xref: /dflybsd-src/contrib/ldns/error.c (revision 7733acb50455a11cc2ee36edd926ff0fa3361e9a) 
1825eb42bSJan Lentfer /*
2825eb42bSJan Lentfer  * a error2str function to make sense of all the
3*ee791febSAntonio Huete Jimenez  * error codes we have laying around
4825eb42bSJan Lentfer  *
5825eb42bSJan Lentfer  * a Net::DNS like library for C
6825eb42bSJan Lentfer  * LibDNS Team @ NLnet Labs
7825eb42bSJan Lentfer  * (c) NLnet Labs, 2005-2006
8825eb42bSJan Lentfer  * See the file LICENSE for the license
9825eb42bSJan Lentfer  */
10825eb42bSJan Lentfer 
11825eb42bSJan Lentfer #include <ldns/config.h>
12825eb42bSJan Lentfer 
13825eb42bSJan Lentfer #include <ldns/ldns.h>
14825eb42bSJan Lentfer 
15825eb42bSJan Lentfer ldns_lookup_table ldns_error_str[] = {
16825eb42bSJan Lentfer 	{ LDNS_STATUS_OK, "All OK" },
17825eb42bSJan Lentfer 	{ LDNS_STATUS_EMPTY_LABEL, "Empty label" },
18825eb42bSJan Lentfer         { LDNS_STATUS_LABEL_OVERFLOW, "Label length overflow" },
19825eb42bSJan Lentfer         { LDNS_STATUS_DOMAINNAME_OVERFLOW, "Domainname length overflow" },
20825eb42bSJan Lentfer         { LDNS_STATUS_DOMAINNAME_UNDERFLOW, "Domainname length underflow (zero length)" },
21825eb42bSJan Lentfer         { LDNS_STATUS_DDD_OVERFLOW, "\\DDD sequence overflow (>255)" },
22825eb42bSJan Lentfer         { LDNS_STATUS_PACKET_OVERFLOW, "Packet size overflow" },
23825eb42bSJan Lentfer         { LDNS_STATUS_INVALID_POINTER, "Invalid compression pointer" },
24825eb42bSJan Lentfer         { LDNS_STATUS_MEM_ERR, "General memory error" },
25825eb42bSJan Lentfer         { LDNS_STATUS_INTERNAL_ERR, "Internal error, this should not happen" },
26825eb42bSJan Lentfer         { LDNS_STATUS_SSL_ERR, "Error in SSL library" },
27825eb42bSJan Lentfer         { LDNS_STATUS_ERR, "General LDNS error" },
28825eb42bSJan Lentfer         { LDNS_STATUS_INVALID_INT, "Conversion error, integer expected" },
29825eb42bSJan Lentfer         { LDNS_STATUS_INVALID_IP4, "Conversion error, ip4 addr expected" },
30825eb42bSJan Lentfer         { LDNS_STATUS_INVALID_IP6, "Conversion error, ip6 addr expected" },
31825eb42bSJan Lentfer         { LDNS_STATUS_INVALID_STR, "Conversion error, string expected" },
32d1b2b5caSJohn Marino 	{ LDNS_STATUS_INVALID_B32_EXT, "Conversion error, b32 ext encoding expected" },
33825eb42bSJan Lentfer         { LDNS_STATUS_INVALID_B64, "Conversion error, b64 encoding expected" },
34825eb42bSJan Lentfer         { LDNS_STATUS_INVALID_HEX, "Conversion error, hex encoding expected" },
35825eb42bSJan Lentfer         { LDNS_STATUS_INVALID_TIME, "Conversion error, time encoding expected" },
36825eb42bSJan Lentfer         { LDNS_STATUS_NETWORK_ERR, "Could not send or receive, because of network error" },
37825eb42bSJan Lentfer         { LDNS_STATUS_ADDRESS_ERR, "Could not start AXFR, because of address error" },
38825eb42bSJan Lentfer         { LDNS_STATUS_FILE_ERR, "Could not open the files" },
39819dec71SDaniel Fojt         { LDNS_STATUS_UNKNOWN_INET, "Unknown address family" },
40825eb42bSJan Lentfer         { LDNS_STATUS_NOT_IMPL, "This function is not implemented (yet), please notify the developers - or not..." },
41825eb42bSJan Lentfer 	{ LDNS_STATUS_NULL, "Supplied value pointer null" },
42825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_UNKNOWN_ALGO, "Unknown cryptographic algorithm" },
43825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL, "Cryptographic algorithm not implemented" },
44825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_NO_RRSIG, "No DNSSEC signature(s)" },
45825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_NO_DNSKEY, "No DNSSEC public key(s)" },
46825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_TYPE_COVERED_ERR, "The signature does not cover this RRset" },
47825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY, "No signatures found for trusted DNSSEC public key(s)" },
48825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_NO_DS, "No DS record(s)" },
49825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_NO_TRUSTED_DS, "Could not validate DS record(s)" },
50825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY, "No keys with the keytag and algorithm from the RRSIG found" },
51825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_VALIDATED, "Valid DNSSEC signature" },
52825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_BOGUS, "Bogus DNSSEC signature" },
53825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_SIG_EXPIRED, "DNSSEC signature has expired" },
54825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED, "DNSSEC signature not incepted yet" },
55825eb42bSJan Lentfer 	{ LDNS_STATUS_CRYPTO_TSIG_BOGUS, "Bogus TSIG signature" },
56825eb42bSJan Lentfer 	{ LDNS_STATUS_CRYPTO_TSIG_ERR, "Could not create TSIG signature" },
57825eb42bSJan Lentfer         { LDNS_STATUS_CRYPTO_EXPIRATION_BEFORE_INCEPTION, "DNSSEC signature has expiration date earlier than inception date" },
58825eb42bSJan Lentfer 	{ LDNS_STATUS_ENGINE_KEY_NOT_LOADED, "Unable to load private key from engine" },
59825eb42bSJan Lentfer         { LDNS_STATUS_NSEC3_ERR, "Error in NSEC3 denial of existence proof" },
60ac996e71SJan Lentfer 	{ LDNS_STATUS_RES_NO_NS, "No (valid) nameservers defined in the resolver" },
61825eb42bSJan Lentfer 	{ LDNS_STATUS_RES_QUERY, "No correct query given to resolver" },
62825eb42bSJan Lentfer 	{ LDNS_STATUS_WIRE_INCOMPLETE_HEADER, "header section incomplete" },
63825eb42bSJan Lentfer 	{ LDNS_STATUS_WIRE_INCOMPLETE_QUESTION, "question section incomplete" },
64825eb42bSJan Lentfer 	{ LDNS_STATUS_WIRE_INCOMPLETE_ANSWER, "answer section incomplete" },
65825eb42bSJan Lentfer 	{ LDNS_STATUS_WIRE_INCOMPLETE_AUTHORITY, "authority section incomplete" },
66825eb42bSJan Lentfer 	{ LDNS_STATUS_WIRE_INCOMPLETE_ADDITIONAL, "additional section incomplete" },
67825eb42bSJan Lentfer 	{ LDNS_STATUS_NO_DATA, "No data" },
685340022aSzrj 	{ LDNS_STATUS_EXISTS_ERR, "Element already exists" },
69825eb42bSJan Lentfer 	{ LDNS_STATUS_CERT_BAD_ALGORITHM, "Bad algorithm type for CERT record" },
70825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_TYPE_ERR, "Syntax error, could not parse the RR's type" },
71825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_CLASS_ERR, "Syntax error, could not parse the RR's class" },
72825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_TTL_ERR, "Syntax error, could not parse the RR's TTL" },
73ac996e71SJan Lentfer 	{ LDNS_STATUS_SYNTAX_INCLUDE_ERR_NOTIMPL, "Syntax error, $INCLUDE not implemented" },
74825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_RDATA_ERR, "Syntax error, could not parse the RR's rdata" },
75825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_DNAME_ERR, "Syntax error, could not parse the RR's dname(s)" },
76825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_VERSION_ERR, "Syntax error, version mismatch" },
77825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_ALG_ERR, "Syntax error, algorithm unknown or non parseable" },
78825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_KEYWORD_ERR, "Syntax error, unknown keyword in input" },
79825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_ERR, "Syntax error, could not parse the RR" },
80825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_EMPTY, "Empty line was returned" },
81825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_TTL, "$TTL directive was seen in the zone" },
82825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_ORIGIN, "$ORIGIN directive was seen in the zone" },
83ac996e71SJan Lentfer 	{ LDNS_STATUS_SYNTAX_INCLUDE, "$INCLUDE directive was seen in the zone" },
84825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_ITERATIONS_OVERFLOW, "Iterations count for NSEC3 record higher than maximum" },
85825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR, "Syntax error, value expected" },
86825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW, "Syntax error, integer value too large" },
87825eb42bSJan Lentfer 	{ LDNS_STATUS_SYNTAX_BAD_ESCAPE, "Syntax error, bad escape sequence" },
88825eb42bSJan Lentfer 	{ LDNS_STATUS_SOCKET_ERROR, "Error creating socket" },
89825eb42bSJan Lentfer 	{ LDNS_STATUS_DNSSEC_EXISTENCE_DENIED, "Existence denied by NSEC" },
90825eb42bSJan Lentfer 	{ LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED, "RR not covered by the given NSEC RRs" },
91825eb42bSJan Lentfer 	{ LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED, "wildcard not covered by the given NSEC RRs" },
92825eb42bSJan Lentfer 	{ LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND, "original of NSEC3 hashed name could not be found" },
93b5dedccaSJan Lentfer 	{ LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG, "The RRSIG has to few rdata fields" },
94b5dedccaSJan Lentfer 	{ LDNS_STATUS_MISSING_RDATA_FIELDS_KEY, "The DNSKEY has to few rdata fields" },
95d1b2b5caSJohn Marino 	{ LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN,
96d1b2b5caSJohn Marino 		"DNSSEC signature will expire too soon" },
97d1b2b5caSJohn Marino 	{ LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN,
98d1b2b5caSJohn Marino 		"DNSSEC signature not incepted long enough" },
99d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE,
100d1b2b5caSJohn Marino 		"Unknown TLSA Certificate Usage" },
101d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_UNKNOWN_SELECTOR, "Unknown TLSA Selector" },
102d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE,
103d1b2b5caSJohn Marino 		"Unknown TLSA Matching Type" },
104d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_UNKNOWN_PROTOCOL,
105d1b2b5caSJohn Marino 		"Unknown protocol. Only IPv4 and IPv6 are understood" },
106d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_UNKNOWN_TRANSPORT,
107d1b2b5caSJohn Marino 		"Unknown transport. Should be one of {tcp, udp, sctp}" },
108d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_MISSING_EXTRA_CERTS,  /* Trust anchor assertion */
109d1b2b5caSJohn Marino 		"More than one certificate should be provided" },
110d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, /* Trust anchor assertion */
111d1b2b5caSJohn Marino 		"Non of the extra certificates is used to sign the first" },
112d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE,   /* Trust anchor assertion */
113d1b2b5caSJohn Marino 		"The offset was out of range" },
114d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_INSECURE,             /* Unused by library */
115d1b2b5caSJohn Marino 		"The queried resource records were insecure" },
116d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_BOGUS,             /* Unused by library */
117d1b2b5caSJohn Marino 		"The queried resource records were bogus" },
118d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH,
119d1b2b5caSJohn Marino 		"The TLSA record(s) "
120d1b2b5caSJohn Marino 		"did not match with the server certificate (chain)" },
121d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_NON_CA_CERTIFICATE,
122d1b2b5caSJohn Marino 		"The certificate was not a CA certificate" },
123d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE,
124d1b2b5caSJohn Marino 		"Could not PKIX validate" },
125d1b2b5caSJohn Marino 	{ LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR,
126d1b2b5caSJohn Marino 		"The validation path "
127d1b2b5caSJohn Marino 		"did not end in a self-signed certificate" },
1285340022aSzrj         { LDNS_STATUS_INVALID_ILNP64,
1295340022aSzrj 		"Conversion error, 4 colon separated hex numbers expected" },
1305340022aSzrj         { LDNS_STATUS_INVALID_EUI48,
1315340022aSzrj 		"Conversion error, 6 two character hex numbers "
1325340022aSzrj 		"separated by dashes expected (i.e. xx-xx-xx-xx-xx-xx" },
1335340022aSzrj         { LDNS_STATUS_INVALID_EUI64,
1345340022aSzrj 		"Conversion error, 8 two character hex numbers "
1355340022aSzrj 		"separated by dashes expected (i.e. xx-xx-xx-xx-xx-xx-xx-xx" },
1365340022aSzrj 	{ LDNS_STATUS_WIRE_RDATA_ERR, "invalid rdata in wire format" },
1375340022aSzrj         { LDNS_STATUS_INVALID_TAG,
1385340022aSzrj 		"Conversion error, a non-zero sequence of US-ASCII letters "
1395340022aSzrj 		"and numbers in lower case expected" },
1405340022aSzrj         { LDNS_STATUS_TYPE_NOT_IN_BITMAP,
1415340022aSzrj 		"The RR type bitmap rdata field did not have "
1425340022aSzrj 		"a bit reserved for the specific RR type" },
1435340022aSzrj         { LDNS_STATUS_INVALID_RDF_TYPE,
1445340022aSzrj 		"The rdata field was not of the expected type" },
1455340022aSzrj         { LDNS_STATUS_RDATA_OVERFLOW, "Rdata size overflow" },
1465340022aSzrj 	{ LDNS_STATUS_SYNTAX_SUPERFLUOUS_TEXT_ERR,
1475340022aSzrj 		"Syntax error, superfluous text present" },
1485340022aSzrj         { LDNS_STATUS_NSEC3_DOMAINNAME_OVERFLOW,
1495340022aSzrj 		"The NSEC3 domainname length overflow" },
1505340022aSzrj #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
1515340022aSzrj         { LDNS_STATUS_DANE_NEED_OPENSSL_GE_1_1_FOR_DANE_TA,
1525340022aSzrj 		"ldns needs to be linked with OpenSSL >= 1.1.0 to be able "
1535340022aSzrj        		"to verify the DANE-TA usage type." },
1545340022aSzrj #else
1555340022aSzrj         { LDNS_STATUS_DANE_NEED_OPENSSL_GE_1_1_FOR_DANE_TA,
1565340022aSzrj 		"ldns depends on the availability of the SSL_get0_dane() and "
1575340022aSzrj 		"X509_STORE_CTX_set0_dane() functions within OpenSSL >= 1.1.0 "
1585340022aSzrj 		"to be able to verify the DANE-TA usage type." },
1595340022aSzrj #endif
160*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_ZONEMD_DOUBLE_OCCURRENCE, "A ZONEMD with the same "
161*ee791febSAntonio Huete Jimenez 		"<scheme> and hash algorithm occurred more than once." },
162*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_ZONEMD_UNKNOWN_SCHEME, "Unknown ZONEMD <scheme>" },
163*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_ZONEMD_UNKNOWN_HASH, "Unknown ZONEMD hash algorithm" },
164*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_ZONEMD_INVALID_SOA,
165*ee791febSAntonio Huete Jimenez 		"Missing or invalid SOA to associate with ZONEMD RR" },
166*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_NO_ZONEMD,
167*ee791febSAntonio Huete Jimenez 		"NSEC(3) RRs indicate that a ZONEMD exists, "
168*ee791febSAntonio Huete Jimenez 	        "but it is not found in the zone" },
169*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_NO_VALID_ZONEMD,
170*ee791febSAntonio Huete Jimenez 		"No ZONEMD matching the zone data was found" },
171*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_SYNTAX_SVCPARAM_KEY_ERR, "Syntax error in a key in "
172*ee791febSAntonio Huete Jimenez 		"the ServiceParam rdata field of SVCB or HTTPS RR" },
173*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_SYNTAX_SVCPARAM_VALUE_ERR, "Syntax error in a value in "
174*ee791febSAntonio Huete Jimenez 		"the ServiceParam rdata field of SVCB or HTTPS RR" },
175*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_RESERVED_SVCPARAM_KEY,
176*ee791febSAntonio Huete Jimenez 		"key65535 is reserved and MUST NOT be used "
177*ee791febSAntonio Huete Jimenez 		"in the ServiceParam rdata field of SVCB or HTTPS RR" },
178*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_NO_SVCPARAM_VALUE_EXPECTED,
179*ee791febSAntonio Huete Jimenez 		"A value was found for a key that SHOULD not have a value "
180*ee791febSAntonio Huete Jimenez 		"in the ServiceParam rdata field of SVCB or HTTPS RR" },
181*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_SVCPARAM_KEY_MORE_THAN_ONCE,
182*ee791febSAntonio Huete Jimenez 		"A key was found more than once "
183*ee791febSAntonio Huete Jimenez 		"in the ServiceParam rdata field of SVCB or HTTPS RR" },
184*ee791febSAntonio Huete Jimenez 	{ LDNS_STATUS_INVALID_SVCPARAM_VALUE,
185*ee791febSAntonio Huete Jimenez 		"Invalid wireformat of a value "
186*ee791febSAntonio Huete Jimenez 		"in the ServiceParam rdata field of SVCB or HTTPS RR" },
187825eb42bSJan Lentfer 	{ 0, NULL }
188825eb42bSJan Lentfer };
189825eb42bSJan Lentfer 
190825eb42bSJan Lentfer const char *
ldns_get_errorstr_by_id(ldns_status err)191825eb42bSJan Lentfer ldns_get_errorstr_by_id(ldns_status err)
192825eb42bSJan Lentfer {
193825eb42bSJan Lentfer         ldns_lookup_table *lt;
194825eb42bSJan Lentfer 
195825eb42bSJan Lentfer         lt = ldns_lookup_by_id(ldns_error_str, err);
196825eb42bSJan Lentfer 
197825eb42bSJan Lentfer         if (lt) {
198825eb42bSJan Lentfer                 return lt->name;
199825eb42bSJan Lentfer         }
200825eb42bSJan Lentfer         return NULL;
201825eb42bSJan Lentfer }
202