1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 2004 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22
23 #include "curl_setup.h"
24
25 #ifdef HAVE_STRERROR_R
26 # if (!defined(HAVE_POSIX_STRERROR_R) && \
27 !defined(HAVE_GLIBC_STRERROR_R) && \
28 !defined(HAVE_VXWORKS_STRERROR_R)) || \
29 (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)) || \
30 (defined(HAVE_GLIBC_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)) || \
31 (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R))
32 # error "strerror_r MUST be either POSIX, glibc or vxworks-style"
33 # endif
34 #endif
35
36 #include <curl/curl.h>
37
38 #ifdef USE_LIBIDN2
39 #include <idn2.h>
40 #endif
41
42 #ifdef USE_WINDOWS_SSPI
43 #include "curl_sspi.h"
44 #endif
45
46 #include "strerror.h"
47 /* The last 3 #include files should be in this order */
48 #include "curl_printf.h"
49 #include "curl_memory.h"
50 #include "memdebug.h"
51
52 const char *
curl_easy_strerror(CURLcode error)53 curl_easy_strerror(CURLcode error)
54 {
55 #ifndef CURL_DISABLE_VERBOSE_STRINGS
56 switch (error) {
57 case CURLE_OK:
58 return "No error";
59
60 case CURLE_UNSUPPORTED_PROTOCOL:
61 return "Unsupported protocol";
62
63 case CURLE_FAILED_INIT:
64 return "Failed initialization";
65
66 case CURLE_URL_MALFORMAT:
67 return "URL using bad/illegal format or missing URL";
68
69 case CURLE_NOT_BUILT_IN:
70 return "A requested feature, protocol or option was not found built-in in"
71 " this libcurl due to a build-time decision.";
72
73 case CURLE_COULDNT_RESOLVE_PROXY:
74 return "Couldn't resolve proxy name";
75
76 case CURLE_COULDNT_RESOLVE_HOST:
77 return "Couldn't resolve host name";
78
79 case CURLE_COULDNT_CONNECT:
80 return "Couldn't connect to server";
81
82 case CURLE_WEIRD_SERVER_REPLY:
83 return "Weird server reply";
84
85 case CURLE_REMOTE_ACCESS_DENIED:
86 return "Access denied to remote resource";
87
88 case CURLE_FTP_ACCEPT_FAILED:
89 return "FTP: The server failed to connect to data port";
90
91 case CURLE_FTP_ACCEPT_TIMEOUT:
92 return "FTP: Accepting server connect has timed out";
93
94 case CURLE_FTP_PRET_FAILED:
95 return "FTP: The server did not accept the PRET command.";
96
97 case CURLE_FTP_WEIRD_PASS_REPLY:
98 return "FTP: unknown PASS reply";
99
100 case CURLE_FTP_WEIRD_PASV_REPLY:
101 return "FTP: unknown PASV reply";
102
103 case CURLE_FTP_WEIRD_227_FORMAT:
104 return "FTP: unknown 227 response format";
105
106 case CURLE_FTP_CANT_GET_HOST:
107 return "FTP: can't figure out the host in the PASV response";
108
109 case CURLE_HTTP2:
110 return "Error in the HTTP2 framing layer";
111
112 case CURLE_FTP_COULDNT_SET_TYPE:
113 return "FTP: couldn't set file type";
114
115 case CURLE_PARTIAL_FILE:
116 return "Transferred a partial file";
117
118 case CURLE_FTP_COULDNT_RETR_FILE:
119 return "FTP: couldn't retrieve (RETR failed) the specified file";
120
121 case CURLE_QUOTE_ERROR:
122 return "Quote command returned error";
123
124 case CURLE_HTTP_RETURNED_ERROR:
125 return "HTTP response code said error";
126
127 case CURLE_WRITE_ERROR:
128 return "Failed writing received data to disk/application";
129
130 case CURLE_UPLOAD_FAILED:
131 return "Upload failed (at start/before it took off)";
132
133 case CURLE_READ_ERROR:
134 return "Failed to open/read local data from file/application";
135
136 case CURLE_OUT_OF_MEMORY:
137 return "Out of memory";
138
139 case CURLE_OPERATION_TIMEDOUT:
140 return "Timeout was reached";
141
142 case CURLE_FTP_PORT_FAILED:
143 return "FTP: command PORT failed";
144
145 case CURLE_FTP_COULDNT_USE_REST:
146 return "FTP: command REST failed";
147
148 case CURLE_RANGE_ERROR:
149 return "Requested range was not delivered by the server";
150
151 case CURLE_HTTP_POST_ERROR:
152 return "Internal problem setting up the POST";
153
154 case CURLE_SSL_CONNECT_ERROR:
155 return "SSL connect error";
156
157 case CURLE_BAD_DOWNLOAD_RESUME:
158 return "Couldn't resume download";
159
160 case CURLE_FILE_COULDNT_READ_FILE:
161 return "Couldn't read a file:// file";
162
163 case CURLE_LDAP_CANNOT_BIND:
164 return "LDAP: cannot bind";
165
166 case CURLE_LDAP_SEARCH_FAILED:
167 return "LDAP: search failed";
168
169 case CURLE_FUNCTION_NOT_FOUND:
170 return "A required function in the library was not found";
171
172 case CURLE_ABORTED_BY_CALLBACK:
173 return "Operation was aborted by an application callback";
174
175 case CURLE_BAD_FUNCTION_ARGUMENT:
176 return "A libcurl function was given a bad argument";
177
178 case CURLE_INTERFACE_FAILED:
179 return "Failed binding local connection end";
180
181 case CURLE_TOO_MANY_REDIRECTS :
182 return "Number of redirects hit maximum amount";
183
184 case CURLE_UNKNOWN_OPTION:
185 return "An unknown option was passed in to libcurl";
186
187 case CURLE_TELNET_OPTION_SYNTAX :
188 return "Malformed telnet option";
189
190 case CURLE_PEER_FAILED_VERIFICATION:
191 return "SSL peer certificate or SSH remote key was not OK";
192
193 case CURLE_GOT_NOTHING:
194 return "Server returned nothing (no headers, no data)";
195
196 case CURLE_SSL_ENGINE_NOTFOUND:
197 return "SSL crypto engine not found";
198
199 case CURLE_SSL_ENGINE_SETFAILED:
200 return "Can not set SSL crypto engine as default";
201
202 case CURLE_SSL_ENGINE_INITFAILED:
203 return "Failed to initialise SSL crypto engine";
204
205 case CURLE_SEND_ERROR:
206 return "Failed sending data to the peer";
207
208 case CURLE_RECV_ERROR:
209 return "Failure when receiving data from the peer";
210
211 case CURLE_SSL_CERTPROBLEM:
212 return "Problem with the local SSL certificate";
213
214 case CURLE_SSL_CIPHER:
215 return "Couldn't use specified SSL cipher";
216
217 case CURLE_SSL_CACERT:
218 return "Peer certificate cannot be authenticated with given CA "
219 "certificates";
220
221 case CURLE_SSL_CACERT_BADFILE:
222 return "Problem with the SSL CA cert (path? access rights?)";
223
224 case CURLE_BAD_CONTENT_ENCODING:
225 return "Unrecognized or bad HTTP Content or Transfer-Encoding";
226
227 case CURLE_LDAP_INVALID_URL:
228 return "Invalid LDAP URL";
229
230 case CURLE_FILESIZE_EXCEEDED:
231 return "Maximum file size exceeded";
232
233 case CURLE_USE_SSL_FAILED:
234 return "Requested SSL level failed";
235
236 case CURLE_SSL_SHUTDOWN_FAILED:
237 return "Failed to shut down the SSL connection";
238
239 case CURLE_SSL_CRL_BADFILE:
240 return "Failed to load CRL file (path? access rights?, format?)";
241
242 case CURLE_SSL_ISSUER_ERROR:
243 return "Issuer check against peer certificate failed";
244
245 case CURLE_SEND_FAIL_REWIND:
246 return "Send failed since rewinding of the data stream failed";
247
248 case CURLE_LOGIN_DENIED:
249 return "Login denied";
250
251 case CURLE_TFTP_NOTFOUND:
252 return "TFTP: File Not Found";
253
254 case CURLE_TFTP_PERM:
255 return "TFTP: Access Violation";
256
257 case CURLE_REMOTE_DISK_FULL:
258 return "Disk full or allocation exceeded";
259
260 case CURLE_TFTP_ILLEGAL:
261 return "TFTP: Illegal operation";
262
263 case CURLE_TFTP_UNKNOWNID:
264 return "TFTP: Unknown transfer ID";
265
266 case CURLE_REMOTE_FILE_EXISTS:
267 return "Remote file already exists";
268
269 case CURLE_TFTP_NOSUCHUSER:
270 return "TFTP: No such user";
271
272 case CURLE_CONV_FAILED:
273 return "Conversion failed";
274
275 case CURLE_CONV_REQD:
276 return "Caller must register CURLOPT_CONV_ callback options";
277
278 case CURLE_REMOTE_FILE_NOT_FOUND:
279 return "Remote file not found";
280
281 case CURLE_SSH:
282 return "Error in the SSH layer";
283
284 case CURLE_AGAIN:
285 return "Socket not ready for send/recv";
286
287 case CURLE_RTSP_CSEQ_ERROR:
288 return "RTSP CSeq mismatch or invalid CSeq";
289
290 case CURLE_RTSP_SESSION_ERROR:
291 return "RTSP session error";
292
293 case CURLE_FTP_BAD_FILE_LIST:
294 return "Unable to parse FTP file list";
295
296 case CURLE_CHUNK_FAILED:
297 return "Chunk callback failed";
298
299 case CURLE_NO_CONNECTION_AVAILABLE:
300 return "The max connection limit is reached";
301
302 case CURLE_SSL_PINNEDPUBKEYNOTMATCH:
303 return "SSL public key does not match pinned public key";
304
305 case CURLE_SSL_INVALIDCERTSTATUS:
306 return "SSL server certificate status verification FAILED";
307
308 case CURLE_HTTP2_STREAM:
309 return "Stream error in the HTTP/2 framing layer";
310
311 /* error codes not used by current libcurl */
312 case CURLE_OBSOLETE20:
313 case CURLE_OBSOLETE24:
314 case CURLE_OBSOLETE29:
315 case CURLE_OBSOLETE32:
316 case CURLE_OBSOLETE40:
317 case CURLE_OBSOLETE44:
318 case CURLE_OBSOLETE46:
319 case CURLE_OBSOLETE50:
320 case CURLE_OBSOLETE57:
321 case CURL_LAST:
322 break;
323 }
324 /*
325 * By using a switch, gcc -Wall will complain about enum values
326 * which do not appear, helping keep this function up-to-date.
327 * By using gcc -Wall -Werror, you can't forget.
328 *
329 * A table would not have the same benefit. Most compilers will
330 * generate code very similar to a table in any case, so there
331 * is little performance gain from a table. And something is broken
332 * for the user's application, anyways, so does it matter how fast
333 * it _doesn't_ work?
334 *
335 * The line number for the error will be near this comment, which
336 * is why it is here, and not at the start of the switch.
337 */
338 return "Unknown error";
339 #else
340 if(!error)
341 return "No error";
342 else
343 return "Error";
344 #endif
345 }
346
347 const char *
curl_multi_strerror(CURLMcode error)348 curl_multi_strerror(CURLMcode error)
349 {
350 #ifndef CURL_DISABLE_VERBOSE_STRINGS
351 switch (error) {
352 case CURLM_CALL_MULTI_PERFORM:
353 return "Please call curl_multi_perform() soon";
354
355 case CURLM_OK:
356 return "No error";
357
358 case CURLM_BAD_HANDLE:
359 return "Invalid multi handle";
360
361 case CURLM_BAD_EASY_HANDLE:
362 return "Invalid easy handle";
363
364 case CURLM_OUT_OF_MEMORY:
365 return "Out of memory";
366
367 case CURLM_INTERNAL_ERROR:
368 return "Internal error";
369
370 case CURLM_BAD_SOCKET:
371 return "Invalid socket argument";
372
373 case CURLM_UNKNOWN_OPTION:
374 return "Unknown option";
375
376 case CURLM_ADDED_ALREADY:
377 return "The easy handle is already added to a multi handle";
378
379 case CURLM_LAST:
380 break;
381 }
382
383 return "Unknown error";
384 #else
385 if(error == CURLM_OK)
386 return "No error";
387 else
388 return "Error";
389 #endif
390 }
391
392 const char *
curl_share_strerror(CURLSHcode error)393 curl_share_strerror(CURLSHcode error)
394 {
395 #ifndef CURL_DISABLE_VERBOSE_STRINGS
396 switch (error) {
397 case CURLSHE_OK:
398 return "No error";
399
400 case CURLSHE_BAD_OPTION:
401 return "Unknown share option";
402
403 case CURLSHE_IN_USE:
404 return "Share currently in use";
405
406 case CURLSHE_INVALID:
407 return "Invalid share handle";
408
409 case CURLSHE_NOMEM:
410 return "Out of memory";
411
412 case CURLSHE_NOT_BUILT_IN:
413 return "Feature not enabled in this library";
414
415 case CURLSHE_LAST:
416 break;
417 }
418
419 return "CURLSHcode unknown";
420 #else
421 if(error == CURLSHE_OK)
422 return "No error";
423 else
424 return "Error";
425 #endif
426 }
427
428 #ifdef USE_WINSOCK
429
430 /* This function handles most / all (?) Winsock errors curl is able to produce.
431 */
432 static const char *
get_winsock_error(int err,char * buf,size_t len)433 get_winsock_error (int err, char *buf, size_t len)
434 {
435 const char *p;
436
437 #ifndef CURL_DISABLE_VERBOSE_STRINGS
438 switch (err) {
439 case WSAEINTR:
440 p = "Call interrupted";
441 break;
442 case WSAEBADF:
443 p = "Bad file";
444 break;
445 case WSAEACCES:
446 p = "Bad access";
447 break;
448 case WSAEFAULT:
449 p = "Bad argument";
450 break;
451 case WSAEINVAL:
452 p = "Invalid arguments";
453 break;
454 case WSAEMFILE:
455 p = "Out of file descriptors";
456 break;
457 case WSAEWOULDBLOCK:
458 p = "Call would block";
459 break;
460 case WSAEINPROGRESS:
461 case WSAEALREADY:
462 p = "Blocking call in progress";
463 break;
464 case WSAENOTSOCK:
465 p = "Descriptor is not a socket";
466 break;
467 case WSAEDESTADDRREQ:
468 p = "Need destination address";
469 break;
470 case WSAEMSGSIZE:
471 p = "Bad message size";
472 break;
473 case WSAEPROTOTYPE:
474 p = "Bad protocol";
475 break;
476 case WSAENOPROTOOPT:
477 p = "Protocol option is unsupported";
478 break;
479 case WSAEPROTONOSUPPORT:
480 p = "Protocol is unsupported";
481 break;
482 case WSAESOCKTNOSUPPORT:
483 p = "Socket is unsupported";
484 break;
485 case WSAEOPNOTSUPP:
486 p = "Operation not supported";
487 break;
488 case WSAEAFNOSUPPORT:
489 p = "Address family not supported";
490 break;
491 case WSAEPFNOSUPPORT:
492 p = "Protocol family not supported";
493 break;
494 case WSAEADDRINUSE:
495 p = "Address already in use";
496 break;
497 case WSAEADDRNOTAVAIL:
498 p = "Address not available";
499 break;
500 case WSAENETDOWN:
501 p = "Network down";
502 break;
503 case WSAENETUNREACH:
504 p = "Network unreachable";
505 break;
506 case WSAENETRESET:
507 p = "Network has been reset";
508 break;
509 case WSAECONNABORTED:
510 p = "Connection was aborted";
511 break;
512 case WSAECONNRESET:
513 p = "Connection was reset";
514 break;
515 case WSAENOBUFS:
516 p = "No buffer space";
517 break;
518 case WSAEISCONN:
519 p = "Socket is already connected";
520 break;
521 case WSAENOTCONN:
522 p = "Socket is not connected";
523 break;
524 case WSAESHUTDOWN:
525 p = "Socket has been shut down";
526 break;
527 case WSAETOOMANYREFS:
528 p = "Too many references";
529 break;
530 case WSAETIMEDOUT:
531 p = "Timed out";
532 break;
533 case WSAECONNREFUSED:
534 p = "Connection refused";
535 break;
536 case WSAELOOP:
537 p = "Loop??";
538 break;
539 case WSAENAMETOOLONG:
540 p = "Name too long";
541 break;
542 case WSAEHOSTDOWN:
543 p = "Host down";
544 break;
545 case WSAEHOSTUNREACH:
546 p = "Host unreachable";
547 break;
548 case WSAENOTEMPTY:
549 p = "Not empty";
550 break;
551 case WSAEPROCLIM:
552 p = "Process limit reached";
553 break;
554 case WSAEUSERS:
555 p = "Too many users";
556 break;
557 case WSAEDQUOT:
558 p = "Bad quota";
559 break;
560 case WSAESTALE:
561 p = "Something is stale";
562 break;
563 case WSAEREMOTE:
564 p = "Remote error";
565 break;
566 #ifdef WSAEDISCON /* missing in SalfordC! */
567 case WSAEDISCON:
568 p = "Disconnected";
569 break;
570 #endif
571 /* Extended Winsock errors */
572 case WSASYSNOTREADY:
573 p = "Winsock library is not ready";
574 break;
575 case WSANOTINITIALISED:
576 p = "Winsock library not initialised";
577 break;
578 case WSAVERNOTSUPPORTED:
579 p = "Winsock version not supported";
580 break;
581
582 /* getXbyY() errors (already handled in herrmsg):
583 * Authoritative Answer: Host not found */
584 case WSAHOST_NOT_FOUND:
585 p = "Host not found";
586 break;
587
588 /* Non-Authoritative: Host not found, or SERVERFAIL */
589 case WSATRY_AGAIN:
590 p = "Host not found, try again";
591 break;
592
593 /* Non recoverable errors, FORMERR, REFUSED, NOTIMP */
594 case WSANO_RECOVERY:
595 p = "Unrecoverable error in call to nameserver";
596 break;
597
598 /* Valid name, no data record of requested type */
599 case WSANO_DATA:
600 p = "No data record of requested type";
601 break;
602
603 default:
604 return NULL;
605 }
606 #else
607 if(!err)
608 return NULL;
609 else
610 p = "error";
611 #endif
612 strncpy (buf, p, len);
613 buf [len-1] = '\0';
614 return buf;
615 }
616 #endif /* USE_WINSOCK */
617
618 /*
619 * Our thread-safe and smart strerror() replacement.
620 *
621 * The 'err' argument passed in to this function MUST be a true errno number
622 * as reported on this system. We do no range checking on the number before
623 * we pass it to the "number-to-message" conversion function and there might
624 * be systems that don't do proper range checking in there themselves.
625 *
626 * We don't do range checking (on systems other than Windows) since there is
627 * no good reliable and portable way to do it.
628 */
Curl_strerror(struct connectdata * conn,int err)629 const char *Curl_strerror(struct connectdata *conn, int err)
630 {
631 char *buf, *p;
632 size_t max;
633 int old_errno = ERRNO;
634
635 DEBUGASSERT(conn);
636 DEBUGASSERT(err >= 0);
637
638 buf = conn->syserr_buf;
639 max = sizeof(conn->syserr_buf)-1;
640 *buf = '\0';
641
642 #ifdef USE_WINSOCK
643
644 #ifdef _WIN32_WCE
645 {
646 wchar_t wbuf[256];
647 wbuf[0] = L'\0';
648
649 FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, err,
650 LANG_NEUTRAL, wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL);
651 wcstombs(buf, wbuf, max);
652 }
653 #else
654 /* 'sys_nerr' is the maximum errno number, it is not widely portable */
655 if(err >= 0 && err < sys_nerr)
656 strncpy(buf, strerror(err), max);
657 else {
658 if(!get_winsock_error(err, buf, max) &&
659 !FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM, NULL, err,
660 LANG_NEUTRAL, buf, (DWORD)max, NULL))
661 snprintf(buf, max, "Unknown error %d (%#x)", err, err);
662 }
663 #endif
664
665 #else /* not USE_WINSOCK coming up */
666
667 #if defined(HAVE_STRERROR_R) && defined(HAVE_POSIX_STRERROR_R)
668 /*
669 * The POSIX-style strerror_r() may set errno to ERANGE if insufficient
670 * storage is supplied via 'strerrbuf' and 'buflen' to hold the generated
671 * message string, or EINVAL if 'errnum' is not a valid error number.
672 */
673 if(0 != strerror_r(err, buf, max)) {
674 if('\0' == buf[0])
675 snprintf(buf, max, "Unknown error %d", err);
676 }
677 #elif defined(HAVE_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R)
678 /*
679 * The glibc-style strerror_r() only *might* use the buffer we pass to
680 * the function, but it always returns the error message as a pointer,
681 * so we must copy that string unconditionally (if non-NULL).
682 */
683 {
684 char buffer[256];
685 char *msg = strerror_r(err, buffer, sizeof(buffer));
686 if(msg)
687 strncpy(buf, msg, max);
688 else
689 snprintf(buf, max, "Unknown error %d", err);
690 }
691 #elif defined(HAVE_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)
692 /*
693 * The vxworks-style strerror_r() does use the buffer we pass to the function.
694 * The buffer size should be at least NAME_MAX (256)
695 */
696 {
697 char buffer[256];
698 if(OK == strerror_r(err, buffer))
699 strncpy(buf, buffer, max);
700 else
701 snprintf(buf, max, "Unknown error %d", err);
702 }
703 #else
704 {
705 char *msg = strerror(err);
706 if(msg)
707 strncpy(buf, msg, max);
708 else
709 snprintf(buf, max, "Unknown error %d", err);
710 }
711 #endif
712
713 #endif /* end of ! USE_WINSOCK */
714
715 buf[max] = '\0'; /* make sure the string is zero terminated */
716
717 /* strip trailing '\r\n' or '\n'. */
718 if((p = strrchr(buf, '\n')) != NULL && (p - buf) >= 2)
719 *p = '\0';
720 if((p = strrchr(buf, '\r')) != NULL && (p - buf) >= 1)
721 *p = '\0';
722
723 if(old_errno != ERRNO)
724 SET_ERRNO(old_errno);
725
726 return buf;
727 }
728
729 #ifdef USE_WINDOWS_SSPI
Curl_sspi_strerror(struct connectdata * conn,int err)730 const char *Curl_sspi_strerror (struct connectdata *conn, int err)
731 {
732 #ifndef CURL_DISABLE_VERBOSE_STRINGS
733 char txtbuf[80];
734 char msgbuf[sizeof(conn->syserr_buf)];
735 char *p, *str, *msg = NULL;
736 bool msg_formatted = FALSE;
737 int old_errno;
738 #endif
739 const char *txt;
740 char *outbuf;
741 size_t outmax;
742
743 DEBUGASSERT(conn);
744
745 outbuf = conn->syserr_buf;
746 outmax = sizeof(conn->syserr_buf)-1;
747 *outbuf = '\0';
748
749 #ifndef CURL_DISABLE_VERBOSE_STRINGS
750
751 old_errno = ERRNO;
752
753 switch (err) {
754 case SEC_E_OK:
755 txt = "No error";
756 break;
757 case CRYPT_E_REVOKED:
758 txt = "CRYPT_E_REVOKED";
759 break;
760 case SEC_E_ALGORITHM_MISMATCH:
761 txt = "SEC_E_ALGORITHM_MISMATCH";
762 break;
763 case SEC_E_BAD_BINDINGS:
764 txt = "SEC_E_BAD_BINDINGS";
765 break;
766 case SEC_E_BAD_PKGID:
767 txt = "SEC_E_BAD_PKGID";
768 break;
769 case SEC_E_BUFFER_TOO_SMALL:
770 txt = "SEC_E_BUFFER_TOO_SMALL";
771 break;
772 case SEC_E_CANNOT_INSTALL:
773 txt = "SEC_E_CANNOT_INSTALL";
774 break;
775 case SEC_E_CANNOT_PACK:
776 txt = "SEC_E_CANNOT_PACK";
777 break;
778 case SEC_E_CERT_EXPIRED:
779 txt = "SEC_E_CERT_EXPIRED";
780 break;
781 case SEC_E_CERT_UNKNOWN:
782 txt = "SEC_E_CERT_UNKNOWN";
783 break;
784 case SEC_E_CERT_WRONG_USAGE:
785 txt = "SEC_E_CERT_WRONG_USAGE";
786 break;
787 case SEC_E_CONTEXT_EXPIRED:
788 txt = "SEC_E_CONTEXT_EXPIRED";
789 break;
790 case SEC_E_CROSSREALM_DELEGATION_FAILURE:
791 txt = "SEC_E_CROSSREALM_DELEGATION_FAILURE";
792 break;
793 case SEC_E_CRYPTO_SYSTEM_INVALID:
794 txt = "SEC_E_CRYPTO_SYSTEM_INVALID";
795 break;
796 case SEC_E_DECRYPT_FAILURE:
797 txt = "SEC_E_DECRYPT_FAILURE";
798 break;
799 case SEC_E_DELEGATION_POLICY:
800 txt = "SEC_E_DELEGATION_POLICY";
801 break;
802 case SEC_E_DELEGATION_REQUIRED:
803 txt = "SEC_E_DELEGATION_REQUIRED";
804 break;
805 case SEC_E_DOWNGRADE_DETECTED:
806 txt = "SEC_E_DOWNGRADE_DETECTED";
807 break;
808 case SEC_E_ENCRYPT_FAILURE:
809 txt = "SEC_E_ENCRYPT_FAILURE";
810 break;
811 case SEC_E_ILLEGAL_MESSAGE:
812 txt = "SEC_E_ILLEGAL_MESSAGE";
813 break;
814 case SEC_E_INCOMPLETE_CREDENTIALS:
815 txt = "SEC_E_INCOMPLETE_CREDENTIALS";
816 break;
817 case SEC_E_INCOMPLETE_MESSAGE:
818 txt = "SEC_E_INCOMPLETE_MESSAGE";
819 break;
820 case SEC_E_INSUFFICIENT_MEMORY:
821 txt = "SEC_E_INSUFFICIENT_MEMORY";
822 break;
823 case SEC_E_INTERNAL_ERROR:
824 txt = "SEC_E_INTERNAL_ERROR";
825 break;
826 case SEC_E_INVALID_HANDLE:
827 txt = "SEC_E_INVALID_HANDLE";
828 break;
829 case SEC_E_INVALID_PARAMETER:
830 txt = "SEC_E_INVALID_PARAMETER";
831 break;
832 case SEC_E_INVALID_TOKEN:
833 txt = "SEC_E_INVALID_TOKEN";
834 break;
835 case SEC_E_ISSUING_CA_UNTRUSTED:
836 txt = "SEC_E_ISSUING_CA_UNTRUSTED";
837 break;
838 case SEC_E_ISSUING_CA_UNTRUSTED_KDC:
839 txt = "SEC_E_ISSUING_CA_UNTRUSTED_KDC";
840 break;
841 case SEC_E_KDC_CERT_EXPIRED:
842 txt = "SEC_E_KDC_CERT_EXPIRED";
843 break;
844 case SEC_E_KDC_CERT_REVOKED:
845 txt = "SEC_E_KDC_CERT_REVOKED";
846 break;
847 case SEC_E_KDC_INVALID_REQUEST:
848 txt = "SEC_E_KDC_INVALID_REQUEST";
849 break;
850 case SEC_E_KDC_UNABLE_TO_REFER:
851 txt = "SEC_E_KDC_UNABLE_TO_REFER";
852 break;
853 case SEC_E_KDC_UNKNOWN_ETYPE:
854 txt = "SEC_E_KDC_UNKNOWN_ETYPE";
855 break;
856 case SEC_E_LOGON_DENIED:
857 txt = "SEC_E_LOGON_DENIED";
858 break;
859 case SEC_E_MAX_REFERRALS_EXCEEDED:
860 txt = "SEC_E_MAX_REFERRALS_EXCEEDED";
861 break;
862 case SEC_E_MESSAGE_ALTERED:
863 txt = "SEC_E_MESSAGE_ALTERED";
864 break;
865 case SEC_E_MULTIPLE_ACCOUNTS:
866 txt = "SEC_E_MULTIPLE_ACCOUNTS";
867 break;
868 case SEC_E_MUST_BE_KDC:
869 txt = "SEC_E_MUST_BE_KDC";
870 break;
871 case SEC_E_NOT_OWNER:
872 txt = "SEC_E_NOT_OWNER";
873 break;
874 case SEC_E_NO_AUTHENTICATING_AUTHORITY:
875 txt = "SEC_E_NO_AUTHENTICATING_AUTHORITY";
876 break;
877 case SEC_E_NO_CREDENTIALS:
878 txt = "SEC_E_NO_CREDENTIALS";
879 break;
880 case SEC_E_NO_IMPERSONATION:
881 txt = "SEC_E_NO_IMPERSONATION";
882 break;
883 case SEC_E_NO_IP_ADDRESSES:
884 txt = "SEC_E_NO_IP_ADDRESSES";
885 break;
886 case SEC_E_NO_KERB_KEY:
887 txt = "SEC_E_NO_KERB_KEY";
888 break;
889 case SEC_E_NO_PA_DATA:
890 txt = "SEC_E_NO_PA_DATA";
891 break;
892 case SEC_E_NO_S4U_PROT_SUPPORT:
893 txt = "SEC_E_NO_S4U_PROT_SUPPORT";
894 break;
895 case SEC_E_NO_TGT_REPLY:
896 txt = "SEC_E_NO_TGT_REPLY";
897 break;
898 case SEC_E_OUT_OF_SEQUENCE:
899 txt = "SEC_E_OUT_OF_SEQUENCE";
900 break;
901 case SEC_E_PKINIT_CLIENT_FAILURE:
902 txt = "SEC_E_PKINIT_CLIENT_FAILURE";
903 break;
904 case SEC_E_PKINIT_NAME_MISMATCH:
905 txt = "SEC_E_PKINIT_NAME_MISMATCH";
906 break;
907 case SEC_E_POLICY_NLTM_ONLY:
908 txt = "SEC_E_POLICY_NLTM_ONLY";
909 break;
910 case SEC_E_QOP_NOT_SUPPORTED:
911 txt = "SEC_E_QOP_NOT_SUPPORTED";
912 break;
913 case SEC_E_REVOCATION_OFFLINE_C:
914 txt = "SEC_E_REVOCATION_OFFLINE_C";
915 break;
916 case SEC_E_REVOCATION_OFFLINE_KDC:
917 txt = "SEC_E_REVOCATION_OFFLINE_KDC";
918 break;
919 case SEC_E_SECPKG_NOT_FOUND:
920 txt = "SEC_E_SECPKG_NOT_FOUND";
921 break;
922 case SEC_E_SECURITY_QOS_FAILED:
923 txt = "SEC_E_SECURITY_QOS_FAILED";
924 break;
925 case SEC_E_SHUTDOWN_IN_PROGRESS:
926 txt = "SEC_E_SHUTDOWN_IN_PROGRESS";
927 break;
928 case SEC_E_SMARTCARD_CERT_EXPIRED:
929 txt = "SEC_E_SMARTCARD_CERT_EXPIRED";
930 break;
931 case SEC_E_SMARTCARD_CERT_REVOKED:
932 txt = "SEC_E_SMARTCARD_CERT_REVOKED";
933 break;
934 case SEC_E_SMARTCARD_LOGON_REQUIRED:
935 txt = "SEC_E_SMARTCARD_LOGON_REQUIRED";
936 break;
937 case SEC_E_STRONG_CRYPTO_NOT_SUPPORTED:
938 txt = "SEC_E_STRONG_CRYPTO_NOT_SUPPORTED";
939 break;
940 case SEC_E_TARGET_UNKNOWN:
941 txt = "SEC_E_TARGET_UNKNOWN";
942 break;
943 case SEC_E_TIME_SKEW:
944 txt = "SEC_E_TIME_SKEW";
945 break;
946 case SEC_E_TOO_MANY_PRINCIPALS:
947 txt = "SEC_E_TOO_MANY_PRINCIPALS";
948 break;
949 case SEC_E_UNFINISHED_CONTEXT_DELETED:
950 txt = "SEC_E_UNFINISHED_CONTEXT_DELETED";
951 break;
952 case SEC_E_UNKNOWN_CREDENTIALS:
953 txt = "SEC_E_UNKNOWN_CREDENTIALS";
954 break;
955 case SEC_E_UNSUPPORTED_FUNCTION:
956 txt = "SEC_E_UNSUPPORTED_FUNCTION";
957 break;
958 case SEC_E_UNSUPPORTED_PREAUTH:
959 txt = "SEC_E_UNSUPPORTED_PREAUTH";
960 break;
961 case SEC_E_UNTRUSTED_ROOT:
962 txt = "SEC_E_UNTRUSTED_ROOT";
963 break;
964 case SEC_E_WRONG_CREDENTIAL_HANDLE:
965 txt = "SEC_E_WRONG_CREDENTIAL_HANDLE";
966 break;
967 case SEC_E_WRONG_PRINCIPAL:
968 txt = "SEC_E_WRONG_PRINCIPAL";
969 break;
970 case SEC_I_COMPLETE_AND_CONTINUE:
971 txt = "SEC_I_COMPLETE_AND_CONTINUE";
972 break;
973 case SEC_I_COMPLETE_NEEDED:
974 txt = "SEC_I_COMPLETE_NEEDED";
975 break;
976 case SEC_I_CONTEXT_EXPIRED:
977 txt = "SEC_I_CONTEXT_EXPIRED";
978 break;
979 case SEC_I_CONTINUE_NEEDED:
980 txt = "SEC_I_CONTINUE_NEEDED";
981 break;
982 case SEC_I_INCOMPLETE_CREDENTIALS:
983 txt = "SEC_I_INCOMPLETE_CREDENTIALS";
984 break;
985 case SEC_I_LOCAL_LOGON:
986 txt = "SEC_I_LOCAL_LOGON";
987 break;
988 case SEC_I_NO_LSA_CONTEXT:
989 txt = "SEC_I_NO_LSA_CONTEXT";
990 break;
991 case SEC_I_RENEGOTIATE:
992 txt = "SEC_I_RENEGOTIATE";
993 break;
994 case SEC_I_SIGNATURE_NEEDED:
995 txt = "SEC_I_SIGNATURE_NEEDED";
996 break;
997 default:
998 txt = "Unknown error";
999 }
1000
1001 if(err == SEC_E_OK)
1002 strncpy(outbuf, txt, outmax);
1003 else if(err == SEC_E_ILLEGAL_MESSAGE)
1004 snprintf(outbuf, outmax,
1005 "SEC_E_ILLEGAL_MESSAGE (0x%08X) - This error usually occurs "
1006 "when a fatal SSL/TLS alert is received (e.g. handshake failed). "
1007 "More detail may be available in the Windows System event log.",
1008 err);
1009 else {
1010 str = txtbuf;
1011 snprintf(txtbuf, sizeof(txtbuf), "%s (0x%08X)", txt, err);
1012 txtbuf[sizeof(txtbuf)-1] = '\0';
1013
1014 #ifdef _WIN32_WCE
1015 {
1016 wchar_t wbuf[256];
1017 wbuf[0] = L'\0';
1018
1019 if(FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM |
1020 FORMAT_MESSAGE_IGNORE_INSERTS,
1021 NULL, err, LANG_NEUTRAL,
1022 wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL)) {
1023 wcstombs(msgbuf, wbuf, sizeof(msgbuf)-1);
1024 msg_formatted = TRUE;
1025 }
1026 }
1027 #else
1028 if(FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM |
1029 FORMAT_MESSAGE_IGNORE_INSERTS,
1030 NULL, err, LANG_NEUTRAL,
1031 msgbuf, sizeof(msgbuf)-1, NULL)) {
1032 msg_formatted = TRUE;
1033 }
1034 #endif
1035 if(msg_formatted) {
1036 msgbuf[sizeof(msgbuf)-1] = '\0';
1037 /* strip trailing '\r\n' or '\n' */
1038 if((p = strrchr(msgbuf, '\n')) != NULL && (p - msgbuf) >= 2)
1039 *p = '\0';
1040 if((p = strrchr(msgbuf, '\r')) != NULL && (p - msgbuf) >= 1)
1041 *p = '\0';
1042 msg = msgbuf;
1043 }
1044 if(msg)
1045 snprintf(outbuf, outmax, "%s - %s", str, msg);
1046 else
1047 strncpy(outbuf, str, outmax);
1048 }
1049
1050 if(old_errno != ERRNO)
1051 SET_ERRNO(old_errno);
1052
1053 #else
1054
1055 if(err == SEC_E_OK)
1056 txt = "No error";
1057 else
1058 txt = "Error";
1059
1060 strncpy(outbuf, txt, outmax);
1061
1062 #endif
1063
1064 outbuf[outmax] = '\0';
1065
1066 return outbuf;
1067 }
1068 #endif /* USE_WINDOWS_SSPI */
1069