1 /***************************************************************************
2  *                                  _   _ ____  _
3  *  Project                     ___| | | |  _ \| |
4  *                             / __| | | | |_) | |
5  *                            | (__| |_| |  _ <| |___
6  *                             \___|\___/|_| \_\_____|
7  *
8  * Copyright (C) 2004 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
9  *
10  * This software is licensed as described in the file COPYING, which
11  * you should have received as part of this distribution. The terms
12  * are also available at https://curl.haxx.se/docs/copyright.html.
13  *
14  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15  * copies of the Software, and permit persons to whom the Software is
16  * furnished to do so, under the terms of the COPYING file.
17  *
18  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19  * KIND, either express or implied.
20  *
21  ***************************************************************************/
22 
23 #include "curl_setup.h"
24 
25 #ifdef HAVE_STRERROR_R
26 #  if (!defined(HAVE_POSIX_STRERROR_R) && \
27        !defined(HAVE_GLIBC_STRERROR_R) && \
28        !defined(HAVE_VXWORKS_STRERROR_R)) || \
29       (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)) || \
30       (defined(HAVE_GLIBC_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)) || \
31       (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R))
32 #    error "strerror_r MUST be either POSIX, glibc or vxworks-style"
33 #  endif
34 #endif
35 
36 #include <curl/curl.h>
37 
38 #ifdef USE_LIBIDN
39 #include <idna.h>
40 #endif
41 
42 #ifdef USE_WINDOWS_SSPI
43 #include "curl_sspi.h"
44 #endif
45 
46 #include "strerror.h"
47 /* The last 3 #include files should be in this order */
48 #include "curl_printf.h"
49 #include "curl_memory.h"
50 #include "memdebug.h"
51 
52 const char *
curl_easy_strerror(CURLcode error)53 curl_easy_strerror(CURLcode error)
54 {
55 #ifndef CURL_DISABLE_VERBOSE_STRINGS
56   switch (error) {
57   case CURLE_OK:
58     return "No error";
59 
60   case CURLE_UNSUPPORTED_PROTOCOL:
61     return "Unsupported protocol";
62 
63   case CURLE_FAILED_INIT:
64     return "Failed initialization";
65 
66   case CURLE_URL_MALFORMAT:
67     return "URL using bad/illegal format or missing URL";
68 
69   case CURLE_NOT_BUILT_IN:
70     return "A requested feature, protocol or option was not found built-in in"
71       " this libcurl due to a build-time decision.";
72 
73   case CURLE_COULDNT_RESOLVE_PROXY:
74     return "Couldn't resolve proxy name";
75 
76   case CURLE_COULDNT_RESOLVE_HOST:
77     return "Couldn't resolve host name";
78 
79   case CURLE_COULDNT_CONNECT:
80     return "Couldn't connect to server";
81 
82   case CURLE_FTP_WEIRD_SERVER_REPLY:
83     return "FTP: weird server reply";
84 
85   case CURLE_REMOTE_ACCESS_DENIED:
86     return "Access denied to remote resource";
87 
88   case CURLE_FTP_ACCEPT_FAILED:
89     return "FTP: The server failed to connect to data port";
90 
91   case CURLE_FTP_ACCEPT_TIMEOUT:
92     return "FTP: Accepting server connect has timed out";
93 
94   case CURLE_FTP_PRET_FAILED:
95     return "FTP: The server did not accept the PRET command.";
96 
97   case CURLE_FTP_WEIRD_PASS_REPLY:
98     return "FTP: unknown PASS reply";
99 
100   case CURLE_FTP_WEIRD_PASV_REPLY:
101     return "FTP: unknown PASV reply";
102 
103   case CURLE_FTP_WEIRD_227_FORMAT:
104     return "FTP: unknown 227 response format";
105 
106   case CURLE_FTP_CANT_GET_HOST:
107     return "FTP: can't figure out the host in the PASV response";
108 
109   case CURLE_HTTP2:
110     return "Error in the HTTP2 framing layer";
111 
112   case CURLE_FTP_COULDNT_SET_TYPE:
113     return "FTP: couldn't set file type";
114 
115   case CURLE_PARTIAL_FILE:
116     return "Transferred a partial file";
117 
118   case CURLE_FTP_COULDNT_RETR_FILE:
119     return "FTP: couldn't retrieve (RETR failed) the specified file";
120 
121   case CURLE_QUOTE_ERROR:
122     return "Quote command returned error";
123 
124   case CURLE_HTTP_RETURNED_ERROR:
125     return "HTTP response code said error";
126 
127   case CURLE_WRITE_ERROR:
128     return "Failed writing received data to disk/application";
129 
130   case CURLE_UPLOAD_FAILED:
131     return "Upload failed (at start/before it took off)";
132 
133   case CURLE_READ_ERROR:
134     return "Failed to open/read local data from file/application";
135 
136   case CURLE_OUT_OF_MEMORY:
137     return "Out of memory";
138 
139   case CURLE_OPERATION_TIMEDOUT:
140     return "Timeout was reached";
141 
142   case CURLE_FTP_PORT_FAILED:
143     return "FTP: command PORT failed";
144 
145   case CURLE_FTP_COULDNT_USE_REST:
146     return "FTP: command REST failed";
147 
148   case CURLE_RANGE_ERROR:
149     return "Requested range was not delivered by the server";
150 
151   case CURLE_HTTP_POST_ERROR:
152     return "Internal problem setting up the POST";
153 
154   case CURLE_SSL_CONNECT_ERROR:
155     return "SSL connect error";
156 
157   case CURLE_BAD_DOWNLOAD_RESUME:
158     return "Couldn't resume download";
159 
160   case CURLE_FILE_COULDNT_READ_FILE:
161     return "Couldn't read a file:// file";
162 
163   case CURLE_LDAP_CANNOT_BIND:
164     return "LDAP: cannot bind";
165 
166   case CURLE_LDAP_SEARCH_FAILED:
167     return "LDAP: search failed";
168 
169   case CURLE_FUNCTION_NOT_FOUND:
170     return "A required function in the library was not found";
171 
172   case CURLE_ABORTED_BY_CALLBACK:
173     return "Operation was aborted by an application callback";
174 
175   case CURLE_BAD_FUNCTION_ARGUMENT:
176     return "A libcurl function was given a bad argument";
177 
178   case CURLE_INTERFACE_FAILED:
179     return "Failed binding local connection end";
180 
181   case CURLE_TOO_MANY_REDIRECTS :
182     return "Number of redirects hit maximum amount";
183 
184   case CURLE_UNKNOWN_OPTION:
185     return "An unknown option was passed in to libcurl";
186 
187   case CURLE_TELNET_OPTION_SYNTAX :
188     return "Malformed telnet option";
189 
190   case CURLE_PEER_FAILED_VERIFICATION:
191     return "SSL peer certificate or SSH remote key was not OK";
192 
193   case CURLE_GOT_NOTHING:
194     return "Server returned nothing (no headers, no data)";
195 
196   case CURLE_SSL_ENGINE_NOTFOUND:
197     return "SSL crypto engine not found";
198 
199   case CURLE_SSL_ENGINE_SETFAILED:
200     return "Can not set SSL crypto engine as default";
201 
202   case CURLE_SSL_ENGINE_INITFAILED:
203     return "Failed to initialise SSL crypto engine";
204 
205   case CURLE_SEND_ERROR:
206     return "Failed sending data to the peer";
207 
208   case CURLE_RECV_ERROR:
209     return "Failure when receiving data from the peer";
210 
211   case CURLE_SSL_CERTPROBLEM:
212     return "Problem with the local SSL certificate";
213 
214   case CURLE_SSL_CIPHER:
215     return "Couldn't use specified SSL cipher";
216 
217   case CURLE_SSL_CACERT:
218     return "Peer certificate cannot be authenticated with given CA "
219       "certificates";
220 
221   case CURLE_SSL_CACERT_BADFILE:
222     return "Problem with the SSL CA cert (path? access rights?)";
223 
224   case CURLE_BAD_CONTENT_ENCODING:
225     return "Unrecognized or bad HTTP Content or Transfer-Encoding";
226 
227   case CURLE_LDAP_INVALID_URL:
228     return "Invalid LDAP URL";
229 
230   case CURLE_FILESIZE_EXCEEDED:
231     return "Maximum file size exceeded";
232 
233   case CURLE_USE_SSL_FAILED:
234     return "Requested SSL level failed";
235 
236   case CURLE_SSL_SHUTDOWN_FAILED:
237     return "Failed to shut down the SSL connection";
238 
239   case CURLE_SSL_CRL_BADFILE:
240     return "Failed to load CRL file (path? access rights?, format?)";
241 
242   case CURLE_SSL_ISSUER_ERROR:
243     return "Issuer check against peer certificate failed";
244 
245   case CURLE_SEND_FAIL_REWIND:
246     return "Send failed since rewinding of the data stream failed";
247 
248   case CURLE_LOGIN_DENIED:
249     return "Login denied";
250 
251   case CURLE_TFTP_NOTFOUND:
252     return "TFTP: File Not Found";
253 
254   case CURLE_TFTP_PERM:
255     return "TFTP: Access Violation";
256 
257   case CURLE_REMOTE_DISK_FULL:
258     return "Disk full or allocation exceeded";
259 
260   case CURLE_TFTP_ILLEGAL:
261     return "TFTP: Illegal operation";
262 
263   case CURLE_TFTP_UNKNOWNID:
264     return "TFTP: Unknown transfer ID";
265 
266   case CURLE_REMOTE_FILE_EXISTS:
267     return "Remote file already exists";
268 
269   case CURLE_TFTP_NOSUCHUSER:
270     return "TFTP: No such user";
271 
272   case CURLE_CONV_FAILED:
273     return "Conversion failed";
274 
275   case CURLE_CONV_REQD:
276     return "Caller must register CURLOPT_CONV_ callback options";
277 
278   case CURLE_REMOTE_FILE_NOT_FOUND:
279     return "Remote file not found";
280 
281   case CURLE_SSH:
282     return "Error in the SSH layer";
283 
284   case CURLE_AGAIN:
285     return "Socket not ready for send/recv";
286 
287   case CURLE_RTSP_CSEQ_ERROR:
288     return "RTSP CSeq mismatch or invalid CSeq";
289 
290   case CURLE_RTSP_SESSION_ERROR:
291     return "RTSP session error";
292 
293   case CURLE_FTP_BAD_FILE_LIST:
294     return "Unable to parse FTP file list";
295 
296   case CURLE_CHUNK_FAILED:
297     return "Chunk callback failed";
298 
299   case CURLE_NO_CONNECTION_AVAILABLE:
300     return "The max connection limit is reached";
301 
302   case CURLE_SSL_PINNEDPUBKEYNOTMATCH:
303     return "SSL public key does not match pinned public key";
304 
305   case CURLE_SSL_INVALIDCERTSTATUS:
306     return "SSL server certificate status verification FAILED";
307 
308   case CURLE_HTTP2_STREAM:
309     return "Stream error in the HTTP/2 framing layer";
310 
311     /* error codes not used by current libcurl */
312   case CURLE_OBSOLETE20:
313   case CURLE_OBSOLETE24:
314   case CURLE_OBSOLETE29:
315   case CURLE_OBSOLETE32:
316   case CURLE_OBSOLETE40:
317   case CURLE_OBSOLETE44:
318   case CURLE_OBSOLETE46:
319   case CURLE_OBSOLETE50:
320   case CURLE_OBSOLETE57:
321   case CURL_LAST:
322     break;
323   }
324   /*
325    * By using a switch, gcc -Wall will complain about enum values
326    * which do not appear, helping keep this function up-to-date.
327    * By using gcc -Wall -Werror, you can't forget.
328    *
329    * A table would not have the same benefit.  Most compilers will
330    * generate code very similar to a table in any case, so there
331    * is little performance gain from a table.  And something is broken
332    * for the user's application, anyways, so does it matter how fast
333    * it _doesn't_ work?
334    *
335    * The line number for the error will be near this comment, which
336    * is why it is here, and not at the start of the switch.
337    */
338   return "Unknown error";
339 #else
340   if(!error)
341     return "No error";
342   else
343     return "Error";
344 #endif
345 }
346 
347 const char *
curl_multi_strerror(CURLMcode error)348 curl_multi_strerror(CURLMcode error)
349 {
350 #ifndef CURL_DISABLE_VERBOSE_STRINGS
351   switch (error) {
352   case CURLM_CALL_MULTI_PERFORM:
353     return "Please call curl_multi_perform() soon";
354 
355   case CURLM_OK:
356     return "No error";
357 
358   case CURLM_BAD_HANDLE:
359     return "Invalid multi handle";
360 
361   case CURLM_BAD_EASY_HANDLE:
362     return "Invalid easy handle";
363 
364   case CURLM_OUT_OF_MEMORY:
365     return "Out of memory";
366 
367   case CURLM_INTERNAL_ERROR:
368     return "Internal error";
369 
370   case CURLM_BAD_SOCKET:
371     return "Invalid socket argument";
372 
373   case CURLM_UNKNOWN_OPTION:
374     return "Unknown option";
375 
376   case CURLM_ADDED_ALREADY:
377     return "The easy handle is already added to a multi handle";
378 
379   case CURLM_LAST:
380     break;
381   }
382 
383   return "Unknown error";
384 #else
385   if(error == CURLM_OK)
386     return "No error";
387   else
388     return "Error";
389 #endif
390 }
391 
392 const char *
curl_share_strerror(CURLSHcode error)393 curl_share_strerror(CURLSHcode error)
394 {
395 #ifndef CURL_DISABLE_VERBOSE_STRINGS
396   switch (error) {
397   case CURLSHE_OK:
398     return "No error";
399 
400   case CURLSHE_BAD_OPTION:
401     return "Unknown share option";
402 
403   case CURLSHE_IN_USE:
404     return "Share currently in use";
405 
406   case CURLSHE_INVALID:
407     return "Invalid share handle";
408 
409   case CURLSHE_NOMEM:
410     return "Out of memory";
411 
412   case CURLSHE_NOT_BUILT_IN:
413     return "Feature not enabled in this library";
414 
415   case CURLSHE_LAST:
416     break;
417   }
418 
419   return "CURLSHcode unknown";
420 #else
421   if(error == CURLSHE_OK)
422     return "No error";
423   else
424     return "Error";
425 #endif
426 }
427 
428 #ifdef USE_WINSOCK
429 
430 /* This function handles most / all (?) Winsock errors cURL is able to produce.
431  */
432 static const char *
get_winsock_error(int err,char * buf,size_t len)433 get_winsock_error (int err, char *buf, size_t len)
434 {
435   const char *p;
436 
437 #ifndef CURL_DISABLE_VERBOSE_STRINGS
438   switch (err) {
439   case WSAEINTR:
440     p = "Call interrupted";
441     break;
442   case WSAEBADF:
443     p = "Bad file";
444     break;
445   case WSAEACCES:
446     p = "Bad access";
447     break;
448   case WSAEFAULT:
449     p = "Bad argument";
450     break;
451   case WSAEINVAL:
452     p = "Invalid arguments";
453     break;
454   case WSAEMFILE:
455     p = "Out of file descriptors";
456     break;
457   case WSAEWOULDBLOCK:
458     p = "Call would block";
459     break;
460   case WSAEINPROGRESS:
461   case WSAEALREADY:
462     p = "Blocking call in progress";
463     break;
464   case WSAENOTSOCK:
465     p = "Descriptor is not a socket";
466     break;
467   case WSAEDESTADDRREQ:
468     p = "Need destination address";
469     break;
470   case WSAEMSGSIZE:
471     p = "Bad message size";
472     break;
473   case WSAEPROTOTYPE:
474     p = "Bad protocol";
475     break;
476   case WSAENOPROTOOPT:
477     p = "Protocol option is unsupported";
478     break;
479   case WSAEPROTONOSUPPORT:
480     p = "Protocol is unsupported";
481     break;
482   case WSAESOCKTNOSUPPORT:
483     p = "Socket is unsupported";
484     break;
485   case WSAEOPNOTSUPP:
486     p = "Operation not supported";
487     break;
488   case WSAEAFNOSUPPORT:
489     p = "Address family not supported";
490     break;
491   case WSAEPFNOSUPPORT:
492     p = "Protocol family not supported";
493     break;
494   case WSAEADDRINUSE:
495     p = "Address already in use";
496     break;
497   case WSAEADDRNOTAVAIL:
498     p = "Address not available";
499     break;
500   case WSAENETDOWN:
501     p = "Network down";
502     break;
503   case WSAENETUNREACH:
504     p = "Network unreachable";
505     break;
506   case WSAENETRESET:
507     p = "Network has been reset";
508     break;
509   case WSAECONNABORTED:
510     p = "Connection was aborted";
511     break;
512   case WSAECONNRESET:
513     p = "Connection was reset";
514     break;
515   case WSAENOBUFS:
516     p = "No buffer space";
517     break;
518   case WSAEISCONN:
519     p = "Socket is already connected";
520     break;
521   case WSAENOTCONN:
522     p = "Socket is not connected";
523     break;
524   case WSAESHUTDOWN:
525     p = "Socket has been shut down";
526     break;
527   case WSAETOOMANYREFS:
528     p = "Too many references";
529     break;
530   case WSAETIMEDOUT:
531     p = "Timed out";
532     break;
533   case WSAECONNREFUSED:
534     p = "Connection refused";
535     break;
536   case WSAELOOP:
537     p = "Loop??";
538     break;
539   case WSAENAMETOOLONG:
540     p = "Name too long";
541     break;
542   case WSAEHOSTDOWN:
543     p = "Host down";
544     break;
545   case WSAEHOSTUNREACH:
546     p = "Host unreachable";
547     break;
548   case WSAENOTEMPTY:
549     p = "Not empty";
550     break;
551   case WSAEPROCLIM:
552     p = "Process limit reached";
553     break;
554   case WSAEUSERS:
555     p = "Too many users";
556     break;
557   case WSAEDQUOT:
558     p = "Bad quota";
559     break;
560   case WSAESTALE:
561     p = "Something is stale";
562     break;
563   case WSAEREMOTE:
564     p = "Remote error";
565     break;
566 #ifdef WSAEDISCON  /* missing in SalfordC! */
567   case WSAEDISCON:
568     p = "Disconnected";
569     break;
570 #endif
571     /* Extended Winsock errors */
572   case WSASYSNOTREADY:
573     p = "Winsock library is not ready";
574     break;
575   case WSANOTINITIALISED:
576     p = "Winsock library not initialised";
577     break;
578   case WSAVERNOTSUPPORTED:
579     p = "Winsock version not supported";
580     break;
581 
582     /* getXbyY() errors (already handled in herrmsg):
583      * Authoritative Answer: Host not found */
584   case WSAHOST_NOT_FOUND:
585     p = "Host not found";
586     break;
587 
588     /* Non-Authoritative: Host not found, or SERVERFAIL */
589   case WSATRY_AGAIN:
590     p = "Host not found, try again";
591     break;
592 
593     /* Non recoverable errors, FORMERR, REFUSED, NOTIMP */
594   case WSANO_RECOVERY:
595     p = "Unrecoverable error in call to nameserver";
596     break;
597 
598     /* Valid name, no data record of requested type */
599   case WSANO_DATA:
600     p = "No data record of requested type";
601     break;
602 
603   default:
604     return NULL;
605   }
606 #else
607   if(!err)
608     return NULL;
609   else
610     p = "error";
611 #endif
612   strncpy (buf, p, len);
613   buf [len-1] = '\0';
614   return buf;
615 }
616 #endif   /* USE_WINSOCK */
617 
618 /*
619  * Our thread-safe and smart strerror() replacement.
620  *
621  * The 'err' argument passed in to this function MUST be a true errno number
622  * as reported on this system. We do no range checking on the number before
623  * we pass it to the "number-to-message" conversion function and there might
624  * be systems that don't do proper range checking in there themselves.
625  *
626  * We don't do range checking (on systems other than Windows) since there is
627  * no good reliable and portable way to do it.
628  */
Curl_strerror(struct connectdata * conn,int err)629 const char *Curl_strerror(struct connectdata *conn, int err)
630 {
631   char *buf, *p;
632   size_t max;
633   int old_errno = ERRNO;
634 
635   DEBUGASSERT(conn);
636   DEBUGASSERT(err >= 0);
637 
638   buf = conn->syserr_buf;
639   max = sizeof(conn->syserr_buf)-1;
640   *buf = '\0';
641 
642 #ifdef USE_WINSOCK
643 
644 #ifdef _WIN32_WCE
645   {
646     wchar_t wbuf[256];
647     wbuf[0] = L'\0';
648 
649     FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, err,
650                   LANG_NEUTRAL, wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL);
651     wcstombs(buf, wbuf, max);
652   }
653 #else
654   /* 'sys_nerr' is the maximum errno number, it is not widely portable */
655   if(err >= 0 && err < sys_nerr)
656     strncpy(buf, strerror(err), max);
657   else {
658     if(!get_winsock_error(err, buf, max) &&
659        !FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM, NULL, err,
660                        LANG_NEUTRAL, buf, (DWORD)max, NULL))
661       snprintf(buf, max, "Unknown error %d (%#x)", err, err);
662   }
663 #endif
664 
665 #else /* not USE_WINSOCK coming up */
666 
667 #if defined(HAVE_STRERROR_R) && defined(HAVE_POSIX_STRERROR_R)
668  /*
669   * The POSIX-style strerror_r() may set errno to ERANGE if insufficient
670   * storage is supplied via 'strerrbuf' and 'buflen' to hold the generated
671   * message string, or EINVAL if 'errnum' is not a valid error number.
672   */
673   if(0 != strerror_r(err, buf, max)) {
674     if('\0' == buf[0])
675       snprintf(buf, max, "Unknown error %d", err);
676   }
677 #elif defined(HAVE_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R)
678  /*
679   * The glibc-style strerror_r() only *might* use the buffer we pass to
680   * the function, but it always returns the error message as a pointer,
681   * so we must copy that string unconditionally (if non-NULL).
682   */
683   {
684     char buffer[256];
685     char *msg = strerror_r(err, buffer, sizeof(buffer));
686     if(msg)
687       strncpy(buf, msg, max);
688     else
689       snprintf(buf, max, "Unknown error %d", err);
690   }
691 #elif defined(HAVE_STRERROR_R) && defined(HAVE_VXWORKS_STRERROR_R)
692  /*
693   * The vxworks-style strerror_r() does use the buffer we pass to the function.
694   * The buffer size should be at least NAME_MAX (256)
695   */
696   {
697     char buffer[256];
698     if(OK == strerror_r(err, buffer))
699       strncpy(buf, buffer, max);
700     else
701       snprintf(buf, max, "Unknown error %d", err);
702   }
703 #else
704   {
705     char *msg = strerror(err);
706     if(msg)
707       strncpy(buf, msg, max);
708     else
709       snprintf(buf, max, "Unknown error %d", err);
710   }
711 #endif
712 
713 #endif /* end of ! USE_WINSOCK */
714 
715   buf[max] = '\0'; /* make sure the string is zero terminated */
716 
717   /* strip trailing '\r\n' or '\n'. */
718   if((p = strrchr(buf, '\n')) != NULL && (p - buf) >= 2)
719      *p = '\0';
720   if((p = strrchr(buf, '\r')) != NULL && (p - buf) >= 1)
721      *p = '\0';
722 
723   if(old_errno != ERRNO)
724     SET_ERRNO(old_errno);
725 
726   return buf;
727 }
728 
729 #ifdef USE_LIBIDN
730 /*
731  * Return error-string for libidn status as returned from idna_to_ascii_lz().
732  */
Curl_idn_strerror(struct connectdata * conn,int err)733 const char *Curl_idn_strerror (struct connectdata *conn, int err)
734 {
735 #ifdef HAVE_IDNA_STRERROR
736   (void)conn;
737   return idna_strerror((Idna_rc) err);
738 #else
739   const char *str;
740   char *buf;
741   size_t max;
742 
743   DEBUGASSERT(conn);
744 
745   buf = conn->syserr_buf;
746   max = sizeof(conn->syserr_buf)-1;
747   *buf = '\0';
748 
749 #ifndef CURL_DISABLE_VERBOSE_STRINGS
750   switch ((Idna_rc)err) {
751     case IDNA_SUCCESS:
752       str = "No error";
753       break;
754     case IDNA_STRINGPREP_ERROR:
755       str = "Error in string preparation";
756       break;
757     case IDNA_PUNYCODE_ERROR:
758       str = "Error in Punycode operation";
759       break;
760     case IDNA_CONTAINS_NON_LDH:
761       str = "Illegal ASCII characters";
762       break;
763     case IDNA_CONTAINS_MINUS:
764       str = "Contains minus";
765       break;
766     case IDNA_INVALID_LENGTH:
767       str = "Invalid output length";
768       break;
769     case IDNA_NO_ACE_PREFIX:
770       str = "No ACE prefix (\"xn--\")";
771       break;
772     case IDNA_ROUNDTRIP_VERIFY_ERROR:
773       str = "Round trip verify error";
774       break;
775     case IDNA_CONTAINS_ACE_PREFIX:
776       str = "Already have ACE prefix (\"xn--\")";
777       break;
778     case IDNA_ICONV_ERROR:
779       str = "Locale conversion failed";
780       break;
781     case IDNA_MALLOC_ERROR:
782       str = "Allocation failed";
783       break;
784     case IDNA_DLOPEN_ERROR:
785       str = "dlopen() error";
786       break;
787     default:
788       snprintf(buf, max, "error %d", err);
789       str = NULL;
790       break;
791   }
792 #else
793   if((Idna_rc)err == IDNA_SUCCESS)
794     str = "No error";
795   else
796     str = "Error";
797 #endif
798   if(str)
799     strncpy(buf, str, max);
800   buf[max] = '\0';
801   return (buf);
802 #endif
803 }
804 #endif  /* USE_LIBIDN */
805 
806 #ifdef USE_WINDOWS_SSPI
Curl_sspi_strerror(struct connectdata * conn,int err)807 const char *Curl_sspi_strerror (struct connectdata *conn, int err)
808 {
809 #ifndef CURL_DISABLE_VERBOSE_STRINGS
810   char txtbuf[80];
811   char msgbuf[sizeof(conn->syserr_buf)];
812   char *p, *str, *msg = NULL;
813   bool msg_formatted = FALSE;
814   int old_errno;
815 #endif
816   const char *txt;
817   char *outbuf;
818   size_t outmax;
819 
820   DEBUGASSERT(conn);
821 
822   outbuf = conn->syserr_buf;
823   outmax = sizeof(conn->syserr_buf)-1;
824   *outbuf = '\0';
825 
826 #ifndef CURL_DISABLE_VERBOSE_STRINGS
827 
828   old_errno = ERRNO;
829 
830   switch (err) {
831     case SEC_E_OK:
832       txt = "No error";
833       break;
834     case CRYPT_E_REVOKED:
835       txt = "CRYPT_E_REVOKED";
836       break;
837     case SEC_E_ALGORITHM_MISMATCH:
838       txt = "SEC_E_ALGORITHM_MISMATCH";
839       break;
840     case SEC_E_BAD_BINDINGS:
841       txt = "SEC_E_BAD_BINDINGS";
842       break;
843     case SEC_E_BAD_PKGID:
844       txt = "SEC_E_BAD_PKGID";
845       break;
846     case SEC_E_BUFFER_TOO_SMALL:
847       txt = "SEC_E_BUFFER_TOO_SMALL";
848       break;
849     case SEC_E_CANNOT_INSTALL:
850       txt = "SEC_E_CANNOT_INSTALL";
851       break;
852     case SEC_E_CANNOT_PACK:
853       txt = "SEC_E_CANNOT_PACK";
854       break;
855     case SEC_E_CERT_EXPIRED:
856       txt = "SEC_E_CERT_EXPIRED";
857       break;
858     case SEC_E_CERT_UNKNOWN:
859       txt = "SEC_E_CERT_UNKNOWN";
860       break;
861     case SEC_E_CERT_WRONG_USAGE:
862       txt = "SEC_E_CERT_WRONG_USAGE";
863       break;
864     case SEC_E_CONTEXT_EXPIRED:
865       txt = "SEC_E_CONTEXT_EXPIRED";
866       break;
867     case SEC_E_CROSSREALM_DELEGATION_FAILURE:
868       txt = "SEC_E_CROSSREALM_DELEGATION_FAILURE";
869       break;
870     case SEC_E_CRYPTO_SYSTEM_INVALID:
871       txt = "SEC_E_CRYPTO_SYSTEM_INVALID";
872       break;
873     case SEC_E_DECRYPT_FAILURE:
874       txt = "SEC_E_DECRYPT_FAILURE";
875       break;
876     case SEC_E_DELEGATION_POLICY:
877       txt = "SEC_E_DELEGATION_POLICY";
878       break;
879     case SEC_E_DELEGATION_REQUIRED:
880       txt = "SEC_E_DELEGATION_REQUIRED";
881       break;
882     case SEC_E_DOWNGRADE_DETECTED:
883       txt = "SEC_E_DOWNGRADE_DETECTED";
884       break;
885     case SEC_E_ENCRYPT_FAILURE:
886       txt = "SEC_E_ENCRYPT_FAILURE";
887       break;
888     case SEC_E_ILLEGAL_MESSAGE:
889       txt = "SEC_E_ILLEGAL_MESSAGE";
890       break;
891     case SEC_E_INCOMPLETE_CREDENTIALS:
892       txt = "SEC_E_INCOMPLETE_CREDENTIALS";
893       break;
894     case SEC_E_INCOMPLETE_MESSAGE:
895       txt = "SEC_E_INCOMPLETE_MESSAGE";
896       break;
897     case SEC_E_INSUFFICIENT_MEMORY:
898       txt = "SEC_E_INSUFFICIENT_MEMORY";
899       break;
900     case SEC_E_INTERNAL_ERROR:
901       txt = "SEC_E_INTERNAL_ERROR";
902       break;
903     case SEC_E_INVALID_HANDLE:
904       txt = "SEC_E_INVALID_HANDLE";
905       break;
906     case SEC_E_INVALID_PARAMETER:
907       txt = "SEC_E_INVALID_PARAMETER";
908       break;
909     case SEC_E_INVALID_TOKEN:
910       txt = "SEC_E_INVALID_TOKEN";
911       break;
912     case SEC_E_ISSUING_CA_UNTRUSTED:
913       txt = "SEC_E_ISSUING_CA_UNTRUSTED";
914       break;
915     case SEC_E_ISSUING_CA_UNTRUSTED_KDC:
916       txt = "SEC_E_ISSUING_CA_UNTRUSTED_KDC";
917       break;
918     case SEC_E_KDC_CERT_EXPIRED:
919       txt = "SEC_E_KDC_CERT_EXPIRED";
920       break;
921     case SEC_E_KDC_CERT_REVOKED:
922       txt = "SEC_E_KDC_CERT_REVOKED";
923       break;
924     case SEC_E_KDC_INVALID_REQUEST:
925       txt = "SEC_E_KDC_INVALID_REQUEST";
926       break;
927     case SEC_E_KDC_UNABLE_TO_REFER:
928       txt = "SEC_E_KDC_UNABLE_TO_REFER";
929       break;
930     case SEC_E_KDC_UNKNOWN_ETYPE:
931       txt = "SEC_E_KDC_UNKNOWN_ETYPE";
932       break;
933     case SEC_E_LOGON_DENIED:
934       txt = "SEC_E_LOGON_DENIED";
935       break;
936     case SEC_E_MAX_REFERRALS_EXCEEDED:
937       txt = "SEC_E_MAX_REFERRALS_EXCEEDED";
938       break;
939     case SEC_E_MESSAGE_ALTERED:
940       txt = "SEC_E_MESSAGE_ALTERED";
941       break;
942     case SEC_E_MULTIPLE_ACCOUNTS:
943       txt = "SEC_E_MULTIPLE_ACCOUNTS";
944       break;
945     case SEC_E_MUST_BE_KDC:
946       txt = "SEC_E_MUST_BE_KDC";
947       break;
948     case SEC_E_NOT_OWNER:
949       txt = "SEC_E_NOT_OWNER";
950       break;
951     case SEC_E_NO_AUTHENTICATING_AUTHORITY:
952       txt = "SEC_E_NO_AUTHENTICATING_AUTHORITY";
953       break;
954     case SEC_E_NO_CREDENTIALS:
955       txt = "SEC_E_NO_CREDENTIALS";
956       break;
957     case SEC_E_NO_IMPERSONATION:
958       txt = "SEC_E_NO_IMPERSONATION";
959       break;
960     case SEC_E_NO_IP_ADDRESSES:
961       txt = "SEC_E_NO_IP_ADDRESSES";
962       break;
963     case SEC_E_NO_KERB_KEY:
964       txt = "SEC_E_NO_KERB_KEY";
965       break;
966     case SEC_E_NO_PA_DATA:
967       txt = "SEC_E_NO_PA_DATA";
968       break;
969     case SEC_E_NO_S4U_PROT_SUPPORT:
970       txt = "SEC_E_NO_S4U_PROT_SUPPORT";
971       break;
972     case SEC_E_NO_TGT_REPLY:
973       txt = "SEC_E_NO_TGT_REPLY";
974       break;
975     case SEC_E_OUT_OF_SEQUENCE:
976       txt = "SEC_E_OUT_OF_SEQUENCE";
977       break;
978     case SEC_E_PKINIT_CLIENT_FAILURE:
979       txt = "SEC_E_PKINIT_CLIENT_FAILURE";
980       break;
981     case SEC_E_PKINIT_NAME_MISMATCH:
982       txt = "SEC_E_PKINIT_NAME_MISMATCH";
983       break;
984     case SEC_E_POLICY_NLTM_ONLY:
985       txt = "SEC_E_POLICY_NLTM_ONLY";
986       break;
987     case SEC_E_QOP_NOT_SUPPORTED:
988       txt = "SEC_E_QOP_NOT_SUPPORTED";
989       break;
990     case SEC_E_REVOCATION_OFFLINE_C:
991       txt = "SEC_E_REVOCATION_OFFLINE_C";
992       break;
993     case SEC_E_REVOCATION_OFFLINE_KDC:
994       txt = "SEC_E_REVOCATION_OFFLINE_KDC";
995       break;
996     case SEC_E_SECPKG_NOT_FOUND:
997       txt = "SEC_E_SECPKG_NOT_FOUND";
998       break;
999     case SEC_E_SECURITY_QOS_FAILED:
1000       txt = "SEC_E_SECURITY_QOS_FAILED";
1001       break;
1002     case SEC_E_SHUTDOWN_IN_PROGRESS:
1003       txt = "SEC_E_SHUTDOWN_IN_PROGRESS";
1004       break;
1005     case SEC_E_SMARTCARD_CERT_EXPIRED:
1006       txt = "SEC_E_SMARTCARD_CERT_EXPIRED";
1007       break;
1008     case SEC_E_SMARTCARD_CERT_REVOKED:
1009       txt = "SEC_E_SMARTCARD_CERT_REVOKED";
1010       break;
1011     case SEC_E_SMARTCARD_LOGON_REQUIRED:
1012       txt = "SEC_E_SMARTCARD_LOGON_REQUIRED";
1013       break;
1014     case SEC_E_STRONG_CRYPTO_NOT_SUPPORTED:
1015       txt = "SEC_E_STRONG_CRYPTO_NOT_SUPPORTED";
1016       break;
1017     case SEC_E_TARGET_UNKNOWN:
1018       txt = "SEC_E_TARGET_UNKNOWN";
1019       break;
1020     case SEC_E_TIME_SKEW:
1021       txt = "SEC_E_TIME_SKEW";
1022       break;
1023     case SEC_E_TOO_MANY_PRINCIPALS:
1024       txt = "SEC_E_TOO_MANY_PRINCIPALS";
1025       break;
1026     case SEC_E_UNFINISHED_CONTEXT_DELETED:
1027       txt = "SEC_E_UNFINISHED_CONTEXT_DELETED";
1028       break;
1029     case SEC_E_UNKNOWN_CREDENTIALS:
1030       txt = "SEC_E_UNKNOWN_CREDENTIALS";
1031       break;
1032     case SEC_E_UNSUPPORTED_FUNCTION:
1033       txt = "SEC_E_UNSUPPORTED_FUNCTION";
1034       break;
1035     case SEC_E_UNSUPPORTED_PREAUTH:
1036       txt = "SEC_E_UNSUPPORTED_PREAUTH";
1037       break;
1038     case SEC_E_UNTRUSTED_ROOT:
1039       txt = "SEC_E_UNTRUSTED_ROOT";
1040       break;
1041     case SEC_E_WRONG_CREDENTIAL_HANDLE:
1042       txt = "SEC_E_WRONG_CREDENTIAL_HANDLE";
1043       break;
1044     case SEC_E_WRONG_PRINCIPAL:
1045       txt = "SEC_E_WRONG_PRINCIPAL";
1046       break;
1047     case SEC_I_COMPLETE_AND_CONTINUE:
1048       txt = "SEC_I_COMPLETE_AND_CONTINUE";
1049       break;
1050     case SEC_I_COMPLETE_NEEDED:
1051       txt = "SEC_I_COMPLETE_NEEDED";
1052       break;
1053     case SEC_I_CONTEXT_EXPIRED:
1054       txt = "SEC_I_CONTEXT_EXPIRED";
1055       break;
1056     case SEC_I_CONTINUE_NEEDED:
1057       txt = "SEC_I_CONTINUE_NEEDED";
1058       break;
1059     case SEC_I_INCOMPLETE_CREDENTIALS:
1060       txt = "SEC_I_INCOMPLETE_CREDENTIALS";
1061       break;
1062     case SEC_I_LOCAL_LOGON:
1063       txt = "SEC_I_LOCAL_LOGON";
1064       break;
1065     case SEC_I_NO_LSA_CONTEXT:
1066       txt = "SEC_I_NO_LSA_CONTEXT";
1067       break;
1068     case SEC_I_RENEGOTIATE:
1069       txt = "SEC_I_RENEGOTIATE";
1070       break;
1071     case SEC_I_SIGNATURE_NEEDED:
1072       txt = "SEC_I_SIGNATURE_NEEDED";
1073       break;
1074     default:
1075       txt = "Unknown error";
1076   }
1077 
1078   if(err == SEC_E_OK)
1079     strncpy(outbuf, txt, outmax);
1080   else if(err == SEC_E_ILLEGAL_MESSAGE)
1081     snprintf(outbuf, outmax,
1082              "SEC_E_ILLEGAL_MESSAGE (0x%08X) - This error usually occurs "
1083              "when a fatal SSL/TLS alert is received (e.g. handshake failed). "
1084              "More detail may be available in the Windows System event log.",
1085              err);
1086   else {
1087     str = txtbuf;
1088     snprintf(txtbuf, sizeof(txtbuf), "%s (0x%08X)", txt, err);
1089     txtbuf[sizeof(txtbuf)-1] = '\0';
1090 
1091 #ifdef _WIN32_WCE
1092     {
1093       wchar_t wbuf[256];
1094       wbuf[0] = L'\0';
1095 
1096       if(FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM |
1097                        FORMAT_MESSAGE_IGNORE_INSERTS,
1098                        NULL, err, LANG_NEUTRAL,
1099                        wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL)) {
1100         wcstombs(msgbuf, wbuf, sizeof(msgbuf)-1);
1101         msg_formatted = TRUE;
1102       }
1103     }
1104 #else
1105     if(FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM |
1106                       FORMAT_MESSAGE_IGNORE_INSERTS,
1107                       NULL, err, LANG_NEUTRAL,
1108                       msgbuf, sizeof(msgbuf)-1, NULL)) {
1109       msg_formatted = TRUE;
1110     }
1111 #endif
1112     if(msg_formatted) {
1113       msgbuf[sizeof(msgbuf)-1] = '\0';
1114       /* strip trailing '\r\n' or '\n' */
1115       if((p = strrchr(msgbuf, '\n')) != NULL && (p - msgbuf) >= 2)
1116          *p = '\0';
1117       if((p = strrchr(msgbuf, '\r')) != NULL && (p - msgbuf) >= 1)
1118          *p = '\0';
1119       msg = msgbuf;
1120     }
1121     if(msg)
1122       snprintf(outbuf, outmax, "%s - %s", str, msg);
1123     else
1124       strncpy(outbuf, str, outmax);
1125   }
1126 
1127   if(old_errno != ERRNO)
1128     SET_ERRNO(old_errno);
1129 
1130 #else
1131 
1132   if(err == SEC_E_OK)
1133     txt = "No error";
1134   else
1135     txt = "Error";
1136 
1137   strncpy(outbuf, txt, outmax);
1138 
1139 #endif
1140 
1141   outbuf[outmax] = '\0';
1142 
1143   return outbuf;
1144 }
1145 #endif /* USE_WINDOWS_SSPI */
1146