GSS-API Major Status Code Values
The following tables list the calling errors that are returned by GSS-API. These errors are specific to a particular language-binding, which is C in this case.
Table B–1 GSS-API Calling Errors|
Error |
Value in Field |
Meaning |
|---|---|---|
|
GSS_S_CALL_INACCESSIBLE_READ |
1 |
An input parameter that is required could not be read |
|
GSS_S_CALL_INACCESSIBLE_WRITE |
2 |
A required output parameter could not be written |
|
GSS_S_CALL_BAD_STRUCTURE |
3 |
A parameter was malformed |
The following table lists the GSS-API routine errors, generic errors that are returned by GSS-API functions.
Table B–2 GSS-API Routine Errors|
Error |
Value in Field |
Meaning |
|---|---|---|
|
GSS_S_BAD_MECH |
1 |
An unsupported mechanism was requested. |
|
GSS_S_BAD_NAME |
2 |
An invalid name was supplied. |
|
GSS_S_BAD_NAMETYPE |
3 |
A supplied name was of an unsupported type. |
|
GSS_S_BAD_BINDINGS |
4 |
Incorrect channel bindings were supplied. |
|
GSS_S_BAD_STATUS |
5 |
An invalid status code was supplied. |
|
GSS_S_BAD_MIC, GSS_S_BAD_SIG |
6 |
A token had an invalid MIC. |
|
GSS_S_NO_CRED |
7 |
The credentials were unavailable, inaccessible, or not supplied. |
|
GSS_S_NO_CONTEXT |
8 |
No context has been established. |
|
GSS_S_DEFECTIVE_TOKEN |
9 |
A token was invalid. |
|
GSS_S_DEFECTIVE_CREDENTIAL |
10 |
A credential was invalid. |
|
GSS_S_CREDENTIALS_EXPIRED |
11 |
The referenced credentials have expired. |
|
GSS_S_CONTEXT_EXPIRED |
12 |
The context has expired. |
|
GSS_S_FAILURE |
13 |
Miscellaneous failure. The underlying mechanism detected an error for which no specific GSS–API status code is defined. The mechanism-specific status code, that is, the minor-status code, provides more details about the error. |
|
GSS_S_BAD_QOP |
14 |
The quality-of-protection that was requested could not be provided. |
|
GSS_S_UNAUTHORIZED |
15 |
The operation is forbidden by local security policy. |
|
GSS_S_UNAVAILABLE |
16 |
The operation or option is unavailable. |
|
GSS_S_DUPLICATE_ELEMENT |
17 |
The requested credential element already exists. |
|
GSS_S_NAME_NOT_MN |
18 |
The provided name was not a mechanism name (MN). |
The name GSS_S_COMPLETE, which is a zero value, indicates an absence of any API errors or supplementary information bits.
The following table lists the supplementary information values returned by GSS-API functions.
Table B–3 GSS-API Supplementary Information Codes|
Code |
Bit Number |
Meaning |
|---|---|---|
|
GSS_S_CONTINUE_NEEDED |
0 (LSB) |
Returned only by gss_init_sec_context() or gss_accept_sec_context(). The routine must be called again to complete its function. |
|
GSS_S_DUPLICATE_TOKEN |
1 |
The token was a duplicate of an earlier token. |
|
GSS_S_OLD_TOKEN |
2 |
The token's validity period has expired. |
|
GSS_S_UNSEQ_TOKEN |
3 |
A later token has already been processed. |
|
GSS_S_GAP_TOKEN |
4 |
An expected per-message token was not received. |
For more on status codes, see GSS-API Status Codes.
- © 2010, Oracle Corporation and/or its affiliates