diff options
author | Jannis Hoffmann <jannis@fehcom.de> | 2024-07-03 15:48:04 +0200 |
---|---|---|
committer | Jannis Hoffmann <jannis@fehcom.de> | 2024-07-03 15:48:04 +0200 |
commit | 89b7b67a13ebb7965cc7f13ad0595e2194a2d34c (patch) | |
tree | 25efd77a90ae87236e6730d8ea3846bbe0fd126f /src/tls_errors.c |
add sqmail-4.2.29asqmail-4.2
Diffstat (limited to 'src/tls_errors.c')
-rw-r--r-- | src/tls_errors.c | 158 |
1 files changed, 158 insertions, 0 deletions
diff --git a/src/tls_errors.c b/src/tls_errors.c new file mode 100644 index 0000000..5c30236 --- /dev/null +++ b/src/tls_errors.c @@ -0,0 +1,158 @@ +#include <unistd.h> +#include "stralloc.h" +#include "tls_errors.h" +#include "error.h" + +/** @file tls_errors.c + @brief temp_tls* routines are used for error messges +*/ + +/* TLS error messages: A) Setup */ + +void temp_tlscert() +{ + out("ZCan't load X.509 certificate: "); + outsafe(&certfile); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlskey() +{ + out("ZCan't load X.509 private key: "); + outsafe(&keyfile); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlschk() +{ + out("ZKeyfile does not match X.509 certificate: "); + outsafe(&keypwd); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlsca() +{ + out("ZI wasn't able to set up CAFILE: "); + outsafe(&cafile); + out(" or CADIR: "); + outsafe(&cadir); + out(" for TLS. (#4.4.1)\n"); + zerodie(); +} + +void temp_tlscipher() +{ + out("ZI wasn't able to process the TLS ciphers: "); + outsafe(&ciphers); + out(" (#4.4.1)\n"); + zerodie(); +} + +/* TLS error messages: B) Connection related */ + +void temp_tlsctx() +{ + out("ZI wasn't able to create TLS context for: "); + outsafe(&host); out(" at "); out(remotehost.s); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlscon() +{ + errno = EPROTO; + out("ZI wasn't able to establish a TLS connection with: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlserr() +{ + errno = EPROTO; + out("ZTLS connection/protocol error with: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlshost() +{ + out("ZI wasn't able to negotiate a StartTLS connection with: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(". (#4.4.1)\n"); + zerodie(); +} + + +/* TLS error messages: C) Verification related */ + +void temp_tlspeercert() +{ + out("ZUnable to obtain X.509 certificate from: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlspeerverify() +{ + out("ZUnable to verify X.509 certificate from: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlspeervalid() +{ + out("ZUnable to validate X.509 certificate Subject for: "); + outsafe(&host); out(" at "); out(remotehost.s); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlscertfp() +{ + out("ZReceived X.509 certificate from: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(" does not match fingerprint: "); + outsafe(&cafile); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_invaliddigest() +{ + out("ZInvalid digest length provided given for: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlsamissing() +{ + out("ZTLSA X.509 cert required but missing from: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlsainvalid() +{ + out("ZTLSA fingerprint matching error for: "); + out(remotehost.s); + out(". (#4.4.1)\n"); + zerodie(); +} + +void temp_tlsdigest() +{ + out("ZReceived X.509 certificate from: "); + out(remotehost.s); out(" for "); outsafe(&host); + out(" posses an unknown digest method"); + out(". (#4.4.1)\n"); + zerodie(); +} |