|
Packit |
549fdc |
/*
|
|
Packit |
549fdc |
* Copyright (C) 2000-2012 Free Software Foundation, Inc.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Author: Nikos Mavrogiannopoulos
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* This file is part of GnuTLS.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* The GnuTLS is free software; you can redistribute it and/or
|
|
Packit |
549fdc |
* modify it under the terms of the GNU Lesser General Public License
|
|
Packit |
549fdc |
* as published by the Free Software Foundation; either version 2.1 of
|
|
Packit |
549fdc |
* the License, or (at your option) any later version.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* This library is distributed in the hope that it will be useful, but
|
|
Packit |
549fdc |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
549fdc |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
549fdc |
* Lesser General Public License for more details.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit |
549fdc |
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
*/
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#include "gnutls_int.h"
|
|
Packit |
549fdc |
#include "errors.h"
|
|
Packit |
549fdc |
#include <libtasn1.h>
|
|
Packit |
549fdc |
#ifdef STDC_HEADERS
|
|
Packit |
549fdc |
#include <stdarg.h>
|
|
Packit |
549fdc |
#endif
|
|
Packit |
549fdc |
#include "vasprintf.h"
|
|
Packit |
549fdc |
#include "str.h"
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#define ERROR_ENTRY(desc, name) \
|
|
Packit |
549fdc |
{ desc, #name, name}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
struct gnutls_error_entry {
|
|
Packit |
549fdc |
const char *desc;
|
|
Packit |
549fdc |
const char *_name;
|
|
Packit |
549fdc |
int number;
|
|
Packit |
549fdc |
};
|
|
Packit |
549fdc |
typedef struct gnutls_error_entry gnutls_error_entry;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
static const gnutls_error_entry error_entries[] = {
|
|
Packit |
549fdc |
/* "Short Description", Error code define, critical (0,1) -- 1 in most cases */
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Could not negotiate a supported cipher suite."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_CIPHER_SUITE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("No or insufficient priorities were set."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_PRIORITIES_WERE_SET),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The cipher type is unsupported."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_CIPHER_TYPE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The certificate and the given key do not match."),
|
|
Packit |
549fdc |
GNUTLS_E_CERTIFICATE_KEY_MISMATCH),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("Could not negotiate a supported compression method."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("An unknown public key algorithm was encountered."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_PK_ALGORITHM),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("An algorithm that is not enabled was negotiated."),
|
|
Packit |
549fdc |
GNUTLS_E_UNWANTED_ALGORITHM),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("A packet with illegal or unsupported version was received."),
|
|
Packit |
549fdc |
GNUTLS_E_UNSUPPORTED_VERSION_PACKET),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("The Diffie-Hellman prime sent by the server is not acceptable (not long enough)."),
|
|
Packit |
549fdc |
GNUTLS_E_DH_PRIME_UNACCEPTABLE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("Error decoding the received TLS packet."),
|
|
Packit |
549fdc |
GNUTLS_E_UNEXPECTED_PACKET_LENGTH),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("A TLS record packet with invalid length was received."),
|
|
Packit |
549fdc |
GNUTLS_E_RECORD_OVERFLOW),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The TLS connection was non-properly terminated."),
|
|
Packit |
549fdc |
GNUTLS_E_PREMATURE_TERMINATION),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("The specified session has been invalidated for some reason."),
|
|
Packit |
549fdc |
GNUTLS_E_INVALID_SESSION),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("GnuTLS internal error."), GNUTLS_E_INTERNAL_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_(
|
|
Packit |
549fdc |
"A connection with inappropriate fallback was attempted."),
|
|
Packit |
549fdc |
GNUTLS_E_INAPPROPRIATE_FALLBACK),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("An illegal TLS extension was received."),
|
|
Packit |
549fdc |
GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("A TLS fatal alert has been received."),
|
|
Packit |
549fdc |
GNUTLS_E_FATAL_ALERT_RECEIVED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("An unexpected TLS packet was received."),
|
|
Packit |
549fdc |
GNUTLS_E_UNEXPECTED_PACKET),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Failed to import the key into store."),
|
|
Packit |
549fdc |
GNUTLS_E_KEY_IMPORT_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("An error was encountered at the TLS Finished packet calculation."),
|
|
Packit |
549fdc |
GNUTLS_E_ERROR_IN_FINISHED_PACKET),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("No certificate was found."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_CERTIFICATE_FOUND),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("The given DSA key is incompatible with the selected TLS protocol."),
|
|
Packit |
549fdc |
GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("There is already a crypto algorithm with lower priority."),
|
|
Packit |
549fdc |
GNUTLS_E_CRYPTO_ALREADY_REGISTERED),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("No temporary RSA parameters were found."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_TEMPORARY_RSA_PARAMS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("No temporary DH parameters were found."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_TEMPORARY_DH_PARAMS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("An unexpected TLS handshake packet was received."),
|
|
Packit |
549fdc |
GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The scanning of a large integer has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_MPI_SCAN_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Could not export a large integer."),
|
|
Packit |
549fdc |
GNUTLS_E_MPI_PRINT_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Decryption has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_DECRYPTION_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Encryption has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_ENCRYPTION_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Public key decryption has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_DECRYPTION_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Public key encryption has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_ENCRYPTION_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Public key signing has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_SIGN_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Public key signature verification has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_SIG_VERIFY_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("Decompression of the TLS record packet has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_DECOMPRESSION_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Compression of the TLS record packet has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_COMPRESSION_FAILED),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Internal error in memory allocation."),
|
|
Packit |
549fdc |
GNUTLS_E_MEMORY_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("An unimplemented or disabled feature has been requested."),
|
|
Packit |
549fdc |
GNUTLS_E_UNIMPLEMENTED_FEATURE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Insufficient credentials for that request."),
|
|
Packit |
549fdc |
GNUTLS_E_INSUFFICIENT_CREDENTIALS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in password file."), GNUTLS_E_SRP_PWD_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Wrong padding in PKCS1 packet."),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS1_WRONG_PAD),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The session or certificate has expired."),
|
|
Packit |
549fdc |
GNUTLS_E_EXPIRED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The certificate is not yet activated."),
|
|
Packit |
549fdc |
GNUTLS_E_NOT_YET_ACTIVATED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Hashing has failed."), GNUTLS_E_HASH_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Base64 decoding error."),
|
|
Packit |
549fdc |
GNUTLS_E_BASE64_DECODING_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Base64 unexpected header error."),
|
|
Packit |
549fdc |
GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Base64 encoding error."),
|
|
Packit |
549fdc |
GNUTLS_E_BASE64_ENCODING_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Parsing error in password file."),
|
|
Packit |
549fdc |
GNUTLS_E_SRP_PWD_PARSING_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The requested data were not available."),
|
|
Packit |
549fdc |
GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("There are no embedded data in the structure."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_EMBEDDED_DATA),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in the pull function."), GNUTLS_E_PULL_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in the push function."), GNUTLS_E_PUSH_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("The upper limit of record packet sequence numbers has been reached. Wow!"),
|
|
Packit |
549fdc |
GNUTLS_E_RECORD_LIMIT_REACHED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in the certificate."),
|
|
Packit |
549fdc |
GNUTLS_E_CERTIFICATE_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in the time fields of certificate."),
|
|
Packit |
549fdc |
GNUTLS_E_CERTIFICATE_TIME_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in the certificate verification."),
|
|
Packit |
549fdc |
GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in the private key verification; seed doesn't match."),
|
|
Packit |
549fdc |
GNUTLS_E_PRIVKEY_VERIFICATION_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Could not authenticate peer."),
|
|
Packit |
549fdc |
GNUTLS_E_AUTH_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("Unknown Subject Alternative name in X.509 certificate."),
|
|
Packit |
549fdc |
GNUTLS_E_X509_UNKNOWN_SAN),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("CIDR name constraint is malformed in size or structure."),
|
|
Packit |
549fdc |
GNUTLS_E_MALFORMED_CIDR),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("Unsupported critical extension in X.509 certificate."),
|
|
Packit |
549fdc |
GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Unsupported extension in X.509 certificate."),
|
|
Packit |
549fdc |
GNUTLS_E_X509_UNSUPPORTED_EXTENSION),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("Key usage violation in certificate has been detected."),
|
|
Packit |
549fdc |
GNUTLS_E_KEY_USAGE_VIOLATION),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Function was interrupted."), GNUTLS_E_INTERRUPTED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("TLS Application data were received, while expecting handshake data."),
|
|
Packit |
549fdc |
GNUTLS_E_GOT_APPLICATION_DATA),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in Database backend."), GNUTLS_E_DB_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The certificate type is not supported."),
|
|
Packit |
549fdc |
GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("The given memory buffer is too short to hold parameters."),
|
|
Packit |
549fdc |
GNUTLS_E_SHORT_MEMORY_BUFFER),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The request is invalid."),
|
|
Packit |
549fdc |
GNUTLS_E_INVALID_REQUEST),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The cookie was bad."), GNUTLS_E_BAD_COOKIE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("An illegal parameter has been received."),
|
|
Packit |
549fdc |
GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("An illegal parameter was found."),
|
|
Packit |
549fdc |
GNUTLS_E_ILLEGAL_PARAMETER),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error while reading file."), GNUTLS_E_FILE_ERROR),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Element was not found."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_ELEMENT_NOT_FOUND),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Identifier was not found"),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Error in DER parsing."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_DER_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Value was not found."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_VALUE_NOT_FOUND),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Generic parsing error."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_GENERIC_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Value is not valid."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_VALUE_NOT_VALID),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Error in TAG."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_TAG_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: error in implicit tag"),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_TAG_IMPLICIT),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Error in type 'ANY'."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_TYPE_ANY_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Syntax error."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_SYNTAX_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("ASN1 parser: Overflow in DER parsing."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_DER_OVERFLOW),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("Too many empty record packets have been received."),
|
|
Packit |
549fdc |
GNUTLS_E_TOO_MANY_EMPTY_PACKETS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Too many handshake packets have been received."),
|
|
Packit |
549fdc |
GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The crypto library version is too old."),
|
|
Packit |
549fdc |
GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The tasn1 library version is too old."),
|
|
Packit |
549fdc |
GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The OpenPGP User ID is revoked."),
|
|
Packit |
549fdc |
GNUTLS_E_OPENPGP_UID_REVOKED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The OpenPGP key has not a preferred key set."),
|
|
Packit |
549fdc |
GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error loading the keyring."),
|
|
Packit |
549fdc |
GNUTLS_E_OPENPGP_KEYRING_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The initialization of crypto backend has failed."),
|
|
Packit |
549fdc |
GNUTLS_E_CRYPTO_INIT_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("No supported compression algorithms have been found."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_COMPRESSION_ALGORITHMS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("No supported cipher suites have been found."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_CIPHER_SUITES),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Could not get OpenPGP key."),
|
|
Packit |
549fdc |
GNUTLS_E_OPENPGP_GETKEY_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Could not find OpenPGP subkey."),
|
|
Packit |
549fdc |
GNUTLS_E_OPENPGP_SUBKEY_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Safe renegotiation failed."),
|
|
Packit |
549fdc |
GNUTLS_E_SAFE_RENEGOTIATION_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Unsafe renegotiation denied."),
|
|
Packit |
549fdc |
GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The SRP username supplied is illegal."),
|
|
Packit |
549fdc |
GNUTLS_E_ILLEGAL_SRP_USERNAME),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The SRP username supplied is unknown."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_SRP_USERNAME),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The OpenPGP fingerprint is not supported."),
|
|
Packit |
549fdc |
GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The signature algorithm is not supported."),
|
|
Packit |
549fdc |
GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The certificate has unsupported attributes."),
|
|
Packit |
549fdc |
GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The OID is not supported."),
|
|
Packit |
549fdc |
GNUTLS_E_X509_UNSUPPORTED_OID),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The hash algorithm is unknown."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_HASH_ALGORITHM),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The PKCS structure's content type is unknown."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The PKCS structure's bag type is unknown."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The given password contains invalid characters."),
|
|
Packit |
549fdc |
GNUTLS_E_INVALID_PASSWORD),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The given string contains invalid UTF-8 characters."),
|
|
Packit |
549fdc |
GNUTLS_E_INVALID_UTF8_STRING),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The given email string contains non-ASCII characters before '@'."),
|
|
Packit |
549fdc |
GNUTLS_E_INVALID_UTF8_EMAIL),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The given password contains invalid characters."),
|
|
Packit |
549fdc |
GNUTLS_E_INVALID_PASSWORD_STRING),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("The Message Authentication Code verification failed."),
|
|
Packit |
549fdc |
GNUTLS_E_MAC_VERIFY_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Some constraint limits were reached."),
|
|
Packit |
549fdc |
GNUTLS_E_CONSTRAINT_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Failed to acquire random data."),
|
|
Packit |
549fdc |
GNUTLS_E_RANDOM_FAILED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Verifying TLS/IA phase checksum failed"),
|
|
Packit |
549fdc |
GNUTLS_E_IA_VERIFY_FAILED),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The specified algorithm or protocol is unknown."),
|
|
Packit |
549fdc |
GNUTLS_E_UNKNOWN_ALGORITHM),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The handshake data size is too large."),
|
|
Packit |
549fdc |
GNUTLS_E_HANDSHAKE_TOO_LARGE),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error opening /dev/crypto"),
|
|
Packit |
549fdc |
GNUTLS_E_CRYPTODEV_DEVICE_ERROR),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error interfacing with /dev/crypto"),
|
|
Packit |
549fdc |
GNUTLS_E_CRYPTODEV_IOCTL_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Peer has terminated the connection"),
|
|
Packit |
549fdc |
GNUTLS_E_SESSION_EOF),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Channel binding data not available"),
|
|
Packit |
549fdc |
GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE),
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("TPM error."),
|
|
Packit |
549fdc |
GNUTLS_E_TPM_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The TPM library (trousers) cannot be found."),
|
|
Packit |
549fdc |
GNUTLS_E_TPM_NO_LIB),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("TPM is not initialized."),
|
|
Packit |
549fdc |
GNUTLS_E_TPM_UNINITIALIZED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("TPM key was not found in persistent storage."),
|
|
Packit |
549fdc |
GNUTLS_E_TPM_KEY_NOT_FOUND),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Cannot initialize a session with the TPM."),
|
|
Packit |
549fdc |
GNUTLS_E_TPM_SESSION_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error."),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 initialization error."),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_LOAD_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in parsing."),
|
|
Packit |
549fdc |
GNUTLS_E_PARSING_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in provided PIN."),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_PIN_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in provided SRK password for TPM."),
|
|
Packit |
549fdc |
GNUTLS_E_TPM_SRK_PASSWORD_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("Error in provided password for key to be loaded in TPM."),
|
|
Packit |
549fdc |
GNUTLS_E_TPM_KEY_PASSWORD_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error in slot"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_SLOT_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Thread locking error"),
|
|
Packit |
549fdc |
GNUTLS_E_LOCKING_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error in attribute"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_ATTRIBUTE_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error in device"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_DEVICE_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error in data"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_DATA_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 unsupported feature"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error in key"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_KEY_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 PIN expired"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_PIN_EXPIRED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 PIN locked"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_PIN_LOCKED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error in session"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_SESSION_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error in signature"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_SIGNATURE_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 error in token"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_TOKEN_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("PKCS #11 user error"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_USER_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The operation timed out"),
|
|
Packit |
549fdc |
GNUTLS_E_TIMEDOUT),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The operation was cancelled due to user error"),
|
|
Packit |
549fdc |
GNUTLS_E_USER_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("No supported ECC curves were found"),
|
|
Packit |
549fdc |
GNUTLS_E_ECC_NO_SUPPORTED_CURVES),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The curve is unsupported"),
|
|
Packit |
549fdc |
GNUTLS_E_ECC_UNSUPPORTED_CURVE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The requested PKCS #11 object is not available"),
|
|
Packit |
549fdc |
GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("The provided X.509 certificate list is not sorted (in subject to issuer order)"),
|
|
Packit |
549fdc |
GNUTLS_E_CERTIFICATE_LIST_UNSORTED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The OCSP response is invalid"),
|
|
Packit |
549fdc |
GNUTLS_E_OCSP_RESPONSE_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("There is no certificate status (OCSP)."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_CERTIFICATE_STATUS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in the system's randomness device."),
|
|
Packit |
549fdc |
GNUTLS_E_RANDOM_DEVICE_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_
|
|
Packit |
549fdc |
("No common application protocol could be negotiated."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_APPLICATION_PROTOCOL),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error while performing self checks."),
|
|
Packit |
549fdc |
GNUTLS_E_SELF_TEST_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("There is no self test for this algorithm."),
|
|
Packit |
549fdc |
GNUTLS_E_NO_SELF_TEST),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("An error has been detected in the library and cannot continue operations."),
|
|
Packit |
549fdc |
GNUTLS_E_LIB_IN_ERROR_STATE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in sockets initialization."),
|
|
Packit |
549fdc |
GNUTLS_E_SOCKETS_INIT_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Error in public key generation."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_GENERATION_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Invalid TLS extensions length field."),
|
|
Packit |
549fdc |
GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Peer's certificate or username has changed during a rehandshake."),
|
|
Packit |
549fdc |
GNUTLS_E_SESSION_USER_ID_CHANGED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The provided string has an embedded null."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Attempted handshake during false start."),
|
|
Packit |
549fdc |
GNUTLS_E_HANDSHAKE_DURING_FALSE_START),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The SNI host name not recognised."),
|
|
Packit |
549fdc |
GNUTLS_E_UNRECOGNIZED_NAME),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("There was an issue converting to or from UTF8."),
|
|
Packit |
549fdc |
GNUTLS_E_IDNA_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Cannot perform this action while handshake is in progress."),
|
|
Packit |
549fdc |
GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The public key is invalid."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_INVALID_PUBKEY),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("There are no validation parameters present."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_NO_VALIDATION_PARAMS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The public key parameters are invalid."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_INVALID_PUBKEY_PARAMS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The private key is invalid."),
|
|
Packit |
549fdc |
GNUTLS_E_PK_INVALID_PRIVKEY),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The DER time encoding is invalid."),
|
|
Packit |
549fdc |
GNUTLS_E_ASN1_TIME_ERROR),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The signature is incompatible with the public key."),
|
|
Packit |
549fdc |
GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("One of the involved algorithms has insufficient security level."),
|
|
Packit |
549fdc |
GNUTLS_E_INSUFFICIENT_SECURITY),
|
|
Packit |
549fdc |
{NULL, NULL, 0}
|
|
Packit |
549fdc |
};
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
static const gnutls_error_entry non_fatal_error_entries[] = {
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Success."), GNUTLS_E_SUCCESS),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("A TLS warning alert has been received."),
|
|
Packit |
549fdc |
GNUTLS_E_WARNING_ALERT_RECEIVED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("A heartbeat pong message was received."),
|
|
Packit |
549fdc |
GNUTLS_E_HEARTBEAT_PONG_RECEIVED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("A heartbeat ping message was received."),
|
|
Packit |
549fdc |
GNUTLS_E_HEARTBEAT_PING_RECEIVED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Resource temporarily unavailable, try again."),
|
|
Packit |
549fdc |
GNUTLS_E_AGAIN),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("The transmitted packet is too large (EMSGSIZE)."),
|
|
Packit |
549fdc |
GNUTLS_E_LARGE_PACKET),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Function was interrupted."), GNUTLS_E_INTERRUPTED),
|
|
Packit |
549fdc |
ERROR_ENTRY(N_("Rehandshake was requested by the peer."),
|
|
Packit |
549fdc |
GNUTLS_E_REHANDSHAKE),
|
|
Packit |
549fdc |
/* Only non fatal (for handshake) errors here */
|
|
Packit |
549fdc |
{NULL, NULL, 0}
|
|
Packit |
549fdc |
};
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/**
|
|
Packit |
549fdc |
* gnutls_error_is_fatal:
|
|
Packit |
549fdc |
* @error: is a GnuTLS error code, a negative error code
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* If a GnuTLS function returns a negative error code you may feed that
|
|
Packit |
549fdc |
* value to this function to see if the error condition is fatal to
|
|
Packit |
549fdc |
* a TLS session (i.e., must be terminated).
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Note that you may also want to check the error code manually, since some
|
|
Packit |
549fdc |
* non-fatal errors to the protocol (such as a warning alert or
|
|
Packit |
549fdc |
* a rehandshake request) may be fatal for your program.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* This function is only useful if you are dealing with errors from
|
|
Packit |
549fdc |
* functions that relate to a TLS session (e.g., record layer or handshake
|
|
Packit |
549fdc |
* layer handling functions).
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Returns: Non-zero value on fatal errors or zero on non-fatal.
|
|
Packit |
549fdc |
**/
|
|
Packit |
549fdc |
int gnutls_error_is_fatal(int error)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
int ret = 1;
|
|
Packit |
549fdc |
const gnutls_error_entry *p;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* Input sanitzation. Positive values are not errors at all, and
|
|
Packit |
549fdc |
definitely not fatal. */
|
|
Packit |
549fdc |
if (error > 0)
|
|
Packit |
549fdc |
return 0;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
for (p = non_fatal_error_entries; p->desc != NULL; p++) {
|
|
Packit |
549fdc |
if (p->number == error) {
|
|
Packit |
549fdc |
ret = 0;
|
|
Packit |
549fdc |
break;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
return ret;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/**
|
|
Packit |
549fdc |
* gnutls_perror:
|
|
Packit |
549fdc |
* @error: is a GnuTLS error code, a negative error code
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* This function is like perror(). The only difference is that it
|
|
Packit |
549fdc |
* accepts an error number returned by a gnutls function.
|
|
Packit |
549fdc |
**/
|
|
Packit |
549fdc |
void gnutls_perror(int error)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
fprintf(stderr, "GnuTLS error: %s\n", gnutls_strerror(error));
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/**
|
|
Packit |
549fdc |
* gnutls_strerror:
|
|
Packit |
549fdc |
* @error: is a GnuTLS error code, a negative error code
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* This function is similar to strerror. The difference is that it
|
|
Packit |
549fdc |
* accepts an error number returned by a gnutls function; In case of
|
|
Packit |
549fdc |
* an unknown error a descriptive string is sent instead of %NULL.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Error codes are always a negative error code.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Returns: A string explaining the GnuTLS error message.
|
|
Packit |
549fdc |
**/
|
|
Packit |
549fdc |
const char *gnutls_strerror(int error)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
const char *ret = NULL;
|
|
Packit |
549fdc |
const gnutls_error_entry *p;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
for (p = error_entries; p->desc != NULL; p++) {
|
|
Packit |
549fdc |
if (p->number == error) {
|
|
Packit |
549fdc |
ret = p->desc;
|
|
Packit |
549fdc |
break;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (ret == NULL) {
|
|
Packit |
549fdc |
for (p = non_fatal_error_entries; p->desc != NULL; p++) {
|
|
Packit |
549fdc |
if (p->number == error) {
|
|
Packit |
549fdc |
ret = p->desc;
|
|
Packit |
549fdc |
break;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* avoid prefix */
|
|
Packit |
549fdc |
if (ret == NULL)
|
|
Packit |
549fdc |
return _("(unknown error code)");
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
return _(ret);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/**
|
|
Packit |
549fdc |
* gnutls_strerror_name:
|
|
Packit |
549fdc |
* @error: is an error returned by a gnutls function.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Return the GnuTLS error code define as a string. For example,
|
|
Packit |
549fdc |
* gnutls_strerror_name (GNUTLS_E_DH_PRIME_UNACCEPTABLE) will return
|
|
Packit |
549fdc |
* the string "GNUTLS_E_DH_PRIME_UNACCEPTABLE".
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Returns: A string corresponding to the symbol name of the error
|
|
Packit |
549fdc |
* code.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* Since: 2.6.0
|
|
Packit |
549fdc |
**/
|
|
Packit |
549fdc |
const char *gnutls_strerror_name(int error)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
const char *ret = NULL;
|
|
Packit |
549fdc |
const gnutls_error_entry *p;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
for (p = error_entries; p->desc != NULL; p++) {
|
|
Packit |
549fdc |
if (p->number == error) {
|
|
Packit |
549fdc |
ret = p->_name;
|
|
Packit |
549fdc |
break;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (ret == NULL) {
|
|
Packit |
549fdc |
for (p = non_fatal_error_entries; p->desc != NULL; p++) {
|
|
Packit |
549fdc |
if (p->number == error) {
|
|
Packit |
549fdc |
ret = p->_name;
|
|
Packit |
549fdc |
break;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
return ret;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
int _gnutls_asn2err(int asn_err)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
switch (asn_err) {
|
|
Packit |
549fdc |
#ifdef ASN1_TIME_ENCODING_ERROR
|
|
Packit |
549fdc |
case ASN1_TIME_ENCODING_ERROR:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_TIME_ERROR;
|
|
Packit |
549fdc |
#endif
|
|
Packit |
549fdc |
case ASN1_FILE_NOT_FOUND:
|
|
Packit |
549fdc |
return GNUTLS_E_FILE_ERROR;
|
|
Packit |
549fdc |
case ASN1_ELEMENT_NOT_FOUND:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
|
|
Packit |
549fdc |
case ASN1_IDENTIFIER_NOT_FOUND:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND;
|
|
Packit |
549fdc |
case ASN1_DER_ERROR:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_DER_ERROR;
|
|
Packit |
549fdc |
case ASN1_VALUE_NOT_FOUND:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_VALUE_NOT_FOUND;
|
|
Packit |
549fdc |
case ASN1_GENERIC_ERROR:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_GENERIC_ERROR;
|
|
Packit |
549fdc |
case ASN1_VALUE_NOT_VALID:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_VALUE_NOT_VALID;
|
|
Packit |
549fdc |
case ASN1_TAG_ERROR:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_TAG_ERROR;
|
|
Packit |
549fdc |
case ASN1_TAG_IMPLICIT:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_TAG_IMPLICIT;
|
|
Packit |
549fdc |
case ASN1_ERROR_TYPE_ANY:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_TYPE_ANY_ERROR;
|
|
Packit |
549fdc |
case ASN1_SYNTAX_ERROR:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_SYNTAX_ERROR;
|
|
Packit |
549fdc |
case ASN1_MEM_ERROR:
|
|
Packit |
549fdc |
return GNUTLS_E_SHORT_MEMORY_BUFFER;
|
|
Packit |
549fdc |
case ASN1_MEM_ALLOC_ERROR:
|
|
Packit |
549fdc |
return GNUTLS_E_MEMORY_ERROR;
|
|
Packit |
549fdc |
case ASN1_DER_OVERFLOW:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_DER_OVERFLOW;
|
|
Packit |
549fdc |
default:
|
|
Packit |
549fdc |
return GNUTLS_E_ASN1_GENERIC_ERROR;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
void _gnutls_mpi_log(const char *prefix, bigint_t a)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
size_t binlen = 0;
|
|
Packit |
549fdc |
void *binbuf;
|
|
Packit |
549fdc |
size_t hexlen;
|
|
Packit |
549fdc |
char *hexbuf;
|
|
Packit |
549fdc |
int res;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (_gnutls_log_level < 2)
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
res = _gnutls_mpi_print(a, NULL, &binlen);
|
|
Packit |
549fdc |
if (res < 0 && res != GNUTLS_E_SHORT_MEMORY_BUFFER) {
|
|
Packit |
549fdc |
gnutls_assert();
|
|
Packit |
549fdc |
_gnutls_hard_log("MPI: %s can't print value (%d/%d)\n",
|
|
Packit |
549fdc |
prefix, res, (int) binlen);
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (binlen > 1024 * 1024) {
|
|
Packit |
549fdc |
gnutls_assert();
|
|
Packit |
549fdc |
_gnutls_hard_log("MPI: %s too large mpi (%d)\n", prefix,
|
|
Packit |
549fdc |
(int) binlen);
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
binbuf = gnutls_malloc(binlen);
|
|
Packit |
549fdc |
if (!binbuf) {
|
|
Packit |
549fdc |
gnutls_assert();
|
|
Packit |
549fdc |
_gnutls_hard_log("MPI: %s out of memory (%d)\n", prefix,
|
|
Packit |
549fdc |
(int) binlen);
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
res = _gnutls_mpi_print(a, binbuf, &binlen);
|
|
Packit |
549fdc |
if (res != 0) {
|
|
Packit |
549fdc |
gnutls_assert();
|
|
Packit |
549fdc |
_gnutls_hard_log("MPI: %s can't print value (%d/%d)\n",
|
|
Packit |
549fdc |
prefix, res, (int) binlen);
|
|
Packit |
549fdc |
gnutls_free(binbuf);
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
hexlen = 2 * binlen + 1;
|
|
Packit |
549fdc |
hexbuf = gnutls_malloc(hexlen);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (!hexbuf) {
|
|
Packit |
549fdc |
gnutls_assert();
|
|
Packit |
549fdc |
_gnutls_hard_log("MPI: %s out of memory (hex %d)\n",
|
|
Packit |
549fdc |
prefix, (int) hexlen);
|
|
Packit |
549fdc |
gnutls_free(binbuf);
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
_gnutls_bin2hex(binbuf, binlen, hexbuf, hexlen, NULL);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
_gnutls_hard_log("MPI: length: %d\n\t%s%s\n", (int) binlen, prefix,
|
|
Packit |
549fdc |
hexbuf);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
gnutls_free(hexbuf);
|
|
Packit |
549fdc |
gnutls_free(binbuf);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* this function will output a message using the
|
|
Packit |
549fdc |
* caller provided function
|
|
Packit |
549fdc |
*/
|
|
Packit |
549fdc |
void _gnutls_log(int level, const char *fmt, ...)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
va_list args;
|
|
Packit |
549fdc |
char *str;
|
|
Packit |
549fdc |
int ret;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (_gnutls_log_func == NULL)
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
va_start(args, fmt);
|
|
Packit |
549fdc |
ret = vasprintf(&str, fmt, args);
|
|
Packit |
549fdc |
va_end(args);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (ret >= 0) {
|
|
Packit |
549fdc |
_gnutls_log_func(level, str);
|
|
Packit |
549fdc |
free(str);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
void _gnutls_audit_log(gnutls_session_t session, const char *fmt, ...)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
va_list args;
|
|
Packit |
549fdc |
char *str;
|
|
Packit |
549fdc |
int ret;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (_gnutls_audit_log_func == NULL && _gnutls_log_func == NULL)
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
va_start(args, fmt);
|
|
Packit |
549fdc |
ret = vasprintf(&str, fmt, args);
|
|
Packit |
549fdc |
va_end(args);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (ret >= 0) {
|
|
Packit |
549fdc |
if (_gnutls_audit_log_func)
|
|
Packit |
549fdc |
_gnutls_audit_log_func(session, str);
|
|
Packit |
549fdc |
else
|
|
Packit |
549fdc |
_gnutls_log_func(1, str);
|
|
Packit |
549fdc |
free(str);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#ifndef DEBUG
|
|
Packit |
549fdc |
#ifndef C99_MACROS
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
/* Without C99 macros these functions have to
|
|
Packit |
549fdc |
* be called. This may affect performance.
|
|
Packit |
549fdc |
*/
|
|
Packit |
549fdc |
void _gnutls_null_log(void *x, ...)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
return;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#endif /* C99_MACROS */
|
|
Packit |
549fdc |
#endif /* DEBUG */
|