From 2bfab230a2c032c2ae14757bcc0cf5ed75160af5 Mon Sep 17 00:00:00 2001
From: Kai Engert <kaie@kuix.de>
Date: Sun, 7 Feb 2010 13:06:53 +0100
Subject: [PATCH] Bug 540332, Update PSM to include the latest NSS error codes,
 r=rrelyea

---
 .../en-US/chrome/pipnss/nsserrors.properties  | 19 +++++++++++++++++++
 security/manager/ssl/src/nsNSSErrors.cpp      | 19 +++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties b/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
index 20c0c1cb85b7..e103cc45c1c5 100644
--- a/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
+++ b/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
@@ -104,6 +104,11 @@ SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT=SSL peer could not obtain your certific
 SSL_ERROR_UNRECOGNIZED_NAME_ALERT=SSL peer has no certificate for the requested DNS name.
 SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT=SSL peer was unable to get an OCSP response for its certificate.
 SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT=SSL peer reported bad certificate hash value.
+SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET=SSL received an unexpected New Session Ticket handshake message.                             
+SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET=SSL received a malformed New Session Ticket handshake message.                                
+SSL_ERROR_DECOMPRESSION_FAILURE=SSL received a compressed record that could not be decompressed.                                        
+SSL_ERROR_RENEGOTIATION_NOT_ALLOWED=Renegotiation is not allowed on this SSL socket.                                                    
+SSL_ERROR_UNSAFE_NEGOTIATION=Peer attempted old style (potentially vulnerable) handshake.
 SEC_ERROR_IO=An I/O error occurred during security authorization.
 SEC_ERROR_LIBRARY_FAILURE=security library failure.
 SEC_ERROR_BAD_DATA=security library: received bad data.
@@ -262,3 +267,17 @@ SEC_ERROR_NOT_INITIALIZED=NSS is not initialized.
 SEC_ERROR_TOKEN_NOT_LOGGED_IN=The operation failed because the PKCS#11 token is not logged in.
 SEC_ERROR_OCSP_RESPONDER_CERT_INVALID=Configured OCSP responder's certificate is invalid.
 SEC_ERROR_OCSP_BAD_SIGNATURE=OCSP response has an invalid signature.
+SEC_ERROR_OUT_OF_SEARCH_LIMITS=Cert validation search is out of search limits
+SEC_ERROR_INVALID_POLICY_MAPPING=Policy mapping contains anypolicy
+SEC_ERROR_POLICY_VALIDATION_FAILED=Cert chain fails policy validation
+SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE=Unknown location type in cert AIA extension
+SEC_ERROR_BAD_HTTP_RESPONSE=Server returned bad HTTP response
+SEC_ERROR_BAD_LDAP_RESPONSE=Server returned bad LDAP response
+SEC_ERROR_FAILED_TO_ENCODE_DATA=Failed to encode data with ASN1 encoder
+SEC_ERROR_BAD_INFO_ACCESS_LOCATION=Bad information access location in cert extension
+SEC_ERROR_LIBPKIX_INTERNAL=Libpkix internal error occured during cert validation.
+SEC_ERROR_PKCS11_GENERAL_ERROR=A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred.
+SEC_ERROR_PKCS11_FUNCTION_FAILED=A PKCS #11 module returned CKR_FUNCTION_FAILED, indicating that the requested function could not be performed.  Trying the same operation again might succeed.
+SEC_ERROR_PKCS11_DEVICE_ERROR=A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot.
+SEC_ERROR_BAD_INFO_ACCESS_METHOD=Unknown information access method in certificate extension.
+SEC_ERROR_CRL_IMPORT_FAILED=Error attempting to import a CRL.
diff --git a/security/manager/ssl/src/nsNSSErrors.cpp b/security/manager/ssl/src/nsNSSErrors.cpp
index 50d90e2cf071..4ca4fed5c7f0 100644
--- a/security/manager/ssl/src/nsNSSErrors.cpp
+++ b/security/manager/ssl/src/nsNSSErrors.cpp
@@ -154,6 +154,11 @@ nsNSSErrors::getDefaultErrorStringName(PRInt32 err)
     case SSL_ERROR_UNRECOGNIZED_NAME_ALERT: id_str = "SSL_ERROR_UNRECOGNIZED_NAME_ALERT"; break;
     case SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT: id_str = "SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT"; break;
     case SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT: id_str = "SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT"; break;
+    case SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET: id_str = "SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET"; break;
+    case SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET: id_str = "SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET"; break;  
+    case SSL_ERROR_DECOMPRESSION_FAILURE: id_str = "SSL_ERROR_DECOMPRESSION_FAILURE"; break;                      
+    case SSL_ERROR_RENEGOTIATION_NOT_ALLOWED: id_str = "SSL_ERROR_RENEGOTIATION_NOT_ALLOWED"; break;              
+    case SSL_ERROR_UNSAFE_NEGOTIATION: id_str = "SSL_ERROR_UNSAFE_NEGOTIATION"; break;
     case SEC_ERROR_IO: id_str = "SEC_ERROR_IO"; break;
     case SEC_ERROR_LIBRARY_FAILURE: id_str = "SEC_ERROR_LIBRARY_FAILURE"; break;
     case SEC_ERROR_BAD_DATA: id_str = "SEC_ERROR_BAD_DATA"; break;
@@ -312,6 +317,20 @@ nsNSSErrors::getDefaultErrorStringName(PRInt32 err)
     case SEC_ERROR_TOKEN_NOT_LOGGED_IN: id_str = "SEC_ERROR_TOKEN_NOT_LOGGED_IN"; break;
     case SEC_ERROR_OCSP_RESPONDER_CERT_INVALID: id_str = "SEC_ERROR_OCSP_RESPONDER_CERT_INVALID"; break;
     case SEC_ERROR_OCSP_BAD_SIGNATURE: id_str = "SEC_ERROR_OCSP_BAD_SIGNATURE"; break;
+    case SEC_ERROR_OUT_OF_SEARCH_LIMITS: id_str = "SEC_ERROR_OUT_OF_SEARCH_LIMITS"; break;
+    case SEC_ERROR_INVALID_POLICY_MAPPING: id_str = "SEC_ERROR_INVALID_POLICY_MAPPING"; break;
+    case SEC_ERROR_POLICY_VALIDATION_FAILED: id_str = "SEC_ERROR_POLICY_VALIDATION_FAILED"; break;
+    case SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE: id_str = "SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE"; break;
+    case SEC_ERROR_BAD_HTTP_RESPONSE: id_str = "SEC_ERROR_BAD_HTTP_RESPONSE"; break;
+    case SEC_ERROR_BAD_LDAP_RESPONSE: id_str = "SEC_ERROR_BAD_LDAP_RESPONSE"; break;
+    case SEC_ERROR_FAILED_TO_ENCODE_DATA: id_str = "SEC_ERROR_FAILED_TO_ENCODE_DATA"; break;
+    case SEC_ERROR_BAD_INFO_ACCESS_LOCATION: id_str = "SEC_ERROR_BAD_INFO_ACCESS_LOCATION"; break;
+    case SEC_ERROR_LIBPKIX_INTERNAL: id_str = "SEC_ERROR_LIBPKIX_INTERNAL"; break;
+    case SEC_ERROR_PKCS11_GENERAL_ERROR: id_str = "SEC_ERROR_PKCS11_GENERAL_ERROR"; break;
+    case SEC_ERROR_PKCS11_FUNCTION_FAILED: id_str = "SEC_ERROR_PKCS11_FUNCTION_FAILED"; break;
+    case SEC_ERROR_PKCS11_DEVICE_ERROR: id_str = "SEC_ERROR_PKCS11_DEVICE_ERROR"; break;
+    case SEC_ERROR_BAD_INFO_ACCESS_METHOD: id_str = "SEC_ERROR_BAD_INFO_ACCESS_METHOD"; break;
+    case SEC_ERROR_CRL_IMPORT_FAILED: id_str = "SEC_ERROR_CRL_IMPORT_FAILED"; break;
   }
 
   return id_str;