/*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * * SPDX-License-Identifier: curl * ***************************************************************************/ #include "curl_setup.h" #ifdef HAVE_STRERROR_R # if (!defined(HAVE_POSIX_STRERROR_R) && \ !defined(HAVE_GLIBC_STRERROR_R)) || \ (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R)) # error "strerror_r MUST be either POSIX, glibc style" # endif #endif #include #ifdef USE_LIBIDN2 #include #endif #ifdef USE_WINDOWS_SSPI #include "curl_sspi.h" #endif #include "curlx/winapi.h" #include "strerror.h" /* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" const char * curl_easy_strerror(CURLcode error) { #ifndef CURL_DISABLE_VERBOSE_STRINGS switch(error) { case CURLE_OK: return "No error"; case CURLE_UNSUPPORTED_PROTOCOL: return "Unsupported protocol"; case CURLE_FAILED_INIT: return "Failed initialization"; case CURLE_URL_MALFORMAT: return "URL using bad/illegal format or missing URL"; case CURLE_NOT_BUILT_IN: return "A requested feature, protocol or option was not found built-in in" " this libcurl due to a build-time decision."; case CURLE_COULDNT_RESOLVE_PROXY: return "Could not resolve proxy name"; case CURLE_COULDNT_RESOLVE_HOST: return "Could not resolve hostname"; case CURLE_COULDNT_CONNECT: return "Could not connect to server"; case CURLE_WEIRD_SERVER_REPLY: return "Weird server reply"; case CURLE_REMOTE_ACCESS_DENIED: return "Access denied to remote resource"; case CURLE_FTP_ACCEPT_FAILED: return "FTP: The server failed to connect to data port"; case CURLE_FTP_ACCEPT_TIMEOUT: return "FTP: Accepting server connect has timed out"; case CURLE_FTP_PRET_FAILED: return "FTP: The server did not accept the PRET command."; case CURLE_FTP_WEIRD_PASS_REPLY: return "FTP: unknown PASS reply"; case CURLE_FTP_WEIRD_PASV_REPLY: return "FTP: unknown PASV reply"; case CURLE_FTP_WEIRD_227_FORMAT: return "FTP: unknown 227 response format"; case CURLE_FTP_CANT_GET_HOST: return "FTP: cannot figure out the host in the PASV response"; case CURLE_HTTP2: return "Error in the HTTP2 framing layer"; case CURLE_FTP_COULDNT_SET_TYPE: return "FTP: could not set file type"; case CURLE_PARTIAL_FILE: return "Transferred a partial file"; case CURLE_FTP_COULDNT_RETR_FILE: return "FTP: could not retrieve (RETR failed) the specified file"; case CURLE_QUOTE_ERROR: return "Quote command returned error"; case CURLE_HTTP_RETURNED_ERROR: return "HTTP response code said error"; case CURLE_WRITE_ERROR: return "Failed writing received data to disk/application"; case CURLE_UPLOAD_FAILED: return "Upload failed (at start/before it took off)"; case CURLE_READ_ERROR: return "Failed to open/read local data from file/application"; case CURLE_OUT_OF_MEMORY: return "Out of memory"; case CURLE_OPERATION_TIMEDOUT: return "Timeout was reached"; case CURLE_FTP_PORT_FAILED: return "FTP: command PORT failed"; case CURLE_FTP_COULDNT_USE_REST: return "FTP: command REST failed"; case CURLE_RANGE_ERROR: return "Requested range was not delivered by the server"; case CURLE_SSL_CONNECT_ERROR: return "SSL connect error"; case CURLE_BAD_DOWNLOAD_RESUME: return "Could not resume download"; case CURLE_FILE_COULDNT_READ_FILE: return "Could not read a file:// file"; case CURLE_LDAP_CANNOT_BIND: return "LDAP: cannot bind"; case CURLE_LDAP_SEARCH_FAILED: return "LDAP: search failed"; case CURLE_ABORTED_BY_CALLBACK: return "Operation was aborted by an application callback"; case CURLE_BAD_FUNCTION_ARGUMENT: return "A libcurl function was given a bad argument"; case CURLE_INTERFACE_FAILED: return "Failed binding local connection end"; case CURLE_TOO_MANY_REDIRECTS: return "Number of redirects hit maximum amount"; case CURLE_UNKNOWN_OPTION: return "An unknown option was passed in to libcurl"; case CURLE_SETOPT_OPTION_SYNTAX: return "Malformed option provided in a setopt"; case CURLE_GOT_NOTHING: return "Server returned nothing (no headers, no data)"; case CURLE_SSL_ENGINE_NOTFOUND: return "SSL crypto engine not found"; case CURLE_SSL_ENGINE_SETFAILED: return "Can not set SSL crypto engine as default"; case CURLE_SSL_ENGINE_INITFAILED: return "Failed to initialise SSL crypto engine"; case CURLE_SEND_ERROR: return "Failed sending data to the peer"; case CURLE_RECV_ERROR: return "Failure when receiving data from the peer"; case CURLE_SSL_CERTPROBLEM: return "Problem with the local SSL certificate"; case CURLE_SSL_CIPHER: return "Could not use specified SSL cipher"; case CURLE_PEER_FAILED_VERIFICATION: return "SSL peer certificate or SSH remote key was not OK"; case CURLE_SSL_CACERT_BADFILE: return "Problem with the SSL CA cert (path? access rights?)"; case CURLE_BAD_CONTENT_ENCODING: return "Unrecognized or bad HTTP Content or Transfer-Encoding"; case CURLE_FILESIZE_EXCEEDED: return "Maximum file size exceeded"; case CURLE_USE_SSL_FAILED: return "Requested SSL level failed"; case CURLE_SSL_SHUTDOWN_FAILED: return "Failed to shut down the SSL connection"; case CURLE_SSL_CRL_BADFILE: return "Failed to load CRL file (path? access rights?, format?)"; case CURLE_SSL_ISSUER_ERROR: return "Issuer check against peer certificate failed"; case CURLE_SEND_FAIL_REWIND: return "Send failed since rewinding of the data stream failed"; case CURLE_LOGIN_DENIED: return "Login denied"; case CURLE_TFTP_NOTFOUND: return "TFTP: File Not Found"; case CURLE_TFTP_PERM: return "TFTP: Access Violation"; case CURLE_REMOTE_DISK_FULL: return "Disk full or allocation exceeded"; case CURLE_TFTP_ILLEGAL: return "TFTP: Illegal operation"; case CURLE_TFTP_UNKNOWNID: return "TFTP: Unknown transfer ID"; case CURLE_REMOTE_FILE_EXISTS: return "Remote file already exists"; case CURLE_TFTP_NOSUCHUSER: return "TFTP: No such user"; case CURLE_REMOTE_FILE_NOT_FOUND: return "Remote file not found"; case CURLE_SSH: return "Error in the SSH layer"; case CURLE_AGAIN: return "Socket not ready for send/recv"; case CURLE_RTSP_CSEQ_ERROR: return "RTSP CSeq mismatch or invalid CSeq"; case CURLE_RTSP_SESSION_ERROR: return "RTSP session error"; case CURLE_FTP_BAD_FILE_LIST: return "Unable to parse FTP file list"; case CURLE_CHUNK_FAILED: return "Chunk callback failed"; case CURLE_NO_CONNECTION_AVAILABLE: return "The max connection limit is reached"; case CURLE_SSL_PINNEDPUBKEYNOTMATCH: return "SSL public key does not match pinned public key"; case CURLE_SSL_INVALIDCERTSTATUS: return "SSL server certificate status verification FAILED"; case CURLE_HTTP2_STREAM: return "Stream error in the HTTP/2 framing layer"; case CURLE_RECURSIVE_API_CALL: return "API function called from within callback"; case CURLE_AUTH_ERROR: return "An authentication function returned an error"; case CURLE_HTTP3: return "HTTP/3 error"; case CURLE_QUIC_CONNECT_ERROR: return "QUIC connection error"; case CURLE_PROXY: return "proxy handshake error"; case CURLE_SSL_CLIENTCERT: return "SSL Client Certificate required"; case CURLE_UNRECOVERABLE_POLL: return "Unrecoverable error in select/poll"; case CURLE_TOO_LARGE: return "A value or data field grew larger than allowed"; case CURLE_ECH_REQUIRED: return "ECH attempted but failed"; /* error codes not used by current libcurl */ default: break; } /* * By using a switch, gcc -Wall will complain about enum values * which do not appear, helping keep this function up-to-date. * By using gcc -Wall -Werror, you cannot forget. * * A table would not have the same benefit. Most compilers will generate * code similar to a table in any case, so there is little performance gain * from a table. Something is broken for the user's application, anyways, so * does it matter how fast it _does not_ work? * * The line number for the error will be near this comment, which is why it * is here, and not at the start of the switch. */ return "Unknown error"; #else if(!error) return "No error"; else return "Error"; #endif } const char * curl_multi_strerror(CURLMcode error) { #ifndef CURL_DISABLE_VERBOSE_STRINGS switch(error) { case CURLM_CALL_MULTI_PERFORM: return "Please call curl_multi_perform() soon"; case CURLM_OK: return "No error"; case CURLM_BAD_HANDLE: return "Invalid multi handle"; case CURLM_BAD_EASY_HANDLE: return "Invalid easy handle"; case CURLM_OUT_OF_MEMORY: return "Out of memory"; case CURLM_INTERNAL_ERROR: return "Internal error"; case CURLM_BAD_SOCKET: return "Invalid socket argument"; case CURLM_UNKNOWN_OPTION: return "Unknown option"; case CURLM_ADDED_ALREADY: return "The easy handle is already added to a multi handle"; case CURLM_RECURSIVE_API_CALL: return "API function called from within callback"; case CURLM_WAKEUP_FAILURE: return "Wakeup is unavailable or failed"; case CURLM_BAD_FUNCTION_ARGUMENT: return "A libcurl function was given a bad argument"; case CURLM_ABORTED_BY_CALLBACK: return "Operation was aborted by an application callback"; case CURLM_UNRECOVERABLE_POLL: return "Unrecoverable error in select/poll"; case CURLM_LAST: break; } return "Unknown error"; #else if(error == CURLM_OK) return "No error"; else return "Error"; #endif } const char * curl_share_strerror(CURLSHcode error) { #ifndef CURL_DISABLE_VERBOSE_STRINGS switch(error) { case CURLSHE_OK: return "No error"; case CURLSHE_BAD_OPTION: return "Unknown share option"; case CURLSHE_IN_USE: return "Share currently in use"; case CURLSHE_INVALID: return "Invalid share handle"; case CURLSHE_NOMEM: return "Out of memory"; case CURLSHE_NOT_BUILT_IN: return "Feature not enabled in this library"; case CURLSHE_LAST: break; } return "CURLSHcode unknown"; #else if(error == CURLSHE_OK) return "No error"; else return "Error"; #endif } const char * curl_url_strerror(CURLUcode error) { #ifndef CURL_DISABLE_VERBOSE_STRINGS switch(error) { case CURLUE_OK: return "No error"; case CURLUE_BAD_HANDLE: return "An invalid CURLU pointer was passed as argument"; case CURLUE_BAD_PARTPOINTER: return "An invalid 'part' argument was passed as argument"; case CURLUE_MALFORMED_INPUT: return "Malformed input to a URL function"; case CURLUE_BAD_PORT_NUMBER: return "Port number was not a decimal number between 0 and 65535"; case CURLUE_UNSUPPORTED_SCHEME: return "Unsupported URL scheme"; case CURLUE_URLDECODE: return "URL decode error, most likely because of rubbish in the input"; case CURLUE_OUT_OF_MEMORY: return "A memory function failed"; case CURLUE_USER_NOT_ALLOWED: return "Credentials was passed in the URL when prohibited"; case CURLUE_UNKNOWN_PART: return "An unknown part ID was passed to a URL API function"; case CURLUE_NO_SCHEME: return "No scheme part in the URL"; case CURLUE_NO_USER: return "No user part in the URL"; case CURLUE_NO_PASSWORD: return "No password part in the URL"; case CURLUE_NO_OPTIONS: return "No options part in the URL"; case CURLUE_NO_HOST: return "No host part in the URL"; case CURLUE_NO_PORT: return "No port part in the URL"; case CURLUE_NO_QUERY: return "No query part in the URL"; case CURLUE_NO_FRAGMENT: return "No fragment part in the URL"; case CURLUE_NO_ZONEID: return "No zoneid part in the URL"; case CURLUE_BAD_LOGIN: return "Bad login part"; case CURLUE_BAD_IPV6: return "Bad IPv6 address"; case CURLUE_BAD_HOSTNAME: return "Bad hostname"; case CURLUE_BAD_FILE_URL: return "Bad file:// URL"; case CURLUE_BAD_SLASHES: return "Unsupported number of slashes following scheme"; case CURLUE_BAD_SCHEME: return "Bad scheme"; case CURLUE_BAD_PATH: return "Bad path"; case CURLUE_BAD_FRAGMENT: return "Bad fragment"; case CURLUE_BAD_QUERY: return "Bad query"; case CURLUE_BAD_PASSWORD: return "Bad password"; case CURLUE_BAD_USER: return "Bad user"; case CURLUE_LACKS_IDN: return "libcurl lacks IDN support"; case CURLUE_TOO_LARGE: return "A value or data field is larger than allowed"; case CURLUE_LAST: break; } return "CURLUcode unknown"; #else if(error == CURLUE_OK) return "No error"; else return "Error"; #endif } #ifdef USE_WINSOCK /* This is a helper function for Curl_strerror that converts Winsock error * codes (WSAGetLastError) to error messages. * Returns NULL if no error message was found for error code. */ static const char * get_winsock_error(int err, char *buf, size_t len) { #ifndef CURL_DISABLE_VERBOSE_STRINGS const char *p; size_t alen; #endif if(!len) return NULL; *buf = '\0'; #ifdef CURL_DISABLE_VERBOSE_STRINGS (void)err; return NULL; #else switch(err) { case WSAEINTR: p = "Call interrupted"; break; case WSAEBADF: p = "Bad file"; break; case WSAEACCES: p = "Bad access"; break; case WSAEFAULT: p = "Bad argument"; break; case WSAEINVAL: p = "Invalid arguments"; break; case WSAEMFILE: p = "Out of file descriptors"; break; case WSAEWOULDBLOCK: p = "Call would block"; break; case WSAEINPROGRESS: case WSAEALREADY: p = "Blocking call in progress"; break; case WSAENOTSOCK: p = "Descriptor is not a socket"; break; case WSAEDESTADDRREQ: p = "Need destination address"; break; case WSAEMSGSIZE: p = "Bad message size"; break; case WSAEPROTOTYPE: p = "Bad protocol"; break; case WSAENOPROTOOPT: p = "Protocol option is unsupported"; break; case WSAEPROTONOSUPPORT: p = "Protocol is unsupported"; break; case WSAESOCKTNOSUPPORT: p = "Socket is unsupported"; break; case WSAEOPNOTSUPP: p = "Operation not supported"; break; case WSAEAFNOSUPPORT: p = "Address family not supported"; break; case WSAEPFNOSUPPORT: p = "Protocol family not supported"; break; case WSAEADDRINUSE: p = "Address already in use"; break; case WSAEADDRNOTAVAIL: p = "Address not available"; break; case WSAENETDOWN: p = "Network down"; break; case WSAENETUNREACH: p = "Network unreachable"; break; case WSAENETRESET: p = "Network has been reset"; break; case WSAECONNABORTED: p = "Connection was aborted"; break; case WSAECONNRESET: p = "Connection was reset"; break; case WSAENOBUFS: p = "No buffer space"; break; case WSAEISCONN: p = "Socket is already connected"; break; case WSAENOTCONN: p = "Socket is not connected"; break; case WSAESHUTDOWN: p = "Socket has been shut down"; break; case WSAETOOMANYREFS: p = "Too many references"; break; case WSAETIMEDOUT: p = "Timed out"; break; case WSAECONNREFUSED: p = "Connection refused"; break; case WSAELOOP: p = "Loop??"; break; case WSAENAMETOOLONG: p = "Name too long"; break; case WSAEHOSTDOWN: p = "Host down"; break; case WSAEHOSTUNREACH: p = "Host unreachable"; break; case WSAENOTEMPTY: p = "Not empty"; break; case WSAEPROCLIM: p = "Process limit reached"; break; case WSAEUSERS: p = "Too many users"; break; case WSAEDQUOT: p = "Bad quota"; break; case WSAESTALE: p = "Something is stale"; break; case WSAEREMOTE: p = "Remote error"; break; #ifdef WSAEDISCON /* missing in SalfordC! */ case WSAEDISCON: p = "Disconnected"; break; #endif /* Extended Winsock errors */ case WSASYSNOTREADY: p = "Winsock library is not ready"; break; case WSANOTINITIALISED: p = "Winsock library not initialised"; break; case WSAVERNOTSUPPORTED: p = "Winsock version not supported"; break; /* getXbyY() errors (already handled in herrmsg): * Authoritative Answer: Host not found */ case WSAHOST_NOT_FOUND: p = "Host not found"; break; /* Non-Authoritative: Host not found, or SERVERFAIL */ case WSATRY_AGAIN: p = "Host not found, try again"; break; /* Non recoverable errors, FORMERR, REFUSED, NOTIMP */ case WSANO_RECOVERY: p = "Unrecoverable error in call to nameserver"; break; /* Valid name, no data record of requested type */ case WSANO_DATA: p = "No data record of requested type"; break; default: return NULL; } alen = strlen(p); if(alen < len) strcpy(buf, p); return buf; #endif } #endif /* USE_WINSOCK */ /* * Our thread-safe and smart strerror() replacement. * * The 'err' argument passed in to this function MUST be a true errno number * as reported on this system. We do no range checking on the number before * we pass it to the "number-to-message" conversion function and there might * be systems that do not do proper range checking in there themselves. * * We do not do range checking (on systems other than Windows) since there is * no good reliable and portable way to do it. * * On Windows different types of error codes overlap. This function has an * order of preference when trying to match error codes: * CRT (errno), Winsock (WSAGetLastError), Windows API (GetLastError). * * It may be more correct to call one of the variant functions instead: * Call Curl_sspi_strerror if the error code is definitely Windows SSPI. * Call curlx_winapi_strerror if the error code is definitely Windows API. */ const char *Curl_strerror(int err, char *buf, size_t buflen) { #ifdef _WIN32 DWORD old_win_err = GetLastError(); #endif int old_errno = errno; char *p; if(!buflen) return NULL; #ifndef _WIN32 DEBUGASSERT(err >= 0); #endif *buf = '\0'; #ifdef _WIN32 #ifndef UNDER_CE /* 'sys_nerr' is the maximum errno number, it is not widely portable */ if(err >= 0 && err < sys_nerr) curl_msnprintf(buf, buflen, "%s", sys_errlist[err]); else #endif { if( #ifdef USE_WINSOCK !get_winsock_error(err, buf, buflen) && #endif !curlx_get_winapi_error(err, buf, buflen)) curl_msnprintf(buf, buflen, "Unknown error %d (%#x)", err, err); } #else /* not Windows coming up */ #if defined(HAVE_STRERROR_R) && defined(HAVE_POSIX_STRERROR_R) /* * The POSIX-style strerror_r() may set errno to ERANGE if insufficient * storage is supplied via 'strerrbuf' and 'buflen' to hold the generated * message string, or EINVAL if 'errnum' is not a valid error number. */ if(strerror_r(err, buf, buflen)) { if('\0' == buf[0]) curl_msnprintf(buf, buflen, "Unknown error %d", err); } #elif defined(HAVE_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R) /* * The glibc-style strerror_r() only *might* use the buffer we pass to * the function, but it always returns the error message as a pointer, * so we must copy that string unconditionally (if non-NULL). */ { char buffer[256]; char *msg = strerror_r(err, buffer, sizeof(buffer)); if(msg) curl_msnprintf(buf, buflen, "%s", msg); else curl_msnprintf(buf, buflen, "Unknown error %d", err); } #else { /* !checksrc! disable BANNEDFUNC 1 */ const char *msg = strerror(err); if(msg) curl_msnprintf(buf, buflen, "%s", msg); else curl_msnprintf(buf, buflen, "Unknown error %d", err); } #endif #endif /* end of not Windows */ /* strip trailing '\r\n' or '\n'. */ p = strrchr(buf, '\n'); if(p && (p - buf) >= 2) *p = '\0'; p = strrchr(buf, '\r'); if(p && (p - buf) >= 1) *p = '\0'; if(errno != old_errno) CURL_SETERRNO(old_errno); #ifdef _WIN32 if(old_win_err != GetLastError()) SetLastError(old_win_err); #endif return buf; } #ifdef USE_WINDOWS_SSPI /* * Curl_sspi_strerror: * Variant of Curl_strerror if the error code is definitely Windows SSPI. */ const char *Curl_sspi_strerror(int err, char *buf, size_t buflen) { #ifdef _WIN32 DWORD old_win_err = GetLastError(); #endif int old_errno = errno; const char *txt; if(!buflen) return NULL; *buf = '\0'; #ifndef CURL_DISABLE_VERBOSE_STRINGS switch(err) { case SEC_E_OK: txt = "No error"; break; #define SEC2TXT(sec) case sec: txt = #sec; break SEC2TXT(CRYPT_E_REVOKED); SEC2TXT(CRYPT_E_NO_REVOCATION_DLL); SEC2TXT(CRYPT_E_NO_REVOCATION_CHECK); SEC2TXT(CRYPT_E_REVOCATION_OFFLINE); SEC2TXT(CRYPT_E_NOT_IN_REVOCATION_DATABASE); SEC2TXT(SEC_E_ALGORITHM_MISMATCH); SEC2TXT(SEC_E_BAD_BINDINGS); SEC2TXT(SEC_E_BAD_PKGID); SEC2TXT(SEC_E_BUFFER_TOO_SMALL); SEC2TXT(SEC_E_CANNOT_INSTALL); SEC2TXT(SEC_E_CANNOT_PACK); SEC2TXT(SEC_E_CERT_EXPIRED); SEC2TXT(SEC_E_CERT_UNKNOWN); SEC2TXT(SEC_E_CERT_WRONG_USAGE); SEC2TXT(SEC_E_CONTEXT_EXPIRED); SEC2TXT(SEC_E_CROSSREALM_DELEGATION_FAILURE); SEC2TXT(SEC_E_CRYPTO_SYSTEM_INVALID); SEC2TXT(SEC_E_DECRYPT_FAILURE); SEC2TXT(SEC_E_DELEGATION_POLICY); SEC2TXT(SEC_E_DELEGATION_REQUIRED); SEC2TXT(SEC_E_DOWNGRADE_DETECTED); SEC2TXT(SEC_E_ENCRYPT_FAILURE); SEC2TXT(SEC_E_ILLEGAL_MESSAGE); SEC2TXT(SEC_E_INCOMPLETE_CREDENTIALS); SEC2TXT(SEC_E_INCOMPLETE_MESSAGE); SEC2TXT(SEC_E_INSUFFICIENT_MEMORY); SEC2TXT(SEC_E_INTERNAL_ERROR); SEC2TXT(SEC_E_INVALID_HANDLE); SEC2TXT(SEC_E_INVALID_PARAMETER); SEC2TXT(SEC_E_INVALID_TOKEN); SEC2TXT(SEC_E_ISSUING_CA_UNTRUSTED); SEC2TXT(SEC_E_ISSUING_CA_UNTRUSTED_KDC); SEC2TXT(SEC_E_KDC_CERT_EXPIRED); SEC2TXT(SEC_E_KDC_CERT_REVOKED); SEC2TXT(SEC_E_KDC_INVALID_REQUEST); SEC2TXT(SEC_E_KDC_UNABLE_TO_REFER); SEC2TXT(SEC_E_KDC_UNKNOWN_ETYPE); SEC2TXT(SEC_E_LOGON_DENIED); SEC2TXT(SEC_E_MAX_REFERRALS_EXCEEDED); SEC2TXT(SEC_E_MESSAGE_ALTERED); SEC2TXT(SEC_E_MULTIPLE_ACCOUNTS); SEC2TXT(SEC_E_MUST_BE_KDC); SEC2TXT(SEC_E_NOT_OWNER); SEC2TXT(SEC_E_NO_AUTHENTICATING_AUTHORITY); SEC2TXT(SEC_E_NO_CREDENTIALS); SEC2TXT(SEC_E_NO_IMPERSONATION); SEC2TXT(SEC_E_NO_IP_ADDRESSES); SEC2TXT(SEC_E_NO_KERB_KEY); SEC2TXT(SEC_E_NO_PA_DATA); SEC2TXT(SEC_E_NO_S4U_PROT_SUPPORT); SEC2TXT(SEC_E_NO_TGT_REPLY); SEC2TXT(SEC_E_OUT_OF_SEQUENCE); SEC2TXT(SEC_E_PKINIT_CLIENT_FAILURE); SEC2TXT(SEC_E_PKINIT_NAME_MISMATCH); SEC2TXT(SEC_E_POLICY_NLTM_ONLY); SEC2TXT(SEC_E_QOP_NOT_SUPPORTED); SEC2TXT(SEC_E_REVOCATION_OFFLINE_C); SEC2TXT(SEC_E_REVOCATION_OFFLINE_KDC); SEC2TXT(SEC_E_SECPKG_NOT_FOUND); SEC2TXT(SEC_E_SECURITY_QOS_FAILED); SEC2TXT(SEC_E_SHUTDOWN_IN_PROGRESS); SEC2TXT(SEC_E_SMARTCARD_CERT_EXPIRED); SEC2TXT(SEC_E_SMARTCARD_CERT_REVOKED); SEC2TXT(SEC_E_SMARTCARD_LOGON_REQUIRED); SEC2TXT(SEC_E_STRONG_CRYPTO_NOT_SUPPORTED); SEC2TXT(SEC_E_TARGET_UNKNOWN); SEC2TXT(SEC_E_TIME_SKEW); SEC2TXT(SEC_E_TOO_MANY_PRINCIPALS); SEC2TXT(SEC_E_UNFINISHED_CONTEXT_DELETED); SEC2TXT(SEC_E_UNKNOWN_CREDENTIALS); SEC2TXT(SEC_E_UNSUPPORTED_FUNCTION); SEC2TXT(SEC_E_UNSUPPORTED_PREAUTH); SEC2TXT(SEC_E_UNTRUSTED_ROOT); SEC2TXT(SEC_E_WRONG_CREDENTIAL_HANDLE); SEC2TXT(SEC_E_WRONG_PRINCIPAL); SEC2TXT(SEC_I_COMPLETE_AND_CONTINUE); SEC2TXT(SEC_I_COMPLETE_NEEDED); SEC2TXT(SEC_I_CONTEXT_EXPIRED); SEC2TXT(SEC_I_CONTINUE_NEEDED); SEC2TXT(SEC_I_INCOMPLETE_CREDENTIALS); SEC2TXT(SEC_I_LOCAL_LOGON); SEC2TXT(SEC_I_NO_LSA_CONTEXT); SEC2TXT(SEC_I_RENEGOTIATE); SEC2TXT(SEC_I_SIGNATURE_NEEDED); default: txt = "Unknown error"; } if(err == SEC_E_ILLEGAL_MESSAGE) { curl_msnprintf(buf, buflen, "SEC_E_ILLEGAL_MESSAGE (0x%08X) - This error usually " "occurs when a fatal SSL/TLS alert is received (e.g. " "handshake failed). More detail may be available in " "the Windows System event log.", err); } else { char msgbuf[256]; if(curlx_get_winapi_error(err, msgbuf, sizeof(msgbuf))) curl_msnprintf(buf, buflen, "%s (0x%08X) - %s", txt, err, msgbuf); else curl_msnprintf(buf, buflen, "%s (0x%08X)", txt, err); } #else if(err == SEC_E_OK) txt = "No error"; else txt = "Error"; if(buflen > strlen(txt)) strcpy(buf, txt); #endif if(errno != old_errno) CURL_SETERRNO(old_errno); #ifdef _WIN32 if(old_win_err != GetLastError()) SetLastError(old_win_err); #endif return buf; } #endif /* USE_WINDOWS_SSPI */