1 /* 2 * a error2str function to make sense of all the 3 * error codes we have laying around 4 * 5 * a Net::DNS like library for C 6 * LibDNS Team @ NLnet Labs 7 * (c) NLnet Labs, 2005-2006 8 * See the file LICENSE for the license 9 */ 10 11 #include <ldns/config.h> 12 13 #include <ldns/ldns.h> 14 15 ldns_lookup_table ldns_error_str[] = { 16 { LDNS_STATUS_OK, "All OK" }, 17 { LDNS_STATUS_EMPTY_LABEL, "Empty label" }, 18 { LDNS_STATUS_LABEL_OVERFLOW, "Label length overflow" }, 19 { LDNS_STATUS_DOMAINNAME_OVERFLOW, "Domainname length overflow" }, 20 { LDNS_STATUS_DOMAINNAME_UNDERFLOW, "Domainname length underflow (zero length)" }, 21 { LDNS_STATUS_DDD_OVERFLOW, "\\DDD sequence overflow (>255)" }, 22 { LDNS_STATUS_PACKET_OVERFLOW, "Packet size overflow" }, 23 { LDNS_STATUS_INVALID_POINTER, "Invalid compression pointer" }, 24 { LDNS_STATUS_MEM_ERR, "General memory error" }, 25 { LDNS_STATUS_INTERNAL_ERR, "Internal error, this should not happen" }, 26 { LDNS_STATUS_SSL_ERR, "Error in SSL library" }, 27 { LDNS_STATUS_ERR, "General LDNS error" }, 28 { LDNS_STATUS_INVALID_INT, "Conversion error, integer expected" }, 29 { LDNS_STATUS_INVALID_IP4, "Conversion error, ip4 addr expected" }, 30 { LDNS_STATUS_INVALID_IP6, "Conversion error, ip6 addr expected" }, 31 { LDNS_STATUS_INVALID_STR, "Conversion error, string expected" }, 32 { LDNS_STATUS_INVALID_B32_EXT, "Conversion error, b32 ext encoding expected" }, 33 { LDNS_STATUS_INVALID_B64, "Conversion error, b64 encoding expected" }, 34 { LDNS_STATUS_INVALID_HEX, "Conversion error, hex encoding expected" }, 35 { LDNS_STATUS_INVALID_TIME, "Conversion error, time encoding expected" }, 36 { LDNS_STATUS_NETWORK_ERR, "Could not send or receive, because of network error" }, 37 { LDNS_STATUS_ADDRESS_ERR, "Could not start AXFR, because of address error" }, 38 { LDNS_STATUS_FILE_ERR, "Could not open the files" }, 39 { LDNS_STATUS_UNKNOWN_INET, "Unknown address family" }, 40 { LDNS_STATUS_NOT_IMPL, "This function is not implemented (yet), please notify the developers - or not..." }, 41 { LDNS_STATUS_NULL, "Supplied value pointer null" }, 42 { LDNS_STATUS_CRYPTO_UNKNOWN_ALGO, "Unknown cryptographic algorithm" }, 43 { LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL, "Cryptographic algorithm not implemented" }, 44 { LDNS_STATUS_CRYPTO_NO_RRSIG, "No DNSSEC signature(s)" }, 45 { LDNS_STATUS_CRYPTO_NO_DNSKEY, "No DNSSEC public key(s)" }, 46 { LDNS_STATUS_CRYPTO_TYPE_COVERED_ERR, "The signature does not cover this RRset" }, 47 { LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY, "No signatures found for trusted DNSSEC public key(s)" }, 48 { LDNS_STATUS_CRYPTO_NO_DS, "No DS record(s)" }, 49 { LDNS_STATUS_CRYPTO_NO_TRUSTED_DS, "Could not validate DS record(s)" }, 50 { LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY, "No keys with the keytag and algorithm from the RRSIG found" }, 51 { LDNS_STATUS_CRYPTO_VALIDATED, "Valid DNSSEC signature" }, 52 { LDNS_STATUS_CRYPTO_BOGUS, "Bogus DNSSEC signature" }, 53 { LDNS_STATUS_CRYPTO_SIG_EXPIRED, "DNSSEC signature has expired" }, 54 { LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED, "DNSSEC signature not incepted yet" }, 55 { LDNS_STATUS_CRYPTO_TSIG_BOGUS, "Bogus TSIG signature" }, 56 { LDNS_STATUS_CRYPTO_TSIG_ERR, "Could not create TSIG signature" }, 57 { LDNS_STATUS_CRYPTO_EXPIRATION_BEFORE_INCEPTION, "DNSSEC signature has expiration date earlier than inception date" }, 58 { LDNS_STATUS_ENGINE_KEY_NOT_LOADED, "Unable to load private key from engine" }, 59 { LDNS_STATUS_NSEC3_ERR, "Error in NSEC3 denial of existence proof" }, 60 { LDNS_STATUS_RES_NO_NS, "No (valid) nameservers defined in the resolver" }, 61 { LDNS_STATUS_RES_QUERY, "No correct query given to resolver" }, 62 { LDNS_STATUS_WIRE_INCOMPLETE_HEADER, "header section incomplete" }, 63 { LDNS_STATUS_WIRE_INCOMPLETE_QUESTION, "question section incomplete" }, 64 { LDNS_STATUS_WIRE_INCOMPLETE_ANSWER, "answer section incomplete" }, 65 { LDNS_STATUS_WIRE_INCOMPLETE_AUTHORITY, "authority section incomplete" }, 66 { LDNS_STATUS_WIRE_INCOMPLETE_ADDITIONAL, "additional section incomplete" }, 67 { LDNS_STATUS_NO_DATA, "No data" }, 68 { LDNS_STATUS_EXISTS_ERR, "Element already exists" }, 69 { LDNS_STATUS_CERT_BAD_ALGORITHM, "Bad algorithm type for CERT record" }, 70 { LDNS_STATUS_SYNTAX_TYPE_ERR, "Syntax error, could not parse the RR's type" }, 71 { LDNS_STATUS_SYNTAX_CLASS_ERR, "Syntax error, could not parse the RR's class" }, 72 { LDNS_STATUS_SYNTAX_TTL_ERR, "Syntax error, could not parse the RR's TTL" }, 73 { LDNS_STATUS_SYNTAX_INCLUDE_ERR_NOTIMPL, "Syntax error, $INCLUDE not implemented" }, 74 { LDNS_STATUS_SYNTAX_RDATA_ERR, "Syntax error, could not parse the RR's rdata" }, 75 { LDNS_STATUS_SYNTAX_DNAME_ERR, "Syntax error, could not parse the RR's dname(s)" }, 76 { LDNS_STATUS_SYNTAX_VERSION_ERR, "Syntax error, version mismatch" }, 77 { LDNS_STATUS_SYNTAX_ALG_ERR, "Syntax error, algorithm unknown or non parseable" }, 78 { LDNS_STATUS_SYNTAX_KEYWORD_ERR, "Syntax error, unknown keyword in input" }, 79 { LDNS_STATUS_SYNTAX_ERR, "Syntax error, could not parse the RR" }, 80 { LDNS_STATUS_SYNTAX_EMPTY, "Empty line was returned" }, 81 { LDNS_STATUS_SYNTAX_TTL, "$TTL directive was seen in the zone" }, 82 { LDNS_STATUS_SYNTAX_ORIGIN, "$ORIGIN directive was seen in the zone" }, 83 { LDNS_STATUS_SYNTAX_INCLUDE, "$INCLUDE directive was seen in the zone" }, 84 { LDNS_STATUS_SYNTAX_ITERATIONS_OVERFLOW, "Iterations count for NSEC3 record higher than maximum" }, 85 { LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR, "Syntax error, value expected" }, 86 { LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW, "Syntax error, integer value too large" }, 87 { LDNS_STATUS_SYNTAX_BAD_ESCAPE, "Syntax error, bad escape sequence" }, 88 { LDNS_STATUS_SOCKET_ERROR, "Error creating socket" }, 89 { LDNS_STATUS_DNSSEC_EXISTENCE_DENIED, "Existence denied by NSEC" }, 90 { LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED, "RR not covered by the given NSEC RRs" }, 91 { LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED, "wildcard not covered by the given NSEC RRs" }, 92 { LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND, "original of NSEC3 hashed name could not be found" }, 93 { LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG, "The RRSIG has to few rdata fields" }, 94 { LDNS_STATUS_MISSING_RDATA_FIELDS_KEY, "The DNSKEY has to few rdata fields" }, 95 { LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN, 96 "DNSSEC signature will expire too soon" }, 97 { LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN, 98 "DNSSEC signature not incepted long enough" }, 99 { LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE, 100 "Unknown TLSA Certificate Usage" }, 101 { LDNS_STATUS_DANE_UNKNOWN_SELECTOR, "Unknown TLSA Selector" }, 102 { LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE, 103 "Unknown TLSA Matching Type" }, 104 { LDNS_STATUS_DANE_UNKNOWN_PROTOCOL, 105 "Unknown protocol. Only IPv4 and IPv6 are understood" }, 106 { LDNS_STATUS_DANE_UNKNOWN_TRANSPORT, 107 "Unknown transport. Should be one of {tcp, udp, sctp}" }, 108 { LDNS_STATUS_DANE_MISSING_EXTRA_CERTS, /* Trust anchor assertion */ 109 "More than one certificate should be provided" }, 110 { LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, /* Trust anchor assertion */ 111 "Non of the extra certificates is used to sign the first" }, 112 { LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE, /* Trust anchor assertion */ 113 "The offset was out of range" }, 114 { LDNS_STATUS_DANE_INSECURE, /* Unused by library */ 115 "The queried resource records were insecure" }, 116 { LDNS_STATUS_DANE_BOGUS, /* Unused by library */ 117 "The queried resource records were bogus" }, 118 { LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH, 119 "The TLSA record(s) " 120 "did not match with the server certificate (chain)" }, 121 { LDNS_STATUS_DANE_NON_CA_CERTIFICATE, 122 "The certificate was not a CA certificate" }, 123 { LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE, 124 "Could not PKIX validate" }, 125 { LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR, 126 "The validation path " 127 "did not end in a self-signed certificate" }, 128 { LDNS_STATUS_INVALID_ILNP64, 129 "Conversion error, 4 colon separated hex numbers expected" }, 130 { LDNS_STATUS_INVALID_EUI48, 131 "Conversion error, 6 two character hex numbers " 132 "separated by dashes expected (i.e. xx-xx-xx-xx-xx-xx" }, 133 { LDNS_STATUS_INVALID_EUI64, 134 "Conversion error, 8 two character hex numbers " 135 "separated by dashes expected (i.e. xx-xx-xx-xx-xx-xx-xx-xx" }, 136 { LDNS_STATUS_WIRE_RDATA_ERR, "invalid rdata in wire format" }, 137 { LDNS_STATUS_INVALID_TAG, 138 "Conversion error, a non-zero sequence of US-ASCII letters " 139 "and numbers in lower case expected" }, 140 { LDNS_STATUS_TYPE_NOT_IN_BITMAP, 141 "The RR type bitmap rdata field did not have " 142 "a bit reserved for the specific RR type" }, 143 { LDNS_STATUS_INVALID_RDF_TYPE, 144 "The rdata field was not of the expected type" }, 145 { LDNS_STATUS_RDATA_OVERFLOW, "Rdata size overflow" }, 146 { LDNS_STATUS_SYNTAX_SUPERFLUOUS_TEXT_ERR, 147 "Syntax error, superfluous text present" }, 148 { LDNS_STATUS_NSEC3_DOMAINNAME_OVERFLOW, 149 "The NSEC3 domainname length overflow" }, 150 #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) 151 { LDNS_STATUS_DANE_NEED_OPENSSL_GE_1_1_FOR_DANE_TA, 152 "ldns needs to be linked with OpenSSL >= 1.1.0 to be able " 153 "to verify the DANE-TA usage type." }, 154 #else 155 { LDNS_STATUS_DANE_NEED_OPENSSL_GE_1_1_FOR_DANE_TA, 156 "ldns depends on the availability of the SSL_get0_dane() and " 157 "X509_STORE_CTX_set0_dane() functions within OpenSSL >= 1.1.0 " 158 "to be able to verify the DANE-TA usage type." }, 159 #endif 160 { LDNS_STATUS_ZONEMD_DOUBLE_OCCURRENCE, "A ZONEMD with the same " 161 "<scheme> and hash algorithm occurred more than once." }, 162 { LDNS_STATUS_ZONEMD_UNKNOWN_SCHEME, "Unknown ZONEMD <scheme>" }, 163 { LDNS_STATUS_ZONEMD_UNKNOWN_HASH, "Unknown ZONEMD hash algorithm" }, 164 { LDNS_STATUS_ZONEMD_INVALID_SOA, 165 "Missing or invalid SOA to associate with ZONEMD RR" }, 166 { LDNS_STATUS_NO_ZONEMD, 167 "NSEC(3) RRs indicate that a ZONEMD exists, " 168 "but it is not found in the zone" }, 169 { LDNS_STATUS_NO_VALID_ZONEMD, 170 "No ZONEMD matching the zone data was found" }, 171 { LDNS_STATUS_SYNTAX_SVCPARAM_KEY_ERR, "Syntax error in a key in " 172 "the ServiceParam rdata field of SVCB or HTTPS RR" }, 173 { LDNS_STATUS_SYNTAX_SVCPARAM_VALUE_ERR, "Syntax error in a value in " 174 "the ServiceParam rdata field of SVCB or HTTPS RR" }, 175 { LDNS_STATUS_RESERVED_SVCPARAM_KEY, 176 "key65535 is reserved and MUST NOT be used " 177 "in the ServiceParam rdata field of SVCB or HTTPS RR" }, 178 { LDNS_STATUS_NO_SVCPARAM_VALUE_EXPECTED, 179 "A value was found for a key that SHOULD not have a value " 180 "in the ServiceParam rdata field of SVCB or HTTPS RR" }, 181 { LDNS_STATUS_SVCPARAM_KEY_MORE_THAN_ONCE, 182 "A key was found more than once " 183 "in the ServiceParam rdata field of SVCB or HTTPS RR" }, 184 { LDNS_STATUS_INVALID_SVCPARAM_VALUE, 185 "Invalid wireformat of a value " 186 "in the ServiceParam rdata field of SVCB or HTTPS RR" }, 187 { 0, NULL } 188 }; 189 190 const char * 191 ldns_get_errorstr_by_id(ldns_status err) 192 { 193 ldns_lookup_table *lt; 194 195 lt = ldns_lookup_by_id(ldns_error_str, err); 196 197 if (lt) { 198 return lt->name; 199 } 200 return NULL; 201 } 202