1 /* Copyright (C) 2014 GSS-NTLMSSP contributors, see COPYING for license */
9 #include <gssapi/gssapi.h>
10 #include <gssapi/gssapi_ext.h>
12 #include "gss_ntlmssp.h"
16 #define _(s) dgettext(PACKAGE, (s))
22 /* the order is determined by ntlm_err_code order */
23 static const char *err_strs[] = {
25 /* ERR_DECODE */ N_("Failed to decode data"),
26 /* ERR_ENCODE */ N_("Failed to encode data"),
27 /* ERR_CRYPTO */ N_("Crypto routine failure"),
28 /* ERR_NOARG */ N_("A required argument is missing"),
29 /* ERR_BADARG */ N_("Invalid value in argument"),
30 /* ERR_NONAME */ N_("Name is empty"),
31 /* ERR_NOSRVNAME */ N_("Not a server name"),
32 /* ERR_NOUSRNAME */ N_("Not a user name"),
33 /* ERR_BADLMLEVEL */ N_("Bad LM compatibility Level"),
34 /* ERR_IMPOSSIBLE */ N_("An impossible error occurred"),
35 /* ERR_BADCTX */ N_("Invalid or incomplete context"),
36 /* ERR_WRONGCTX */ N_("Wrong context type"),
37 /* ERR_WRONGMSG */ N_("Wrong message type"),
38 /* ERR_REQNEGFLAG */ N_("A required Negotiate flag was not provided"),
39 /* ERR_FAILNEGFLAGS */ N_("Failed to negotiate a common set of flags"),
40 /* ERR_BADNEGFLAGS */ N_("Invalid combinations of negotiate flags"),
41 /* ERR_NOSRVCRED */ N_("Not a server credential type"),
42 /* ERR_NOUSRCRED */ N_("Not a user credential type"),
43 /* ERR_BADCRED */ N_("Invalid or unknown credential"),
44 /* ERR_NOTOKEN */ N_("Empty or missing token"),
45 /* ERR_NOTSUPPORTED */ N_("Feature not supported"),
46 /* ERR_NOTAVAIL */ N_("Feature not available"),
47 /* ERR_NAMETOOLONG */ N_("Name is too long"),
48 /* ERR_NOBINDINGS */ N_("Required channel bingings are not available"),
49 /* ERR_TIMESKEW */ N_("Server and client clocks are too far apart"),
50 /* ERR_EXPIRED */ N_("Expired"),
51 /* ERR_KEYLEN */ N_("Invalid key length"),
52 /* ERR_NONTLMV1 */ N_("NTLM version 1 not allowed"),
53 /* ERR_NOUSRFOUND */ N_("User not found"),
56 #define UNKNOWN_ERROR err_strs[0]
58 uint32_t gssntlm_display_status(uint32_t *minor_status,
59 uint32_t status_value,
62 uint32_t *message_context,
63 gss_buffer_t status_string)
67 /* if you can't say it in ~6 lines of text we don't bother */
72 return GSSERRS(ERR_NOARG, GSS_S_CALL_INACCESSIBLE_READ);
75 if (status_type != GSS_C_MECH_CODE) {
76 return GSSERRS(ERR_BADARG, GSS_S_BAD_STATUS);
81 status_string->length = 0;
82 status_string->value = NULL;
85 /* There must have been *some* error. No point saying 'Success' */
89 if (status_value > ERR_BASE && status_value < ERR_LAST) {
90 status_string->value = strdup(_(err_strs[status_value - ERR_BASE]));
91 if (!status_string->value) {
92 return GSSERRS(ENOMEM, GSS_S_FAILURE);
97 /* handle both XSI and GNU specific varints of strerror_r */
99 #if ((_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600) && !_GNU_SOURCE)
101 err = strerror_r(status_value, buf, 400);
102 /* The XSI-compliant strerror_r() function returns 0 on success.
103 * On error, a (positive) error number is returned (since glibc
104 * 2.13), or -1 is returned and errno is set to indicate the
105 * error (glibc versions before 2.13). */
109 ret = strerror_r(status_value, buf, 400);
114 memmove(buf, ret, strlen(ret) + 1);
120 if (err == -1) err = errno;
123 /* Screw it, they can have a truncated version */
125 status_string->value = strdup(buf);
132 if (!status_string->value) {
133 status_string->value = strdup(_(UNKNOWN_ERROR));
134 if (!status_string->value) {
135 return GSSERRS(ENOMEM, GSS_S_FAILURE);
138 status_string->length = strlen(status_string->value);
139 return GSSERRS(0, GSS_S_COMPLETE);