onkarkundargi | 72cfd36 | 2020-02-27 12:34:37 +0530 | [diff] [blame^] | 1 | // Package errorcode provides Kerberos 5 assigned error codes. |
| 2 | package errorcode |
| 3 | |
| 4 | import "fmt" |
| 5 | |
| 6 | // Kerberos error codes. |
| 7 | const ( |
| 8 | KDC_ERR_NONE int32 = 0 //No error |
| 9 | KDC_ERR_NAME_EXP int32 = 1 //Client's entry in database has expired |
| 10 | KDC_ERR_SERVICE_EXP int32 = 2 //Server's entry in database has expired |
| 11 | KDC_ERR_BAD_PVNO int32 = 3 //Requested protocol version number not supported |
| 12 | KDC_ERR_C_OLD_MAST_KVNO int32 = 4 //Client's key encrypted in old master key |
| 13 | KDC_ERR_S_OLD_MAST_KVNO int32 = 5 //Server's key encrypted in old master key |
| 14 | KDC_ERR_C_PRINCIPAL_UNKNOWN int32 = 6 //Client not found in Kerberos database |
| 15 | KDC_ERR_S_PRINCIPAL_UNKNOWN int32 = 7 //Server not found in Kerberos database |
| 16 | KDC_ERR_PRINCIPAL_NOT_UNIQUE int32 = 8 //Multiple principal entries in database |
| 17 | KDC_ERR_NULL_KEY int32 = 9 //The client or server has a null key |
| 18 | KDC_ERR_CANNOT_POSTDATE int32 = 10 //Ticket not eligible for postdating |
| 19 | KDC_ERR_NEVER_VALID int32 = 11 //Requested starttime is later than end time |
| 20 | KDC_ERR_POLICY int32 = 12 //KDC policy rejects request |
| 21 | KDC_ERR_BADOPTION int32 = 13 //KDC cannot accommodate requested option |
| 22 | KDC_ERR_ETYPE_NOSUPP int32 = 14 //KDC has no support for encryption type |
| 23 | KDC_ERR_SUMTYPE_NOSUPP int32 = 15 //KDC has no support for checksum type |
| 24 | KDC_ERR_PADATA_TYPE_NOSUPP int32 = 16 //KDC has no support for padata type |
| 25 | KDC_ERR_TRTYPE_NOSUPP int32 = 17 //KDC has no support for transited type |
| 26 | KDC_ERR_CLIENT_REVOKED int32 = 18 //Clients credentials have been revoked |
| 27 | KDC_ERR_SERVICE_REVOKED int32 = 19 //Credentials for server have been revoked |
| 28 | KDC_ERR_TGT_REVOKED int32 = 20 //TGT has been revoked |
| 29 | KDC_ERR_CLIENT_NOTYET int32 = 21 //Client not yet valid; try again later |
| 30 | KDC_ERR_SERVICE_NOTYET int32 = 22 //Server not yet valid; try again later |
| 31 | KDC_ERR_KEY_EXPIRED int32 = 23 //Password has expired; change password to reset |
| 32 | KDC_ERR_PREAUTH_FAILED int32 = 24 //Pre-authentication information was invalid |
| 33 | KDC_ERR_PREAUTH_REQUIRED int32 = 25 //Additional pre-authentication required |
| 34 | KDC_ERR_SERVER_NOMATCH int32 = 26 //Requested server and ticket don't match |
| 35 | KDC_ERR_MUST_USE_USER2USER int32 = 27 //Server principal valid for user2user only |
| 36 | KDC_ERR_PATH_NOT_ACCEPTED int32 = 28 //KDC Policy rejects transited path |
| 37 | KDC_ERR_SVC_UNAVAILABLE int32 = 29 //A service is not available |
| 38 | KRB_AP_ERR_BAD_INTEGRITY int32 = 31 //Integrity check on decrypted field failed |
| 39 | KRB_AP_ERR_TKT_EXPIRED int32 = 32 //Ticket expired |
| 40 | KRB_AP_ERR_TKT_NYV int32 = 33 //Ticket not yet valid |
| 41 | KRB_AP_ERR_REPEAT int32 = 34 //Request is a replay |
| 42 | KRB_AP_ERR_NOT_US int32 = 35 //The ticket isn't for us |
| 43 | KRB_AP_ERR_BADMATCH int32 = 36 //Ticket and authenticator don't match |
| 44 | KRB_AP_ERR_SKEW int32 = 37 //Clock skew too great |
| 45 | KRB_AP_ERR_BADADDR int32 = 38 //Incorrect net address |
| 46 | KRB_AP_ERR_BADVERSION int32 = 39 //Protocol version mismatch |
| 47 | KRB_AP_ERR_MSG_TYPE int32 = 40 //Invalid msg type |
| 48 | KRB_AP_ERR_MODIFIED int32 = 41 //Message stream modified |
| 49 | KRB_AP_ERR_BADORDER int32 = 42 //Message out of order |
| 50 | KRB_AP_ERR_BADKEYVER int32 = 44 //Specified version of key is not available |
| 51 | KRB_AP_ERR_NOKEY int32 = 45 //Service key not available |
| 52 | KRB_AP_ERR_MUT_FAIL int32 = 46 //Mutual authentication failed |
| 53 | KRB_AP_ERR_BADDIRECTION int32 = 47 //Incorrect message direction |
| 54 | KRB_AP_ERR_METHOD int32 = 48 //Alternative authentication method required |
| 55 | KRB_AP_ERR_BADSEQ int32 = 49 //Incorrect sequence number in message |
| 56 | KRB_AP_ERR_INAPP_CKSUM int32 = 50 //Inappropriate type of checksum in message |
| 57 | KRB_AP_PATH_NOT_ACCEPTED int32 = 51 //Policy rejects transited path |
| 58 | KRB_ERR_RESPONSE_TOO_BIG int32 = 52 //Response too big for UDP; retry with TCP |
| 59 | KRB_ERR_GENERIC int32 = 60 //Generic error (description in e-text) |
| 60 | KRB_ERR_FIELD_TOOLONG int32 = 61 //Field is too long for this implementation |
| 61 | KDC_ERROR_CLIENT_NOT_TRUSTED int32 = 62 //Reserved for PKINIT |
| 62 | KDC_ERROR_KDC_NOT_TRUSTED int32 = 63 //Reserved for PKINIT |
| 63 | KDC_ERROR_INVALID_SIG int32 = 64 //Reserved for PKINIT |
| 64 | KDC_ERR_KEY_TOO_WEAK int32 = 65 //Reserved for PKINIT |
| 65 | KDC_ERR_CERTIFICATE_MISMATCH int32 = 66 //Reserved for PKINIT |
| 66 | KRB_AP_ERR_NO_TGT int32 = 67 //No TGT available to validate USER-TO-USER |
| 67 | KDC_ERR_WRONG_REALM int32 = 68 //Reserved for future use |
| 68 | KRB_AP_ERR_USER_TO_USER_REQUIRED int32 = 69 //Ticket must be for USER-TO-USER |
| 69 | KDC_ERR_CANT_VERIFY_CERTIFICATE int32 = 70 //Reserved for PKINIT |
| 70 | KDC_ERR_INVALID_CERTIFICATE int32 = 71 //Reserved for PKINIT |
| 71 | KDC_ERR_REVOKED_CERTIFICATE int32 = 72 //Reserved for PKINIT |
| 72 | KDC_ERR_REVOCATION_STATUS_UNKNOWN int32 = 73 //Reserved for PKINIT |
| 73 | KDC_ERR_REVOCATION_STATUS_UNAVAILABLE int32 = 74 //Reserved for PKINIT |
| 74 | KDC_ERR_CLIENT_NAME_MISMATCH int32 = 75 //Reserved for PKINIT |
| 75 | KDC_ERR_KDC_NAME_MISMATCH int32 = 76 //Reserved for PKINIT |
| 76 | ) |
| 77 | |
| 78 | // Lookup an error code description. |
| 79 | func Lookup(i int32) string { |
| 80 | if s, ok := errorcodeLookup[i]; ok { |
| 81 | return fmt.Sprintf("(%d) %s", i, s) |
| 82 | } |
| 83 | return fmt.Sprintf("Unknown ErrorCode %d", i) |
| 84 | } |
| 85 | |
| 86 | var errorcodeLookup = map[int32]string{ |
| 87 | KDC_ERR_NONE: "KDC_ERR_NONE No error", |
| 88 | KDC_ERR_NAME_EXP: "KDC_ERR_NAME_EXP Client's entry in database has expired", |
| 89 | KDC_ERR_SERVICE_EXP: "KDC_ERR_SERVICE_EXP Server's entry in database has expired", |
| 90 | KDC_ERR_BAD_PVNO: "KDC_ERR_BAD_PVNO Requested protocol version number not supported", |
| 91 | KDC_ERR_C_OLD_MAST_KVNO: "KDC_ERR_C_OLD_MAST_KVNO Client's key encrypted in old master key", |
| 92 | KDC_ERR_S_OLD_MAST_KVNO: "KDC_ERR_S_OLD_MAST_KVNO Server's key encrypted in old master key", |
| 93 | KDC_ERR_C_PRINCIPAL_UNKNOWN: "KDC_ERR_C_PRINCIPAL_UNKNOWN Client not found in Kerberos database", |
| 94 | KDC_ERR_S_PRINCIPAL_UNKNOWN: "KDC_ERR_S_PRINCIPAL_UNKNOWN Server not found in Kerberos database", |
| 95 | KDC_ERR_PRINCIPAL_NOT_UNIQUE: "KDC_ERR_PRINCIPAL_NOT_UNIQUE Multiple principal entries in database", |
| 96 | KDC_ERR_NULL_KEY: "KDC_ERR_NULL_KEY The client or server has a null key", |
| 97 | KDC_ERR_CANNOT_POSTDATE: "KDC_ERR_CANNOT_POSTDATE Ticket not eligible for postdating", |
| 98 | KDC_ERR_NEVER_VALID: "KDC_ERR_NEVER_VALID Requested starttime is later than end time", |
| 99 | KDC_ERR_POLICY: "KDC_ERR_POLICY KDC policy rejects request", |
| 100 | KDC_ERR_BADOPTION: "KDC_ERR_BADOPTION KDC cannot accommodate requested option", |
| 101 | KDC_ERR_ETYPE_NOSUPP: "KDC_ERR_ETYPE_NOSUPP KDC has no support for encryption type", |
| 102 | KDC_ERR_SUMTYPE_NOSUPP: "KDC_ERR_SUMTYPE_NOSUPP KDC has no support for checksum type", |
| 103 | KDC_ERR_PADATA_TYPE_NOSUPP: "KDC_ERR_PADATA_TYPE_NOSUPP KDC has no support for padata type", |
| 104 | KDC_ERR_TRTYPE_NOSUPP: "KDC_ERR_TRTYPE_NOSUPP KDC has no support for transited type", |
| 105 | KDC_ERR_CLIENT_REVOKED: "KDC_ERR_CLIENT_REVOKED Clients credentials have been revoked", |
| 106 | KDC_ERR_SERVICE_REVOKED: "KDC_ERR_SERVICE_REVOKED Credentials for server have been revoked", |
| 107 | KDC_ERR_TGT_REVOKED: "KDC_ERR_TGT_REVOKED TGT has been revoked", |
| 108 | KDC_ERR_CLIENT_NOTYET: "KDC_ERR_CLIENT_NOTYET Client not yet valid; try again later", |
| 109 | KDC_ERR_SERVICE_NOTYET: "KDC_ERR_SERVICE_NOTYET Server not yet valid; try again later", |
| 110 | KDC_ERR_KEY_EXPIRED: "KDC_ERR_KEY_EXPIRED Password has expired; change password to reset", |
| 111 | KDC_ERR_PREAUTH_FAILED: "KDC_ERR_PREAUTH_FAILED Pre-authentication information was invalid", |
| 112 | KDC_ERR_PREAUTH_REQUIRED: "KDC_ERR_PREAUTH_REQUIRED Additional pre-authentication required", |
| 113 | KDC_ERR_SERVER_NOMATCH: "KDC_ERR_SERVER_NOMATCH Requested server and ticket don't match", |
| 114 | KDC_ERR_MUST_USE_USER2USER: "KDC_ERR_MUST_USE_USER2USER Server principal valid for user2user only", |
| 115 | KDC_ERR_PATH_NOT_ACCEPTED: "KDC_ERR_PATH_NOT_ACCEPTED KDC Policy rejects transited path", |
| 116 | KDC_ERR_SVC_UNAVAILABLE: "KDC_ERR_SVC_UNAVAILABLE A service is not available", |
| 117 | KRB_AP_ERR_BAD_INTEGRITY: "KRB_AP_ERR_BAD_INTEGRITY Integrity check on decrypted field failed", |
| 118 | KRB_AP_ERR_TKT_EXPIRED: "KRB_AP_ERR_TKT_EXPIRED Ticket expired", |
| 119 | KRB_AP_ERR_TKT_NYV: "KRB_AP_ERR_TKT_NYV Ticket not yet valid", |
| 120 | KRB_AP_ERR_REPEAT: "KRB_AP_ERR_REPEAT Request is a replay", |
| 121 | KRB_AP_ERR_NOT_US: "KRB_AP_ERR_NOT_US The ticket isn't for us", |
| 122 | KRB_AP_ERR_BADMATCH: "KRB_AP_ERR_BADMATCH Ticket and authenticator don't match", |
| 123 | KRB_AP_ERR_SKEW: "KRB_AP_ERR_SKEW Clock skew too great", |
| 124 | KRB_AP_ERR_BADADDR: "KRB_AP_ERR_BADADDR Incorrect net address", |
| 125 | KRB_AP_ERR_BADVERSION: "KRB_AP_ERR_BADVERSION Protocol version mismatch", |
| 126 | KRB_AP_ERR_MSG_TYPE: "KRB_AP_ERR_MSG_TYPE Invalid msg type", |
| 127 | KRB_AP_ERR_MODIFIED: "KRB_AP_ERR_MODIFIED Message stream modified", |
| 128 | KRB_AP_ERR_BADORDER: "KRB_AP_ERR_BADORDER Message out of order", |
| 129 | KRB_AP_ERR_BADKEYVER: "KRB_AP_ERR_BADKEYVER Specified version of key is not available", |
| 130 | KRB_AP_ERR_NOKEY: "KRB_AP_ERR_NOKEY Service key not available", |
| 131 | KRB_AP_ERR_MUT_FAIL: "KRB_AP_ERR_MUT_FAIL Mutual authentication failed", |
| 132 | KRB_AP_ERR_BADDIRECTION: "KRB_AP_ERR_BADDIRECTION Incorrect message direction", |
| 133 | KRB_AP_ERR_METHOD: "KRB_AP_ERR_METHOD Alternative authentication method required", |
| 134 | KRB_AP_ERR_BADSEQ: "KRB_AP_ERR_BADSEQ Incorrect sequence number in message", |
| 135 | KRB_AP_ERR_INAPP_CKSUM: "KRB_AP_ERR_INAPP_CKSUM Inappropriate type of checksum in message", |
| 136 | KRB_AP_PATH_NOT_ACCEPTED: "KRB_AP_PATH_NOT_ACCEPTED Policy rejects transited path", |
| 137 | KRB_ERR_RESPONSE_TOO_BIG: "KRB_ERR_RESPONSE_TOO_BIG Response too big for UDP; retry with TCP", |
| 138 | KRB_ERR_GENERIC: "KRB_ERR_GENERIC Generic error (description in e-text)", |
| 139 | KRB_ERR_FIELD_TOOLONG: "KRB_ERR_FIELD_TOOLONG Field is too long for this implementation", |
| 140 | KDC_ERROR_CLIENT_NOT_TRUSTED: "KDC_ERROR_CLIENT_NOT_TRUSTED Reserved for PKINIT", |
| 141 | KDC_ERROR_KDC_NOT_TRUSTED: "KDC_ERROR_KDC_NOT_TRUSTED Reserved for PKINIT", |
| 142 | KDC_ERROR_INVALID_SIG: "KDC_ERROR_INVALID_SIG Reserved for PKINIT", |
| 143 | KDC_ERR_KEY_TOO_WEAK: "KDC_ERR_KEY_TOO_WEAK Reserved for PKINIT", |
| 144 | KDC_ERR_CERTIFICATE_MISMATCH: "KDC_ERR_CERTIFICATE_MISMATCH Reserved for PKINIT", |
| 145 | KRB_AP_ERR_NO_TGT: "KRB_AP_ERR_NO_TGT No TGT available to validate USER-TO-USER", |
| 146 | KDC_ERR_WRONG_REALM: "KDC_ERR_WRONG_REALM Reserved for future use", |
| 147 | KRB_AP_ERR_USER_TO_USER_REQUIRED: "KRB_AP_ERR_USER_TO_USER_REQUIRED Ticket must be for USER-TO-USER", |
| 148 | KDC_ERR_CANT_VERIFY_CERTIFICATE: "KDC_ERR_CANT_VERIFY_CERTIFICATE Reserved for PKINIT", |
| 149 | KDC_ERR_INVALID_CERTIFICATE: "KDC_ERR_INVALID_CERTIFICATE Reserved for PKINIT", |
| 150 | KDC_ERR_REVOKED_CERTIFICATE: "KDC_ERR_REVOKED_CERTIFICATE Reserved for PKINIT", |
| 151 | KDC_ERR_REVOCATION_STATUS_UNKNOWN: "KDC_ERR_REVOCATION_STATUS_UNKNOWN Reserved for PKINIT", |
| 152 | KDC_ERR_REVOCATION_STATUS_UNAVAILABLE: "KDC_ERR_REVOCATION_STATUS_UNAVAILABLE Reserved for PKINIT", |
| 153 | KDC_ERR_CLIENT_NAME_MISMATCH: "KDC_ERR_CLIENT_NAME_MISMATCH Reserved for PKINIT", |
| 154 | KDC_ERR_KDC_NAME_MISMATCH: "KDC_ERR_KDC_NAME_MISMATCH Reserved for PKINIT", |
| 155 | } |