1 /***************************************************************************
2  *                                  _   _ ____  _
3  *  Project                     ___| | | |  _ \| |
4  *                             / __| | | | |_) | |
5  *                            | (__| |_| |  _ <| |___
6  *                             \___|\___/|_| \_\_____|
7  *
8  * Copyright (C) 2004 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
9  *
10  * This software is licensed as described in the file COPYING, which
11  * you should have received as part of this distribution. The terms
12  * are also available at http://curl.haxx.se/docs/copyright.html.
13  *
14  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15  * copies of the Software, and permit persons to whom the Software is
16  * furnished to do so, under the terms of the COPYING file.
17  *
18  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19  * KIND, either express or implied.
20  *
21  ***************************************************************************/
22 
23 #include "curl_setup.h"
24 
25 #ifdef HAVE_STRERROR_R
26 #  if (!defined(HAVE_POSIX_STRERROR_R) && \
27        !defined(HAVE_GLIBC_STRERROR_R) && \
28        !defined(HAVE_VXWORKS_STRERROR_R)) || \
29       (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)) || \
30       (defined(HAVE_GLIBC_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)) || \
31       (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R))
32 #    error "strerror_r MUST be either POSIX, glibc or vxworks-style"
33 #  endif
34 #endif
35 
36 #include <curl/curl.h>
37 
38 #ifdef USE_LIBIDN
39 #include <idna.h>
40 #endif
41 
42 #include "strerror.h"
43 #include "curl_printf.h"
44 #include "curl_memory.h"
45 /* The last #include file should be: */
46 #include "memdebug.h"
47 
48 const char *
curl_easy_strerror(CURLcode error)49 curl_easy_strerror(CURLcode error)
50 {
51 #ifndef CURL_DISABLE_VERBOSE_STRINGS
52   switch (error) {
53   case CURLE_OK:
54     return "No error";
55 
56   case CURLE_UNSUPPORTED_PROTOCOL:
57     return "Unsupported protocol";
58 
59   case CURLE_FAILED_INIT:
60     return "Failed initialization";
61 
62   case CURLE_URL_MALFORMAT:
63     return "URL using bad/illegal format or missing URL";
64 
65   case CURLE_NOT_BUILT_IN:
66     return "A requested feature, protocol or option was not found built-in in"
67       " this libcurl due to a build-time decision.";
68 
69   case CURLE_COULDNT_RESOLVE_PROXY:
70     return "Couldn't resolve proxy name";
71 
72   case CURLE_COULDNT_RESOLVE_HOST:
73     return "Couldn't resolve host name";
74 
75   case CURLE_COULDNT_CONNECT:
76     return "Couldn't connect to server";
77 
78   case CURLE_FTP_WEIRD_SERVER_REPLY:
79     return "FTP: weird server reply";
80 
81   case CURLE_REMOTE_ACCESS_DENIED:
82     return "Access denied to remote resource";
83 
84   case CURLE_FTP_ACCEPT_FAILED:
85     return "FTP: The server failed to connect to data port";
86 
87   case CURLE_FTP_ACCEPT_TIMEOUT:
88     return "FTP: Accepting server connect has timed out";
89 
90   case CURLE_FTP_PRET_FAILED:
91     return "FTP: The server did not accept the PRET command.";
92 
93   case CURLE_FTP_WEIRD_PASS_REPLY:
94     return "FTP: unknown PASS reply";
95 
96   case CURLE_FTP_WEIRD_PASV_REPLY:
97     return "FTP: unknown PASV reply";
98 
99   case CURLE_FTP_WEIRD_227_FORMAT:
100     return "FTP: unknown 227 response format";
101 
102   case CURLE_FTP_CANT_GET_HOST:
103     return "FTP: can't figure out the host in the PASV response";
104 
105   case CURLE_HTTP2:
106     return "Error in the HTTP2 framing layer";
107 
108   case CURLE_FTP_COULDNT_SET_TYPE:
109     return "FTP: couldn't set file type";
110 
111   case CURLE_PARTIAL_FILE:
112     return "Transferred a partial file";
113 
114   case CURLE_FTP_COULDNT_RETR_FILE:
115     return "FTP: couldn't retrieve (RETR failed) the specified file";
116 
117   case CURLE_QUOTE_ERROR:
118     return "Quote command returned error";
119 
120   case CURLE_HTTP_RETURNED_ERROR:
121     return "HTTP response code said error";
122 
123   case CURLE_WRITE_ERROR:
124     return "Failed writing received data to disk/application";
125 
126   case CURLE_UPLOAD_FAILED:
127     return "Upload failed (at start/before it took off)";
128 
129   case CURLE_READ_ERROR:
130     return "Failed to open/read local data from file/application";
131 
132   case CURLE_OUT_OF_MEMORY:
133     return "Out of memory";
134 
135   case CURLE_OPERATION_TIMEDOUT:
136     return "Timeout was reached";
137 
138   case CURLE_FTP_PORT_FAILED:
139     return "FTP: command PORT failed";
140 
141   case CURLE_FTP_COULDNT_USE_REST:
142     return "FTP: command REST failed";
143 
144   case CURLE_RANGE_ERROR:
145     return "Requested range was not delivered by the server";
146 
147   case CURLE_HTTP_POST_ERROR:
148     return "Internal problem setting up the POST";
149 
150   case CURLE_SSL_CONNECT_ERROR:
151     return "SSL connect error";
152 
153   case CURLE_BAD_DOWNLOAD_RESUME:
154     return "Couldn't resume download";
155 
156   case CURLE_FILE_COULDNT_READ_FILE:
157     return "Couldn't read a file:// file";
158 
159   case CURLE_LDAP_CANNOT_BIND:
160     return "LDAP: cannot bind";
161 
162   case CURLE_LDAP_SEARCH_FAILED:
163     return "LDAP: search failed";
164 
165   case CURLE_FUNCTION_NOT_FOUND:
166     return "A required function in the library was not found";
167 
168   case CURLE_ABORTED_BY_CALLBACK:
169     return "Operation was aborted by an application callback";
170 
171   case CURLE_BAD_FUNCTION_ARGUMENT:
172     return "A libcurl function was given a bad argument";
173 
174   case CURLE_INTERFACE_FAILED:
175     return "Failed binding local connection end";
176 
177   case CURLE_TOO_MANY_REDIRECTS :
178     return "Number of redirects hit maximum amount";
179 
180   case CURLE_UNKNOWN_OPTION:
181     return "An unknown option was passed in to libcurl";
182 
183   case CURLE_TELNET_OPTION_SYNTAX :
184     return "Malformed telnet option";
185 
186   case CURLE_PEER_FAILED_VERIFICATION:
187     return "SSL peer certificate or SSH remote key was not OK";
188 
189   case CURLE_GOT_NOTHING:
190     return "Server returned nothing (no headers, no data)";
191 
192   case CURLE_SSL_ENGINE_NOTFOUND:
193     return "SSL crypto engine not found";
194 
195   case CURLE_SSL_ENGINE_SETFAILED:
196     return "Can not set SSL crypto engine as default";
197 
198   case CURLE_SSL_ENGINE_INITFAILED:
199     return "Failed to initialise SSL crypto engine";
200 
201   case CURLE_SEND_ERROR:
202     return "Failed sending data to the peer";
203 
204   case CURLE_RECV_ERROR:
205     return "Failure when receiving data from the peer";
206 
207   case CURLE_SSL_CERTPROBLEM:
208     return "Problem with the local SSL certificate";
209 
210   case CURLE_SSL_CIPHER:
211     return "Couldn't use specified SSL cipher";
212 
213   case CURLE_SSL_CACERT:
214     return "Peer certificate cannot be authenticated with given CA "
215       "certificates";
216 
217   case CURLE_SSL_CACERT_BADFILE:
218     return "Problem with the SSL CA cert (path? access rights?)";
219 
220   case CURLE_BAD_CONTENT_ENCODING:
221     return "Unrecognized or bad HTTP Content or Transfer-Encoding";
222 
223   case CURLE_LDAP_INVALID_URL:
224     return "Invalid LDAP URL";
225 
226   case CURLE_FILESIZE_EXCEEDED:
227     return "Maximum file size exceeded";
228 
229   case CURLE_USE_SSL_FAILED:
230     return "Requested SSL level failed";
231 
232   case CURLE_SSL_SHUTDOWN_FAILED:
233     return "Failed to shut down the SSL connection";
234 
235   case CURLE_SSL_CRL_BADFILE:
236     return "Failed to load CRL file (path? access rights?, format?)";
237 
238   case CURLE_SSL_ISSUER_ERROR:
239     return "Issuer check against peer certificate failed";
240 
241   case CURLE_SEND_FAIL_REWIND:
242     return "Send failed since rewinding of the data stream failed";
243 
244   case CURLE_LOGIN_DENIED:
245     return "Login denied";
246 
247   case CURLE_TFTP_NOTFOUND:
248     return "TFTP: File Not Found";
249 
250   case CURLE_TFTP_PERM:
251     return "TFTP: Access Violation";
252 
253   case CURLE_REMOTE_DISK_FULL:
254     return "Disk full or allocation exceeded";
255 
256   case CURLE_TFTP_ILLEGAL:
257     return "TFTP: Illegal operation";
258 
259   case CURLE_TFTP_UNKNOWNID:
260     return "TFTP: Unknown transfer ID";
261 
262   case CURLE_REMOTE_FILE_EXISTS:
263     return "Remote file already exists";
264 
265   case CURLE_TFTP_NOSUCHUSER:
266     return "TFTP: No such user";
267 
268   case CURLE_CONV_FAILED:
269     return "Conversion failed";
270 
271   case CURLE_CONV_REQD:
272     return "Caller must register CURLOPT_CONV_ callback options";
273 
274   case CURLE_REMOTE_FILE_NOT_FOUND:
275     return "Remote file not found";
276 
277   case CURLE_SSH:
278     return "Error in the SSH layer";
279 
280   case CURLE_AGAIN:
281     return "Socket not ready for send/recv";
282 
283   case CURLE_RTSP_CSEQ_ERROR:
284     return "RTSP CSeq mismatch or invalid CSeq";
285 
286   case CURLE_RTSP_SESSION_ERROR:
287     return "RTSP session error";
288 
289   case CURLE_FTP_BAD_FILE_LIST:
290     return "Unable to parse FTP file list";
291 
292   case CURLE_CHUNK_FAILED:
293     return "Chunk callback failed";
294 
295   case CURLE_NO_CONNECTION_AVAILABLE:
296     return "The max connection limit is reached";
297 
298   case CURLE_SSL_PINNEDPUBKEYNOTMATCH:
299     return "SSL public key does not match pinned public key";
300 
301   case CURLE_SSL_INVALIDCERTSTATUS:
302     return "SSL server certificate status verification FAILED";
303 
304     /* error codes not used by current libcurl */
305   case CURLE_OBSOLETE20:
306   case CURLE_OBSOLETE24:
307   case CURLE_OBSOLETE29:
308   case CURLE_OBSOLETE32:
309   case CURLE_OBSOLETE40:
310   case CURLE_OBSOLETE44:
311   case CURLE_OBSOLETE46:
312   case CURLE_OBSOLETE50:
313   case CURLE_OBSOLETE57:
314   case CURL_LAST:
315     break;
316   }
317   /*
318    * By using a switch, gcc -Wall will complain about enum values
319    * which do not appear, helping keep this function up-to-date.
320    * By using gcc -Wall -Werror, you can't forget.
321    *
322    * A table would not have the same benefit.  Most compilers will
323    * generate code very similar to a table in any case, so there
324    * is little performance gain from a table.  And something is broken
325    * for the user's application, anyways, so does it matter how fast
326    * it _doesn't_ work?
327    *
328    * The line number for the error will be near this comment, which
329    * is why it is here, and not at the start of the switch.
330    */
331   return "Unknown error";
332 #else
333   if(!error)
334     return "No error";
335   else
336     return "Error";
337 #endif
338 }
339 
340 const char *
curl_multi_strerror(CURLMcode error)341 curl_multi_strerror(CURLMcode error)
342 {
343 #ifndef CURL_DISABLE_VERBOSE_STRINGS
344   switch (error) {
345   case CURLM_CALL_MULTI_PERFORM:
346     return "Please call curl_multi_perform() soon";
347 
348   case CURLM_OK:
349     return "No error";
350 
351   case CURLM_BAD_HANDLE:
352     return "Invalid multi handle";
353 
354   case CURLM_BAD_EASY_HANDLE:
355     return "Invalid easy handle";
356 
357   case CURLM_OUT_OF_MEMORY:
358     return "Out of memory";
359 
360   case CURLM_INTERNAL_ERROR:
361     return "Internal error";
362 
363   case CURLM_BAD_SOCKET:
364     return "Invalid socket argument";
365 
366   case CURLM_UNKNOWN_OPTION:
367     return "Unknown option";
368 
369   case CURLM_ADDED_ALREADY:
370     return "The easy handle is already added to a multi handle";
371 
372   case CURLM_LAST:
373     break;
374   }
375 
376   return "Unknown error";
377 #else
378   if(error == CURLM_OK)
379     return "No error";
380   else
381     return "Error";
382 #endif
383 }
384 
385 const char *
curl_share_strerror(CURLSHcode error)386 curl_share_strerror(CURLSHcode error)
387 {
388 #ifndef CURL_DISABLE_VERBOSE_STRINGS
389   switch (error) {
390   case CURLSHE_OK:
391     return "No error";
392 
393   case CURLSHE_BAD_OPTION:
394     return "Unknown share option";
395 
396   case CURLSHE_IN_USE:
397     return "Share currently in use";
398 
399   case CURLSHE_INVALID:
400     return "Invalid share handle";
401 
402   case CURLSHE_NOMEM:
403     return "Out of memory";
404 
405   case CURLSHE_NOT_BUILT_IN:
406     return "Feature not enabled in this library";
407 
408   case CURLSHE_LAST:
409     break;
410   }
411 
412   return "CURLSHcode unknown";
413 #else
414   if(error == CURLSHE_OK)
415     return "No error";
416   else
417     return "Error";
418 #endif
419 }
420 
421 #ifdef USE_WINSOCK
422 
423 /* This function handles most / all (?) Winsock errors cURL is able to produce.
424  */
425 static const char *
get_winsock_error(int err,char * buf,size_t len)426 get_winsock_error (int err, char *buf, size_t len)
427 {
428   const char *p;
429 
430 #ifndef CURL_DISABLE_VERBOSE_STRINGS
431   switch (err) {
432   case WSAEINTR:
433     p = "Call interrupted";
434     break;
435   case WSAEBADF:
436     p = "Bad file";
437     break;
438   case WSAEACCES:
439     p = "Bad access";
440     break;
441   case WSAEFAULT:
442     p = "Bad argument";
443     break;
444   case WSAEINVAL:
445     p = "Invalid arguments";
446     break;
447   case WSAEMFILE:
448     p = "Out of file descriptors";
449     break;
450   case WSAEWOULDBLOCK:
451     p = "Call would block";
452     break;
453   case WSAEINPROGRESS:
454   case WSAEALREADY:
455     p = "Blocking call in progress";
456     break;
457   case WSAENOTSOCK:
458     p = "Descriptor is not a socket";
459     break;
460   case WSAEDESTADDRREQ:
461     p = "Need destination address";
462     break;
463   case WSAEMSGSIZE:
464     p = "Bad message size";
465     break;
466   case WSAEPROTOTYPE:
467     p = "Bad protocol";
468     break;
469   case WSAENOPROTOOPT:
470     p = "Protocol option is unsupported";
471     break;
472   case WSAEPROTONOSUPPORT:
473     p = "Protocol is unsupported";
474     break;
475   case WSAESOCKTNOSUPPORT:
476     p = "Socket is unsupported";
477     break;
478   case WSAEOPNOTSUPP:
479     p = "Operation not supported";
480     break;
481   case WSAEAFNOSUPPORT:
482     p = "Address family not supported";
483     break;
484   case WSAEPFNOSUPPORT:
485     p = "Protocol family not supported";
486     break;
487   case WSAEADDRINUSE:
488     p = "Address already in use";
489     break;
490   case WSAEADDRNOTAVAIL:
491     p = "Address not available";
492     break;
493   case WSAENETDOWN:
494     p = "Network down";
495     break;
496   case WSAENETUNREACH:
497     p = "Network unreachable";
498     break;
499   case WSAENETRESET:
500     p = "Network has been reset";
501     break;
502   case WSAECONNABORTED:
503     p = "Connection was aborted";
504     break;
505   case WSAECONNRESET:
506     p = "Connection was reset";
507     break;
508   case WSAENOBUFS:
509     p = "No buffer space";
510     break;
511   case WSAEISCONN:
512     p = "Socket is already connected";
513     break;
514   case WSAENOTCONN:
515     p = "Socket is not connected";
516     break;
517   case WSAESHUTDOWN:
518     p = "Socket has been shut down";
519     break;
520   case WSAETOOMANYREFS:
521     p = "Too many references";
522     break;
523   case WSAETIMEDOUT:
524     p = "Timed out";
525     break;
526   case WSAECONNREFUSED:
527     p = "Connection refused";
528     break;
529   case WSAELOOP:
530     p = "Loop??";
531     break;
532   case WSAENAMETOOLONG:
533     p = "Name too long";
534     break;
535   case WSAEHOSTDOWN:
536     p = "Host down";
537     break;
538   case WSAEHOSTUNREACH:
539     p = "Host unreachable";
540     break;
541   case WSAENOTEMPTY:
542     p = "Not empty";
543     break;
544   case WSAEPROCLIM:
545     p = "Process limit reached";
546     break;
547   case WSAEUSERS:
548     p = "Too many users";
549     break;
550   case WSAEDQUOT:
551     p = "Bad quota";
552     break;
553   case WSAESTALE:
554     p = "Something is stale";
555     break;
556   case WSAEREMOTE:
557     p = "Remote error";
558     break;
559 #ifdef WSAEDISCON  /* missing in SalfordC! */
560   case WSAEDISCON:
561     p = "Disconnected";
562     break;
563 #endif
564     /* Extended Winsock errors */
565   case WSASYSNOTREADY:
566     p = "Winsock library is not ready";
567     break;
568   case WSANOTINITIALISED:
569     p = "Winsock library not initialised";
570     break;
571   case WSAVERNOTSUPPORTED:
572     p = "Winsock version not supported";
573     break;
574 
575     /* getXbyY() errors (already handled in herrmsg):
576      * Authoritative Answer: Host not found */
577   case WSAHOST_NOT_FOUND:
578     p = "Host not found";
579     break;
580 
581     /* Non-Authoritative: Host not found, or SERVERFAIL */
582   case WSATRY_AGAIN:
583     p = "Host not found, try again";
584     break;
585 
586     /* Non recoverable errors, FORMERR, REFUSED, NOTIMP */
587   case WSANO_RECOVERY:
588     p = "Unrecoverable error in call to nameserver";
589     break;
590 
591     /* Valid name, no data record of requested type */
592   case WSANO_DATA:
593     p = "No data record of requested type";
594     break;
595 
596   default:
597     return NULL;
598   }
599 #else
600   if(!err)
601     return NULL;
602   else
603     p = "error";
604 #endif
605   strncpy (buf, p, len);
606   buf [len-1] = '\0';
607   return buf;
608 }
609 #endif   /* USE_WINSOCK */
610 
611 /*
612  * Our thread-safe and smart strerror() replacement.
613  *
614  * The 'err' argument passed in to this function MUST be a true errno number
615  * as reported on this system. We do no range checking on the number before
616  * we pass it to the "number-to-message" conversion function and there might
617  * be systems that don't do proper range checking in there themselves.
618  *
619  * We don't do range checking (on systems other than Windows) since there is
620  * no good reliable and portable way to do it.
621  */
Curl_strerror(struct connectdata * conn,int err)622 const char *Curl_strerror(struct connectdata *conn, int err)
623 {
624   char *buf, *p;
625   size_t max;
626   int old_errno = ERRNO;
627 
628   DEBUGASSERT(conn);
629   DEBUGASSERT(err >= 0);
630 
631   buf = conn->syserr_buf;
632   max = sizeof(conn->syserr_buf)-1;
633   *buf = '\0';
634 
635 #ifdef USE_WINSOCK
636 
637 #ifdef _WIN32_WCE
638   {
639     wchar_t wbuf[256];
640     wbuf[0] = L'\0';
641 
642     FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, err,
643                   LANG_NEUTRAL, wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL);
644     wcstombs(buf, wbuf, max);
645   }
646 #else
647   /* 'sys_nerr' is the maximum errno number, it is not widely portable */
648   if(err >= 0 && err < sys_nerr)
649     strncpy(buf, strerror(err), max);
650   else {
651     if(!get_winsock_error(err, buf, max) &&
652        !FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM, NULL, err,
653                        LANG_NEUTRAL, buf, (DWORD)max, NULL))
654       snprintf(buf, max, "Unknown error %d (%#x)", err, err);
655   }
656 #endif
657 
658 #else /* not USE_WINSOCK coming up */
659 
660 #if defined(HAVE_STRERROR_R) && defined(HAVE_POSIX_STRERROR_R)
661  /*
662   * The POSIX-style strerror_r() may set errno to ERANGE if insufficient
663   * storage is supplied via 'strerrbuf' and 'buflen' to hold the generated
664   * message string, or EINVAL if 'errnum' is not a valid error number.
665   */
666   if(0 != strerror_r(err, buf, max)) {
667     if('\0' == buf[0])
668       snprintf(buf, max, "Unknown error %d", err);
669   }
670 #elif defined(HAVE_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R)
671  /*
672   * The glibc-style strerror_r() only *might* use the buffer we pass to
673   * the function, but it always returns the error message as a pointer,
674   * so we must copy that string unconditionally (if non-NULL).
675   */
676   {
677     char buffer[256];
678     char *msg = strerror_r(err, buffer, sizeof(buffer));
679     if(msg)
680       strncpy(buf, msg, max);
681     else
682       snprintf(buf, max, "Unknown error %d", err);
683   }
684 #elif defined(HAVE_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)
685  /*
686   * The vxworks-style strerror_r() does use the buffer we pass to the function.
687   * The buffer size should be at least NAME_MAX (256)
688   */
689   {
690     char buffer[256];
691     if(OK == strerror_r(err, buffer))
692       strncpy(buf, buffer, max);
693     else
694       snprintf(buf, max, "Unknown error %d", err);
695   }
696 #else
697   {
698     char *msg = strerror(err);
699     if(msg)
700       strncpy(buf, msg, max);
701     else
702       snprintf(buf, max, "Unknown error %d", err);
703   }
704 #endif
705 
706 #endif /* end of ! USE_WINSOCK */
707 
708   buf[max] = '\0'; /* make sure the string is zero terminated */
709 
710   /* strip trailing '\r\n' or '\n'. */
711   if((p = strrchr(buf, '\n')) != NULL && (p - buf) >= 2)
712      *p = '\0';
713   if((p = strrchr(buf, '\r')) != NULL && (p - buf) >= 1)
714      *p = '\0';
715 
716   if(old_errno != ERRNO)
717     SET_ERRNO(old_errno);
718 
719   return buf;
720 }
721 
722 #ifdef USE_LIBIDN
723 /*
724  * Return error-string for libidn status as returned from idna_to_ascii_lz().
725  */
Curl_idn_strerror(struct connectdata * conn,int err)726 const char *Curl_idn_strerror (struct connectdata *conn, int err)
727 {
728 #ifdef HAVE_IDNA_STRERROR
729   (void)conn;
730   return idna_strerror((Idna_rc) err);
731 #else
732   const char *str;
733   char *buf;
734   size_t max;
735 
736   DEBUGASSERT(conn);
737 
738   buf = conn->syserr_buf;
739   max = sizeof(conn->syserr_buf)-1;
740   *buf = '\0';
741 
742 #ifndef CURL_DISABLE_VERBOSE_STRINGS
743   switch ((Idna_rc)err) {
744     case IDNA_SUCCESS:
745       str = "No error";
746       break;
747     case IDNA_STRINGPREP_ERROR:
748       str = "Error in string preparation";
749       break;
750     case IDNA_PUNYCODE_ERROR:
751       str = "Error in Punycode operation";
752       break;
753     case IDNA_CONTAINS_NON_LDH:
754       str = "Illegal ASCII characters";
755       break;
756     case IDNA_CONTAINS_MINUS:
757       str = "Contains minus";
758       break;
759     case IDNA_INVALID_LENGTH:
760       str = "Invalid output length";
761       break;
762     case IDNA_NO_ACE_PREFIX:
763       str = "No ACE prefix (\"xn--\")";
764       break;
765     case IDNA_ROUNDTRIP_VERIFY_ERROR:
766       str = "Round trip verify error";
767       break;
768     case IDNA_CONTAINS_ACE_PREFIX:
769       str = "Already have ACE prefix (\"xn--\")";
770       break;
771     case IDNA_ICONV_ERROR:
772       str = "Locale conversion failed";
773       break;
774     case IDNA_MALLOC_ERROR:
775       str = "Allocation failed";
776       break;
777     case IDNA_DLOPEN_ERROR:
778       str = "dlopen() error";
779       break;
780     default:
781       snprintf(buf, max, "error %d", err);
782       str = NULL;
783       break;
784   }
785 #else
786   if((Idna_rc)err == IDNA_SUCCESS)
787     str = "No error";
788   else
789     str = "Error";
790 #endif
791   if(str)
792     strncpy(buf, str, max);
793   buf[max] = '\0';
794   return (buf);
795 #endif
796 }
797 #endif  /* USE_LIBIDN */
798 
799 #ifdef USE_WINDOWS_SSPI
Curl_sspi_strerror(struct connectdata * conn,int err)800 const char *Curl_sspi_strerror (struct connectdata *conn, int err)
801 {
802 #ifndef CURL_DISABLE_VERBOSE_STRINGS
803   char txtbuf[80];
804   char msgbuf[sizeof(conn->syserr_buf)];
805   char *p, *str, *msg = NULL;
806   bool msg_formatted = FALSE;
807   int old_errno;
808 #endif
809   const char *txt;
810   char *outbuf;
811   size_t outmax;
812 
813   DEBUGASSERT(conn);
814 
815   outbuf = conn->syserr_buf;
816   outmax = sizeof(conn->syserr_buf)-1;
817   *outbuf = '\0';
818 
819 #ifndef CURL_DISABLE_VERBOSE_STRINGS
820 
821   old_errno = ERRNO;
822 
823   switch (err) {
824     case SEC_E_OK:
825       txt = "No error";
826       break;
827     case SEC_E_ALGORITHM_MISMATCH:
828       txt = "SEC_E_ALGORITHM_MISMATCH";
829       break;
830     case SEC_E_BAD_BINDINGS:
831       txt = "SEC_E_BAD_BINDINGS";
832       break;
833     case SEC_E_BAD_PKGID:
834       txt = "SEC_E_BAD_PKGID";
835       break;
836     case SEC_E_BUFFER_TOO_SMALL:
837       txt = "SEC_E_BUFFER_TOO_SMALL";
838       break;
839     case SEC_E_CANNOT_INSTALL:
840       txt = "SEC_E_CANNOT_INSTALL";
841       break;
842     case SEC_E_CANNOT_PACK:
843       txt = "SEC_E_CANNOT_PACK";
844       break;
845     case SEC_E_CERT_EXPIRED:
846       txt = "SEC_E_CERT_EXPIRED";
847       break;
848     case SEC_E_CERT_UNKNOWN:
849       txt = "SEC_E_CERT_UNKNOWN";
850       break;
851     case SEC_E_CERT_WRONG_USAGE:
852       txt = "SEC_E_CERT_WRONG_USAGE";
853       break;
854     case SEC_E_CONTEXT_EXPIRED:
855       txt = "SEC_E_CONTEXT_EXPIRED";
856       break;
857     case SEC_E_CROSSREALM_DELEGATION_FAILURE:
858       txt = "SEC_E_CROSSREALM_DELEGATION_FAILURE";
859       break;
860     case SEC_E_CRYPTO_SYSTEM_INVALID:
861       txt = "SEC_E_CRYPTO_SYSTEM_INVALID";
862       break;
863     case SEC_E_DECRYPT_FAILURE:
864       txt = "SEC_E_DECRYPT_FAILURE";
865       break;
866     case SEC_E_DELEGATION_POLICY:
867       txt = "SEC_E_DELEGATION_POLICY";
868       break;
869     case SEC_E_DELEGATION_REQUIRED:
870       txt = "SEC_E_DELEGATION_REQUIRED";
871       break;
872     case SEC_E_DOWNGRADE_DETECTED:
873       txt = "SEC_E_DOWNGRADE_DETECTED";
874       break;
875     case SEC_E_ENCRYPT_FAILURE:
876       txt = "SEC_E_ENCRYPT_FAILURE";
877       break;
878     case SEC_E_ILLEGAL_MESSAGE:
879       txt = "SEC_E_ILLEGAL_MESSAGE";
880       break;
881     case SEC_E_INCOMPLETE_CREDENTIALS:
882       txt = "SEC_E_INCOMPLETE_CREDENTIALS";
883       break;
884     case SEC_E_INCOMPLETE_MESSAGE:
885       txt = "SEC_E_INCOMPLETE_MESSAGE";
886       break;
887     case SEC_E_INSUFFICIENT_MEMORY:
888       txt = "SEC_E_INSUFFICIENT_MEMORY";
889       break;
890     case SEC_E_INTERNAL_ERROR:
891       txt = "SEC_E_INTERNAL_ERROR";
892       break;
893     case SEC_E_INVALID_HANDLE:
894       txt = "SEC_E_INVALID_HANDLE";
895       break;
896     case SEC_E_INVALID_PARAMETER:
897       txt = "SEC_E_INVALID_PARAMETER";
898       break;
899     case SEC_E_INVALID_TOKEN:
900       txt = "SEC_E_INVALID_TOKEN";
901       break;
902     case SEC_E_ISSUING_CA_UNTRUSTED:
903       txt = "SEC_E_ISSUING_CA_UNTRUSTED";
904       break;
905     case SEC_E_ISSUING_CA_UNTRUSTED_KDC:
906       txt = "SEC_E_ISSUING_CA_UNTRUSTED_KDC";
907       break;
908     case SEC_E_KDC_CERT_EXPIRED:
909       txt = "SEC_E_KDC_CERT_EXPIRED";
910       break;
911     case SEC_E_KDC_CERT_REVOKED:
912       txt = "SEC_E_KDC_CERT_REVOKED";
913       break;
914     case SEC_E_KDC_INVALID_REQUEST:
915       txt = "SEC_E_KDC_INVALID_REQUEST";
916       break;
917     case SEC_E_KDC_UNABLE_TO_REFER:
918       txt = "SEC_E_KDC_UNABLE_TO_REFER";
919       break;
920     case SEC_E_KDC_UNKNOWN_ETYPE:
921       txt = "SEC_E_KDC_UNKNOWN_ETYPE";
922       break;
923     case SEC_E_LOGON_DENIED:
924       txt = "SEC_E_LOGON_DENIED";
925       break;
926     case SEC_E_MAX_REFERRALS_EXCEEDED:
927       txt = "SEC_E_MAX_REFERRALS_EXCEEDED";
928       break;
929     case SEC_E_MESSAGE_ALTERED:
930       txt = "SEC_E_MESSAGE_ALTERED";
931       break;
932     case SEC_E_MULTIPLE_ACCOUNTS:
933       txt = "SEC_E_MULTIPLE_ACCOUNTS";
934       break;
935     case SEC_E_MUST_BE_KDC:
936       txt = "SEC_E_MUST_BE_KDC";
937       break;
938     case SEC_E_NOT_OWNER:
939       txt = "SEC_E_NOT_OWNER";
940       break;
941     case SEC_E_NO_AUTHENTICATING_AUTHORITY:
942       txt = "SEC_E_NO_AUTHENTICATING_AUTHORITY";
943       break;
944     case SEC_E_NO_CREDENTIALS:
945       txt = "SEC_E_NO_CREDENTIALS";
946       break;
947     case SEC_E_NO_IMPERSONATION:
948       txt = "SEC_E_NO_IMPERSONATION";
949       break;
950     case SEC_E_NO_IP_ADDRESSES:
951       txt = "SEC_E_NO_IP_ADDRESSES";
952       break;
953     case SEC_E_NO_KERB_KEY:
954       txt = "SEC_E_NO_KERB_KEY";
955       break;
956     case SEC_E_NO_PA_DATA:
957       txt = "SEC_E_NO_PA_DATA";
958       break;
959     case SEC_E_NO_S4U_PROT_SUPPORT:
960       txt = "SEC_E_NO_S4U_PROT_SUPPORT";
961       break;
962     case SEC_E_NO_TGT_REPLY:
963       txt = "SEC_E_NO_TGT_REPLY";
964       break;
965     case SEC_E_OUT_OF_SEQUENCE:
966       txt = "SEC_E_OUT_OF_SEQUENCE";
967       break;
968     case SEC_E_PKINIT_CLIENT_FAILURE:
969       txt = "SEC_E_PKINIT_CLIENT_FAILURE";
970       break;
971     case SEC_E_PKINIT_NAME_MISMATCH:
972       txt = "SEC_E_PKINIT_NAME_MISMATCH";
973       break;
974     case SEC_E_POLICY_NLTM_ONLY:
975       txt = "SEC_E_POLICY_NLTM_ONLY";
976       break;
977     case SEC_E_QOP_NOT_SUPPORTED:
978       txt = "SEC_E_QOP_NOT_SUPPORTED";
979       break;
980     case SEC_E_REVOCATION_OFFLINE_C:
981       txt = "SEC_E_REVOCATION_OFFLINE_C";
982       break;
983     case SEC_E_REVOCATION_OFFLINE_KDC:
984       txt = "SEC_E_REVOCATION_OFFLINE_KDC";
985       break;
986     case SEC_E_SECPKG_NOT_FOUND:
987       txt = "SEC_E_SECPKG_NOT_FOUND";
988       break;
989     case SEC_E_SECURITY_QOS_FAILED:
990       txt = "SEC_E_SECURITY_QOS_FAILED";
991       break;
992     case SEC_E_SHUTDOWN_IN_PROGRESS:
993       txt = "SEC_E_SHUTDOWN_IN_PROGRESS";
994       break;
995     case SEC_E_SMARTCARD_CERT_EXPIRED:
996       txt = "SEC_E_SMARTCARD_CERT_EXPIRED";
997       break;
998     case SEC_E_SMARTCARD_CERT_REVOKED:
999       txt = "SEC_E_SMARTCARD_CERT_REVOKED";
1000       break;
1001     case SEC_E_SMARTCARD_LOGON_REQUIRED:
1002       txt = "SEC_E_SMARTCARD_LOGON_REQUIRED";
1003       break;
1004     case SEC_E_STRONG_CRYPTO_NOT_SUPPORTED:
1005       txt = "SEC_E_STRONG_CRYPTO_NOT_SUPPORTED";
1006       break;
1007     case SEC_E_TARGET_UNKNOWN:
1008       txt = "SEC_E_TARGET_UNKNOWN";
1009       break;
1010     case SEC_E_TIME_SKEW:
1011       txt = "SEC_E_TIME_SKEW";
1012       break;
1013     case SEC_E_TOO_MANY_PRINCIPALS:
1014       txt = "SEC_E_TOO_MANY_PRINCIPALS";
1015       break;
1016     case SEC_E_UNFINISHED_CONTEXT_DELETED:
1017       txt = "SEC_E_UNFINISHED_CONTEXT_DELETED";
1018       break;
1019     case SEC_E_UNKNOWN_CREDENTIALS:
1020       txt = "SEC_E_UNKNOWN_CREDENTIALS";
1021       break;
1022     case SEC_E_UNSUPPORTED_FUNCTION:
1023       txt = "SEC_E_UNSUPPORTED_FUNCTION";
1024       break;
1025     case SEC_E_UNSUPPORTED_PREAUTH:
1026       txt = "SEC_E_UNSUPPORTED_PREAUTH";
1027       break;
1028     case SEC_E_UNTRUSTED_ROOT:
1029       txt = "SEC_E_UNTRUSTED_ROOT";
1030       break;
1031     case SEC_E_WRONG_CREDENTIAL_HANDLE:
1032       txt = "SEC_E_WRONG_CREDENTIAL_HANDLE";
1033       break;
1034     case SEC_E_WRONG_PRINCIPAL:
1035       txt = "SEC_E_WRONG_PRINCIPAL";
1036       break;
1037     case SEC_I_COMPLETE_AND_CONTINUE:
1038       txt = "SEC_I_COMPLETE_AND_CONTINUE";
1039       break;
1040     case SEC_I_COMPLETE_NEEDED:
1041       txt = "SEC_I_COMPLETE_NEEDED";
1042       break;
1043     case SEC_I_CONTEXT_EXPIRED:
1044       txt = "SEC_I_CONTEXT_EXPIRED";
1045       break;
1046     case SEC_I_CONTINUE_NEEDED:
1047       txt = "SEC_I_CONTINUE_NEEDED";
1048       break;
1049     case SEC_I_INCOMPLETE_CREDENTIALS:
1050       txt = "SEC_I_INCOMPLETE_CREDENTIALS";
1051       break;
1052     case SEC_I_LOCAL_LOGON:
1053       txt = "SEC_I_LOCAL_LOGON";
1054       break;
1055     case SEC_I_NO_LSA_CONTEXT:
1056       txt = "SEC_I_NO_LSA_CONTEXT";
1057       break;
1058     case SEC_I_RENEGOTIATE:
1059       txt = "SEC_I_RENEGOTIATE";
1060       break;
1061     case SEC_I_SIGNATURE_NEEDED:
1062       txt = "SEC_I_SIGNATURE_NEEDED";
1063       break;
1064     default:
1065       txt = "Unknown error";
1066   }
1067 
1068   if(err == SEC_E_OK)
1069     strncpy(outbuf, txt, outmax);
1070   else if(err == SEC_E_ILLEGAL_MESSAGE)
1071     snprintf(outbuf, outmax,
1072              "SEC_E_ILLEGAL_MESSAGE (0x%04X%04X) - This error usually occurs "
1073              "when a fatal SSL/TLS alert is received (e.g. handshake failed). "
1074              "More detail may be available in the Windows System event log.",
1075              (err >> 16) & 0xffff, err & 0xffff);
1076   else {
1077     str = txtbuf;
1078     snprintf(txtbuf, sizeof(txtbuf), "%s (0x%04X%04X)",
1079              txt, (err >> 16) & 0xffff, err & 0xffff);
1080     txtbuf[sizeof(txtbuf)-1] = '\0';
1081 
1082 #ifdef _WIN32_WCE
1083     {
1084       wchar_t wbuf[256];
1085       wbuf[0] = L'\0';
1086 
1087       if(FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM |
1088                        FORMAT_MESSAGE_IGNORE_INSERTS,
1089                        NULL, err, LANG_NEUTRAL,
1090                        wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL)) {
1091         wcstombs(msgbuf, wbuf, sizeof(msgbuf)-1);
1092         msg_formatted = TRUE;
1093       }
1094     }
1095 #else
1096     if(FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM |
1097                       FORMAT_MESSAGE_IGNORE_INSERTS,
1098                       NULL, err, LANG_NEUTRAL,
1099                       msgbuf, sizeof(msgbuf)-1, NULL)) {
1100       msg_formatted = TRUE;
1101     }
1102 #endif
1103     if(msg_formatted) {
1104       msgbuf[sizeof(msgbuf)-1] = '\0';
1105       /* strip trailing '\r\n' or '\n' */
1106       if((p = strrchr(msgbuf, '\n')) != NULL && (p - msgbuf) >= 2)
1107          *p = '\0';
1108       if((p = strrchr(msgbuf, '\r')) != NULL && (p - msgbuf) >= 1)
1109          *p = '\0';
1110       msg = msgbuf;
1111     }
1112     if(msg)
1113       snprintf(outbuf, outmax, "%s - %s", str, msg);
1114     else
1115       strncpy(outbuf, str, outmax);
1116   }
1117 
1118   if(old_errno != ERRNO)
1119     SET_ERRNO(old_errno);
1120 
1121 #else
1122 
1123   if(err == SEC_E_OK)
1124     txt = "No error";
1125   else
1126     txt = "Error";
1127 
1128   strncpy(outbuf, txt, outmax);
1129 
1130 #endif
1131 
1132   outbuf[outmax] = '\0';
1133 
1134   return outbuf;
1135 }
1136 #endif /* USE_WINDOWS_SSPI */
1137