1/***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 2004 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22
23#include "curl_setup.h"
24
25#ifdef HAVE_STRERROR_R
26# if (!defined(HAVE_POSIX_STRERROR_R) && \
27 !defined(HAVE_GLIBC_STRERROR_R) && \
28 !defined(HAVE_VXWORKS_STRERROR_R)) || \
29 (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)) || \
30 (defined(HAVE_GLIBC_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)) || \
31 (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R))
32# error "strerror_r MUST be either POSIX, glibc or vxworks-style"
33# endif
34#endif
35
36#include <curl/curl.h>
37
38#ifdef USE_LIBIDN2
39#include <idn2.h>
40#endif
41
42#ifdef USE_WINDOWS_SSPI
43#include "curl_sspi.h"
44#endif
45
46#include "strerror.h"
47/* The last 3 #include files should be in this order */
48#include "curl_printf.h"
49#include "curl_memory.h"
50#include "memdebug.h"
51
52#if defined(WIN32) || defined(_WIN32_WCE)
53#define PRESERVE_WINDOWS_ERROR_CODE
54#endif
55
56const char *
57curl_easy_strerror(CURLcode error)
58{
59#ifndef CURL_DISABLE_VERBOSE_STRINGS
60 switch(error) {
61 case CURLE_OK:
62 return "No error";
63
64 case CURLE_UNSUPPORTED_PROTOCOL:
65 return "Unsupported protocol";
66
67 case CURLE_FAILED_INIT:
68 return "Failed initialization";
69
70 case CURLE_URL_MALFORMAT:
71 return "URL using bad/illegal format or missing URL";
72
73 case CURLE_NOT_BUILT_IN:
74 return "A requested feature, protocol or option was not found built-in in"
75 " this libcurl due to a build-time decision.";
76
77 case CURLE_COULDNT_RESOLVE_PROXY:
78 return "Couldn't resolve proxy name";
79
80 case CURLE_COULDNT_RESOLVE_HOST:
81 return "Couldn't resolve host name";
82
83 case CURLE_COULDNT_CONNECT:
84 return "Couldn't connect to server";
85
86 case CURLE_WEIRD_SERVER_REPLY:
87 return "Weird server reply";
88
89 case CURLE_REMOTE_ACCESS_DENIED:
90 return "Access denied to remote resource";
91
92 case CURLE_FTP_ACCEPT_FAILED:
93 return "FTP: The server failed to connect to data port";
94
95 case CURLE_FTP_ACCEPT_TIMEOUT:
96 return "FTP: Accepting server connect has timed out";
97
98 case CURLE_FTP_PRET_FAILED:
99 return "FTP: The server did not accept the PRET command.";
100
101 case CURLE_FTP_WEIRD_PASS_REPLY:
102 return "FTP: unknown PASS reply";
103
104 case CURLE_FTP_WEIRD_PASV_REPLY:
105 return "FTP: unknown PASV reply";
106
107 case CURLE_FTP_WEIRD_227_FORMAT:
108 return "FTP: unknown 227 response format";
109
110 case CURLE_FTP_CANT_GET_HOST:
111 return "FTP: can't figure out the host in the PASV response";
112
113 case CURLE_HTTP2:
114 return "Error in the HTTP2 framing layer";
115
116 case CURLE_FTP_COULDNT_SET_TYPE:
117 return "FTP: couldn't set file type";
118
119 case CURLE_PARTIAL_FILE:
120 return "Transferred a partial file";
121
122 case CURLE_FTP_COULDNT_RETR_FILE:
123 return "FTP: couldn't retrieve (RETR failed) the specified file";
124
125 case CURLE_QUOTE_ERROR:
126 return "Quote command returned error";
127
128 case CURLE_HTTP_RETURNED_ERROR:
129 return "HTTP response code said error";
130
131 case CURLE_WRITE_ERROR:
132 return "Failed writing received data to disk/application";
133
134 case CURLE_UPLOAD_FAILED:
135 return "Upload failed (at start/before it took off)";
136
137 case CURLE_READ_ERROR:
138 return "Failed to open/read local data from file/application";
139
140 case CURLE_OUT_OF_MEMORY:
141 return "Out of memory";
142
143 case CURLE_OPERATION_TIMEDOUT:
144 return "Timeout was reached";
145
146 case CURLE_FTP_PORT_FAILED:
147 return "FTP: command PORT failed";
148
149 case CURLE_FTP_COULDNT_USE_REST:
150 return "FTP: command REST failed";
151
152 case CURLE_RANGE_ERROR:
153 return "Requested range was not delivered by the server";
154
155 case CURLE_HTTP_POST_ERROR:
156 return "Internal problem setting up the POST";
157
158 case CURLE_SSL_CONNECT_ERROR:
159 return "SSL connect error";
160
161 case CURLE_BAD_DOWNLOAD_RESUME:
162 return "Couldn't resume download";
163
164 case CURLE_FILE_COULDNT_READ_FILE:
165 return "Couldn't read a file:// file";
166
167 case CURLE_LDAP_CANNOT_BIND:
168 return "LDAP: cannot bind";
169
170 case CURLE_LDAP_SEARCH_FAILED:
171 return "LDAP: search failed";
172
173 case CURLE_FUNCTION_NOT_FOUND:
174 return "A required function in the library was not found";
175
176 case CURLE_ABORTED_BY_CALLBACK:
177 return "Operation was aborted by an application callback";
178
179 case CURLE_BAD_FUNCTION_ARGUMENT:
180 return "A libcurl function was given a bad argument";
181
182 case CURLE_INTERFACE_FAILED:
183 return "Failed binding local connection end";
184
185 case CURLE_TOO_MANY_REDIRECTS :
186 return "Number of redirects hit maximum amount";
187
188 case CURLE_UNKNOWN_OPTION:
189 return "An unknown option was passed in to libcurl";
190
191 case CURLE_TELNET_OPTION_SYNTAX :
192 return "Malformed telnet option";
193
194 case CURLE_GOT_NOTHING:
195 return "Server returned nothing (no headers, no data)";
196
197 case CURLE_SSL_ENGINE_NOTFOUND:
198 return "SSL crypto engine not found";
199
200 case CURLE_SSL_ENGINE_SETFAILED:
201 return "Can not set SSL crypto engine as default";
202
203 case CURLE_SSL_ENGINE_INITFAILED:
204 return "Failed to initialise SSL crypto engine";
205
206 case CURLE_SEND_ERROR:
207 return "Failed sending data to the peer";
208
209 case CURLE_RECV_ERROR:
210 return "Failure when receiving data from the peer";
211
212 case CURLE_SSL_CERTPROBLEM:
213 return "Problem with the local SSL certificate";
214
215 case CURLE_SSL_CIPHER:
216 return "Couldn't use specified SSL cipher";
217
218 case CURLE_PEER_FAILED_VERIFICATION:
219 return "SSL peer certificate or SSH remote key was not OK";
220
221 case CURLE_SSL_CACERT_BADFILE:
222 return "Problem with the SSL CA cert (path? access rights?)";
223
224 case CURLE_BAD_CONTENT_ENCODING:
225 return "Unrecognized or bad HTTP Content or Transfer-Encoding";
226
227 case CURLE_LDAP_INVALID_URL:
228 return "Invalid LDAP URL";
229
230 case CURLE_FILESIZE_EXCEEDED:
231 return "Maximum file size exceeded";
232
233 case CURLE_USE_SSL_FAILED:
234 return "Requested SSL level failed";
235
236 case CURLE_SSL_SHUTDOWN_FAILED:
237 return "Failed to shut down the SSL connection";
238
239 case CURLE_SSL_CRL_BADFILE:
240 return "Failed to load CRL file (path? access rights?, format?)";
241
242 case CURLE_SSL_ISSUER_ERROR:
243 return "Issuer check against peer certificate failed";
244
245 case CURLE_SEND_FAIL_REWIND:
246 return "Send failed since rewinding of the data stream failed";
247
248 case CURLE_LOGIN_DENIED:
249 return "Login denied";
250
251 case CURLE_TFTP_NOTFOUND:
252 return "TFTP: File Not Found";
253
254 case CURLE_TFTP_PERM:
255 return "TFTP: Access Violation";
256
257 case CURLE_REMOTE_DISK_FULL:
258 return "Disk full or allocation exceeded";
259
260 case CURLE_TFTP_ILLEGAL:
261 return "TFTP: Illegal operation";
262
263 case CURLE_TFTP_UNKNOWNID:
264 return "TFTP: Unknown transfer ID";
265
266 case CURLE_REMOTE_FILE_EXISTS:
267 return "Remote file already exists";
268
269 case CURLE_TFTP_NOSUCHUSER:
270 return "TFTP: No such user";
271
272 case CURLE_CONV_FAILED:
273 return "Conversion failed";
274
275 case CURLE_CONV_REQD:
276 return "Caller must register CURLOPT_CONV_ callback options";
277
278 case CURLE_REMOTE_FILE_NOT_FOUND:
279 return "Remote file not found";
280
281 case CURLE_SSH:
282 return "Error in the SSH layer";
283
284 case CURLE_AGAIN:
285 return "Socket not ready for send/recv";
286
287 case CURLE_RTSP_CSEQ_ERROR:
288 return "RTSP CSeq mismatch or invalid CSeq";
289
290 case CURLE_RTSP_SESSION_ERROR:
291 return "RTSP session error";
292
293 case CURLE_FTP_BAD_FILE_LIST:
294 return "Unable to parse FTP file list";
295
296 case CURLE_CHUNK_FAILED:
297 return "Chunk callback failed";
298
299 case CURLE_NO_CONNECTION_AVAILABLE:
300 return "The max connection limit is reached";
301
302 case CURLE_SSL_PINNEDPUBKEYNOTMATCH:
303 return "SSL public key does not match pinned public key";
304
305 case CURLE_SSL_INVALIDCERTSTATUS:
306 return "SSL server certificate status verification FAILED";
307
308 case CURLE_HTTP2_STREAM:
309 return "Stream error in the HTTP/2 framing layer";
310
311 case CURLE_RECURSIVE_API_CALL:
312 return "API function called from within callback";
313
314 case CURLE_AUTH_ERROR:
315 return "An authentication function returned an error";
316
317 case CURLE_HTTP3:
318 return "HTTP/3 error";
319
320 /* error codes not used by current libcurl */
321 case CURLE_OBSOLETE20:
322 case CURLE_OBSOLETE24:
323 case CURLE_OBSOLETE29:
324 case CURLE_OBSOLETE32:
325 case CURLE_OBSOLETE40:
326 case CURLE_OBSOLETE44:
327 case CURLE_OBSOLETE46:
328 case CURLE_OBSOLETE50:
329 case CURLE_OBSOLETE51:
330 case CURLE_OBSOLETE57:
331 case CURL_LAST:
332 break;
333 }
334 /*
335 * By using a switch, gcc -Wall will complain about enum values
336 * which do not appear, helping keep this function up-to-date.
337 * By using gcc -Wall -Werror, you can't forget.
338 *
339 * A table would not have the same benefit. Most compilers will
340 * generate code very similar to a table in any case, so there
341 * is little performance gain from a table. And something is broken
342 * for the user's application, anyways, so does it matter how fast
343 * it _doesn't_ work?
344 *
345 * The line number for the error will be near this comment, which
346 * is why it is here, and not at the start of the switch.
347 */
348 return "Unknown error";
349#else
350 if(!error)
351 return "No error";
352 else
353 return "Error";
354#endif
355}
356
357const char *
358curl_multi_strerror(CURLMcode error)
359{
360#ifndef CURL_DISABLE_VERBOSE_STRINGS
361 switch(error) {
362 case CURLM_CALL_MULTI_PERFORM:
363 return "Please call curl_multi_perform() soon";
364
365 case CURLM_OK:
366 return "No error";
367
368 case CURLM_BAD_HANDLE:
369 return "Invalid multi handle";
370
371 case CURLM_BAD_EASY_HANDLE:
372 return "Invalid easy handle";
373
374 case CURLM_OUT_OF_MEMORY:
375 return "Out of memory";
376
377 case CURLM_INTERNAL_ERROR:
378 return "Internal error";
379
380 case CURLM_BAD_SOCKET:
381 return "Invalid socket argument";
382
383 case CURLM_UNKNOWN_OPTION:
384 return "Unknown option";
385
386 case CURLM_ADDED_ALREADY:
387 return "The easy handle is already added to a multi handle";
388
389 case CURLM_RECURSIVE_API_CALL:
390 return "API function called from within callback";
391
392 case CURLM_WAKEUP_FAILURE:
393 return "Wakeup is unavailable or failed";
394
395 case CURLM_LAST:
396 break;
397 }
398
399 return "Unknown error";
400#else
401 if(error == CURLM_OK)
402 return "No error";
403 else
404 return "Error";
405#endif
406}
407
408const char *
409curl_share_strerror(CURLSHcode error)
410{
411#ifndef CURL_DISABLE_VERBOSE_STRINGS
412 switch(error) {
413 case CURLSHE_OK:
414 return "No error";
415
416 case CURLSHE_BAD_OPTION:
417 return "Unknown share option";
418
419 case CURLSHE_IN_USE:
420 return "Share currently in use";
421
422 case CURLSHE_INVALID:
423 return "Invalid share handle";
424
425 case CURLSHE_NOMEM:
426 return "Out of memory";
427
428 case CURLSHE_NOT_BUILT_IN:
429 return "Feature not enabled in this library";
430
431 case CURLSHE_LAST:
432 break;
433 }
434
435 return "CURLSHcode unknown";
436#else
437 if(error == CURLSHE_OK)
438 return "No error";
439 else
440 return "Error";
441#endif
442}
443
444#ifdef USE_WINSOCK
445
446/* This function handles most / all (?) Winsock errors curl is able to produce.
447 */
448static const char *
449get_winsock_error (int err, char *buf, size_t len)
450{
451#ifdef PRESERVE_WINDOWS_ERROR_CODE
452 DWORD old_win_err = GetLastError();
453#endif
454 int old_errno = errno;
455 const char *p;
456
457#ifndef CURL_DISABLE_VERBOSE_STRINGS
458 switch(err) {
459 case WSAEINTR:
460 p = "Call interrupted";
461 break;
462 case WSAEBADF:
463 p = "Bad file";
464 break;
465 case WSAEACCES:
466 p = "Bad access";
467 break;
468 case WSAEFAULT:
469 p = "Bad argument";
470 break;
471 case WSAEINVAL:
472 p = "Invalid arguments";
473 break;
474 case WSAEMFILE:
475 p = "Out of file descriptors";
476 break;
477 case WSAEWOULDBLOCK:
478 p = "Call would block";
479 break;
480 case WSAEINPROGRESS:
481 case WSAEALREADY:
482 p = "Blocking call in progress";
483 break;
484 case WSAENOTSOCK:
485 p = "Descriptor is not a socket";
486 break;
487 case WSAEDESTADDRREQ:
488 p = "Need destination address";
489 break;
490 case WSAEMSGSIZE:
491 p = "Bad message size";
492 break;
493 case WSAEPROTOTYPE:
494 p = "Bad protocol";
495 break;
496 case WSAENOPROTOOPT:
497 p = "Protocol option is unsupported";
498 break;
499 case WSAEPROTONOSUPPORT:
500 p = "Protocol is unsupported";
501 break;
502 case WSAESOCKTNOSUPPORT:
503 p = "Socket is unsupported";
504 break;
505 case WSAEOPNOTSUPP:
506 p = "Operation not supported";
507 break;
508 case WSAEAFNOSUPPORT:
509 p = "Address family not supported";
510 break;
511 case WSAEPFNOSUPPORT:
512 p = "Protocol family not supported";
513 break;
514 case WSAEADDRINUSE:
515 p = "Address already in use";
516 break;
517 case WSAEADDRNOTAVAIL:
518 p = "Address not available";
519 break;
520 case WSAENETDOWN:
521 p = "Network down";
522 break;
523 case WSAENETUNREACH:
524 p = "Network unreachable";
525 break;
526 case WSAENETRESET:
527 p = "Network has been reset";
528 break;
529 case WSAECONNABORTED:
530 p = "Connection was aborted";
531 break;
532 case WSAECONNRESET:
533 p = "Connection was reset";
534 break;
535 case WSAENOBUFS:
536 p = "No buffer space";
537 break;
538 case WSAEISCONN:
539 p = "Socket is already connected";
540 break;
541 case WSAENOTCONN:
542 p = "Socket is not connected";
543 break;
544 case WSAESHUTDOWN:
545 p = "Socket has been shut down";
546 break;
547 case WSAETOOMANYREFS:
548 p = "Too many references";
549 break;
550 case WSAETIMEDOUT:
551 p = "Timed out";
552 break;
553 case WSAECONNREFUSED:
554 p = "Connection refused";
555 break;
556 case WSAELOOP:
557 p = "Loop??";
558 break;
559 case WSAENAMETOOLONG:
560 p = "Name too long";
561 break;
562 case WSAEHOSTDOWN:
563 p = "Host down";
564 break;
565 case WSAEHOSTUNREACH:
566 p = "Host unreachable";
567 break;
568 case WSAENOTEMPTY:
569 p = "Not empty";
570 break;
571 case WSAEPROCLIM:
572 p = "Process limit reached";
573 break;
574 case WSAEUSERS:
575 p = "Too many users";
576 break;
577 case WSAEDQUOT:
578 p = "Bad quota";
579 break;
580 case WSAESTALE:
581 p = "Something is stale";
582 break;
583 case WSAEREMOTE:
584 p = "Remote error";
585 break;
586#ifdef WSAEDISCON /* missing in SalfordC! */
587 case WSAEDISCON:
588 p = "Disconnected";
589 break;
590#endif
591 /* Extended Winsock errors */
592 case WSASYSNOTREADY:
593 p = "Winsock library is not ready";
594 break;
595 case WSANOTINITIALISED:
596 p = "Winsock library not initialised";
597 break;
598 case WSAVERNOTSUPPORTED:
599 p = "Winsock version not supported";
600 break;
601
602 /* getXbyY() errors (already handled in herrmsg):
603 * Authoritative Answer: Host not found */
604 case WSAHOST_NOT_FOUND:
605 p = "Host not found";
606 break;
607
608 /* Non-Authoritative: Host not found, or SERVERFAIL */
609 case WSATRY_AGAIN:
610 p = "Host not found, try again";
611 break;
612
613 /* Non recoverable errors, FORMERR, REFUSED, NOTIMP */
614 case WSANO_RECOVERY:
615 p = "Unrecoverable error in call to nameserver";
616 break;
617
618 /* Valid name, no data record of requested type */
619 case WSANO_DATA:
620 p = "No data record of requested type";
621 break;
622
623 default:
624 return NULL;
625 }
626#else
627 if(!err)
628 return NULL;
629 else
630 p = "error";
631#endif
632 strncpy(buf, p, len);
633 buf [len-1] = '\0';
634
635 if(errno != old_errno)
636 errno = old_errno;
637
638#ifdef PRESERVE_WINDOWS_ERROR_CODE
639 if(old_win_err != GetLastError())
640 SetLastError(old_win_err);
641#endif
642
643 return buf;
644}
645#endif /* USE_WINSOCK */
646
647/*
648 * Our thread-safe and smart strerror() replacement.
649 *
650 * The 'err' argument passed in to this function MUST be a true errno number
651 * as reported on this system. We do no range checking on the number before
652 * we pass it to the "number-to-message" conversion function and there might
653 * be systems that don't do proper range checking in there themselves.
654 *
655 * We don't do range checking (on systems other than Windows) since there is
656 * no good reliable and portable way to do it.
657 */
658const char *Curl_strerror(int err, char *buf, size_t buflen)
659{
660#ifdef PRESERVE_WINDOWS_ERROR_CODE
661 DWORD old_win_err = GetLastError();
662#endif
663 int old_errno = errno;
664 char *p;
665 size_t max;
666
667 DEBUGASSERT(err >= 0);
668
669 max = buflen - 1;
670 *buf = '\0';
671
672#ifdef USE_WINSOCK
673
674#ifdef _WIN32_WCE
675 {
676 wchar_t wbuf[256];
677 wbuf[0] = L'\0';
678
679 FormatMessage((FORMAT_MESSAGE_FROM_SYSTEM |
680 FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err,
681 LANG_NEUTRAL, wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL);
682 wcstombs(buf, wbuf, max);
683 }
684#else
685 /* 'sys_nerr' is the maximum errno number, it is not widely portable */
686 if(err >= 0 && err < sys_nerr)
687 strncpy(buf, strerror(err), max);
688 else {
689 if(!get_winsock_error(err, buf, max) &&
690 !FormatMessageA((FORMAT_MESSAGE_FROM_SYSTEM |
691 FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err,
692 LANG_NEUTRAL, buf, (DWORD)max, NULL))
693 msnprintf(buf, max, "Unknown error %d (%#x)", err, err);
694 }
695#endif
696
697#else /* not USE_WINSOCK coming up */
698
699#if defined(HAVE_STRERROR_R) && defined(HAVE_POSIX_STRERROR_R)
700 /*
701 * The POSIX-style strerror_r() may set errno to ERANGE if insufficient
702 * storage is supplied via 'strerrbuf' and 'buflen' to hold the generated
703 * message string, or EINVAL if 'errnum' is not a valid error number.
704 */
705 if(0 != strerror_r(err, buf, max)) {
706 if('\0' == buf[0])
707 msnprintf(buf, max, "Unknown error %d", err);
708 }
709#elif defined(HAVE_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R)
710 /*
711 * The glibc-style strerror_r() only *might* use the buffer we pass to
712 * the function, but it always returns the error message as a pointer,
713 * so we must copy that string unconditionally (if non-NULL).
714 */
715 {
716 char buffer[256];
717 char *msg = strerror_r(err, buffer, sizeof(buffer));
718 if(msg)
719 strncpy(buf, msg, max);
720 else
721 msnprintf(buf, max, "Unknown error %d", err);
722 }
723#elif defined(HAVE_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)
724 /*
725 * The vxworks-style strerror_r() does use the buffer we pass to the function.
726 * The buffer size should be at least NAME_MAX (256)
727 */
728 {
729 char buffer[256];
730 if(OK == strerror_r(err, buffer))
731 strncpy(buf, buffer, max);
732 else
733 msnprintf(buf, max, "Unknown error %d", err);
734 }
735#else
736 {
737 char *msg = strerror(err);
738 if(msg)
739 strncpy(buf, msg, max);
740 else
741 msnprintf(buf, max, "Unknown error %d", err);
742 }
743#endif
744
745#endif /* end of ! USE_WINSOCK */
746
747 buf[max] = '\0'; /* make sure the string is zero terminated */
748
749 /* strip trailing '\r\n' or '\n'. */
750 p = strrchr(buf, '\n');
751 if(p && (p - buf) >= 2)
752 *p = '\0';
753 p = strrchr(buf, '\r');
754 if(p && (p - buf) >= 1)
755 *p = '\0';
756
757 if(errno != old_errno)
758 errno = old_errno;
759
760#ifdef PRESERVE_WINDOWS_ERROR_CODE
761 if(old_win_err != GetLastError())
762 SetLastError(old_win_err);
763#endif
764
765 return buf;
766}
767
768#ifdef USE_WINDOWS_SSPI
769const char *Curl_sspi_strerror(int err, char *buf, size_t buflen)
770{
771#ifdef PRESERVE_WINDOWS_ERROR_CODE
772 DWORD old_win_err = GetLastError();
773#endif
774 int old_errno = errno;
775 const char *txt;
776 char *outbuf;
777 size_t outmax;
778#ifndef CURL_DISABLE_VERBOSE_STRINGS
779 char txtbuf[80];
780 char msgbuf[256];
781 char *p, *str, *msg = NULL;
782 bool msg_formatted = FALSE;
783#endif
784
785 outbuf = buf;
786 outmax = buflen - 1;
787 *outbuf = '\0';
788
789#ifndef CURL_DISABLE_VERBOSE_STRINGS
790
791 switch(err) {
792 case SEC_E_OK:
793 txt = "No error";
794 break;
795 case CRYPT_E_REVOKED:
796 txt = "CRYPT_E_REVOKED";
797 break;
798 case SEC_E_ALGORITHM_MISMATCH:
799 txt = "SEC_E_ALGORITHM_MISMATCH";
800 break;
801 case SEC_E_BAD_BINDINGS:
802 txt = "SEC_E_BAD_BINDINGS";
803 break;
804 case SEC_E_BAD_PKGID:
805 txt = "SEC_E_BAD_PKGID";
806 break;
807 case SEC_E_BUFFER_TOO_SMALL:
808 txt = "SEC_E_BUFFER_TOO_SMALL";
809 break;
810 case SEC_E_CANNOT_INSTALL:
811 txt = "SEC_E_CANNOT_INSTALL";
812 break;
813 case SEC_E_CANNOT_PACK:
814 txt = "SEC_E_CANNOT_PACK";
815 break;
816 case SEC_E_CERT_EXPIRED:
817 txt = "SEC_E_CERT_EXPIRED";
818 break;
819 case SEC_E_CERT_UNKNOWN:
820 txt = "SEC_E_CERT_UNKNOWN";
821 break;
822 case SEC_E_CERT_WRONG_USAGE:
823 txt = "SEC_E_CERT_WRONG_USAGE";
824 break;
825 case SEC_E_CONTEXT_EXPIRED:
826 txt = "SEC_E_CONTEXT_EXPIRED";
827 break;
828 case SEC_E_CROSSREALM_DELEGATION_FAILURE:
829 txt = "SEC_E_CROSSREALM_DELEGATION_FAILURE";
830 break;
831 case SEC_E_CRYPTO_SYSTEM_INVALID:
832 txt = "SEC_E_CRYPTO_SYSTEM_INVALID";
833 break;
834 case SEC_E_DECRYPT_FAILURE:
835 txt = "SEC_E_DECRYPT_FAILURE";
836 break;
837 case SEC_E_DELEGATION_POLICY:
838 txt = "SEC_E_DELEGATION_POLICY";
839 break;
840 case SEC_E_DELEGATION_REQUIRED:
841 txt = "SEC_E_DELEGATION_REQUIRED";
842 break;
843 case SEC_E_DOWNGRADE_DETECTED:
844 txt = "SEC_E_DOWNGRADE_DETECTED";
845 break;
846 case SEC_E_ENCRYPT_FAILURE:
847 txt = "SEC_E_ENCRYPT_FAILURE";
848 break;
849 case SEC_E_ILLEGAL_MESSAGE:
850 txt = "SEC_E_ILLEGAL_MESSAGE";
851 break;
852 case SEC_E_INCOMPLETE_CREDENTIALS:
853 txt = "SEC_E_INCOMPLETE_CREDENTIALS";
854 break;
855 case SEC_E_INCOMPLETE_MESSAGE:
856 txt = "SEC_E_INCOMPLETE_MESSAGE";
857 break;
858 case SEC_E_INSUFFICIENT_MEMORY:
859 txt = "SEC_E_INSUFFICIENT_MEMORY";
860 break;
861 case SEC_E_INTERNAL_ERROR:
862 txt = "SEC_E_INTERNAL_ERROR";
863 break;
864 case SEC_E_INVALID_HANDLE:
865 txt = "SEC_E_INVALID_HANDLE";
866 break;
867 case SEC_E_INVALID_PARAMETER:
868 txt = "SEC_E_INVALID_PARAMETER";
869 break;
870 case SEC_E_INVALID_TOKEN:
871 txt = "SEC_E_INVALID_TOKEN";
872 break;
873 case SEC_E_ISSUING_CA_UNTRUSTED:
874 txt = "SEC_E_ISSUING_CA_UNTRUSTED";
875 break;
876 case SEC_E_ISSUING_CA_UNTRUSTED_KDC:
877 txt = "SEC_E_ISSUING_CA_UNTRUSTED_KDC";
878 break;
879 case SEC_E_KDC_CERT_EXPIRED:
880 txt = "SEC_E_KDC_CERT_EXPIRED";
881 break;
882 case SEC_E_KDC_CERT_REVOKED:
883 txt = "SEC_E_KDC_CERT_REVOKED";
884 break;
885 case SEC_E_KDC_INVALID_REQUEST:
886 txt = "SEC_E_KDC_INVALID_REQUEST";
887 break;
888 case SEC_E_KDC_UNABLE_TO_REFER:
889 txt = "SEC_E_KDC_UNABLE_TO_REFER";
890 break;
891 case SEC_E_KDC_UNKNOWN_ETYPE:
892 txt = "SEC_E_KDC_UNKNOWN_ETYPE";
893 break;
894 case SEC_E_LOGON_DENIED:
895 txt = "SEC_E_LOGON_DENIED";
896 break;
897 case SEC_E_MAX_REFERRALS_EXCEEDED:
898 txt = "SEC_E_MAX_REFERRALS_EXCEEDED";
899 break;
900 case SEC_E_MESSAGE_ALTERED:
901 txt = "SEC_E_MESSAGE_ALTERED";
902 break;
903 case SEC_E_MULTIPLE_ACCOUNTS:
904 txt = "SEC_E_MULTIPLE_ACCOUNTS";
905 break;
906 case SEC_E_MUST_BE_KDC:
907 txt = "SEC_E_MUST_BE_KDC";
908 break;
909 case SEC_E_NOT_OWNER:
910 txt = "SEC_E_NOT_OWNER";
911 break;
912 case SEC_E_NO_AUTHENTICATING_AUTHORITY:
913 txt = "SEC_E_NO_AUTHENTICATING_AUTHORITY";
914 break;
915 case SEC_E_NO_CREDENTIALS:
916 txt = "SEC_E_NO_CREDENTIALS";
917 break;
918 case SEC_E_NO_IMPERSONATION:
919 txt = "SEC_E_NO_IMPERSONATION";
920 break;
921 case SEC_E_NO_IP_ADDRESSES:
922 txt = "SEC_E_NO_IP_ADDRESSES";
923 break;
924 case SEC_E_NO_KERB_KEY:
925 txt = "SEC_E_NO_KERB_KEY";
926 break;
927 case SEC_E_NO_PA_DATA:
928 txt = "SEC_E_NO_PA_DATA";
929 break;
930 case SEC_E_NO_S4U_PROT_SUPPORT:
931 txt = "SEC_E_NO_S4U_PROT_SUPPORT";
932 break;
933 case SEC_E_NO_TGT_REPLY:
934 txt = "SEC_E_NO_TGT_REPLY";
935 break;
936 case SEC_E_OUT_OF_SEQUENCE:
937 txt = "SEC_E_OUT_OF_SEQUENCE";
938 break;
939 case SEC_E_PKINIT_CLIENT_FAILURE:
940 txt = "SEC_E_PKINIT_CLIENT_FAILURE";
941 break;
942 case SEC_E_PKINIT_NAME_MISMATCH:
943 txt = "SEC_E_PKINIT_NAME_MISMATCH";
944 break;
945 case SEC_E_POLICY_NLTM_ONLY:
946 txt = "SEC_E_POLICY_NLTM_ONLY";
947 break;
948 case SEC_E_QOP_NOT_SUPPORTED:
949 txt = "SEC_E_QOP_NOT_SUPPORTED";
950 break;
951 case SEC_E_REVOCATION_OFFLINE_C:
952 txt = "SEC_E_REVOCATION_OFFLINE_C";
953 break;
954 case SEC_E_REVOCATION_OFFLINE_KDC:
955 txt = "SEC_E_REVOCATION_OFFLINE_KDC";
956 break;
957 case SEC_E_SECPKG_NOT_FOUND:
958 txt = "SEC_E_SECPKG_NOT_FOUND";
959 break;
960 case SEC_E_SECURITY_QOS_FAILED:
961 txt = "SEC_E_SECURITY_QOS_FAILED";
962 break;
963 case SEC_E_SHUTDOWN_IN_PROGRESS:
964 txt = "SEC_E_SHUTDOWN_IN_PROGRESS";
965 break;
966 case SEC_E_SMARTCARD_CERT_EXPIRED:
967 txt = "SEC_E_SMARTCARD_CERT_EXPIRED";
968 break;
969 case SEC_E_SMARTCARD_CERT_REVOKED:
970 txt = "SEC_E_SMARTCARD_CERT_REVOKED";
971 break;
972 case SEC_E_SMARTCARD_LOGON_REQUIRED:
973 txt = "SEC_E_SMARTCARD_LOGON_REQUIRED";
974 break;
975 case SEC_E_STRONG_CRYPTO_NOT_SUPPORTED:
976 txt = "SEC_E_STRONG_CRYPTO_NOT_SUPPORTED";
977 break;
978 case SEC_E_TARGET_UNKNOWN:
979 txt = "SEC_E_TARGET_UNKNOWN";
980 break;
981 case SEC_E_TIME_SKEW:
982 txt = "SEC_E_TIME_SKEW";
983 break;
984 case SEC_E_TOO_MANY_PRINCIPALS:
985 txt = "SEC_E_TOO_MANY_PRINCIPALS";
986 break;
987 case SEC_E_UNFINISHED_CONTEXT_DELETED:
988 txt = "SEC_E_UNFINISHED_CONTEXT_DELETED";
989 break;
990 case SEC_E_UNKNOWN_CREDENTIALS:
991 txt = "SEC_E_UNKNOWN_CREDENTIALS";
992 break;
993 case SEC_E_UNSUPPORTED_FUNCTION:
994 txt = "SEC_E_UNSUPPORTED_FUNCTION";
995 break;
996 case SEC_E_UNSUPPORTED_PREAUTH:
997 txt = "SEC_E_UNSUPPORTED_PREAUTH";
998 break;
999 case SEC_E_UNTRUSTED_ROOT:
1000 txt = "SEC_E_UNTRUSTED_ROOT";
1001 break;
1002 case SEC_E_WRONG_CREDENTIAL_HANDLE:
1003 txt = "SEC_E_WRONG_CREDENTIAL_HANDLE";
1004 break;
1005 case SEC_E_WRONG_PRINCIPAL:
1006 txt = "SEC_E_WRONG_PRINCIPAL";
1007 break;
1008 case SEC_I_COMPLETE_AND_CONTINUE:
1009 txt = "SEC_I_COMPLETE_AND_CONTINUE";
1010 break;
1011 case SEC_I_COMPLETE_NEEDED:
1012 txt = "SEC_I_COMPLETE_NEEDED";
1013 break;
1014 case SEC_I_CONTEXT_EXPIRED:
1015 txt = "SEC_I_CONTEXT_EXPIRED";
1016 break;
1017 case SEC_I_CONTINUE_NEEDED:
1018 txt = "SEC_I_CONTINUE_NEEDED";
1019 break;
1020 case SEC_I_INCOMPLETE_CREDENTIALS:
1021 txt = "SEC_I_INCOMPLETE_CREDENTIALS";
1022 break;
1023 case SEC_I_LOCAL_LOGON:
1024 txt = "SEC_I_LOCAL_LOGON";
1025 break;
1026 case SEC_I_NO_LSA_CONTEXT:
1027 txt = "SEC_I_NO_LSA_CONTEXT";
1028 break;
1029 case SEC_I_RENEGOTIATE:
1030 txt = "SEC_I_RENEGOTIATE";
1031 break;
1032 case SEC_I_SIGNATURE_NEEDED:
1033 txt = "SEC_I_SIGNATURE_NEEDED";
1034 break;
1035 default:
1036 txt = "Unknown error";
1037 }
1038
1039 if(err == SEC_E_OK)
1040 strncpy(outbuf, txt, outmax);
1041 else if(err == SEC_E_ILLEGAL_MESSAGE)
1042 msnprintf(outbuf, outmax,
1043 "SEC_E_ILLEGAL_MESSAGE (0x%08X) - This error usually occurs "
1044 "when a fatal SSL/TLS alert is received (e.g. handshake failed)."
1045 " More detail may be available in the Windows System event log.",
1046 err);
1047 else {
1048 str = txtbuf;
1049 msnprintf(txtbuf, sizeof(txtbuf), "%s (0x%08X)", txt, err);
1050 txtbuf[sizeof(txtbuf)-1] = '\0';
1051
1052#ifdef _WIN32_WCE
1053 {
1054 wchar_t wbuf[256];
1055 wbuf[0] = L'\0';
1056
1057 if(FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM |
1058 FORMAT_MESSAGE_IGNORE_INSERTS,
1059 NULL, err, LANG_NEUTRAL,
1060 wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL)) {
1061 wcstombs(msgbuf, wbuf, sizeof(msgbuf)-1);
1062 msg_formatted = TRUE;
1063 }
1064 }
1065#else
1066 if(FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM |
1067 FORMAT_MESSAGE_IGNORE_INSERTS,
1068 NULL, err, LANG_NEUTRAL,
1069 msgbuf, sizeof(msgbuf)-1, NULL)) {
1070 msg_formatted = TRUE;
1071 }
1072#endif
1073 if(msg_formatted) {
1074 msgbuf[sizeof(msgbuf)-1] = '\0';
1075 /* strip trailing '\r\n' or '\n' */
1076 p = strrchr(msgbuf, '\n');
1077 if(p && (p - msgbuf) >= 2)
1078 *p = '\0';
1079 p = strrchr(msgbuf, '\r');
1080 if(p && (p - msgbuf) >= 1)
1081 *p = '\0';
1082 msg = msgbuf;
1083 }
1084 if(msg)
1085 msnprintf(outbuf, outmax, "%s - %s", str, msg);
1086 else
1087 strncpy(outbuf, str, outmax);
1088 }
1089
1090#else
1091
1092 if(err == SEC_E_OK)
1093 txt = "No error";
1094 else
1095 txt = "Error";
1096
1097 strncpy(outbuf, txt, outmax);
1098
1099#endif
1100
1101 outbuf[outmax] = '\0';
1102
1103 if(errno != old_errno)
1104 errno = old_errno;
1105
1106#ifdef PRESERVE_WINDOWS_ERROR_CODE
1107 if(old_win_err != GetLastError())
1108 SetLastError(old_win_err);
1109#endif
1110
1111 return outbuf;
1112}
1113#endif /* USE_WINDOWS_SSPI */
1114