#include "tls_errors.h"

#include <unistd.h>

#include "error.h"
#include "stralloc.h"

/**
  @file tls_errors.c
  @brief temp_tls* routines are used for error messges
*/

/* TLS error messages: A) Setup */

void temp_tlscert()
{
  out("ZCan't load X.509 certificate: ");
  outsafe(&certfile);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlskey()
{
  out("ZCan't load X.509 private key: ");
  outsafe(&keyfile);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlschk()
{
  out("ZKeyfile does not match X.509 certificate: ");
  outsafe(&keypwd);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlsca()
{
  out("ZI wasn't able to set up CAFILE: ");
  outsafe(&cafile);
  out(" or CADIR: ");
  outsafe(&cadir);
  out(" for TLS. (#4.4.1)\n");
  zerodie();
}

void temp_tlscipher()
{
  out("ZI wasn't able to process the TLS ciphers: ");
  outsafe(&ciphers);
  out(" (#4.4.1)\n");
  zerodie();
}

/* TLS error messages: B) Connection related */

void temp_tlsctx()
{
  out("ZI wasn't able to create TLS context for: ");
  outsafe(&host);
  out(" at ");
  out(remotehost.s);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlscon()
{
  errno = EPROTO;
  out("ZI wasn't able to establish a TLS connection with: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlserr()
{
  errno = EPROTO;
  out("ZTLS connection/protocol error with: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlshost()
{
  out("ZI wasn't able to negotiate a StartTLS connection with: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(". (#4.4.1)\n");
  zerodie();
}


/* TLS error messages: C) Verification related */

void temp_tlspeercert()
{
  out("ZUnable to obtain X.509 certificate from: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlspeerverify()
{
  out("ZUnable to verify X.509 certificate from: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlspeervalid()
{
  out("ZUnable to validate X.509 certificate Subject for: ");
  outsafe(&host);
  out(" at ");
  out(remotehost.s);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlscertfp()
{
  out("ZReceived X.509 certificate from: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(" does not match fingerprint: ");
  outsafe(&cafile);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_invaliddigest()
{
  out("ZInvalid digest length provided given for: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlsamissing()
{
  out("ZTLSA X.509 cert required but missing from: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlsainvalid()
{
  out("ZTLSA fingerprint matching error for: ");
  out(remotehost.s);
  out(". (#4.4.1)\n");
  zerodie();
}

void temp_tlsdigest()
{
  out("ZReceived X.509 certificate from: ");
  out(remotehost.s);
  out(" for ");
  outsafe(&host);
  out(" posses an unknown digest method");
  out(". (#4.4.1)\n");
  zerodie();
}