# # Copyright (c) 2011, JANET(UK) # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # 3. Neither the name of JANET(UK) nor the names of its contributors # may be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # error_table eapg # # Standards-track Protocol errors that can be returned in an error token. This should match # up with makeErrorToken in accept_sec_context.c. # error_code GSSEAP_RESERVED, "" error_code GSSEAP_WRONG_SIZE, "Buffer is incorrect size" error_code GSSEAP_WRONG_MECH, "Mechanism OID is incorrect" error_code GSSEAP_BAD_TOK_HEADER, "Token header is malformed or corrupt" error_code GSSEAP_TOK_TRUNC, "Token is missing data" error_code GSSEAP_BAD_DIRECTION, "Packet was replayed in wrong direction" error_code GSSEAP_WRONG_TOK_ID, "Received token ID does not match expected token ID" error_code GSSEAP_CRIT_ITOK_UNAVAILABLE, "Critical inner token type unavailable" error_code GSSEAP_MISSING_REQUIRED_ITOK, "Missing required inner token" error_code GSSEAP_DUPLICATE_ITOK, "Duplicate inner token received" error_code GSSEAP_WRONG_ITOK, "Recieved invalid inner token for current state" error_code GSSEAP_KEY_UNAVAILABLE, "EAP key unavailable" error_code GSSEAP_KEY_TOO_SHORT, "EAP key too short" error_code GSSEAP_RADIUS_AUTH_FAILURE, "Authentication rejected by RADIUS server" error_code GSSEAP_UNKNOWN_RADIUS_CODE, "Received unknown response code from RADIUS server" error_code GSSEAP_MISSING_EAP_REQUEST, "RADIUS response is missing EAP request" error_code GSSEAP_RADIUS_PROT_FAILURE, "Generic RADIUS failure" # Extension errors starting with 128 that can be returned in a #protocol token; again should match accept_sec_context.c error_code GSSEAP_RADIUS_UNROUTABLE, "Proxy had no route to identity provider realm" error_code GSSEAP_RADIUS_ADMIN_PROHIBIT, "IDP Administratively Prohibits Request" # # Context errors # error_code GSSEAP_CONTEXT_ESTABLISHED, "Context is already fully established" error_code GSSEAP_CONTEXT_INCOMPLETE, "Attempt to use incomplete security context" error_code GSSEAP_BAD_CONTEXT_TOKEN, "Context token is malformed or corrupt" error_code GSSEAP_BAD_ERROR_TOKEN, "Error token is malformed or corrupt" error_code GSSEAP_BAD_CONTEXT_OPTION, "Bad context option" # # Name errors # error_code GSSEAP_BAD_SERVICE_NAME, "Name is not a valid service name" error_code GSSEAP_BAD_INITIATOR_NAME, "Initiator identity must be a valid name" error_code GSSEAP_NO_HOSTNAME, "Could not determine local host name" error_code GSSEAP_NO_ACCEPTOR_NAME, "Could not determine acceptor identity" error_code GSSEAP_WRONG_ACCEPTOR_NAME, "Acceptor identity different than expected" error_code GSSEAP_BAD_ACCEPTOR_NAME, "Acceptor name is too long or has too many components" error_code GSSEAP_BAD_NAME_TOKEN, "Name token is malformed or corrupt" error_code GSSEAP_NO_LOCAL_MAPPING, "Unable to map name to a local identity" # # Credential errors # error_code GSSEAP_BAD_USAGE, "Credential usage type is unknown" error_code GSSEAP_CRED_USAGE_MISMATCH, "Credential usage does not match requested usage" error_code GSSEAP_CRED_MECH_MISMATCH, "Credential is not usable with this mechanism" error_code GSSEAP_CRED_EXPIRED, "Attributes indicate credentials have expired" error_code GSSEAP_BAD_CRED_OPTION, "Bad credential option" error_code GSSEAP_NO_DEFAULT_IDENTITY, "Default credentials identity unavailable" error_code GSSEAP_NO_DEFAULT_CRED, "Missing default password or other credentials" error_code GSSEAP_CRED_RESOLVED, "Credential is already fully resolved" error_code GSSEAP_BAD_CACERTIFICATE, "CA Certificate blob could not be parsed" # # Local identity service errors # error_code GSSEAP_UNABLE_TO_START_IDENTITY_SERVICE, "Unable to start identity service" error_code GSSEAP_NO_IDENTITY_SELECTED, "No identity selected" error_code GSSEAP_IDENTITY_SERVICE_INSTALL_ERROR, "Identity service installation error" error_code GSSEAP_IDENTITY_SERVICE_OS_ERROR, "Identity service OS error" error_code GSSEAP_IDENTITY_SERVICE_IPC_ERROR, "Identity service IPC error" error_code GSSEAP_IDENTITY_SERVICE_UNKNOWN_ERROR, "Unknown identity service error" # # Wrap/unwrap/PRF errors # error_code GSSEAP_BAD_WRAP_TOKEN, "Bad RFC 4121 wrap or MIC token" error_code GSSEAP_MISSING_IOV, "IOV is missing required buffer" error_code GSSEAP_BAD_STREAM_IOV, "Stream IOV can only contain a single data buffer" error_code GSSEAP_BAD_PADDING_IOV, "Padding IOV is not permitted for RFC 4121 tokens" error_code GSSEAP_UNKNOWN_QOP, "Unknown quality of protection specified" error_code GSSEAP_INPUT_TOO_LONG, "PRF input too long" error_code GSSEAP_BAD_PRF_KEY, "PRF key usage type is unknown" # # libeap errors # error_code GSSEAP_LIBEAP_INIT_FAILURE, "Failed to initialize EAP library" error_code GSSEAP_PEER_SM_INIT_FAILURE, "Failed to create EAP state machine" error_code GSSEAP_PEER_SM_STEP_FAILURE, "Failed to step EAP state machine" error_code GSSEAP_PEER_AUTH_FAILURE, "EAP peer authentication failure" error_code GSSEAP_PEER_BAD_MESSAGE, "Received bad EAP message" # # RadSec initialisation errors # error_code GSSEAP_RADSEC_INIT_FAILURE, "Failed to initialize RadSec library" error_code GSSEAP_RADSEC_CONTEXT_FAILURE, "Failed to create RadSec context" # # Attribute errors # error_code GSSEAP_NO_ATTR_CONTEXT, "Name has no attributes" error_code GSSEAP_NO_ATTR_PROVIDERS, "Failed to initialize attribute providers" error_code GSSEAP_NO_SUCH_ATTR, "Unknown naming attribute" error_code GSSEAP_BAD_ATTR_TOKEN, "Serialised attributes are malformed or corrupt" error_code GSSEAP_ATTR_CONTEXT_FAILURE, "Failed to initialize attribute context" # # OpenSAML errors # error_code GSSEAP_SAML_INIT_FAILURE, "Failed to initialize SAML library" error_code GSSEAP_SAML_SEC_POLICY_FAILURE, "Failed to process SAML security policy" error_code GSSEAP_SAML_BINDING_FAILURE, "Failed in SAML binding processing" error_code GSSEAP_SAML_PROFILE_FAILURE, "Failed to process SAML profile" error_code GSSEAP_SAML_FATAL_PROFILE_FAILURE, "Non-recoverable failure in SAML profile processing" error_code GSSEAP_SAML_RETRY_PROFILE_FAILURE, "Temporary failure in SAML profile processing" error_code GSSEAP_SAML_METADATA_FAILURE, "Failure related to SAML metadata use" # # Shibboleth errors # error_code GSSEAP_SHIB_INIT_FAILURE, "Failed to initialize Shibboleth" error_code GSSEAP_SHIB_ATTR_FAILURE, "Failure during local attribute processing" error_code GSSEAP_SHIB_ATTR_EXTRACT_FAILURE, "Failed to extract local attributes" error_code GSSEAP_SHIB_ATTR_FILTER_FAILURE, "Failed to filter local attributes" error_code GSSEAP_SHIB_ATTR_RESOLVE_FAILURE, "Failed to resolve local attributes" error_code GSSEAP_SHIB_CONFIG_FAILURE, "Local attribute configuration failure" error_code GSSEAP_SHIB_LISTENER_FAILURE, "Failed to communicate with local attribute server" # # Extensions # error_code GSSEAP_BINDINGS_MISMATCH, "Channel bindings do not match" error_code GSSEAP_MISSING_BINDINGS, "Channel binding token missing" error_code GSSEAP_NO_MECHGLUE_SYMBOL, "Could not find symbol in mechanism glue" error_code GSSEAP_BAD_INVOCATION, "Bad mechanism invoke OID" end