2 # Copyright (c) 2011, JANET(UK)
5 # Redistribution and use in source and binary forms, with or without
6 # modification, are permitted provided that the following conditions
9 # 1. Redistributions of source code must retain the above copyright
10 # notice, this list of conditions and the following disclaimer.
12 # 2. Redistributions in binary form must reproduce the above copyright
13 # notice, this list of conditions and the following disclaimer in the
14 # documentation and/or other materials provided with the distribution.
16 # 3. Neither the name of JANET(UK) nor the names of its contributors
17 # may be used to endorse or promote products derived from this software
18 # without specific prior written permission.
20 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
24 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 # Protocol errors that can be returned in an error token. This should match
37 # up with makeErrorToken in accept_sec_context.c.
39 error_code GSSEAP_RESERVED, ""
40 error_code GSSEAP_WRONG_SIZE, "Buffer is incorrect size"
41 error_code GSSEAP_WRONG_MECH, "Mechanism OID is incorrect"
42 error_code GSSEAP_BAD_TOK_HEADER, "Token header is malformed or corrupt"
43 error_code GSSEAP_TOK_TRUNC, "Token is missing data"
44 error_code GSSEAP_BAD_DIRECTION, "Packet was replayed in wrong direction"
45 error_code GSSEAP_WRONG_TOK_ID, "Received token ID does not match expected token ID"
46 error_code GSSEAP_CRIT_ITOK_UNAVAILABLE, "Critical inner token type unavailable"
47 error_code GSSEAP_MISSING_REQUIRED_ITOK, "Missing required inner token"
48 error_code GSSEAP_DUPLICATE_ITOK, "Duplicate inner token received"
49 error_code GSSEAP_WRONG_ITOK, "Recieved invalid inner token for current state"
50 error_code GSSEAP_KEY_UNAVAILABLE, "EAP key unavailable"
51 error_code GSSEAP_KEY_TOO_SHORT, "EAP key too short"
52 error_code GSSEAP_RADIUS_AUTH_FAILURE, "Authentication rejected by RADIUS server"
53 error_code GSSEAP_UNKNOWN_RADIUS_CODE, "Received unknown response code from RADIUS server"
54 error_code GSSEAP_MISSING_EAP_REQUEST, "RADIUS response is missing EAP request"
55 error_code GSSEAP_RADIUS_PROT_FAILURE, "Generic RADIUS failure"
60 error_code GSSEAP_CONTEXT_ESTABLISHED, "Context is already fully established"
61 error_code GSSEAP_CONTEXT_INCOMPLETE, "Attempt to use incomplete security context"
62 error_code GSSEAP_BAD_CONTEXT_TOKEN, "Context token is malformed or corrupt"
63 error_code GSSEAP_BAD_ERROR_TOKEN, "Error token is malformed or corrupt"
64 error_code GSSEAP_BAD_CONTEXT_OPTION, "Bad context option"
69 error_code GSSEAP_BAD_SERVICE_NAME, "Name is not a valid service name"
70 error_code GSSEAP_BAD_INITIATOR_NAME, "Initiator identity must be a valid name"
71 error_code GSSEAP_NO_HOSTNAME, "Could not determine local host name"
72 error_code GSSEAP_NO_ACCEPTOR_NAME, "Could not determine acceptor identity"
77 error_code GSSEAP_BAD_USAGE, "Credential usage type is unknown"
78 error_code GSSEAP_CRED_USAGE_MISMATCH, "Credential usage does not match requested usage"
79 error_code GSSEAP_CRED_MECH_MISMATCH, "Credential is not usable with this mechanism"
80 error_code GSSEAP_BAD_CRED_OPTION, "Bad credential option"
81 error_code GSSEAP_MISSING_PASSWORD, "Missing initiator credential password"
84 # Wrap/unwrap/PRF errors
86 error_code GSSEAP_BAD_WRAP_TOKEN, "Bad RFC 4121 wrap or MIC token"
87 error_code GSSEAP_MISSING_IOV, "IOV is missing required buffer"
88 error_code GSSEAP_BAD_STREAM_IOV, "Stream IOV can only contain a single data buffer"
89 error_code GSSEAP_BAD_PADDING_IOV, "Padding IOV is not permitted for RFC 4121 tokens"
90 error_code GSSEAP_UNKNOWN_QOP, "Unknown quality of protection specified"
91 error_code GSSEAP_INPUT_TOO_LONG, "PRF input too long"
92 error_code GSSEAP_BAD_PRF_KEY, "PRF key usage type is unknown"
97 error_code GSSEAP_LIBEAP_INIT_FAILURE, "Failed to initialize EAP library"
98 error_code GSSEAP_PEER_SM_INIT_FAILURE, "Failed to create EAP state machine"
99 error_code GSSEAP_PEER_SM_STEP_FAILURE, "Failed to step EAP state machine"
100 error_code GSSEAP_PEER_AUTH_FAILURE, "EAP peer authentication failure"
101 error_code GSSEAP_PEER_BAD_MESSAGE, "Received bad EAP message"
104 # RadSec initialisation errors
106 error_code GSSEAP_RADSEC_INIT_FAILURE, "Failed to initialize RadSec library"
107 error_code GSSEAP_RADSEC_CONTEXT_FAILURE, "Failed to create RadSec context"
112 error_code GSSEAP_NO_ATTR_CONTEXT, "Name has no attributes"
113 error_code GSSEAP_NO_ATTR_PROVIDERS, "Failed to initialize attribute providers"
114 error_code GSSEAP_NO_SUCH_ATTR, "Unknown naming attribute"
115 error_code GSSEAP_BAD_ATTR_TOKEN, "Serialised attributes are malformed or corrupt"
116 error_code GSSEAP_ATTR_CONTEXT_FAILURE, "Failed to initialize attribute context"
121 error_code GSSEAP_SAML_INIT_FAILURE, "Failed to initialize SAML library"
122 error_code GSSEAP_SAML_SEC_POLICY_FAILURE, "Failed to process SAML security policy"
123 error_code GSSEAP_SAML_BINDING_FAILURE, "Failed in SAML binding processing"
124 error_code GSSEAP_SAML_PROFILE_FAILURE, "Failed to process SAML profile"
125 error_code GSSEAP_SAML_FATAL_PROFILE_FAILURE, "Non-recoverable failure in SAML profile processing"
126 error_code GSSEAP_SAML_RETRY_PROFILE_FAILURE, "Temporary failure in SAML profile processing"
127 error_code GSSEAP_SAML_METADATA_FAILURE, "Failure related to SAML metadata use"
132 error_code GSSEAP_SHIB_INIT_FAILURE, "Failed to initialize Shibboleth"
133 error_code GSSEAP_SHIB_ATTR_FAILURE, "Failure during local attribute processing"
134 error_code GSSEAP_SHIB_ATTR_EXTRACT_FAILURE, "Failed to extract local attributes"
135 error_code GSSEAP_SHIB_ATTR_FILTER_FAILURE, "Failed to filter local attributes"
136 error_code GSSEAP_SHIB_ATTR_RESOLVE_FAILURE, "Failed to resolve local attributes"
137 error_code GSSEAP_SHIB_CONFIG_FAILURE, "Local attribute configuration failure"
138 error_code GSSEAP_SHIB_LISTENER_FAILURE, "Failed to communicate with local attribute server"
143 error_code GSSEAP_BINDINGS_MISMATCH, "Channel bindings do not match"
144 error_code GSSEAP_NO_MECHGLUE_SYMBOL, "Could not find symbol in mechanism glue"
145 error_code GSSEAP_BAD_INVOCATION, "Bad mechanism invoke OID"