17b5038d7SDag-Erling Smørgrav /* 27b5038d7SDag-Erling Smørgrav * a error2str function to make sense of all the 37b5038d7SDag-Erling Smørgrav * error codes we have laying ardoun 47b5038d7SDag-Erling Smørgrav * 57b5038d7SDag-Erling Smørgrav * a Net::DNS like library for C 67b5038d7SDag-Erling Smørgrav * LibDNS Team @ NLnet Labs 77b5038d7SDag-Erling Smørgrav * (c) NLnet Labs, 2005-2006 87b5038d7SDag-Erling Smørgrav * See the file LICENSE for the license 97b5038d7SDag-Erling Smørgrav */ 107b5038d7SDag-Erling Smørgrav 117b5038d7SDag-Erling Smørgrav #include <ldns/config.h> 127b5038d7SDag-Erling Smørgrav 137b5038d7SDag-Erling Smørgrav #include <ldns/ldns.h> 147b5038d7SDag-Erling Smørgrav 157b5038d7SDag-Erling Smørgrav ldns_lookup_table ldns_error_str[] = { 167b5038d7SDag-Erling Smørgrav { LDNS_STATUS_OK, "All OK" }, 177b5038d7SDag-Erling Smørgrav { LDNS_STATUS_EMPTY_LABEL, "Empty label" }, 187b5038d7SDag-Erling Smørgrav { LDNS_STATUS_LABEL_OVERFLOW, "Label length overflow" }, 197b5038d7SDag-Erling Smørgrav { LDNS_STATUS_DOMAINNAME_OVERFLOW, "Domainname length overflow" }, 207b5038d7SDag-Erling Smørgrav { LDNS_STATUS_DOMAINNAME_UNDERFLOW, "Domainname length underflow (zero length)" }, 217b5038d7SDag-Erling Smørgrav { LDNS_STATUS_DDD_OVERFLOW, "\\DDD sequence overflow (>255)" }, 227b5038d7SDag-Erling Smørgrav { LDNS_STATUS_PACKET_OVERFLOW, "Packet size overflow" }, 237b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_POINTER, "Invalid compression pointer" }, 247b5038d7SDag-Erling Smørgrav { LDNS_STATUS_MEM_ERR, "General memory error" }, 257b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INTERNAL_ERR, "Internal error, this should not happen" }, 267b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SSL_ERR, "Error in SSL library" }, 277b5038d7SDag-Erling Smørgrav { LDNS_STATUS_ERR, "General LDNS error" }, 287b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_INT, "Conversion error, integer expected" }, 297b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_IP4, "Conversion error, ip4 addr expected" }, 307b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_IP6, "Conversion error, ip6 addr expected" }, 317b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_STR, "Conversion error, string expected" }, 327b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_B32_EXT, "Conversion error, b32 ext encoding expected" }, 337b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_B64, "Conversion error, b64 encoding expected" }, 347b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_HEX, "Conversion error, hex encoding expected" }, 357b5038d7SDag-Erling Smørgrav { LDNS_STATUS_INVALID_TIME, "Conversion error, time encoding expected" }, 367b5038d7SDag-Erling Smørgrav { LDNS_STATUS_NETWORK_ERR, "Could not send or receive, because of network error" }, 377b5038d7SDag-Erling Smørgrav { LDNS_STATUS_ADDRESS_ERR, "Could not start AXFR, because of address error" }, 387b5038d7SDag-Erling Smørgrav { LDNS_STATUS_FILE_ERR, "Could not open the files" }, 397b5038d7SDag-Erling Smørgrav { LDNS_STATUS_UNKNOWN_INET, "Uknown address family" }, 407b5038d7SDag-Erling Smørgrav { LDNS_STATUS_NOT_IMPL, "This function is not implemented (yet), please notify the developers - or not..." }, 417b5038d7SDag-Erling Smørgrav { LDNS_STATUS_NULL, "Supplied value pointer null" }, 427b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_UNKNOWN_ALGO, "Unknown cryptographic algorithm" }, 437b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL, "Cryptographic algorithm not implemented" }, 447b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_NO_RRSIG, "No DNSSEC signature(s)" }, 457b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_NO_DNSKEY, "No DNSSEC public key(s)" }, 467b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_TYPE_COVERED_ERR, "The signature does not cover this RRset" }, 477b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY, "No signatures found for trusted DNSSEC public key(s)" }, 487b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_NO_DS, "No DS record(s)" }, 497b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_NO_TRUSTED_DS, "Could not validate DS record(s)" }, 507b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY, "No keys with the keytag and algorithm from the RRSIG found" }, 517b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_VALIDATED, "Valid DNSSEC signature" }, 527b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_BOGUS, "Bogus DNSSEC signature" }, 537b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_SIG_EXPIRED, "DNSSEC signature has expired" }, 547b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED, "DNSSEC signature not incepted yet" }, 557b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_TSIG_BOGUS, "Bogus TSIG signature" }, 567b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_TSIG_ERR, "Could not create TSIG signature" }, 577b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_EXPIRATION_BEFORE_INCEPTION, "DNSSEC signature has expiration date earlier than inception date" }, 587b5038d7SDag-Erling Smørgrav { LDNS_STATUS_ENGINE_KEY_NOT_LOADED, "Unable to load private key from engine" }, 597b5038d7SDag-Erling Smørgrav { LDNS_STATUS_NSEC3_ERR, "Error in NSEC3 denial of existence proof" }, 607b5038d7SDag-Erling Smørgrav { LDNS_STATUS_RES_NO_NS, "No (valid) nameservers defined in the resolver" }, 617b5038d7SDag-Erling Smørgrav { LDNS_STATUS_RES_QUERY, "No correct query given to resolver" }, 627b5038d7SDag-Erling Smørgrav { LDNS_STATUS_WIRE_INCOMPLETE_HEADER, "header section incomplete" }, 637b5038d7SDag-Erling Smørgrav { LDNS_STATUS_WIRE_INCOMPLETE_QUESTION, "question section incomplete" }, 647b5038d7SDag-Erling Smørgrav { LDNS_STATUS_WIRE_INCOMPLETE_ANSWER, "answer section incomplete" }, 657b5038d7SDag-Erling Smørgrav { LDNS_STATUS_WIRE_INCOMPLETE_AUTHORITY, "authority section incomplete" }, 667b5038d7SDag-Erling Smørgrav { LDNS_STATUS_WIRE_INCOMPLETE_ADDITIONAL, "additional section incomplete" }, 677b5038d7SDag-Erling Smørgrav { LDNS_STATUS_NO_DATA, "No data" }, 6817d15b25SDag-Erling Smørgrav { LDNS_STATUS_EXISTS_ERR, "Element already exists" }, 697b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CERT_BAD_ALGORITHM, "Bad algorithm type for CERT record" }, 707b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_TYPE_ERR, "Syntax error, could not parse the RR's type" }, 717b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_CLASS_ERR, "Syntax error, could not parse the RR's class" }, 727b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_TTL_ERR, "Syntax error, could not parse the RR's TTL" }, 737b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_INCLUDE_ERR_NOTIMPL, "Syntax error, $INCLUDE not implemented" }, 747b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_RDATA_ERR, "Syntax error, could not parse the RR's rdata" }, 757b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_DNAME_ERR, "Syntax error, could not parse the RR's dname(s)" }, 767b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_VERSION_ERR, "Syntax error, version mismatch" }, 777b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_ALG_ERR, "Syntax error, algorithm unknown or non parseable" }, 787b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_KEYWORD_ERR, "Syntax error, unknown keyword in input" }, 797b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_ERR, "Syntax error, could not parse the RR" }, 807b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_EMPTY, "Empty line was returned" }, 817b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_TTL, "$TTL directive was seen in the zone" }, 827b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_ORIGIN, "$ORIGIN directive was seen in the zone" }, 837b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_INCLUDE, "$INCLUDE directive was seen in the zone" }, 847b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_ITERATIONS_OVERFLOW, "Iterations count for NSEC3 record higher than maximum" }, 857b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR, "Syntax error, value expected" }, 867b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW, "Syntax error, integer value too large" }, 877b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_BAD_ESCAPE, "Syntax error, bad escape sequence" }, 887b5038d7SDag-Erling Smørgrav { LDNS_STATUS_SOCKET_ERROR, "Error creating socket" }, 897b5038d7SDag-Erling Smørgrav { LDNS_STATUS_DNSSEC_EXISTENCE_DENIED, "Existence denied by NSEC" }, 907b5038d7SDag-Erling Smørgrav { LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED, "RR not covered by the given NSEC RRs" }, 917b5038d7SDag-Erling Smørgrav { LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED, "wildcard not covered by the given NSEC RRs" }, 927b5038d7SDag-Erling Smørgrav { LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND, "original of NSEC3 hashed name could not be found" }, 937b5038d7SDag-Erling Smørgrav { LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG, "The RRSIG has to few rdata fields" }, 947b5038d7SDag-Erling Smørgrav { LDNS_STATUS_MISSING_RDATA_FIELDS_KEY, "The DNSKEY has to few rdata fields" }, 957b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN, 967b5038d7SDag-Erling Smørgrav "DNSSEC signature will expire too soon" }, 977b5038d7SDag-Erling Smørgrav { LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN, 987b5038d7SDag-Erling Smørgrav "DNSSEC signature not incepted long enough" }, 992787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE, 1002787e39aSDag-Erling Smørgrav "Unknown TLSA Certificate Usage" }, 1012787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_UNKNOWN_SELECTOR, "Unknown TLSA Selector" }, 1022787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE, 1032787e39aSDag-Erling Smørgrav "Unknown TLSA Matching Type" }, 1042787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_UNKNOWN_PROTOCOL, 1052787e39aSDag-Erling Smørgrav "Unknown protocol. Only IPv4 and IPv6 are understood" }, 1062787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_UNKNOWN_TRANSPORT, 1072787e39aSDag-Erling Smørgrav "Unknown transport. Should be one of {tcp, udp, sctp}" }, 1082787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_MISSING_EXTRA_CERTS, /* Trust anchor assertion */ 1092787e39aSDag-Erling Smørgrav "More than one certificate should be provided" }, 1102787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, /* Trust anchor assertion */ 1112787e39aSDag-Erling Smørgrav "Non of the extra certificates is used to sign the first" }, 1122787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE, /* Trust anchor assertion */ 1132787e39aSDag-Erling Smørgrav "The offset was out of range" }, 1142787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_INSECURE, /* Unused by library */ 1152787e39aSDag-Erling Smørgrav "The queried resource records were insecure" }, 1162787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_BOGUS, /* Unused by library */ 1172787e39aSDag-Erling Smørgrav "The queried resource records were bogus" }, 1182787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH, 1192787e39aSDag-Erling Smørgrav "The TLSA record(s) " 1202787e39aSDag-Erling Smørgrav "did not match with the server certificate (chain)" }, 1212787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_NON_CA_CERTIFICATE, 1222787e39aSDag-Erling Smørgrav "The certificate was not a CA certificate" }, 1232787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE, 1242787e39aSDag-Erling Smørgrav "Could not PKIX validate" }, 1252787e39aSDag-Erling Smørgrav { LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR, 1262787e39aSDag-Erling Smørgrav "The validation path " 1272787e39aSDag-Erling Smørgrav "did not end in a self-signed certificate" }, 12817d15b25SDag-Erling Smørgrav { LDNS_STATUS_INVALID_ILNP64, 12917d15b25SDag-Erling Smørgrav "Conversion error, 4 colon separated hex numbers expected" }, 13017d15b25SDag-Erling Smørgrav { LDNS_STATUS_INVALID_EUI48, 13117d15b25SDag-Erling Smørgrav "Conversion error, 6 two character hex numbers " 13217d15b25SDag-Erling Smørgrav "separated by dashes expected (i.e. xx-xx-xx-xx-xx-xx" }, 13317d15b25SDag-Erling Smørgrav { LDNS_STATUS_INVALID_EUI64, 13417d15b25SDag-Erling Smørgrav "Conversion error, 8 two character hex numbers " 13517d15b25SDag-Erling Smørgrav "separated by dashes expected (i.e. xx-xx-xx-xx-xx-xx-xx-xx" }, 13617d15b25SDag-Erling Smørgrav { LDNS_STATUS_WIRE_RDATA_ERR, "invalid rdata in wire format" }, 13717d15b25SDag-Erling Smørgrav { LDNS_STATUS_INVALID_TAG, 13817d15b25SDag-Erling Smørgrav "Conversion error, a non-zero sequence of US-ASCII letters " 13917d15b25SDag-Erling Smørgrav "and numbers in lower case expected" }, 14017d15b25SDag-Erling Smørgrav { LDNS_STATUS_TYPE_NOT_IN_BITMAP, 14117d15b25SDag-Erling Smørgrav "The RR type bitmap rdata field did not have " 14217d15b25SDag-Erling Smørgrav "a bit reserved for the specific RR type" }, 14317d15b25SDag-Erling Smørgrav { LDNS_STATUS_INVALID_RDF_TYPE, 14417d15b25SDag-Erling Smørgrav "The rdata field was not of the expected type" }, 14517d15b25SDag-Erling Smørgrav { LDNS_STATUS_RDATA_OVERFLOW, "Rdata size overflow" }, 146*986ba33cSDag-Erling Smørgrav { LDNS_STATUS_SYNTAX_SUPERFLUOUS_TEXT_ERR, 147*986ba33cSDag-Erling Smørgrav "Syntax error, superfluous text present" }, 148*986ba33cSDag-Erling Smørgrav { LDNS_STATUS_NSEC3_DOMAINNAME_OVERFLOW, 149*986ba33cSDag-Erling Smørgrav "The NSEC3 domainname length overflow" }, 150*986ba33cSDag-Erling Smørgrav #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) 151*986ba33cSDag-Erling Smørgrav { LDNS_STATUS_DANE_NEED_OPENSSL_GE_1_1_FOR_DANE_TA, 152*986ba33cSDag-Erling Smørgrav "ldns needs to be linked with OpenSSL >= 1.1.0 to be able " 153*986ba33cSDag-Erling Smørgrav "to verify the DANE-TA usage type." }, 154*986ba33cSDag-Erling Smørgrav #else 155*986ba33cSDag-Erling Smørgrav { LDNS_STATUS_DANE_NEED_OPENSSL_GE_1_1_FOR_DANE_TA, 156*986ba33cSDag-Erling Smørgrav "ldns depends on the availability of the SSL_get0_dane() and " 157*986ba33cSDag-Erling Smørgrav "X509_STORE_CTX_set0_dane() functions within OpenSSL >= 1.1.0 " 158*986ba33cSDag-Erling Smørgrav "to be able to verify the DANE-TA usage type." }, 159*986ba33cSDag-Erling Smørgrav #endif 1607b5038d7SDag-Erling Smørgrav { 0, NULL } 1617b5038d7SDag-Erling Smørgrav }; 1627b5038d7SDag-Erling Smørgrav 1637b5038d7SDag-Erling Smørgrav const char * 1647b5038d7SDag-Erling Smørgrav ldns_get_errorstr_by_id(ldns_status err) 1657b5038d7SDag-Erling Smørgrav { 1667b5038d7SDag-Erling Smørgrav ldns_lookup_table *lt; 1677b5038d7SDag-Erling Smørgrav 1687b5038d7SDag-Erling Smørgrav lt = ldns_lookup_by_id(ldns_error_str, err); 1697b5038d7SDag-Erling Smørgrav 1707b5038d7SDag-Erling Smørgrav if (lt) { 1717b5038d7SDag-Erling Smørgrav return lt->name; 1727b5038d7SDag-Erling Smørgrav } 1737b5038d7SDag-Erling Smørgrav return NULL; 1747b5038d7SDag-Erling Smørgrav } 175