blob: 5c302365fef7859f4c396f21924efae2b070d533 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
|
#include <unistd.h>
#include "stralloc.h"
#include "tls_errors.h"
#include "error.h"
/** @file tls_errors.c
@brief temp_tls* routines are used for error messges
*/
/* TLS error messages: A) Setup */
void temp_tlscert()
{
out("ZCan't load X.509 certificate: ");
outsafe(&certfile);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlskey()
{
out("ZCan't load X.509 private key: ");
outsafe(&keyfile);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlschk()
{
out("ZKeyfile does not match X.509 certificate: ");
outsafe(&keypwd);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlsca()
{
out("ZI wasn't able to set up CAFILE: ");
outsafe(&cafile);
out(" or CADIR: ");
outsafe(&cadir);
out(" for TLS. (#4.4.1)\n");
zerodie();
}
void temp_tlscipher()
{
out("ZI wasn't able to process the TLS ciphers: ");
outsafe(&ciphers);
out(" (#4.4.1)\n");
zerodie();
}
/* TLS error messages: B) Connection related */
void temp_tlsctx()
{
out("ZI wasn't able to create TLS context for: ");
outsafe(&host); out(" at "); out(remotehost.s);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlscon()
{
errno = EPROTO;
out("ZI wasn't able to establish a TLS connection with: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlserr()
{
errno = EPROTO;
out("ZTLS connection/protocol error with: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlshost()
{
out("ZI wasn't able to negotiate a StartTLS connection with: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(". (#4.4.1)\n");
zerodie();
}
/* TLS error messages: C) Verification related */
void temp_tlspeercert()
{
out("ZUnable to obtain X.509 certificate from: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlspeerverify()
{
out("ZUnable to verify X.509 certificate from: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlspeervalid()
{
out("ZUnable to validate X.509 certificate Subject for: ");
outsafe(&host); out(" at "); out(remotehost.s);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlscertfp()
{
out("ZReceived X.509 certificate from: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(" does not match fingerprint: ");
outsafe(&cafile);
out(". (#4.4.1)\n");
zerodie();
}
void temp_invaliddigest()
{
out("ZInvalid digest length provided given for: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlsamissing()
{
out("ZTLSA X.509 cert required but missing from: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlsainvalid()
{
out("ZTLSA fingerprint matching error for: ");
out(remotehost.s);
out(". (#4.4.1)\n");
zerodie();
}
void temp_tlsdigest()
{
out("ZReceived X.509 certificate from: ");
out(remotehost.s); out(" for "); outsafe(&host);
out(" posses an unknown digest method");
out(". (#4.4.1)\n");
zerodie();
}
|
