xref: /freebsd/crypto/heimdal/lib/krb5/krb5_err.et (revision 41466b50c1d5bfd1cf6adaae547a579a75d7c04e)
1#
2# Error messages for the krb5 library
3#
4# This might look like a com_err file, but is not
5#
6id "$Id: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $"
7
8error_table krb5
9
10prefix KRB5KDC_ERR
11error_code NONE,		"No error"
12error_code NAME_EXP,		"Client's entry in database has expired"
13error_code SERVICE_EXP,		"Server's entry in database has expired"
14error_code BAD_PVNO,		"Requested protocol version not supported"
15error_code C_OLD_MAST_KVNO,	"Client's key is encrypted in an old master key"
16error_code S_OLD_MAST_KVNO,	"Server's key is encrypted in an old master key"
17error_code C_PRINCIPAL_UNKNOWN,	"Client not found in Kerberos database"
18error_code S_PRINCIPAL_UNKNOWN,	"Server not found in Kerberos database"
19error_code PRINCIPAL_NOT_UNIQUE,"Principal has multiple entries in Kerberos database"
20error_code NULL_KEY,		"Client or server has a null key"
21error_code CANNOT_POSTDATE,	"Ticket is ineligible for postdating"
22error_code NEVER_VALID,		"Requested effective lifetime is negative or too short"
23error_code POLICY,		"KDC policy rejects request"
24error_code BADOPTION,		"KDC can't fulfill requested option"
25error_code ETYPE_NOSUPP,	"KDC has no support for encryption type"
26error_code SUMTYPE_NOSUPP,	"KDC has no support for checksum type"
27error_code PADATA_TYPE_NOSUPP,	"KDC has no support for padata type"
28error_code TRTYPE_NOSUPP,	"KDC has no support for transited type"
29error_code CLIENT_REVOKED,	"Clients credentials have been revoked"
30error_code SERVICE_REVOKED,	"Credentials for server have been revoked"
31error_code TGT_REVOKED,		"TGT has been revoked"
32error_code CLIENT_NOTYET,	"Client not yet valid - try again later"
33error_code SERVICE_NOTYET,	"Server not yet valid - try again later"
34error_code KEY_EXPIRED,		"Password has expired"
35error_code PREAUTH_FAILED,	"Preauthentication failed"
36error_code PREAUTH_REQUIRED,	"Additional pre-authentication required"
37error_code SERVER_NOMATCH,	"Requested server and ticket don't match"
38
39# 27-30 are reserved
40index 31
41prefix KRB5KRB_AP
42error_code ERR_BAD_INTEGRITY,	"Decrypt integrity check failed"
43error_code ERR_TKT_EXPIRED,	"Ticket expired"
44error_code ERR_TKT_NYV,		"Ticket not yet valid"
45error_code ERR_REPEAT,		"Request is a replay"
46error_code ERR_NOT_US,		"The ticket isn't for us"
47error_code ERR_BADMATCH,	"Ticket/authenticator don't match"
48error_code ERR_SKEW,		"Clock skew too great"
49error_code ERR_BADADDR,		"Incorrect net address"
50error_code ERR_BADVERSION,	"Protocol version mismatch"
51error_code ERR_MSG_TYPE,	"Invalid message type"
52error_code ERR_MODIFIED,	"Message stream modified"
53error_code ERR_BADORDER,	"Message out of order"
54error_code ERR_ILL_CR_TKT,	"Invalid cross-realm ticket"
55error_code ERR_BADKEYVER,	"Key version is not available"
56error_code ERR_NOKEY,		"Service key not available"
57error_code ERR_MUT_FAIL,	"Mutual authentication failed"
58error_code ERR_BADDIRECTION,	"Incorrect message direction"
59error_code ERR_METHOD,		"Alternative authentication method required"
60error_code ERR_BADSEQ,		"Incorrect sequence number in message"
61error_code ERR_INAPP_CKSUM,	"Inappropriate type of checksum in message"
62error_code PATH_NOT_ACCEPTED,	"Policy rejects transited path"
63
64prefix KRB5KRB_ERR
65error_code RESPONSE_TOO_BIG,	"Response too big for UDP, retry with TCP"
66# 53-59 are reserved
67index 60
68error_code GENERIC,		"Generic error (see e-text)"
69error_code FIELD_TOOLONG,	"Field is too long for this implementation"
70
71# pkinit
72index 62
73prefix KDC_ERROR
74error_code CLIENT_NOT_TRUSTED,	"Client not trusted"
75error_code KDC_NOT_TRUSTED,	"KDC not trusted"
76error_code INVALID_SIG,		"Invalid signature"
77error_code KEY_TOO_WEAK,	"Key too weak"
78error_code CERTIFICATE_MISMATCH, "Certificate mismatch"
79prefix KRB5_AP_ERR
80error_code USER_TO_USER_REQUIRED, "User to user required"
81prefix KDC_ERROR
82error_code CANT_VERIFY_CERTIFICATE, "Cannot verify certificate"
83error_code INVALID_CERTIFICATE,	"Invalid certificate"
84error_code REVOKED_CERTIFICATE,	"Revoked certificate"
85error_code REVOCATION_STATUS_UNKNOWN,	"Revocation status unknown"
86error_code REVOCATION_STATUS_UNAVAILABLE,"Revocation status unavailable"
87error_code CLIENT_NAME_MISMATCH,	"Client name mismatch"
88error_code KDC_NAME_MISMATCH,	"KDC name mismatch"
89
90# 77-127 are reserved
91
92index 128
93prefix
94error_code KRB5_ERR_RCSID,	"$Id: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $"
95
96error_code KRB5_LIBOS_BADLOCKFLAG,	"Invalid flag for file lock mode"
97error_code KRB5_LIBOS_CANTREADPWD,	"Cannot read password"
98error_code KRB5_LIBOS_BADPWDMATCH,	"Password mismatch"
99error_code KRB5_LIBOS_PWDINTR,		"Password read interrupted"
100
101error_code KRB5_PARSE_ILLCHAR,		"Invalid character in component name"
102error_code KRB5_PARSE_MALFORMED,	"Malformed representation of principal"
103
104error_code KRB5_CONFIG_CANTOPEN,	"Can't open/find configuration file"
105error_code KRB5_CONFIG_BADFORMAT,	"Improper format of configuration file"
106error_code KRB5_CONFIG_NOTENUFSPACE,	"Insufficient space to return complete information"
107
108error_code KRB5_BADMSGTYPE,		"Invalid message type specified for encoding"
109
110error_code KRB5_CC_BADNAME,		"Credential cache name malformed"
111error_code KRB5_CC_UNKNOWN_TYPE,	"Unknown credential cache type"
112error_code KRB5_CC_NOTFOUND,		"Matching credential not found"
113error_code KRB5_CC_END,			"End of credential cache reached"
114
115error_code KRB5_NO_TKT_SUPPLIED,	"Request did not supply a ticket"
116
117error_code KRB5KRB_AP_WRONG_PRINC,		"Wrong principal in request"
118error_code KRB5KRB_AP_ERR_TKT_INVALID,	"Ticket has invalid flag set"
119
120error_code KRB5_PRINC_NOMATCH,		"Requested principal and ticket don't match"
121error_code KRB5_KDCREP_MODIFIED,	"KDC reply did not match expectations"
122error_code KRB5_KDCREP_SKEW,		"Clock skew too great in KDC reply"
123error_code KRB5_IN_TKT_REALM_MISMATCH,	"Client/server realm mismatch in initial ticket request"
124
125error_code KRB5_PROG_ETYPE_NOSUPP,	"Program lacks support for encryption type"
126error_code KRB5_PROG_KEYTYPE_NOSUPP,	"Program lacks support for key type"
127error_code KRB5_WRONG_ETYPE,		"Requested encryption type not used in message"
128error_code KRB5_PROG_SUMTYPE_NOSUPP,	"Program lacks support for checksum type"
129
130error_code KRB5_REALM_UNKNOWN,		"Cannot find KDC for requested realm"
131error_code KRB5_SERVICE_UNKNOWN,	"Kerberos service unknown"
132error_code KRB5_KDC_UNREACH,		"Cannot contact any KDC for requested realm"
133error_code KRB5_NO_LOCALNAME,		"No local name found for principal name"
134
135error_code KRB5_MUTUAL_FAILED,		"Mutual authentication failed"
136
137# some of these should be combined/supplanted by system codes
138
139error_code KRB5_RC_TYPE_EXISTS,		"Replay cache type is already registered"
140error_code KRB5_RC_MALLOC,		"No more memory to allocate (in replay cache code)"
141error_code KRB5_RC_TYPE_NOTFOUND,	"Replay cache type is unknown"
142error_code KRB5_RC_UNKNOWN,		"Generic unknown RC error"
143error_code KRB5_RC_REPLAY,		"Message is a replay"
144error_code KRB5_RC_IO,			"Replay I/O operation failed XXX"
145error_code KRB5_RC_NOIO,		"Replay cache type does not support non-volatile storage"
146error_code KRB5_RC_PARSE,		"Replay cache name parse/format error"
147
148error_code KRB5_RC_IO_EOF,		"End-of-file on replay cache I/O"
149error_code KRB5_RC_IO_MALLOC,		"No more memory to allocate (in replay cache I/O code)"
150error_code KRB5_RC_IO_PERM,		"Permission denied in replay cache code"
151error_code KRB5_RC_IO_IO,		"I/O error in replay cache i/o code"
152error_code KRB5_RC_IO_UNKNOWN,		"Generic unknown RC/IO error"
153error_code KRB5_RC_IO_SPACE,		"Insufficient system space to store replay information"
154
155error_code KRB5_TRANS_CANTOPEN,		"Can't open/find realm translation file"
156error_code KRB5_TRANS_BADFORMAT,	"Improper format of realm translation file"
157
158error_code KRB5_LNAME_CANTOPEN,		"Can't open/find lname translation database"
159error_code KRB5_LNAME_NOTRANS,		"No translation available for requested principal"
160error_code KRB5_LNAME_BADFORMAT,	"Improper format of translation database entry"
161
162error_code KRB5_CRYPTO_INTERNAL,	"Cryptosystem internal error"
163
164error_code KRB5_KT_BADNAME,		"Key table name malformed"
165error_code KRB5_KT_UNKNOWN_TYPE,	"Unknown Key table type"
166error_code KRB5_KT_NOTFOUND,		"Key table entry not found"
167error_code KRB5_KT_END,			"End of key table reached"
168error_code KRB5_KT_NOWRITE,		"Cannot write to specified key table"
169error_code KRB5_KT_IOERR,		"Error writing to key table"
170
171error_code KRB5_NO_TKT_IN_RLM,		"Cannot find ticket for requested realm"
172error_code KRB5DES_BAD_KEYPAR,		"DES key has bad parity"
173error_code KRB5DES_WEAK_KEY,		"DES key is a weak key"
174
175error_code KRB5_BAD_ENCTYPE,		"Bad encryption type"
176error_code KRB5_BAD_KEYSIZE,		"Key size is incompatible with encryption type"
177error_code KRB5_BAD_MSIZE,		"Message size is incompatible with encryption type"
178
179error_code KRB5_CC_TYPE_EXISTS,		"Credentials cache type is already registered."
180error_code KRB5_KT_TYPE_EXISTS,		"Key table type is already registered."
181
182error_code KRB5_CC_IO,			"Credentials cache I/O operation failed XXX"
183error_code KRB5_FCC_PERM,		"Credentials cache file permissions incorrect"
184error_code KRB5_FCC_NOFILE,		"No credentials cache file found"
185error_code KRB5_FCC_INTERNAL,		"Internal file credentials cache error"
186error_code KRB5_CC_WRITE,		"Error writing to credentials cache file"
187error_code KRB5_CC_NOMEM,		"No more memory to allocate (in credentials cache code)"
188error_code KRB5_CC_FORMAT,		"Bad format in credentials cache"
189
190# errors for dual tgt library calls
191error_code KRB5_INVALID_FLAGS,		"Invalid KDC option combination (library internal error)"
192error_code KRB5_NO_2ND_TKT,		"Request missing second ticket"
193
194error_code KRB5_NOCREDS_SUPPLIED,	"No credentials supplied to library routine"
195
196# errors for sendauth (and recvauth)
197
198error_code KRB5_SENDAUTH_BADAUTHVERS,	"Bad sendauth version was sent"
199error_code KRB5_SENDAUTH_BADAPPLVERS,	"Bad application version was sent (via sendauth)"
200error_code KRB5_SENDAUTH_BADRESPONSE,	"Bad response (during sendauth exchange)"
201error_code KRB5_SENDAUTH_REJECTED,	"Server rejected authentication (during sendauth exchange)"
202
203# errors for preauthentication
204
205error_code KRB5_PREAUTH_BAD_TYPE,	"Unsupported preauthentication type"
206error_code KRB5_PREAUTH_NO_KEY,		"Required preauthentication key not supplied"
207error_code KRB5_PREAUTH_FAILED,		"Generic preauthentication failure"
208
209# version number errors
210
211error_code KRB5_RCACHE_BADVNO,	"Unsupported replay cache format version number"
212error_code KRB5_CCACHE_BADVNO,	"Unsupported credentials cache format version number"
213error_code KRB5_KEYTAB_BADVNO,	"Unsupported key table format version number"
214
215#
216#
217
218error_code KRB5_PROG_ATYPE_NOSUPP,	"Program lacks support for address type"
219error_code KRB5_RC_REQUIRED,	"Message replay detection requires rcache parameter"
220error_code KRB5_ERR_BAD_HOSTNAME,	"Hostname cannot be canonicalized"
221error_code KRB5_ERR_HOST_REALM_UNKNOWN,	"Cannot determine realm for host"
222error_code KRB5_SNAME_UNSUPP_NAMETYPE,	"Conversion to service principal undefined for name type"
223
224error_code KRB5KRB_AP_ERR_V4_REPLY, "Initial Ticket response appears to be Version 4"
225error_code KRB5_REALM_CANT_RESOLVE,	"Cannot resolve KDC for requested realm"
226error_code KRB5_TKT_NOT_FORWARDABLE,	"Requesting ticket can't get forwardable tickets"
227error_code KRB5_FWD_BAD_PRINCIPAL, "Bad principal name while trying to forward credentials"
228
229error_code KRB5_GET_IN_TKT_LOOP,  "Looping detected inside krb5_get_in_tkt"
230error_code KRB5_CONFIG_NODEFREALM,	"Configuration file does not specify default realm"
231
232error_code KRB5_SAM_UNSUPPORTED,  "Bad SAM flags in obtain_sam_padata"
233error_code KRB5_KT_NAME_TOOLONG,	"Keytab name too long"
234
235end
236