LCOV - code coverage report
Current view: top level - builds/gnutls/coverage/gnutls-git/lib - errors.c (source / functions) Hit Total Coverage
Test: GnuTLS-3.6.14 Code Coverage Lines: 66 98 67.3 %
Date: 2020-10-30 04:50:48 Functions: 7 7 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :  * Copyright (C) 2000-2012 Free Software Foundation, Inc.
       3             :  *
       4             :  * Author: Nikos Mavrogiannopoulos
       5             :  *
       6             :  * This file is part of GnuTLS.
       7             :  *
       8             :  * The GnuTLS is free software; you can redistribute it and/or
       9             :  * modify it under the terms of the GNU Lesser General Public License
      10             :  * as published by the Free Software Foundation; either version 2.1 of
      11             :  * the License, or (at your option) any later version.
      12             :  *
      13             :  * This library is distributed in the hope that it will be useful, but
      14             :  * WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      16             :  * Lesser General Public License for more details.
      17             :  *
      18             :  * You should have received a copy of the GNU Lesser General Public License
      19             :  * along with this program.  If not, see <https://www.gnu.org/licenses/>
      20             :  *
      21             :  */
      22             : 
      23             : #include "gnutls_int.h"
      24             : #include "errors.h"
      25             : #ifdef STDC_HEADERS
      26             : #include <stdarg.h>
      27             : #endif
      28             : #include "str.h"
      29             : 
      30             : #define ERROR_ENTRY(desc, name) \
      31             :         { desc, #name, name}
      32             : 
      33             : struct gnutls_error_entry {
      34             :         const char *desc;
      35             :         const char *_name;
      36             :         int number;
      37             : };
      38             : typedef struct gnutls_error_entry gnutls_error_entry;
      39             : 
      40             : static const gnutls_error_entry error_entries[] = {
      41             :         /* "Short Description", Error code define, critical (0,1) -- 1 in most cases */
      42             :         ERROR_ENTRY(N_("Could not negotiate a supported cipher suite."),
      43             :                     GNUTLS_E_UNKNOWN_CIPHER_SUITE),
      44             :         ERROR_ENTRY(N_("No or insufficient priorities were set."),
      45             :                     GNUTLS_E_NO_PRIORITIES_WERE_SET),
      46             :         ERROR_ENTRY(N_("The cipher type is unsupported."),
      47             :                     GNUTLS_E_UNKNOWN_CIPHER_TYPE),
      48             :         ERROR_ENTRY(N_("The certificate and the given key do not match."),
      49             :                     GNUTLS_E_CERTIFICATE_KEY_MISMATCH),
      50             :         ERROR_ENTRY(N_
      51             :                     ("Could not negotiate a supported compression method."),
      52             :                     GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM),
      53             :         ERROR_ENTRY(N_("An unknown public key algorithm was encountered."),
      54             :                     GNUTLS_E_UNKNOWN_PK_ALGORITHM),
      55             : 
      56             :         ERROR_ENTRY(N_("An algorithm that is not enabled was negotiated."),
      57             :                     GNUTLS_E_UNWANTED_ALGORITHM),
      58             :         ERROR_ENTRY(N_
      59             :                     ("A packet with illegal or unsupported version was received."),
      60             :                     GNUTLS_E_UNSUPPORTED_VERSION_PACKET),
      61             :         ERROR_ENTRY(N_
      62             :                     ("The Diffie-Hellman prime sent by the server is not acceptable (not long enough)."),
      63             :                     GNUTLS_E_DH_PRIME_UNACCEPTABLE),
      64             :         ERROR_ENTRY(N_
      65             :                     ("Error decoding the received TLS packet."),
      66             :                     GNUTLS_E_UNEXPECTED_PACKET_LENGTH),
      67             :         ERROR_ENTRY(N_
      68             :                     ("A TLS record packet with invalid length was received."),
      69             :                     GNUTLS_E_RECORD_OVERFLOW),
      70             :         ERROR_ENTRY(N_("The TLS connection was non-properly terminated."),
      71             :                     GNUTLS_E_PREMATURE_TERMINATION),
      72             :         ERROR_ENTRY(N_
      73             :                     ("The specified session has been invalidated for some reason."),
      74             :                     GNUTLS_E_INVALID_SESSION),
      75             : 
      76             :         ERROR_ENTRY(N_("GnuTLS internal error."), GNUTLS_E_INTERNAL_ERROR),
      77             :         ERROR_ENTRY(N_(
      78             :                     "A connection with inappropriate fallback was attempted."),
      79             :                     GNUTLS_E_INAPPROPRIATE_FALLBACK),
      80             :         ERROR_ENTRY(N_("An illegal TLS extension was received."),
      81             :                     GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION),
      82             :         ERROR_ENTRY(N_("An required TLS extension was received."),
      83             :                     GNUTLS_E_MISSING_EXTENSION),
      84             :         ERROR_ENTRY(N_("A TLS fatal alert has been received."),
      85             :                     GNUTLS_E_FATAL_ALERT_RECEIVED),
      86             :         ERROR_ENTRY(N_("An unexpected TLS packet was received."),
      87             :                     GNUTLS_E_UNEXPECTED_PACKET),
      88             :         ERROR_ENTRY(N_("Failed to import the key into store."),
      89             :                     GNUTLS_E_KEY_IMPORT_FAILED),
      90             :         ERROR_ENTRY(N_
      91             :                     ("An error was encountered at the TLS Finished packet calculation."),
      92             :                     GNUTLS_E_ERROR_IN_FINISHED_PACKET),
      93             :         ERROR_ENTRY(N_("No certificate was found."),
      94             :                     GNUTLS_E_NO_CERTIFICATE_FOUND),
      95             :         ERROR_ENTRY(N_("Certificate is required."),
      96             :                     GNUTLS_E_CERTIFICATE_REQUIRED),
      97             :         ERROR_ENTRY(N_
      98             :                     ("The given DSA key is incompatible with the selected TLS protocol."),
      99             :                     GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL),
     100             :         ERROR_ENTRY(N_
     101             :                     ("There is already a crypto algorithm with lower priority."),
     102             :                     GNUTLS_E_CRYPTO_ALREADY_REGISTERED),
     103             : 
     104             :         ERROR_ENTRY(N_("No temporary RSA parameters were found."),
     105             :                     GNUTLS_E_NO_TEMPORARY_RSA_PARAMS),
     106             :         ERROR_ENTRY(N_("No temporary DH parameters were found."),
     107             :                     GNUTLS_E_NO_TEMPORARY_DH_PARAMS),
     108             :         ERROR_ENTRY(N_("An unexpected TLS handshake packet was received."),
     109             :                     GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET),
     110             :         ERROR_ENTRY(N_("The scanning of a large integer has failed."),
     111             :                     GNUTLS_E_MPI_SCAN_FAILED),
     112             :         ERROR_ENTRY(N_("Could not export a large integer."),
     113             :                     GNUTLS_E_MPI_PRINT_FAILED),
     114             :         ERROR_ENTRY(N_("Decryption has failed."),
     115             :                     GNUTLS_E_DECRYPTION_FAILED),
     116             :         ERROR_ENTRY(N_("Encryption has failed."),
     117             :                     GNUTLS_E_ENCRYPTION_FAILED),
     118             :         ERROR_ENTRY(N_("Public key decryption has failed."),
     119             :                     GNUTLS_E_PK_DECRYPTION_FAILED),
     120             :         ERROR_ENTRY(N_("Public key encryption has failed."),
     121             :                     GNUTLS_E_PK_ENCRYPTION_FAILED),
     122             :         ERROR_ENTRY(N_("Public key signing has failed."),
     123             :                     GNUTLS_E_PK_SIGN_FAILED),
     124             :         ERROR_ENTRY(N_("Public key signature verification has failed."),
     125             :                     GNUTLS_E_PK_SIG_VERIFY_FAILED),
     126             :         ERROR_ENTRY(N_
     127             :                     ("Decompression of the TLS record packet has failed."),
     128             :                     GNUTLS_E_DECOMPRESSION_FAILED),
     129             :         ERROR_ENTRY(N_("Compression of the TLS record packet has failed."),
     130             :                     GNUTLS_E_COMPRESSION_FAILED),
     131             : 
     132             :         ERROR_ENTRY(N_("Internal error in memory allocation."),
     133             :                     GNUTLS_E_MEMORY_ERROR),
     134             :         ERROR_ENTRY(N_
     135             :                     ("An unimplemented or disabled feature has been requested."),
     136             :                     GNUTLS_E_UNIMPLEMENTED_FEATURE),
     137             :         ERROR_ENTRY(N_("Insufficient credentials for that request."),
     138             :                     GNUTLS_E_INSUFFICIENT_CREDENTIALS),
     139             :         ERROR_ENTRY(N_("Error in password/key file."), GNUTLS_E_SRP_PWD_ERROR),
     140             :         ERROR_ENTRY(N_("Wrong padding in PKCS1 packet."),
     141             :                     GNUTLS_E_PKCS1_WRONG_PAD),
     142             :         ERROR_ENTRY(N_("The session or certificate has expired."),
     143             :                     GNUTLS_E_EXPIRED),
     144             :         ERROR_ENTRY(N_("The certificate is not yet activated."),
     145             :                     GNUTLS_E_NOT_YET_ACTIVATED),
     146             :         ERROR_ENTRY(N_("Hashing has failed."), GNUTLS_E_HASH_FAILED),
     147             :         ERROR_ENTRY(N_("Base64 decoding error."),
     148             :                     GNUTLS_E_BASE64_DECODING_ERROR),
     149             :         ERROR_ENTRY(N_("Base64 unexpected header error."),
     150             :                     GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR),
     151             :         ERROR_ENTRY(N_("Base64 encoding error."),
     152             :                     GNUTLS_E_BASE64_ENCODING_ERROR),
     153             :         ERROR_ENTRY(N_("Parsing error in password/key file."),
     154             :                     GNUTLS_E_SRP_PWD_PARSING_ERROR),
     155             :         ERROR_ENTRY(N_("The requested data were not available."),
     156             :                     GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE),
     157             :         ERROR_ENTRY(N_("There are no embedded data in the structure."),
     158             :                     GNUTLS_E_NO_EMBEDDED_DATA),
     159             :         ERROR_ENTRY(N_("Error in the pull function."), GNUTLS_E_PULL_ERROR),
     160             :         ERROR_ENTRY(N_("Error in the push function."), GNUTLS_E_PUSH_ERROR),
     161             :         ERROR_ENTRY(N_
     162             :                     ("The upper limit of record packet sequence numbers has been reached. Wow!"),
     163             :                     GNUTLS_E_RECORD_LIMIT_REACHED),
     164             :         ERROR_ENTRY(N_("Error in the certificate."),
     165             :                     GNUTLS_E_CERTIFICATE_ERROR),
     166             :         ERROR_ENTRY(N_("Error in the time fields of certificate."),
     167             :                     GNUTLS_E_CERTIFICATE_TIME_ERROR),
     168             :         ERROR_ENTRY(N_("Error in the certificate verification."),
     169             :                     GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR),
     170             :         ERROR_ENTRY(N_("Error in the CRL verification."),
     171             :                     GNUTLS_E_CRL_VERIFICATION_ERROR),
     172             :         ERROR_ENTRY(N_("Error in the private key verification; seed doesn't match."),
     173             :                     GNUTLS_E_PRIVKEY_VERIFICATION_ERROR),
     174             :         ERROR_ENTRY(N_("Could not authenticate peer."),
     175             :                     GNUTLS_E_AUTH_ERROR),
     176             :         ERROR_ENTRY(N_
     177             :                     ("Unknown Subject Alternative name in X.509 certificate."),
     178             :                     GNUTLS_E_X509_UNKNOWN_SAN),
     179             :         ERROR_ENTRY(N_
     180             :                         ("CIDR name constraint is malformed in size or structure."),
     181             :                         GNUTLS_E_MALFORMED_CIDR),
     182             : 
     183             :         ERROR_ENTRY(N_
     184             :                     ("Unsupported critical extension in X.509 certificate."),
     185             :                     GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION),
     186             :         ERROR_ENTRY(N_("Unsupported extension in X.509 certificate."),
     187             :                     GNUTLS_E_X509_UNSUPPORTED_EXTENSION),
     188             :         ERROR_ENTRY(N_("Duplicate extension in X.509 certificate."),
     189             :                     GNUTLS_E_X509_DUPLICATE_EXTENSION),
     190             :         ERROR_ENTRY(N_
     191             :                     ("Key usage violation in certificate has been detected."),
     192             :                     GNUTLS_E_KEY_USAGE_VIOLATION),
     193             :         ERROR_ENTRY(N_("Function was interrupted."), GNUTLS_E_INTERRUPTED),
     194             :         ERROR_ENTRY(N_
     195             :                     ("TLS Application data were received, while expecting handshake data."),
     196             :                     GNUTLS_E_GOT_APPLICATION_DATA),
     197             :         ERROR_ENTRY(N_("Error in Database backend."), GNUTLS_E_DB_ERROR),
     198             :         ERROR_ENTRY(N_("The Database entry already exists."), GNUTLS_E_DB_ENTRY_EXISTS),
     199             :         ERROR_ENTRY(N_("The certificate type is not supported."),
     200             :                     GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE),
     201             :         ERROR_ENTRY(N_
     202             :                     ("The given memory buffer is too short to hold parameters."),
     203             :                     GNUTLS_E_SHORT_MEMORY_BUFFER),
     204             :         ERROR_ENTRY(N_("The request is invalid."),
     205             :                     GNUTLS_E_INVALID_REQUEST),
     206             :         ERROR_ENTRY(N_("The cookie was bad."), GNUTLS_E_BAD_COOKIE),
     207             :         ERROR_ENTRY(N_("An illegal parameter has been received."),
     208             :                     GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER),
     209             :         ERROR_ENTRY(N_("An illegal parameter was found."),
     210             :                     GNUTLS_E_ILLEGAL_PARAMETER),
     211             :         ERROR_ENTRY(N_("Error while reading file."), GNUTLS_E_FILE_ERROR),
     212             :         ERROR_ENTRY(N_("A disallowed SNI server name has been received."),
     213             :                     GNUTLS_E_RECEIVED_DISALLOWED_NAME),
     214             : 
     215             :         ERROR_ENTRY(N_("ASN1 parser: Element was not found."),
     216             :                     GNUTLS_E_ASN1_ELEMENT_NOT_FOUND),
     217             :         ERROR_ENTRY(N_("ASN1 parser: Identifier was not found"),
     218             :                     GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND),
     219             :         ERROR_ENTRY(N_("ASN1 parser: Error in DER parsing."),
     220             :                     GNUTLS_E_ASN1_DER_ERROR),
     221             :         ERROR_ENTRY(N_("ASN1 parser: Value was not found."),
     222             :                     GNUTLS_E_ASN1_VALUE_NOT_FOUND),
     223             :         ERROR_ENTRY(N_("ASN1 parser: Generic parsing error."),
     224             :                     GNUTLS_E_ASN1_GENERIC_ERROR),
     225             :         ERROR_ENTRY(N_("ASN1 parser: Value is not valid."),
     226             :                     GNUTLS_E_ASN1_VALUE_NOT_VALID),
     227             :         ERROR_ENTRY(N_("ASN1 parser: Error in TAG."),
     228             :                     GNUTLS_E_ASN1_TAG_ERROR),
     229             :         ERROR_ENTRY(N_("ASN1 parser: error in implicit tag"),
     230             :                     GNUTLS_E_ASN1_TAG_IMPLICIT),
     231             :         ERROR_ENTRY(N_("ASN1 parser: Error in type 'ANY'."),
     232             :                     GNUTLS_E_ASN1_TYPE_ANY_ERROR),
     233             :         ERROR_ENTRY(N_("ASN1 parser: Syntax error."),
     234             :                     GNUTLS_E_ASN1_SYNTAX_ERROR),
     235             :         ERROR_ENTRY(N_("ASN1 parser: Overflow in DER parsing."),
     236             :                     GNUTLS_E_ASN1_DER_OVERFLOW),
     237             : 
     238             :         ERROR_ENTRY(N_
     239             :                     ("Too many empty record packets have been received."),
     240             :                     GNUTLS_E_TOO_MANY_EMPTY_PACKETS),
     241             :         ERROR_ENTRY(N_("Too many handshake packets have been received."),
     242             :                     GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS),
     243             :         ERROR_ENTRY(N_("More than a single object matches the criteria."),
     244             :                     GNUTLS_E_TOO_MANY_MATCHES),
     245             :         ERROR_ENTRY(N_("The crypto library version is too old."),
     246             :                     GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY),
     247             : 
     248             :         ERROR_ENTRY(N_("The tasn1 library version is too old."),
     249             :                     GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY),
     250             :         ERROR_ENTRY(N_("The OpenPGP User ID is revoked."),
     251             :                     GNUTLS_E_OPENPGP_UID_REVOKED),
     252             :         ERROR_ENTRY(N_("The OpenPGP key has not a preferred key set."),
     253             :                     GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR),
     254             :         ERROR_ENTRY(N_("Error loading the keyring."),
     255             :                     GNUTLS_E_OPENPGP_KEYRING_ERROR),
     256             :         ERROR_ENTRY(N_("The initialization of crypto backend has failed."),
     257             :                     GNUTLS_E_CRYPTO_INIT_FAILED),
     258             :         ERROR_ENTRY(N_
     259             :                     ("No supported compression algorithms have been found."),
     260             :                     GNUTLS_E_NO_COMPRESSION_ALGORITHMS),
     261             :         ERROR_ENTRY(N_("No supported cipher suites have been found."),
     262             :                     GNUTLS_E_NO_CIPHER_SUITES),
     263             :         ERROR_ENTRY(N_("Could not get OpenPGP key."),
     264             :                     GNUTLS_E_OPENPGP_GETKEY_FAILED),
     265             :         ERROR_ENTRY(N_("Could not find OpenPGP subkey."),
     266             :                     GNUTLS_E_OPENPGP_SUBKEY_ERROR),
     267             :         ERROR_ENTRY(N_("Safe renegotiation failed."),
     268             :                     GNUTLS_E_SAFE_RENEGOTIATION_FAILED),
     269             :         ERROR_ENTRY(N_("Unsafe renegotiation denied."),
     270             :                     GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED),
     271             : 
     272             :         ERROR_ENTRY(N_("The SRP username supplied is illegal."),
     273             :                     GNUTLS_E_ILLEGAL_SRP_USERNAME),
     274             :         ERROR_ENTRY(N_("The username supplied is unknown."),
     275             :                     GNUTLS_E_UNKNOWN_SRP_USERNAME),
     276             : 
     277             :         ERROR_ENTRY(N_("The OpenPGP fingerprint is not supported."),
     278             :                     GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED),
     279             :         ERROR_ENTRY(N_("The signature algorithm is not supported."),
     280             :                     GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM),
     281             :         ERROR_ENTRY(N_("The certificate has unsupported attributes."),
     282             :                     GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE),
     283             :         ERROR_ENTRY(N_("The OID is not supported."),
     284             :                     GNUTLS_E_X509_UNSUPPORTED_OID),
     285             :         ERROR_ENTRY(N_("The hash algorithm is unknown."),
     286             :                     GNUTLS_E_UNKNOWN_HASH_ALGORITHM),
     287             :         ERROR_ENTRY(N_("The PKCS structure's content type is unknown."),
     288             :                     GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE),
     289             :         ERROR_ENTRY(N_("The PKCS structure's bag type is unknown."),
     290             :                     GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE),
     291             :         ERROR_ENTRY(N_("The given password contains invalid characters."),
     292             :                     GNUTLS_E_INVALID_PASSWORD),
     293             :         ERROR_ENTRY(N_("The given string contains invalid UTF-8 characters."),
     294             :                     GNUTLS_E_INVALID_UTF8_STRING),
     295             :         ERROR_ENTRY(N_("The given email string contains non-ASCII characters before '@'."),
     296             :                     GNUTLS_E_INVALID_UTF8_EMAIL),
     297             :         ERROR_ENTRY(N_("The given password contains invalid characters."),
     298             :                     GNUTLS_E_INVALID_PASSWORD_STRING),
     299             :         ERROR_ENTRY(N_
     300             :                     ("The Message Authentication Code verification failed."),
     301             :                     GNUTLS_E_MAC_VERIFY_FAILED),
     302             :         ERROR_ENTRY(N_("Some constraint limits were reached."),
     303             :                     GNUTLS_E_CONSTRAINT_ERROR),
     304             :         ERROR_ENTRY(N_("Failed to acquire random data."),
     305             :                     GNUTLS_E_RANDOM_FAILED),
     306             :         ERROR_ENTRY(N_("Verifying TLS/IA phase checksum failed"),
     307             :                     GNUTLS_E_IA_VERIFY_FAILED),
     308             : 
     309             :         ERROR_ENTRY(N_("The specified algorithm or protocol is unknown."),
     310             :                     GNUTLS_E_UNKNOWN_ALGORITHM),
     311             : 
     312             :         ERROR_ENTRY(N_("The handshake data size is too large."),
     313             :                     GNUTLS_E_HANDSHAKE_TOO_LARGE),
     314             : 
     315             :         ERROR_ENTRY(N_("Error opening /dev/crypto"),
     316             :                     GNUTLS_E_CRYPTODEV_DEVICE_ERROR),
     317             : 
     318             :         ERROR_ENTRY(N_("Error interfacing with /dev/crypto"),
     319             :                     GNUTLS_E_CRYPTODEV_IOCTL_ERROR),
     320             :         ERROR_ENTRY(N_("Peer has terminated the connection"),
     321             :                     GNUTLS_E_SESSION_EOF),
     322             :         ERROR_ENTRY(N_("Channel binding data not available"),
     323             :                     GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE),
     324             : 
     325             :         ERROR_ENTRY(N_("TPM error."),
     326             :                     GNUTLS_E_TPM_ERROR),
     327             :         ERROR_ENTRY(N_("The TPM library (trousers) cannot be found."),
     328             :                     GNUTLS_E_TPM_NO_LIB),
     329             :         ERROR_ENTRY(N_("TPM is not initialized."),
     330             :                     GNUTLS_E_TPM_UNINITIALIZED),
     331             :         ERROR_ENTRY(N_("TPM key was not found in persistent storage."),
     332             :                     GNUTLS_E_TPM_KEY_NOT_FOUND),
     333             :         ERROR_ENTRY(N_("Cannot initialize a session with the TPM."),
     334             :                     GNUTLS_E_TPM_SESSION_ERROR),
     335             :         ERROR_ENTRY(N_("PKCS #11 error."),
     336             :                     GNUTLS_E_PKCS11_ERROR),
     337             :         ERROR_ENTRY(N_("PKCS #11 initialization error."),
     338             :                     GNUTLS_E_PKCS11_LOAD_ERROR),
     339             :         ERROR_ENTRY(N_("Error in parsing."),
     340             :                     GNUTLS_E_PARSING_ERROR),
     341             :         ERROR_ENTRY(N_("Error in provided PIN."),
     342             :                     GNUTLS_E_PKCS11_PIN_ERROR),
     343             :         ERROR_ENTRY(N_("Error in provided SRK password for TPM."),
     344             :                     GNUTLS_E_TPM_SRK_PASSWORD_ERROR),
     345             :         ERROR_ENTRY(N_
     346             :                     ("Error in provided password for key to be loaded in TPM."),
     347             :                     GNUTLS_E_TPM_KEY_PASSWORD_ERROR),
     348             :         ERROR_ENTRY(N_("PKCS #11 error in slot"),
     349             :                     GNUTLS_E_PKCS11_SLOT_ERROR),
     350             :         ERROR_ENTRY(N_("Thread locking error"),
     351             :                     GNUTLS_E_LOCKING_ERROR),
     352             :         ERROR_ENTRY(N_("PKCS #11 error in attribute"),
     353             :                     GNUTLS_E_PKCS11_ATTRIBUTE_ERROR),
     354             :         ERROR_ENTRY(N_("PKCS #11 error in device"),
     355             :                     GNUTLS_E_PKCS11_DEVICE_ERROR),
     356             :         ERROR_ENTRY(N_("PKCS #11 error in data"),
     357             :                     GNUTLS_E_PKCS11_DATA_ERROR),
     358             :         ERROR_ENTRY(N_("PKCS #11 unsupported feature"),
     359             :                     GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR),
     360             :         ERROR_ENTRY(N_("PKCS #11 error in key"),
     361             :                     GNUTLS_E_PKCS11_KEY_ERROR),
     362             :         ERROR_ENTRY(N_("PKCS #11 PIN expired"),
     363             :                     GNUTLS_E_PKCS11_PIN_EXPIRED),
     364             :         ERROR_ENTRY(N_("PKCS #11 PIN locked"),
     365             :                     GNUTLS_E_PKCS11_PIN_LOCKED),
     366             :         ERROR_ENTRY(N_("PKCS #11 error in session"),
     367             :                     GNUTLS_E_PKCS11_SESSION_ERROR),
     368             :         ERROR_ENTRY(N_("PKCS #11 error in signature"),
     369             :                     GNUTLS_E_PKCS11_SIGNATURE_ERROR),
     370             :         ERROR_ENTRY(N_("PKCS #11 error in token"),
     371             :                     GNUTLS_E_PKCS11_TOKEN_ERROR),
     372             :         ERROR_ENTRY(N_("PKCS #11 user error"),
     373             :                     GNUTLS_E_PKCS11_USER_ERROR),
     374             :         ERROR_ENTRY(N_("The operation timed out"),
     375             :                     GNUTLS_E_TIMEDOUT),
     376             :         ERROR_ENTRY(N_("The operation was cancelled due to user error"),
     377             :                     GNUTLS_E_USER_ERROR),
     378             :         ERROR_ENTRY(N_("No supported ECC curves were found"),
     379             :                     GNUTLS_E_ECC_NO_SUPPORTED_CURVES),
     380             :         ERROR_ENTRY(N_("The curve is unsupported"),
     381             :                     GNUTLS_E_ECC_UNSUPPORTED_CURVE),
     382             :         ERROR_ENTRY(N_("The requested PKCS #11 object is not available"),
     383             :                     GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE),
     384             :         ERROR_ENTRY(N_
     385             :                     ("The provided X.509 certificate list is not sorted (in subject to issuer order)"),
     386             :                     GNUTLS_E_CERTIFICATE_LIST_UNSORTED),
     387             :         ERROR_ENTRY(N_("The OCSP response is invalid"),
     388             :                     GNUTLS_E_OCSP_RESPONSE_ERROR),
     389             :         ERROR_ENTRY(N_("The OCSP response provided doesn't match the available certificates"),
     390             :                     GNUTLS_E_OCSP_MISMATCH_WITH_CERTS),
     391             :         ERROR_ENTRY(N_("There is no certificate status (OCSP)."),
     392             :                     GNUTLS_E_NO_CERTIFICATE_STATUS),
     393             :         ERROR_ENTRY(N_("Error in the system's randomness device."),
     394             :                     GNUTLS_E_RANDOM_DEVICE_ERROR),
     395             :         ERROR_ENTRY(N_
     396             :                     ("No common application protocol could be negotiated."),
     397             :                     GNUTLS_E_NO_APPLICATION_PROTOCOL),
     398             :         ERROR_ENTRY(N_("Error while performing self checks."),
     399             :                     GNUTLS_E_SELF_TEST_ERROR),
     400             :         ERROR_ENTRY(N_("There is no self test for this algorithm."),
     401             :                     GNUTLS_E_NO_SELF_TEST),
     402             :         ERROR_ENTRY(N_("An error has been detected in the library and cannot continue operations."),
     403             :                     GNUTLS_E_LIB_IN_ERROR_STATE),
     404             :         ERROR_ENTRY(N_("Error in sockets initialization."),
     405             :                     GNUTLS_E_SOCKETS_INIT_ERROR),
     406             :         ERROR_ENTRY(N_("Error in public key generation."),
     407             :                     GNUTLS_E_PK_GENERATION_ERROR),
     408             :         ERROR_ENTRY(N_("Invalid TLS extensions length field."),
     409             :                     GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH),
     410             :         ERROR_ENTRY(N_("Peer's certificate or username has changed during a rehandshake."),
     411             :                     GNUTLS_E_SESSION_USER_ID_CHANGED),
     412             :         ERROR_ENTRY(N_("The provided string has an embedded null."),
     413             :                     GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING),
     414             :         ERROR_ENTRY(N_("Attempted handshake during false start."),
     415             :                     GNUTLS_E_HANDSHAKE_DURING_FALSE_START),
     416             :         ERROR_ENTRY(N_("The SNI host name not recognised."),
     417             :                     GNUTLS_E_UNRECOGNIZED_NAME),
     418             :         ERROR_ENTRY(N_("There was an issue converting to or from UTF8."),
     419             :                     GNUTLS_E_IDNA_ERROR),
     420             :         ERROR_ENTRY(N_("Cannot perform this action while handshake is in progress."),
     421             :                     GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE),
     422             :         ERROR_ENTRY(N_("The public key is invalid."),
     423             :                     GNUTLS_E_PK_INVALID_PUBKEY),
     424             :         ERROR_ENTRY(N_("There are no validation parameters present."),
     425             :                     GNUTLS_E_PK_NO_VALIDATION_PARAMS),
     426             :         ERROR_ENTRY(N_("The public key parameters are invalid."),
     427             :                     GNUTLS_E_PK_INVALID_PUBKEY_PARAMS),
     428             :         ERROR_ENTRY(N_("The private key is invalid."),
     429             :                     GNUTLS_E_PK_INVALID_PRIVKEY),
     430             :         ERROR_ENTRY(N_("The DER time encoding is invalid."),
     431             :                     GNUTLS_E_ASN1_TIME_ERROR),
     432             :         ERROR_ENTRY(N_("The signature is incompatible with the public key."),
     433             :                     GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY),
     434             :         ERROR_ENTRY(N_("One of the involved algorithms has insufficient security level."),
     435             :                     GNUTLS_E_INSUFFICIENT_SECURITY),
     436             :         ERROR_ENTRY(N_("No common key share with peer."),
     437             :                     GNUTLS_E_NO_COMMON_KEY_SHARE),
     438             :         ERROR_ENTRY(N_("The early data were rejected."),
     439             :                     GNUTLS_E_EARLY_DATA_REJECTED),
     440             :         {NULL, NULL, 0}
     441             : };
     442             : 
     443             : static const gnutls_error_entry non_fatal_error_entries[] = {
     444             :         ERROR_ENTRY(N_("Success."), GNUTLS_E_SUCCESS),
     445             :         ERROR_ENTRY(N_("A TLS warning alert has been received."),
     446             :                     GNUTLS_E_WARNING_ALERT_RECEIVED),
     447             :         ERROR_ENTRY(N_("A heartbeat pong message was received."),
     448             :                     GNUTLS_E_HEARTBEAT_PONG_RECEIVED),
     449             :         ERROR_ENTRY(N_("A heartbeat ping message was received."),
     450             :                     GNUTLS_E_HEARTBEAT_PING_RECEIVED),
     451             :         ERROR_ENTRY(N_("Resource temporarily unavailable, try again."),
     452             :                     GNUTLS_E_AGAIN),
     453             :         ERROR_ENTRY(N_("The transmitted packet is too large (EMSGSIZE)."),
     454             :                     GNUTLS_E_LARGE_PACKET),
     455             :         ERROR_ENTRY(N_("Function was interrupted."), GNUTLS_E_INTERRUPTED),
     456             :         ERROR_ENTRY(N_("Rehandshake was requested by the peer."),
     457             :                     GNUTLS_E_REHANDSHAKE),
     458             :         ERROR_ENTRY(N_("Re-authentication was requested by the peer."),
     459             :                     GNUTLS_E_REAUTH_REQUEST),
     460             :         /* Only non fatal (for handshake) errors here */
     461             :         {NULL, NULL, 0}
     462             : };
     463             : 
     464             : /**
     465             :  * gnutls_error_is_fatal:
     466             :  * @error: is a GnuTLS error code, a negative error code
     467             :  *
     468             :  * If a GnuTLS function returns a negative error code you may feed that
     469             :  * value to this function to see if the error condition is fatal to
     470             :  * a TLS session (i.e., must be terminated).
     471             :  *
     472             :  * Note that you may also want to check the error code manually, since some
     473             :  * non-fatal errors to the protocol (such as a warning alert or
     474             :  * a rehandshake request) may be fatal for your program.
     475             :  *
     476             :  * This function is only useful if you are dealing with errors from
     477             :  * functions that relate to a TLS session (e.g., record layer or handshake
     478             :  * layer handling functions).
     479             :  *
     480             :  * Returns: Non-zero value on fatal errors or zero on non-fatal.
     481             :  **/
     482    70522500 : int gnutls_error_is_fatal(int error)
     483             : {
     484    70522500 :         int ret = 1;
     485    70522500 :         const gnutls_error_entry *p;
     486             : 
     487             :         /* Input sanitzation.  Positive values are not errors at all, and
     488             :            definitely not fatal. */
     489    70522500 :         if (error > 0)
     490             :                 return 0;
     491             : 
     492   352727000 :         for (p = non_fatal_error_entries; p->desc != NULL; p++) {
     493   352703000 :                 if (p->number == error) {
     494             :                         ret = 0;
     495             :                         break;
     496             :                 }
     497             :         }
     498             : 
     499             :         return ret;
     500             : }
     501             : 
     502             : /**
     503             :  * gnutls_perror:
     504             :  * @error: is a GnuTLS error code, a negative error code
     505             :  *
     506             :  * This function is like perror(). The only difference is that it
     507             :  * accepts an error number returned by a gnutls function.
     508             :  **/
     509           1 : void gnutls_perror(int error)
     510             : {
     511           1 :         fprintf(stderr, "GnuTLS error: %s\n", gnutls_strerror(error));
     512           1 : }
     513             : 
     514             : 
     515             : /**
     516             :  * gnutls_strerror:
     517             :  * @error: is a GnuTLS error code, a negative error code
     518             :  *
     519             :  * This function is similar to strerror.  The difference is that it
     520             :  * accepts an error number returned by a gnutls function; In case of
     521             :  * an unknown error a descriptive string is sent instead of %NULL.
     522             :  *
     523             :  * Error codes are always a negative error code.
     524             :  *
     525             :  * Returns: A string explaining the GnuTLS error message.
     526             :  **/
     527        6665 : const char *gnutls_strerror(int error)
     528             : {
     529        6665 :         const char *ret = NULL;
     530        6665 :         const gnutls_error_entry *p;
     531             : 
     532      455487 :         for (p = error_entries; p->desc != NULL; p++) {
     533      454419 :                 if (p->number == error) {
     534             :                         ret = p->desc;
     535             :                         break;
     536             :                 }
     537             :         }
     538             : 
     539        6665 :         if (ret == NULL) {
     540       10629 :                 for (p = non_fatal_error_entries; p->desc != NULL; p++) {
     541        9570 :                         if (p->number == error) {
     542             :                                 ret = p->desc;
     543             :                                 break;
     544             :                         }
     545             :                 }
     546             :         }
     547             : 
     548             :         /* avoid prefix */
     549        6665 :         if (ret == NULL)
     550        1059 :                 return _("(unknown error code)");
     551             : 
     552        5606 :         return _(ret);
     553             : }
     554             : 
     555             : /**
     556             :  * gnutls_strerror_name:
     557             :  * @error: is an error returned by a gnutls function.
     558             :  *
     559             :  * Return the GnuTLS error code define as a string.  For example,
     560             :  * gnutls_strerror_name (GNUTLS_E_DH_PRIME_UNACCEPTABLE) will return
     561             :  * the string "GNUTLS_E_DH_PRIME_UNACCEPTABLE".
     562             :  *
     563             :  * Returns: A string corresponding to the symbol name of the error
     564             :  * code.
     565             :  *
     566             :  * Since: 2.6.0
     567             :  **/
     568        1251 : const char *gnutls_strerror_name(int error)
     569             : {
     570        1251 :         const char *ret = NULL;
     571        1251 :         const gnutls_error_entry *p;
     572             : 
     573      214415 :         for (p = error_entries; p->desc != NULL; p++) {
     574      213348 :                 if (p->number == error) {
     575         184 :                         ret = p->_name;
     576         184 :                         break;
     577             :                 }
     578             :         }
     579             : 
     580        1251 :         if (ret == NULL) {
     581       10628 :                 for (p = non_fatal_error_entries; p->desc != NULL; p++) {
     582        9569 :                         if (p->number == error) {
     583           8 :                                 ret = p->_name;
     584           8 :                                 break;
     585             :                         }
     586             :                 }
     587             :         }
     588             : 
     589        1251 :         return ret;
     590             : }
     591             : 
     592         755 : void _gnutls_mpi_log(const char *prefix, bigint_t a)
     593             : {
     594         755 :         size_t binlen = 0;
     595         755 :         void *binbuf;
     596         755 :         size_t hexlen;
     597         755 :         char *hexbuf;
     598         755 :         int res;
     599             : 
     600         755 :         if (_gnutls_log_level < 2)
     601         755 :                 return;
     602             : 
     603           0 :         res = _gnutls_mpi_print(a, NULL, &binlen);
     604           0 :         if (res < 0 && res != GNUTLS_E_SHORT_MEMORY_BUFFER) {
     605           0 :                 gnutls_assert();
     606           0 :                 _gnutls_hard_log("MPI: %s can't print value (%d/%d)\n",
     607             :                                  prefix, res, (int) binlen);
     608           0 :                 return;
     609             :         }
     610             : 
     611           0 :         if (binlen > 1024 * 1024) {
     612           0 :                 gnutls_assert();
     613           0 :                 _gnutls_hard_log("MPI: %s too large mpi (%d)\n", prefix,
     614             :                                  (int) binlen);
     615           0 :                 return;
     616             :         }
     617             : 
     618           0 :         binbuf = gnutls_malloc(binlen);
     619           0 :         if (!binbuf) {
     620           0 :                 gnutls_assert();
     621           0 :                 _gnutls_hard_log("MPI: %s out of memory (%d)\n", prefix,
     622             :                                  (int) binlen);
     623           0 :                 return;
     624             :         }
     625             : 
     626           0 :         res = _gnutls_mpi_print(a, binbuf, &binlen);
     627           0 :         if (res != 0) {
     628           0 :                 gnutls_assert();
     629           0 :                 _gnutls_hard_log("MPI: %s can't print value (%d/%d)\n",
     630             :                                  prefix, res, (int) binlen);
     631           0 :                 gnutls_free(binbuf);
     632           0 :                 return;
     633             :         }
     634             : 
     635           0 :         hexlen = 2 * binlen + 1;
     636           0 :         hexbuf = gnutls_malloc(hexlen);
     637             : 
     638           0 :         if (!hexbuf) {
     639           0 :                 gnutls_assert();
     640           0 :                 _gnutls_hard_log("MPI: %s out of memory (hex %d)\n",
     641             :                                  prefix, (int) hexlen);
     642           0 :                 gnutls_free(binbuf);
     643           0 :                 return;
     644             :         }
     645             : 
     646           0 :         _gnutls_bin2hex(binbuf, binlen, hexbuf, hexlen, NULL);
     647             : 
     648           0 :         _gnutls_hard_log("MPI: length: %d\n\t%s%s\n", (int) binlen, prefix,
     649             :                          hexbuf);
     650             : 
     651           0 :         gnutls_free(hexbuf);
     652           0 :         gnutls_free(binbuf);
     653             : }
     654             : 
     655             : /* this function will output a message using the
     656             :  * caller provided function
     657             :  */
     658     1243900 : void _gnutls_log(int level, const char *fmt, ...)
     659             : {
     660     1243900 :         va_list args;
     661     1243900 :         char *str;
     662     1243900 :         int ret;
     663             : 
     664     1243900 :         if (_gnutls_log_func == NULL)
     665           0 :                 return;
     666             : 
     667     1243900 :         va_start(args, fmt);
     668     1243900 :         ret = vasprintf(&str, fmt, args);
     669     1243900 :         va_end(args);
     670             : 
     671     1243900 :         if (ret >= 0) {
     672     1243900 :                 _gnutls_log_func(level, str);
     673     1243900 :                 free(str);
     674             :         }
     675             : }
     676             : 
     677        3430 : void _gnutls_audit_log(gnutls_session_t session, const char *fmt, ...)
     678             : {
     679        3430 :         va_list args;
     680        3430 :         char *str;
     681        3430 :         int ret;
     682             : 
     683        3430 :         if (_gnutls_audit_log_func == NULL && _gnutls_log_func == NULL)
     684        2119 :                 return;
     685             : 
     686        1311 :         va_start(args, fmt);
     687        1311 :         ret = vasprintf(&str, fmt, args);
     688        1311 :         va_end(args);
     689             : 
     690        1311 :         if (ret >= 0) {
     691        1311 :                 if (_gnutls_audit_log_func)
     692         735 :                         _gnutls_audit_log_func(session, str);
     693             :                 else
     694         576 :                         _gnutls_log_func(1, str);
     695        1311 :                 free(str);
     696             :         }
     697             : }
     698             : 
     699             : #ifndef DEBUG
     700             : #ifndef C99_MACROS
     701             : 
     702             : /* Without C99 macros these functions have to
     703             :  * be called. This may affect performance.
     704             :  */
     705             : void _gnutls_null_log(void *x, ...)
     706             : {
     707             :         return;
     708             : }
     709             : 
     710             : #endif                          /* C99_MACROS */
     711             : #endif                          /* DEBUG */

Generated by: LCOV version 1.14