtype') ++ with self.assertRaises(TypeError): ++ member.replace(offset=123456789) ++ ++ ++class NoneInfoExtractTests(ReadTest): ++ # These mainly check that all kinds of members are extracted successfully ++ # if some metadata is None. ++ # Some of the methods do additional spot checks. ++ ++ # We also test that the default filters can deal with None. ++ ++ extraction_filter = None ++ ++ @classmethod ++ def setUpClass(cls): ++ tar = tarfile.open(tarname, mode='r', encoding="iso8859-1") ++ cls.control_dir = pathlib.Path(TEMPDIR) / "extractall_ctrl" ++ tar.errorlevel = 0 ++ tar.extractall(cls.control_dir, filter=cls.extraction_filter) ++ tar.close() ++ cls.control_paths = set( ++ p.relative_to(cls.control_dir) ++ for p in pathlib.Path(cls.control_dir).glob('**/*')) ++ ++ @classmethod ++ def tearDownClass(cls): ++ shutil.rmtree(cls.control_dir) ++ ++ def check_files_present(self, directory): ++ got_paths = set( ++ p.relative_to(directory) ++ for p in pathlib.Path(directory).glob('**/*')) ++ self.assertEqual(self.control_paths, got_paths) ++ ++ @contextmanager ++ def extract_with_none(self, *attr_names): ++ DIR = pathlib.Path(TEMPDIR) / "extractall_none" ++ self.tar.errorlevel = 0 ++ for member in self.tar.getmembers(): ++ for attr_name in attr_names: ++ setattr(member, attr_name, None) ++ with support.temp_dir(DIR): ++ self.tar.extractall(DIR, filter='fully_trusted') ++ self.check_files_present(DIR) ++ yield DIR ++ ++ def test_extractall_none_mtime(self): ++ # mtimes of extracted files should be later than 'now' -- the mtime ++ # of a previously created directory. ++ now = pathlib.Path(TEMPDIR).stat().st_mtime ++ with self.extract_with_none('mtime') as DIR: ++ for path in pathlib.Path(DIR).glob('**/*'): ++ with self.subTest(path=path): ++ try: ++ mtime = path.stat().st_mtime ++ except OSError: ++ # Some systems can't stat symlinks, ignore those ++ if not path.is_symlink(): ++ raise ++ else: ++ self.assertGreaterEqual(path.stat().st_mtime, now) ++ ++ def test_extractall_none_mode(self): ++ # modes of directories and regular files should match the mode ++ # of a "normally" created directory or regular file ++ dir_mode = pathlib.Path(TEMPDIR).stat().st_mode ++ regular_file = pathlib.Path(TEMPDIR) / 'regular_file' ++ regular_file.write_text('') ++ regular_file_mode = regular_file.stat().st_mode ++ with self.extract_with_none('mode') as DIR: ++ for path in pathlib.Path(DIR).glob('**/*'): ++ with self.subTest(path=path): ++ if path.is_dir(): ++ self.assertEqual(path.stat().st_mode, dir_mode) ++ elif path.is_file(): ++ self.assertEqual(path.stat().st_mode, ++ regular_file_mode) ++ ++ def test_extractall_none_uid(self): ++ with self.extract_with_none('uid'): ++ pass ++ ++ def test_extractall_none_gid(self): ++ with self.extract_with_none('gid'): ++ pass ++ ++ def test_extractall_none_uname(self): ++ with self.extract_with_none('uname'): ++ pass ++ ++ def test_extractall_none_gname(self): ++ with self.extract_with_none('gname'): ++ pass ++ ++ def test_extractall_none_ownership(self): ++ with self.extract_with_none('uid', 'gid', 'uname', 'gname'): ++ pass ++ ++class NoneInfoExtractTests_Data(NoneInfoExtractTests, unittest.TestCase): ++ extraction_filter = 'data' ++ ++class NoneInfoExtractTests_FullyTrusted(NoneInfoExtractTests, ++ unittest.TestCase): ++ extraction_filter = 'fully_trusted' ++ ++class NoneInfoExtractTests_Tar(NoneInfoExtractTests, unittest.TestCase): ++ extraction_filter = 'tar' ++ ++class NoneInfoExtractTests_Default(NoneInfoExtractTests, ++ unittest.TestCase): ++ extraction_filter = None ++ ++class NoneInfoTests_Misc(unittest.TestCase): ++ def test_add(self): ++ # When addfile() encounters None metadata, it raises a ValueError ++ bio = io.BytesIO() ++ for tarformat in (tarfile.USTAR_FORMAT, tarfile.GNU_FORMAT, ++ tarfile.PAX_FORMAT): ++ with self.subTest(tarformat=tarformat): ++ tar = tarfile.open(fileobj=bio, mode='w', format=tarformat) ++ tarinfo = tar.gettarinfo(tarname) ++ try: ++ tar.addfile(tarinfo) ++ except Exception: ++ if tarformat == tarfile.USTAR_FORMAT: ++ # In the old, limited format, adding might fail for ++ # reasons like the UID being too large ++ pass ++ else: ++ raise ++ else: ++ for attr_name in ('mtime', 'mode', 'uid', 'gid', ++ 'uname', 'gname'): ++ with self.subTest(attr_name=attr_name): ++ replaced = tarinfo.replace(**{attr_name: None}) ++ with self.assertRaisesRegex(ValueError, ++ f"{attr_name}"): ++ tar.addfile(replaced) ++ ++ def test_list(self): ++ # Change some metadata to None, then compare list() output ++ # word-for-word. We want list() to not raise, and to only change ++ # printout for the affected piece of metadata. ++ # (n.b.: some contents of the test archive are hardcoded.) ++ for attr_names in ({'mtime'}, {'mode'}, {'uid'}, {'gid'}, ++ {'uname'}, {'gname'}, ++ {'uid', 'uname'}, {'gid', 'gname'}): ++ with self.subTest(attr_names=attr_names), \ ++ tarfile.open(tarname, encoding="iso8859-1") as tar: ++ tio_prev = io.TextIOWrapper(io.BytesIO(), 'ascii', newline='\n') ++ with support.swap_attr(sys, 'stdout', tio_prev): ++ tar.list() ++ for member in tar.getmembers(): ++ for attr_name in attr_names: ++ setattr(member, attr_name, None) ++ tio_new = io.TextIOWrapper(io.BytesIO(), 'ascii', newline='\n') ++ with support.swap_attr(sys, 'stdout', tio_new): ++ tar.list() ++ for expected, got in zip(tio_prev.detach().getvalue().split(), ++ tio_new.detach().getvalue().split()): ++ if attr_names == {'mtime'} and re.match(rb'2003-01-\d\d', expected): ++ self.assertEqual(got, b'????-??-??') ++ elif attr_names == {'mtime'} and re.match(rb'\d\d:\d\d:\d\d', expected): ++ self.assertEqual(got, b'??:??:??') ++ elif attr_names == {'mode'} and re.match( ++ rb'.([r-][w-][x-]){3}', expected): ++ self.assertEqual(got, b'??????????') ++ elif attr_names == {'uname'} and expected.startswith( ++ (b'tarfile/', b'lars/', b'foo/')): ++ exp_user, exp_group = expected.split(b'/') ++ got_user, got_group = got.split(b'/') ++ self.assertEqual(got_group, exp_group) ++ self.assertRegex(got_user, b'[0-9]+') ++ elif attr_names == {'gname'} and expected.endswith( ++ (b'/tarfile', b'/users', b'/bar')): ++ exp_user, exp_group = expected.split(b'/') ++ got_user, got_group = got.split(b'/') ++ self.assertEqual(got_user, exp_user) ++ self.assertRegex(got_group, b'[0-9]+') ++ elif attr_names == {'uid'} and expected.startswith( ++ (b'1000/')): ++ exp_user, exp_group = expected.split(b'/') ++ got_user, got_group = got.split(b'/') ++ self.assertEqual(got_group, exp_group) ++ self.assertEqual(got_user, b'None') ++ elif attr_names == {'gid'} and expected.endswith((b'/100')): ++ exp_user, exp_group = expected.split(b'/') ++ got_user, got_group = got.split(b'/') ++ self.assertEqual(got_user, exp_user) ++ self.assertEqual(got_group, b'None') ++ elif attr_names == {'uid', 'uname'} and expected.startswith( ++ (b'tarfile/', b'lars/', b'foo/', b'1000/')): ++ exp_user, exp_group = expected.split(b'/') ++ got_user, got_group = got.split(b'/') ++ self.assertEqual(got_group, exp_group) ++ self.assertEqual(got_user, b'None') ++ elif attr_names == {'gname', 'gid'} and expected.endswith( ++ (b'/tarfile', b'/users', b'/bar', b'/100')): ++ exp_user, exp_group = expected.split(b'/') ++ got_user, got_group = got.split(b'/') ++ self.assertEqual(got_user, exp_user) ++ self.assertEqual(got_group, b'None') ++ else: ++ # In other cases the output should be the same ++ self.assertEqual(expected, got) ++ ++def _filemode_to_int(mode): ++ """Inverse of `stat.filemode` (for permission bits) ++ ++ Using mode strings rather than numbers makes the later tests more readable. ++ """ ++ str_mode = mode[1:] ++ result = ( ++ {'r': stat.S_IRUSR, '-': 0}[str_mode[0]] ++ | {'w': stat.S_IWUSR, '-': 0}[str_mode[1]] ++ | {'x': stat.S_IXUSR, '-': 0, ++ 's': stat.S_IXUSR | stat.S_ISUID, ++ 'S': stat.S_ISUID}[str_mode[2]] ++ | {'r': stat.S_IRGRP, '-': 0}[str_mode[3]] ++ | {'w': stat.S_IWGRP, '-': 0}[str_mode[4]] ++ | {'x': stat.S_IXGRP, '-': 0, ++ 's': stat.S_IXGRP | stat.S_ISGID, ++ 'S': stat.S_ISGID}[str_mode[5]] ++ | {'r': stat.S_IROTH, '-': 0}[str_mode[6]] ++ | {'w': stat.S_IWOTH, '-': 0}[str_mode[7]] ++ | {'x': stat.S_IXOTH, '-': 0, ++ 't': stat.S_IXOTH | stat.S_ISVTX, ++ 'T': stat.S_ISVTX}[str_mode[8]] ++ ) ++ # check we did this right ++ assert stat.filemode(result)[1:] == mode[1:] ++ ++ return result ++ ++class ArchiveMaker: ++ """Helper to create a tar file with specific contents ++ ++ Usage: ++ ++ with ArchiveMaker() as t: ++ t.add('filename', ...) ++ ++ with t.open() as tar: ++ ... # `tar` is now a TarFile with 'filename' in it! ++ """ ++ def __init__(self): ++ self.bio = io.BytesIO() ++ ++ def __enter__(self): ++ self.tar_w = tarfile.TarFile(mode='w', fileobj=self.bio) ++ return self ++ ++ def __exit__(self, *exc): ++ self.tar_w.close() ++ self.contents = self.bio.getvalue() ++ self.bio = None ++ ++ def add(self, name, *, type=None, symlink_to=None, hardlink_to=None, ++ mode=None, **kwargs): ++ """Add a member to the test archive. Call within `with`.""" ++ name = str(name) ++ tarinfo = tarfile.TarInfo(name).replace(**kwargs) ++ if mode: ++ tarinfo.mode = _filemode_to_int(mode) ++ if symlink_to is not None: ++ type = tarfile.SYMTYPE ++ tarinfo.linkname = str(symlink_to) ++ if hardlink_to is not None: ++ type = tarfile.LNKTYPE ++ tarinfo.linkname = str(hardlink_to) ++ if name.endswith('/') and type is None: ++ type = tarfile.DIRTYPE ++ if type is not None: ++ tarinfo.type = type ++ if tarinfo.isreg(): ++ fileobj = io.BytesIO(bytes(tarinfo.size)) ++ else: ++ fileobj = None ++ self.tar_w.addfile(tarinfo, fileobj) ++ ++ def open(self, **kwargs): ++ """Open the resulting archive as TarFile. Call after `with`.""" ++ bio = io.BytesIO(self.contents) ++ return tarfile.open(fileobj=bio, **kwargs) ++ ++ ++class TestExtractionFilters(unittest.TestCase): ++ ++ # A temporary directory for the extraction results. ++ # All files that "escape" the destination path should still end ++ # up in this directory. ++ outerdir = pathlib.Path(TEMPDIR) / 'outerdir' ++ ++ # The destination for the extraction, within `outerdir` ++ destdir = outerdir / 'dest' ++ ++ @contextmanager ++ def check_context(self, tar, filter): ++ """Extracts `tar` to `self.destdir` and allows checking the result ++ ++ If an error occurs, it must be checked using `expect_exception` ++ ++ Otherwise, all resulting files must be checked using `expect_file`, ++ except the destination directory itself and parent directories of ++ other files. ++ When checking directories, do so before their contents. ++ """ ++ with support.temp_dir(self.outerdir): ++ try: ++ tar.extractall(self.destdir, filter=filter) ++ except Exception as exc: ++ self.raised_exception = exc ++ self.expected_paths = set() ++ else: ++ self.raised_exception = None ++ self.expected_paths = set(self.outerdir.glob('**/*')) ++ self.expected_paths.discard(self.destdir) ++ try: ++ yield ++ finally: ++ tar.close() ++ if self.raised_exception: ++ raise self.raised_exception ++ self.assertEqual(self.expected_paths, set()) ++ ++ def expect_file(self, name, type=None, symlink_to=None, mode=None): ++ """Check a single file. See check_context.""" ++ if self.raised_exception: ++ raise self.raised_exception ++ # use normpath() rather than resolve() so we don't follow symlinks ++ path = pathlib.Path(os.path.normpath(self.destdir / name)) ++ self.assertIn(path, self.expected_paths) ++ self.expected_paths.remove(path) ++ ++ # When checking mode, ignore Windows (which can only set user read and ++ # user write bits). Newer versions of Python use `os_helper.can_chmod()` ++ # instead of hardcoding Windows. ++ if mode is not None and sys.platform != 'win32': ++ got = stat.filemode(stat.S_IMODE(path.stat().st_mode)) ++ self.assertEqual(got, mode) ++ ++ if type is None and isinstance(name, str) and name.endswith('/'): ++ type = tarfile.DIRTYPE ++ if symlink_to is not None: ++ got = pathlib.Path(os.readlink(str(self.destdir / name))) ++ expected = pathlib.Path(symlink_to) ++ # The symlink might be the same (textually) as what we expect, ++ # but some systems change the link to an equivalent path, so ++ # we fall back to samefile(). ++ if expected != got: ++ self.assertTrue(got.samefile(expected)) ++ elif type == tarfile.REGTYPE or type is None: ++ self.assertTrue(path.is_file()) ++ elif type == tarfile.DIRTYPE: ++ self.assertTrue(path.is_dir()) ++ elif type == tarfile.FIFOTYPE: ++ self.assertTrue(path.is_fifo()) ++ else: ++ raise NotImplementedError(type) ++ for parent in path.parents: ++ self.expected_paths.discard(parent) ++ ++ def expect_exception(self, exc_type, message_re='.'): ++ with self.assertRaisesRegex(exc_type, message_re): ++ if self.raised_exception is not None: ++ raise self.raised_exception ++ self.raised_exception = None ++ ++ def test_benign_file(self): ++ with ArchiveMaker() as arc: ++ arc.add('benign.txt') ++ for filter in 'fully_trusted', 'tar', 'data': ++ with self.check_context(arc.open(), filter): ++ self.expect_file('benign.txt') ++ ++ def test_absolute(self): ++ # Test handling a member with an absolute path ++ # Inspired by 'absolute1' in https://github.com/jwilk/traversal-archives ++ with ArchiveMaker() as arc: ++ arc.add(self.outerdir / 'escaped.evil') ++ ++ with self.check_context(arc.open(), 'fully_trusted'): ++ self.expect_file('../escaped.evil') ++ ++ for filter in 'tar', 'data': ++ with self.check_context(arc.open(), filter): ++ if str(self.outerdir).startswith('/'): ++ # We strip leading slashes, as e.g. GNU tar does ++ # (without --absolute-filenames). ++ outerdir_stripped = str(self.outerdir).lstrip('/') ++ self.expect_file(f'{outerdir_stripped}/escaped.evil') ++ else: ++ # On this system, absolute paths don't have leading ++ # slashes. ++ # So, there's nothing to strip. We refuse to unpack ++ # to an absolute path, nonetheless. ++ self.expect_exception( ++ tarfile.AbsolutePathError, ++ """['"].*escaped.evil['"] has an absolute path""") ++ ++ def test_parent_symlink(self): ++ # Test interplaying symlinks ++ # Inspired by 'dirsymlink2a' in jwilk/traversal-archives ++ with ArchiveMaker() as arc: ++ arc.add('current', symlink_to='.') ++ arc.add('parent', symlink_to='current/..') ++ arc.add('parent/evil') ++ ++ if support.can_symlink(): ++ with self.check_context(arc.open(), 'fully_trusted'): ++ if self.raised_exception is not None: ++ # Windows will refuse to create a file that's a symlink to itself ++ # (and tarfile doesn't swallow that exception) ++ self.expect_exception(FileExistsError) ++ # The other cases will fail with this error too. ++ # Skip the rest of this test. ++ return ++ else: ++ self.expect_file('current', symlink_to='.') ++ self.expect_file('parent', symlink_to='current/..') ++ self.expect_file('../evil') ++ ++ with self.check_context(arc.open(), 'tar'): ++ self.expect_exception( ++ tarfile.OutsideDestinationError, ++ """'parent/evil' would be extracted to ['"].*evil['"], """ ++ + "which is outside the destination") ++ ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception( ++ tarfile.LinkOutsideDestinationError, ++ """'parent' would link to ['"].*outerdir['"], """ ++ + "which is outside the destination") ++ ++ else: ++ # No symlink support. The symlinks are ignored. ++ with self.check_context(arc.open(), 'fully_trusted'): ++ self.expect_file('parent/evil') ++ with self.check_context(arc.open(), 'tar'): ++ self.expect_file('parent/evil') ++ with self.check_context(arc.open(), 'data'): ++ self.expect_file('parent/evil') ++ ++ def test_parent_symlink2(self): ++ # Test interplaying symlinks ++ # Inspired by 'dirsymlink2b' in jwilk/traversal-archives ++ with ArchiveMaker() as arc: ++ arc.add('current', symlink_to='.') ++ arc.add('current/parent', symlink_to='..') ++ arc.add('parent/evil') ++ ++ with self.check_context(arc.open(), 'fully_trusted'): ++ if support.can_symlink(): ++ self.expect_file('current', symlink_to='.') ++ self.expect_file('parent', symlink_to='..') ++ self.expect_file('../evil') ++ else: ++ self.expect_file('current/') ++ self.expect_file('parent/evil') ++ ++ with self.check_context(arc.open(), 'tar'): ++ if support.can_symlink(): ++ self.expect_exception( ++ tarfile.OutsideDestinationError, ++ "'parent/evil' would be extracted to " ++ + """['"].*evil['"], which is outside """ ++ + "the destination") ++ else: ++ self.expect_file('current/') ++ self.expect_file('parent/evil') ++ ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception( ++ tarfile.LinkOutsideDestinationError, ++ """'current/parent' would link to ['"].*['"], """ ++ + "which is outside the destination") ++ ++ def test_absolute_symlink(self): ++ # Test symlink to an absolute path ++ # Inspired by 'dirsymlink' in jwilk/traversal-archives ++ with ArchiveMaker() as arc: ++ arc.add('parent', symlink_to=self.outerdir) ++ arc.add('parent/evil') ++ ++ with self.check_context(arc.open(), 'fully_trusted'): ++ if support.can_symlink(): ++ self.expect_file('parent', symlink_to=self.outerdir) ++ self.expect_file('../evil') ++ else: ++ self.expect_file('parent/evil') ++ ++ with self.check_context(arc.open(), 'tar'): ++ if support.can_symlink(): ++ self.expect_exception( ++ tarfile.OutsideDestinationError, ++ "'parent/evil' would be extracted to " ++ + """['"].*evil['"], which is outside """ ++ + "the destination") ++ else: ++ self.expect_file('parent/evil') ++ ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception( ++ tarfile.AbsoluteLinkError, ++ "'parent' is a symlink to an absolute path") ++ ++ def test_sly_relative0(self): ++ # Inspired by 'relative0' in jwilk/traversal-archives ++ with ArchiveMaker() as arc: ++ arc.add('../moo', symlink_to='..//tmp/moo') ++ ++ try: ++ with self.check_context(arc.open(), filter='fully_trusted'): ++ if support.can_symlink(): ++ if isinstance(self.raised_exception, FileExistsError): ++ # XXX TarFile happens to fail creating a parent ++ # directory. ++ # This might be a bug, but fixing it would hurt ++ # security. ++ # Note that e.g. GNU `tar` rejects '..' components, ++ # so you could argue this is an invalid archive and we ++ # just raise an bad type of exception. ++ self.expect_exception(FileExistsError) ++ else: ++ self.expect_file('../moo', symlink_to='..//tmp/moo') ++ else: ++ # The symlink can't be extracted and is ignored ++ pass ++ except FileExistsError: ++ pass ++ ++ for filter in 'tar', 'data': ++ with self.check_context(arc.open(), filter): ++ self.expect_exception( ++ tarfile.OutsideDestinationError, ++ "'../moo' would be extracted to " ++ + "'.*moo', which is outside " ++ + "the destination") ++ ++ def test_sly_relative2(self): ++ # Inspired by 'relative2' in jwilk/traversal-archives ++ with ArchiveMaker() as arc: ++ arc.add('tmp/') ++ arc.add('tmp/../../moo', symlink_to='tmp/../..//tmp/moo') ++ ++ with self.check_context(arc.open(), 'fully_trusted'): ++ self.expect_file('tmp', type=tarfile.DIRTYPE) ++ if support.can_symlink(): ++ self.expect_file('../moo', symlink_to='tmp/../../tmp/moo') ++ ++ for filter in 'tar', 'data': ++ with self.check_context(arc.open(), filter): ++ self.expect_exception( ++ tarfile.OutsideDestinationError, ++ "'tmp/../../moo' would be extracted to " ++ + """['"].*moo['"], which is outside the """ ++ + "destination") ++ ++ def test_modes(self): ++ # Test how file modes are extracted ++ # (Note that the modes are ignored on platforms without working chmod) ++ with ArchiveMaker() as arc: ++ arc.add('all_bits', mode='?rwsrwsrwt') ++ arc.add('perm_bits', mode='?rwxrwxrwx') ++ arc.add('exec_group_other', mode='?rw-rwxrwx') ++ arc.add('read_group_only', mode='?---r-----') ++ arc.add('no_bits', mode='?---------') ++ arc.add('dir/', mode='?---rwsrwt') ++ ++ # On some systems, setting the sticky bit is a no-op. ++ # Check if that's the case. ++ tmp_filename = os.path.join(TEMPDIR, "tmp.file") ++ with open(tmp_filename, 'w'): ++ pass ++ os.chmod(tmp_filename, os.stat(tmp_filename).st_mode | stat.S_ISVTX) ++ have_sticky_files = (os.stat(tmp_filename).st_mode & stat.S_ISVTX) ++ os.unlink(tmp_filename) ++ ++ os.mkdir(tmp_filename) ++ os.chmod(tmp_filename, os.stat(tmp_filename).st_mode | stat.S_ISVTX) ++ have_sticky_dirs = (os.stat(tmp_filename).st_mode & stat.S_ISVTX) ++ os.rmdir(tmp_filename) ++ ++ with self.check_context(arc.open(), 'fully_trusted'): ++ if have_sticky_files: ++ self.expect_file('all_bits', mode='?rwsrwsrwt') ++ else: ++ self.expect_file('all_bits', mode='?rwsrwsrwx') ++ self.expect_file('perm_bits', mode='?rwxrwxrwx') ++ self.expect_file('exec_group_other', mode='?rw-rwxrwx') ++ self.expect_file('read_group_only', mode='?---r-----') ++ self.expect_file('no_bits', mode='?---------') ++ if have_sticky_dirs: ++ self.expect_file('dir/', mode='?---rwsrwt') ++ else: ++ self.expect_file('dir/', mode='?---rwsrwx') ++ ++ with self.check_context(arc.open(), 'tar'): ++ self.expect_file('all_bits', mode='?rwxr-xr-x') ++ self.expect_file('perm_bits', mode='?rwxr-xr-x') ++ self.expect_file('exec_group_other', mode='?rw-r-xr-x') ++ self.expect_file('read_group_only', mode='?---r-----') ++ self.expect_file('no_bits', mode='?---------') ++ self.expect_file('dir/', mode='?---r-xr-x') ++ ++ with self.check_context(arc.open(), 'data'): ++ normal_dir_mode = stat.filemode(stat.S_IMODE( ++ self.outerdir.stat().st_mode)) ++ self.expect_file('all_bits', mode='?rwxr-xr-x') ++ self.expect_file('perm_bits', mode='?rwxr-xr-x') ++ self.expect_file('exec_group_other', mode='?rw-r--r--') ++ self.expect_file('read_group_only', mode='?rw-r-----') ++ self.expect_file('no_bits', mode='?rw-------') ++ self.expect_file('dir/', mode=normal_dir_mode) ++ ++ def test_pipe(self): ++ # Test handling of a special file ++ with ArchiveMaker() as arc: ++ arc.add('foo', type=tarfile.FIFOTYPE) ++ ++ for filter in 'fully_trusted', 'tar': ++ with self.check_context(arc.open(), filter): ++ if hasattr(os, 'mkfifo'): ++ self.expect_file('foo', type=tarfile.FIFOTYPE) ++ else: ++ # The pipe can't be extracted and is skipped. ++ pass ++ ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception( ++ tarfile.SpecialFileError, ++ "'foo' is a special file") ++ ++ def test_special_files(self): ++ # Creating device files is tricky. Instead of attempting that let's ++ # only check the filter result. ++ for special_type in tarfile.FIFOTYPE, tarfile.CHRTYPE, tarfile.BLKTYPE: ++ tarinfo = tarfile.TarInfo('foo') ++ tarinfo.type = special_type ++ trusted = tarfile.fully_trusted_filter(tarinfo, '') ++ self.assertIs(trusted, tarinfo) ++ tar = tarfile.tar_filter(tarinfo, '') ++ self.assertEqual(tar.type, special_type) ++ with self.assertRaises(tarfile.SpecialFileError) as cm: ++ tarfile.data_filter(tarinfo, '') ++ self.assertIsInstance(cm.exception.tarinfo, tarfile.TarInfo) ++ self.assertEqual(cm.exception.tarinfo.name, 'foo') ++ ++ def test_fully_trusted_filter(self): ++ # The 'fully_trusted' filter returns the original TarInfo objects. ++ with tarfile.TarFile.open(tarname) as tar: ++ for tarinfo in tar.getmembers(): ++ filtered = tarfile.fully_trusted_filter(tarinfo, '') ++ self.assertIs(filtered, tarinfo) ++ ++ def test_tar_filter(self): ++ # The 'tar' filter returns TarInfo objects with the same name/type. ++ # (It can also fail for particularly "evil" input, but we don't have ++ # that in the test archive.) ++ with tarfile.TarFile.open(tarname) as tar: ++ for tarinfo in tar.getmembers(): ++ filtered = tarfile.tar_filter(tarinfo, '') ++ self.assertIs(filtered.name, tarinfo.name) ++ self.assertIs(filtered.type, tarinfo.type) ++ ++ def test_data_filter(self): ++ # The 'data' filter either raises, or returns TarInfo with the same ++ # name/type. ++ with tarfile.TarFile.open(tarname) as tar: ++ for tarinfo in tar.getmembers(): ++ try: ++ filtered = tarfile.data_filter(tarinfo, '') ++ except tarfile.FilterError: ++ continue ++ self.assertIs(filtered.name, tarinfo.name) ++ self.assertIs(filtered.type, tarinfo.type) ++ ++ def test_default_filter_warns_not(self): ++ """Ensure the default filter does not warn (like in 3.12)""" ++ with ArchiveMaker() as arc: ++ arc.add('foo') ++ with support.check_no_warnings(self): ++ with self.check_context(arc.open(), None): ++ self.expect_file('foo') ++ ++ def test_change_default_filter_on_instance(self): ++ tar = tarfile.TarFile(tarname, 'r') ++ def strict_filter(tarinfo, path): ++ if tarinfo.name == 'ustar/regtype': ++ return tarinfo ++ else: ++ return None ++ tar.extraction_filter = strict_filter ++ with self.check_context(tar, None): ++ self.expect_file('ustar/regtype') ++ ++ def test_change_default_filter_on_class(self): ++ def strict_filter(tarinfo, path): ++ if tarinfo.name == 'ustar/regtype': ++ return tarinfo ++ else: ++ return None ++ tar = tarfile.TarFile(tarname, 'r') ++ with support.swap_attr(tarfile.TarFile, 'extraction_filter', ++ staticmethod(strict_filter)): ++ with self.check_context(tar, None): ++ self.expect_file('ustar/regtype') ++ ++ def test_change_default_filter_on_subclass(self): ++ class TarSubclass(tarfile.TarFile): ++ def extraction_filter(self, tarinfo, path): ++ if tarinfo.name == 'ustar/regtype': ++ return tarinfo ++ else: ++ return None ++ ++ tar = TarSubclass(tarname, 'r') ++ with self.check_context(tar, None): ++ self.expect_file('ustar/regtype') ++ ++ def test_change_default_filter_to_string(self): ++ tar = tarfile.TarFile(tarname, 'r') ++ tar.extraction_filter = 'data' ++ with self.check_context(tar, None): ++ self.expect_exception(TypeError) ++ ++ def test_custom_filter(self): ++ def custom_filter(tarinfo, path): ++ self.assertIs(path, self.destdir) ++ if tarinfo.name == 'move_this': ++ return tarinfo.replace(name='moved') ++ if tarinfo.name == 'ignore_this': ++ return None ++ return tarinfo ++ ++ with ArchiveMaker() as arc: ++ arc.add('move_this') ++ arc.add('ignore_this') ++ arc.add('keep') ++ with self.check_context(arc.open(), custom_filter): ++ self.expect_file('moved') ++ self.expect_file('keep') ++ ++ def test_bad_filter_name(self): ++ with ArchiveMaker() as arc: ++ arc.add('foo') ++ with self.check_context(arc.open(), 'bad filter name'): ++ self.expect_exception(ValueError) ++ ++ def test_stateful_filter(self): ++ # Stateful filters should be possible. ++ # (This doesn't really test tarfile. Rather, it demonstrates ++ # that third parties can implement a stateful filter.) ++ class StatefulFilter: ++ def __enter__(self): ++ self.num_files_processed = 0 ++ return self ++ ++ def __call__(self, tarinfo, path): ++ try: ++ tarinfo = tarfile.data_filter(tarinfo, path) ++ except tarfile.FilterError: ++ return None ++ self.num_files_processed += 1 ++ return tarinfo ++ ++ def __exit__(self, *exc_info): ++ self.done = True ++ ++ with ArchiveMaker() as arc: ++ arc.add('good') ++ arc.add('bad', symlink_to='/') ++ arc.add('good') ++ with StatefulFilter() as custom_filter: ++ with self.check_context(arc.open(), custom_filter): ++ self.expect_file('good') ++ self.assertEqual(custom_filter.num_files_processed, 2) ++ self.assertEqual(custom_filter.done, True) ++ ++ def test_errorlevel(self): ++ def extracterror_filter(tarinfo, path): ++ raise tarfile.ExtractError('failed with ExtractError') ++ def filtererror_filter(tarinfo, path): ++ raise tarfile.FilterError('failed with FilterError') ++ def oserror_filter(tarinfo, path): ++ raise OSError('failed with OSError') ++ def tarerror_filter(tarinfo, path): ++ raise tarfile.TarError('failed with base TarError') ++ def valueerror_filter(tarinfo, path): ++ raise ValueError('failed with ValueError') ++ ++ with ArchiveMaker() as arc: ++ arc.add('file') ++ ++ # If errorlevel is 0, errors affected by errorlevel are ignored ++ ++ with self.check_context(arc.open(errorlevel=0), extracterror_filter): ++ self.expect_file('file') ++ ++ with self.check_context(arc.open(errorlevel=0), filtererror_filter): ++ self.expect_file('file') ++ ++ with self.check_context(arc.open(errorlevel=0), oserror_filter): ++ self.expect_file('file') ++ ++ with self.check_context(arc.open(errorlevel=0), tarerror_filter): ++ self.expect_exception(tarfile.TarError) ++ ++ with self.check_context(arc.open(errorlevel=0), valueerror_filter): ++ self.expect_exception(ValueError) ++ ++ # If 1, all fatal errors are raised ++ ++ with self.check_context(arc.open(errorlevel=1), extracterror_filter): ++ self.expect_file('file') ++ ++ with self.check_context(arc.open(errorlevel=1), filtererror_filter): ++ self.expect_exception(tarfile.FilterError) ++ ++ with self.check_context(arc.open(errorlevel=1), oserror_filter): ++ self.expect_exception(OSError) ++ ++ with self.check_context(arc.open(errorlevel=1), tarerror_filter): ++ self.expect_exception(tarfile.TarError) ++ ++ with self.check_context(arc.open(errorlevel=1), valueerror_filter): ++ self.expect_exception(ValueError) ++ ++ # If 2, all non-fatal errors are raised as well. ++ ++ with self.check_context(arc.open(errorlevel=2), extracterror_filter): ++ self.expect_exception(tarfile.ExtractError) ++ ++ with self.check_context(arc.open(errorlevel=2), filtererror_filter): ++ self.expect_exception(tarfile.FilterError) ++ ++ with self.check_context(arc.open(errorlevel=2), oserror_filter): ++ self.expect_exception(OSError) ++ ++ with self.check_context(arc.open(errorlevel=2), tarerror_filter): ++ self.expect_exception(tarfile.TarError) ++ ++ with self.check_context(arc.open(errorlevel=2), valueerror_filter): ++ self.expect_exception(ValueError) ++ ++ # We only handle ExtractionError, FilterError & OSError specially. ++ ++ with self.check_context(arc.open(errorlevel='boo!'), filtererror_filter): ++ self.expect_exception(TypeError) # errorlevel is not int ++ ++ + def setUpModule(): + support.unlink(TEMPDIR) + os.makedirs(TEMPDIR) +diff --git a/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst b/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst +new file mode 100644 +index 0000000000..48a105a4a1 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2023-03-23-15-24-38.gh-issue-102953.YR4KaK.rst +@@ -0,0 +1,4 @@ ++The extraction methods in :mod:`tarfile`, and :func:`shutil.unpack_archive`, ++have a new a *filter* argument that allows limiting tar features than may be ++surprising or dangerous, such as creating files outside the destination ++directory. See :ref:`tarfile-extraction-filter` for details. diff --git a/00399-cve-2023-24329.patch b/00399-cve-2023-24329.patch new file mode 100644 index 0000000..503bf7f --- /dev/null +++ b/00399-cve-2023-24329.patch @@ -0,0 +1,223 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Mon, 22 May 2023 03:42:37 -0700 +Subject: 00399: CVE-2023-24329 + +gh-102153: Start stripping C0 control and space chars in `urlsplit` (GH-102508) + +`urllib.parse.urlsplit` has already been respecting the WHATWG spec a bit GH-25595. + +This adds more sanitizing to respect the "Remove any leading C0 control or space from input" [rule](https://url.spec.whatwg.org/GH-url-parsing:~:text=Remove%20any%20leading%20and%20trailing%20C0%20control%20or%20space%20from%20input.) in response to [CVE-2023-24329](https://nvd.nist.gov/vuln/detail/CVE-2023-24329). + +Backported from Python 3.12 + +(cherry picked from commit f48a96a28012d28ae37a2f4587a780a5eb779946) + +Co-authored-by: Illia Volochii +Co-authored-by: Gregory P. Smith [Google] +--- + Doc/library/urllib.parse.rst | 40 +++++++++++- + Lib/test/test_urlparse.py | 61 ++++++++++++++++++- + Lib/urllib/parse.py | 12 ++++ + ...-03-07-20-59-17.gh-issue-102153.14CLSZ.rst | 3 + + 4 files changed, 113 insertions(+), 3 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst + +diff --git a/Doc/library/urllib.parse.rst b/Doc/library/urllib.parse.rst +index b717d7cc05..83a7a82089 100644 +--- a/Doc/library/urllib.parse.rst ++++ b/Doc/library/urllib.parse.rst +@@ -126,6 +126,12 @@ or on combining URL components into a URL string. + ``#``, ``@``, or ``:`` will raise a :exc:`ValueError`. If the URL is + decomposed before parsing, no error will be raised. + ++ ++ .. warning:: ++ ++ :func:`urlparse` does not perform validation. See :ref:`URL parsing ++ security ` for details. ++ + .. versionchanged:: 3.2 + Added IPv6 URL parsing capabilities. + +@@ -288,8 +294,14 @@ or on combining URL components into a URL string. + ``#``, ``@``, or ``:`` will raise a :exc:`ValueError`. If the URL is + decomposed before parsing, no error will be raised. + +- Following the `WHATWG spec`_ that updates RFC 3986, ASCII newline +- ``\n``, ``\r`` and tab ``\t`` characters are stripped from the URL. ++ Following some of the `WHATWG spec`_ that updates RFC 3986, leading C0 ++ control and space characters are stripped from the URL. ``\n``, ++ ``\r`` and tab ``\t`` characters are removed from the URL at any position. ++ ++ .. warning:: ++ ++ :func:`urlsplit` does not perform validation. See :ref:`URL parsing ++ security ` for details. + + .. versionchanged:: 3.6 + Out-of-range port numbers now raise :exc:`ValueError`, instead of +@@ -302,6 +314,9 @@ or on combining URL components into a URL string. + .. versionchanged:: 3.6.14 + ASCII newline and tab characters are stripped from the URL. + ++ .. versionchanged:: 3.6.15 ++ Leading WHATWG C0 control and space characters are stripped from the URL. ++ + .. _WHATWG spec: https://url.spec.whatwg.org/#concept-basic-url-parser + + .. function:: urlunsplit(parts) +@@ -371,6 +386,27 @@ or on combining URL components into a URL string. + .. versionchanged:: 3.2 + Result is a structured object rather than a simple 2-tuple. + ++.. _url-parsing-security: ++ ++URL parsing security ++-------------------- ++ ++The :func:`urlsplit` and :func:`urlparse` APIs do not perform **validation** of ++inputs. They may not raise errors on inputs that other applications consider ++invalid. They may also succeed on some inputs that might not be considered ++URLs elsewhere. Their purpose is for practical functionality rather than ++purity. ++ ++Instead of raising an exception on unusual input, they may instead return some ++component parts as empty strings. Or components may contain more than perhaps ++they should. ++ ++We recommend that users of these APIs where the values may be used anywhere ++with security implications code defensively. Do some verification within your ++code before trusting a returned component part. Does that ``scheme`` make ++sense? Is that a sensible ``path``? Is there anything strange about that ++``hostname``? etc. ++ + .. _parsing-ascii-encoded-bytes: + + Parsing ASCII Encoded Bytes +diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py +index 3509278a01..7fd61ffea9 100644 +--- a/Lib/test/test_urlparse.py ++++ b/Lib/test/test_urlparse.py +@@ -660,6 +660,65 @@ class UrlParseTestCase(unittest.TestCase): + self.assertEqual(p.scheme, "https") + self.assertEqual(p.geturl(), "https://www.python.org/javascript:alert('msg')/?query=something#fragment") + ++ def test_urlsplit_strip_url(self): ++ noise = bytes(range(0, 0x20 + 1)) ++ base_url = "http://User:Pass@www.python.org:080/doc/?query=yes#frag" ++ ++ url = noise.decode("utf-8") + base_url ++ p = urllib.parse.urlsplit(url) ++ self.assertEqual(p.scheme, "http") ++ self.assertEqual(p.netloc, "User:Pass@www.python.org:080") ++ self.assertEqual(p.path, "/doc/") ++ self.assertEqual(p.query, "query=yes") ++ self.assertEqual(p.fragment, "frag") ++ self.assertEqual(p.username, "User") ++ self.assertEqual(p.password, "Pass") ++ self.assertEqual(p.hostname, "www.python.org") ++ self.assertEqual(p.port, 80) ++ self.assertEqual(p.geturl(), base_url) ++ ++ url = noise + base_url.encode("utf-8") ++ p = urllib.parse.urlsplit(url) ++ self.assertEqual(p.scheme, b"http") ++ self.assertEqual(p.netloc, b"User:Pass@www.python.org:080") ++ self.assertEqual(p.path, b"/doc/") ++ self.assertEqual(p.query, b"query=yes") ++ self.assertEqual(p.fragment, b"frag") ++ self.assertEqual(p.username, b"User") ++ self.assertEqual(p.password, b"Pass") ++ self.assertEqual(p.hostname, b"www.python.org") ++ self.assertEqual(p.port, 80) ++ self.assertEqual(p.geturl(), base_url.encode("utf-8")) ++ ++ # Test that trailing space is preserved as some applications rely on ++ # this within query strings. ++ query_spaces_url = "https://www.python.org:88/doc/?query= " ++ p = urllib.parse.urlsplit(noise.decode("utf-8") + query_spaces_url) ++ self.assertEqual(p.scheme, "https") ++ self.assertEqual(p.netloc, "www.python.org:88") ++ self.assertEqual(p.path, "/doc/") ++ self.assertEqual(p.query, "query= ") ++ self.assertEqual(p.port, 88) ++ self.assertEqual(p.geturl(), query_spaces_url) ++ ++ p = urllib.parse.urlsplit("www.pypi.org ") ++ # That "hostname" gets considered a "path" due to the ++ # trailing space and our existing logic... YUCK... ++ # and re-assembles via geturl aka unurlsplit into the original. ++ # django.core.validators.URLValidator (at least through v3.2) relies on ++ # this, for better or worse, to catch it in a ValidationError via its ++ # regular expressions. ++ # Here we test the basic round trip concept of such a trailing space. ++ self.assertEqual(urllib.parse.urlunsplit(p), "www.pypi.org ") ++ ++ # with scheme as cache-key ++ url = "//www.python.org/" ++ scheme = noise.decode("utf-8") + "https" + noise.decode("utf-8") ++ for _ in range(2): ++ p = urllib.parse.urlsplit(url, scheme=scheme) ++ self.assertEqual(p.scheme, "https") ++ self.assertEqual(p.geturl(), "https://www.python.org/") ++ + def test_attributes_bad_port(self): + """Check handling of invalid ports.""" + for bytes in (False, True): +@@ -667,7 +726,7 @@ class UrlParseTestCase(unittest.TestCase): + for port in ("foo", "1.5", "-1", "0x10"): + with self.subTest(bytes=bytes, parse=parse, port=port): + netloc = "www.example.net:" + port +- url = "http://" + netloc ++ url = "http://" + netloc + "/" + if bytes: + netloc = netloc.encode("ascii") + url = url.encode("ascii") +diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py +index ac6e7a9cee..717e990997 100644 +--- a/Lib/urllib/parse.py ++++ b/Lib/urllib/parse.py +@@ -25,6 +25,10 @@ currently not entirely compliant with this RFC due to defacto + scenarios for parsing, and for backward compatibility purposes, some + parsing quirks from older RFCs are retained. The testcases in + test_urlparse.py provides a good indicator of parsing behavior. ++ ++The WHATWG URL Parser spec should also be considered. We are not compliant with ++it either due to existing user code API behavior expectations (Hyrum's Law). ++It serves as a useful guide when making changes. + """ + + import re +@@ -76,6 +80,10 @@ scheme_chars = ('abcdefghijklmnopqrstuvwxyz' + '0123456789' + '+-.') + ++# Leading and trailing C0 control and space to be stripped per WHATWG spec. ++# == "".join([chr(i) for i in range(0, 0x20 + 1)]) ++_WHATWG_C0_CONTROL_OR_SPACE = '\x00\x01\x02\x03\x04\x05\x06\x07\x08\t\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f ' ++ + # Unsafe bytes to be removed per WHATWG spec + _UNSAFE_URL_BYTES_TO_REMOVE = ['\t', '\r', '\n'] + +@@ -426,6 +434,10 @@ def urlsplit(url, scheme='', allow_fragments=True): + url, scheme, _coerce_result = _coerce_args(url, scheme) + url = _remove_unsafe_bytes_from_url(url) + scheme = _remove_unsafe_bytes_from_url(scheme) ++ # Only lstrip url as some applications rely on preserving trailing space. ++ # (https://url.spec.whatwg.org/#concept-basic-url-parser would strip both) ++ url = url.lstrip(_WHATWG_C0_CONTROL_OR_SPACE) ++ scheme = scheme.strip(_WHATWG_C0_CONTROL_OR_SPACE) + allow_fragments = bool(allow_fragments) + key = url, scheme, allow_fragments, type(url), type(scheme) + cached = _parse_cache.get(key, None) +diff --git a/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst b/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst +new file mode 100644 +index 0000000000..e57ac4ed3a +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2023-03-07-20-59-17.gh-issue-102153.14CLSZ.rst +@@ -0,0 +1,3 @@ ++:func:`urllib.parse.urlsplit` now strips leading C0 control and space ++characters following the specification for URLs defined by WHATWG in ++response to CVE-2023-24329. Patch by Illia Volochii. diff --git a/00407-gh-99086-fix-implicit-int-compiler-warning-in-configure-check-for-pthread_scope_system.patch b/00407-gh-99086-fix-implicit-int-compiler-warning-in-configure-check-for-pthread_scope_system.patch new file mode 100644 index 0000000..084dfb6 --- /dev/null +++ b/00407-gh-99086-fix-implicit-int-compiler-warning-in-configure-check-for-pthread_scope_system.patch @@ -0,0 +1,47 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Erlend E. Aasland" +Date: Sun, 6 Nov 2022 22:39:34 +0100 +Subject: 00407: gh-99086: Fix implicit int compiler warning in configure check + for PTHREAD_SCOPE_SYSTEM + +Co-authored-by: Sam James +--- + .../next/Build/2022-11-04-02-58-10.gh-issue-99086.DV_4Br.rst | 1 + + configure | 2 +- + configure.ac | 2 +- + 3 files changed, 3 insertions(+), 2 deletions(-) + create mode 100644 Misc/NEWS.d/next/Build/2022-11-04-02-58-10.gh-issue-99086.DV_4Br.rst + +diff --git a/Misc/NEWS.d/next/Build/2022-11-04-02-58-10.gh-issue-99086.DV_4Br.rst b/Misc/NEWS.d/next/Build/2022-11-04-02-58-10.gh-issue-99086.DV_4Br.rst +new file mode 100644 +index 0000000000..e320ecfdfb +--- /dev/null ++++ b/Misc/NEWS.d/next/Build/2022-11-04-02-58-10.gh-issue-99086.DV_4Br.rst +@@ -0,0 +1 @@ ++Fix ``-Wimplicit-int`` compiler warning in :program:`configure` check for ``PTHREAD_SCOPE_SYSTEM``. +diff --git a/configure b/configure +index e39c16eee2..32c27a468d 100755 +--- a/configure ++++ b/configure +@@ -10837,7 +10837,7 @@ else + void *foo(void *parm) { + return NULL; + } +- main() { ++ int main() { + pthread_attr_t attr; + pthread_t id; + if (pthread_attr_init(&attr)) exit(-1); +diff --git a/configure.ac b/configure.ac +index d5ca7172ca..f7668224be 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -3185,7 +3185,7 @@ if test "$posix_threads" = "yes"; then + void *foo(void *parm) { + return NULL; + } +- main() { ++ int main() { + pthread_attr_t attr; + pthread_t id; + if (pthread_attr_init(&attr)) exit(-1); diff --git a/00409-bpo-13497-fix-broken-nice-configure-test.patch b/00409-bpo-13497-fix-broken-nice-configure-test.patch new file mode 100644 index 0000000..6fba071 --- /dev/null +++ b/00409-bpo-13497-fix-broken-nice-configure-test.patch @@ -0,0 +1,25 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: ngie-eign <1574099+ngie-eign@users.noreply.github.com> +Date: Mon, 25 Feb 2019 21:34:24 -0800 +Subject: 00409: bpo-13497: Fix `broken nice` configure test + +Per POSIX, `nice(3)` requires `unistd.h` and `exit(3)` requires `stdlib.h`. + +Fixing the test will prevent false positives with pedantic compilers like clang. +--- + configure.ac | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/configure.ac b/configure.ac +index f7668224be..2696661ab9 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -4946,6 +4946,8 @@ LIBS=$LIBS_no_readline + AC_MSG_CHECKING(for broken nice()) + AC_CACHE_VAL(ac_cv_broken_nice, [ + AC_RUN_IFELSE([AC_LANG_SOURCE([[ ++#include ++#include + int main() + { + int val1 = nice(1); diff --git a/00410-bpo-42598-fix-implicit-function-declarations-in-configure.patch b/00410-bpo-42598-fix-implicit-function-declarations-in-configure.patch new file mode 100644 index 0000000..56a60ee --- /dev/null +++ b/00410-bpo-42598-fix-implicit-function-declarations-in-configure.patch @@ -0,0 +1,113 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Joshua Root +Date: Mon, 14 Dec 2020 07:56:34 +1100 +Subject: 00410: bpo-42598: Fix implicit function declarations in configure + +This is invalid in C99 and later and is an error with some compilers +(e.g. clang in Xcode 12), and can thus cause configure checks to +produce incorrect results. +--- + .../Build/2020-12-13-14-43-10.bpo-42598.7ipr5H.rst | 2 ++ + configure | 13 +++++++------ + configure.ac | 13 +++++++------ + 3 files changed, 16 insertions(+), 12 deletions(-) + create mode 100644 Misc/NEWS.d/next/Build/2020-12-13-14-43-10.bpo-42598.7ipr5H.rst + +diff --git a/Misc/NEWS.d/next/Build/2020-12-13-14-43-10.bpo-42598.7ipr5H.rst b/Misc/NEWS.d/next/Build/2020-12-13-14-43-10.bpo-42598.7ipr5H.rst +new file mode 100644 +index 0000000000..7dafc105c4 +--- /dev/null ++++ b/Misc/NEWS.d/next/Build/2020-12-13-14-43-10.bpo-42598.7ipr5H.rst +@@ -0,0 +1,2 @@ ++Fix implicit function declarations in configure which could have resulted in ++incorrect configuration checks. Patch contributed by Joshua Root. +diff --git a/configure b/configure +index 32c27a468d..68a46deef5 100755 +--- a/configure ++++ b/configure +@@ -10840,10 +10840,10 @@ else + int main() { + pthread_attr_t attr; + pthread_t id; +- if (pthread_attr_init(&attr)) exit(-1); +- if (pthread_attr_setscope(&attr, PTHREAD_SCOPE_SYSTEM)) exit(-1); +- if (pthread_create(&id, &attr, foo, NULL)) exit(-1); +- exit(0); ++ if (pthread_attr_init(&attr)) return (-1); ++ if (pthread_attr_setscope(&attr, PTHREAD_SCOPE_SYSTEM)) return (-1); ++ if (pthread_create(&id, &attr, foo, NULL)) return (-1); ++ return (0); + } + _ACEOF + if ac_fn_c_try_run "$LINENO"; then : +@@ -14891,7 +14891,7 @@ else + int main() + { + /* Success: exit code 0 */ +- exit((((wchar_t) -1) < ((wchar_t) 0)) ? 0 : 1); ++ return ((((wchar_t) -1) < ((wchar_t) 0)) ? 0 : 1); + } + + _ACEOF +@@ -15213,7 +15213,7 @@ else + + int main() + { +- exit(((-1)>>3 == -1) ? 0 : 1); ++ return (((-1)>>3 == -1) ? 0 : 1); + } + + _ACEOF +@@ -15725,6 +15725,7 @@ else + /* end confdefs.h. */ + + #include ++#include + + int main() + { +diff --git a/configure.ac b/configure.ac +index 2696661ab9..9d2ad9afba 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -3188,10 +3188,10 @@ if test "$posix_threads" = "yes"; then + int main() { + pthread_attr_t attr; + pthread_t id; +- if (pthread_attr_init(&attr)) exit(-1); +- if (pthread_attr_setscope(&attr, PTHREAD_SCOPE_SYSTEM)) exit(-1); +- if (pthread_create(&id, &attr, foo, NULL)) exit(-1); +- exit(0); ++ if (pthread_attr_init(&attr)) return (-1); ++ if (pthread_attr_setscope(&attr, PTHREAD_SCOPE_SYSTEM)) return (-1); ++ if (pthread_create(&id, &attr, foo, NULL)) return (-1); ++ return (0); + }]])], + [ac_cv_pthread_system_supported=yes], + [ac_cv_pthread_system_supported=no], +@@ -4743,7 +4743,7 @@ then + int main() + { + /* Success: exit code 0 */ +- exit((((wchar_t) -1) < ((wchar_t) 0)) ? 0 : 1); ++ return ((((wchar_t) -1) < ((wchar_t) 0)) ? 0 : 1); + } + ]])], + [ac_cv_wchar_t_signed=yes], +@@ -4818,7 +4818,7 @@ AC_CACHE_VAL(ac_cv_rshift_extends_sign, [ + AC_RUN_IFELSE([AC_LANG_SOURCE([[ + int main() + { +- exit(((-1)>>3 == -1) ? 0 : 1); ++ return (((-1)>>3 == -1) ? 0 : 1); + } + ]])], + [ac_cv_rshift_extends_sign=yes], +@@ -4970,6 +4970,7 @@ AC_MSG_CHECKING(for broken poll()) + AC_CACHE_VAL(ac_cv_broken_poll, + AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include ++#include + + int main() + { diff --git a/00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch b/00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch new file mode 100644 index 0000000..7ed9e84 --- /dev/null +++ b/00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch @@ -0,0 +1,500 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Victor Stinner +Date: Fri, 15 Dec 2023 16:10:40 +0100 +Subject: 00415: [CVE-2023-27043] gh-102988: Reject malformed addresses in + email.parseaddr() (#111116) + +Detect email address parsing errors and return empty tuple to +indicate the parsing error (old API). Add an optional 'strict' +parameter to getaddresses() and parseaddr() functions. Patch by +Thomas Dwyer. + +Co-Authored-By: Thomas Dwyer +--- + Doc/library/email.utils.rst | 19 +- + Lib/email/utils.py | 151 ++++++++++++- + Lib/test/test_email/test_email.py | 204 +++++++++++++++++- + ...-10-20-15-28-08.gh-issue-102988.dStNO7.rst | 8 + + 4 files changed, 361 insertions(+), 21 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst + +diff --git a/Doc/library/email.utils.rst b/Doc/library/email.utils.rst +index 63fae2ab84..d1e1898591 100644 +--- a/Doc/library/email.utils.rst ++++ b/Doc/library/email.utils.rst +@@ -60,13 +60,18 @@ of the new API. + begins with angle brackets, they are stripped off. + + +-.. function:: parseaddr(address) ++.. function:: parseaddr(address, *, strict=True) + + Parse address -- which should be the value of some address-containing field such + as :mailheader:`To` or :mailheader:`Cc` -- into its constituent *realname* and + *email address* parts. Returns a tuple of that information, unless the parse + fails, in which case a 2-tuple of ``('', '')`` is returned. + ++ If *strict* is true, use a strict parser which rejects malformed inputs. ++ ++ .. versionchanged:: 3.13 ++ Add *strict* optional parameter and reject malformed inputs by default. ++ + + .. function:: formataddr(pair, charset='utf-8') + +@@ -84,12 +89,15 @@ of the new API. + Added the *charset* option. + + +-.. function:: getaddresses(fieldvalues) ++.. function:: getaddresses(fieldvalues, *, strict=True) + + This method returns a list of 2-tuples of the form returned by ``parseaddr()``. + *fieldvalues* is a sequence of header field values as might be returned by +- :meth:`Message.get_all `. Here's a simple +- example that gets all the recipients of a message:: ++ :meth:`Message.get_all `. ++ ++ If *strict* is true, use a strict parser which rejects malformed inputs. ++ ++ Here's a simple example that gets all the recipients of a message:: + + from email.utils import getaddresses + +@@ -99,6 +107,9 @@ of the new API. + resent_ccs = msg.get_all('resent-cc', []) + all_recipients = getaddresses(tos + ccs + resent_tos + resent_ccs) + ++ .. versionchanged:: 3.13 ++ Add *strict* optional parameter and reject malformed inputs by default. ++ + + .. function:: parsedate(date) + +diff --git a/Lib/email/utils.py b/Lib/email/utils.py +index 39c2240607..f83b7e5d7e 100644 +--- a/Lib/email/utils.py ++++ b/Lib/email/utils.py +@@ -48,6 +48,7 @@ TICK = "'" + specialsre = re.compile(r'[][\\()<>@,:;".]') + escapesre = re.compile(r'[\\"]') + ++ + def _has_surrogates(s): + """Return True if s contains surrogate-escaped binary data.""" + # This check is based on the fact that unless there are surrogates, utf8 +@@ -106,12 +107,127 @@ def formataddr(pair, charset='utf-8'): + return address + + ++def _iter_escaped_chars(addr): ++ pos = 0 ++ escape = False ++ for pos, ch in enumerate(addr): ++ if escape: ++ yield (pos, '\\' + ch) ++ escape = False ++ elif ch == '\\': ++ escape = True ++ else: ++ yield (pos, ch) ++ if escape: ++ yield (pos, '\\') + +-def getaddresses(fieldvalues): +- """Return a list of (REALNAME, EMAIL) for each fieldvalue.""" +- all = COMMASPACE.join(fieldvalues) +- a = _AddressList(all) +- return a.addresslist ++ ++def _strip_quoted_realnames(addr): ++ """Strip real names between quotes.""" ++ if '"' not in addr: ++ # Fast path ++ return addr ++ ++ start = 0 ++ open_pos = None ++ result = [] ++ for pos, ch in _iter_escaped_chars(addr): ++ if ch == '"': ++ if open_pos is None: ++ open_pos = pos ++ else: ++ if start != open_pos: ++ result.append(addr[start:open_pos]) ++ start = pos + 1 ++ open_pos = None ++ ++ if start < len(addr): ++ result.append(addr[start:]) ++ ++ return ''.join(result) ++ ++ ++supports_strict_parsing = True ++ ++def getaddresses(fieldvalues, *, strict=True): ++ """Return a list of (REALNAME, EMAIL) or ('','') for each fieldvalue. ++ ++ When parsing fails for a fieldvalue, a 2-tuple of ('', '') is returned in ++ its place. ++ ++ If strict is true, use a strict parser which rejects malformed inputs. ++ """ ++ ++ # If strict is true, if the resulting list of parsed addresses is greater ++ # than the number of fieldvalues in the input list, a parsing error has ++ # occurred and consequently a list containing a single empty 2-tuple [('', ++ # '')] is returned in its place. This is done to avoid invalid output. ++ # ++ # Malformed input: getaddresses(['alice@example.com ']) ++ # Invalid output: [('', 'alice@example.com'), ('', 'bob@example.com')] ++ # Safe output: [('', '')] ++ ++ if not strict: ++ all = COMMASPACE.join(str(v) for v in fieldvalues) ++ a = _AddressList(all) ++ return a.addresslist ++ ++ fieldvalues = [str(v) for v in fieldvalues] ++ fieldvalues = _pre_parse_validation(fieldvalues) ++ addr = COMMASPACE.join(fieldvalues) ++ a = _AddressList(addr) ++ result = _post_parse_validation(a.addresslist) ++ ++ # Treat output as invalid if the number of addresses is not equal to the ++ # expected number of addresses. ++ n = 0 ++ for v in fieldvalues: ++ # When a comma is used in the Real Name part it is not a deliminator. ++ # So strip those out before counting the commas. ++ v = _strip_quoted_realnames(v) ++ # Expected number of addresses: 1 + number of commas ++ n += 1 + v.count(',') ++ if len(result) != n: ++ return [('', '')] ++ ++ return result ++ ++ ++def _check_parenthesis(addr): ++ # Ignore parenthesis in quoted real names. ++ addr = _strip_quoted_realnames(addr) ++ ++ opens = 0 ++ for pos, ch in _iter_escaped_chars(addr): ++ if ch == '(': ++ opens += 1 ++ elif ch == ')': ++ opens -= 1 ++ if opens < 0: ++ return False ++ return (opens == 0) ++ ++ ++def _pre_parse_validation(email_header_fields): ++ accepted_values = [] ++ for v in email_header_fields: ++ if not _check_parenthesis(v): ++ v = "('', '')" ++ accepted_values.append(v) ++ ++ return accepted_values ++ ++ ++def _post_parse_validation(parsed_email_header_tuples): ++ accepted_values = [] ++ # The parser would have parsed a correctly formatted domain-literal ++ # The existence of an [ after parsing indicates a parsing failure ++ for v in parsed_email_header_tuples: ++ if '[' in v[1]: ++ v = ('', '') ++ accepted_values.append(v) ++ ++ return accepted_values + + + +@@ -214,16 +330,33 @@ def parsedate_to_datetime(data): + tzinfo=datetime.timezone(datetime.timedelta(seconds=tz))) + + +-def parseaddr(addr): ++def parseaddr(addr, *, strict=True): + """ + Parse addr into its constituent realname and email address parts. + + Return a tuple of realname and email address, unless the parse fails, in + which case return a 2-tuple of ('', ''). ++ ++ If strict is True, use a strict parser which rejects malformed inputs. + """ +- addrs = _AddressList(addr).addresslist +- if not addrs: +- return '', '' ++ if not strict: ++ addrs = _AddressList(addr).addresslist ++ if not addrs: ++ return ('', '') ++ return addrs[0] ++ ++ if isinstance(addr, list): ++ addr = addr[0] ++ ++ if not isinstance(addr, str): ++ return ('', '') ++ ++ addr = _pre_parse_validation([addr])[0] ++ addrs = _post_parse_validation(_AddressList(addr).addresslist) ++ ++ if not addrs or len(addrs) > 1: ++ return ('', '') ++ + return addrs[0] + + +diff --git a/Lib/test/test_email/test_email.py b/Lib/test/test_email/test_email.py +index e4e40b612f..ce36efc1b1 100644 +--- a/Lib/test/test_email/test_email.py ++++ b/Lib/test/test_email/test_email.py +@@ -19,6 +19,7 @@ except ImportError: + + import email + import email.policy ++import email.utils + + from email.charset import Charset + from email.header import Header, decode_header, make_header +@@ -3207,15 +3208,154 @@ Foo + [('Al Person', 'aperson@dom.ain'), + ('Bud Person', 'bperson@dom.ain')]) + ++ def test_getaddresses_comma_in_name(self): ++ """GH-106669 regression test.""" ++ self.assertEqual( ++ utils.getaddresses( ++ [ ++ '"Bud, Person" ', ++ 'aperson@dom.ain (Al Person)', ++ '"Mariusz Felisiak" ', ++ ] ++ ), ++ [ ++ ('Bud, Person', 'bperson@dom.ain'), ++ ('Al Person', 'aperson@dom.ain'), ++ ('Mariusz Felisiak', 'to@example.com'), ++ ], ++ ) ++ ++ def test_parsing_errors(self): ++ """Test for parsing errors from CVE-2023-27043 and CVE-2019-16056""" ++ alice = 'alice@example.org' ++ bob = 'bob@example.com' ++ empty = ('', '') ++ ++ # Test utils.getaddresses() and utils.parseaddr() on malformed email ++ # addresses: default behavior (strict=True) rejects malformed address, ++ # and strict=False which tolerates malformed address. ++ for invalid_separator, expected_non_strict in ( ++ ('(', [(f'<{bob}>', alice)]), ++ (')', [('', alice), empty, ('', bob)]), ++ ('<', [('', alice), empty, ('', bob), empty]), ++ ('>', [('', alice), empty, ('', bob)]), ++ ('[', [('', f'{alice}[<{bob}>]')]), ++ (']', [('', alice), empty, ('', bob)]), ++ ('@', [empty, empty, ('', bob)]), ++ (';', [('', alice), empty, ('', bob)]), ++ (':', [('', alice), ('', bob)]), ++ ('.', [('', alice + '.'), ('', bob)]), ++ ('"', [('', alice), ('', f'<{bob}>')]), ++ ): ++ address = f'{alice}{invalid_separator}<{bob}>' ++ with self.subTest(address=address): ++ self.assertEqual(utils.getaddresses([address]), ++ [empty]) ++ self.assertEqual(utils.getaddresses([address], strict=False), ++ expected_non_strict) ++ ++ self.assertEqual(utils.parseaddr([address]), ++ empty) ++ self.assertEqual(utils.parseaddr([address], strict=False), ++ ('', address)) ++ ++ # Comma (',') is treated differently depending on strict parameter. ++ # Comma without quotes. ++ address = f'{alice},<{bob}>' ++ self.assertEqual(utils.getaddresses([address]), ++ [('', alice), ('', bob)]) ++ self.assertEqual(utils.getaddresses([address], strict=False), ++ [('', alice), ('', bob)]) ++ self.assertEqual(utils.parseaddr([address]), ++ empty) ++ self.assertEqual(utils.parseaddr([address], strict=False), ++ ('', address)) ++ ++ # Real name between quotes containing comma. ++ address = '"Alice, alice@example.org" ' ++ expected_strict = ('Alice, alice@example.org', 'bob@example.com') ++ self.assertEqual(utils.getaddresses([address]), [expected_strict]) ++ self.assertEqual(utils.getaddresses([address], strict=False), [expected_strict]) ++ self.assertEqual(utils.parseaddr([address]), expected_strict) ++ self.assertEqual(utils.parseaddr([address], strict=False), ++ ('', address)) ++ ++ # Valid parenthesis in comments. ++ address = 'alice@example.org (Alice)' ++ expected_strict = ('Alice', 'alice@example.org') ++ self.assertEqual(utils.getaddresses([address]), [expected_strict]) ++ self.assertEqual(utils.getaddresses([address], strict=False), [expected_strict]) ++ self.assertEqual(utils.parseaddr([address]), expected_strict) ++ self.assertEqual(utils.parseaddr([address], strict=False), ++ ('', address)) ++ ++ # Invalid parenthesis in comments. ++ address = 'alice@example.org )Alice(' ++ self.assertEqual(utils.getaddresses([address]), [empty]) ++ self.assertEqual(utils.getaddresses([address], strict=False), ++ [('', 'alice@example.org'), ('', ''), ('', 'Alice')]) ++ self.assertEqual(utils.parseaddr([address]), empty) ++ self.assertEqual(utils.parseaddr([address], strict=False), ++ ('', address)) ++ ++ # Two addresses with quotes separated by comma. ++ address = '"Jane Doe" , "John Doe" ' ++ self.assertEqual(utils.getaddresses([address]), ++ [('Jane Doe', 'jane@example.net'), ++ ('John Doe', 'john@example.net')]) ++ self.assertEqual(utils.getaddresses([address], strict=False), ++ [('Jane Doe', 'jane@example.net'), ++ ('John Doe', 'john@example.net')]) ++ self.assertEqual(utils.parseaddr([address]), empty) ++ self.assertEqual(utils.parseaddr([address], strict=False), ++ ('', address)) ++ ++ # Test email.utils.supports_strict_parsing attribute ++ self.assertEqual(email.utils.supports_strict_parsing, True) ++ + def test_getaddresses_nasty(self): +- eq = self.assertEqual +- eq(utils.getaddresses(['foo: ;']), [('', '')]) +- eq(utils.getaddresses( +- ['[]*-- =~$']), +- [('', ''), ('', ''), ('', '*--')]) +- eq(utils.getaddresses( +- ['foo: ;', '"Jason R. Mastaler" ']), +- [('', ''), ('Jason R. Mastaler', 'jason@dom.ain')]) ++ for addresses, expected in ( ++ (['"Sürname, Firstname" '], ++ [('Sürname, Firstname', 'to@example.com')]), ++ ++ (['foo: ;'], ++ [('', '')]), ++ ++ (['foo: ;', '"Jason R. Mastaler" '], ++ [('', ''), ('Jason R. Mastaler', 'jason@dom.ain')]), ++ ++ ([r'Pete(A nice \) chap) '], ++ [('Pete (A nice ) chap his account his host)', 'pete@silly.test')]), ++ ++ (['(Empty list)(start)Undisclosed recipients :(nobody(I know))'], ++ [('', '')]), ++ ++ (['Mary <@machine.tld:mary@example.net>, , jdoe@test . example'], ++ [('Mary', 'mary@example.net'), ('', ''), ('', 'jdoe@test.example')]), ++ ++ (['John Doe '], ++ [('John Doe (comment)', 'jdoe@machine.example')]), ++ ++ (['"Mary Smith: Personal Account" '], ++ [('Mary Smith: Personal Account', 'smith@home.example')]), ++ ++ (['Undisclosed recipients:;'], ++ [('', '')]), ++ ++ ([r', "Giant; \"Big\" Box" '], ++ [('', 'boss@nil.test'), ('Giant; "Big" Box', 'bob@example.net')]), ++ ): ++ with self.subTest(addresses=addresses): ++ self.assertEqual(utils.getaddresses(addresses), ++ expected) ++ self.assertEqual(utils.getaddresses(addresses, strict=False), ++ expected) ++ ++ addresses = ['[]*-- =~$'] ++ self.assertEqual(utils.getaddresses(addresses), ++ [('', '')]) ++ self.assertEqual(utils.getaddresses(addresses, strict=False), ++ [('', ''), ('', ''), ('', '*--')]) + + def test_getaddresses_embedded_comment(self): + """Test proper handling of a nested comment""" +@@ -3397,6 +3537,54 @@ multipart/report + m = cls(*constructor, policy=email.policy.default) + self.assertIs(m.policy, email.policy.default) + ++ def test_iter_escaped_chars(self): ++ self.assertEqual(list(utils._iter_escaped_chars(r'a\\b\"c\\"d')), ++ [(0, 'a'), ++ (2, '\\\\'), ++ (3, 'b'), ++ (5, '\\"'), ++ (6, 'c'), ++ (8, '\\\\'), ++ (9, '"'), ++ (10, 'd')]) ++ self.assertEqual(list(utils._iter_escaped_chars('a\\')), ++ [(0, 'a'), (1, '\\')]) ++ ++ def test_strip_quoted_realnames(self): ++ def check(addr, expected): ++ self.assertEqual(utils._strip_quoted_realnames(addr), expected) ++ ++ check('"Jane Doe" , "John Doe" ', ++ ' , ') ++ check(r'"Jane \"Doe\"." ', ++ ' ') ++ ++ # special cases ++ check(r'before"name"after', 'beforeafter') ++ check(r'before"name"', 'before') ++ check(r'b"name"', 'b') # single char ++ check(r'"name"after', 'after') ++ check(r'"name"a', 'a') # single char ++ check(r'"name"', '') ++ ++ # no change ++ for addr in ( ++ 'Jane Doe , John Doe ', ++ 'lone " quote', ++ ): ++ self.assertEqual(utils._strip_quoted_realnames(addr), addr) ++ ++ ++ def test_check_parenthesis(self): ++ addr = 'alice@example.net' ++ self.assertTrue(utils._check_parenthesis(f'{addr} (Alice)')) ++ self.assertFalse(utils._check_parenthesis(f'{addr} )Alice(')) ++ self.assertFalse(utils._check_parenthesis(f'{addr} (Alice))')) ++ self.assertFalse(utils._check_parenthesis(f'{addr} ((Alice)')) ++ ++ # Ignore real name between quotes ++ self.assertTrue(utils._check_parenthesis(f'")Alice((" {addr}')) ++ + + # Test the iterator/generators + class TestIterators(TestEmailBase): +diff --git a/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst b/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst +new file mode 100644 +index 0000000000..3d0e9e4078 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2023-10-20-15-28-08.gh-issue-102988.dStNO7.rst +@@ -0,0 +1,8 @@ ++:func:`email.utils.getaddresses` and :func:`email.utils.parseaddr` now ++return ``('', '')`` 2-tuples in more situations where invalid email ++addresses are encountered instead of potentially inaccurate values. Add ++optional *strict* parameter to these two functions: use ``strict=False`` to ++get the old behavior, accept malformed inputs. ++``getattr(email.utils, 'supports_strict_parsing', False)`` can be use to check ++if the *strict* paramater is available. Patch by Thomas Dwyer and Victor ++Stinner to improve the CVE-2023-27043 fix. diff --git a/00419-gh-112769-test_zlib-fix-comparison-of-zlib_runtime_version-with-non-int-suffix-gh-112771-gh-112774.patch b/00419-gh-112769-test_zlib-fix-comparison-of-zlib_runtime_version-with-non-int-suffix-gh-112771-gh-112774.patch new file mode 100644 index 0000000..8406a8a --- /dev/null +++ b/00419-gh-112769-test_zlib-fix-comparison-of-zlib_runtime_version-with-non-int-suffix-gh-112771-gh-112774.patch @@ -0,0 +1,66 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= +Date: Tue, 5 Dec 2023 21:02:06 +0100 +Subject: 00419: gh-112769: test_zlib: Fix comparison of ZLIB_RUNTIME_VERSION + with non-int suffix (GH-112771) (GH-112774) + +zlib-ng defines the version as "1.3.0.zlib-ng". +(cherry picked from commit d384813ff18b33280a90b6d2011654528a2b6ad1) +--- + Lib/test/test_zlib.py | 28 ++++++++++++++++------------ + 1 file changed, 16 insertions(+), 12 deletions(-) + +diff --git a/Lib/test/test_zlib.py b/Lib/test/test_zlib.py +index b7170b4ff5..93615e1e1e 100644 +--- a/Lib/test/test_zlib.py ++++ b/Lib/test/test_zlib.py +@@ -16,6 +16,20 @@ requires_Decompress_copy = unittest.skipUnless( + 'requires Decompress.copy()') + + ++def _zlib_runtime_version_tuple(zlib_version=zlib.ZLIB_RUNTIME_VERSION): ++ # Register "1.2.3" as "1.2.3.0" ++ # or "1.2.0-linux","1.2.0.f","1.2.0.f-linux" ++ v = zlib_version.split('-', 1)[0].split('.') ++ if len(v) < 4: ++ v.append('0') ++ elif not v[-1].isnumeric(): ++ v[-1] = '0' ++ return tuple(map(int, v)) ++ ++ ++ZLIB_RUNTIME_VERSION_TUPLE = _zlib_runtime_version_tuple() ++ ++ + class VersionTestCase(unittest.TestCase): + + def test_library_version(self): +@@ -437,9 +451,8 @@ class CompressObjectTestCase(BaseCompressTestCase, unittest.TestCase): + sync_opt = ['Z_NO_FLUSH', 'Z_SYNC_FLUSH', 'Z_FULL_FLUSH', + 'Z_PARTIAL_FLUSH'] + +- ver = tuple(int(v) for v in zlib.ZLIB_RUNTIME_VERSION.split('.')) + # Z_BLOCK has a known failure prior to 1.2.5.3 +- if ver >= (1, 2, 5, 3): ++ if ZLIB_RUNTIME_VERSION_TUPLE >= (1, 2, 5, 3): + sync_opt.append('Z_BLOCK') + + sync_opt = [getattr(zlib, opt) for opt in sync_opt +@@ -762,16 +775,7 @@ class CompressObjectTestCase(BaseCompressTestCase, unittest.TestCase): + + def test_wbits(self): + # wbits=0 only supported since zlib v1.2.3.5 +- # Register "1.2.3" as "1.2.3.0" +- # or "1.2.0-linux","1.2.0.f","1.2.0.f-linux" +- v = zlib.ZLIB_RUNTIME_VERSION.split('-', 1)[0].split('.') +- if len(v) < 4: +- v.append('0') +- elif not v[-1].isnumeric(): +- v[-1] = '0' +- +- v = tuple(map(int, v)) +- supports_wbits_0 = v >= (1, 2, 3, 5) ++ supports_wbits_0 = ZLIB_RUNTIME_VERSION_TUPLE >= (1, 2, 3, 5) + + co = zlib.compressobj(level=1, wbits=15) + zlib15 = co.compress(HAMLET_SCENE) + co.flush() diff --git a/00422-gh-115133-fix-tests-for-xmlpullparser-with-expat-2-6-0.patch b/00422-gh-115133-fix-tests-for-xmlpullparser-with-expat-2-6-0.patch new file mode 100644 index 0000000..d9e85f8 --- /dev/null +++ b/00422-gh-115133-fix-tests-for-xmlpullparser-with-expat-2-6-0.patch @@ -0,0 +1,106 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Serhiy Storchaka +Date: Sun, 11 Feb 2024 12:08:39 +0200 +Subject: 00422: gh-115133: Fix tests for XMLPullParser with Expat 2.6.0 + +Feeding the parser by too small chunks defers parsing to prevent +CVE-2023-52425. Future versions of Expat may be more reactive. + +(cherry picked from commit 4a08e7b3431cd32a0daf22a33421cd3035343dc4) +--- + Lib/test/test_xml_etree.py | 58 ++++++++++++------- + ...-02-08-14-21-28.gh-issue-115133.ycl4ko.rst | 2 + + 2 files changed, 38 insertions(+), 22 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst + +diff --git a/Lib/test/test_xml_etree.py b/Lib/test/test_xml_etree.py +index acaa519f42..2195eb9485 100644 +--- a/Lib/test/test_xml_etree.py ++++ b/Lib/test/test_xml_etree.py +@@ -10,6 +10,7 @@ import html + import io + import operator + import pickle ++import pyexpat + import sys + import types + import unittest +@@ -97,6 +98,10 @@ EXTERNAL_ENTITY_XML = """\ + &entity; + """ + ++fails_with_expat_2_6_0 = (unittest.expectedFailure ++ if pyexpat.version_info >= (2, 6, 0) else ++ lambda test: test) ++ + class ModuleTest(unittest.TestCase): + def test_sanity(self): + # Import sanity. +@@ -1044,28 +1049,37 @@ class XMLPullParserTest(unittest.TestCase): + self.assertEqual([(action, elem.tag) for action, elem in events], + expected) + +- def test_simple_xml(self): +- for chunk_size in (None, 1, 5): +- with self.subTest(chunk_size=chunk_size): +- parser = ET.XMLPullParser() +- self.assert_event_tags(parser, []) +- self._feed(parser, "\n", chunk_size) +- self.assert_event_tags(parser, []) +- self._feed(parser, +- "\n text\n", chunk_size) +- self.assert_event_tags(parser, [('end', 'element')]) +- self._feed(parser, "texttail\n", chunk_size) +- self._feed(parser, "\n", chunk_size) +- self.assert_event_tags(parser, [ +- ('end', 'element'), +- ('end', 'empty-element'), +- ]) +- self._feed(parser, "\n", chunk_size) +- self.assert_event_tags(parser, [('end', 'root')]) +- self.assertIsNone(parser.close()) ++ def test_simple_xml(self, chunk_size=None): ++ parser = ET.XMLPullParser() ++ self.assert_event_tags(parser, []) ++ self._feed(parser, "\n", chunk_size) ++ self.assert_event_tags(parser, []) ++ self._feed(parser, ++ "\n text\n", chunk_size) ++ self.assert_event_tags(parser, [('end', 'element')]) ++ self._feed(parser, "texttail\n", chunk_size) ++ self._feed(parser, "\n", chunk_size) ++ self.assert_event_tags(parser, [ ++ ('end', 'element'), ++ ('end', 'empty-element'), ++ ]) ++ self._feed(parser, "\n", chunk_size) ++ self.assert_event_tags(parser, [('end', 'root')]) ++ self.assertIsNone(parser.close()) ++ ++ @fails_with_expat_2_6_0 ++ def test_simple_xml_chunk_1(self): ++ self.test_simple_xml(chunk_size=1) ++ ++ @fails_with_expat_2_6_0 ++ def test_simple_xml_chunk_5(self): ++ self.test_simple_xml(chunk_size=5) ++ ++ def test_simple_xml_chunk_22(self): ++ self.test_simple_xml(chunk_size=22) + + def test_feed_while_iterating(self): + parser = ET.XMLPullParser() +diff --git a/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst b/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst +new file mode 100644 +index 0000000000..6f1015235c +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2024-02-08-14-21-28.gh-issue-115133.ycl4ko.rst +@@ -0,0 +1,2 @@ ++Fix tests for :class:`~xml.etree.ElementTree.XMLPullParser` with Expat ++2.6.0. diff --git a/00423-bpo-33377-add-triplets-for-mips-r6-and-riscv.patch b/00423-bpo-33377-add-triplets-for-mips-r6-and-riscv.patch new file mode 100644 index 0000000..0e4985c --- /dev/null +++ b/00423-bpo-33377-add-triplets-for-mips-r6-and-riscv.patch @@ -0,0 +1,161 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Matthias Klose +Date: Mon, 30 Apr 2018 19:22:16 +0200 +Subject: 00423: bpo-33377: Add triplets for mips-r6 and riscv + +--- + .../2018-04-30-16-53-00.bpo-33377.QBh6vP.rst | 2 + + configure | 42 ++++++++++++++++++- + configure.ac | 28 +++++++++++++ + 3 files changed, 71 insertions(+), 1 deletion(-) + create mode 100644 Misc/NEWS.d/next/Build/2018-04-30-16-53-00.bpo-33377.QBh6vP.rst + +diff --git a/Misc/NEWS.d/next/Build/2018-04-30-16-53-00.bpo-33377.QBh6vP.rst b/Misc/NEWS.d/next/Build/2018-04-30-16-53-00.bpo-33377.QBh6vP.rst +new file mode 100644 +index 0000000000..f5dbd23c7c +--- /dev/null ++++ b/Misc/NEWS.d/next/Build/2018-04-30-16-53-00.bpo-33377.QBh6vP.rst +@@ -0,0 +1,2 @@ ++Add new triplets for mips r6 and riscv variants (used in extension ++suffixes). +diff --git a/configure b/configure +index 68a46deef5..6ea6e7d742 100755 +--- a/configure ++++ b/configure +@@ -785,6 +785,7 @@ infodir + docdir + oldincludedir + includedir ++runstatedir + localstatedir + sharedstatedir + sysconfdir +@@ -898,6 +899,7 @@ datadir='${datarootdir}' + sysconfdir='${prefix}/etc' + sharedstatedir='${prefix}/com' + localstatedir='${prefix}/var' ++runstatedir='${localstatedir}/run' + includedir='${prefix}/include' + oldincludedir='/usr/include' + docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +@@ -1150,6 +1152,15 @@ do + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + ++ -runstatedir | --runstatedir | --runstatedi | --runstated \ ++ | --runstate | --runstat | --runsta | --runst | --runs \ ++ | --run | --ru | --r) ++ ac_prev=runstatedir ;; ++ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ ++ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ ++ | --run=* | --ru=* | --r=*) ++ runstatedir=$ac_optarg ;; ++ + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ +@@ -1287,7 +1298,7 @@ fi + for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ +- libdir localedir mandir ++ libdir localedir mandir runstatedir + do + eval ac_val=\$$ac_var + # Remove trailing slashes. +@@ -1440,6 +1451,7 @@ Fine tuning of the installation directories: + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] ++ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] +@@ -5261,6 +5273,26 @@ cat >> conftest.c <=6) && defined(_MIPSEL) ++# if _MIPS_SIM == _ABIO32 ++ mipsisa32r6el-linux-gnu ++# elif _MIPS_SIM == _ABIN32 ++ mipsisa64r6el-linux-gnuabin32 ++# elif _MIPS_SIM == _ABI64 ++ mipsisa64r6el-linux-gnuabi64 ++# else ++# error unknown platform triplet ++# endif ++# elif defined(__mips_hard_float) && defined(__mips_isa_rev) && (__mips_isa_rev >=6) ++# if _MIPS_SIM == _ABIO32 ++ mipsisa32r6-linux-gnu ++# elif _MIPS_SIM == _ABIN32 ++ mipsisa64r6-linux-gnuabin32 ++# elif _MIPS_SIM == _ABI64 ++ mipsisa64r6-linux-gnuabi64 ++# else ++# error unknown platform triplet ++# endif + # elif defined(__mips_hard_float) && defined(_MIPSEL) + # if _MIPS_SIM == _ABIO32 + mipsel-linux-gnu +@@ -5303,6 +5335,14 @@ cat >> conftest.c <> conftest.c <=6) && defined(_MIPSEL) ++# if _MIPS_SIM == _ABIO32 ++ mipsisa32r6el-linux-gnu ++# elif _MIPS_SIM == _ABIN32 ++ mipsisa64r6el-linux-gnuabin32 ++# elif _MIPS_SIM == _ABI64 ++ mipsisa64r6el-linux-gnuabi64 ++# else ++# error unknown platform triplet ++# endif ++# elif defined(__mips_hard_float) && defined(__mips_isa_rev) && (__mips_isa_rev >=6) ++# if _MIPS_SIM == _ABIO32 ++ mipsisa32r6-linux-gnu ++# elif _MIPS_SIM == _ABIN32 ++ mipsisa64r6-linux-gnuabin32 ++# elif _MIPS_SIM == _ABI64 ++ mipsisa64r6-linux-gnuabi64 ++# else ++# error unknown platform triplet ++# endif + # elif defined(__mips_hard_float) && defined(_MIPSEL) + # if _MIPS_SIM == _ABIO32 + mipsel-linux-gnu +@@ -846,6 +866,14 @@ cat >> conftest.c < +Date: Wed, 24 Apr 2024 00:19:23 +0200 +Subject: 00426: CVE-2023-6597 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Combines Two fixes for tempfile.TemporaryDirectory: +https://github.com/python/cpython/commit/e9b51c0ad81da1da11ae65840ac8b50a8521373c +https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a + +Co-authored-by: Søren Løvborg +Co-authored-by: Serhiy Storchaka +--- + Lib/tempfile.py | 44 +++++++++- + Lib/test/test_tempfile.py | 166 +++++++++++++++++++++++++++++++++++--- + 2 files changed, 199 insertions(+), 11 deletions(-) + +diff --git a/Lib/tempfile.py b/Lib/tempfile.py +index 2cb5434ba7..8e401f548a 100644 +--- a/Lib/tempfile.py ++++ b/Lib/tempfile.py +@@ -276,6 +276,23 @@ def _mkstemp_inner(dir, pre, suf, flags, output_type): + "No usable temporary file name found") + + ++def _dont_follow_symlinks(func, path, *args): ++ # Pass follow_symlinks=False, unless not supported on this platform. ++ if func in _os.supports_follow_symlinks: ++ func(path, *args, follow_symlinks=False) ++ elif _os.name == 'nt' or not _os.path.islink(path): ++ func(path, *args) ++ ++ ++def _resetperms(path): ++ try: ++ chflags = _os.chflags ++ except AttributeError: ++ pass ++ else: ++ _dont_follow_symlinks(chflags, path, 0) ++ _dont_follow_symlinks(_os.chmod, path, 0o700) ++ + # User visible interfaces. + + def gettempprefix(): +@@ -794,9 +811,32 @@ class TemporaryDirectory(object): + self, self._cleanup, self.name, + warn_message="Implicitly cleaning up {!r}".format(self)) + ++ @classmethod ++ def _rmtree(cls, name): ++ def onerror(func, path, exc_info): ++ if issubclass(exc_info[0], PermissionError): ++ try: ++ if path != name: ++ _resetperms(_os.path.dirname(path)) ++ _resetperms(path) ++ ++ try: ++ _os.unlink(path) ++ # PermissionError is raised on FreeBSD for directories ++ except (IsADirectoryError, PermissionError): ++ cls._rmtree(path) ++ except FileNotFoundError: ++ pass ++ elif issubclass(exc_info[0], FileNotFoundError): ++ pass ++ else: ++ raise ++ ++ _shutil.rmtree(name, onerror=onerror) ++ + @classmethod + def _cleanup(cls, name, warn_message): +- _shutil.rmtree(name) ++ cls._rmtree(name) + _warnings.warn(warn_message, ResourceWarning) + + def __repr__(self): +@@ -810,4 +850,4 @@ class TemporaryDirectory(object): + + def cleanup(self): + if self._finalizer.detach(): +- _shutil.rmtree(self.name) ++ self._rmtree(self.name) +diff --git a/Lib/test/test_tempfile.py b/Lib/test/test_tempfile.py +index 710756bde6..c5560e12e7 100644 +--- a/Lib/test/test_tempfile.py ++++ b/Lib/test/test_tempfile.py +@@ -1298,19 +1298,25 @@ class NulledModules: + class TestTemporaryDirectory(BaseTestCase): + """Test TemporaryDirectory().""" + +- def do_create(self, dir=None, pre="", suf="", recurse=1): ++ def do_create(self, dir=None, pre="", suf="", recurse=1, dirs=1, files=1): + if dir is None: + dir = tempfile.gettempdir() + tmp = tempfile.TemporaryDirectory(dir=dir, prefix=pre, suffix=suf) + self.nameCheck(tmp.name, dir, pre, suf) +- # Create a subdirectory and some files +- if recurse: +- d1 = self.do_create(tmp.name, pre, suf, recurse-1) +- d1.name = None +- with open(os.path.join(tmp.name, "test.txt"), "wb") as f: +- f.write(b"Hello world!") ++ self.do_create2(tmp.name, recurse, dirs, files) + return tmp + ++ def do_create2(self, path, recurse=1, dirs=1, files=1): ++ # Create subdirectories and some files ++ if recurse: ++ for i in range(dirs): ++ name = os.path.join(path, "dir%d" % i) ++ os.mkdir(name) ++ self.do_create2(name, recurse-1, dirs, files) ++ for i in range(files): ++ with open(os.path.join(path, "test%d.txt" % i), "wb") as f: ++ f.write(b"Hello world!") ++ + def test_mkdtemp_failure(self): + # Check no additional exception if mkdtemp fails + # Previously would raise AttributeError instead +@@ -1350,11 +1356,108 @@ class TestTemporaryDirectory(BaseTestCase): + "TemporaryDirectory %s exists after cleanup" % d1.name) + self.assertTrue(os.path.exists(d2.name), + "Directory pointed to by a symlink was deleted") +- self.assertEqual(os.listdir(d2.name), ['test.txt'], ++ self.assertEqual(os.listdir(d2.name), ['test0.txt'], + "Contents of the directory pointed to by a symlink " + "were deleted") + d2.cleanup() + ++ @support.skip_unless_symlink ++ def test_cleanup_with_symlink_modes(self): ++ # cleanup() should not follow symlinks when fixing mode bits (#91133) ++ with self.do_create(recurse=0) as d2: ++ file1 = os.path.join(d2, 'file1') ++ open(file1, 'wb').close() ++ dir1 = os.path.join(d2, 'dir1') ++ os.mkdir(dir1) ++ for mode in range(8): ++ mode <<= 6 ++ with self.subTest(mode=format(mode, '03o')): ++ def test(target, target_is_directory): ++ d1 = self.do_create(recurse=0) ++ symlink = os.path.join(d1.name, 'symlink') ++ os.symlink(target, symlink, ++ target_is_directory=target_is_directory) ++ try: ++ os.chmod(symlink, mode, follow_symlinks=False) ++ except NotImplementedError: ++ pass ++ try: ++ os.chmod(symlink, mode) ++ except FileNotFoundError: ++ pass ++ os.chmod(d1.name, mode) ++ d1.cleanup() ++ self.assertFalse(os.path.exists(d1.name)) ++ ++ with self.subTest('nonexisting file'): ++ test('nonexisting', target_is_directory=False) ++ with self.subTest('nonexisting dir'): ++ test('nonexisting', target_is_directory=True) ++ ++ with self.subTest('existing file'): ++ os.chmod(file1, mode) ++ old_mode = os.stat(file1).st_mode ++ test(file1, target_is_directory=False) ++ new_mode = os.stat(file1).st_mode ++ self.assertEqual(new_mode, old_mode, ++ '%03o != %03o' % (new_mode, old_mode)) ++ ++ with self.subTest('existing dir'): ++ os.chmod(dir1, mode) ++ old_mode = os.stat(dir1).st_mode ++ test(dir1, target_is_directory=True) ++ new_mode = os.stat(dir1).st_mode ++ self.assertEqual(new_mode, old_mode, ++ '%03o != %03o' % (new_mode, old_mode)) ++ ++ @unittest.skipUnless(hasattr(os, 'chflags'), 'requires os.chflags') ++ @support.skip_unless_symlink ++ def test_cleanup_with_symlink_flags(self): ++ # cleanup() should not follow symlinks when fixing flags (#91133) ++ flags = stat.UF_IMMUTABLE | stat.UF_NOUNLINK ++ self.check_flags(flags) ++ ++ with self.do_create(recurse=0) as d2: ++ file1 = os.path.join(d2, 'file1') ++ open(file1, 'wb').close() ++ dir1 = os.path.join(d2, 'dir1') ++ os.mkdir(dir1) ++ def test(target, target_is_directory): ++ d1 = self.do_create(recurse=0) ++ symlink = os.path.join(d1.name, 'symlink') ++ os.symlink(target, symlink, ++ target_is_directory=target_is_directory) ++ try: ++ os.chflags(symlink, flags, follow_symlinks=False) ++ except NotImplementedError: ++ pass ++ try: ++ os.chflags(symlink, flags) ++ except FileNotFoundError: ++ pass ++ os.chflags(d1.name, flags) ++ d1.cleanup() ++ self.assertFalse(os.path.exists(d1.name)) ++ ++ with self.subTest('nonexisting file'): ++ test('nonexisting', target_is_directory=False) ++ with self.subTest('nonexisting dir'): ++ test('nonexisting', target_is_directory=True) ++ ++ with self.subTest('existing file'): ++ os.chflags(file1, flags) ++ old_flags = os.stat(file1).st_flags ++ test(file1, target_is_directory=False) ++ new_flags = os.stat(file1).st_flags ++ self.assertEqual(new_flags, old_flags) ++ ++ with self.subTest('existing dir'): ++ os.chflags(dir1, flags) ++ old_flags = os.stat(dir1).st_flags ++ test(dir1, target_is_directory=True) ++ new_flags = os.stat(dir1).st_flags ++ self.assertEqual(new_flags, old_flags) ++ + @support.cpython_only + def test_del_on_collection(self): + # A TemporaryDirectory is deleted when garbage collected +@@ -1385,7 +1488,7 @@ class TestTemporaryDirectory(BaseTestCase): + + tmp2 = os.path.join(tmp.name, 'test_dir') + os.mkdir(tmp2) +- with open(os.path.join(tmp2, "test.txt"), "w") as f: ++ with open(os.path.join(tmp2, "test0.txt"), "w") as f: + f.write("Hello world!") + + {mod}.tmp = tmp +@@ -1453,6 +1556,51 @@ class TestTemporaryDirectory(BaseTestCase): + self.assertEqual(name, d.name) + self.assertFalse(os.path.exists(name)) + ++ def test_modes(self): ++ for mode in range(8): ++ mode <<= 6 ++ with self.subTest(mode=format(mode, '03o')): ++ d = self.do_create(recurse=3, dirs=2, files=2) ++ with d: ++ # Change files and directories mode recursively. ++ for root, dirs, files in os.walk(d.name, topdown=False): ++ for name in files: ++ os.chmod(os.path.join(root, name), mode) ++ os.chmod(root, mode) ++ d.cleanup() ++ self.assertFalse(os.path.exists(d.name)) ++ ++ def check_flags(self, flags): ++ # skip the test if these flags are not supported (ex: FreeBSD 13) ++ filename = support.TESTFN ++ try: ++ open(filename, "w").close() ++ try: ++ os.chflags(filename, flags) ++ except OSError as exc: ++ # "OSError: [Errno 45] Operation not supported" ++ self.skipTest(f"chflags() doesn't support flags " ++ f"{flags:#b}: {exc}") ++ else: ++ os.chflags(filename, 0) ++ finally: ++ support.unlink(filename) ++ ++ @unittest.skipUnless(hasattr(os, 'chflags'), 'requires os.lchflags') ++ def test_flags(self): ++ flags = stat.UF_IMMUTABLE | stat.UF_NOUNLINK ++ self.check_flags(flags) ++ ++ d = self.do_create(recurse=3, dirs=2, files=2) ++ with d: ++ # Change files and directories flags recursively. ++ for root, dirs, files in os.walk(d.name, topdown=False): ++ for name in files: ++ os.chflags(os.path.join(root, name), flags) ++ os.chflags(root, flags) ++ d.cleanup() ++ self.assertFalse(os.path.exists(d.name)) ++ + + if __name__ == "__main__": + unittest.main() diff --git a/00427-zipextfile-tell-and-seek-cve-2024-0450.patch b/00427-zipextfile-tell-and-seek-cve-2024-0450.patch new file mode 100644 index 0000000..dfb5424 --- /dev/null +++ b/00427-zipextfile-tell-and-seek-cve-2024-0450.patch @@ -0,0 +1,314 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: John Jolly +Date: Tue, 30 Jan 2018 01:51:35 -0700 +Subject: 00427: ZipExtFile tell and seek, CVE-2024-0450 + +Backport of seek and tell methods for ZipExtFile makes it +possible to backport the fix for CVE-2024-0450. + +Combines: +https://github.com/python/cpython/commit/066df4fd454d6ff9be66e80b2a65995b10af174f +https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba +--- + Doc/library/zipfile.rst | 6 +- + Lib/test/test_zipfile.py | 94 +++++++++++++++++++ + Lib/zipfile.py | 94 +++++++++++++++++++ + .../2017-12-21-22-00-11.bpo-22908.cVm89I.rst | 2 + + ...-09-28-13-15-51.gh-issue-109858.43e2dg.rst | 3 + + 5 files changed, 196 insertions(+), 3 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2017-12-21-22-00-11.bpo-22908.cVm89I.rst + create mode 100644 Misc/NEWS.d/next/Library/2023-09-28-13-15-51.gh-issue-109858.43e2dg.rst + +diff --git a/Doc/library/zipfile.rst b/Doc/library/zipfile.rst +index b65b61d8da..5c28ce52c2 100644 +--- a/Doc/library/zipfile.rst ++++ b/Doc/library/zipfile.rst +@@ -230,9 +230,9 @@ ZipFile Objects + With *mode* ``'r'`` the file-like object + (``ZipExtFile``) is read-only and provides the following methods: + :meth:`~io.BufferedIOBase.read`, :meth:`~io.IOBase.readline`, +- :meth:`~io.IOBase.readlines`, :meth:`__iter__`, +- :meth:`~iterator.__next__`. These objects can operate independently of +- the ZipFile. ++ :meth:`~io.IOBase.readlines`, :meth:`~io.IOBase.seek`, ++ :meth:`~io.IOBase.tell`, :meth:`__iter__`, :meth:`~iterator.__next__`. ++ These objects can operate independently of the ZipFile. + + With ``mode='w'``, a writable file handle is returned, which supports the + :meth:`~io.BufferedIOBase.write` method. While a writable file handle is open, +diff --git a/Lib/test/test_zipfile.py b/Lib/test/test_zipfile.py +index e62b82e1d3..03799090b9 100644 +--- a/Lib/test/test_zipfile.py ++++ b/Lib/test/test_zipfile.py +@@ -1610,6 +1610,100 @@ class OtherTests(unittest.TestCase): + self.assertEqual(zipf.read('baz'), msg3) + self.assertEqual(zipf.namelist(), ['foo', 'bar', 'baz']) + ++ def test_seek_tell(self): ++ # Test seek functionality ++ txt = b"Where's Bruce?" ++ bloc = txt.find(b"Bruce") ++ # Check seek on a file ++ with zipfile.ZipFile(TESTFN, "w") as zipf: ++ zipf.writestr("foo.txt", txt) ++ with zipfile.ZipFile(TESTFN, "r") as zipf: ++ with zipf.open("foo.txt", "r") as fp: ++ fp.seek(bloc, os.SEEK_SET) ++ self.assertEqual(fp.tell(), bloc) ++ fp.seek(-bloc, os.SEEK_CUR) ++ self.assertEqual(fp.tell(), 0) ++ fp.seek(bloc, os.SEEK_CUR) ++ self.assertEqual(fp.tell(), bloc) ++ self.assertEqual(fp.read(5), txt[bloc:bloc+5]) ++ fp.seek(0, os.SEEK_END) ++ self.assertEqual(fp.tell(), len(txt)) ++ # Check seek on memory file ++ data = io.BytesIO() ++ with zipfile.ZipFile(data, mode="w") as zipf: ++ zipf.writestr("foo.txt", txt) ++ with zipfile.ZipFile(data, mode="r") as zipf: ++ with zipf.open("foo.txt", "r") as fp: ++ fp.seek(bloc, os.SEEK_SET) ++ self.assertEqual(fp.tell(), bloc) ++ fp.seek(-bloc, os.SEEK_CUR) ++ self.assertEqual(fp.tell(), 0) ++ fp.seek(bloc, os.SEEK_CUR) ++ self.assertEqual(fp.tell(), bloc) ++ self.assertEqual(fp.read(5), txt[bloc:bloc+5]) ++ fp.seek(0, os.SEEK_END) ++ self.assertEqual(fp.tell(), len(txt)) ++ ++ @requires_zlib ++ def test_full_overlap(self): ++ data = ( ++ b'PK\x03\x04\x14\x00\x00\x00\x08\x00\xa0lH\x05\xe2\x1e' ++ b'8\xbb\x10\x00\x00\x00\t\x04\x00\x00\x01\x00\x00\x00a\xed' ++ b'\xc0\x81\x08\x00\x00\x00\xc00\xd6\xfbK\\d\x0b`P' ++ b'K\x01\x02\x14\x00\x14\x00\x00\x00\x08\x00\xa0lH\x05\xe2' ++ b'\x1e8\xbb\x10\x00\x00\x00\t\x04\x00\x00\x01\x00\x00\x00\x00' ++ b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00aPK' ++ b'\x01\x02\x14\x00\x14\x00\x00\x00\x08\x00\xa0lH\x05\xe2\x1e' ++ b'8\xbb\x10\x00\x00\x00\t\x04\x00\x00\x01\x00\x00\x00\x00\x00' ++ b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00bPK\x05' ++ b'\x06\x00\x00\x00\x00\x02\x00\x02\x00^\x00\x00\x00/\x00\x00' ++ b'\x00\x00\x00' ++ ) ++ with zipfile.ZipFile(io.BytesIO(data), 'r') as zipf: ++ self.assertEqual(zipf.namelist(), ['a', 'b']) ++ zi = zipf.getinfo('a') ++ self.assertEqual(zi.header_offset, 0) ++ self.assertEqual(zi.compress_size, 16) ++ self.assertEqual(zi.file_size, 1033) ++ zi = zipf.getinfo('b') ++ self.assertEqual(zi.header_offset, 0) ++ self.assertEqual(zi.compress_size, 16) ++ self.assertEqual(zi.file_size, 1033) ++ self.assertEqual(len(zipf.read('a')), 1033) ++ with self.assertRaisesRegex(zipfile.BadZipFile, 'File name.*differ'): ++ zipf.read('b') ++ ++ @requires_zlib ++ def test_quoted_overlap(self): ++ data = ( ++ b'PK\x03\x04\x14\x00\x00\x00\x08\x00\xa0lH\x05Y\xfc' ++ b'8\x044\x00\x00\x00(\x04\x00\x00\x01\x00\x00\x00a\x00' ++ b'\x1f\x00\xe0\xffPK\x03\x04\x14\x00\x00\x00\x08\x00\xa0l' ++ b'H\x05\xe2\x1e8\xbb\x10\x00\x00\x00\t\x04\x00\x00\x01\x00' ++ b'\x00\x00b\xed\xc0\x81\x08\x00\x00\x00\xc00\xd6\xfbK\\' ++ b'd\x0b`PK\x01\x02\x14\x00\x14\x00\x00\x00\x08\x00\xa0' ++ b'lH\x05Y\xfc8\x044\x00\x00\x00(\x04\x00\x00\x01' ++ b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' ++ b'\x00aPK\x01\x02\x14\x00\x14\x00\x00\x00\x08\x00\xa0l' ++ b'H\x05\xe2\x1e8\xbb\x10\x00\x00\x00\t\x04\x00\x00\x01\x00' ++ b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00$\x00\x00\x00' ++ b'bPK\x05\x06\x00\x00\x00\x00\x02\x00\x02\x00^\x00\x00' ++ b'\x00S\x00\x00\x00\x00\x00' ++ ) ++ with zipfile.ZipFile(io.BytesIO(data), 'r') as zipf: ++ self.assertEqual(zipf.namelist(), ['a', 'b']) ++ zi = zipf.getinfo('a') ++ self.assertEqual(zi.header_offset, 0) ++ self.assertEqual(zi.compress_size, 52) ++ self.assertEqual(zi.file_size, 1064) ++ zi = zipf.getinfo('b') ++ self.assertEqual(zi.header_offset, 36) ++ self.assertEqual(zi.compress_size, 16) ++ self.assertEqual(zi.file_size, 1033) ++ with self.assertRaisesRegex(zipfile.BadZipFile, 'Overlapped entries'): ++ zipf.read('a') ++ self.assertEqual(len(zipf.read('b')), 1033) ++ + def tearDown(self): + unlink(TESTFN) + unlink(TESTFN2) +diff --git a/Lib/zipfile.py b/Lib/zipfile.py +index edde0c5fd4..e6d7676079 100644 +--- a/Lib/zipfile.py ++++ b/Lib/zipfile.py +@@ -338,6 +338,7 @@ class ZipInfo (object): + 'compress_size', + 'file_size', + '_raw_time', ++ '_end_offset', + ) + + def __init__(self, filename="NoName", date_time=(1980,1,1,0,0,0)): +@@ -376,6 +377,7 @@ class ZipInfo (object): + self.volume = 0 # Volume number of file header + self.internal_attr = 0 # Internal attributes + self.external_attr = 0 # External file attributes ++ self._end_offset = None # Start of the next local header or central directory + # Other attributes are set by class ZipFile: + # header_offset Byte offset to the file header + # CRC CRC-32 of the uncompressed file +@@ -718,6 +720,18 @@ class _SharedFile: + self._close = close + self._lock = lock + self._writing = writing ++ self.seekable = file.seekable ++ self.tell = file.tell ++ ++ def seek(self, offset, whence=0): ++ with self._lock: ++ if self.writing(): ++ raise ValueError("Can't reposition in the ZIP file while " ++ "there is an open writing handle on it. " ++ "Close the writing handle before trying to read.") ++ self._file.seek(self._pos) ++ self._pos = self._file.tell() ++ return self._pos + + def read(self, n=-1): + with self._lock: +@@ -768,6 +782,9 @@ class ZipExtFile(io.BufferedIOBase): + # Read from compressed files in 4k blocks. + MIN_READ_SIZE = 4096 + ++ # Chunk size to read during seek ++ MAX_SEEK_READ = 1 << 24 ++ + def __init__(self, fileobj, mode, zipinfo, decrypter=None, + close_fileobj=False): + self._fileobj = fileobj +@@ -800,6 +817,17 @@ class ZipExtFile(io.BufferedIOBase): + else: + self._expected_crc = None + ++ self._seekable = False ++ try: ++ if fileobj.seekable(): ++ self._orig_compress_start = fileobj.tell() ++ self._orig_compress_size = zipinfo.compress_size ++ self._orig_file_size = zipinfo.file_size ++ self._orig_start_crc = self._running_crc ++ self._seekable = True ++ except AttributeError: ++ pass ++ + def __repr__(self): + result = ['<%s.%s' % (self.__class__.__module__, + self.__class__.__qualname__)] +@@ -985,6 +1013,62 @@ class ZipExtFile(io.BufferedIOBase): + finally: + super().close() + ++ def seekable(self): ++ return self._seekable ++ ++ def seek(self, offset, whence=0): ++ if not self._seekable: ++ raise io.UnsupportedOperation("underlying stream is not seekable") ++ curr_pos = self.tell() ++ if whence == 0: # Seek from start of file ++ new_pos = offset ++ elif whence == 1: # Seek from current position ++ new_pos = curr_pos + offset ++ elif whence == 2: # Seek from EOF ++ new_pos = self._orig_file_size + offset ++ else: ++ raise ValueError("whence must be os.SEEK_SET (0), " ++ "os.SEEK_CUR (1), or os.SEEK_END (2)") ++ ++ if new_pos > self._orig_file_size: ++ new_pos = self._orig_file_size ++ ++ if new_pos < 0: ++ new_pos = 0 ++ ++ read_offset = new_pos - curr_pos ++ buff_offset = read_offset + self._offset ++ ++ if buff_offset >= 0 and buff_offset < len(self._readbuffer): ++ # Just move the _offset index if the new position is in the _readbuffer ++ self._offset = buff_offset ++ read_offset = 0 ++ elif read_offset < 0: ++ # Position is before the current position. Reset the ZipExtFile ++ ++ self._fileobj.seek(self._orig_compress_start) ++ self._running_crc = self._orig_start_crc ++ self._compress_left = self._orig_compress_size ++ self._left = self._orig_file_size ++ self._readbuffer = b'' ++ self._offset = 0 ++ self._decompressor = zipfile._get_decompressor(self._compress_type) ++ self._eof = False ++ read_offset = new_pos ++ ++ while read_offset > 0: ++ read_len = min(self.MAX_SEEK_READ, read_offset) ++ self.read(read_len) ++ read_offset -= read_len ++ ++ return self.tell() ++ ++ def tell(self): ++ if not self._seekable: ++ raise io.UnsupportedOperation("underlying stream is not seekable") ++ filepos = self._orig_file_size - self._left - len(self._readbuffer) + self._offset ++ return filepos ++ + + class _ZipWriteFile(io.BufferedIOBase): + def __init__(self, zf, zinfo, zip64): +@@ -1264,6 +1348,12 @@ class ZipFile: + if self.debug > 2: + print("total", total) + ++ end_offset = self.start_dir ++ for zinfo in sorted(self.filelist, ++ key=lambda zinfo: zinfo.header_offset, ++ reverse=True): ++ zinfo._end_offset = end_offset ++ end_offset = zinfo.header_offset + + def namelist(self): + """Return a list of file names in the archive.""" +@@ -1418,6 +1508,10 @@ class ZipFile: + 'File name in directory %r and header %r differ.' + % (zinfo.orig_filename, fname)) + ++ if (zinfo._end_offset is not None and ++ zef_file.tell() + zinfo.compress_size > zinfo._end_offset): ++ raise BadZipFile(f"Overlapped entries: {zinfo.orig_filename!r} (possible zip bomb)") ++ + # check for encrypted flag & handle password + is_encrypted = zinfo.flag_bits & 0x1 + zd = None +diff --git a/Misc/NEWS.d/next/Library/2017-12-21-22-00-11.bpo-22908.cVm89I.rst b/Misc/NEWS.d/next/Library/2017-12-21-22-00-11.bpo-22908.cVm89I.rst +new file mode 100644 +index 0000000000..4f3cc01660 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2017-12-21-22-00-11.bpo-22908.cVm89I.rst +@@ -0,0 +1,2 @@ ++Added seek and tell to the ZipExtFile class. This only works if the file ++object used to open the zipfile is seekable. +diff --git a/Misc/NEWS.d/next/Library/2023-09-28-13-15-51.gh-issue-109858.43e2dg.rst b/Misc/NEWS.d/next/Library/2023-09-28-13-15-51.gh-issue-109858.43e2dg.rst +new file mode 100644 +index 0000000000..be279caffc +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2023-09-28-13-15-51.gh-issue-109858.43e2dg.rst +@@ -0,0 +1,3 @@ ++Protect :mod:`zipfile` from "quoted-overlap" zipbomb. It now raises ++BadZipFile when try to read an entry that overlaps with other entry or ++central directory. diff --git a/00431-cve-2024-4032.patch b/00431-cve-2024-4032.patch new file mode 100644 index 0000000..85b343e --- /dev/null +++ b/00431-cve-2024-4032.patch @@ -0,0 +1,356 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Petr Viktorin +Date: Tue, 7 May 2024 11:58:20 +0200 +Subject: 00431: CVE-2024-4032: incorrect IPv4 and IPv6 private ranges + +Upstream issue: https://github.com/python/cpython/issues/113171 + +Backported from 3.8. +--- + Doc/library/ipaddress.rst | 43 ++++++++- + Doc/tools/susp-ignored.csv | 8 ++ + Lib/ipaddress.py | 95 +++++++++++++++---- + Lib/test/test_ipaddress.py | 52 ++++++++++ + ...-03-14-01-38-44.gh-issue-113171.VFnObz.rst | 9 ++ + 5 files changed, 186 insertions(+), 21 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2024-03-14-01-38-44.gh-issue-113171.VFnObz.rst + +diff --git a/Doc/library/ipaddress.rst b/Doc/library/ipaddress.rst +index 4ce1ed1ced..18613babc9 100644 +--- a/Doc/library/ipaddress.rst ++++ b/Doc/library/ipaddress.rst +@@ -166,18 +166,53 @@ write code that handles both IP versions correctly. Address objects are + + .. attribute:: is_private + +- ``True`` if the address is allocated for private networks. See ++ ``True`` if the address is defined as not globally reachable by + iana-ipv4-special-registry_ (for IPv4) or iana-ipv6-special-registry_ +- (for IPv6). ++ (for IPv6) with the following exceptions: ++ ++ * ``is_private`` is ``False`` for the shared address space (``100.64.0.0/10``) ++ * For IPv4-mapped IPv6-addresses the ``is_private`` value is determined by the ++ semantics of the underlying IPv4 addresses and the following condition holds ++ (see :attr:`IPv6Address.ipv4_mapped`):: ++ ++ address.is_private == address.ipv4_mapped.is_private ++ ++ ``is_private`` has value opposite to :attr:`is_global`, except for the shared address space ++ (``100.64.0.0/10`` range) where they are both ``False``. ++ ++ .. versionchanged:: 3.8.20 ++ ++ Fixed some false positives and false negatives. ++ ++ * ``192.0.0.0/24`` is considered private with the exception of ``192.0.0.9/32`` and ++ ``192.0.0.10/32`` (previously: only the ``192.0.0.0/29`` sub-range was considered private). ++ * ``64:ff9b:1::/48`` is considered private. ++ * ``2002::/16`` is considered private. ++ * There are exceptions within ``2001::/23`` (otherwise considered private): ``2001:1::1/128``, ++ ``2001:1::2/128``, ``2001:3::/32``, ``2001:4:112::/48``, ``2001:20::/28``, ``2001:30::/28``. ++ The exceptions are not considered private. + + .. attribute:: is_global + +- ``True`` if the address is allocated for public networks. See ++ ``True`` if the address is defined as globally reachable by + iana-ipv4-special-registry_ (for IPv4) or iana-ipv6-special-registry_ +- (for IPv6). ++ (for IPv6) with the following exception: ++ ++ For IPv4-mapped IPv6-addresses the ``is_private`` value is determined by the ++ semantics of the underlying IPv4 addresses and the following condition holds ++ (see :attr:`IPv6Address.ipv4_mapped`):: ++ ++ address.is_global == address.ipv4_mapped.is_global ++ ++ ``is_global`` has value opposite to :attr:`is_private`, except for the shared address space ++ (``100.64.0.0/10`` range) where they are both ``False``. + + .. versionadded:: 3.4 + ++ .. versionchanged:: 3.8.20 ++ ++ Fixed some false positives and false negatives, see :attr:`is_private` for details. ++ + .. attribute:: is_unspecified + + ``True`` if the address is unspecified. See :RFC:`5735` (for IPv4) +diff --git a/Doc/tools/susp-ignored.csv b/Doc/tools/susp-ignored.csv +index ed434ce77d..6bc0741b12 100644 +--- a/Doc/tools/susp-ignored.csv ++++ b/Doc/tools/susp-ignored.csv +@@ -160,6 +160,14 @@ library/ipaddress,,:db00,2001:db00::0/24 + library/ipaddress,,::,2001:db00::0/24 + library/ipaddress,,:db00,2001:db00::0/ffff:ff00:: + library/ipaddress,,::,2001:db00::0/ffff:ff00:: ++library/ipaddress,,:ff9b,64:ff9b:1::/48 ++library/ipaddress,,::,64:ff9b:1::/48 ++library/ipaddress,,::,2001:: ++library/ipaddress,,::,2001:1:: ++library/ipaddress,,::,2001:3:: ++library/ipaddress,,::,2001:4:112:: ++library/ipaddress,,::,2001:20:: ++library/ipaddress,,::,2001:30:: + library/itertools,,:step,elements from seq[start:stop:step] + library/itertools,,:stop,elements from seq[start:stop:step] + library/logging.handlers,,:port,host:port +diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py +index 98492136ca..55d4d62d70 100644 +--- a/Lib/ipaddress.py ++++ b/Lib/ipaddress.py +@@ -1302,18 +1302,41 @@ class IPv4Address(_BaseV4, _BaseAddress): + @property + @functools.lru_cache() + def is_private(self): +- """Test if this address is allocated for private networks. ++ """``True`` if the address is defined as not globally reachable by ++ iana-ipv4-special-registry_ (for IPv4) or iana-ipv6-special-registry_ ++ (for IPv6) with the following exceptions: + +- Returns: +- A boolean, True if the address is reserved per +- iana-ipv4-special-registry. ++ * ``is_private`` is ``False`` for ``100.64.0.0/10`` ++ * For IPv4-mapped IPv6-addresses the ``is_private`` value is determined by the ++ semantics of the underlying IPv4 addresses and the following condition holds ++ (see :attr:`IPv6Address.ipv4_mapped`):: + ++ address.is_private == address.ipv4_mapped.is_private ++ ++ ``is_private`` has value opposite to :attr:`is_global`, except for the ``100.64.0.0/10`` ++ IPv4 range where they are both ``False``. + """ +- return any(self in net for net in self._constants._private_networks) ++ return ( ++ any(self in net for net in self._constants._private_networks) ++ and all(self not in net for net in self._constants._private_networks_exceptions) ++ ) + + @property + @functools.lru_cache() + def is_global(self): ++ """``True`` if the address is defined as globally reachable by ++ iana-ipv4-special-registry_ (for IPv4) or iana-ipv6-special-registry_ ++ (for IPv6) with the following exception: ++ ++ For IPv4-mapped IPv6-addresses the ``is_private`` value is determined by the ++ semantics of the underlying IPv4 addresses and the following condition holds ++ (see :attr:`IPv6Address.ipv4_mapped`):: ++ ++ address.is_global == address.ipv4_mapped.is_global ++ ++ ``is_global`` has value opposite to :attr:`is_private`, except for the ``100.64.0.0/10`` ++ IPv4 range where they are both ``False``. ++ """ + return self not in self._constants._public_network and not self.is_private + + @property +@@ -1548,13 +1571,15 @@ class _IPv4Constants: + + _public_network = IPv4Network('100.64.0.0/10') + ++ # Not globally reachable address blocks listed on ++ # https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml + _private_networks = [ + IPv4Network('0.0.0.0/8'), + IPv4Network('10.0.0.0/8'), + IPv4Network('127.0.0.0/8'), + IPv4Network('169.254.0.0/16'), + IPv4Network('172.16.0.0/12'), +- IPv4Network('192.0.0.0/29'), ++ IPv4Network('192.0.0.0/24'), + IPv4Network('192.0.0.170/31'), + IPv4Network('192.0.2.0/24'), + IPv4Network('192.168.0.0/16'), +@@ -1565,6 +1590,11 @@ class _IPv4Constants: + IPv4Network('255.255.255.255/32'), + ] + ++ _private_networks_exceptions = [ ++ IPv4Network('192.0.0.9/32'), ++ IPv4Network('192.0.0.10/32'), ++ ] ++ + _reserved_network = IPv4Network('240.0.0.0/4') + + _unspecified_address = IPv4Address('0.0.0.0') +@@ -1953,23 +1983,42 @@ class IPv6Address(_BaseV6, _BaseAddress): + @property + @functools.lru_cache() + def is_private(self): +- """Test if this address is allocated for private networks. ++ """``True`` if the address is defined as not globally reachable by ++ iana-ipv4-special-registry_ (for IPv4) or iana-ipv6-special-registry_ ++ (for IPv6) with the following exceptions: + +- Returns: +- A boolean, True if the address is reserved per +- iana-ipv6-special-registry. ++ * ``is_private`` is ``False`` for ``100.64.0.0/10`` ++ * For IPv4-mapped IPv6-addresses the ``is_private`` value is determined by the ++ semantics of the underlying IPv4 addresses and the following condition holds ++ (see :attr:`IPv6Address.ipv4_mapped`):: + ++ address.is_private == address.ipv4_mapped.is_private ++ ++ ``is_private`` has value opposite to :attr:`is_global`, except for the ``100.64.0.0/10`` ++ IPv4 range where they are both ``False``. + """ +- return any(self in net for net in self._constants._private_networks) ++ ipv4_mapped = self.ipv4_mapped ++ if ipv4_mapped is not None: ++ return ipv4_mapped.is_private ++ return ( ++ any(self in net for net in self._constants._private_networks) ++ and all(self not in net for net in self._constants._private_networks_exceptions) ++ ) + + @property + def is_global(self): +- """Test if this address is allocated for public networks. ++ """``True`` if the address is defined as globally reachable by ++ iana-ipv4-special-registry_ (for IPv4) or iana-ipv6-special-registry_ ++ (for IPv6) with the following exception: + +- Returns: +- A boolean, true if the address is not reserved per +- iana-ipv6-special-registry. ++ For IPv4-mapped IPv6-addresses the ``is_private`` value is determined by the ++ semantics of the underlying IPv4 addresses and the following condition holds ++ (see :attr:`IPv6Address.ipv4_mapped`):: + ++ address.is_global == address.ipv4_mapped.is_global ++ ++ ``is_global`` has value opposite to :attr:`is_private`, except for the ``100.64.0.0/10`` ++ IPv4 range where they are both ``False``. + """ + return not self.is_private + +@@ -2236,19 +2285,31 @@ class _IPv6Constants: + + _multicast_network = IPv6Network('ff00::/8') + ++ # Not globally reachable address blocks listed on ++ # https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml + _private_networks = [ + IPv6Network('::1/128'), + IPv6Network('::/128'), + IPv6Network('::ffff:0:0/96'), ++ IPv6Network('64:ff9b:1::/48'), + IPv6Network('100::/64'), + IPv6Network('2001::/23'), +- IPv6Network('2001:2::/48'), + IPv6Network('2001:db8::/32'), +- IPv6Network('2001:10::/28'), ++ # IANA says N/A, let's consider it not globally reachable to be safe ++ IPv6Network('2002::/16'), + IPv6Network('fc00::/7'), + IPv6Network('fe80::/10'), + ] + ++ _private_networks_exceptions = [ ++ IPv6Network('2001:1::1/128'), ++ IPv6Network('2001:1::2/128'), ++ IPv6Network('2001:3::/32'), ++ IPv6Network('2001:4:112::/48'), ++ IPv6Network('2001:20::/28'), ++ IPv6Network('2001:30::/28'), ++ ] ++ + _reserved_networks = [ + IPv6Network('::/8'), IPv6Network('100::/8'), + IPv6Network('200::/7'), IPv6Network('400::/6'), +diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py +index 7de444af4a..716846b2ae 100644 +--- a/Lib/test/test_ipaddress.py ++++ b/Lib/test/test_ipaddress.py +@@ -1665,6 +1665,10 @@ class IpaddrUnitTest(unittest.TestCase): + self.assertEqual(True, ipaddress.ip_address( + '172.31.255.255').is_private) + self.assertEqual(False, ipaddress.ip_address('172.32.0.0').is_private) ++ self.assertFalse(ipaddress.ip_address('192.0.0.0').is_global) ++ self.assertTrue(ipaddress.ip_address('192.0.0.9').is_global) ++ self.assertTrue(ipaddress.ip_address('192.0.0.10').is_global) ++ self.assertFalse(ipaddress.ip_address('192.0.0.255').is_global) + + self.assertEqual(True, + ipaddress.ip_address('169.254.100.200').is_link_local) +@@ -1680,6 +1684,40 @@ class IpaddrUnitTest(unittest.TestCase): + self.assertEqual(False, ipaddress.ip_address('128.0.0.0').is_loopback) + self.assertEqual(True, ipaddress.ip_network('0.0.0.0').is_unspecified) + ++ def testPrivateNetworks(self): ++ self.assertEqual(True, ipaddress.ip_network("0.0.0.0/0").is_private) ++ self.assertEqual(False, ipaddress.ip_network("1.0.0.0/8").is_private) ++ ++ self.assertEqual(True, ipaddress.ip_network("0.0.0.0/8").is_private) ++ self.assertEqual(True, ipaddress.ip_network("10.0.0.0/8").is_private) ++ self.assertEqual(True, ipaddress.ip_network("127.0.0.0/8").is_private) ++ self.assertEqual(True, ipaddress.ip_network("169.254.0.0/16").is_private) ++ self.assertEqual(True, ipaddress.ip_network("172.16.0.0/12").is_private) ++ self.assertEqual(True, ipaddress.ip_network("192.0.0.0/29").is_private) ++ self.assertEqual(False, ipaddress.ip_network("192.0.0.9/32").is_private) ++ self.assertEqual(True, ipaddress.ip_network("192.0.0.170/31").is_private) ++ self.assertEqual(True, ipaddress.ip_network("192.0.2.0/24").is_private) ++ self.assertEqual(True, ipaddress.ip_network("192.168.0.0/16").is_private) ++ self.assertEqual(True, ipaddress.ip_network("198.18.0.0/15").is_private) ++ self.assertEqual(True, ipaddress.ip_network("198.51.100.0/24").is_private) ++ self.assertEqual(True, ipaddress.ip_network("203.0.113.0/24").is_private) ++ self.assertEqual(True, ipaddress.ip_network("240.0.0.0/4").is_private) ++ self.assertEqual(True, ipaddress.ip_network("255.255.255.255/32").is_private) ++ ++ self.assertEqual(False, ipaddress.ip_network("::/0").is_private) ++ self.assertEqual(False, ipaddress.ip_network("::ff/128").is_private) ++ ++ self.assertEqual(True, ipaddress.ip_network("::1/128").is_private) ++ self.assertEqual(True, ipaddress.ip_network("::/128").is_private) ++ self.assertEqual(True, ipaddress.ip_network("::ffff:0:0/96").is_private) ++ self.assertEqual(True, ipaddress.ip_network("100::/64").is_private) ++ self.assertEqual(True, ipaddress.ip_network("2001:2::/48").is_private) ++ self.assertEqual(False, ipaddress.ip_network("2001:3::/48").is_private) ++ self.assertEqual(True, ipaddress.ip_network("2001:db8::/32").is_private) ++ self.assertEqual(True, ipaddress.ip_network("2001:10::/28").is_private) ++ self.assertEqual(True, ipaddress.ip_network("fc00::/7").is_private) ++ self.assertEqual(True, ipaddress.ip_network("fe80::/10").is_private) ++ + def testReservedIpv6(self): + + self.assertEqual(True, ipaddress.ip_network('ffff::').is_multicast) +@@ -1753,6 +1791,20 @@ class IpaddrUnitTest(unittest.TestCase): + self.assertEqual(True, ipaddress.ip_address('0::0').is_unspecified) + self.assertEqual(False, ipaddress.ip_address('::1').is_unspecified) + ++ self.assertFalse(ipaddress.ip_address('64:ff9b:1::').is_global) ++ self.assertFalse(ipaddress.ip_address('2001::').is_global) ++ self.assertTrue(ipaddress.ip_address('2001:1::1').is_global) ++ self.assertTrue(ipaddress.ip_address('2001:1::2').is_global) ++ self.assertFalse(ipaddress.ip_address('2001:2::').is_global) ++ self.assertTrue(ipaddress.ip_address('2001:3::').is_global) ++ self.assertFalse(ipaddress.ip_address('2001:4::').is_global) ++ self.assertTrue(ipaddress.ip_address('2001:4:112::').is_global) ++ self.assertFalse(ipaddress.ip_address('2001:10::').is_global) ++ self.assertTrue(ipaddress.ip_address('2001:20::').is_global) ++ self.assertTrue(ipaddress.ip_address('2001:30::').is_global) ++ self.assertFalse(ipaddress.ip_address('2001:40::').is_global) ++ self.assertFalse(ipaddress.ip_address('2002::').is_global) ++ + # some generic IETF reserved addresses + self.assertEqual(True, ipaddress.ip_address('100::').is_reserved) + self.assertEqual(True, ipaddress.ip_network('4000::1/128').is_reserved) +diff --git a/Misc/NEWS.d/next/Library/2024-03-14-01-38-44.gh-issue-113171.VFnObz.rst b/Misc/NEWS.d/next/Library/2024-03-14-01-38-44.gh-issue-113171.VFnObz.rst +new file mode 100644 +index 0000000000..f9a72473be +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2024-03-14-01-38-44.gh-issue-113171.VFnObz.rst +@@ -0,0 +1,9 @@ ++Fixed various false positives and false negatives in ++ ++* :attr:`ipaddress.IPv4Address.is_private` (see these docs for details) ++* :attr:`ipaddress.IPv4Address.is_global` ++* :attr:`ipaddress.IPv6Address.is_private` ++* :attr:`ipaddress.IPv6Address.is_global` ++ ++Also in the corresponding :class:`ipaddress.IPv4Network` and :class:`ipaddress.IPv6Network` ++attributes. diff --git a/00435-gh-121650-encode-newlines-in-headers-and-verify.patch b/00435-gh-121650-encode-newlines-in-headers-and-verify.patch new file mode 100644 index 0000000..6c6bebb --- /dev/null +++ b/00435-gh-121650-encode-newlines-in-headers-and-verify.patch @@ -0,0 +1,381 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hrn=C4=8Diar?= +Date: Fri, 16 Aug 2024 14:12:58 +0200 +Subject: 00435: gh-121650: Encode newlines in headers, and verify headers are + sound (GH-122233) + +Per RFC 2047: + +> [...] these encoding schemes allow the +> encoding of arbitrary octet values, mail readers that implement this +> decoding should also ensure that display of the decoded data on the +> recipient's terminal will not cause unwanted side-effects + +It seems that the "quoted-word" scheme is a valid way to include +a newline character in a header value, just like we already allow +undecodable bytes or control characters. +They do need to be properly quoted when serialized to text, though. + +This should fail for custom fold() implementations that aren't careful +about newlines. + +(cherry picked from commit 097633981879b3c9de9a1dd120d3aa585ecc2384) + +This patch also contains modified commit cherry picked from +c5bba853d5e7836f6d4340e18721d3fb3a6ee0f7. + +This commit was backported to simplify the backport of the other commit +fixing CVE. The only modification is a removal of one test case which +tests multiple changes in Python 3.7 and it wasn't working properly +with Python 3.6 where we backported only one change. + +Co-authored-by: Petr Viktorin +Co-authored-by: Bas Bloemsaat +Co-authored-by: Serhiy Storchaka +Co-authored-by: bsiem <52461103+bsiem@users.noreply.github.com> +--- + Doc/library/email.errors.rst | 6 ++ + Doc/library/email.policy.rst | 18 ++++++ + Lib/email/_header_value_parser.py | 9 +++ + Lib/email/_policybase.py | 8 +++ + Lib/email/errors.py | 4 ++ + Lib/email/generator.py | 16 ++++- + Lib/test/test_email/test_generator.py | 62 +++++++++++++++++++ + Lib/test/test_email/test_headerregistry.py | 16 +++++ + Lib/test/test_email/test_policy.py | 26 ++++++++ + .../2019-07-09-11-20-21.bpo-37482.auzvev.rst | 1 + + ...-07-27-16-10-41.gh-issue-121650.nf6oc9.rst | 5 ++ + 11 files changed, 170 insertions(+), 1 deletion(-) + create mode 100644 Misc/NEWS.d/next/Library/2019-07-09-11-20-21.bpo-37482.auzvev.rst + create mode 100644 Misc/NEWS.d/next/Library/2024-07-27-16-10-41.gh-issue-121650.nf6oc9.rst + +diff --git a/Doc/library/email.errors.rst b/Doc/library/email.errors.rst +index 511ad16358..7e51f74467 100644 +--- a/Doc/library/email.errors.rst ++++ b/Doc/library/email.errors.rst +@@ -59,6 +59,12 @@ The following exception classes are defined in the :mod:`email.errors` module: + :class:`~email.mime.image.MIMEImage`). + + ++.. exception:: HeaderWriteError() ++ ++ Raised when an error occurs when the :mod:`~email.generator` outputs ++ headers. ++ ++ + Here is the list of the defects that the :class:`~email.parser.FeedParser` + can find while parsing messages. Note that the defects are added to the message + where the problem was found, so for example, if a message nested inside a +diff --git a/Doc/library/email.policy.rst b/Doc/library/email.policy.rst +index 8e70762598..8617b2ed5b 100644 +--- a/Doc/library/email.policy.rst ++++ b/Doc/library/email.policy.rst +@@ -229,6 +229,24 @@ added matters. To illustrate:: + + .. versionadded:: 3.6 + ++ ++ .. attribute:: verify_generated_headers ++ ++ If ``True`` (the default), the generator will raise ++ :exc:`~email.errors.HeaderWriteError` instead of writing a header ++ that is improperly folded or delimited, such that it would ++ be parsed as multiple headers or joined with adjacent data. ++ Such headers can be generated by custom header classes or bugs ++ in the ``email`` module. ++ ++ As it's a security feature, this defaults to ``True`` even in the ++ :class:`~email.policy.Compat32` policy. ++ For backwards compatible, but unsafe, behavior, it must be set to ++ ``False`` explicitly. ++ ++ .. versionadded:: 3.8.20 ++ ++ + The following :class:`Policy` method is intended to be called by code using + the email library to create policy instances with custom settings: + +diff --git a/Lib/email/_header_value_parser.py b/Lib/email/_header_value_parser.py +index bc9c9b6241..04035b2612 100644 +--- a/Lib/email/_header_value_parser.py ++++ b/Lib/email/_header_value_parser.py +@@ -92,6 +92,8 @@ TOKEN_ENDS = TSPECIALS | WSP + ASPECIALS = TSPECIALS | set("*'%") + ATTRIBUTE_ENDS = ASPECIALS | WSP + EXTENDED_ATTRIBUTE_ENDS = ATTRIBUTE_ENDS - set('%') ++NLSET = {'\n', '\r'} ++SPECIALSNL = SPECIALS | NLSET + + def quote_string(value): + return '"'+str(value).replace('\\', '\\\\').replace('"', r'\"')+'"' +@@ -2611,6 +2613,13 @@ def _refold_parse_tree(parse_tree, *, policy): + wrap_as_ew_blocked -= 1 + continue + tstr = str(part) ++ if not want_encoding: ++ if part.token_type == 'ptext': ++ # Encode if tstr contains special characters. ++ want_encoding = not SPECIALSNL.isdisjoint(tstr) ++ else: ++ # Encode if tstr contains newlines. ++ want_encoding = not NLSET.isdisjoint(tstr) + try: + tstr.encode(encoding) + charset = encoding +diff --git a/Lib/email/_policybase.py b/Lib/email/_policybase.py +index c9cbadd2a8..d1f48211f9 100644 +--- a/Lib/email/_policybase.py ++++ b/Lib/email/_policybase.py +@@ -157,6 +157,13 @@ class Policy(_PolicyBase, metaclass=abc.ABCMeta): + message_factory -- the class to use to create new message objects. + If the value is None, the default is Message. + ++ verify_generated_headers ++ -- if true, the generator verifies that each header ++ they are properly folded, so that a parser won't ++ treat it as multiple headers, start-of-body, or ++ part of another header. ++ This is a check against custom Header & fold() ++ implementations. + """ + + raise_on_defect = False +@@ -165,6 +172,7 @@ class Policy(_PolicyBase, metaclass=abc.ABCMeta): + max_line_length = 78 + mangle_from_ = False + message_factory = None ++ verify_generated_headers = True + + def handle_defect(self, obj, defect): + """Based on policy, either raise defect or call register_defect. +diff --git a/Lib/email/errors.py b/Lib/email/errors.py +index d28a680010..1a0d5c63e6 100644 +--- a/Lib/email/errors.py ++++ b/Lib/email/errors.py +@@ -29,6 +29,10 @@ class CharsetError(MessageError): + """An illegal charset was given.""" + + ++class HeaderWriteError(MessageError): ++ """Error while writing headers.""" ++ ++ + # These are parsing defects which the parser was able to work around. + class MessageDefect(ValueError): + """Base class for a message defect.""" +diff --git a/Lib/email/generator.py b/Lib/email/generator.py +index ae670c2353..6deb95ba8a 100644 +--- a/Lib/email/generator.py ++++ b/Lib/email/generator.py +@@ -14,12 +14,14 @@ import random + from copy import deepcopy + from io import StringIO, BytesIO + from email.utils import _has_surrogates ++from email.errors import HeaderWriteError + + UNDERSCORE = '_' + NL = '\n' # XXX: no longer used by the code below. + + NLCRE = re.compile(r'\r\n|\r|\n') + fcre = re.compile(r'^From ', re.MULTILINE) ++NEWLINE_WITHOUT_FWSP = re.compile(r'\r\n[^ \t]|\r[^ \n\t]|\n[^ \t]') + + + +@@ -219,7 +221,19 @@ class Generator: + + def _write_headers(self, msg): + for h, v in msg.raw_items(): +- self.write(self.policy.fold(h, v)) ++ folded = self.policy.fold(h, v) ++ if self.policy.verify_generated_headers: ++ linesep = self.policy.linesep ++ if not folded.endswith(self.policy.linesep): ++ raise HeaderWriteError( ++ f'folded header does not end with {linesep!r}: {folded!r}') ++ folded_no_linesep = folded ++ if folded.endswith(linesep): ++ folded_no_linesep = folded[:-len(linesep)] ++ if NEWLINE_WITHOUT_FWSP.search(folded_no_linesep): ++ raise HeaderWriteError( ++ f'folded header contains newline: {folded!r}') ++ self.write(folded) + # A blank line always separates headers from body + self.write(self._NL) + +diff --git a/Lib/test/test_email/test_generator.py b/Lib/test/test_email/test_generator.py +index c1aeaefab7..cdf1075bab 100644 +--- a/Lib/test/test_email/test_generator.py ++++ b/Lib/test/test_email/test_generator.py +@@ -5,6 +5,7 @@ from email import message_from_string, message_from_bytes + from email.message import EmailMessage + from email.generator import Generator, BytesGenerator + from email import policy ++import email.errors + from test.test_email import TestEmailBase, parameterize + + +@@ -215,6 +216,44 @@ class TestGeneratorBase: + g.flatten(msg) + self.assertEqual(s.getvalue(), self.typ(expected)) + ++ def test_keep_encoded_newlines(self): ++ msg = self.msgmaker(self.typ(textwrap.dedent("""\ ++ To: nobody ++ Subject: Bad subject=?UTF-8?Q?=0A?=Bcc: injection@example.com ++ ++ None ++ """))) ++ expected = textwrap.dedent("""\ ++ To: nobody ++ Subject: Bad subject=?UTF-8?Q?=0A?=Bcc: injection@example.com ++ ++ None ++ """) ++ s = self.ioclass() ++ g = self.genclass(s, policy=self.policy.clone(max_line_length=80)) ++ g.flatten(msg) ++ self.assertEqual(s.getvalue(), self.typ(expected)) ++ ++ def test_keep_long_encoded_newlines(self): ++ msg = self.msgmaker(self.typ(textwrap.dedent("""\ ++ To: nobody ++ Subject: Bad subject =?UTF-8?Q?=0A?=Bcc: injection@example.com ++ ++ None ++ """))) ++ expected = textwrap.dedent("""\ ++ To: nobody ++ Subject: Bad subject \n\ ++ =?utf-8?q?=0A?=Bcc: ++ injection@example.com ++ ++ None ++ """) ++ s = self.ioclass() ++ g = self.genclass(s, policy=self.policy.clone(max_line_length=30)) ++ g.flatten(msg) ++ self.assertEqual(s.getvalue(), self.typ(expected)) ++ + + class TestGenerator(TestGeneratorBase, TestEmailBase): + +@@ -223,6 +262,29 @@ class TestGenerator(TestGeneratorBase, TestEmailBase): + ioclass = io.StringIO + typ = str + ++ def test_verify_generated_headers(self): ++ """gh-121650: by default the generator prevents header injection""" ++ class LiteralHeader(str): ++ name = 'Header' ++ def fold(self, **kwargs): ++ return self ++ ++ for text in ( ++ 'Value\r\nBad Injection\r\n', ++ 'NoNewLine' ++ ): ++ with self.subTest(text=text): ++ message = message_from_string( ++ "Header: Value\r\n\r\nBody", ++ policy=self.policy, ++ ) ++ ++ del message['Header'] ++ message['Header'] = LiteralHeader(text) ++ ++ with self.assertRaises(email.errors.HeaderWriteError): ++ message.as_string() ++ + + class TestBytesGenerator(TestGeneratorBase, TestEmailBase): + +diff --git a/Lib/test/test_email/test_headerregistry.py b/Lib/test/test_email/test_headerregistry.py +index 08634daa7f..d7c1878940 100644 +--- a/Lib/test/test_email/test_headerregistry.py ++++ b/Lib/test/test_email/test_headerregistry.py +@@ -1546,6 +1546,22 @@ class TestAddressAndGroup(TestEmailBase): + + class TestFolding(TestHeaderBase): + ++ def test_address_display_names(self): ++ """Test the folding and encoding of address headers.""" ++ for name, result in ( ++ ('Foo Bar, France', '"Foo Bar, France"'), ++ ('Foo Bar (France)', '"Foo Bar (France)"'), ++ ('Foo Bar, España', 'Foo =?utf-8?q?Bar=2C_Espa=C3=B1a?='), ++ ('Foo Bar (España)', 'Foo Bar =?utf-8?b?KEVzcGHDsWEp?='), ++ ('Foo, Bar España', '=?utf-8?q?Foo=2C_Bar_Espa=C3=B1a?='), ++ ('Foo, Bar [España]', '=?utf-8?q?Foo=2C_Bar_=5BEspa=C3=B1a=5D?='), ++ ('Foo Bär, France', 'Foo =?utf-8?q?B=C3=A4r=2C?= France'), ++ ('Foo Bär ', 'Foo =?utf-8?q?B=C3=A4r_=3CFrance=3E?='), ++ ): ++ h = self.make_header('To', Address(name, addr_spec='a@b.com')) ++ self.assertEqual(h.fold(policy=policy.default), ++ 'To: %s \n' % result) ++ + def test_short_unstructured(self): + h = self.make_header('subject', 'this is a test') + self.assertEqual(h.fold(policy=policy.default), +diff --git a/Lib/test/test_email/test_policy.py b/Lib/test/test_email/test_policy.py +index 6999e4af10..76198392e5 100644 +--- a/Lib/test/test_email/test_policy.py ++++ b/Lib/test/test_email/test_policy.py +@@ -26,6 +26,7 @@ class PolicyAPITests(unittest.TestCase): + 'raise_on_defect': False, + 'mangle_from_': True, + 'message_factory': None, ++ 'verify_generated_headers': True, + } + # These default values are the ones set on email.policy.default. + # If any of these defaults change, the docs must be updated. +@@ -265,6 +266,31 @@ class PolicyAPITests(unittest.TestCase): + with self.assertRaises(email.errors.HeaderParseError): + policy.fold("Subject", subject) + ++ def test_verify_generated_headers(self): ++ """Turning protection off allows header injection""" ++ policy = email.policy.default.clone(verify_generated_headers=False) ++ for text in ( ++ 'Header: Value\r\nBad: Injection\r\n', ++ 'Header: NoNewLine' ++ ): ++ with self.subTest(text=text): ++ message = email.message_from_string( ++ "Header: Value\r\n\r\nBody", ++ policy=policy, ++ ) ++ class LiteralHeader(str): ++ name = 'Header' ++ def fold(self, **kwargs): ++ return self ++ ++ del message['Header'] ++ message['Header'] = LiteralHeader(text) ++ ++ self.assertEqual( ++ message.as_string(), ++ f"{text}\nBody", ++ ) ++ + # XXX: Need subclassing tests. + # For adding subclassed objects, make sure the usual rules apply (subclass + # wins), but that the order still works (right overrides left). +diff --git a/Misc/NEWS.d/next/Library/2019-07-09-11-20-21.bpo-37482.auzvev.rst b/Misc/NEWS.d/next/Library/2019-07-09-11-20-21.bpo-37482.auzvev.rst +new file mode 100644 +index 0000000000..e09ff63eed +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2019-07-09-11-20-21.bpo-37482.auzvev.rst +@@ -0,0 +1 @@ ++Fix serialization of display name in originator or destination address fields with both encoded words and special chars. +diff --git a/Misc/NEWS.d/next/Library/2024-07-27-16-10-41.gh-issue-121650.nf6oc9.rst b/Misc/NEWS.d/next/Library/2024-07-27-16-10-41.gh-issue-121650.nf6oc9.rst +new file mode 100644 +index 0000000000..83dd28d4ac +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2024-07-27-16-10-41.gh-issue-121650.nf6oc9.rst +@@ -0,0 +1,5 @@ ++:mod:`email` headers with embedded newlines are now quoted on output. The ++:mod:`~email.generator` will now refuse to serialize (write) headers that ++are unsafely folded or delimited; see ++:attr:`~email.policy.Policy.verify_generated_headers`. (Contributed by Bas ++Bloemsaat and Petr Viktorin in :gh:`121650`.) diff --git a/00437-cve-2024-6232-remove-backtracking-when-parsing-tarfile-headers.patch b/00437-cve-2024-6232-remove-backtracking-when-parsing-tarfile-headers.patch new file mode 100644 index 0000000..3798f64 --- /dev/null +++ b/00437-cve-2024-6232-remove-backtracking-when-parsing-tarfile-headers.patch @@ -0,0 +1,248 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Seth Michael Larson +Date: Wed, 4 Sep 2024 10:41:42 -0500 +Subject: 00437: CVE-2024-6232 Remove backtracking when parsing tarfile headers +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* Remove backtracking when parsing tarfile headers +* Rewrite PAX header parsing to be stricter +* Optimize parsing of GNU extended sparse headers v0.0 + +(cherry picked from commit 34ddb64d088dd7ccc321f6103d23153256caa5d4) + +Co-authored-by: Seth Michael Larson +Co-authored-by: Kirill Podoprigora +Co-authored-by: Gregory P. Smith +Co-authored-by: Lumír Balhar +--- + Lib/tarfile.py | 104 +++++++++++------- + Lib/test/test_tarfile.py | 42 +++++++ + ...-07-02-13-39-20.gh-issue-121285.hrl-yI.rst | 2 + + 3 files changed, 111 insertions(+), 37 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2024-07-02-13-39-20.gh-issue-121285.hrl-yI.rst + +diff --git a/Lib/tarfile.py b/Lib/tarfile.py +index c18590325a..ee1bf37bfd 100755 +--- a/Lib/tarfile.py ++++ b/Lib/tarfile.py +@@ -846,6 +846,9 @@ _NAMED_FILTERS = { + # Sentinel for replace() defaults, meaning "don't change the attribute" + _KEEP = object() + ++# Header length is digits followed by a space. ++_header_length_prefix_re = re.compile(br"([0-9]{1,20}) ") ++ + class TarInfo(object): + """Informational class which holds the details about an + archive member given by a tar header block. +@@ -1371,41 +1374,60 @@ class TarInfo(object): + else: + pax_headers = tarfile.pax_headers.copy() + +- # Check if the pax header contains a hdrcharset field. This tells us +- # the encoding of the path, linkpath, uname and gname fields. Normally, +- # these fields are UTF-8 encoded but since POSIX.1-2008 tar +- # implementations are allowed to store them as raw binary strings if +- # the translation to UTF-8 fails. +- match = re.search(br"\d+ hdrcharset=([^\n]+)\n", buf) +- if match is not None: +- pax_headers["hdrcharset"] = match.group(1).decode("utf-8") +- +- # For the time being, we don't care about anything other than "BINARY". +- # The only other value that is currently allowed by the standard is +- # "ISO-IR 10646 2000 UTF-8" in other words UTF-8. +- hdrcharset = pax_headers.get("hdrcharset") +- if hdrcharset == "BINARY": +- encoding = tarfile.encoding +- else: +- encoding = "utf-8" +- + # Parse pax header information. A record looks like that: + # "%d %s=%s\n" % (length, keyword, value). length is the size + # of the complete record including the length field itself and +- # the newline. keyword and value are both UTF-8 encoded strings. +- regex = re.compile(br"(\d+) ([^=]+)=") ++ # the newline. + pos = 0 +- while True: +- match = regex.match(buf, pos) ++ encoding = None ++ raw_headers = [] ++ while len(buf) > pos and buf[pos] != 0x00: ++ match = _header_length_prefix_re.match(buf, pos) + if not match: +- break ++ raise InvalidHeaderError("invalid header") ++ try: ++ length = int(match.group(1)) ++ except ValueError: ++ raise InvalidHeaderError("invalid header") ++ # Headers must be at least 5 bytes, shortest being '5 x=\n'. ++ # Value is allowed to be empty. ++ if length < 5: ++ raise InvalidHeaderError("invalid header") ++ if pos + length > len(buf): ++ raise InvalidHeaderError("invalid header") + +- length, keyword = match.groups() +- length = int(length) +- if length == 0: ++ header_value_end_offset = match.start(1) + length - 1 # Last byte of the header ++ keyword_and_value = buf[match.end(1) + 1:header_value_end_offset] ++ raw_keyword, equals, raw_value = keyword_and_value.partition(b"=") ++ ++ # Check the framing of the header. The last character must be '\n' (0x0A) ++ if not raw_keyword or equals != b"=" or buf[header_value_end_offset] != 0x0A: + raise InvalidHeaderError("invalid header") +- value = buf[match.end(2) + 1:match.start(1) + length - 1] ++ raw_headers.append((length, raw_keyword, raw_value)) ++ ++ # Check if the pax header contains a hdrcharset field. This tells us ++ # the encoding of the path, linkpath, uname and gname fields. Normally, ++ # these fields are UTF-8 encoded but since POSIX.1-2008 tar ++ # implementations are allowed to store them as raw binary strings if ++ # the translation to UTF-8 fails. For the time being, we don't care about ++ # anything other than "BINARY". The only other value that is currently ++ # allowed by the standard is "ISO-IR 10646 2000 UTF-8" in other words UTF-8. ++ # Note that we only follow the initial 'hdrcharset' setting to preserve ++ # the initial behavior of the 'tarfile' module. ++ if raw_keyword == b"hdrcharset" and encoding is None: ++ if raw_value == b"BINARY": ++ encoding = tarfile.encoding ++ else: # This branch ensures only the first 'hdrcharset' header is used. ++ encoding = "utf-8" ++ ++ pos += length ++ ++ # If no explicit hdrcharset is set, we use UTF-8 as a default. ++ if encoding is None: ++ encoding = "utf-8" + ++ # After parsing the raw headers we can decode them to text. ++ for length, raw_keyword, raw_value in raw_headers: + # Normally, we could just use "utf-8" as the encoding and "strict" + # as the error handler, but we better not take the risk. For + # example, GNU tar <= 1.23 is known to store filenames it cannot +@@ -1413,17 +1435,16 @@ class TarInfo(object): + # hdrcharset=BINARY header). + # We first try the strict standard encoding, and if that fails we + # fall back on the user's encoding and error handler. +- keyword = self._decode_pax_field(keyword, "utf-8", "utf-8", ++ keyword = self._decode_pax_field(raw_keyword, "utf-8", "utf-8", + tarfile.errors) + if keyword in PAX_NAME_FIELDS: +- value = self._decode_pax_field(value, encoding, tarfile.encoding, ++ value = self._decode_pax_field(raw_value, encoding, tarfile.encoding, + tarfile.errors) + else: +- value = self._decode_pax_field(value, "utf-8", "utf-8", ++ value = self._decode_pax_field(raw_value, "utf-8", "utf-8", + tarfile.errors) + + pax_headers[keyword] = value +- pos += length + + # Fetch the next header. + try: +@@ -1438,7 +1459,7 @@ class TarInfo(object): + + elif "GNU.sparse.size" in pax_headers: + # GNU extended sparse format version 0.0. +- self._proc_gnusparse_00(next, pax_headers, buf) ++ self._proc_gnusparse_00(next, raw_headers) + + elif pax_headers.get("GNU.sparse.major") == "1" and pax_headers.get("GNU.sparse.minor") == "0": + # GNU extended sparse format version 1.0. +@@ -1460,15 +1481,24 @@ class TarInfo(object): + + return next + +- def _proc_gnusparse_00(self, next, pax_headers, buf): ++ def _proc_gnusparse_00(self, next, raw_headers): + """Process a GNU tar extended sparse header, version 0.0. + """ + offsets = [] +- for match in re.finditer(br"\d+ GNU.sparse.offset=(\d+)\n", buf): +- offsets.append(int(match.group(1))) + numbytes = [] +- for match in re.finditer(br"\d+ GNU.sparse.numbytes=(\d+)\n", buf): +- numbytes.append(int(match.group(1))) ++ for _, keyword, value in raw_headers: ++ if keyword == b"GNU.sparse.offset": ++ try: ++ offsets.append(int(value.decode())) ++ except ValueError: ++ raise InvalidHeaderError("invalid header") ++ ++ elif keyword == b"GNU.sparse.numbytes": ++ try: ++ numbytes.append(int(value.decode())) ++ except ValueError: ++ raise InvalidHeaderError("invalid header") ++ + next.sparse = list(zip(offsets, numbytes)) + + def _proc_gnusparse_01(self, next, pax_headers): +diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py +index f261048615..04ef000e71 100644 +--- a/Lib/test/test_tarfile.py ++++ b/Lib/test/test_tarfile.py +@@ -1046,6 +1046,48 @@ class PaxReadTest(LongnameTest, ReadTest, unittest.TestCase): + finally: + tar.close() + ++ def test_pax_header_bad_formats(self): ++ # The fields from the pax header have priority over the ++ # TarInfo. ++ pax_header_replacements = ( ++ b" foo=bar\n", ++ b"0 \n", ++ b"1 \n", ++ b"2 \n", ++ b"3 =\n", ++ b"4 =a\n", ++ b"1000000 foo=bar\n", ++ b"0 foo=bar\n", ++ b"-12 foo=bar\n", ++ b"000000000000000000000000036 foo=bar\n", ++ ) ++ pax_headers = {"foo": "bar"} ++ ++ for replacement in pax_header_replacements: ++ with self.subTest(header=replacement): ++ tar = tarfile.open(tmpname, "w", format=tarfile.PAX_FORMAT, ++ encoding="iso8859-1") ++ try: ++ t = tarfile.TarInfo() ++ t.name = "pax" # non-ASCII ++ t.uid = 1 ++ t.pax_headers = pax_headers ++ tar.addfile(t) ++ finally: ++ tar.close() ++ ++ with open(tmpname, "rb") as f: ++ data = f.read() ++ self.assertIn(b"11 foo=bar\n", data) ++ data = data.replace(b"11 foo=bar\n", replacement) ++ ++ with open(tmpname, "wb") as f: ++ f.truncate() ++ f.write(data) ++ ++ with self.assertRaisesRegex(tarfile.ReadError, r"file could not be opened successfully"): ++ tarfile.open(tmpname, encoding="iso8859-1") ++ + + class WriteTestBase(TarTest): + # Put all write tests in here that are supposed to be tested +diff --git a/Misc/NEWS.d/next/Security/2024-07-02-13-39-20.gh-issue-121285.hrl-yI.rst b/Misc/NEWS.d/next/Security/2024-07-02-13-39-20.gh-issue-121285.hrl-yI.rst +new file mode 100644 +index 0000000000..81f918bfe2 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2024-07-02-13-39-20.gh-issue-121285.hrl-yI.rst +@@ -0,0 +1,2 @@ ++Remove backtracking from tarfile header parsing for ``hdrcharset``, PAX, and ++GNU sparse headers. diff --git a/00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch b/00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch new file mode 100644 index 0000000..2d2369f --- /dev/null +++ b/00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch @@ -0,0 +1,280 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Victor Stinner +Date: Fri, 1 Nov 2024 14:11:47 +0100 +Subject: 00443: gh-124651: Quote template strings in `venv` activation scripts + +(cherry picked from 3.9) +--- + Lib/test/test_venv.py | 82 +++++++++++++++++++ + Lib/venv/__init__.py | 42 ++++++++-- + Lib/venv/scripts/common/activate | 8 +- + Lib/venv/scripts/posix/activate.csh | 8 +- + Lib/venv/scripts/posix/activate.fish | 8 +- + ...-09-28-02-03-04.gh-issue-124651.bLBGtH.rst | 1 + + 6 files changed, 132 insertions(+), 17 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst + +diff --git a/Lib/test/test_venv.py b/Lib/test/test_venv.py +index 842470fef0..67fdcd86bb 100644 +--- a/Lib/test/test_venv.py ++++ b/Lib/test/test_venv.py +@@ -13,6 +13,8 @@ import struct + import subprocess + import sys + import tempfile ++import shlex ++import shutil + from test.support import (captured_stdout, captured_stderr, requires_zlib, + can_symlink, EnvironmentVarGuard, rmtree) + import unittest +@@ -80,6 +82,10 @@ class BaseTest(unittest.TestCase): + result = f.read() + return result + ++ def assertEndsWith(self, string, tail): ++ if not string.endswith(tail): ++ self.fail(f"String {string!r} does not end with {tail!r}") ++ + class BasicTest(BaseTest): + """Test venv module functionality.""" + +@@ -293,6 +299,82 @@ class BasicTest(BaseTest): + 'import sys; print(sys.executable)']) + self.assertEqual(out.strip(), envpy.encode()) + ++ # gh-124651: test quoted strings ++ @unittest.skipIf(os.name == 'nt', 'contains invalid characters on Windows') ++ def test_special_chars_bash(self): ++ """ ++ Test that the template strings are quoted properly (bash) ++ """ ++ rmtree(self.env_dir) ++ bash = shutil.which('bash') ++ if bash is None: ++ self.skipTest('bash required for this test') ++ env_name = '"\';&&$e|\'"' ++ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name) ++ builder = venv.EnvBuilder(clear=True) ++ builder.create(env_dir) ++ activate = os.path.join(env_dir, self.bindir, 'activate') ++ test_script = os.path.join(self.env_dir, 'test_special_chars.sh') ++ with open(test_script, "w") as f: ++ f.write(f'source {shlex.quote(activate)}\n' ++ 'python -c \'import sys; print(sys.executable)\'\n' ++ 'python -c \'import os; print(os.environ["VIRTUAL_ENV"])\'\n' ++ 'deactivate\n') ++ out, err = check_output([bash, test_script]) ++ lines = out.splitlines() ++ self.assertTrue(env_name.encode() in lines[0]) ++ self.assertEndsWith(lines[1], env_name.encode()) ++ ++ # gh-124651: test quoted strings ++ @unittest.skipIf(os.name == 'nt', 'contains invalid characters on Windows') ++ def test_special_chars_csh(self): ++ """ ++ Test that the template strings are quoted properly (csh) ++ """ ++ rmtree(self.env_dir) ++ csh = shutil.which('tcsh') or shutil.which('csh') ++ if csh is None: ++ self.skipTest('csh required for this test') ++ env_name = '"\';&&$e|\'"' ++ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name) ++ builder = venv.EnvBuilder(clear=True) ++ builder.create(env_dir) ++ activate = os.path.join(env_dir, self.bindir, 'activate.csh') ++ test_script = os.path.join(self.env_dir, 'test_special_chars.csh') ++ with open(test_script, "w") as f: ++ f.write(f'source {shlex.quote(activate)}\n' ++ 'python -c \'import sys; print(sys.executable)\'\n' ++ 'python -c \'import os; print(os.environ["VIRTUAL_ENV"])\'\n' ++ 'deactivate\n') ++ out, err = check_output([csh, test_script]) ++ lines = out.splitlines() ++ self.assertTrue(env_name.encode() in lines[0]) ++ self.assertEndsWith(lines[1], env_name.encode()) ++ ++ # gh-124651: test quoted strings on Windows ++ @unittest.skipUnless(os.name == 'nt', 'only relevant on Windows') ++ def test_special_chars_windows(self): ++ """ ++ Test that the template strings are quoted properly on Windows ++ """ ++ rmtree(self.env_dir) ++ env_name = "'&&^$e" ++ env_dir = os.path.join(os.path.realpath(self.env_dir), env_name) ++ builder = venv.EnvBuilder(clear=True) ++ builder.create(env_dir) ++ activate = os.path.join(env_dir, self.bindir, 'activate.bat') ++ test_batch = os.path.join(self.env_dir, 'test_special_chars.bat') ++ with open(test_batch, "w") as f: ++ f.write('@echo off\n' ++ f'"{activate}" & ' ++ f'{self.exe} -c "import sys; print(sys.executable)" & ' ++ f'{self.exe} -c "import os; print(os.environ[\'VIRTUAL_ENV\'])" & ' ++ 'deactivate') ++ out, err = check_output([test_batch]) ++ lines = out.splitlines() ++ self.assertTrue(env_name.encode() in lines[0]) ++ self.assertEndsWith(lines[1], env_name.encode()) ++ + @unittest.skipUnless(os.name == 'nt', 'only relevant on Windows') + def test_unicode_in_batch_file(self): + """ +diff --git a/Lib/venv/__init__.py b/Lib/venv/__init__.py +index 716129d139..0c44dfd07d 100644 +--- a/Lib/venv/__init__.py ++++ b/Lib/venv/__init__.py +@@ -10,6 +10,7 @@ import shutil + import subprocess + import sys + import types ++import shlex + + logger = logging.getLogger(__name__) + +@@ -280,11 +281,41 @@ class EnvBuilder: + :param context: The information for the environment creation request + being processed. + """ +- text = text.replace('__VENV_DIR__', context.env_dir) +- text = text.replace('__VENV_NAME__', context.env_name) +- text = text.replace('__VENV_PROMPT__', context.prompt) +- text = text.replace('__VENV_BIN_NAME__', context.bin_name) +- text = text.replace('__VENV_PYTHON__', context.env_exe) ++ replacements = { ++ '__VENV_DIR__': context.env_dir, ++ '__VENV_NAME__': context.env_name, ++ '__VENV_PROMPT__': context.prompt, ++ '__VENV_BIN_NAME__': context.bin_name, ++ '__VENV_PYTHON__': context.env_exe, ++ } ++ ++ def quote_ps1(s): ++ """ ++ This should satisfy PowerShell quoting rules [1], unless the quoted ++ string is passed directly to Windows native commands [2]. ++ [1]: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_quoting_rules ++ [2]: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing#passing-arguments-that-contain-quote-characters ++ """ ++ s = s.replace("'", "''") ++ return f"'{s}'" ++ ++ def quote_bat(s): ++ return s ++ ++ # gh-124651: need to quote the template strings properly ++ quote = shlex.quote ++ script_path = context.script_path ++ if script_path.endswith('.ps1'): ++ quote = quote_ps1 ++ elif script_path.endswith('.bat'): ++ quote = quote_bat ++ else: ++ # fallbacks to POSIX shell compliant quote ++ quote = shlex.quote ++ ++ replacements = {key: quote(s) for key, s in replacements.items()} ++ for key, quoted in replacements.items(): ++ text = text.replace(key, quoted) + return text + + def install_scripts(self, context, path): +@@ -321,6 +352,7 @@ class EnvBuilder: + with open(srcfile, 'rb') as f: + data = f.read() + if not srcfile.endswith('.exe'): ++ context.script_path = srcfile + try: + data = data.decode('utf-8') + data = self.replace_variables(data, context) +diff --git a/Lib/venv/scripts/common/activate b/Lib/venv/scripts/common/activate +index fff0765af5..c2e2f968fa 100644 +--- a/Lib/venv/scripts/common/activate ++++ b/Lib/venv/scripts/common/activate +@@ -37,11 +37,11 @@ deactivate () { + # unset irrelevant variables + deactivate nondestructive + +-VIRTUAL_ENV="__VENV_DIR__" ++VIRTUAL_ENV=__VENV_DIR__ + export VIRTUAL_ENV + + _OLD_VIRTUAL_PATH="$PATH" +-PATH="$VIRTUAL_ENV/__VENV_BIN_NAME__:$PATH" ++PATH="$VIRTUAL_ENV/"__VENV_BIN_NAME__":$PATH" + export PATH + + # unset PYTHONHOME if set +@@ -54,8 +54,8 @@ fi + + if [ -z "${VIRTUAL_ENV_DISABLE_PROMPT:-}" ] ; then + _OLD_VIRTUAL_PS1="${PS1:-}" +- if [ "x__VENV_PROMPT__" != x ] ; then +- PS1="__VENV_PROMPT__${PS1:-}" ++ if [ "x"__VENV_PROMPT__ != x ] ; then ++ PS1=__VENV_PROMPT__"${PS1:-}" + else + if [ "`basename \"$VIRTUAL_ENV\"`" = "__" ] ; then + # special case for Aspen magic directories +diff --git a/Lib/venv/scripts/posix/activate.csh b/Lib/venv/scripts/posix/activate.csh +index b0c7028a92..0e90d54008 100644 +--- a/Lib/venv/scripts/posix/activate.csh ++++ b/Lib/venv/scripts/posix/activate.csh +@@ -8,17 +8,17 @@ alias deactivate 'test $?_OLD_VIRTUAL_PATH != 0 && setenv PATH "$_OLD_VIRTUAL_PA + # Unset irrelevant variables. + deactivate nondestructive + +-setenv VIRTUAL_ENV "__VENV_DIR__" ++setenv VIRTUAL_ENV __VENV_DIR__ + + set _OLD_VIRTUAL_PATH="$PATH" +-setenv PATH "$VIRTUAL_ENV/__VENV_BIN_NAME__:$PATH" ++setenv PATH "$VIRTUAL_ENV/"__VENV_BIN_NAME__":$PATH" + + + set _OLD_VIRTUAL_PROMPT="$prompt" + + if (! "$?VIRTUAL_ENV_DISABLE_PROMPT") then +- if ("__VENV_NAME__" != "") then +- set env_name = "__VENV_NAME__" ++ if (__VENV_NAME__ != "") then ++ set env_name = __VENV_NAME__ + else + if (`basename "VIRTUAL_ENV"` == "__") then + # special case for Aspen magic directories +diff --git a/Lib/venv/scripts/posix/activate.fish b/Lib/venv/scripts/posix/activate.fish +index 4d4f0bd7a4..0407f9c7be 100644 +--- a/Lib/venv/scripts/posix/activate.fish ++++ b/Lib/venv/scripts/posix/activate.fish +@@ -29,10 +29,10 @@ end + # unset irrelevant variables + deactivate nondestructive + +-set -gx VIRTUAL_ENV "__VENV_DIR__" ++set -gx VIRTUAL_ENV __VENV_DIR__ + + set -gx _OLD_VIRTUAL_PATH $PATH +-set -gx PATH "$VIRTUAL_ENV/__VENV_BIN_NAME__" $PATH ++set -gx PATH "$VIRTUAL_ENV/"__VENV_BIN_NAME__ $PATH + + # unset PYTHONHOME if set + if set -q PYTHONHOME +@@ -52,8 +52,8 @@ if test -z "$VIRTUAL_ENV_DISABLE_PROMPT" + set -l old_status $status + + # Prompt override? +- if test -n "__VENV_PROMPT__" +- printf "%s%s" "__VENV_PROMPT__" (set_color normal) ++ if test -n __VENV_PROMPT__ ++ printf "%s%s" __VENV_PROMPT__ (set_color normal) + else + # ...Otherwise, prepend env + set -l _checkbase (basename "$VIRTUAL_ENV") +diff --git a/Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst b/Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst +new file mode 100644 +index 0000000000..17fc917139 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2024-09-28-02-03-04.gh-issue-124651.bLBGtH.rst +@@ -0,0 +1 @@ ++Properly quote template strings in :mod:`venv` activation scripts. diff --git a/00444-security-fix-for-cve-2024-11168.patch b/00444-security-fix-for-cve-2024-11168.patch new file mode 100644 index 0000000..02fc8ae --- /dev/null +++ b/00444-security-fix-for-cve-2024-11168.patch @@ -0,0 +1,110 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Tue, 9 May 2023 23:35:24 -0700 +Subject: 00444: Security fix for CVE-2024-11168 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +gh-103848: Adds checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format (GH-103849) + +Tests are adjusted because Python <3.9 don't support scoped IPv6 addresses. + +(cherry picked from commit 29f348e232e82938ba2165843c448c2b291504c5) + +Co-authored-by: JohnJamesUtley <81572567+JohnJamesUtley@users.noreply.github.com> +Co-authored-by: Gregory P. Smith +Co-authored-by: Lumír Balhar +--- + Lib/test/test_urlparse.py | 26 +++++++++++++++++++ + Lib/urllib/parse.py | 15 +++++++++++ + ...-04-26-09-54-25.gh-issue-103848.aDSnpR.rst | 2 ++ + 3 files changed, 43 insertions(+) + create mode 100644 Misc/NEWS.d/next/Library/2023-04-26-09-54-25.gh-issue-103848.aDSnpR.rst + +diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py +index 7fd61ffea9..090d2f17bf 100644 +--- a/Lib/test/test_urlparse.py ++++ b/Lib/test/test_urlparse.py +@@ -1076,6 +1076,32 @@ class UrlParseTestCase(unittest.TestCase): + self.assertEqual(p2.scheme, 'tel') + self.assertEqual(p2.path, '+31641044153') + ++ def test_invalid_bracketed_hosts(self): ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[192.0.2.146]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[important.com:8000]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v123r.IP]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v12ae]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v.IP]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v123.]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[v]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af::2309::fae7:1234]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af:2309::fae7:1234:2342:438e:192.0.2.146]/Path?Query') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@]v6a.ip[/Path') ++ ++ def test_splitting_bracketed_hosts(self): ++ p1 = urllib.parse.urlsplit('scheme://user@[v6a.ip]/path?query') ++ self.assertEqual(p1.hostname, 'v6a.ip') ++ self.assertEqual(p1.username, 'user') ++ self.assertEqual(p1.path, '/path') ++ p2 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7]/path?query') ++ self.assertEqual(p2.hostname, '0439:23af:2309::fae7') ++ self.assertEqual(p2.username, 'user') ++ self.assertEqual(p2.path, '/path') ++ p3 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7:1234:192.0.2.146]/path?query') ++ self.assertEqual(p3.hostname, '0439:23af:2309::fae7:1234:192.0.2.146') ++ self.assertEqual(p3.username, 'user') ++ self.assertEqual(p3.path, '/path') ++ + def test_telurl_params(self): + p1 = urllib.parse.urlparse('tel:123-4;phone-context=+1-650-516') + self.assertEqual(p1.scheme, 'tel') +diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py +index 717e990997..bf186b7984 100644 +--- a/Lib/urllib/parse.py ++++ b/Lib/urllib/parse.py +@@ -34,6 +34,7 @@ It serves as a useful guide when making changes. + import re + import sys + import collections ++import ipaddress + + __all__ = ["urlparse", "urlunparse", "urljoin", "urldefrag", + "urlsplit", "urlunsplit", "urlencode", "parse_qs", +@@ -425,6 +426,17 @@ def _remove_unsafe_bytes_from_url(url): + url = url.replace(b, "") + return url + ++# Valid bracketed hosts are defined in ++# https://www.rfc-editor.org/rfc/rfc3986#page-49 and https://url.spec.whatwg.org/ ++def _check_bracketed_host(hostname): ++ if hostname.startswith('v'): ++ if not re.match(r"\Av[a-fA-F0-9]+\..+\Z", hostname): ++ raise ValueError(f"IPvFuture address is invalid") ++ else: ++ ip = ipaddress.ip_address(hostname) # Throws Value Error if not IPv6 or IPv4 ++ if isinstance(ip, ipaddress.IPv4Address): ++ raise ValueError(f"An IPv4 address cannot be in brackets") ++ + def urlsplit(url, scheme='', allow_fragments=True): + """Parse a URL into 5 components: + :///?# +@@ -480,6 +492,9 @@ def urlsplit(url, scheme='', allow_fragments=True): + if (('[' in netloc and ']' not in netloc) or + (']' in netloc and '[' not in netloc)): + raise ValueError("Invalid IPv6 URL") ++ if '[' in netloc and ']' in netloc: ++ bracketed_host = netloc.partition('[')[2].partition(']')[0] ++ _check_bracketed_host(bracketed_host) + if allow_fragments and '#' in url: + url, fragment = url.split('#', 1) + if '?' in url: +diff --git a/Misc/NEWS.d/next/Library/2023-04-26-09-54-25.gh-issue-103848.aDSnpR.rst b/Misc/NEWS.d/next/Library/2023-04-26-09-54-25.gh-issue-103848.aDSnpR.rst +new file mode 100644 +index 0000000000..81e5904aa6 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2023-04-26-09-54-25.gh-issue-103848.aDSnpR.rst +@@ -0,0 +1,2 @@ ++Add checks to ensure that ``[`` bracketed ``]`` hosts found by ++:func:`urllib.parse.urlsplit` are of IPv6 or IPvFuture format. diff --git a/00446-Resolve-sinpi-name-clash-with-libm.patch b/00446-Resolve-sinpi-name-clash-with-libm.patch new file mode 100644 index 0000000..65c41c5 --- /dev/null +++ b/00446-Resolve-sinpi-name-clash-with-libm.patch @@ -0,0 +1,61 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dima Pasechnik +Date: Wed, 18 Dec 2024 14:31:08 +0100 +Subject: 00446: Resolve sinpi name clash with libm + +bpo-36106: Resolve sinpi name clash with libm (IEEE-754 violation). (GH-12027) + +The standard math library (libm) may follow IEEE-754 recommendation to +include an implementation of sinPi(), i.e. sinPi(x):=sin(pi*x). +And this triggers a name clash, found by FreeBSD developer +Steve Kargl, who worken on putting sinpi into libm used on FreeBSD +(it has to be named "sinpi", not "sinPi", cf. e.g. +https://en.cppreference.com/w/c/experimental/fpext4). + +(cherry picked from commit f57cd8288dbe6aba99c057f37ad6d58f8db75350) + +Co-authored-by: Victor Stinner +--- + Modules/mathmodule.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/Modules/mathmodule.c b/Modules/mathmodule.c +index 95ea4f7fef..670f1a04ad 100644 +--- a/Modules/mathmodule.c ++++ b/Modules/mathmodule.c +@@ -67,7 +67,7 @@ static const double sqrtpi = 1.772453850905516027298167483341145182798; + static const double logpi = 1.144729885849400174143427351353058711647; + + static double +-sinpi(double x) ++m_sinpi(double x) + { + double y, r; + int n; +@@ -296,7 +296,7 @@ m_tgamma(double x) + integer. */ + if (absx > 200.0) { + if (x < 0.0) { +- return 0.0/sinpi(x); ++ return 0.0/m_sinpi(x); + } + else { + errno = ERANGE; +@@ -320,7 +320,7 @@ m_tgamma(double x) + } + z = z * lanczos_g / y; + if (x < 0.0) { +- r = -pi / sinpi(absx) / absx * exp(y) / lanczos_sum(absx); ++ r = -pi / m_sinpi(absx) / absx * exp(y) / lanczos_sum(absx); + r -= z * r; + if (absx < 140.0) { + r /= pow(y, absx - 0.5); +@@ -390,7 +390,7 @@ m_lgamma(double x) + r += (absx - 0.5) * (log(absx + lanczos_g - 0.5) - 1); + if (x < 0.0) + /* Use reflection formula to get value for negative x. */ +- r = logpi - log(fabs(sinpi(absx))) - log(absx) - r; ++ r = logpi - log(fabs(m_sinpi(absx))) - log(absx) - r; + if (Py_IS_INFINITY(r)) + errno = ERANGE; + return r; diff --git a/00450-cve-2025-0938-disallow-square-brackets-and-in-domain-names-for-parsed-urls.patch b/00450-cve-2025-0938-disallow-square-brackets-and-in-domain-names-for-parsed-urls.patch new file mode 100644 index 0000000..baa4595 --- /dev/null +++ b/00450-cve-2025-0938-disallow-square-brackets-and-in-domain-names-for-parsed-urls.patch @@ -0,0 +1,119 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Seth Michael Larson +Date: Fri, 31 Jan 2025 11:41:34 -0600 +Subject: 00450: CVE-2025-0938: Disallow square brackets ([ and ]) in domain + names for parsed URLs + +Co-authored-by: Peter Bierma +--- + Lib/test/test_urlparse.py | 37 ++++++++++++++++++- + Lib/urllib/parse.py | 20 +++++++++- + ...-01-28-14-08-03.gh-issue-105704.EnhHxu.rst | 4 ++ + 3 files changed, 58 insertions(+), 3 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst + +diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py +index 090d2f17bf..8b2f5ca50f 100644 +--- a/Lib/test/test_urlparse.py ++++ b/Lib/test/test_urlparse.py +@@ -1087,16 +1087,51 @@ class UrlParseTestCase(unittest.TestCase): + self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af::2309::fae7:1234]/Path?Query') + self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@[0439:23af:2309::fae7:1234:2342:438e:192.0.2.146]/Path?Query') + self.assertRaises(ValueError, urllib.parse.urlsplit, 'Scheme://user@]v6a.ip[/Path') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]/') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix/') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip]?') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip].suffix?') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]/') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix/') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]?') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix?') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:a') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:a') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:a1') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:a1') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:1a') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:1a') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[::1].suffix:/') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[::1]:?') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://user@prefix.[v6a.ip]') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://user@[v6a.ip].suffix') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://[v6a.ip') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip]') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://]v6a.ip[') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://]v6a.ip') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip[') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix.[v6a.ip') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip].suffix') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix]v6a.ip[suffix') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://prefix]v6a.ip') ++ self.assertRaises(ValueError, urllib.parse.urlsplit, 'scheme://v6a.ip[suffix') + + def test_splitting_bracketed_hosts(self): +- p1 = urllib.parse.urlsplit('scheme://user@[v6a.ip]/path?query') ++ p1 = urllib.parse.urlsplit('scheme://user@[v6a.ip]:1234/path?query') + self.assertEqual(p1.hostname, 'v6a.ip') + self.assertEqual(p1.username, 'user') + self.assertEqual(p1.path, '/path') ++ self.assertEqual(p1.port, 1234) + p2 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7]/path?query') + self.assertEqual(p2.hostname, '0439:23af:2309::fae7') + self.assertEqual(p2.username, 'user') + self.assertEqual(p2.path, '/path') ++ self.assertIs(p2.port, None) + p3 = urllib.parse.urlsplit('scheme://user@[0439:23af:2309::fae7:1234:192.0.2.146]/path?query') + self.assertEqual(p3.hostname, '0439:23af:2309::fae7:1234:192.0.2.146') + self.assertEqual(p3.username, 'user') +diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py +index bf186b7984..af41edf2ca 100644 +--- a/Lib/urllib/parse.py ++++ b/Lib/urllib/parse.py +@@ -426,6 +426,23 @@ def _remove_unsafe_bytes_from_url(url): + url = url.replace(b, "") + return url + ++def _check_bracketed_netloc(netloc): ++ # Note that this function must mirror the splitting ++ # done in NetlocResultMixins._hostinfo(). ++ hostname_and_port = netloc.rpartition('@')[2] ++ before_bracket, have_open_br, bracketed = hostname_and_port.partition('[') ++ if have_open_br: ++ # No data is allowed before a bracket. ++ if before_bracket: ++ raise ValueError("Invalid IPv6 URL") ++ hostname, _, port = bracketed.partition(']') ++ # No data is allowed after the bracket but before the port delimiter. ++ if port and not port.startswith(":"): ++ raise ValueError("Invalid IPv6 URL") ++ else: ++ hostname, _, port = hostname_and_port.partition(':') ++ _check_bracketed_host(hostname) ++ + # Valid bracketed hosts are defined in + # https://www.rfc-editor.org/rfc/rfc3986#page-49 and https://url.spec.whatwg.org/ + def _check_bracketed_host(hostname): +@@ -493,8 +510,7 @@ def urlsplit(url, scheme='', allow_fragments=True): + (']' in netloc and '[' not in netloc)): + raise ValueError("Invalid IPv6 URL") + if '[' in netloc and ']' in netloc: +- bracketed_host = netloc.partition('[')[2].partition(']')[0] +- _check_bracketed_host(bracketed_host) ++ _check_bracketed_netloc(netloc) + if allow_fragments and '#' in url: + url, fragment = url.split('#', 1) + if '?' in url: +diff --git a/Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst b/Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst +new file mode 100644 +index 0000000000..bff1bc6b0d +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst +@@ -0,0 +1,4 @@ ++When using :func:`urllib.parse.urlsplit` and :func:`urllib.parse.urlparse` host ++parsing would not reject domain names containing square brackets (``[`` and ++``]``). Square brackets are only valid for IPv6 and IPvFuture hosts according to ++`RFC 3986 Section 3.2.2 `__. diff --git a/00452-properly-apply-exported-cflags-for-dtrace-systemtap-builds.patch b/00452-properly-apply-exported-cflags-for-dtrace-systemtap-builds.patch new file mode 100644 index 0000000..7912134 --- /dev/null +++ b/00452-properly-apply-exported-cflags-for-dtrace-systemtap-builds.patch @@ -0,0 +1,49 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Mon, 31 Mar 2025 20:29:04 +0200 +Subject: 00452: Properly apply exported CFLAGS for dtrace/systemtap builds + +When using --with-dtrace the resulting object file could be missing +specific CFLAGS exported by the build system due to the systemtap +script using specific defaults. + +Exporting the CC and CFLAGS variables before the dtrace invocation +allows us to properly apply CFLAGS exported by the build system +even when cross-compiling. + +Co-authored-by: stratakis +--- + Makefile.pre.in | 4 ++-- + .../next/Build/2025-03-31-19-22-41.gh-issue-131865.PIJy7X.rst | 2 ++ + 2 files changed, 4 insertions(+), 2 deletions(-) + create mode 100644 Misc/NEWS.d/next/Build/2025-03-31-19-22-41.gh-issue-131865.PIJy7X.rst + +diff --git a/Makefile.pre.in b/Makefile.pre.in +index b074b26039..825cefafd9 100644 +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -892,13 +892,13 @@ Python/frozen.o: $(srcdir)/Python/importlib.h $(srcdir)/Python/importlib_externa + # an include guard, so we can't use a pipeline to transform its output. + Include/pydtrace_probes.h: $(srcdir)/Include/pydtrace.d + $(MKDIR_P) Include +- $(DTRACE) $(DFLAGS) -o $@ -h -s $< ++ CC="$(CC)" CFLAGS="$(CFLAGS)" $(DTRACE) $(DFLAGS) -o $@ -h -s $< + : sed in-place edit with POSIX-only tools + sed 's/PYTHON_/PyDTrace_/' $@ > $@.tmp + mv $@.tmp $@ + + Python/pydtrace.o: $(srcdir)/Include/pydtrace.d $(DTRACE_DEPS) +- $(DTRACE) $(DFLAGS) -o $@ -G -s $< $(DTRACE_DEPS) ++ CC="$(CC)" CFLAGS="$(CFLAGS)" $(DTRACE) $(DFLAGS) -o $@ -G -s $< $(DTRACE_DEPS) + + Objects/typeobject.o: Objects/typeslots.inc + +diff --git a/Misc/NEWS.d/next/Build/2025-03-31-19-22-41.gh-issue-131865.PIJy7X.rst b/Misc/NEWS.d/next/Build/2025-03-31-19-22-41.gh-issue-131865.PIJy7X.rst +new file mode 100644 +index 0000000000..a287e0b228 +--- /dev/null ++++ b/Misc/NEWS.d/next/Build/2025-03-31-19-22-41.gh-issue-131865.PIJy7X.rst +@@ -0,0 +1,2 @@ ++The DTrace build now properly passes the ``CC`` and ``CFLAGS`` variables ++to the ``dtrace`` command when utilizing SystemTap on Linux. diff --git a/00457-ssl-raise-oserror-for-err_lib_sys.patch b/00457-ssl-raise-oserror-for-err_lib_sys.patch new file mode 100644 index 0000000..9f2143a --- /dev/null +++ b/00457-ssl-raise-oserror-for-err_lib_sys.patch @@ -0,0 +1,43 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Victor Stinner +Date: Thu, 3 Apr 2025 18:26:17 +0200 +Subject: 00457: ssl: Raise OSError for ERR_LIB_SYS + +The patch resolves the flakiness of test_ftplib + +Backported from upstream 3.10+: +https://github.com/python/cpython/pull/127361 + +Co-authored-by: Petr Viktorin +--- + Modules/_ssl.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/Modules/_ssl.c b/Modules/_ssl.c +index 3375b2bf3f..ab8a327d10 100644 +--- a/Modules/_ssl.c ++++ b/Modules/_ssl.c +@@ -638,6 +638,11 @@ PySSL_SetError(PySSLSocket *obj, int ret, const char *filename, int lineno) + errstr = "Some I/O error occurred"; + } + } else { ++ if (ERR_GET_LIB(e) == ERR_LIB_SYS) { ++ // A system error is being reported; reason is set to errno ++ errno = ERR_GET_REASON(e); ++ return PyErr_SetFromErrno(PyExc_OSError); ++ } + p = PY_SSL_ERROR_SYSCALL; + } + break; +@@ -648,6 +653,11 @@ PySSL_SetError(PySSLSocket *obj, int ret, const char *filename, int lineno) + if (e == 0) + /* possible? */ + errstr = "A failure in the SSL library occurred"; ++ if (ERR_GET_LIB(e) == ERR_LIB_SYS) { ++ // A system error is being reported; reason is set to errno ++ errno = ERR_GET_REASON(e); ++ return PyErr_SetFromErrno(PyExc_OSError); ++ } + break; + } + default: diff --git a/00465-tarfile-cves.patch b/00465-tarfile-cves.patch new file mode 100644 index 0000000..048f40c --- /dev/null +++ b/00465-tarfile-cves.patch @@ -0,0 +1,1791 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Petr Viktorin +Date: Tue, 22 Aug 2023 20:28:10 +0200 +Subject: 00465: tarfile cves + +Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 on tarfile + +The backported fixes do not contain changes for ntpath.py and related tests, +because the support for symlinks and junctions were added later in Python 3.9, +and it does not make sense to backport them to 3.6 here. + +The patch is contains the following changes: +- https://github.com/python/cpython/commit/42deeab5b2efc2930d4eb73416e1dde9cf790dd2 + fixes symlink handling for tarfile.data_filter +- https://github.com/python/cpython/commit/9d2c2a8e3b8fe18ee1568bfa4a419847b3e78575 + fixes handling of existing files/symlinks in tarfile +- https://github.com/python/cpython/commit/00af9794dd118f7b835dd844b2b609a503ad951e + adds a new "strict" argument to realpath() +- https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1 + fixes mulriple CVE fixes in the tarfile module +- downstream only fixes that makes the changes work and compatible with Python 3.6 +--- + Doc/library/tarfile.rst | 5 + + Lib/genericpath.py | 12 +- + Lib/pathlib.py | 142 ++---- + Lib/posixpath.py | 35 +- + Lib/tarfile.py | 173 +++++-- + Lib/test/test_ntpath.py | 2 + + Lib/test/test_posixpath.py | 312 ++++++++++-- + Lib/test/test_tarfile.py | 459 +++++++++++++++++- + ...-08-10-17-36-22.gh-issue-107845.dABiMJ.rst | 3 + + 9 files changed, 938 insertions(+), 205 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2023-08-10-17-36-22.gh-issue-107845.dABiMJ.rst + +diff --git a/Doc/library/tarfile.rst b/Doc/library/tarfile.rst +index f6dc9a7038..d6ef4551b1 100644 +--- a/Doc/library/tarfile.rst ++++ b/Doc/library/tarfile.rst +@@ -716,6 +716,11 @@ A ``TarInfo`` object has the following public data attributes: + Name of the target file name, which is only present in :class:`TarInfo` objects + of type :const:`LNKTYPE` and :const:`SYMTYPE`. + ++ For symbolic links (``SYMTYPE``), the *linkname* is relative to the directory ++ that contains the link. ++ For hard links (``LNKTYPE``), the *linkname* is relative to the root of ++ the archive. ++ + + .. attribute:: TarInfo.uid + +diff --git a/Lib/genericpath.py b/Lib/genericpath.py +index 303b3b349a..4a80461fe7 100644 +--- a/Lib/genericpath.py ++++ b/Lib/genericpath.py +@@ -8,7 +8,7 @@ import stat + + __all__ = ['commonprefix', 'exists', 'getatime', 'getctime', 'getmtime', + 'getsize', 'isdir', 'isfile', 'samefile', 'sameopenfile', +- 'samestat'] ++ 'samestat', 'ALLOW_MISSING'] + + + # Does a path exist? +@@ -149,3 +149,13 @@ def _check_arg_types(funcname, *args): + (funcname, s.__class__.__name__)) from None + if hasstr and hasbytes: + raise TypeError("Can't mix strings and bytes in path components") from None ++ ++ ++# A singleton with a true boolean value. ++@object.__new__ ++class ALLOW_MISSING: ++ """Special value for use in realpath().""" ++ def __repr__(self): ++ return 'os.path.ALLOW_MISSING' ++ def __reduce__(self): ++ return self.__class__.__name__ +diff --git a/Lib/pathlib.py b/Lib/pathlib.py +index 5e130110f2..0f0fc3863a 100644 +--- a/Lib/pathlib.py ++++ b/Lib/pathlib.py +@@ -8,22 +8,13 @@ import re + import sys + from collections import Sequence + from contextlib import contextmanager +-from errno import EINVAL, ENOENT, ENOTDIR ++from errno import EINVAL, ENOENT, ENOTDIR, ELOOP + from operator import attrgetter + from stat import S_ISDIR, S_ISLNK, S_ISREG, S_ISSOCK, S_ISBLK, S_ISCHR, S_ISFIFO + from urllib.parse import quote_from_bytes as urlquote_from_bytes + + + supports_symlinks = True +-if os.name == 'nt': +- import nt +- if sys.getwindowsversion()[:2] >= (6, 0): +- from nt import _getfinalpathname +- else: +- supports_symlinks = False +- _getfinalpathname = None +-else: +- nt = None + + + __all__ = [ +@@ -35,6 +26,11 @@ __all__ = [ + # Internals + # + ++_WINERROR_NOT_READY = 21 # drive exists but is not accessible ++_WINERROR_INVALID_NAME = 123 # fix for bpo-35306 ++_WINERROR_CANT_RESOLVE_FILENAME = 1921 # broken symlink pointing to itself ++ ++ + def _is_wildcard_pattern(pat): + # Whether this pattern needs actual matching using fnmatch, or can + # be looked up directly as a file. +@@ -178,30 +174,6 @@ class _WindowsFlavour(_Flavour): + def casefold_parts(self, parts): + return [p.lower() for p in parts] + +- def resolve(self, path, strict=False): +- s = str(path) +- if not s: +- return os.getcwd() +- previous_s = None +- if _getfinalpathname is not None: +- if strict: +- return self._ext_to_normal(_getfinalpathname(s)) +- else: +- tail_parts = [] # End of the path after the first one not found +- while True: +- try: +- s = self._ext_to_normal(_getfinalpathname(s)) +- except FileNotFoundError: +- previous_s = s +- s, tail = os.path.split(s) +- tail_parts.append(tail) +- if previous_s == s: +- return path +- else: +- return os.path.join(s, *reversed(tail_parts)) +- # Means fallback on absolute +- return None +- + def _split_extended_path(self, s, ext_prefix=ext_namespace_prefix): + prefix = '' + if s.startswith(ext_prefix): +@@ -212,10 +184,6 @@ class _WindowsFlavour(_Flavour): + s = '\\' + s[3:] + return prefix, s + +- def _ext_to_normal(self, s): +- # Turn back an extended path into a normal DOS-like path +- return self._split_extended_path(s)[1] +- + def is_reserved(self, parts): + # NOTE: the rules for reserved names seem somewhat complicated + # (e.g. r"..\NUL" is reserved but not r"foo\NUL"). +@@ -300,51 +268,6 @@ class _PosixFlavour(_Flavour): + def casefold_parts(self, parts): + return parts + +- def resolve(self, path, strict=False): +- sep = self.sep +- accessor = path._accessor +- seen = {} +- def _resolve(path, rest): +- if rest.startswith(sep): +- path = '' +- +- for name in rest.split(sep): +- if not name or name == '.': +- # current dir +- continue +- if name == '..': +- # parent dir +- path, _, _ = path.rpartition(sep) +- continue +- newpath = path + sep + name +- if newpath in seen: +- # Already seen this path +- path = seen[newpath] +- if path is not None: +- # use cached value +- continue +- # The symlink is not resolved, so we must have a symlink loop. +- raise RuntimeError("Symlink loop from %r" % newpath) +- # Resolve the symbolic link +- try: +- target = accessor.readlink(newpath) +- except OSError as e: +- if e.errno != EINVAL and strict: +- raise +- # Not a symlink, or non-strict mode. We just leave the path +- # untouched. +- path = newpath +- else: +- seen[newpath] = None # not resolved symlink +- path = _resolve(path, target) +- seen[newpath] = path # resolved symlink +- +- return path +- # NOTE: according to POSIX, getcwd() cannot contain path components +- # which are symlinks. +- base = '' if path.is_absolute() else os.getcwd() +- return _resolve(base, str(path)) or sep +- + def is_reserved(self, parts): + return False + +@@ -421,17 +344,12 @@ class _NormalAccessor(_Accessor): + + replace = _wrap_binary_strfunc(os.replace) + +- if nt: +- if supports_symlinks: +- symlink = _wrap_binary_strfunc(os.symlink) +- else: +- def symlink(a, b, target_is_directory): +- raise NotImplementedError("symlink() not available on this system") ++ if hasattr(os, "symlink"): ++ symlink = os.symlink + else: +- # Under POSIX, os.symlink() takes two args +- @staticmethod +- def symlink(a, b, target_is_directory): +- return os.symlink(str(a), str(b)) ++ def symlink(self, src, dst, target_is_directory=False): ++ raise NotImplementedError("os.symlink() not available on this system") ++ + + utime = _wrap_strfunc(os.utime) + +@@ -439,6 +357,12 @@ class _NormalAccessor(_Accessor): + def readlink(self, path): + return os.readlink(path) + ++ getcwd = os.getcwd ++ ++ expanduser = staticmethod(os.path.expanduser) ++ ++ realpath = staticmethod(os.path.realpath) ++ + + _normal_accessor = _NormalAccessor() + +@@ -1138,17 +1062,27 @@ class Path(PurePath): + """ + if self._closed: + self._raise_closed() +- s = self._flavour.resolve(self, strict=strict) +- if s is None: +- # No symlink resolution => for consistency, raise an error if +- # the path doesn't exist or is forbidden +- self.stat() +- s = str(self.absolute()) +- # Now we have no symlinks in the path, it's safe to normalize it. +- normed = self._flavour.pathmod.normpath(s) +- obj = self._from_parts((normed,), init=False) +- obj._init(template=self) +- return obj ++ ++ def check_eloop(e): ++ winerror = getattr(e, 'winerror', 0) ++ if e.errno == ELOOP or winerror == _WINERROR_CANT_RESOLVE_FILENAME: ++ raise RuntimeError("Symlink loop from %r" % e.filename) ++ ++ try: ++ s = self._accessor.realpath(self, strict=strict) ++ except OSError as e: ++ check_eloop(e) ++ raise ++ p = self._from_parts((s,)) ++ ++ # In non-strict mode, realpath() doesn't raise on symlink loops. ++ # Ensure we get an exception by calling stat() ++ if not strict: ++ try: ++ p.stat() ++ except OSError as e: ++ check_eloop(e) ++ return p + + def stat(self): + """ +diff --git a/Lib/posixpath.py b/Lib/posixpath.py +index ca578a5df3..bbc6fa4500 100644 +--- a/Lib/posixpath.py ++++ b/Lib/posixpath.py +@@ -35,7 +35,7 @@ __all__ = ["normcase","isabs","join","splitdrive","split","splitext", + "samefile","sameopenfile","samestat", + "curdir","pardir","sep","pathsep","defpath","altsep","extsep", + "devnull","realpath","supports_unicode_filenames","relpath", +- "commonpath"] ++ "commonpath", "ALLOW_MISSING"] + + + def _get_sep(path): +@@ -388,16 +388,16 @@ def abspath(path): + # Return a canonical path (i.e. the absolute location of a file on the + # filesystem). + +-def realpath(filename): ++def realpath(filename, *, strict=False): + """Return the canonical path of the specified filename, eliminating any + symbolic links encountered in the path.""" + filename = os.fspath(filename) +- path, ok = _joinrealpath(filename[:0], filename, {}) ++ path, ok = _joinrealpath(filename[:0], filename, strict, {}) + return abspath(path) + + # Join two paths, normalizing and eliminating any symbolic links + # encountered in the second path. +-def _joinrealpath(path, rest, seen): ++def _joinrealpath(path, rest, strict, seen): + if isinstance(path, bytes): + sep = b'/' + curdir = b'.' +@@ -406,6 +406,15 @@ def _joinrealpath(path, rest, seen): + sep = '/' + curdir = '.' + pardir = '..' ++ getcwd = os.getcwd ++ if strict is ALLOW_MISSING: ++ ignored_error = FileNotFoundError ++ elif strict: ++ ignored_error = () ++ else: ++ ignored_error = OSError ++ ++ maxlinks = None + + if isabs(rest): + rest = rest[1:] +@@ -426,7 +435,13 @@ def _joinrealpath(path, rest, seen): + path = pardir + continue + newpath = join(path, name) +- if not islink(newpath): ++ try: ++ st = os.lstat(newpath) ++ except ignored_error: ++ is_link = False ++ else: ++ is_link = stat.S_ISLNK(st.st_mode) ++ if not is_link: + path = newpath + continue + # Resolve the symbolic link +@@ -437,10 +452,14 @@ def _joinrealpath(path, rest, seen): + # use cached value + continue + # The symlink is not resolved, so we must have a symlink loop. +- # Return already resolved part + rest of the path unchanged. +- return join(newpath, rest), False ++ if strict: ++ # Raise OSError(errno.ELOOP) ++ os.stat(newpath) ++ else: ++ # Return already resolved part + rest of the path unchanged. ++ return join(newpath, rest), False + seen[newpath] = None # not resolved symlink +- path, ok = _joinrealpath(path, os.readlink(newpath), seen) ++ path, ok = _joinrealpath(path, os.readlink(newpath), strict, seen) + if not ok: + return join(path, rest), False + seen[newpath] = path # resolved symlink +diff --git a/Lib/tarfile.py b/Lib/tarfile.py +index ee1bf37bfd..1a7d5f772a 100755 +--- a/Lib/tarfile.py ++++ b/Lib/tarfile.py +@@ -753,7 +753,7 @@ class SpecialFileError(FilterError): + class AbsoluteLinkError(FilterError): + def __init__(self, tarinfo): + self.tarinfo = tarinfo +- super().__init__(f'{tarinfo.name!r} is a symlink to an absolute path') ++ super().__init__(f'{tarinfo.name!r} is a link to an absolute path') + + class LinkOutsideDestinationError(FilterError): + def __init__(self, tarinfo, path): +@@ -762,10 +762,22 @@ class LinkOutsideDestinationError(FilterError): + super().__init__(f'{tarinfo.name!r} would link to {path!r}, ' + + 'which is outside the destination') + ++class LinkFallbackError(FilterError): ++ def __init__(self, tarinfo, path): ++ self.tarinfo = tarinfo ++ self._path = path ++ super().__init__(f'link {tarinfo.name!r} would be extracted as a ' ++ + f'copy of {path!r}, which was rejected') ++ ++# Errors caused by filters -- both "fatal" and "non-fatal" -- that ++# we consider to be issues with the argument, rather than a bug in the ++# filter function ++_FILTER_ERRORS = (FilterError, OSError, ExtractError) ++ + def _get_filtered_attrs(member, dest_path, for_data=True): + new_attrs = {} + name = member.name +- dest_path = os.path.realpath(dest_path) ++ dest_path = os.path.realpath(dest_path, strict=os.path.ALLOW_MISSING) + # Strip leading / (tar's directory separator) from filenames. + # Include os.sep (target OS directory separator) as well. + if name.startswith(('/', os.sep)): +@@ -775,7 +787,8 @@ def _get_filtered_attrs(member, dest_path, for_data=True): + # For example, 'C:/foo' on Windows. + raise AbsolutePathError(member) + # Ensure we stay in the destination +- target_path = os.path.realpath(os.path.join(dest_path, name)) ++ target_path = os.path.realpath(os.path.join(dest_path, name), ++ strict=os.path.ALLOW_MISSING) + if os.path.commonpath([target_path, dest_path]) != dest_path: + raise OutsideDestinationError(member, target_path) + # Limit permissions (no high bits, and go-w) +@@ -813,7 +826,18 @@ def _get_filtered_attrs(member, dest_path, for_data=True): + if member.islnk() or member.issym(): + if os.path.isabs(member.linkname): + raise AbsoluteLinkError(member) +- target_path = os.path.realpath(os.path.join(dest_path, member.linkname)) ++ normalized = os.path.normpath(member.linkname) ++ if normalized != member.linkname: ++ new_attrs['linkname'] = normalized ++ if member.issym(): ++ target_path = os.path.join(dest_path, ++ os.path.dirname(name), ++ member.linkname) ++ else: ++ target_path = os.path.join(dest_path, ++ member.linkname) ++ target_path = os.path.realpath(target_path, ++ strict=os.path.ALLOW_MISSING) + if os.path.commonpath([target_path, dest_path]) != dest_path: + raise LinkOutsideDestinationError(member, target_path) + return new_attrs +@@ -2236,30 +2260,58 @@ class TarFile(object): + members = self + + for member in members: +- tarinfo = self._get_extract_tarinfo(member, filter_function, path) ++ tarinfo, unfiltered = self._get_extract_tarinfo( ++ member, filter_function, path) + if tarinfo is None: + continue + if tarinfo.isdir(): + # For directories, delay setting attributes until later, + # since permissions can interfere with extraction and + # extracting contents can reset mtime. +- directories.append(tarinfo) ++ directories.append(unfiltered) + self._extract_one(tarinfo, path, set_attrs=not tarinfo.isdir(), +- numeric_owner=numeric_owner) ++ numeric_owner=numeric_owner, ++ filter_function=filter_function) + + # Reverse sort directories. + directories.sort(key=lambda a: a.name, reverse=True) + ++ + # Set correct owner, mtime and filemode on directories. +- for tarinfo in directories: +- dirpath = os.path.join(path, tarinfo.name) ++ for unfiltered in directories: + try: ++ # Need to re-apply any filter, to take the *current* filesystem ++ # state into account. ++ try: ++ tarinfo = filter_function(unfiltered, path) ++ except _FILTER_ERRORS as exc: ++ self._log_no_directory_fixup(unfiltered, repr(exc)) ++ continue ++ if tarinfo is None: ++ self._log_no_directory_fixup(unfiltered, ++ 'excluded by filter') ++ continue ++ dirpath = os.path.join(path, tarinfo.name) ++ try: ++ lstat = os.lstat(dirpath) ++ except FileNotFoundError: ++ self._log_no_directory_fixup(tarinfo, 'missing') ++ continue ++ if not stat.S_ISDIR(lstat.st_mode): ++ # This is no longer a directory; presumably a later ++ # member overwrote the entry. ++ self._log_no_directory_fixup(tarinfo, 'not a directory') ++ continue + self.chown(tarinfo, dirpath, numeric_owner=numeric_owner) + self.utime(tarinfo, dirpath) + self.chmod(tarinfo, dirpath) + except ExtractError as e: + self._handle_nonfatal_error(e) + ++ def _log_no_directory_fixup(self, member, reason): ++ self._dbg(2, "tarfile: Not fixing up directory %r (%s)" % ++ (member.name, reason)) ++ + def extract(self, member, path="", set_attrs=True, *, numeric_owner=False, + filter=None): + """Extract a member from the archive to the current working directory, +@@ -2275,41 +2327,56 @@ class TarFile(object): + String names of common filters are accepted. + """ + filter_function = self._get_filter_function(filter) +- tarinfo = self._get_extract_tarinfo(member, filter_function, path) ++ tarinfo, unfiltered = self._get_extract_tarinfo( ++ member, filter_function, path) + if tarinfo is not None: + self._extract_one(tarinfo, path, set_attrs, numeric_owner) + + def _get_extract_tarinfo(self, member, filter_function, path): +- """Get filtered TarInfo (or None) from member, which might be a str""" ++ """Get (filtered, unfiltered) TarInfos from *member* ++ ++ *member* might be a string. ++ ++ Return (None, None) if not found. ++ """ ++ + if isinstance(member, str): +- tarinfo = self.getmember(member) ++ unfiltered = self.getmember(member) + else: +- tarinfo = member ++ unfiltered = member + +- unfiltered = tarinfo ++ filtered = None + try: +- tarinfo = filter_function(tarinfo, path) ++ filtered = filter_function(unfiltered, path) + except (OSError, FilterError) as e: + self._handle_fatal_error(e) + except ExtractError as e: + self._handle_nonfatal_error(e) +- if tarinfo is None: ++ if filtered is None: + self._dbg(2, "tarfile: Excluded %r" % unfiltered.name) +- return None ++ return None, None ++ + # Prepare the link target for makelink(). +- if tarinfo.islnk(): +- tarinfo = copy.copy(tarinfo) +- tarinfo._link_target = os.path.join(path, tarinfo.linkname) +- return tarinfo ++ if filtered.islnk(): ++ filtered = copy.copy(filtered) ++ filtered._link_target = os.path.join(path, filtered.linkname) ++ return filtered, unfiltered + +- def _extract_one(self, tarinfo, path, set_attrs, numeric_owner): +- """Extract from filtered tarinfo to disk""" ++ def _extract_one(self, tarinfo, path, set_attrs, numeric_owner, ++ filter_function=None): ++ """Extract from filtered tarinfo to disk. ++ ++ filter_function is only used when extracting a *different* ++ member (e.g. as fallback to creating a symlink) ++ """ + self._check("r") + + try: + self._extract_member(tarinfo, os.path.join(path, tarinfo.name), + set_attrs=set_attrs, +- numeric_owner=numeric_owner) ++ numeric_owner=numeric_owner, ++ filter_function=filter_function, ++ extraction_root=path) + except OSError as e: + self._handle_fatal_error(e) + except ExtractError as e: +@@ -2366,9 +2433,13 @@ class TarFile(object): + return None + + def _extract_member(self, tarinfo, targetpath, set_attrs=True, +- numeric_owner=False): +- """Extract the TarInfo object tarinfo to a physical ++ numeric_owner=False, *, filter_function=None, ++ extraction_root=None): ++ """Extract the filtered TarInfo object tarinfo to a physical + file called targetpath. ++ ++ filter_function is only used when extracting a *different* ++ member (e.g. as fallback to creating a symlink) + """ + # Fetch the TarInfo object for the given name + # and build the destination pathname, replacing +@@ -2397,7 +2468,10 @@ class TarFile(object): + elif tarinfo.ischr() or tarinfo.isblk(): + self.makedev(tarinfo, targetpath) + elif tarinfo.islnk() or tarinfo.issym(): +- self.makelink(tarinfo, targetpath) ++ self.makelink_with_filter( ++ tarinfo, targetpath, ++ filter_function=filter_function, ++ extraction_root=extraction_root) + elif tarinfo.type not in SUPPORTED_TYPES: + self.makeunknown(tarinfo, targetpath) + else: +@@ -2479,26 +2553,57 @@ class TarFile(object): + os.makedev(tarinfo.devmajor, tarinfo.devminor)) + + def makelink(self, tarinfo, targetpath): ++ return self.makelink_with_filter(tarinfo, targetpath, None, None) ++ ++ def makelink_with_filter(self, tarinfo, targetpath, ++ filter_function, extraction_root): + """Make a (symbolic) link called targetpath. If it cannot be created + (platform limitation), we try to make a copy of the referenced file + instead of a link. ++ ++ filter_function is only used when extracting a *different* ++ member (e.g. as fallback to creating a link). + """ ++ keyerror_to_extracterror = False + try: + # For systems that support symbolic and hard links. + if tarinfo.issym(): ++ if os.path.lexists(targetpath): ++ # Avoid FileExistsError on following os.symlink. ++ os.unlink(targetpath) + os.symlink(tarinfo.linkname, targetpath) ++ return + else: + if os.path.exists(tarinfo._link_target): + os.link(tarinfo._link_target, targetpath) +- else: +- self._extract_member(self._find_link_target(tarinfo), +- targetpath) ++ return + except symlink_exception: ++ keyerror_to_extracterror = True ++ ++ try: ++ unfiltered = self._find_link_target(tarinfo) ++ except KeyError: ++ if keyerror_to_extracterror: ++ raise ExtractError( ++ "unable to resolve link inside archive") ++ else: ++ raise ++ ++ if filter_function is None: ++ filtered = unfiltered ++ else: ++ if extraction_root is None: ++ raise ExtractError( ++ "makelink_with_filter: if filter_function is not None, " ++ + "extraction_root must also not be None") + try: +- self._extract_member(self._find_link_target(tarinfo), +- targetpath) +- except KeyError: +- raise ExtractError("unable to resolve link inside archive") ++ filtered = filter_function(unfiltered, extraction_root) ++ except _FILTER_ERRORS as cause: ++ raise LinkFallbackError(tarinfo, unfiltered.name) from cause ++ if filtered is not None: ++ self._extract_member(filtered, targetpath, ++ filter_function=filter_function, ++ extraction_root=extraction_root) + + def chown(self, tarinfo, targetpath, numeric_owner): + """Set owner of targetpath according to tarinfo. If numeric_owner +diff --git a/Lib/test/test_ntpath.py b/Lib/test/test_ntpath.py +index bba1712cce..6666cea9f5 100644 +--- a/Lib/test/test_ntpath.py ++++ b/Lib/test/test_ntpath.py +@@ -1,8 +1,10 @@ + import ntpath + import os ++import subprocess + import sys + import unittest + import warnings ++from ntpath import ALLOW_MISSING + from test.support import TestFailed, FakePath + from test import support, test_genericpath + from tempfile import TemporaryFile +diff --git a/Lib/test/test_posixpath.py b/Lib/test/test_posixpath.py +index e73b31cb64..f41d032e26 100644 +--- a/Lib/test/test_posixpath.py ++++ b/Lib/test/test_posixpath.py +@@ -1,8 +1,10 @@ + import os ++import sys + import posixpath + import unittest + import warnings +-from posixpath import realpath, abspath, dirname, basename ++from functools import partial ++from posixpath import realpath, abspath, dirname, basename, ALLOW_MISSING + from test import support, test_genericpath + from test.support import FakePath + from unittest import mock +@@ -33,6 +35,26 @@ def safe_rmdir(dirname): + except OSError: + pass + ++def _parameterize(*parameters): ++ """Simplistic decorator to parametrize a test ++ ++ Runs the decorated test multiple times in subTest, with a value from ++ 'parameters' passed as an extra positional argument. ++ Does *not* call doCleanups() after each run. ++ ++ Not for general use. Intended to avoid indenting for easier backports. ++ ++ See https://discuss.python.org/t/91827 for discussing generalizations. ++ """ ++ def _parametrize_decorator(func): ++ def _parameterized(self, *args, **kwargs): ++ for parameter in parameters: ++ with self.subTest(parameter): ++ func(self, *args, parameter, **kwargs) ++ return _parameterized ++ return _parametrize_decorator ++ ++ + class PosixPathTest(unittest.TestCase): + + def setUp(self): +@@ -308,52 +330,167 @@ class PosixPathTest(unittest.TestCase): + b"/foo/bar") + + @skip_if_ABSTFN_contains_backslash +- def test_realpath_curdir(self): +- self.assertEqual(realpath('.'), os.getcwd()) +- self.assertEqual(realpath('./.'), os.getcwd()) +- self.assertEqual(realpath('/'.join(['.'] * 100)), os.getcwd()) ++ @_parameterize({}, {'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_realpath_curdir(self, kwargs): ++ self.assertEqual(realpath('.', **kwargs), os.getcwd()) ++ self.assertEqual(realpath('./.', **kwargs), os.getcwd()) ++ self.assertEqual(realpath('/'.join(['.'] * 100), **kwargs), os.getcwd()) + +- self.assertEqual(realpath(b'.'), os.getcwdb()) +- self.assertEqual(realpath(b'./.'), os.getcwdb()) +- self.assertEqual(realpath(b'/'.join([b'.'] * 100)), os.getcwdb()) ++ self.assertEqual(realpath(b'.', **kwargs), os.getcwdb()) ++ self.assertEqual(realpath(b'./.', **kwargs), os.getcwdb()) ++ self.assertEqual(realpath(b'/'.join([b'.'] * 100), **kwargs), os.getcwdb()) + + @skip_if_ABSTFN_contains_backslash +- def test_realpath_pardir(self): +- self.assertEqual(realpath('..'), dirname(os.getcwd())) +- self.assertEqual(realpath('../..'), dirname(dirname(os.getcwd()))) +- self.assertEqual(realpath('/'.join(['..'] * 100)), '/') ++ @_parameterize({}, {'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_realpath_pardir(self, kwargs): ++ self.assertEqual(realpath('..', **kwargs), dirname(os.getcwd())) ++ self.assertEqual(realpath('../..', **kwargs), dirname(dirname(os.getcwd()))) ++ self.assertEqual(realpath('/'.join(['..'] * 100), **kwargs), '/') + +- self.assertEqual(realpath(b'..'), dirname(os.getcwdb())) +- self.assertEqual(realpath(b'../..'), dirname(dirname(os.getcwdb()))) +- self.assertEqual(realpath(b'/'.join([b'..'] * 100)), b'/') ++ self.assertEqual(realpath(b'..', **kwargs), dirname(os.getcwdb())) ++ self.assertEqual(realpath(b'../..', **kwargs), dirname(dirname(os.getcwdb()))) ++ self.assertEqual(realpath(b'/'.join([b'..'] * 100), **kwargs), b'/') + + @unittest.skipUnless(hasattr(os, "symlink"), + "Missing symlink implementation") + @skip_if_ABSTFN_contains_backslash +- def test_realpath_basic(self): ++ @_parameterize({}, {'strict': ALLOW_MISSING}) ++ def test_realpath_basic(self, kwargs): + # Basic operation. + try: + os.symlink(ABSTFN+"1", ABSTFN) +- self.assertEqual(realpath(ABSTFN), ABSTFN+"1") ++ self.assertEqual(realpath(ABSTFN, **kwargs), ABSTFN+"1") + finally: + support.unlink(ABSTFN) + + @unittest.skipUnless(hasattr(os, "symlink"), + "Missing symlink implementation") + @skip_if_ABSTFN_contains_backslash +- def test_realpath_relative(self): ++ @_parameterize({}, {'strict': ALLOW_MISSING}) ++ def test_realpath_relative(self, kwargs): + try: + os.symlink(posixpath.relpath(ABSTFN+"1"), ABSTFN) +- self.assertEqual(realpath(ABSTFN), ABSTFN+"1") ++ self.assertEqual(realpath(ABSTFN, **kwargs), ABSTFN+"1") + finally: + support.unlink(ABSTFN) + + @unittest.skipUnless(hasattr(os, "symlink"), + "Missing symlink implementation") + @skip_if_ABSTFN_contains_backslash ++ def test_realpath_strict(self): ++ # Bug #43757: raise FileNotFoundError in strict mode if we encounter ++ # a path that does not exist. ++ try: ++ os.symlink(ABSTFN+"1", ABSTFN) ++ self.assertRaises(FileNotFoundError, realpath, ABSTFN, strict=True) ++ self.assertRaises(FileNotFoundError, realpath, ABSTFN + "2", strict=True) ++ finally: ++ support.unlink(ABSTFN) ++ ++ def test_realpath_invalid_paths(self): ++ path = '/\x00' ++ self.assertRaises(ValueError, realpath, path, strict=False) ++ self.assertRaises(ValueError, realpath, path, strict=True) ++ self.assertRaises(ValueError, realpath, path, strict=ALLOW_MISSING) ++ path = b'/\x00' ++ self.assertRaises(ValueError, realpath, path, strict=False) ++ self.assertRaises(ValueError, realpath, path, strict=True) ++ self.assertRaises(ValueError, realpath, path, strict=ALLOW_MISSING) ++ path = '/nonexistent/x\x00' ++ self.assertRaises(ValueError, realpath, path, strict=False) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ self.assertRaises(ValueError, realpath, path, strict=ALLOW_MISSING) ++ path = b'/nonexistent/x\x00' ++ self.assertRaises(ValueError, realpath, path, strict=False) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ self.assertRaises(ValueError, realpath, path, strict=ALLOW_MISSING) ++ path = '/\x00/..' ++ self.assertRaises(ValueError, realpath, path, strict=False) ++ self.assertRaises(ValueError, realpath, path, strict=True) ++ self.assertRaises(ValueError, realpath, path, strict=ALLOW_MISSING) ++ path = b'/\x00/..' ++ self.assertRaises(ValueError, realpath, path, strict=False) ++ self.assertRaises(ValueError, realpath, path, strict=True) ++ self.assertRaises(ValueError, realpath, path, strict=ALLOW_MISSING) ++ ++ path = '/nonexistent/x\x00/..' ++ self.assertRaises(ValueError, realpath, path, strict=False) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ self.assertRaises(ValueError, realpath, path, strict=ALLOW_MISSING) ++ path = b'/nonexistent/x\x00/..' ++ self.assertRaises(ValueError, realpath, path, strict=False) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ self.assertRaises(ValueError, realpath, path, strict=ALLOW_MISSING) ++ ++ path = '/\udfff' ++ if sys.platform == 'win32': ++ self.assertEqual(realpath(path, strict=False), path) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ self.assertEqual(realpath(path, strict=ALLOW_MISSING), path) ++ else: ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=False) ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=True) ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=ALLOW_MISSING) ++ path = '/nonexistent/\udfff' ++ if sys.platform == 'win32': ++ self.assertEqual(realpath(path, strict=False), path) ++ self.assertEqual(realpath(path, strict=ALLOW_MISSING), path) ++ else: ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=False) ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=ALLOW_MISSING) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ path = '/\udfff/..' ++ if sys.platform == 'win32': ++ self.assertEqual(realpath(path, strict=False), '/') ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ self.assertEqual(realpath(path, strict=ALLOW_MISSING), '/') ++ else: ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=False) ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=True) ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=ALLOW_MISSING) ++ path = '/nonexistent/\udfff/..' ++ if sys.platform == 'win32': ++ self.assertEqual(realpath(path, strict=False), '/nonexistent') ++ self.assertEqual(realpath(path, strict=ALLOW_MISSING), '/nonexistent') ++ else: ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=False) ++ self.assertRaises(UnicodeEncodeError, realpath, path, strict=ALLOW_MISSING) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ ++ path = b'/\xff' ++ if sys.platform == 'win32': ++ self.assertRaises(UnicodeDecodeError, realpath, path, strict=False) ++ self.assertRaises(UnicodeDecodeError, realpath, path, strict=True) ++ self.assertRaises(UnicodeDecodeError, realpath, path, strict=ALLOW_MISSING) ++ else: ++ self.assertEqual(realpath(path, strict=False), path) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ self.assertEqual(realpath(path, strict=ALLOW_MISSING), path) ++ path = b'/nonexistent/\xff' ++ if sys.platform == 'win32': ++ self.assertRaises(UnicodeDecodeError, realpath, path, strict=False) ++ self.assertRaises(UnicodeDecodeError, realpath, path, strict=ALLOW_MISSING) ++ else: ++ self.assertEqual(realpath(path, strict=False), path) ++ self.assertRaises(FileNotFoundError, realpath, path, strict=True) ++ ++ @unittest.skipUnless(hasattr(os, "symlink"), ++ "Missing symlink implementation") ++ @skip_if_ABSTFN_contains_backslash ++ @_parameterize({}, {'strict': ALLOW_MISSING}) ++ def test_realpath_missing_pardir(self, kwargs): ++ try: ++ os.symlink(support.TESTFN + "1", support.TESTFN) ++ self.assertEqual( ++ realpath("nonexistent/../" + support.TESTFN, **kwargs), ABSTFN + "1") ++ finally: ++ support.unlink(support.TESTFN) ++ ++ @support.skip_unless_symlink ++ @skip_if_ABSTFN_contains_backslash + def test_realpath_symlink_loops(self): + # Bug #930024, return the path unchanged if we get into an infinite +- # symlink loop. ++ # symlink loop in non-strict mode (default). + try: + os.symlink(ABSTFN, ABSTFN) + self.assertEqual(realpath(ABSTFN), ABSTFN) +@@ -393,13 +530,57 @@ class PosixPathTest(unittest.TestCase): + @unittest.skipUnless(hasattr(os, "symlink"), + "Missing symlink implementation") + @skip_if_ABSTFN_contains_backslash +- def test_realpath_repeated_indirect_symlinks(self): ++ @_parameterize({'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_realpath_symlink_loops_strict(self, kwargs): ++ # Bug #43757, raise OSError if we get into an infinite symlink loop in ++ # the strict modes. ++ try: ++ os.symlink(ABSTFN, ABSTFN) ++ self.assertRaises(OSError, realpath, ABSTFN, **kwargs) ++ ++ os.symlink(ABSTFN+"1", ABSTFN+"2") ++ os.symlink(ABSTFN+"2", ABSTFN+"1") ++ self.assertRaises(OSError, realpath, ABSTFN+"1", **kwargs) ++ self.assertRaises(OSError, realpath, ABSTFN+"2", **kwargs) ++ ++ self.assertRaises(OSError, realpath, ABSTFN+"1/x", **kwargs) ++ self.assertRaises(OSError, realpath, ABSTFN+"1/..", **kwargs) ++ self.assertRaises(OSError, realpath, ABSTFN+"1/../x", **kwargs) ++ os.symlink(ABSTFN+"x", ABSTFN+"y") ++ self.assertRaises(OSError, realpath, ++ ABSTFN+"1/../" + basename(ABSTFN) + "y", **kwargs) ++ self.assertRaises(OSError, realpath, ++ ABSTFN+"1/../" + basename(ABSTFN) + "1", **kwargs) ++ ++ os.symlink(basename(ABSTFN) + "a/b", ABSTFN+"a") ++ self.assertRaises(OSError, realpath, ABSTFN+"a", **kwargs) ++ ++ os.symlink("../" + basename(dirname(ABSTFN)) + "/" + ++ basename(ABSTFN) + "c", ABSTFN+"c") ++ self.assertRaises(OSError, realpath, ABSTFN+"c", **kwargs) ++ ++ # Test using relative path as well. ++ with support.change_cwd(dirname(ABSTFN)): ++ self.assertRaises(OSError, realpath, basename(ABSTFN), **kwargs) ++ finally: ++ support.unlink(ABSTFN) ++ support.unlink(ABSTFN+"1") ++ support.unlink(ABSTFN+"2") ++ support.unlink(ABSTFN+"y") ++ support.unlink(ABSTFN+"c") ++ support.unlink(ABSTFN+"a") ++ ++ @unittest.skipUnless(hasattr(os, "symlink"), ++ "Missing symlink implementation") ++ @skip_if_ABSTFN_contains_backslash ++ @_parameterize({}, {'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_realpath_repeated_indirect_symlinks(self, kwargs): + # Issue #6975. + try: + os.mkdir(ABSTFN) + os.symlink('../' + basename(ABSTFN), ABSTFN + '/self') + os.symlink('self/self/self', ABSTFN + '/link') +- self.assertEqual(realpath(ABSTFN + '/link'), ABSTFN) ++ self.assertEqual(realpath(ABSTFN + '/link', **kwargs), ABSTFN) + finally: + support.unlink(ABSTFN + '/self') + support.unlink(ABSTFN + '/link') +@@ -408,14 +589,15 @@ class PosixPathTest(unittest.TestCase): + @unittest.skipUnless(hasattr(os, "symlink"), + "Missing symlink implementation") + @skip_if_ABSTFN_contains_backslash +- def test_realpath_deep_recursion(self): ++ @_parameterize({}, {'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_realpath_deep_recursion(self, kwargs): + depth = 10 + try: + os.mkdir(ABSTFN) + for i in range(depth): + os.symlink('/'.join(['%d' % i] * 10), ABSTFN + '/%d' % (i + 1)) + os.symlink('.', ABSTFN + '/0') +- self.assertEqual(realpath(ABSTFN + '/%d' % depth), ABSTFN) ++ self.assertEqual(realpath(ABSTFN + '/%d' % depth, **kwargs), ABSTFN) + + # Test using relative path as well. + with support.change_cwd(ABSTFN): +@@ -428,7 +610,8 @@ class PosixPathTest(unittest.TestCase): + @unittest.skipUnless(hasattr(os, "symlink"), + "Missing symlink implementation") + @skip_if_ABSTFN_contains_backslash +- def test_realpath_resolve_parents(self): ++ @_parameterize({}, {'strict': ALLOW_MISSING}) ++ def test_realpath_resolve_parents(self, kwargs): + # We also need to resolve any symlinks in the parents of a relative + # path passed to realpath. E.g.: current working directory is + # /usr/doc with 'doc' being a symlink to /usr/share/doc. We call +@@ -439,7 +622,8 @@ class PosixPathTest(unittest.TestCase): + os.symlink(ABSTFN + "/y", ABSTFN + "/k") + + with support.change_cwd(ABSTFN + "/k"): +- self.assertEqual(realpath("a"), ABSTFN + "/y/a") ++ self.assertEqual(realpath("a", **kwargs), ++ ABSTFN + "/y/a") + finally: + support.unlink(ABSTFN + "/k") + safe_rmdir(ABSTFN + "/y") +@@ -448,7 +632,8 @@ class PosixPathTest(unittest.TestCase): + @unittest.skipUnless(hasattr(os, "symlink"), + "Missing symlink implementation") + @skip_if_ABSTFN_contains_backslash +- def test_realpath_resolve_before_normalizing(self): ++ @_parameterize({}, {'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_realpath_resolve_before_normalizing(self, kwargs): + # Bug #990669: Symbolic links should be resolved before we + # normalize the path. E.g.: if we have directories 'a', 'k' and 'y' + # in the following hierarchy: +@@ -463,10 +648,10 @@ class PosixPathTest(unittest.TestCase): + os.symlink(ABSTFN + "/k/y", ABSTFN + "/link-y") + + # Absolute path. +- self.assertEqual(realpath(ABSTFN + "/link-y/.."), ABSTFN + "/k") ++ self.assertEqual(realpath(ABSTFN + "/link-y/..", **kwargs), ABSTFN + "/k") + # Relative path. + with support.change_cwd(dirname(ABSTFN)): +- self.assertEqual(realpath(basename(ABSTFN) + "/link-y/.."), ++ self.assertEqual(realpath(basename(ABSTFN) + "/link-y/..", **kwargs), + ABSTFN + "/k") + finally: + support.unlink(ABSTFN + "/link-y") +@@ -477,7 +662,8 @@ class PosixPathTest(unittest.TestCase): + @unittest.skipUnless(hasattr(os, "symlink"), + "Missing symlink implementation") + @skip_if_ABSTFN_contains_backslash +- def test_realpath_resolve_first(self): ++ @_parameterize({}, {'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_realpath_resolve_first(self, kwargs): + # Bug #1213894: The first component of the path, if not absolute, + # must be resolved too. + +@@ -487,13 +673,70 @@ class PosixPathTest(unittest.TestCase): + os.symlink(ABSTFN, ABSTFN + "link") + with support.change_cwd(dirname(ABSTFN)): + base = basename(ABSTFN) +- self.assertEqual(realpath(base + "link"), ABSTFN) +- self.assertEqual(realpath(base + "link/k"), ABSTFN + "/k") ++ self.assertEqual(realpath(base + "link", **kwargs), ABSTFN) ++ self.assertEqual(realpath(base + "link/k", **kwargs), ABSTFN + "/k") + finally: + support.unlink(ABSTFN + "link") + safe_rmdir(ABSTFN + "/k") + safe_rmdir(ABSTFN) + ++ @support.skip_unless_symlink ++ @skip_if_ABSTFN_contains_backslash ++ @unittest.skipIf(os.chmod not in os.supports_follow_symlinks, "Can't set symlink permissions") ++ @unittest.skipIf(sys.platform != "darwin", "only macOS requires read permission to readlink()") ++ @_parameterize({'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_realpath_unreadable_symlink_strict(self, kwargs): ++ try: ++ os.symlink(ABSTFN+"1", ABSTFN) ++ os.chmod(ABSTFN, 0o000, follow_symlinks=False) ++ with self.assertRaises(PermissionError): ++ realpath(ABSTFN, **kwargs) ++ with self.assertRaises(PermissionError): ++ realpath(ABSTFN + '/foo', **kwargs), ++ with self.assertRaises(PermissionError): ++ realpath(ABSTFN + '/../foo', **kwargs) ++ with self.assertRaises(PermissionError): ++ realpath(ABSTFN + '/foo/..', **kwargs) ++ finally: ++ os.chmod(ABSTFN, 0o755, follow_symlinks=False) ++ os.unlink(ABSTFN) ++ ++ @skip_if_ABSTFN_contains_backslash ++ @support.skip_unless_symlink ++ def test_realpath_unreadable_directory(self): ++ try: ++ os.mkdir(ABSTFN) ++ os.mkdir(ABSTFN + '/k') ++ os.chmod(ABSTFN, 0o000) ++ self.assertEqual(realpath(ABSTFN, strict=False), ABSTFN) ++ self.assertEqual(realpath(ABSTFN, strict=True), ABSTFN) ++ self.assertEqual(realpath(ABSTFN, strict=ALLOW_MISSING), ABSTFN) ++ ++ try: ++ os.stat(ABSTFN) ++ except PermissionError: ++ pass ++ else: ++ self.skipTest('Cannot block permissions') ++ ++ self.assertEqual(realpath(ABSTFN + '/k', strict=False), ++ ABSTFN + '/k') ++ self.assertRaises(PermissionError, realpath, ABSTFN + '/k', ++ strict=True) ++ self.assertRaises(PermissionError, realpath, ABSTFN + '/k', ++ strict=ALLOW_MISSING) ++ ++ self.assertEqual(realpath(ABSTFN + '/missing', strict=False), ++ ABSTFN + '/missing') ++ self.assertRaises(PermissionError, realpath, ABSTFN + '/missing', ++ strict=True) ++ self.assertRaises(PermissionError, realpath, ABSTFN + '/missing', ++ strict=ALLOW_MISSING) ++ finally: ++ os.chmod(ABSTFN, 0o755) ++ safe_rmdir(ABSTFN + '/k') ++ safe_rmdir(ABSTFN) ++ + def test_relpath(self): + (real_getcwd, os.getcwd) = (os.getcwd, lambda: r"/home/user/bar") + try: +@@ -670,9 +913,12 @@ class PathLikeTests(unittest.TestCase): + def test_path_abspath(self): + self.assertPathEqual(self.path.abspath) + +- def test_path_realpath(self): ++ @_parameterize({}, {'strict': True}, {'strict': ALLOW_MISSING}) ++ def test_path_realpath(self, kwargs): + self.assertPathEqual(self.path.realpath) + ++ self.assertPathEqual(partial(self.path.realpath, **kwargs)) ++ + def test_path_relpath(self): + self.assertPathEqual(self.path.relpath) + +diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py +index 04ef000e71..c5d837e716 100644 +--- a/Lib/test/test_tarfile.py ++++ b/Lib/test/test_tarfile.py +@@ -1,3 +1,4 @@ ++import errno + import sys + import os + import io +@@ -1360,11 +1361,11 @@ class WriteTest(WriteTestBase, unittest.TestCase): + f.write('something\n') + os.symlink(source_file, target_file) + tar = tarfile.open(temparchive,'w') +- tar.add(source_file) +- tar.add(target_file) ++ tar.add(source_file, arcname="source") ++ tar.add(target_file, arcname="symlink") + tar.close() + # Let's extract it to the location which contains the symlink +- tar = tarfile.open(temparchive,'r') ++ tar = tarfile.open(temparchive,'r', errorlevel=2) + # this should not raise OSError: [Errno 17] File exists + try: + tar.extractall(path=tempdir) +@@ -2242,9 +2243,35 @@ class MiscTest(unittest.TestCase): + 'tar_filter', 'FilterError', 'AbsoluteLinkError', + 'OutsideDestinationError', 'SpecialFileError', + 'AbsolutePathError', 'LinkOutsideDestinationError', ++ 'LinkFallbackError', + } + support.check__all__(self, tarfile, blacklist=blacklist) + ++ @unittest.skipUnless(support.can_symlink(), 'requires symlink support') ++ @unittest.skipUnless(hasattr(os, 'chmod'), "missing os.chmod") ++ @unittest.mock.patch('os.chmod') ++ def test_deferred_directory_attributes_update(self, mock_chmod): ++ # Regression test for gh-127987: setting attributes on arbitrary files ++ tempdir = os.path.join(TEMPDIR, 'test127987') ++ def mock_chmod_side_effect(path, mode, **kwargs): ++ target_path = os.path.realpath(path) ++ if os.path.commonpath([target_path, tempdir]) != tempdir: ++ raise Exception("should not try to chmod anything outside the destination", target_path) ++ mock_chmod.side_effect = mock_chmod_side_effect ++ ++ outside_tree_dir = os.path.join(TEMPDIR, 'outside_tree_dir') ++ with ArchiveMaker() as arc: ++ arc.add('x', symlink_to='.') ++ arc.add('x', type=tarfile.DIRTYPE, mode='?rwsrwsrwt') ++ arc.add('x', symlink_to=outside_tree_dir) ++ ++ os.makedirs(outside_tree_dir) ++ try: ++ arc.open().extractall(path=tempdir, filter='tar') ++ finally: ++ support.rmtree(outside_tree_dir) ++ support.rmtree(tempdir) ++ + + class CommandLineTest(unittest.TestCase): + +@@ -2777,6 +2804,10 @@ class NoneInfoExtractTests(ReadTest): + got_paths = set( + p.relative_to(directory) + for p in pathlib.Path(directory).glob('**/*')) ++ if self.extraction_filter == 'data': ++ # The 'data' filter is expected to reject special files ++ for path in 'ustar/fifotype', 'ustar/blktype', 'ustar/chrtype': ++ got_paths.discard(pathlib.Path(path)) + self.assertEqual(self.control_paths, got_paths) + + @contextmanager +@@ -3003,10 +3034,28 @@ class ArchiveMaker: + self.bio = None + + def add(self, name, *, type=None, symlink_to=None, hardlink_to=None, +- mode=None, **kwargs): +- """Add a member to the test archive. Call within `with`.""" ++ mode=None, size=None, content=None, **kwargs): ++ """Add a member to the test archive. Call within `with`. ++ ++ Provides many shortcuts: ++ - default `type` is based on symlink_to, hardlink_to, and trailing `/` ++ in name (which is stripped) ++ - size & content defaults are based on each other ++ - content can be str or bytes ++ - mode should be textual ('-rwxrwxrwx') ++ ++ (add more! this is unstable internal test-only API) ++ """ + name = str(name) + tarinfo = tarfile.TarInfo(name).replace(**kwargs) ++ if content is not None: ++ if isinstance(content, str): ++ content = content.encode() ++ size = len(content) ++ if size is not None: ++ tarinfo.size = size ++ if content is None: ++ content = bytes(tarinfo.size) + if mode: + tarinfo.mode = _filemode_to_int(mode) + if symlink_to is not None: +@@ -3020,7 +3069,7 @@ class ArchiveMaker: + if type is not None: + tarinfo.type = type + if tarinfo.isreg(): +- fileobj = io.BytesIO(bytes(tarinfo.size)) ++ fileobj = io.BytesIO(content) + else: + fileobj = None + self.tar_w.addfile(tarinfo, fileobj) +@@ -3042,7 +3091,7 @@ class TestExtractionFilters(unittest.TestCase): + destdir = outerdir / 'dest' + + @contextmanager +- def check_context(self, tar, filter): ++ def check_context(self, tar, filter, *, check_flag=True, ignored_trees=()): + """Extracts `tar` to `self.destdir` and allows checking the result + + If an error occurs, it must be checked using `expect_exception` +@@ -3051,26 +3100,46 @@ class TestExtractionFilters(unittest.TestCase): + except the destination directory itself and parent directories of + other files. + When checking directories, do so before their contents. ++ ++ A file called 'flag' is made in outerdir (i.e. outside destdir) ++ before extraction; it should not be altered nor should its contents ++ be read/copied. ++ ++ *ignored_trees* is a set of directories to remove (including their ++ contents) right after the archive is extracted. It is a workaround ++ for Path.glob() failing to get all files in Python 3.10 and below. + """ + with support.temp_dir(self.outerdir): ++ flag_path = self.outerdir / 'flag' ++ flag_path.write_text('capture me') + try: + tar.extractall(self.destdir, filter=filter) + except Exception as exc: + self.raised_exception = exc ++ self.reraise_exception = True + self.expected_paths = set() + else: ++ for ignored_tree in ignored_trees: ++ support.rmtree((self.destdir / ignored_tree).resolve()) + self.raised_exception = None ++ self.reraise_exception = False + self.expected_paths = set(self.outerdir.glob('**/*')) + self.expected_paths.discard(self.destdir) ++ self.expected_paths.discard(flag_path) + try: +- yield ++ yield self + finally: + tar.close() +- if self.raised_exception: ++ if self.reraise_exception: + raise self.raised_exception + self.assertEqual(self.expected_paths, set()) ++ if check_flag: ++ self.assertEqual(flag_path.read_text(), 'capture me') ++ else: ++ assert filter == 'fully_trusted' + +- def expect_file(self, name, type=None, symlink_to=None, mode=None): ++ def expect_file(self, name, type=None, symlink_to=None, mode=None, ++ size=None, content=None): + """Check a single file. See check_context.""" + if self.raised_exception: + raise self.raised_exception +@@ -3080,7 +3149,7 @@ class TestExtractionFilters(unittest.TestCase): + self.expected_paths.remove(path) + + # When checking mode, ignore Windows (which can only set user read and +- # user write bits). Newer versions of Python use `os_helper.can_chmod()` ++ # user write bits). Newer versions of Python use `support.can_chmod()` + # instead of hardcoding Windows. + if mode is not None and sys.platform != 'win32': + got = stat.filemode(stat.S_IMODE(path.stat().st_mode)) +@@ -3094,24 +3163,47 @@ class TestExtractionFilters(unittest.TestCase): + # The symlink might be the same (textually) as what we expect, + # but some systems change the link to an equivalent path, so + # we fall back to samefile(). +- if expected != got: +- self.assertTrue(got.samefile(expected)) ++ try: ++ if expected != got: ++ self.assertTrue(got.samefile(expected)) ++ except Exception as e: ++ # attach a note, so it's shown even if `samefile` fails ++ # add_note not supported on Python < 3.11 ++ # new style formating with = not supported in 3.6 as well ++ # e.add_note(f'{expected=}, {got=}') ++ raise + elif type == tarfile.REGTYPE or type is None: + self.assertTrue(path.is_file()) + elif type == tarfile.DIRTYPE: + self.assertTrue(path.is_dir()) + elif type == tarfile.FIFOTYPE: + self.assertTrue(path.is_fifo()) ++ elif type == tarfile.SYMTYPE: ++ self.assertTrue(path.is_symlink()) + else: + raise NotImplementedError(type) ++ if size is not None: ++ self.assertEqual(path.stat().st_size, size) ++ if content is not None: ++ self.assertEqual(path.read_text(), content) + for parent in path.parents: + self.expected_paths.discard(parent) + ++ def expect_any_tree(self, name): ++ """Check a directory; forget about its contents.""" ++ tree_path = (self.destdir / name).resolve() ++ self.expect_file(tree_path, type=tarfile.DIRTYPE) ++ self.expected_paths = { ++ p for p in self.expected_paths ++ if tree_path not in p.parents ++ } ++ + def expect_exception(self, exc_type, message_re='.'): + with self.assertRaisesRegex(exc_type, message_re): + if self.raised_exception is not None: + raise self.raised_exception +- self.raised_exception = None ++ self.reraise_exception = False ++ return self.raised_exception + + def test_benign_file(self): + with ArchiveMaker() as arc: +@@ -3149,8 +3241,15 @@ class TestExtractionFilters(unittest.TestCase): + # Test interplaying symlinks + # Inspired by 'dirsymlink2a' in jwilk/traversal-archives + with ArchiveMaker() as arc: ++ ++ # `current` links to `.` which is both: ++ # - the destination directory ++ # - `current` itself + arc.add('current', symlink_to='.') ++ ++ # effectively points to ./../ + arc.add('parent', symlink_to='current/..') ++ + arc.add('parent/evil') + + if support.can_symlink(): +@@ -3188,12 +3287,121 @@ class TestExtractionFilters(unittest.TestCase): + with self.check_context(arc.open(), 'data'): + self.expect_file('parent/evil') + ++ @support.skip_unless_symlink ++ def test_realpath_limit_attack(self): ++ # (CVE-2025-4517) ++ ++ with ArchiveMaker() as arc: ++ # populate the symlinks and dirs that expand in os.path.realpath() ++ # The component length is chosen so that in common cases, the unexpanded ++ # path fits in PATH_MAX, but it overflows when the final symlink ++ # is expanded ++ steps = "abcdefghijklmnop" ++ if sys.platform == 'win32': ++ component = 'd' * 25 ++ elif 'PC_PATH_MAX' in os.pathconf_names: ++ max_path_len = os.pathconf(self.outerdir.parent, "PC_PATH_MAX") ++ path_sep_len = 1 ++ dest_len = len(str(self.destdir)) + path_sep_len ++ component_len = (max_path_len - dest_len) // (len(steps) + path_sep_len) ++ component = 'd' * component_len ++ else: ++ raise NotImplementedError("Need to guess component length for {sys.platform}") ++ path = "" ++ step_path = "" ++ for i in steps: ++ arc.add(os.path.join(path, component), type=tarfile.DIRTYPE, ++ mode='drwxrwxrwx') ++ arc.add(os.path.join(path, i), symlink_to=component) ++ path = os.path.join(path, component) ++ step_path = os.path.join(step_path, i) ++ # create the final symlink that exceeds PATH_MAX and simply points ++ # to the top dir. ++ # this link will never be expanded by ++ # os.path.realpath(strict=False), nor anything after it. ++ linkpath = os.path.join(*steps, "l"*254) ++ parent_segments = [".."] * len(steps) ++ arc.add(linkpath, symlink_to=os.path.join(*parent_segments)) ++ # make a symlink outside to keep the tar command happy ++ arc.add("escape", symlink_to=os.path.join(linkpath, "..")) ++ # use the symlinks above, that are not checked, to create a hardlink ++ # to a file outside of the destination path ++ arc.add("flaglink", hardlink_to=os.path.join("escape", "flag")) ++ # now that we have the hardlink we can overwrite the file ++ arc.add("flaglink", content='overwrite') ++ # we can also create new files as well! ++ arc.add("escape/newfile", content='new') ++ ++ with self.subTest('fully_trusted'), \ ++ self.check_context(arc.open(), filter='fully_trusted', ++ check_flag=False, ignored_trees={component}): ++ if sys.platform == 'win32': ++ self.expect_exception((FileNotFoundError, FileExistsError)) ++ elif self.raised_exception: ++ # Cannot symlink/hardlink: tarfile falls back to getmember() ++ self.expect_exception(KeyError) ++ # Otherwise, this block should never enter. ++ else: ++ self.expect_file('flaglink', content='overwrite') ++ self.expect_file('../newfile', content='new') ++ self.expect_file('escape', type=tarfile.SYMTYPE) ++ self.expect_file('a', symlink_to=component) ++ ++ for filter in 'tar', 'data': ++ with self.subTest(filter), self.check_context(arc.open(), filter=filter): ++ exc = self.expect_exception((OSError, KeyError)) ++ if isinstance(exc, OSError): ++ if sys.platform == 'win32': ++ # 3: ERROR_PATH_NOT_FOUND ++ # 5: ERROR_ACCESS_DENIED ++ # 206: ERROR_FILENAME_EXCED_RANGE ++ self.assertIn(exc.winerror, (3, 5, 206)) ++ else: ++ self.assertEqual(exc.errno, errno.ENAMETOOLONG) ++ + def test_parent_symlink2(self): + # Test interplaying symlinks + # Inspired by 'dirsymlink2b' in jwilk/traversal-archives ++ ++ # Posix and Windows have different pathname resolution: ++ # either symlink or a '..' component resolve first. ++ # Let's see which we are on. ++ if support.can_symlink(): ++ testpath = os.path.join(TEMPDIR, 'resolution_test') ++ os.mkdir(testpath) ++ ++ # testpath/current links to `.` which is all of: ++ # - `testpath` ++ # - `testpath/current` ++ # - `testpath/current/current` ++ # - etc. ++ os.symlink('.', os.path.join(testpath, 'current')) ++ ++ # we'll test where `testpath/current/../file` ends up ++ with open(os.path.join(testpath, 'current', '..', 'file'), 'w'): ++ pass ++ ++ if os.path.exists(os.path.join(testpath, 'file')): ++ # Windows collapses 'current\..' to '.' first, leaving ++ # 'testpath\file' ++ dotdot_resolves_early = True ++ elif os.path.exists(os.path.join(testpath, '..', 'file')): ++ # Posix resolves 'current' to '.' first, leaving ++ # 'testpath/../file' ++ dotdot_resolves_early = False ++ else: ++ raise AssertionError('Could not determine link resolution') ++ + with ArchiveMaker() as arc: ++ ++ # `current` links to `.` which is both the destination directory ++ # and `current` itself + arc.add('current', symlink_to='.') ++ ++ # `current/parent` is also available as `./parent`, ++ # and effectively points to `./../` + arc.add('current/parent', symlink_to='..') ++ + arc.add('parent/evil') + + with self.check_context(arc.open(), 'fully_trusted'): +@@ -3207,6 +3415,7 @@ class TestExtractionFilters(unittest.TestCase): + + with self.check_context(arc.open(), 'tar'): + if support.can_symlink(): ++ # Fail when extracting a file outside destination + self.expect_exception( + tarfile.OutsideDestinationError, + "'parent/evil' would be extracted to " +@@ -3217,10 +3426,24 @@ class TestExtractionFilters(unittest.TestCase): + self.expect_file('parent/evil') + + with self.check_context(arc.open(), 'data'): +- self.expect_exception( +- tarfile.LinkOutsideDestinationError, +- """'current/parent' would link to ['"].*['"], """ +- + "which is outside the destination") ++ if support.can_symlink(): ++ if dotdot_resolves_early: ++ # Fail when extracting a file outside destination ++ self.expect_exception( ++ tarfile.OutsideDestinationError, ++ "'parent/evil' would be extracted to " ++ + """['"].*evil['"], which is outside """ ++ + "the destination") ++ else: ++ # Fail as soon as we have a symlink outside the destination ++ self.expect_exception( ++ tarfile.LinkOutsideDestinationError, ++ "'current/parent' would link to " ++ + """['"].*outerdir['"], which is outside """ ++ + "the destination") ++ else: ++ self.expect_file('current/') ++ self.expect_file('parent/evil') + + def test_absolute_symlink(self): + # Test symlink to an absolute path +@@ -3249,11 +3472,29 @@ class TestExtractionFilters(unittest.TestCase): + with self.check_context(arc.open(), 'data'): + self.expect_exception( + tarfile.AbsoluteLinkError, +- "'parent' is a symlink to an absolute path") ++ "'parent' is a link to an absolute path") ++ ++ def test_absolute_hardlink(self): ++ # Test hardlink to an absolute path ++ # Inspired by 'dirsymlink' in https://github.com/jwilk/traversal-archives ++ with ArchiveMaker() as arc: ++ arc.add('parent', hardlink_to=self.outerdir / 'foo') ++ ++ with self.check_context(arc.open(), 'fully_trusted'): ++ self.expect_exception(KeyError, ".*foo. not found") ++ ++ with self.check_context(arc.open(), 'tar'): ++ self.expect_exception(KeyError, ".*foo. not found") ++ ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception( ++ tarfile.AbsoluteLinkError, ++ "'parent' is a link to an absolute path") + + def test_sly_relative0(self): + # Inspired by 'relative0' in jwilk/traversal-archives + with ArchiveMaker() as arc: ++ # points to `../../tmp/moo` + arc.add('../moo', symlink_to='..//tmp/moo') + + try: +@@ -3303,6 +3544,174 @@ class TestExtractionFilters(unittest.TestCase): + + """['"].*moo['"], which is outside the """ + + "destination") + ++ def test_deep_symlink(self): ++ # Test that symlinks and hardlinks inside a directory ++ # point to the correct file (`target` of size 3). ++ # If links aren't supported we get a copy of the file. ++ with ArchiveMaker() as arc: ++ arc.add('targetdir/target', size=3) ++ # a hardlink's linkname is relative to the archive ++ arc.add('linkdir/hardlink', hardlink_to=os.path.join( ++ 'targetdir', 'target')) ++ # a symlink's linkname is relative to the link's directory ++ arc.add('linkdir/symlink', symlink_to=os.path.join( ++ '..', 'targetdir', 'target')) ++ ++ for filter in 'tar', 'data', 'fully_trusted': ++ with self.check_context(arc.open(), filter): ++ self.expect_file('targetdir/target', size=3) ++ self.expect_file('linkdir/hardlink', size=3) ++ if support.can_symlink(): ++ self.expect_file('linkdir/symlink', size=3, ++ symlink_to='../targetdir/target') ++ else: ++ self.expect_file('linkdir/symlink', size=3) ++ ++ def test_chains(self): ++ # Test chaining of symlinks/hardlinks. ++ # Symlinks are created before the files they point to. ++ with ArchiveMaker() as arc: ++ arc.add('linkdir/symlink', symlink_to='hardlink') ++ arc.add('symlink2', symlink_to=os.path.join( ++ 'linkdir', 'hardlink2')) ++ arc.add('targetdir/target', size=3) ++ arc.add('linkdir/hardlink', hardlink_to='targetdir/target') ++ arc.add('linkdir/hardlink2', hardlink_to='linkdir/symlink') ++ ++ for filter in 'tar', 'data', 'fully_trusted': ++ with self.check_context(arc.open(), filter): ++ self.expect_file('targetdir/target', size=3) ++ self.expect_file('linkdir/hardlink', size=3) ++ self.expect_file('linkdir/hardlink2', size=3) ++ if support.can_symlink(): ++ self.expect_file('linkdir/symlink', size=3, ++ symlink_to='hardlink') ++ self.expect_file('symlink2', size=3, ++ symlink_to='linkdir/hardlink2') ++ else: ++ self.expect_file('linkdir/symlink', size=3) ++ self.expect_file('symlink2', size=3) ++ ++ def test_sneaky_hardlink_fallback(self): ++ # (CVE-2025-4330) ++ # Test that when hardlink extraction falls back to extracting members ++ # from the archive, the extracted member is (re-)filtered. ++ with ArchiveMaker() as arc: ++ # Create a directory structure so the c/escape symlink stays ++ # inside the path ++ arc.add("a/t/dummy") ++ # Create b/ directory ++ arc.add("b/") ++ # Point "c" to the bottom of the tree in "a" ++ arc.add("c", symlink_to=os.path.join("a", "t")) ++ # link to non-existant location under "a" ++ arc.add("c/escape", symlink_to=os.path.join("..", "..", ++ "link_here")) ++ # Move "c" to point to "b" ("c/escape" no longer exists) ++ arc.add("c", symlink_to="b") ++ # Attempt to create a hard link to "c/escape". Since it doesn't ++ # exist it will attempt to extract "cescape" but at "boom". ++ arc.add("boom", hardlink_to=os.path.join("c", "escape")) ++ ++ with self.check_context(arc.open(), 'data'): ++ if not support.can_symlink(): ++ # When 'c/escape' is extracted, 'c' is a regular ++ # directory, and 'c/escape' *would* point outside ++ # the destination if symlinks were allowed. ++ self.expect_exception( ++ tarfile.LinkOutsideDestinationError) ++ elif sys.platform == "win32": ++ # On Windows, 'c/escape' points outside the destination ++ self.expect_exception(tarfile.LinkOutsideDestinationError) ++ else: ++ e = self.expect_exception( ++ tarfile.LinkFallbackError, ++ "link 'boom' would be extracted as a copy of " ++ "'c/escape', which was rejected") ++ self.assertIsInstance(e.__cause__, ++ tarfile.LinkOutsideDestinationError) ++ for filter in 'tar', 'fully_trusted': ++ with self.subTest(filter), self.check_context(arc.open(), filter): ++ if not support.can_symlink(): ++ self.expect_file("a/t/dummy") ++ self.expect_file("b/") ++ self.expect_file("c/") ++ else: ++ self.expect_file("a/t/dummy") ++ self.expect_file("b/") ++ self.expect_file("a/t/escape", symlink_to='../../link_here') ++ self.expect_file("boom", symlink_to='../../link_here') ++ self.expect_file("c", symlink_to='b') ++ ++ def test_exfiltration_via_symlink(self): ++ # (CVE-2025-4138) ++ # Test changing symlinks that result in a symlink pointing outside ++ # the extraction directory, unless prevented by 'data' filter's ++ # normalization. ++ with ArchiveMaker() as arc: ++ arc.add("escape", symlink_to=os.path.join('link', 'link', '..', '..', 'link-here')) ++ arc.add("link", symlink_to='./') ++ ++ for filter in 'tar', 'data', 'fully_trusted': ++ with self.check_context(arc.open(), filter): ++ if support.can_symlink(): ++ self.expect_file("link", symlink_to='./') ++ if filter == 'data': ++ self.expect_file("escape", symlink_to='link-here') ++ else: ++ self.expect_file("escape", ++ symlink_to='link/link/../../link-here') ++ else: ++ # Nothing is extracted. ++ pass ++ ++ def test_chmod_outside_dir(self): ++ # (CVE-2024-12718) ++ # Test that members used for delayed updates of directory metadata ++ # are (re-)filtered. ++ with ArchiveMaker() as arc: ++ # "pwn" is a veeeery innocent symlink: ++ arc.add("a/pwn", symlink_to='.') ++ # But now "pwn" is also a directory, so it's scheduled to have its ++ # metadata updated later: ++ arc.add("a/pwn/", mode='drwxrwxrwx') ++ # Oops, "pwn" is not so innocent any more: ++ arc.add("a/pwn", symlink_to='x/../') ++ # Newly created symlink points to the dest dir, ++ # so it's OK for the "data" filter. ++ arc.add('a/x', symlink_to=('../')) ++ # But now "pwn" points outside the dest dir ++ ++ for filter in 'tar', 'data', 'fully_trusted': ++ with self.check_context(arc.open(), filter) as cc: ++ if not support.can_symlink(): ++ self.expect_file("a/pwn/") ++ elif filter == 'data': ++ self.expect_file("a/x", symlink_to='../') ++ self.expect_file("a/pwn", symlink_to='.') ++ else: ++ self.expect_file("a/x", symlink_to='../') ++ self.expect_file("a/pwn", symlink_to='x/../') ++ if sys.platform != "win32": ++ st_mode = cc.outerdir.stat().st_mode ++ self.assertNotEqual(st_mode & 0o777, 0o777) ++ ++ def test_link_fallback_normalizes(self): ++ # Make sure hardlink fallbacks work for non-normalized paths for all ++ # filters ++ with ArchiveMaker() as arc: ++ arc.add("dir/") ++ arc.add("dir/../afile") ++ arc.add("link1", hardlink_to='dir/../afile') ++ arc.add("link2", hardlink_to='dir/../dir/../afile') ++ ++ for filter in 'tar', 'data', 'fully_trusted': ++ with self.check_context(arc.open(), filter) as cc: ++ self.expect_file("dir/") ++ self.expect_file("afile") ++ self.expect_file("link1") ++ self.expect_file("link2") ++ + def test_modes(self): + # Test how file modes are extracted + # (Note that the modes are ignored on platforms without working chmod) +@@ -3404,7 +3813,7 @@ class TestExtractionFilters(unittest.TestCase): + # The 'tar' filter returns TarInfo objects with the same name/type. + # (It can also fail for particularly "evil" input, but we don't have + # that in the test archive.) +- with tarfile.TarFile.open(tarname) as tar: ++ with tarfile.TarFile.open(tarname, encoding="iso8859-1") as tar: + for tarinfo in tar.getmembers(): + filtered = tarfile.tar_filter(tarinfo, '') + self.assertIs(filtered.name, tarinfo.name) +@@ -3413,7 +3822,7 @@ class TestExtractionFilters(unittest.TestCase): + def test_data_filter(self): + # The 'data' filter either raises, or returns TarInfo with the same + # name/type. +- with tarfile.TarFile.open(tarname) as tar: ++ with tarfile.TarFile.open(tarname, encoding="iso8859-1") as tar: + for tarinfo in tar.getmembers(): + try: + filtered = tarfile.data_filter(tarinfo, '') +@@ -3542,13 +3951,13 @@ class TestExtractionFilters(unittest.TestCase): + # If errorlevel is 0, errors affected by errorlevel are ignored + + with self.check_context(arc.open(errorlevel=0), extracterror_filter): +- self.expect_file('file') ++ pass + + with self.check_context(arc.open(errorlevel=0), filtererror_filter): +- self.expect_file('file') ++ pass + + with self.check_context(arc.open(errorlevel=0), oserror_filter): +- self.expect_file('file') ++ pass + + with self.check_context(arc.open(errorlevel=0), tarerror_filter): + self.expect_exception(tarfile.TarError) +@@ -3559,7 +3968,7 @@ class TestExtractionFilters(unittest.TestCase): + # If 1, all fatal errors are raised + + with self.check_context(arc.open(errorlevel=1), extracterror_filter): +- self.expect_file('file') ++ pass + + with self.check_context(arc.open(errorlevel=1), filtererror_filter): + self.expect_exception(tarfile.FilterError) +diff --git a/Misc/NEWS.d/next/Library/2023-08-10-17-36-22.gh-issue-107845.dABiMJ.rst b/Misc/NEWS.d/next/Library/2023-08-10-17-36-22.gh-issue-107845.dABiMJ.rst +new file mode 100644 +index 0000000000..32c1fb93f4 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2023-08-10-17-36-22.gh-issue-107845.dABiMJ.rst +@@ -0,0 +1,3 @@ ++:func:`tarfile.data_filter` now takes the location of symlinks into account ++when determining their target, so it will no longer reject some valid ++tarballs with ``LinkOutsideDestinationError``. diff --git a/00467-tarfile-cve-2025-8194.patch b/00467-tarfile-cve-2025-8194.patch new file mode 100644 index 0000000..08cef22 --- /dev/null +++ b/00467-tarfile-cve-2025-8194.patch @@ -0,0 +1,212 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Alexander Urieles +Date: Mon, 28 Jul 2025 17:37:26 +0200 +Subject: 00467: tarfile CVE-2025-8194 + +tarfile now validates archives to ensure member offsets are non-negative (GH-137027) + +Co-authored-by: Gregory P. Smith +--- + Lib/tarfile.py | 3 + + Lib/test/test_tarfile.py | 156 ++++++++++++++++++ + ...-07-23-00-35-29.gh-issue-130577.c7EITy.rst | 3 + + 3 files changed, 162 insertions(+) + create mode 100644 Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst + +diff --git a/Lib/tarfile.py b/Lib/tarfile.py +index 1a7d5f772a..4f536cb002 100755 +--- a/Lib/tarfile.py ++++ b/Lib/tarfile.py +@@ -1582,6 +1582,9 @@ class TarInfo(object): + """Round up a byte count by BLOCKSIZE and return it, + e.g. _block(834) => 1024. + """ ++ # Only non-negative offsets are allowed ++ if count < 0: ++ raise InvalidHeaderError("invalid offset") + blocks, remainder = divmod(count, BLOCKSIZE) + if remainder: + blocks += 1 +diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py +index c5d837e716..484f114180 100644 +--- a/Lib/test/test_tarfile.py ++++ b/Lib/test/test_tarfile.py +@@ -43,6 +43,7 @@ bz2name = os.path.join(TEMPDIR, "testtar.tar.bz2") + xzname = os.path.join(TEMPDIR, "testtar.tar.xz") + tmpname = os.path.join(TEMPDIR, "tmp.tar") + dotlessname = os.path.join(TEMPDIR, "testtar") ++SPACE = b" " + + md5_regtype = "65f477c818ad9e15f7feab0c6d37742f" + md5_sparse = "a54fbc4ca4f4399a90e1b27164012fc6" +@@ -4005,6 +4006,161 @@ class TestExtractionFilters(unittest.TestCase): + self.expect_exception(TypeError) # errorlevel is not int + + ++class OffsetValidationTests(unittest.TestCase): ++ tarname = tmpname ++ invalid_posix_header = ( ++ # name: 100 bytes ++ tarfile.NUL * tarfile.LENGTH_NAME ++ # mode, space, null terminator: 8 bytes ++ + b"000755" + SPACE + tarfile.NUL ++ # uid, space, null terminator: 8 bytes ++ + b"000001" + SPACE + tarfile.NUL ++ # gid, space, null terminator: 8 bytes ++ + b"000001" + SPACE + tarfile.NUL ++ # size, space: 12 bytes ++ + b"\xff" * 11 + SPACE ++ # mtime, space: 12 bytes ++ + tarfile.NUL * 11 + SPACE ++ # chksum: 8 bytes ++ + b"0011407" + tarfile.NUL ++ # type: 1 byte ++ + tarfile.REGTYPE ++ # linkname: 100 bytes ++ + tarfile.NUL * tarfile.LENGTH_LINK ++ # magic: 6 bytes, version: 2 bytes ++ + tarfile.POSIX_MAGIC ++ # uname: 32 bytes ++ + tarfile.NUL * 32 ++ # gname: 32 bytes ++ + tarfile.NUL * 32 ++ # devmajor, space, null terminator: 8 bytes ++ + tarfile.NUL * 6 + SPACE + tarfile.NUL ++ # devminor, space, null terminator: 8 bytes ++ + tarfile.NUL * 6 + SPACE + tarfile.NUL ++ # prefix: 155 bytes ++ + tarfile.NUL * tarfile.LENGTH_PREFIX ++ # padding: 12 bytes ++ + tarfile.NUL * 12 ++ ) ++ invalid_gnu_header = ( ++ # name: 100 bytes ++ tarfile.NUL * tarfile.LENGTH_NAME ++ # mode, null terminator: 8 bytes ++ + b"0000755" + tarfile.NUL ++ # uid, null terminator: 8 bytes ++ + b"0000001" + tarfile.NUL ++ # gid, space, null terminator: 8 bytes ++ + b"0000001" + tarfile.NUL ++ # size, space: 12 bytes ++ + b"\xff" * 11 + SPACE ++ # mtime, space: 12 bytes ++ + tarfile.NUL * 11 + SPACE ++ # chksum: 8 bytes ++ + b"0011327" + tarfile.NUL ++ # type: 1 byte ++ + tarfile.REGTYPE ++ # linkname: 100 bytes ++ + tarfile.NUL * tarfile.LENGTH_LINK ++ # magic: 8 bytes ++ + tarfile.GNU_MAGIC ++ # uname: 32 bytes ++ + tarfile.NUL * 32 ++ # gname: 32 bytes ++ + tarfile.NUL * 32 ++ # devmajor, null terminator: 8 bytes ++ + tarfile.NUL * 8 ++ # devminor, null terminator: 8 bytes ++ + tarfile.NUL * 8 ++ # padding: 167 bytes ++ + tarfile.NUL * 167 ++ ) ++ invalid_v7_header = ( ++ # name: 100 bytes ++ tarfile.NUL * tarfile.LENGTH_NAME ++ # mode, space, null terminator: 8 bytes ++ + b"000755" + SPACE + tarfile.NUL ++ # uid, space, null terminator: 8 bytes ++ + b"000001" + SPACE + tarfile.NUL ++ # gid, space, null terminator: 8 bytes ++ + b"000001" + SPACE + tarfile.NUL ++ # size, space: 12 bytes ++ + b"\xff" * 11 + SPACE ++ # mtime, space: 12 bytes ++ + tarfile.NUL * 11 + SPACE ++ # chksum: 8 bytes ++ + b"0010070" + tarfile.NUL ++ # type: 1 byte ++ + tarfile.REGTYPE ++ # linkname: 100 bytes ++ + tarfile.NUL * tarfile.LENGTH_LINK ++ # padding: 255 bytes ++ + tarfile.NUL * 255 ++ ) ++ valid_gnu_header = tarfile.TarInfo("filename").tobuf(tarfile.GNU_FORMAT) ++ data_block = b"\xff" * tarfile.BLOCKSIZE ++ ++ def _write_buffer(self, buffer): ++ with open(self.tarname, "wb") as f: ++ f.write(buffer) ++ ++ def _get_members(self, ignore_zeros=None): ++ with open(self.tarname, "rb") as f: ++ with tarfile.open( ++ mode="r", fileobj=f, ignore_zeros=ignore_zeros ++ ) as tar: ++ return tar.getmembers() ++ ++ def _assert_raises_read_error_exception(self): ++ with self.assertRaisesRegex( ++ tarfile.ReadError, "file could not be opened successfully" ++ ): ++ self._get_members() ++ ++ def test_invalid_offset_header_validations(self): ++ for tar_format, invalid_header in ( ++ ("posix", self.invalid_posix_header), ++ ("gnu", self.invalid_gnu_header), ++ ("v7", self.invalid_v7_header), ++ ): ++ with self.subTest(format=tar_format): ++ self._write_buffer(invalid_header) ++ self._assert_raises_read_error_exception() ++ ++ def test_early_stop_at_invalid_offset_header(self): ++ buffer = self.valid_gnu_header + self.invalid_gnu_header + self.valid_gnu_header ++ self._write_buffer(buffer) ++ members = self._get_members() ++ self.assertEqual(len(members), 1) ++ self.assertEqual(members[0].name, "filename") ++ self.assertEqual(members[0].offset, 0) ++ ++ def test_ignore_invalid_archive(self): ++ # 3 invalid headers with their respective data ++ buffer = (self.invalid_gnu_header + self.data_block) * 3 ++ self._write_buffer(buffer) ++ members = self._get_members(ignore_zeros=True) ++ self.assertEqual(len(members), 0) ++ ++ def test_ignore_invalid_offset_headers(self): ++ for first_block, second_block, expected_offset in ( ++ ( ++ (self.valid_gnu_header), ++ (self.invalid_gnu_header + self.data_block), ++ 0, ++ ), ++ ( ++ (self.invalid_gnu_header + self.data_block), ++ (self.valid_gnu_header), ++ 1024, ++ ), ++ ): ++ self._write_buffer(first_block + second_block) ++ members = self._get_members(ignore_zeros=True) ++ self.assertEqual(len(members), 1) ++ self.assertEqual(members[0].name, "filename") ++ self.assertEqual(members[0].offset, expected_offset) ++ ++ + def setUpModule(): + support.unlink(TEMPDIR) + os.makedirs(TEMPDIR) +diff --git a/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst b/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst +new file mode 100644 +index 0000000000..342cabbc86 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst +@@ -0,0 +1,3 @@ ++:mod:`tarfile` now validates archives to ensure member offsets are ++non-negative. (Contributed by Alexander Enrique Urieles Nieto in ++:gh:`130577`.) diff --git a/pip-CVE-2007-4559.patch b/pip-CVE-2007-4559.patch new file mode 100644 index 0000000..635f90c --- /dev/null +++ b/pip-CVE-2007-4559.patch @@ -0,0 +1,42 @@ +diff --git a/pip/_internal/utils/misc.py b/pip/_internal/utils/misc.py +index 84a421f..fbdb654 100644 +--- a/pip/_internal/utils/misc.py ++++ b/pip/_internal/utils/misc.py +@@ -532,6 +532,13 @@ def untar_file(filename, location): + if leading: + fn = split_leading_dir(fn)[1] + path = os.path.join(location, fn) ++ ++ # Call the `data` filter for its side effect (raising exception) ++ try: ++ tarfile.data_filter(member.replace(name=fn), location) ++ except tarfile.LinkOutsideDestinationError: ++ pass ++ + if member.isdir(): + ensure_dir(path) + elif member.issym(): +diff --git a/pip/_vendor/distlib/util.py b/pip/_vendor/distlib/util.py +index 0b14a93..8f3f12e 100644 +--- a/pip/_vendor/distlib/util.py ++++ b/pip/_vendor/distlib/util.py +@@ -1238,6 +1238,19 @@ def unarchive(archive_filename, dest_dir, format=None, check=True): + for tarinfo in archive.getmembers(): + if not isinstance(tarinfo.name, text_type): + tarinfo.name = tarinfo.name.decode('utf-8') ++ ++ # Limit extraction of dangerous items, if this Python ++ # allows it easily. If not, just trust the input. ++ # See: https://docs.python.org/3/library/tarfile.html#extraction-filters ++ def extraction_filter(member, path): ++ """Run tarfile.tar_fillter, but raise the expected ValueError""" ++ # This is only called if the current Python has tarfile filters ++ try: ++ return tarfile.tar_filter(member, path) ++ except tarfile.FilterError as exc: ++ raise ValueError(str(exc)) ++ archive.extraction_filter = extraction_filter ++ + archive.extractall(dest_dir) + + finally: diff --git a/plan.fmf b/plan.fmf new file mode 100644 index 0000000..8639a8d --- /dev/null +++ b/plan.fmf @@ -0,0 +1,38 @@ +execute: + how: tmt + +environment: + pybasever: '3.6' + +discover: + - name: tests_python + how: shell + url: https://src.fedoraproject.org/tests/python.git + tests: + - name: smoke + path: /smoke + test: "VERSION=${pybasever} TOX_REQUIRES='virtualenv<20.22.0' ./venv.sh" + - name: debugsmoke + path: /smoke + test: "PYTHON=python${pybasever}dm TOX=false VERSION=${pybasever} INSTALL_OR_SKIP=true ./venv.sh" + - name: marshalparser + path: /marshalparser + test: "VERSION=${pybasever} SAMPLE=10 ./test_marshalparser_compatibility.sh" + +prepare: + - name: Install dependencies + how: install + package: + - gcc + - python3-tox + - python${pybasever} + - glibc-all-langpacks # for locale tests + - marshalparser # for testing compatibility (magic numbers) with marshalparser + - dnf # for upgrade + - name: Update packages + how: shell + script: dnf upgrade -y + - name: rpm_qa + order: 100 + how: shell + script: rpm -qa | sort | tee $TMT_PLAN_DATA/rpmqa.txt diff --git a/python3.6.rpmlintrc b/python3.6.rpmlintrc index 2b57ecd..2b5059d 100644 --- a/python3.6.rpmlintrc +++ b/python3.6.rpmlintrc @@ -77,3 +77,9 @@ addFilter(r'\bpython3(\.\d+)?\.(src|spec): (E|W): specfile-error\s+$') # SPELLING ERRORS addFilter(r'spelling-error .* en_US (bytecode|pyc|filename|tkinter|namespaces|pytest) ') + +# These bundled provides are declared twice, as they're bundled twice +# separately in pip and setuptools. +addFilter(r'useless-provides bundled\(python3dist\(packaging\)\)') +addFilter(r'useless-provides bundled\(python3dist\(setuptools\)\)') +addFilter(r'useless-provides bundled\(python3dist\(six\)\)') diff --git a/python3.6.spec b/python3.6.spec index 51d1e10..190964f 100644 --- a/python3.6.spec +++ b/python3.6.spec @@ -17,8 +17,39 @@ URL: https://www.python.org/ #global prerel ... %global upstream_version %{general_version}%{?prerel} Version: %{general_version}%{?prerel:~%{prerel}} -Release: 1%{?dist} -License: Python +Release: 50%{?dist} +# Python is Python +# pip MIT is and bundles: +# appdirs: MIT +# distlib: Python +# distro: ASL 2.0 +# html5lib: MIT +# six: MIT +# colorama: BSD +# cachecontrol: ASL 2.0 +# msgpack-python: ASL 2.0 +# lockfile: MIT +# progress: ISC +# ipaddress: Python +# packaging: ASL 2.0 or BSD +# pep517: MIT +# pyparsing: MIT +# pytoml: MIT +# retrying: ASL 2.0 +# requests: ASL 2.0 +# chardet: LGPLv2 +# idna: BSD +# urllib3: MIT +# certifi: MPLv2.0 +# setuptools: MIT +# webencodings: BSD +# setuptools is MIT and bundles: +# packaging: ASL 2.0 or BSD +# pyparsing: MIT +# six: MIT +# appdirs: MIT +# Automatically converted from old format: Python and MIT and ASL 2.0 and BSD and ISC and LGPLv2 and MPLv2.0 and (ASL 2.0 or BSD) - review is highly recommended. +License: LicenseRef-Callaway-Python AND LicenseRef-Callaway-MIT AND Apache-2.0 AND LicenseRef-Callaway-BSD AND ISC AND LicenseRef-Callaway-LGPLv2 AND MPL-2.0 AND (Apache-2.0 OR LicenseRef-Callaway-BSD) # ================================== @@ -28,16 +59,27 @@ License: Python # Note that the bcond macros are named for the CLI option they create. # "%%bcond_without" means "ENABLE by default and create a --without option" +# Main Python, i.e. whether this is the main Python version in the distribution +# that owns /usr/bin/python3 and other unique paths +# This also means the built subpackages are called python3 rather than python3X +# WARNING: This also influences the flatpackage bcond below. +# By default, this is disabled. +%bcond_with main_python + # Flat package, i.e. python36, python37, python38 for tox etc. -# warning: changes some other defaults -# in Fedora, never turn this on for the python3 package -# and always keep it on for python36 etc. -# WARNING: This does not change the package name and summary above +# Default (in Fedora >= 44): disabled +# Default (in Fedora < 44): enabled when this is not the main Python +# Not supported: Combination of flatpackage enabled and main_python enabled +%if %{with main_python} || 0%{?fedora} >= 44 +%bcond_with flatpackage +%else %bcond_without flatpackage +%endif # Whether to use RPM build wheels from the python-{pip,setuptools}-wheel package # Uses upstream bundled prebuilt wheels otherwise -%bcond_without rpmwheels +# pip 22 no longer supports Python 3.6 +%bcond_with rpmwheels # Expensive optimizations (mainly, profile-guided optimizations) %ifarch %{ix86} x86_64 @@ -129,6 +171,8 @@ License: Python # General global macros # ===================== +%global pkgname python%{pybasever} + %global pylibdir %{_libdir}/python%{pybasever} %global dynload_dir %{pylibdir}/lib-dynload @@ -200,6 +244,11 @@ License: Python %global wordsize 32 %endif +# Opt-out from https://fedoraproject.org/wiki/Changes/fno-omit-frame-pointer +# Python is slower with frame pointers, but we expect to remove this in Python 3.12+ +# See https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org/thread/6TQYCHMX4FZLF27U5BCEC7IFV6XNBKJP/ +# Tracking bugzilla: https://bugzilla.redhat.com/2158729 +%undefine _include_frame_pointers # ======================= # Build-time requirements @@ -229,6 +278,7 @@ BuildRequires: libffi-devel BuildRequires: libnsl2-devel BuildRequires: libtirpc-devel BuildRequires: libGL-devel +BuildRequires: libxcrypt-devel BuildRequires: libX11-devel BuildRequires: make BuildRequires: ncurses-devel @@ -242,9 +292,9 @@ BuildRequires: gdb BuildRequires: openssl-devel BuildRequires: tar -BuildRequires: tcl-devel +BuildRequires: tcl-devel < 1:9 BuildRequires: tix-devel -BuildRequires: tk-devel +BuildRequires: tk-devel < 1:9 %if %{with valgrind} BuildRequires: valgrind-devel @@ -253,6 +303,7 @@ BuildRequires: valgrind-devel BuildRequires: xz-devel BuildRequires: zlib-devel +BuildRequires: systemtap-sdt-devel BuildRequires: /usr/bin/dtrace # workaround http://bugs.python.org/issue19804 (test_uuid requires ifconfig) @@ -261,6 +312,9 @@ BuildRequires: /usr/sbin/ifconfig %if %{with rpmwheels} BuildRequires: python-setuptools-wheel BuildRequires: python-pip-wheel +%else +# For %%python_wheel_inject_sbom +BuildRequires: python-rpm-macros %endif @@ -283,10 +337,23 @@ Source10: idle3.desktop # AppData file for idle3 Source11: idle3.appdata.xml +# Patches for bundled wheels + +# Patch for the bundled pip wheel for CVE-2007-4559 +Source101: pip-CVE-2007-4559.patch + +# Patch for the bundled setuptools wheel for CVE-2024-6345 +# Remote code execution via download functions in the package_index module +# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=2297771 +# Upstream solution: https://github.com/pypa/setuptools/pull/4332 +# Patch simplified because upstream doesn't support SVN anymore. +Source102: setuptools-CVE-2024-6345.patch + # (Patches taken from github.com/fedora-python/cpython) # 00001 # d06a8853cf4bae9e115f45e1d531d2dc152c5cc8 # Fixup distutils/unixccompiler.py to remove standard library path from rpath +# # Was Patch0 in ivazquez' python3000 specfile Patch1: 00001-rpath.patch @@ -406,6 +473,15 @@ Patch292: 00292-restore-PyExc_RecursionErrorInst-symbol.patch # See also: https://bugzilla.redhat.com/show_bug.cgi?id=1489816 Patch294: 00294-define-TLS-cipher-suite-on-build-time.patch +# 00319 # 137b120c34cd92a9694edc0196f0d78311071dba +# test_tarfile_ppc64 +# +# Fix sparse file tests of test_tarfile on ppc64le with the tmpfs +# filesystem. +# +# Upstream: https://bugs.python.org/issue35772 +Patch319: 00319-test_tarfile_ppc64.patch + # 00343 # c758d1d3051b80314a533a8a42244beb4670141e # Fix test_faulthandler on GCC 10 # @@ -450,6 +526,347 @@ Patch353: 00353-architecture-names-upstream-downstream.patch # - 8766cb74e186d3820db0a855ccd780d6d84461f7 Patch358: 00358-align-allocations-and-pygc_head-to-16-bytes-on-64-bit-platforms.patch +# 00361 # b3dd949b7947b1b44b358e0c30d080e5b16ca8bc +# openssl-3-compatibility +# +# Backported from Python 3.8 +# +# Based on https://github.com/stratakis/cpython/tree/fedora-3.6_openssl3_compat +Patch361: 00361-openssl-3-compatibility.patch + +# 00375 # 5488ab84d2447aa8df8b3502e76f151ac2488947 +# Fix test_distance to enable build on i686 +# +# Fix precision in test_distance (test.test_turtle.TestVec2D). +# See: https://bugzilla.redhat.com/show_bug.cgi?id=2038843 +Patch375: 00375-fix-test_distance-to-enable-build-on-i686.patch + +# 00378 # b0c3e36a85f7eec22d64222176ea5139c0bc097d +# Support expat 2.4.5 +# +# Curly brackets were never allowed in namespace URIs +# according to RFC 3986, and so-called namespace-validating +# XML parsers have the right to reject them a invalid URIs. +# +# libexpat >=2.4.5 has become strcter in that regard due to +# related security issues; with ET.XML instantiating a +# namespace-aware parser under the hood, this test has no +# future in CPython. +# +# References: +# - https://datatracker.ietf.org/doc/html/rfc3968 +# - https://www.w3.org/TR/xml-names/ +# +# Also, test_minidom.py: Support Expat >=2.4.5 +# +# Upstream: https://bugs.python.org/issue46811 +Patch378: 00378-support-expat-2-4-5.patch + +# 00382 # 9e275dcdf3934b827994ecc3247d583d5bab7985 +# CVE-2015-20107 +# +# Make mailcap refuse to match unsafe filenames/types/params (GH-91993) +# +# Upstream: https://github.com/python/cpython/issues/68966 +# +# Tracker bug: https://bugzilla.redhat.com/show_bug.cgi?id=2075390 +Patch382: 00382-cve-2015-20107.patch + +# 00386 # 0e4bced7d3cd0f94ebfbcc209e10dbf81607b073 +# CVE-2021-28861 +# +# Fix an open redirection vulnerability in the `http.server` module when +# an URI path starts with `//` that could produce a 301 Location header +# with a misleading target. Vulnerability discovered, and logic fix +# proposed, by Hamza Avvan (@hamzaavvan). +# +# Test and comments authored by Gregory P. Smith [Google]. +# +# Upstream: https://github.com/python/cpython/pull/93879 +# Tracking bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2120642 +Patch386: 00386-cve-2021-28861.patch + +# 00387 # c687b2d407c9ec9ddf30a14f7151aa2064a8b0eb +# CVE-2020-10735: Prevent DoS by very large int() +# +# gh-95778: CVE-2020-10735: Prevent DoS by very large int() (GH-96504) +# +# Converting between `int` and `str` in bases other than 2 +# (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now +# raises a `ValueError` if the number of digits in string form is above a +# limit to avoid potential denial of service attacks due to the algorithmic +# complexity. This is a mitigation for CVE-2020-10735 +# (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735). +# +# This new limit can be configured or disabled by environment variable, command +# line flag, or :mod:`sys` APIs. See the `Integer String Conversion Length +# Limitation` documentation. The default limit is 4300 +# digits in string form. +# +# Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback +# from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson. +# +# Notes on the backport to Python 3.6: +# +# * Use "Python 3.6.15-13" version in the documentation, whereas this +# version will never be released +# * Only add _Py_global_config_int_max_str_digits global variable: +# Python 3.6 doesn't have PyConfig API (PEP 597) nor _PyRuntime. +# * sys.flags.int_max_str_digits cannot be -1 on Python 3.6: it is +# set to the default limit. Adapt test_int_max_str_digits() for that. +# * Declare _PY_LONG_DEFAULT_MAX_STR_DIGITS and +# _PY_LONG_MAX_STR_DIGITS_THRESHOLD macros in longobject.h but only +# if the Py_BUILD_CORE macro is defined. +# * Declare _Py_global_config_int_max_str_digits in pydebug.h. +# +# +# gh-95778: Mention sys.set_int_max_str_digits() in error message (#96874) +# +# When ValueError is raised if an integer is larger than the limit, +# mention sys.set_int_max_str_digits() in the error message. +# +# +# gh-96848: Fix -X int_max_str_digits option parsing (#96988) +# +# Fix command line parsing: reject "-X int_max_str_digits" option with +# no value (invalid) when the PYTHONINTMAXSTRDIGITS environment +# variable is set to a valid limit. +Patch387: 00387-cve-2020-10735-prevent-dos-by-very-large-int.patch + +# 00392 # 033f82b975577a72218ce385b5333dcc5c88dfd5 +# CVE-2022-37454: Fix buffer overflows in _sha3 module +# +# This is a port of the applicable part of XKCP's fix [1] for +# CVE-2022-37454 and avoids the segmentation fault and the infinite +# loop in the test cases published in [2]. +# +# [1]: https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a +# [2]: https://mouha.be/sha-3-buffer-overflow/ +Patch392: 00392-cve-2022-37454-fix-buffer-overflows-in-_sha3-module.patch + +# 00394 # 377cbc015f738fdea510969d0dbe266748b6bb09 +# CVE-2022-45061: CPU denial of service via inefficient IDNA decoder +# +# gh-98433: Fix quadratic time idna decoding. +# +# There was an unnecessary quadratic loop in idna decoding. This restores +# the behavior to linear. +Patch394: 00394-cve-2022-45061-cpu-denial-of-service-via-inefficient-idna-decoder.patch + +# 00397 # e867e27272cd259b76133784ef3f2811e671f3db +# PEP 706, CVE-2007-4559: Filter API for tarfile.extractall +# +# Add API for allowing checks on the content of tar files, allowing callers to mitigate +# directory traversal (CVE-2007-4559) and related issues. +# +# Python 3.12 will warn if this API is not used. +# Python 3.14 will fail if it's not used. +# +# Backport from https://github.com/python/cpython/issues/102950 +# +# Change document: https://peps.python.org/pep-0706/ +Patch397: 00397-pep-706-cve-2007-4559-filter-api-for-tarfile-extractall.patch + +# 00399 # dc0a803eea47d3b4f0657816b112b5a33491500f +# CVE-2023-24329 +# +# gh-102153: Start stripping C0 control and space chars in `urlsplit` (GH-102508) +# +# `urllib.parse.urlsplit` has already been respecting the WHATWG spec a bit GH-25595. +# +# This adds more sanitizing to respect the "Remove any leading C0 control or space from input" [rule](https://url.spec.whatwg.org/GH-url-parsing:~:text=Remove%%20any%%20leading%%20and%%20trailing%%20C0%%20control%%20or%%20space%%20from%%20input.) in response to [CVE-2023-24329](https://nvd.nist.gov/vuln/detail/CVE-2023-24329). +# +# Backported from Python 3.12 +Patch399: 00399-cve-2023-24329.patch + +# 00407 # f562db9763f424318fd311e3267d2aed0afadbbe +# gh-99086: Fix implicit int compiler warning in configure check for PTHREAD_SCOPE_SYSTEM +Patch407: 00407-gh-99086-fix-implicit-int-compiler-warning-in-configure-check-for-pthread_scope_system.patch + +# 00409 # e9d6272416d44decf99497e4eca478e44be6a8e2 +# bpo-13497: Fix `broken nice` configure test +# +# Per POSIX, `nice(3)` requires `unistd.h` and `exit(3)` requires `stdlib.h`. +# +# Fixing the test will prevent false positives with pedantic compilers like clang. +Patch409: 00409-bpo-13497-fix-broken-nice-configure-test.patch + +# 00410 # ea9f02d63dc0f772362f520967bce90e4f4d3abd +# bpo-42598: Fix implicit function declarations in configure +# +# This is invalid in C99 and later and is an error with some compilers +# (e.g. clang in Xcode 12), and can thus cause configure checks to +# produce incorrect results. +Patch410: 00410-bpo-42598-fix-implicit-function-declarations-in-configure.patch + +# 00415 # b2fcdad7812f48865b2186b08c1ae28e9af65975 +# [CVE-2023-27043] gh-102988: Reject malformed addresses in email.parseaddr() (#111116) +# +# Detect email address parsing errors and return empty tuple to +# indicate the parsing error (old API). Add an optional 'strict' +# parameter to getaddresses() and parseaddr() functions. Patch by +# Thomas Dwyer. +Patch415: 00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch + +# 00419 # f13682530cc7e4daec2e40acd56508846fdd3aad +# gh-112769: test_zlib: Fix comparison of ZLIB_RUNTIME_VERSION with non-int suffix (GH-112771) (GH-112774) +# +# zlib-ng defines the version as "1.3.0.zlib-ng". +Patch419: 00419-gh-112769-test_zlib-fix-comparison-of-zlib_runtime_version-with-non-int-suffix-gh-112771-gh-112774.patch + +# 00422 # fefea32e0c70109a5c88e3d22ec9ff554fcbc6ab +# gh-115133: Fix tests for XMLPullParser with Expat 2.6.0 +# +# Feeding the parser by too small chunks defers parsing to prevent +# CVE-2023-52425. Future versions of Expat may be more reactive. +Patch422: 00422-gh-115133-fix-tests-for-xmlpullparser-with-expat-2-6-0.patch + +# 00423 # 81584d3af3b307c2aeede3ba8ae95c7efc81f5f7 +# bpo-33377: Add triplets for mips-r6 and riscv +Patch423: 00423-bpo-33377-add-triplets-for-mips-r6-and-riscv.patch + +# 00426 # 05ddec93394a09199c3bbb2d71a4a2566fd50332 +# CVE-2023-6597 +# +# Combines Two fixes for tempfile.TemporaryDirectory: +# https://github.com/python/cpython/commit/e9b51c0ad81da1da11ae65840ac8b50a8521373c +# https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a +Patch426: 00426-cve-2023-6597.patch + +# 00427 # 37c3b42b8931ed4eca0272bf53086eb28ca8544e +# ZipExtFile tell and seek, CVE-2024-0450 +# +# Backport of seek and tell methods for ZipExtFile makes it +# possible to backport the fix for CVE-2024-0450. +# +# Combines: +# https://github.com/python/cpython/commit/066df4fd454d6ff9be66e80b2a65995b10af174f +# https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba +Patch427: 00427-zipextfile-tell-and-seek-cve-2024-0450.patch + +# 00431 # ee1b513c52ab7663f7d58b07a1df123ea551e7c4 +# CVE-2024-4032: incorrect IPv4 and IPv6 private ranges +# +# Upstream issue: https://github.com/python/cpython/issues/113171 +# +# Backported from 3.8. +Patch431: 00431-cve-2024-4032.patch + +# 00435 # f80b87e6a67eebe0693b895261bad2e9a58a4825 +# gh-121650: Encode newlines in headers, and verify headers are sound (GH-122233) +# +# Per RFC 2047: +# +# > [...] these encoding schemes allow the +# > encoding of arbitrary octet values, mail readers that implement this +# > decoding should also ensure that display of the decoded data on the +# > recipient's terminal will not cause unwanted side-effects +# +# It seems that the "quoted-word" scheme is a valid way to include +# a newline character in a header value, just like we already allow +# undecodable bytes or control characters. +# They do need to be properly quoted when serialized to text, though. +# +# This should fail for custom fold() implementations that aren't careful +# about newlines. +# +# +# This patch also contains modified commit cherry picked from +# c5bba853d5e7836f6d4340e18721d3fb3a6ee0f7. +# +# This commit was backported to simplify the backport of the other commit +# fixing CVE. The only modification is a removal of one test case which +# tests multiple changes in Python 3.7 and it wasn't working properly +# with Python 3.6 where we backported only one change. +Patch435: 00435-gh-121650-encode-newlines-in-headers-and-verify.patch + +# 00437 # c1618bd3b415d9df1a2d050332220300d394ac5f +# CVE-2024-6232 Remove backtracking when parsing tarfile headers +# +# * Remove backtracking when parsing tarfile headers +# * Rewrite PAX header parsing to be stricter +# * Optimize parsing of GNU extended sparse headers v0.0 +Patch437: 00437-cve-2024-6232-remove-backtracking-when-parsing-tarfile-headers.patch + +# 00443 # 49e939f29e3551ec4e7bdb2cc8b8745e3d1fca35 +# gh-124651: Quote template strings in `venv` activation scripts +# +# (cherry picked from 3.9) +Patch443: 00443-gh-124651-quote-template-strings-in-venv-activation-scripts.patch + +# 00444 # fed0071c8c86599091f93967a5fa2cce42ceb840 +# Security fix for CVE-2024-11168 +# +# gh-103848: Adds checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format (GH-103849) +# +# Tests are adjusted because Python <3.9 don't support scoped IPv6 addresses. +Patch444: 00444-security-fix-for-cve-2024-11168.patch + +# 00446 # f5cc2c3be4273be70cdcdf9eb95abf425808f752 +# Resolve sinpi name clash with libm +# +# bpo-36106: Resolve sinpi name clash with libm (IEEE-754 violation). (GH-12027) +# +# The standard math library (libm) may follow IEEE-754 recommendation to +# include an implementation of sinPi(), i.e. sinPi(x):=sin(pi*x). +# And this triggers a name clash, found by FreeBSD developer +# Steve Kargl, who worken on putting sinpi into libm used on FreeBSD +# (it has to be named "sinpi", not "sinPi", cf. e.g. +# https://en.cppreference.com/w/c/experimental/fpext4). +Patch446: 00446-Resolve-sinpi-name-clash-with-libm.patch + +# 00450 # 31aa7c11975e890489e31d8b293c3f92d3ea1180 +# CVE-2025-0938: Disallow square brackets ([ and ]) in domain names for parsed URLs +Patch450: 00450-cve-2025-0938-disallow-square-brackets-and-in-domain-names-for-parsed-urls.patch + +# 00452 # dab1c136301f0beac6ec132a8e5b08206b698bc8 +# Properly apply exported CFLAGS for dtrace/systemtap builds +# +# When using --with-dtrace the resulting object file could be missing +# specific CFLAGS exported by the build system due to the systemtap +# script using specific defaults. +# +# Exporting the CC and CFLAGS variables before the dtrace invocation +# allows us to properly apply CFLAGS exported by the build system +# even when cross-compiling. +Patch452: 00452-properly-apply-exported-cflags-for-dtrace-systemtap-builds.patch + +# 00457 # da99203f07d380d50ec780323bbebda00f227797 +# ssl: Raise OSError for ERR_LIB_SYS +# +# The patch resolves the flakiness of test_ftplib +# +# Backported from upstream 3.10+: +# https://github.com/python/cpython/pull/127361 +Patch457: 00457-ssl-raise-oserror-for-err_lib_sys.patch + +# 00465 # 2224c823bcc1b62b85f516883151459ae51cdb7d +# tarfile cves +# +# Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 on tarfile +# +# The backported fixes do not contain changes for ntpath.py and related tests, +# because the support for symlinks and junctions were added later in Python 3.9, +# and it does not make sense to backport them to 3.6 here. +# +# The patch is contains the following changes: +# - https://github.com/python/cpython/commit/42deeab5b2efc2930d4eb73416e1dde9cf790dd2 +# fixes symlink handling for tarfile.data_filter +# - https://github.com/python/cpython/commit/9d2c2a8e3b8fe18ee1568bfa4a419847b3e78575 +# fixes handling of existing files/symlinks in tarfile +# - https://github.com/python/cpython/commit/00af9794dd118f7b835dd844b2b609a503ad951e +# adds a new "strict" argument to realpath() +# - https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1 +# fixes mulriple CVE fixes in the tarfile module +# - downstream only fixes that makes the changes work and compatible with Python 3.6 +Patch465: 00465-tarfile-cves.patch + +# 00467 # f0b2819ec35fe1f732f661aea68863a5e4dd829f +# tarfile CVE-2025-8194 +# +# tarfile now validates archives to ensure member offsets are non-negative (GH-137027) +Patch467: 00467-tarfile-cve-2025-8194.patch + # (New patches go here ^^^) # # When adding new patches to "python" and "python3" in Fedora, EL, etc., @@ -468,12 +885,16 @@ Patch358: 00358-align-allocations-and-pygc_head-to-16-bytes-on-64-bit-platforms. Provides: python%{pyshortver} = %{version}-%{release} Obsoletes: python%{pyshortver} < %{version}-%{release} -%if %{without flatpackage} - # Packages with Python modules in standard locations automatically -# depend on python(abi). Provide that here. +# depend on python(abi). Provide that here only for the main Python. +%if %{with main_python} Provides: python(abi) = %{pybasever} +%else +%global __requires_exclude ^python\\(abi\\) = 3\\..+ +%global __provides_exclude ^python\\(abi\\) = 3\\..+ +%endif +%if %{without flatpackage} Requires: %{name}-libs%{?_isa} = %{version}-%{release} # In order to support multiple Python interpreters for development purposes, @@ -488,18 +909,16 @@ Provides: python%{pyshortver} = %{version}-%{release} # replace python36-3.6.2. Obsoletes: python%{pyshortver} -# Shall be removed in Fedora 31 -# The release is bumped to 20, so we can do f27 platform-python updates -# If the release in f27 ever goes >= 20, raise it here -# If platform-python is ever reintroduced, make it higher version than this: -%global platpyver 3.6.2-20 -Obsoletes: platform-python < %{platpyver} +# https://docs.fedoraproject.org/en-US/packaging-guidelines/#_one_to_many_replacement +Obsoletes: %{name} < 3.6.15-50 +%if %{with main_python} # Previously, this was required for our rewheel patch to work. # This is technically no longer needed, but we keep it recommended # for the developer experience. Recommends: python3-setuptools Recommends: python3-pip +%endif # This prevents ALL subpackages built from this spec to require # /usr/bin/python3*. Granularity per subpackage is impossible. @@ -537,8 +956,39 @@ Summary: Python runtime libraries Requires: python-setuptools-wheel Requires: python-pip-wheel %else -Provides: bundled(python3dist(pip)) = %{pip_version} -Provides: bundled(python3dist(setuptools)) = %{setuptools_version} +# Versions of bundled libs are based on: +# https://github.com/pypa/pip/blob/18.1/src/pip/_vendor/vendor.txt and +# https://github.com/pypa/setuptools/blob/v40.6.2/pkg_resources/_vendor/vendored.txt +Provides: bundled(python3dist(pip)) = 18.1 +Provides: bundled(python3dist(appdirs)) = 1.4.3 +Provides: bundled(python3dist(distlib)) = 0.2.7 +Provides: bundled(python3dist(distro)) = 1.3 +Provides: bundled(python3dist(html5lib)) = 1.0.1 +Provides: bundled(python3dist(six)) = 1.11 +Provides: bundled(python3dist(colorama)) = 0.3.9 +Provides: bundled(python3dist(cachecontrol)) = 0.12.5 +Provides: bundled(python3dist(msgpack-python)) = 0.5.6 +Provides: bundled(python3dist(lockfile)) = 0.12.2 +Provides: bundled(python3dist(progress)) = 1.4 +Provides: bundled(python3dist(ipaddress)) = 1.0.22 +Provides: bundled(python3dist(packaging)) = 18 +Provides: bundled(python3dist(pep517)) = 0.2 +Provides: bundled(python3dist(pyparsing)) = 2.2.1 +Provides: bundled(python3dist(pytoml)) = 0.1.19 +Provides: bundled(python3dist(retrying)) = 1.3.3 +Provides: bundled(python3dist(requests)) = 2.19.1 +Provides: bundled(python3dist(chardet)) = 3.0.4 +Provides: bundled(python3dist(idna)) = 2.7 +Provides: bundled(python3dist(urllib3)) = 1.23 +Provides: bundled(python3dist(certifi)) = 2018.8.24 +Provides: bundled(python3dist(setuptools)) = 40.4.3 +Provides: bundled(python3dist(webencodings)) = 0.5.1 + +Provides: bundled(python3dist(setuptools)) = 40.6.2 +Provides: bundled(python3dist(packaging)) = 16.8 +Provides: bundled(python3dist(pyparsing)) = 2.2.1 +Provides: bundled(python3dist(six)) = 1.10 +Provides: bundled(python3dist(appdirs)) = 1.4.3 %endif # Provides for the bundled libmpdec @@ -551,9 +1001,8 @@ Provides: bundled(libmpdec) = %{libmpdec_version} # See https://bugzilla.redhat.com/show_bug.cgi?id=1547131 Recommends: %{name}%{?_isa} = %{version}-%{release} -# Shall be removed in Fedora 31 -Obsoletes: platform-python-libs < %{platpyver} -Obsoletes: platform-python-libs-devel < %{platpyver} +# https://docs.fedoraproject.org/en-US/packaging-guidelines/#_one_to_many_replacement +Obsoletes: %{name} < 3.6.15-50 %description libs This package contains runtime libraries for use by Python: @@ -567,17 +1016,21 @@ Summary: Libraries and header files needed for Python development Requires: %{name} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release} BuildRequires: python-rpm-macros -Requires: python-rpm-macros -Requires: python3-rpm-macros -Requires: python3-rpm-generators +# The RPM related dependencies bring nothing to a non-RPM Python developer +# But we want them when packages BuildRequire python3-devel +Requires: (python-rpm-macros if rpm-build) +Requires: (python3-rpm-macros if rpm-build) +Requires: (python3-rpm-generators if rpm-build) Provides: %{name}-2to3 = %{version}-%{release} +%if %{with main_python} Provides: 2to3 = %{version}-%{release} +%endif Conflicts: %{name} < %{version}-%{release} -# Shall be removed in Fedora 31 -Obsoletes: platform-python-devel < %{platpyver} +# https://docs.fedoraproject.org/en-US/packaging-guidelines/#_one_to_many_replacement +Obsoletes: %{name} < 3.6.15-50 %description devel This package contains the header files and configuration needed to compile @@ -593,14 +1046,16 @@ Summary: A basic graphical development environment for Python Requires: %{name} = %{version}-%{release} Requires: %{name}-tkinter = %{version}-%{release} +%if %{with main_python} Provides: idle3 = %{version}-%{release} +%endif Provides: %{name}-tools = %{version}-%{release} Provides: %{name}-tools%{?_isa} = %{version}-%{release} Obsoletes: %{name}-tools < %{version}-%{release} -# Shall be removed in Fedora 31 -Obsoletes: platform-python-tools < %{platpyver} +# https://docs.fedoraproject.org/en-US/packaging-guidelines/#_one_to_many_replacement +Obsoletes: %{name} < 3.6.15-50 %description idle IDLE is Python’s Integrated Development and Learning Environment. @@ -619,8 +1074,8 @@ configuration, browsers, and other dialogs. Summary: A GUI toolkit for Python Requires: %{name} = %{version}-%{release} -# Shall be removed in Fedora 31 -Obsoletes: platform-python-tkinter < %{platpyver} +# https://docs.fedoraproject.org/en-US/packaging-guidelines/#_one_to_many_replacement +Obsoletes: %{name} < 3.6.15-50 %description tkinter The Tkinter (Tk interface) library is a graphical user interface toolkit for @@ -631,8 +1086,8 @@ the Python programming language. Summary: The self-test suite for the main python3 package Requires: %{name} = %{version}-%{release} -# Shall be removed in Fedora 31 -Obsoletes: platform-python-test < %{platpyver} +# https://docs.fedoraproject.org/en-US/packaging-guidelines/#_one_to_many_replacement +Obsoletes: %{name} < 3.6.15-50 %description test The self-test suite for the Python interpreter. @@ -677,23 +1132,59 @@ so extensions for both versions can co-exist in the same directory. %else # with flatpackage -# We'll not provide this, on purpose -# No package in Fedora shall ever depend on flatpackage via this -%global __requires_exclude ^python\\(abi\\) = 3\\..$ -%global __provides_exclude ^python\\(abi\\) = 3\\..$ - %if %{with rpmwheels} Requires: python-setuptools-wheel Requires: python-pip-wheel %else +# Versions of bundled libs are based on: +# https://github.com/pypa/pip/blob/18.1/src/pip/_vendor/vendor.txt and +# https://github.com/pypa/setuptools/blob/v40.6.2/pkg_resources/_vendor/vendored.txt Provides: bundled(python3dist(pip)) = %{pip_version} +Provides: bundled(python3dist(appdirs)) = 1.4.3 +Provides: bundled(python3dist(distlib)) = 0.2.7 +Provides: bundled(python3dist(distro)) = 1.3 +Provides: bundled(python3dist(html5lib)) = 1.0.1 +Provides: bundled(python3dist(six)) = 1.11 +Provides: bundled(python3dist(colorama)) = 0.3.9 +Provides: bundled(python3dist(cachecontrol)) = 0.12.5 +Provides: bundled(python3dist(msgpack-python)) = 0.5.6 +Provides: bundled(python3dist(lockfile)) = 0.12.2 +Provides: bundled(python3dist(progress)) = 1.4 +Provides: bundled(python3dist(ipaddress)) = 1.0.22 +Provides: bundled(python3dist(packaging)) = 18 +Provides: bundled(python3dist(pep517)) = 0.2 +Provides: bundled(python3dist(pyparsing)) = 2.2.1 +Provides: bundled(python3dist(pytoml)) = 0.1.19 +Provides: bundled(python3dist(retrying)) = 1.3.3 +Provides: bundled(python3dist(requests)) = 2.19.1 +Provides: bundled(python3dist(chardet)) = 3.0.4 +Provides: bundled(python3dist(idna)) = 2.7 +Provides: bundled(python3dist(urllib3)) = 1.23 +Provides: bundled(python3dist(certifi)) = 2018.8.24 +Provides: bundled(python3dist(setuptools)) = 40.4.3 +Provides: bundled(python3dist(webencodings)) = 0.5.1 + Provides: bundled(python3dist(setuptools)) = %{setuptools_version} +Provides: bundled(python3dist(packaging)) = 16.8 +Provides: bundled(python3dist(pyparsing)) = 2.2.1 +Provides: bundled(python3dist(six)) = 1.10 +Provides: bundled(python3dist(appdirs)) = 1.4.3 %endif # Provides for the bundled libmpdec Provides: bundled(mpdecimal) = %{libmpdec_version} Provides: bundled(libmpdec) = %{libmpdec_version} +# Provides of the subpackages contained in flatpackage +Provides: %{pkgname}-libs = %{version}-%{release} +Provides: %{pkgname}-devel = %{version}-%{release} +Provides: %{pkgname}-idle = %{version}-%{release} +Provides: %{pkgname}-tkinter = %{version}-%{release} +Provides: %{pkgname}-test = %{version}-%{release} +%if %{with debug_build} +Provides: %{pkgname}-debug = %{version}-%{release} +%endif + # The description for the flat package %description Python %{pybasever} package for developers. @@ -714,26 +1205,35 @@ or older Fedora releases. %gpgverify -k2 -s1 -d0 %autosetup -S git_am -N -n Python-%{upstream_version} -# Temporary workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1954999 -%{?!apply_patch:%define apply_patch(qp:m:) {%__apply_patch %**}} - # Apply initial patches manually -%apply_patch -q %{PATCH1} +%autopatch 1 %if "%{_lib}" == "lib64" -%apply_patch -q %{PATCH102} +%autopatch 102 %endif -%apply_patch -q %{PATCH111} -%apply_patch -q %{PATCH132} -%apply_patch -q %{PATCH155} -%apply_patch -q %{PATCH160} -%apply_patch -q %{PATCH163} -%apply_patch -q %{PATCH170} +%autopatch 111 +%autopatch 132 +%autopatch 155 +%autopatch 160 +%autopatch 163 +%autopatch 170 %if %{with rpmwheels} -%apply_patch -q %{PATCH189} +%autopatch 189 rm Lib/ensurepip/_bundled/*.whl +%else +# Patch the bundled pip wheel for CVE-2007-4559 +unzip -qq Lib/ensurepip/_bundled/pip-%{pip_version}-py2.py3-none-any.whl +patch -p1 < %{SOURCE101} +zip -rq Lib/ensurepip/_bundled/pip-%{pip_version}-py2.py3-none-any.whl pip pip-%{pip_version}.dist-info +rm -rf pip/ pip-%{pip_version}.dist-info/ + +# Patch the bundled setuptools wheel for CVE-2024-6345 +unzip -qq Lib/ensurepip/_bundled/setuptools-%{setuptools_version}-py2.py3-none-any.whl +patch -p1 < %{SOURCE102} +zip -rq Lib/ensurepip/_bundled/setuptools-%{setuptools_version}-py2.py3-none-any.whl easy_install.py pkg_resources setuptools setuptools-%{setuptools_version}.dist-info +rm -rf easy_install.py pkg_resources/ setuptools/ setuptools-%{setuptools_version}.dist-info/ %endif # Apply the remaining patches @@ -794,14 +1294,15 @@ topdir=$(pwd) # Standard library built here will still use the %%build_...flags, # Fedora packages utilizing %%py3_build will use them as well # https://fedoraproject.org/wiki/Changes/Python_Extension_Flags -export CFLAGS="%{extension_cflags} -D_GNU_SOURCE -fPIC -fwrapv" +# https://fedoraproject.org/wiki/Changes/Python_Extension_Flags_Reduction +export CFLAGS="%{extension_cflags}" export CFLAGS_NODIST="%{build_cflags} -D_GNU_SOURCE -fPIC -fwrapv" -export CXXFLAGS="%{extension_cxxflags} -D_GNU_SOURCE -fPIC -fwrapv" +export CXXFLAGS="%{extension_cxxflags}" export CPPFLAGS="$(pkg-config --cflags-only-I libffi)" -export OPT="%{extension_cflags} -D_GNU_SOURCE -fPIC -fwrapv" +export OPT="%{extension_cflags}" export LINKCC="gcc" export CFLAGS="$CFLAGS $(pkg-config --cflags openssl)" -export LDFLAGS="%{extension_ldflags} -g $(pkg-config --libs-only-L openssl)" +export LDFLAGS="%{extension_ldflags} $(pkg-config --libs-only-L openssl)" export LDFLAGS_NODIST="%{build_ldflags} -g $(pkg-config --libs-only-L openssl)" # We can build several different configurations of Python: regular and debug. @@ -981,7 +1482,7 @@ install -d -m 0755 %{buildroot}%{pylibdir}/site-packages/__pycache__ install -d -m 0755 %{buildroot}%{_prefix}/lib/python%{pybasever}/site-packages/__pycache__ %endif -%if %{without flatpackage} +%if %{with main_python} # add idle3 to menu install -D -m 0644 Lib/idlelib/Icons/idle_16.png %{buildroot}%{_datadir}/icons/hicolor/16x16/apps/idle3.png install -D -m 0644 Lib/idlelib/Icons/idle_32.png %{buildroot}%{_datadir}/icons/hicolor/32x32/apps/idle3.png @@ -1049,6 +1550,13 @@ find . -name "*~" -exec rm -f {} \; # Do bytecompilation with the newly installed interpreter. # This is similar to the script in macros.pybytecompile +# Clamp the source mtime first, see https://fedoraproject.org/wiki/Changes/ReproducibleBuildsClampMtimes +# The clamp_source_mtime module is only guaranteed to exist on Fedoras that enabled this option: +%if 0%{?clamp_mtime_to_source_date_epoch} +LD_LIBRARY_PATH="%{buildroot}%{dynload_dir}/:%{buildroot}%{_libdir}" \ +PYTHONPATH="%{_rpmconfigdir}/redhat" \ +%{buildroot}%{_bindir}/python%{pybasever} -s -B -m clamp_source_mtime %{buildroot}%{pylibdir} +%endif # compile *.pyc find %{buildroot} -type f -a -name "*.py" -print0 | \ LD_LIBRARY_PATH="%{buildroot}%{dynload_dir}/:%{buildroot}%{_libdir}" \ @@ -1064,13 +1572,18 @@ find %{buildroot} -perm 555 -exec chmod 755 {} \; # Create "/usr/bin/python3-debug", a symlink to the python3 debug binary, to # avoid the user having to know the precise version and ABI flags. # See e.g. https://bugzilla.redhat.com/show_bug.cgi?id=676748 -%if %{with debug_build} && %{without flatpackage} +%if %{with debug_build} && %{with main_python} ln -s \ %{_bindir}/python%{LDVERSION_debug} \ %{buildroot}%{_bindir}/python3-debug %endif -%if %{with flatpackage} +%if %{without rpmwheels} +# Inject SBOM into the installed wheels (if the macro is available) +%{?python_wheel_inject_sbom:%python_wheel_inject_sbom %{buildroot}%{pylibdir}/ensurepip/_bundled/*.whl} +%endif + +%if %{without main_python} # Remove stuff that would conflict with python3 package rm %{buildroot}%{_bindir}/python3 rm %{buildroot}%{_bindir}/pydoc3 @@ -1187,11 +1700,15 @@ CheckPython optimized %doc README.rst %if %{without flatpackage} +%if %{with main_python} %{_bindir}/pydoc* %{_bindir}/python3 %{_bindir}/pyvenv %{_mandir}/*/* -%{_bindir}/pyvenv +%else +%{_bindir}/pydoc%{pybasever} +%{_mandir}/*/python%{pybasever}* +%endif %else %{_bindir}/pydoc%{pybasever} %{_mandir}/*/python%{pybasever}* @@ -1336,6 +1853,10 @@ CheckPython optimized %dir %{pylibdir}/site-packages/ %dir %{pylibdir}/site-packages/__pycache__/ %{pylibdir}/site-packages/README.txt + +%exclude %{pylibdir}/_sysconfigdata_%{ABIFLAGS_debug}_linux_%{platform_triplet}.py +%exclude %{pylibdir}/__pycache__/_sysconfigdata_%{ABIFLAGS_debug}_linux_%{platform_triplet}%{bytecode_suffixes} + %{pylibdir}/*.py %dir %{pylibdir}/__pycache__/ %{pylibdir}/__pycache__/*%{bytecode_suffixes} @@ -1419,27 +1940,29 @@ CheckPython optimized %{_includedir}/python%{LDVERSION_optimized}/%{_pyconfig_h} %{_libdir}/%{py_INSTSONAME_optimized} -%if %{without flatpackage} +%if %{with main_python} %{_libdir}/libpython3.so %endif %if %{without flatpackage} %files devel +%if %{with main_python} %{_bindir}/2to3 # TODO: Remove 2to3-3.7 once rebased to 3.7 %{_bindir}/2to3-%{pybasever} %endif +%endif %{pylibdir}/config-%{LDVERSION_optimized}-%{platform_triplet}/* %if %{without flatpackage} %exclude %{pylibdir}/config-%{LDVERSION_optimized}-%{platform_triplet}/Makefile %exclude %{_includedir}/python%{LDVERSION_optimized}/%{_pyconfig_h} %endif -%{pylibdir}/distutils/command/wininst-*.exe +%exclude %{pylibdir}/distutils/command/wininst-*.exe %{_includedir}/python%{LDVERSION_optimized}/*.h %doc Misc/README.valgrind Misc/valgrind-python.supp Misc/gdbinit -%if %{without flatpackage} +%if %{with main_python} %{_bindir}/python3-config %{_libdir}/pkgconfig/python3.pc %{_bindir}/pathfix.py @@ -1467,7 +1990,7 @@ CheckPython optimized %{pylibdir}/idlelib -%if %{without flatpackage} +%if %{with main_python} %{_metainfodir}/idle3.appdata.xml %{_datadir}/applications/idle3.desktop %{_datadir}/icons/hicolor/*/apps/idle3.* @@ -1515,8 +2038,10 @@ CheckPython optimized %if %{with debug_build} %if %{without flatpackage} %files debug +%if %{with main_python} %{_bindir}/python3-debug %endif +%endif # Analog of the core subpackage's files: %{_bindir}/python%{LDVERSION_debug} @@ -1589,6 +2114,9 @@ CheckPython optimized %{dynload_dir}/unicodedata.%{SOABI_debug}.so %{dynload_dir}/zlib.%{SOABI_debug}.so +%{pylibdir}/_sysconfigdata_%{ABIFLAGS_debug}_linux_%{platform_triplet}.py +%{pylibdir}/__pycache__/_sysconfigdata_%{ABIFLAGS_debug}_linux_%{platform_triplet}%{bytecode_suffixes} + # No need to split things out the "Makefile" and the config-32/64.h file as we # do for the regular build above (bug 531901), since they're all in one package # now; they're listed below, under "-devel": @@ -1640,6 +2168,169 @@ CheckPython optimized # ====================================================== %changelog +* Thu Nov 06 2025 Miro Hrončok - 3.6.15-50 +- On Fedora 44+, split this package into multiple subpackages +- This mimics newer Python versions + +* Mon Aug 11 2025 Lumír Balhar - 3.6.15-49 +- Security fix for CVE-2025-8194 + +* Fri Jul 25 2025 Fedora Release Engineering - 3.6.15-48 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Thu Jun 26 2025 Lumír Balhar - 3.6.15-47 +- Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 + +* Wed Apr 23 2025 Miro Hrončok - 3.6.15-46 +- Add RPM Provides for python3.6-libs, python3.6-devel, python3.6-idle, python3.6-tkinter, python3.6-test + +* Wed Apr 16 2025 Charalampos Stratakis - 3.6.15-45 +- Fix the flakiness of test_ftplib + +* Tue Apr 01 2025 Charalampos Stratakis - 3.6.15-44 +- Properly apply exported CFLAGS for dtrace/systemtap builds +- Fixes: rhbz#2356306 + +* Fri Feb 14 2025 Charalampos Stratakis - 3.6.15-43 +- Security fix CVE-2025-0938 +- Fixes: rhbz#2343277 + +* Sat Feb 01 2025 Björn Esser - 3.6.15-42 +- Add explicit BR: libxcrypt-devel + +* Sat Jan 18 2025 Fedora Release Engineering - 3.6.15-41 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Wed Dec 18 2024 Victor Stinner - 3.6.15-40 +- Fix compatibility with glibc 2.41 (resolve sinpi name clash). + +* Thu Nov 14 2024 Lumír Balhar - 3.6.15-39 +- Security fix for CVE-2024-11168 + +* Mon Nov 04 2024 Lumír Balhar - 3.6.15-38 +- Security fix for CVE-2024-9287 (rhbz#2321659) + +* Thu Sep 05 2024 Lumír Balhar - 3.6.15-37 +- Security fix for CVE-2024-6232 (rhbz#2310092) + +* Wed Sep 04 2024 Miroslav Suchý - 3.6.15-36 +- convert license to SPDX + +* Fri Aug 16 2024 Tomáš Hrnčiar - 3.6.15-35 +- Security fix for CVE-2024-6923 (rhbz#2303161) + +* Thu Aug 01 2024 Miro Hrončok - 3.6.15-34 +- Security fix for CVE-2024-6345 (in bundled setuptools wheel) + +* Tue Jul 23 2024 Lumír Balhar - 3.6.15-33 +- Require systemtap-sdt-devel for sys/sdt.h + +* Fri Jul 19 2024 Fedora Release Engineering - 3.6.15-32 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Tue Jul 02 2024 Lumír Balhar - 3.6.15-31 +- Security fix for CVE-2024-4032 (rhbz#2293394) + +* Wed Apr 24 2024 Lumír Balhar - 3.6.15-30 +- Security fix for CVE-2024-0450 and CVE-2023-6597 + +* Mon Mar 11 2024 Charalampos Stratakis - 3.6.15-29 +- Support OpenSSL 3 +- Fixes: rhbz#2254550 + +* Thu Mar 07 2024 Miro Hrončok - 3.6.15-28 +- Fix build on riscv64 + +* Thu Feb 29 2024 Charalampos Stratakis - 3.6.15-27 +- Security fix for CVE-2007-4559 +- Fixes: rhbz#2141080 + +* Wed Feb 28 2024 Charalampos Stratakis - 3.6.15-26 +- Fix tests for XMLPullParser with Expat 2.6.0 + +* Mon Jan 29 2024 Karolina Surma - 3.6.15-25 +- Fix test_zlib when building with zlib-ng-compat + +* Fri Jan 26 2024 Fedora Release Engineering - 3.6.15-24 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 3.6.15-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Dec 18 2023 Lumír Balhar - 3.6.15-22 +- Security fix for CVE-2023-27043 (rhbz#2196191) + +* Tue Nov 28 2023 Miro Hrončok - 3.6.15-21 +- Fix implicit-function-declarations in configure +- Fixes: rhbz#2147519 + +* Wed Aug 02 2023 Charalampos Stratakis - 3.6.15-20 +- Remove extra distro-applied CFLAGS passed to user built C extensions +- https://fedoraproject.org/wiki/Changes/Python_Extension_Flags_Reduction + +* Fri Jul 21 2023 Fedora Release Engineering - 3.6.15-19 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri May 26 2023 Charalampos Stratakis - 3.6.15-18 +- Security fix for CVE-2023-24329 +- Resolves: rhbz#2174013 + +* Fri Jan 20 2023 Fedora Release Engineering - 3.6.15-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Jan 03 2023 Miro Hrončok - 3.6.15-16 +- Ensure the source mtime is clamped to $SOURCE_DATE_EPOCH before bytecompilation + +* Mon Dec 19 2022 Charalampos Stratakis - 3.6.15-15 +- Security fix for CVE-2022-45061: CPU denial of service via inefficient IDNA decoder + Related: rhbz#2144072 + +* Thu Nov 10 2022 Miro Hrončok - 3.6.15-14 +- CVE-2022-37454: Fix buffer overflows in _sha3 module + Related: rhbz#2140200 + +* Wed Oct 05 2022 Victor Stinner - 3.6.15-13 +- Prevent denial of service (DoS) by very large integers. + Resolves: rhbz#1834423 + +* Wed Sep 14 2022 Lumír Balhar - 3.6.15-12 +- Fix for CVE-2021-28861 +Resolves: rhbz#2120785 + +* Fri Jul 22 2022 Fedora Release Engineering - 3.6.15-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Jul 20 2022 Charalampos Stratakis - 3.6.15-10 +- Fix test_tarfile on ppc64le +Resolves: rhbz#2109120 + +* Fri Jun 10 2022 Charalampos Stratakis - 3.6.15-9 +- Security fix for CVE-2015-20107 +Resolves: rhbz#2075390 + +* Thu Mar 03 2022 Charalampos Stratakis - 3.6.15-8 +- Fix the test suite support for Expat >= 2.4.5 +Resolves: rhbz#2056970 + +* Wed Feb 16 2022 Lumír Balhar - 3.6.15-7 +- Switch from system wheels to bundled ones + +* Tue Jan 25 2022 Karolina Surma - 3.6.15-6 +- Fix test to enable build with i686 +Resolves: rhbz#2038843 + +* Fri Jan 21 2022 Fedora Release Engineering - 3.6.15-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Sat Jan 08 2022 Miro Hrončok - 3.6.15-4 +- Rebuilt for https://fedoraproject.org/wiki/Changes/LIBFFI34 + +* Fri Nov 12 2021 Björn Esser - 3.6.15-3 +- Rebuild(libnsl2) + +* Mon Sep 20 2021 Miro Hrončok - 3.6.15-2 +- Explicitly buildrequire OpenSSL 1.1, as Python 3.6 is not compatible with OpenSSL 3.0 + * Sun Sep 05 2021 Miro Hrončok - 3.6.15-1 - Update to 3.6.15 diff --git a/setuptools-CVE-2024-6345.patch b/setuptools-CVE-2024-6345.patch new file mode 100644 index 0000000..54a856e --- /dev/null +++ b/setuptools-CVE-2024-6345.patch @@ -0,0 +1,83 @@ +From 8af1b3e03edc8a38565558aff3bf1689c1ca3545 Mon Sep 17 00:00:00 2001 +From: Lumir Balhar +Date: Fri, 26 Jul 2024 13:49:11 +0200 +Subject: [PATCH] CVE-2024-6345 + +--- + setuptools/package_index.py | 23 +++++++++-------------- + 1 file changed, 9 insertions(+), 14 deletions(-) + +diff --git a/setuptools/package_index.py b/setuptools/package_index.py +index bdcf4a6..1d3e5b4 100755 +--- a/setuptools/package_index.py ++++ b/setuptools/package_index.py +@@ -1,4 +1,5 @@ + """PyPI and direct package downloading""" ++import subprocess + import sys + import os + import re +@@ -848,7 +849,7 @@ class PackageIndex(Environment): + + def _download_svn(self, url, filename): + url = url.split('#', 1)[0] # remove any fragment for svn's sake +- creds = '' ++ creds = [] + if url.lower().startswith('svn:') and '@' in url: + scheme, netloc, path, p, q, f = urllib.parse.urlparse(url) + if not netloc and path.startswith('//') and '/' in path[2:]: +@@ -857,14 +858,14 @@ class PackageIndex(Environment): + if auth: + if ':' in auth: + user, pw = auth.split(':', 1) +- creds = " --username=%s --password=%s" % (user, pw) ++ creds = ["--username=" + user, "--password=" + pw] + else: +- creds = " --username=" + auth ++ creds = ["--username=" + auth] + netloc = host + parts = scheme, netloc, url, p, q, f + url = urllib.parse.urlunparse(parts) + self.info("Doing subversion checkout from %s to %s", url, filename) +- os.system("svn checkout%s -q %s %s" % (creds, url, filename)) ++ subprocess.check_call(["svn", "checkout"] + creds + ["-q", url, filename]) + return filename + + @staticmethod +@@ -890,14 +891,11 @@ class PackageIndex(Environment): + url, rev = self._vcs_split_rev_from_url(url, pop_prefix=True) + + self.info("Doing git clone from %s to %s", url, filename) +- os.system("git clone --quiet %s %s" % (url, filename)) ++ subprocess.check_call(["git", "clone", "--quiet", url, filename]) + + if rev is not None: + self.info("Checking out %s", rev) +- os.system("(cd %s && git checkout --quiet %s)" % ( +- filename, +- rev, +- )) ++ subprocess.check_call(["git", "-C", filename, "checkout", "--quiet", rev]) + + return filename + +@@ -906,14 +904,11 @@ class PackageIndex(Environment): + url, rev = self._vcs_split_rev_from_url(url, pop_prefix=True) + + self.info("Doing hg clone from %s to %s", url, filename) +- os.system("hg clone --quiet %s %s" % (url, filename)) ++ subprocess.check_call(["hg", "clone", "--quiet", url, filename]) + + if rev is not None: + self.info("Updating to %s", rev) +- os.system("(cd %s && hg up -C -r %s -q)" % ( +- filename, +- rev, +- )) ++ subprocess.check_call(["hg", "--cwd", filename, "up", "-C", "-r", rev, "-q"]) + + return filename + +-- +2.45.2 + diff --git a/tests/tests.yml b/tests/tests.yml deleted file mode 100644 index 4fcdd28..0000000 --- a/tests/tests.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- hosts: localhost - roles: - - role: standard-test-basic - tags: - - classic - repositories: - - repo: "https://src.fedoraproject.org/tests/python.git" - dest: "python" - tests: - - smoke: - dir: python/smoke - run: VERSION=3.6 ./venv.sh - - marshalparser: - dir: python/marshalparser - run: VERSION=3.6 SAMPLE=10 test_marshalparser_compatibility.sh - required_packages: - - gcc - - python3-tox - - python3.6 - - glibc-all-langpacks # for locale tests - - marshalparser # for testing compatibility (magic numbers) with marshalparser