1 | /* error.c --- Error handling functionality. |
2 | * Copyright (C) 2002-2012 Simon Josefsson |
3 | * |
4 | * This file is part of GNU SASL Library. |
5 | * |
6 | * GNU SASL Library is free software; you can redistribute it and/or |
7 | * modify it under the terms of the GNU Lesser General Public License |
8 | * as published by the Free Software Foundation; either version 2.1 of |
9 | * the License, or (at your option) any later version. |
10 | * |
11 | * GNU SASL Library is distributed in the hope that it will be useful, |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
14 | * Lesser General Public License for more details. |
15 | * |
16 | * You should have received a copy of the GNU Lesser General Public |
17 | * License License along with GNU SASL Library; if not, write to the |
18 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, |
19 | * Boston, MA 02110-1301, USA. |
20 | * |
21 | */ |
22 | |
23 | #include "internal.h" |
24 | |
25 | /* I18n of error codes. */ |
26 | #include "gettext.h" |
27 | #define _(String) dgettext (PACKAGE, String) |
28 | #define gettext_noop(String) String |
29 | #define N_(String) gettext_noop (String) |
30 | |
31 | #define ERR(name, desc) { name, #name, desc } |
32 | |
33 | #ifdef GSASL_NO_OBSOLETE |
34 | #define OBS(i, name, desc) { i, NULL, NULL } |
35 | #else |
36 | #define OBS(i, name, desc) { name, #name, desc } |
37 | #endif |
38 | |
39 | /* *INDENT-OFF* */ |
40 | static struct |
41 | { |
42 | int rc; |
43 | const char *name; |
44 | const char *description; |
45 | } errors[] = { |
46 | ERR (GSASL_OK, N_("Libgsasl success" )), |
47 | ERR (GSASL_NEEDS_MORE, N_("SASL mechanism needs more data" )), |
48 | ERR (GSASL_UNKNOWN_MECHANISM, N_("Unknown SASL mechanism" )), |
49 | ERR (GSASL_MECHANISM_CALLED_TOO_MANY_TIMES, |
50 | N_("SASL mechanism called too many times" )), |
51 | OBS (4, GSASL_TOO_SMALL_BUFFER, |
52 | N_("SASL function needs larger buffer (internal error)" )), |
53 | OBS (5, GSASL_FOPEN_ERROR, N_("Could not open file in SASL library" )), |
54 | OBS (6, GSASL_FCLOSE_ERROR, N_("Could not close file in SASL library" )), |
55 | ERR (GSASL_MALLOC_ERROR, N_("Memory allocation error in SASL library" )), |
56 | ERR (GSASL_BASE64_ERROR, N_("Base 64 coding error in SASL library" )), |
57 | ERR (GSASL_CRYPTO_ERROR, N_("Low-level crypto error in SASL library" )), |
58 | { 10, NULL, NULL }, |
59 | OBS (11, GSASL_NEED_CLIENT_ANONYMOUS_CALLBACK, |
60 | N_("SASL mechanism needs gsasl_client_callback_anonymous() callback" |
61 | " (application error)" )), |
62 | OBS (12, GSASL_NEED_CLIENT_PASSWORD_CALLBACK, |
63 | N_("SASL mechanism needs gsasl_client_callback_password() callback" |
64 | " (application error)" )), |
65 | OBS (13, GSASL_NEED_CLIENT_PASSCODE_CALLBACK, |
66 | N_("SASL mechanism needs gsasl_client_callback_passcode() callback" |
67 | " (application error)" )), |
68 | OBS (14, GSASL_NEED_CLIENT_PIN_CALLBACK, |
69 | N_("SASL mechanism needs gsasl_client_callback_pin() callback" |
70 | " (application error)" )), |
71 | OBS (15, GSASL_NEED_CLIENT_AUTHORIZATION_ID_CALLBACK, |
72 | N_("SASL mechanism needs gsasl_client_callback_authorization_id() " |
73 | "callback (application error)" )), |
74 | OBS (16, GSASL_NEED_CLIENT_AUTHENTICATION_ID_CALLBACK, |
75 | N_("SASL mechanism needs gsasl_client_callback_authentication_id() " |
76 | "callback (application error)" )), |
77 | OBS (17, GSASL_NEED_CLIENT_SERVICE_CALLBACK, |
78 | N_("SASL mechanism needs gsasl_client_callback_service() callback " |
79 | "(application error)" )), |
80 | OBS (18, GSASL_NEED_SERVER_VALIDATE_CALLBACK, |
81 | N_("SASL mechanism needs gsasl_server_callback_validate() callback " |
82 | "(application error)" )), |
83 | OBS (19, GSASL_NEED_SERVER_CRAM_MD5_CALLBACK, |
84 | N_("SASL mechanism needs gsasl_server_callback_cram_md5() callback " |
85 | "(application error)" )), |
86 | OBS (20, GSASL_NEED_SERVER_DIGEST_MD5_CALLBACK, |
87 | N_("SASL mechanism needs gsasl_server_callback_digest_md5() callback " |
88 | "(application error)" )), |
89 | OBS (21, GSASL_NEED_SERVER_EXTERNAL_CALLBACK, |
90 | N_("SASL mechanism needs gsasl_server_callback_external() callback " |
91 | "(application error)" )), |
92 | OBS (22, GSASL_NEED_SERVER_ANONYMOUS_CALLBACK, |
93 | N_("SASL mechanism needs gsasl_server_callback_anonymous() callback " |
94 | "(application error)" )), |
95 | OBS (23, GSASL_NEED_SERVER_REALM_CALLBACK, |
96 | N_("SASL mechanism needs gsasl_server_callback_realm() callback " |
97 | "(application error)" )), |
98 | OBS (24, GSASL_NEED_SERVER_SECURID_CALLBACK, |
99 | N_("SASL mechanism needs gsasl_server_callback_securid() callback " |
100 | "(application error)" )), |
101 | OBS (25, GSASL_NEED_SERVER_SERVICE_CALLBACK, |
102 | N_("SASL mechanism needs gsasl_server_callback_service() callback " |
103 | "(application error)" )), |
104 | OBS (26, GSASL_NEED_SERVER_GSSAPI_CALLBACK, |
105 | N_("SASL mechanism needs gsasl_server_callback_gssapi() callback " |
106 | "(application error)" )), |
107 | OBS (27, GSASL_NEED_SERVER_RETRIEVE_CALLBACK, |
108 | N_("SASL mechanism needs gsasl_server_callback_retrieve() callback " |
109 | "(application error)" )), |
110 | OBS (28, GSASL_UNICODE_NORMALIZATION_ERROR, |
111 | N_("Failed to perform Unicode Normalization on string." )), |
112 | ERR (GSASL_SASLPREP_ERROR, |
113 | N_("Could not prepare internationalized (non-ASCII) string." )), |
114 | ERR (GSASL_MECHANISM_PARSE_ERROR, |
115 | N_("SASL mechanism could not parse input" )), |
116 | ERR (GSASL_AUTHENTICATION_ERROR, N_("Error authenticating user" )), |
117 | OBS (32, GSASL_CANNOT_GET_CTX, |
118 | N_("Cannot get internal library handle (library error)" )), |
119 | ERR (GSASL_INTEGRITY_ERROR, N_("Integrity error in application payload" )), |
120 | OBS (34, GSASL_NO_MORE_REALMS, N_("No more realms available (non-fatal)" )), |
121 | ERR (GSASL_NO_CLIENT_CODE, |
122 | N_("Client-side functionality not available in library " |
123 | "(application error)" )), |
124 | ERR (GSASL_NO_SERVER_CODE, |
125 | N_("Server-side functionality not available in library " |
126 | "(application error)" )), |
127 | ERR (GSASL_GSSAPI_RELEASE_BUFFER_ERROR, |
128 | N_("GSSAPI library could not deallocate memory in " |
129 | "gss_release_buffer() in SASL library. This is a serious " |
130 | "internal error." )), |
131 | ERR (GSASL_GSSAPI_IMPORT_NAME_ERROR, |
132 | N_("GSSAPI library could not understand a peer name in " |
133 | "gss_import_name() in SASL library. This is most likely due " |
134 | "to incorrect service and/or hostnames." )), |
135 | ERR (GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR, |
136 | N_("GSSAPI error in client while negotiating security context in " |
137 | "gss_init_sec_context() in SASL library. This is most likely " |
138 | "due insufficient credentials or malicious interactions." )), |
139 | ERR (GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR, |
140 | N_("GSSAPI error in server while negotiating security context in " |
141 | "gss_accept_sec_context() in SASL library. This is most likely due " |
142 | "insufficient credentials or malicious interactions." )), |
143 | ERR (GSASL_GSSAPI_UNWRAP_ERROR, |
144 | N_("GSSAPI error while decrypting or decoding data in gss_unwrap() in " |
145 | "SASL library. This is most likely due to data corruption." )), |
146 | ERR (GSASL_GSSAPI_WRAP_ERROR, |
147 | N_("GSSAPI error while encrypting or encoding data in gss_wrap() in " |
148 | "SASL library." )), |
149 | ERR (GSASL_GSSAPI_ACQUIRE_CRED_ERROR, |
150 | N_("GSSAPI error acquiring credentials in gss_acquire_cred() in " |
151 | "SASL library. This is most likely due to not having the proper " |
152 | "Kerberos key available in /etc/krb5.keytab on the server." )), |
153 | ERR (GSASL_GSSAPI_DISPLAY_NAME_ERROR, |
154 | N_("GSSAPI error creating a display name denoting the client in " |
155 | "gss_display_name() in SASL library. This is probably because " |
156 | "the client supplied bad data." )), |
157 | ERR (GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR, |
158 | N_("Other entity requested integrity or confidentiality protection " |
159 | "in GSSAPI mechanism but this is currently not implemented." )), |
160 | ERR (GSASL_KERBEROS_V5_INIT_ERROR, |
161 | N_("Kerberos V5 initialization failure." )), |
162 | ERR (GSASL_KERBEROS_V5_INTERNAL_ERROR, |
163 | N_("Kerberos V5 internal error." )), |
164 | ERR (GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE, |
165 | N_("SecurID needs additional passcode." )), |
166 | ERR (GSASL_SECURID_SERVER_NEED_NEW_PIN, |
167 | N_("SecurID needs new pin." )), |
168 | OBS (50, GSASL_INVALID_HANDLE, |
169 | N_("The provided library handle was invalid (application error)" )), |
170 | ERR (GSASL_NO_CALLBACK, |
171 | N_("No callback specified by caller (application error)." )), |
172 | ERR (GSASL_NO_ANONYMOUS_TOKEN, |
173 | N_("Authentication failed because the anonymous token was " |
174 | "not provided." )), |
175 | ERR (GSASL_NO_AUTHID, |
176 | N_("Authentication failed because the authentication identity was " |
177 | "not provided." )), |
178 | ERR (GSASL_NO_AUTHZID, |
179 | N_("Authentication failed because the authorization identity was " |
180 | "not provided." )), |
181 | ERR (GSASL_NO_PASSWORD, |
182 | N_("Authentication failed because the password was not provided." )), |
183 | ERR (GSASL_NO_PASSCODE, |
184 | N_("Authentication failed because the passcode was not provided." )), |
185 | ERR (GSASL_NO_PIN, |
186 | N_("Authentication failed because the pin code was not provided." )), |
187 | ERR (GSASL_NO_SERVICE, |
188 | N_("Authentication failed because the service name was not provided." )), |
189 | ERR (GSASL_NO_HOSTNAME, |
190 | N_("Authentication failed because the host name was not provided." )), |
191 | ERR (GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR, |
192 | N_("GSSAPI error encapsulating token." )), |
193 | ERR (GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR, |
194 | N_("GSSAPI error decapsulating token." )), |
195 | ERR (GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR, |
196 | N_("GSSAPI error getting OID for SASL mechanism name." )), |
197 | ERR (GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR, |
198 | N_("GSSAPI error testing for OID in OID set." )), |
199 | ERR (GSASL_GSSAPI_RELEASE_OID_SET_ERROR, |
200 | N_("GSSAPI error releasing OID set." )), |
201 | ERR (GSASL_NO_CB_TLS_UNIQUE, |
202 | N_("Authentication failed because a tls-unique CB was not provided." )), |
203 | ERR (GSASL_NO_SAML20_IDP_IDENTIFIER, |
204 | N_("Callback failed to provide SAML20 IdP identifier." )), |
205 | ERR (GSASL_NO_SAML20_REDIRECT_URL, |
206 | N_("Callback failed to provide SAML20 redirect URL." )), |
207 | ERR (GSASL_NO_OPENID20_REDIRECT_URL, |
208 | N_("Callback failed to provide OPENID20 redirect URL." )) |
209 | }; |
210 | /* *INDENT-ON* */ |
211 | |
212 | /** |
213 | * gsasl_strerror: |
214 | * @err: libgsasl error code |
215 | * |
216 | * Convert return code to human readable string explanation of the |
217 | * reason for the particular error code. |
218 | * |
219 | * This string can be used to output a diagnostic message to the user. |
220 | * |
221 | * This function is one of few in the library that can be used without |
222 | * a successful call to gsasl_init(). |
223 | * |
224 | * Return value: Returns a pointer to a statically allocated string |
225 | * containing an explanation of the error code @err. |
226 | **/ |
227 | const char * |
228 | gsasl_strerror (int err) |
229 | { |
230 | static const char *unknown = N_("Libgsasl unknown error" ); |
231 | const char *p; |
232 | |
233 | bindtextdomain (PACKAGE, "." ); |
234 | |
235 | if (err < 0 || err >= (sizeof (errors) / sizeof (errors[0]))) |
236 | return _(unknown); |
237 | |
238 | p = errors[err].description; |
239 | if (!p) |
240 | p = unknown; |
241 | |
242 | return _(p); |
243 | } |
244 | |
245 | |
246 | /** |
247 | * gsasl_strerror_name: |
248 | * @err: libgsasl error code |
249 | * |
250 | * Convert return code to human readable string representing the error |
251 | * code symbol itself. For example, gsasl_strerror_name(%GSASL_OK) |
252 | * returns the string "GSASL_OK". |
253 | * |
254 | * This string can be used to output a diagnostic message to the user. |
255 | * |
256 | * This function is one of few in the library that can be used without |
257 | * a successful call to gsasl_init(). |
258 | * |
259 | * Return value: Returns a pointer to a statically allocated string |
260 | * containing a string version of the error code @err, or NULL if |
261 | * the error code is not known. |
262 | * |
263 | * Since: 0.2.29 |
264 | **/ |
265 | const char * |
266 | gsasl_strerror_name (int err) |
267 | { |
268 | if (err < 0 || err >= (sizeof (errors) / sizeof (errors[0]))) |
269 | return NULL; |
270 | |
271 | return errors[err].name; |
272 | } |
273 | |