next up previous contents index
Next: error_table kdb5 Up: Error tables Previous: Error tables   Contents   Index

error_table krb5

The Kerberos v5 library error code table follows. Protocol error codes are ERROR_TABLE_BASE_krb5 + the protocol error code number. Other error codes start at ERROR_TABLE_BASE_krb5 + 128.

KRB5KDC_ERR_NONE No error
KRB5KDC_ERR_NAME_EXP Client's entry in database has expired
KRB5KDC_ERR_SERVICE_EXP Server's entry in database has expired
KRB5KDC_ERR_BAD_PVNO Requested protocol version not supported
KRB5KDC_ERR_C_OLD_MAST_KVNO Client's key is encrypted in an old master key
KRB5KDC_ERR_S_OLD_MAST_KVNO Server's key is encrypted in an old master key
KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN Client not found in Kerberos database
KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN Server not found in Kerberos database
KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE Principal has multiple entries in Kerberos database
KRB5KDC_ERR_NULL_KEY Client or server has a null key
KRB5KDC_ERR_CANNOT_POSTDATE Ticket is ineligible for postdating
KRB5KDC_ERR_NEVER_VALID Requested effective lifetime is negative or too short
KRB5KDC_ERR_POLICY KDC policy rejects request
KRB5KDC_ERR_BADOPTION KDC can't fulfill requested option
KRB5KDC_ERR_ETYPE_NOSUPP KDC has no support for encryption type
KRB5KDC_ERR_SUMTYPE_NOSUPP KDC has no support for checksum type
KRB5KDC_ERR_PADATA_TYPE_NOSUPP KDC has no support for padata type
KRB5KDC_ERR_TRTYPE_NOSUPP KDC has no support for transited type
KRB5KDC_ERR_CLIENT_REVOKED Clients credentials have been revoked
KRB5KDC_ERR_SERVICE_REVOKED Credentials for server have been revoked
KRB5KDC_ERR_TGT_REVOKED TGT has been revoked
KRB5KDC_ERR_CLIENT_NOTYET Client not yet valid - try again later
KRB5KDC_ERR_SERVICE_NOTYET Server not yet valid - try again later
KRB5KDC_ERR_KEY_EXP Password has expired
KRB5KDC_PREAUTH_FAILED Preauthentication failed
KRB5KDC_ERR_PREAUTH_REQUIRE Additional pre-authentication required
KRB5KDC_ERR_SERVER_NOMATCH Requested server and ticket don't match
error codes 27-30 are currently placeholders

KRB5KRB_AP_ERR_BAD_INTEGRITY Decrypt integrity check failed
KRB5KRB_AP_ERR_TKT_EXPIRED Ticket expired
KRB5KRB_AP_ERR_TKT_NYV Ticket not yet valid
KRB5KRB_AP_ERR_REPEAT Request is a replay
KRB5KRB_AP_ERR_NOT_US The ticket isn't for us
KRB5KRB_AP_ERR_BADMATCH Ticket/authenticator don't match
KRB5KRB_AP_ERR_SKEW Clock skew too great
KRB5KRB_AP_ERR_BADADDR Incorrect net address
KRB5KRB_AP_ERR_BADVERSION Protocol version mismatch
KRB5KRB_AP_ERR_MSG_TYPE Invalid message type
KRB5KRB_AP_ERR_MODIFIED Message stream modified
KRB5KRB_AP_ERR_BADORDER Message out of order
KRB5PLACEHOLD_43 KRB5 error code 43
KRB5KRB_AP_ERR_BADKEYVER Key version is not available
KRB5KRB_AP_ERR_NOKEY Service key not available
KRB5KRB_AP_ERR_MUT_FAIL Mutual authentication failed
KRB5KRB_AP_ERR_BADDIRECTION Incorrect message direction
KRB5KRB_AP_ERR_METHOD Alternative authentication method required
KRB5KRB_AP_ERR_BADSEQ Incorrect sequence number in message
KRB5KRB_AP_ERR_INAPP_CKSUM Inappropriate type of checksum in message
error codes 51-59 are currently placeholders
KRB5KRB_ERR_GENERIC Generic error (see e-text)
KRB5KRB_ERR_FIELD_TOOLONG Field is too long for this implementation
error codes 62-127 are currently placeholders

KRB5_LIBOS_BADLOCKFLAG Invalid flag for file lock mode
KRB5_LIBOS_CANTREADPWD Cannot read password
KRB5_LIBOS_BADPWDMATCH Password mismatch
KRB5_LIBOS_PWDINTR Password read interrupted
KRB5_PARSE_ILLCHAR Illegal character in component name
KRB5_PARSE_MALFORMED Malformed representation of principal
KRB5_CONFIG_CANTOPEN Can't open/find configuration file
KRB5_CONFIG_BADFORMAT Improper format of configuration file
KRB5_CONFIG_NOTENUFSPACE Insufficient space to return complete information
KRB5_BADMSGTYPE Invalid message type specified for encoding
KRB5_CC_BADNAME Credential cache name malformed
KRB5_CC_UNKNOWN_TYPE Unknown credential cache type
KRB5_CC_NOTFOUND Matching credential not found
KRB5_CC_END End of credential cache reached
KRB5_NO_TKT_SUPPLIED Request did not supply a ticket
KRB5KRB_AP_WRONG_PRINC Wrong principal in request
KRB5KRB_AP_ERR_TKT_INVALID Ticket has invalid flag set
KRB5_PRINC_NOMATCH Requested principal and ticket don't match
KRB5_KDCREP_MODIFIED KDC reply did not match expectations
KRB5_KDCREP_SKEW Clock skew too great in KDC reply
KRB5_IN_TKT_REALM_MISMATCH Client/server realm mismatch in initial ticket requst
KRB5_PROG_ETYPE_NOSUPP Program lacks support for encryption type
KRB5_PROG_KEYTYPE_NOSUPP Program lacks support for key type
KRB5_WRONG_ETYPE Requested encryption type not used in message
KRB5_PROG_SUMTYPE_NOSUPP Program lacks support for checksum type
KRB5_REALM_UNKNOWN Cannot find KDC for requested realm
KRB5_SERVICE_UNKNOWN Kerberos service unknown
KRB5_KDC_UNREACH Cannot contact any KDC for requested realm
KRB5_NO_LOCALNAME No local name found for principal name

KRB5_RC_TYPE_EXISTS Replay cache type is already registered
KRB5_RC_MALLOC No more memory to allocate (in replay cache code)
KRB5_RC_TYPE_NOTFOUND Replay cache type is unknown
KRB5_RC_UNKNOWN Generic unknown RC error
KRB5_RC_REPLAY Message is a replay
KRB5_RC_IO Replay I/O operation failed XXX
KRB5_RC_NOIO Replay cache type does not support non-volatile storage
KRB5_RC_PARSE Replay cache name parse/format error
KRB5_RC_IO_EOF End-of-file on replay cache I/O
KRB5_RC_IO_MALLOC No more memory to allocate (in replay cache I/O code)
KRB5_RC_IO_PERM Permission denied in replay cache code
KRB5_RC_IO_IO I/O error in replay cache i/o code
KRB5_RC_IO_UNKNOWN Generic unknown RC/IO error
KRB5_RC_IO_SPACE Insufficient system space to store replay information
KRB5_TRANS_CANTOPEN Can't open/find realm translation file
KRB5_TRANS_BADFORMAT Improper format of realm translation file
KRB5_LNAME_CANTOPEN Can't open/find lname translation database
KRB5_LNAME_NOTRANS No translation available for requested principal
KRB5_LNAME_BADFORMAT Improper format of translation database entry
KRB5_CRYPTO_INTERNAL Cryptosystem internal error
KRB5_KT_BADNAME Key table name malformed
KRB5_KT_UNKNOWN_TYPE Unknown Key table type
KRB5_KT_NOTFOUND Key table entry not found
KRB5_KT_END End of key table reached
KRB5_KT_NOWRITE Cannot write to specified key table
KRB5_KT_IOERR Error writing to key table
KRB5_NO_TKT_IN_RLM Cannot find ticket for requested realm
KRB5DES_BAD_KEYPAR DES key has bad parity
KRB5DES_WEAK_KEY DES key is a weak key
KRB5_BAD_KEYTYPE Keytype is incompatible with encryption type
KRB5_BAD_KEYSIZE Key size is incompatible with encryption type
KRB5_BAD_MSIZE Message size is incompatible with encryption type
KRB5_CC_TYPE_EXISTS Credentials cache type is already registered.
KRB5_KT_TYPE_EXISTS Key table type is already registered.
KRB5_CC_IO Credentials cache I/O operation failed XXX
KRB5_FCC_PERM Credentials cache file permissions incorrect
KRB5_FCC_NOFILE No credentials cache file found
KRB5_FCC_INTERNAL Internal file credentials cache error
KRB5_CC_NOMEM No more memory to allocate (in credentials cache code)

errors for dual TGT library calls
KRB5_INVALID_FLAGS Invalid KDC option combination (library internal error)
KRB5_NO_2ND_TKT Request missing second ticket
KRB5_NOCREDS_SUPPLIED No credentials supplied to library routine

errors for sendauth and recvauth
KRB5_SENDAUTH_BADAUTHVERS Bad sendauth version was sent
KRB5_SENDAUTH_BADAPPLVERS Bad application version was sent (via sendauth)
KRB5_SENDAUTH_BADRESPONSE Bad response (during sendauth exchange)
KRB5_SENDAUTH_REJECTED Server rejected authentication
(during sendauth exchange)
KRB5_SENDAUTH_MUTUAL_FAILED Mutual authentication failed
(during sendauth exchange)

errors for preauthentication
KRB5_PREAUTH_BAD_TYPE Unsupported preauthentication type
KRB5_PREAUTH_NO_KEY Required preauthentication key not supplied
KRB5_PREAUTH_FAILED Generic preauthentication failure

version number errors
KRB5_RCACHE_BADVNO Unsupported replay cache format version number
KRB5_CCACHE_BADVNO Unsupported credentials cache format version number
KRB5_KEYTAB_BADVNO Unsupported key table format version number

other errors
KRB5_PROG_ATYPE_NOSUPP Program lacks support for address type
KRB5_RC_REQUIRED Message replay detection requires
rcache parameter
KRB5_ERR_BAD_HOSTNAME Hostname cannot be canonicalized
KRB5_ERR_HOST_REALM_UNKNOWN Cannot determine realm for host
KRB5_SNAME_UNSUPP_NAMETYPE Conversion to service principal undefined
for name type
KRB5KRB_AP_ERR_V4_REPLY Initial Ticket Response appears to be
Version 4 error
KRB5_REALM_CANT_RESOLVE Cannot resolve KDC for requested realm
KRB5_TKT_NOT_FORWARDABLE Requesting ticket can't get forwardable tickets


next up previous contents index
Next: error_table kdb5 Up: Error tables Previous: Error tables   Contents   Index
Autobuild 2006-06-16