Most functions in `Libgsasl' are returning an error if they fail. For this reason, the application should always catch the error condition and take appropriate measures, for example by releasing the resources and passing the error up to the caller, or by displaying a descriptive message to the user and cancelling the operation.
Some error values do not indicate a system error or an error in the operation, but the result of an operation that failed properly.
Errors are returned as an int. Except for the OK case an application should always use the constants instead of their numeric value. Applications are encouraged to use the constants even for OK as it improves readability. Possible values are:
This value indicates success. The value of this error is guaranteed to always be 0 so you may use it in boolean constructs.
SASL mechanisms needs more data
Unknown SASL mechanism
SASL mechanism called too many times
SASL function need larger buffer (internal error)
Could not open file in SASL library
Could not close file in SASL library
Memory allocation error in SASL library
Base 64 coding error in SASL library
Gcrypt error in SASL library
GSSAPI library could not deallocate memory in gss_release_buffer() in SASL library. This is a serious internal error.
GSSAPI library could not understand a peer name in gss_import_name() in SASL library. This may be due to incorrect user supplied data.
GSSAPI error in client while negotiating security context in gss_init_sec_context() in SASL library. This is most likely due insufficient credentials or malicious interactions.
GSSAPI error in server while negotiating security context in gss_init_sec_context() in SASL library. This is most likely due insufficient credentials or malicious interactions.
GSSAPI error while decrypting or decoding data in gss_unwrap() in SASL library. This is most likely due to data corruption.
GSSAPI error while encrypting or encoding data in gss_wrap() in SASL library.
GSSAPI error acquiring credentials in gss_acquire_cred() in SASL library. This is most likely due to not having the proper Kerberos key available in /etc/krb5.keytab on the server.
GSSAPI error creating a display name denoting the client in gss_display_name() in SASL library. This is probably because the client suplied bad data.
Other entity requested integrity or confidentiality protection in GSSAPI mechanism but this is currently not implemented.
SASL mechanism needs gsasl_client_callback_anonymous() callback (application error)
SASL mechanism needs gsasl_client_callback_password() callback (application error)
SASL mechanism needs gsasl_client_callback_passcode() callback (application error)
SASL mechanism needs gsasl_client_callback_pin() callback (application error)
SASL mechanism needs gsasl_client_callback_authorization_id() callback (application error)
SASL mechanism needs gsasl_client_callback_authentication_id() callback (application error)
SASL mechanism needs gsasl_client_callback_service() callback (application error)
SASL mechanism needs gsasl_server_callback_validate() callback (application error)
SASL mechanism needs gsasl_server_callback_cram_md5() callback (application error)
SASL mechanism needs gsasl_server_callback_digest_md5() callback (application error)
SASL mechanism needs gsasl_server_callback_anonymous() callback (application error)
SASL mechanism needs gsasl_server_callback_external() callback (application error)
SASL mechanism needs gsasl_server_callback_realm() callback (application error)
SASL mechanism needs gsasl_server_callback_securid() callback (application error)
SASL mechanism needs gsasl_server_callback_service() callback (application error)
SASL mechanism needs gsasl_server_callback_gssapi() callback (application error)
SASL mechanism needs gsasl_server_callback_retrieve() callback (application error)
SASL mechanism could not parse input
Error authentication user
Cannot get internal library handle (library error)
Integrity error in application payload
No more realms available (non-fatal)
Client-side functionality not available in library (application error)
Server-side functionality not available in library (application error)
The provided library handle was invalid (application error)