1/* error.c --- Error handling functionality.
2 * Copyright (C) 2002-2012 Simon Josefsson
3 *
4 * This file is part of GNU SASL Library.
5 *
6 * GNU SASL Library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public License
8 * as published by the Free Software Foundation; either version 2.1 of
9 * the License, or (at your option) any later version.
10 *
11 * GNU SASL Library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License License along with GNU SASL Library; if not, write to the
18 * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
19 * Boston, MA 02110-1301, USA.
20 *
21 */
22
23#include "internal.h"
24
25/* I18n of error codes. */
26#include "gettext.h"
27#define _(String) dgettext (PACKAGE, String)
28#define gettext_noop(String) String
29#define N_(String) gettext_noop (String)
30
31#define ERR(name, desc) { name, #name, desc }
32
33#ifdef GSASL_NO_OBSOLETE
34#define OBS(i, name, desc) { i, NULL, NULL }
35#else
36#define OBS(i, name, desc) { name, #name, desc }
37#endif
38
39/* *INDENT-OFF* */
40static struct
41{
42 int rc;
43 const char *name;
44 const char *description;
45} errors[] = {
46 ERR (GSASL_OK, N_("Libgsasl success")),
47 ERR (GSASL_NEEDS_MORE, N_("SASL mechanism needs more data")),
48 ERR (GSASL_UNKNOWN_MECHANISM, N_("Unknown SASL mechanism")),
49 ERR (GSASL_MECHANISM_CALLED_TOO_MANY_TIMES,
50 N_("SASL mechanism called too many times")),
51 OBS (4, GSASL_TOO_SMALL_BUFFER,
52 N_("SASL function needs larger buffer (internal error)")),
53 OBS (5, GSASL_FOPEN_ERROR, N_("Could not open file in SASL library")),
54 OBS (6, GSASL_FCLOSE_ERROR, N_("Could not close file in SASL library")),
55 ERR (GSASL_MALLOC_ERROR, N_("Memory allocation error in SASL library")),
56 ERR (GSASL_BASE64_ERROR, N_("Base 64 coding error in SASL library")),
57 ERR (GSASL_CRYPTO_ERROR, N_("Low-level crypto error in SASL library")),
58 { 10, NULL, NULL },
59 OBS (11, GSASL_NEED_CLIENT_ANONYMOUS_CALLBACK,
60 N_("SASL mechanism needs gsasl_client_callback_anonymous() callback"
61 " (application error)")),
62 OBS (12, GSASL_NEED_CLIENT_PASSWORD_CALLBACK,
63 N_("SASL mechanism needs gsasl_client_callback_password() callback"
64 " (application error)")),
65 OBS (13, GSASL_NEED_CLIENT_PASSCODE_CALLBACK,
66 N_("SASL mechanism needs gsasl_client_callback_passcode() callback"
67 " (application error)")),
68 OBS (14, GSASL_NEED_CLIENT_PIN_CALLBACK,
69 N_("SASL mechanism needs gsasl_client_callback_pin() callback"
70 " (application error)")),
71 OBS (15, GSASL_NEED_CLIENT_AUTHORIZATION_ID_CALLBACK,
72 N_("SASL mechanism needs gsasl_client_callback_authorization_id() "
73 "callback (application error)")),
74 OBS (16, GSASL_NEED_CLIENT_AUTHENTICATION_ID_CALLBACK,
75 N_("SASL mechanism needs gsasl_client_callback_authentication_id() "
76 "callback (application error)")),
77 OBS (17, GSASL_NEED_CLIENT_SERVICE_CALLBACK,
78 N_("SASL mechanism needs gsasl_client_callback_service() callback "
79 "(application error)")),
80 OBS (18, GSASL_NEED_SERVER_VALIDATE_CALLBACK,
81 N_("SASL mechanism needs gsasl_server_callback_validate() callback "
82 "(application error)")),
83 OBS (19, GSASL_NEED_SERVER_CRAM_MD5_CALLBACK,
84 N_("SASL mechanism needs gsasl_server_callback_cram_md5() callback "
85 "(application error)")),
86 OBS (20, GSASL_NEED_SERVER_DIGEST_MD5_CALLBACK,
87 N_("SASL mechanism needs gsasl_server_callback_digest_md5() callback "
88 "(application error)")),
89 OBS (21, GSASL_NEED_SERVER_EXTERNAL_CALLBACK,
90 N_("SASL mechanism needs gsasl_server_callback_external() callback "
91 "(application error)")),
92 OBS (22, GSASL_NEED_SERVER_ANONYMOUS_CALLBACK,
93 N_("SASL mechanism needs gsasl_server_callback_anonymous() callback "
94 "(application error)")),
95 OBS (23, GSASL_NEED_SERVER_REALM_CALLBACK,
96 N_("SASL mechanism needs gsasl_server_callback_realm() callback "
97 "(application error)")),
98 OBS (24, GSASL_NEED_SERVER_SECURID_CALLBACK,
99 N_("SASL mechanism needs gsasl_server_callback_securid() callback "
100 "(application error)")),
101 OBS (25, GSASL_NEED_SERVER_SERVICE_CALLBACK,
102 N_("SASL mechanism needs gsasl_server_callback_service() callback "
103 "(application error)")),
104 OBS (26, GSASL_NEED_SERVER_GSSAPI_CALLBACK,
105 N_("SASL mechanism needs gsasl_server_callback_gssapi() callback "
106 "(application error)")),
107 OBS (27, GSASL_NEED_SERVER_RETRIEVE_CALLBACK,
108 N_("SASL mechanism needs gsasl_server_callback_retrieve() callback "
109 "(application error)")),
110 OBS (28, GSASL_UNICODE_NORMALIZATION_ERROR,
111 N_("Failed to perform Unicode Normalization on string.")),
112 ERR (GSASL_SASLPREP_ERROR,
113 N_("Could not prepare internationalized (non-ASCII) string.")),
114 ERR (GSASL_MECHANISM_PARSE_ERROR,
115 N_("SASL mechanism could not parse input")),
116 ERR (GSASL_AUTHENTICATION_ERROR, N_("Error authenticating user")),
117 OBS (32, GSASL_CANNOT_GET_CTX,
118 N_("Cannot get internal library handle (library error)")),
119 ERR (GSASL_INTEGRITY_ERROR, N_("Integrity error in application payload")),
120 OBS (34, GSASL_NO_MORE_REALMS, N_("No more realms available (non-fatal)")),
121 ERR (GSASL_NO_CLIENT_CODE,
122 N_("Client-side functionality not available in library "
123 "(application error)")),
124 ERR (GSASL_NO_SERVER_CODE,
125 N_("Server-side functionality not available in library "
126 "(application error)")),
127 ERR (GSASL_GSSAPI_RELEASE_BUFFER_ERROR,
128 N_("GSSAPI library could not deallocate memory in "
129 "gss_release_buffer() in SASL library. This is a serious "
130 "internal error.")),
131 ERR (GSASL_GSSAPI_IMPORT_NAME_ERROR,
132 N_("GSSAPI library could not understand a peer name in "
133 "gss_import_name() in SASL library. This is most likely due "
134 "to incorrect service and/or hostnames.")),
135 ERR (GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR,
136 N_("GSSAPI error in client while negotiating security context in "
137 "gss_init_sec_context() in SASL library. This is most likely "
138 "due insufficient credentials or malicious interactions.")),
139 ERR (GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR,
140 N_("GSSAPI error in server while negotiating security context in "
141 "gss_accept_sec_context() in SASL library. This is most likely due "
142 "insufficient credentials or malicious interactions.")),
143 ERR (GSASL_GSSAPI_UNWRAP_ERROR,
144 N_("GSSAPI error while decrypting or decoding data in gss_unwrap() in "
145 "SASL library. This is most likely due to data corruption.")),
146 ERR (GSASL_GSSAPI_WRAP_ERROR,
147 N_("GSSAPI error while encrypting or encoding data in gss_wrap() in "
148 "SASL library.")),
149 ERR (GSASL_GSSAPI_ACQUIRE_CRED_ERROR,
150 N_("GSSAPI error acquiring credentials in gss_acquire_cred() in "
151 "SASL library. This is most likely due to not having the proper "
152 "Kerberos key available in /etc/krb5.keytab on the server.")),
153 ERR (GSASL_GSSAPI_DISPLAY_NAME_ERROR,
154 N_("GSSAPI error creating a display name denoting the client in "
155 "gss_display_name() in SASL library. This is probably because "
156 "the client supplied bad data.")),
157 ERR (GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR,
158 N_("Other entity requested integrity or confidentiality protection "
159 "in GSSAPI mechanism but this is currently not implemented.")),
160 ERR (GSASL_KERBEROS_V5_INIT_ERROR,
161 N_("Kerberos V5 initialization failure.")),
162 ERR (GSASL_KERBEROS_V5_INTERNAL_ERROR,
163 N_("Kerberos V5 internal error.")),
164 ERR (GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE,
165 N_("SecurID needs additional passcode.")),
166 ERR (GSASL_SECURID_SERVER_NEED_NEW_PIN,
167 N_("SecurID needs new pin.")),
168 OBS (50, GSASL_INVALID_HANDLE,
169 N_("The provided library handle was invalid (application error)")),
170 ERR (GSASL_NO_CALLBACK,
171 N_("No callback specified by caller (application error).")),
172 ERR (GSASL_NO_ANONYMOUS_TOKEN,
173 N_("Authentication failed because the anonymous token was "
174 "not provided.")),
175 ERR (GSASL_NO_AUTHID,
176 N_("Authentication failed because the authentication identity was "
177 "not provided.")),
178 ERR (GSASL_NO_AUTHZID,
179 N_("Authentication failed because the authorization identity was "
180 "not provided.")),
181 ERR (GSASL_NO_PASSWORD,
182 N_("Authentication failed because the password was not provided.")),
183 ERR (GSASL_NO_PASSCODE,
184 N_("Authentication failed because the passcode was not provided.")),
185 ERR (GSASL_NO_PIN,
186 N_("Authentication failed because the pin code was not provided.")),
187 ERR (GSASL_NO_SERVICE,
188 N_("Authentication failed because the service name was not provided.")),
189 ERR (GSASL_NO_HOSTNAME,
190 N_("Authentication failed because the host name was not provided.")),
191 ERR (GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR,
192 N_("GSSAPI error encapsulating token.")),
193 ERR (GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR,
194 N_("GSSAPI error decapsulating token.")),
195 ERR (GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR,
196 N_("GSSAPI error getting OID for SASL mechanism name.")),
197 ERR (GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR,
198 N_("GSSAPI error testing for OID in OID set.")),
199 ERR (GSASL_GSSAPI_RELEASE_OID_SET_ERROR,
200 N_("GSSAPI error releasing OID set.")),
201 ERR (GSASL_NO_CB_TLS_UNIQUE,
202 N_("Authentication failed because a tls-unique CB was not provided.")),
203 ERR (GSASL_NO_SAML20_IDP_IDENTIFIER,
204 N_("Callback failed to provide SAML20 IdP identifier.")),
205 ERR (GSASL_NO_SAML20_REDIRECT_URL,
206 N_("Callback failed to provide SAML20 redirect URL.")),
207 ERR (GSASL_NO_OPENID20_REDIRECT_URL,
208 N_("Callback failed to provide OPENID20 redirect URL."))
209};
210/* *INDENT-ON* */
211
212/**
213 * gsasl_strerror:
214 * @err: libgsasl error code
215 *
216 * Convert return code to human readable string explanation of the
217 * reason for the particular error code.
218 *
219 * This string can be used to output a diagnostic message to the user.
220 *
221 * This function is one of few in the library that can be used without
222 * a successful call to gsasl_init().
223 *
224 * Return value: Returns a pointer to a statically allocated string
225 * containing an explanation of the error code @err.
226 **/
227const char *
228gsasl_strerror (int err)
229{
230 static const char *unknown = N_("Libgsasl unknown error");
231 const char *p;
232
233 bindtextdomain (PACKAGE, ".");
234
235 if (err < 0 || err >= (sizeof (errors) / sizeof (errors[0])))
236 return _(unknown);
237
238 p = errors[err].description;
239 if (!p)
240 p = unknown;
241
242 return _(p);
243}
244
245
246/**
247 * gsasl_strerror_name:
248 * @err: libgsasl error code
249 *
250 * Convert return code to human readable string representing the error
251 * code symbol itself. For example, gsasl_strerror_name(%GSASL_OK)
252 * returns the string "GSASL_OK".
253 *
254 * This string can be used to output a diagnostic message to the user.
255 *
256 * This function is one of few in the library that can be used without
257 * a successful call to gsasl_init().
258 *
259 * Return value: Returns a pointer to a statically allocated string
260 * containing a string version of the error code @err, or NULL if
261 * the error code is not known.
262 *
263 * Since: 0.2.29
264 **/
265const char *
266gsasl_strerror_name (int err)
267{
268 if (err < 0 || err >= (sizeof (errors) / sizeof (errors[0])))
269 return NULL;
270
271 return errors[err].name;
272}
273