1 /* 2 * 3 * Copyright 2020 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 #ifndef GRPC_CORE_EXT_TRANSPORT_CRONET_TRANSPORT_CRONET_STATUS_H 20 #define GRPC_CORE_EXT_TRANSPORT_CRONET_TRANSPORT_CRONET_STATUS_H 21 22 #include <grpc/support/port_platform.h> 23 24 #include <grpc/status.h> 25 26 enum cronet_net_error_code { 27 // 28 // Ranges: 29 // 0- 99 System related errors 30 // 100-199 Connection related errors 31 // 200-299 Certificate errors 32 // 300-399 HTTP errors 33 // 400-499 Cache errors 34 // 500-599 ? 35 // 600-699 FTP errors 36 // 700-799 Certificate manager errors 37 // 800-899 DNS resolver errors 38 39 // An asynchronous IO operation is not yet complete. This usually does not 40 // indicate a fatal error. Typically this error will be generated as a 41 // notification to wait for some external notification that the IO operation 42 // finally completed. 43 OK = 0, 44 CRONET_NET_ERROR_IO_PENDING = -1, 45 46 // A generic failure occurred. 47 CRONET_NET_ERROR_FAILED = -2, 48 49 // An operation was aborted (due to user action,. 50 CRONET_NET_ERROR_ABORTED = -3, 51 52 // An argument to the function is incorrect. 53 CRONET_NET_ERROR_INVALID_ARGUMENT = -4, 54 55 // The handle or file descriptor is invalid. 56 CRONET_NET_ERROR_INVALID_HANDLE = -5, 57 58 // The file or directory cannot be found. 59 CRONET_NET_ERROR_FILE_NOT_FOUND = -6, 60 61 // An operation timed out. 62 CRONET_NET_ERROR_TIMED_OUT = -7, 63 64 // The file is too large. 65 CRONET_NET_ERROR_FILE_TOO_BIG = -8, 66 67 // An unexpected error. This may be caused by a programming mistake or an 68 // invalid assumption. 69 CRONET_NET_ERROR_UNEXPECTED = -9, 70 71 // Permission to access a resource = other than the network = was denied. 72 CRONET_NET_ERROR_ACCESS_DENIED = -10, 73 74 // The operation failed because of unimplemented functionality. 75 CRONET_NET_ERROR_NOT_IMPLEMENTED = -11, 76 77 // There were not enough resources to complete the operation. 78 CRONET_NET_ERROR_INSUFFICIENT_RESOURCES = -12, 79 80 // Memory allocation failed. 81 CRONET_NET_ERROR_OUT_OF_MEMORY = -13, 82 83 // The file upload failed because the file's modification time was different 84 // from the expectation. 85 CRONET_NET_ERROR_UPLOAD_FILE_CHANGED = -14, 86 87 // The socket is not connected. 88 CRONET_NET_ERROR_SOCKET_NOT_CONNECTED = -15, 89 90 // The file already exists. 91 CRONET_NET_ERROR_FILE_EXISTS = -16, 92 93 // The path or file name is too long. 94 CRONET_NET_ERROR_FILE_PATH_TOO_LONG = -17, 95 96 // Not enough room left on the disk. 97 CRONET_NET_ERROR_FILE_NO_SPACE = -18, 98 99 // The file has a virus. 100 CRONET_NET_ERROR_FILE_VIRUS_INFECTED = -19, 101 102 // The client chose to block the request. 103 CRONET_NET_ERROR_BLOCKED_BY_CLIENT = -20, 104 105 // The network changed. 106 CRONET_NET_ERROR_NETWORK_CHANGED = -21, 107 108 // The request was blocked by the URL block list configured by the domain 109 // administrator. 110 CRONET_NET_ERROR_BLOCKED_BY_ADMINISTRATOR = -22, 111 112 // The socket is already connected. 113 CRONET_NET_ERROR_SOCKET_IS_CONNECTED = -23, 114 115 // The request was blocked because the forced reenrollment check is still 116 // pending. This error can only occur on ChromeOS. 117 // The error can be emitted by code in 118 // chrome/browser/policy/policy_helpers.cc. 119 CRONET_NET_ERROR_BLOCKED_ENROLLMENT_CHECK_PENDING = -24, 120 121 // The upload failed because the upload stream needed to be re-read = due to a 122 // retry or a redirect = but the upload stream doesn't support that operation. 123 CRONET_NET_ERROR_UPLOAD_STREAM_REWIND_NOT_SUPPORTED = -25, 124 125 // The request failed because the URLRequestContext is shutting down = or has 126 // been shut down. 127 CRONET_NET_ERROR_CONTEXT_SHUT_DOWN = -26, 128 129 // The request failed because the response was delivered along with 130 // requirements 131 // which are not met ('X-Frame-Options' and 'Content-Security-Policy' ancestor 132 // checks and 'Cross-Origin-Resource-Policy' = for instance,. 133 CRONET_NET_ERROR_BLOCKED_BY_RESPONSE = -27, 134 135 // Error -28 was removed (BLOCKED_BY_XSS_AUDITOR,. 136 137 // The request was blocked by system policy disallowing some or all cleartext 138 // requests. Used for NetworkSecurityPolicy on Android. 139 CRONET_NET_ERROR_CLEARTEXT_NOT_PERMITTED = -29, 140 141 // The request was blocked by a Content Security Policy 142 CRONET_NET_ERROR_BLOCKED_BY_CSP = -30, 143 144 // The request was blocked because of no H/2 or QUIC session. 145 CRONET_NET_ERROR_H2_OR_QUIC_REQUIRED = -31, 146 147 // The request was blocked because it is a private network request coming from 148 // an insecure context in a less private IP address space. This is used to 149 // enforce CORS-RFC1918: https: //wicg.github.io/cors-rfc1918. 150 CRONET_NET_ERROR_INSECURE_PRIVATE_NETWORK_REQUEST = -32, 151 152 // A connection was closed (corresponding to a TCP FIN,. 153 CRONET_NET_ERROR_CONNECTION_CLOSED = -100, 154 155 // A connection was reset (corresponding to a TCP RST,. 156 CRONET_NET_ERROR_CONNECTION_RESET = -101, 157 158 // A connection attempt was refused. 159 CRONET_NET_ERROR_CONNECTION_REFUSED = -102, 160 161 // A connection timed out as a result of not receiving an ACK for data sent. 162 // This can include a FIN packet that did not get ACK'd. 163 CRONET_NET_ERROR_CONNECTION_ABORTED = -103, 164 165 // A connection attempt failed. 166 CRONET_NET_ERROR_CONNECTION_FAILED = -104, 167 168 // The host name could not be resolved. 169 CRONET_NET_ERROR_NAME_NOT_RESOLVED = -105, 170 171 // The Internet connection has been lost. 172 CRONET_NET_ERROR_INTERNET_DISCONNECTED = -106, 173 174 // An SSL protocol error occurred. 175 CRONET_NET_ERROR_SSL_PROTOCOL_ERROR = -107, 176 177 // The IP address or port number is invalid (e.g. = cannot connect to the IP 178 // address 0 or the port 0,. 179 CRONET_NET_ERROR_ADDRESS_INVALID = -108, 180 181 // The IP address is unreachable. This usually means that there is no route 182 // to 183 // the specified host or network. 184 CRONET_NET_ERROR_ADDRESS_UNREACHABLE = -109, 185 186 // The server requested a client certificate for SSL client authentication. 187 CRONET_NET_ERROR_SSL_CLIENT_AUTH_CERT_NEEDED = -110, 188 189 // A tunnel connection through the proxy could not be established. 190 CRONET_NET_ERROR_TUNNEL_CONNECTION_FAILED = -111, 191 192 // No SSL protocol versions are enabled. 193 CRONET_NET_ERROR_NO_SSL_VERSIONS_ENABLED = -112, 194 195 // The client and server don't support a common SSL protocol version or 196 // cipher suite. 197 CRONET_NET_ERROR_SSL_VERSION_OR_CIPHER_MISMATCH = -113, 198 199 // The server requested a renegotiation (rehandshake,. 200 CRONET_NET_ERROR_SSL_RENEGOTIATION_REQUESTED = -114, 201 202 // The proxy requested authentication (for tunnel establishment, with an 203 // unsupported method. 204 CRONET_NET_ERROR_PROXY_AUTH_UNSUPPORTED = -115, 205 206 // During SSL renegotiation (rehandshake, = the server sent a certificate with 207 // an error. 208 // 209 // Note: this error is not in the -2xx range so that it won't be handled as a 210 // certificate error. 211 CRONET_NET_ERROR_CERT_ERROR_IN_SSL_RENEGOTIATION = -116, 212 213 // The SSL handshake failed because of a bad or missing client certificate. 214 CRONET_NET_ERROR_BAD_SSL_CLIENT_AUTH_CERT = -117, 215 216 // A connection attempt timed out. 217 CRONET_NET_ERROR_CONNECTION_TIMED_OUT = -118, 218 219 // There are too many pending DNS resolves = so a request in the queue was 220 // aborted. 221 CRONET_NET_ERROR_HOST_RESOLVER_QUEUE_TOO_LARGE = -119, 222 223 // Failed establishing a connection to the SOCKS proxy server for a target 224 // host. 225 CRONET_NET_ERROR_SOCKS_CONNECTION_FAILED = -120, 226 227 // The SOCKS proxy server failed establishing connection to the target host 228 // because that host is unreachable. 229 CRONET_NET_ERROR_SOCKS_CONNECTION_HOST_UNREACHABLE = -121, 230 231 // The request to negotiate an alternate protocol failed. 232 CRONET_NET_ERROR_ALPN_NEGOTIATION_FAILED = -122, 233 234 // The peer sent an SSL no_renegotiation alert message. 235 CRONET_NET_ERROR_SSL_NO_RENEGOTIATION = -123, 236 237 // Winsock sometimes reports more data written than passed. This is probably 238 // due to a broken LSP. 239 CRONET_NET_ERROR_WINSOCK_UNEXPECTED_WRITTEN_BYTES = -124, 240 241 // An SSL peer sent us a fatal decompression_failure alert. This typically 242 // occurs when a peer selects DEFLATE compression in the mistaken belief that 243 // it supports it. 244 CRONET_NET_ERROR_SSL_DECOMPRESSION_FAILURE_ALERT = -125, 245 246 // An SSL peer sent us a fatal bad_record_mac alert. This has been observed 247 // from servers with buggy DEFLATE support. 248 CRONET_NET_ERROR_SSL_BAD_RECORD_MAC_ALERT = -126, 249 250 // The proxy requested authentication (for tunnel establishment,. 251 CRONET_NET_ERROR_PROXY_AUTH_REQUESTED = -127, 252 253 // Error -129 was removed (SSL_WEAK_SERVER_EPHEMERAL_DH_KEY,. 254 255 // Could not create a connection to the proxy server. An error occurred 256 // either in resolving its name = or in connecting a socket to it. 257 // Note that this does NOT include failures during the actual "CONNECT" method 258 // of an HTTP proxy. 259 CRONET_NET_ERROR_PROXY_CONNECTION_FAILED = -130, 260 261 // A mandatory proxy configuration could not be used. Currently this means 262 // that a mandatory PAC script could not be fetched = parsed or executed. 263 CRONET_NET_ERROR_MANDATORY_PROXY_CONFIGURATION_FAILED = -131, 264 265 // -132 was formerly ERR_ESET_ANTI_VIRUS_SSL_INTERCEPTION 266 267 // We've hit the max socket limit for the socket pool while preconnecting. We 268 // don't bother trying to preconnect more sockets. 269 CRONET_NET_ERROR_PRECONNECT_MAX_SOCKET_LIMIT = -133, 270 271 // The permission to use the SSL client certificate's private key was denied. 272 CRONET_NET_ERROR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED = -134, 273 274 // The SSL client certificate has no private key. 275 CRONET_NET_ERROR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY = -135, 276 277 // The certificate presented by the HTTPS Proxy was invalid. 278 CRONET_NET_ERROR_PROXY_CERTIFICATE_INVALID = -136, 279 280 // An error occurred when trying to do a name resolution (DNS,. 281 CRONET_NET_ERROR_NAME_RESOLUTION_FAILED = -137, 282 283 // Permission to access the network was denied. This is used to distinguish 284 // errors that were most likely caused by a firewall from other access denied 285 // errors. See also ERR_ACCESS_DENIED. 286 CRONET_NET_ERROR_NETWORK_ACCESS_DENIED = -138, 287 288 // The request throttler module cancelled this request to avoid DDOS. 289 CRONET_NET_ERROR_TEMPORARILY_THROTTLED = -139, 290 291 // A request to create an SSL tunnel connection through the HTTPS proxy 292 // received a 302 (temporary redirect, response. The response body might 293 // include a description of why the request failed. 294 // 295 // TODO(crbug.com/928551): This is deprecated and should not be used 296 // by new code. 297 CRONET_NET_ERROR_HTTPS_PROXY_TUNNEL_RESPONSE_REDIRECT = -140, 298 299 // We were unable to sign the CertificateVerify data of an SSL client auth 300 // handshake with the client certificate's private key. 301 // 302 // Possible causes for this include the user implicitly or explicitly 303 // denying access to the private key = the private key may not be valid for 304 // signing = the key may be relying on a cached handle which is no longer 305 // valid = or the CSP won't allow arbitrary data to be signed. 306 CRONET_NET_ERROR_SSL_CLIENT_AUTH_SIGNATURE_FAILED = -141, 307 308 // The message was too large for the transport. (for example a UDP message 309 // which exceeds size threshold,. 310 CRONET_NET_ERROR_MSG_TOO_BIG = -142, 311 312 // Error -143 was removed (SPDY_SESSION_ALREADY_EXISTS, 313 314 // Error -144 was removed (LIMIT_VIOLATION,. 315 316 // Websocket protocol error. Indicates that we are terminating the connection 317 // due to a malformed frame or other protocol violation. 318 CRONET_NET_ERROR_WS_PROTOCOL_ERROR = -145, 319 320 // Error -146 was removed (PROTOCOL_SWITCHED, 321 322 // Returned when attempting to bind an address that is already in use. 323 CRONET_NET_ERROR_ADDRESS_IN_USE = -147, 324 325 // An operation failed because the SSL handshake has not completed. 326 CRONET_NET_ERROR_SSL_HANDSHAKE_NOT_COMPLETED = -148, 327 328 // SSL peer's public key is invalid. 329 CRONET_NET_ERROR_SSL_BAD_PEER_PUBLIC_KEY = -149, 330 331 // The certificate didn't match the built-in public key pins for the host 332 // name. 333 // The pins are set in net/http/transport_security_state.cc and require that 334 // one of a set of public keys exist on the path from the leaf to the root. 335 CRONET_NET_ERROR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN = -150, 336 337 // Server request for client certificate did not contain any types we support. 338 CRONET_NET_ERROR_CLIENT_AUTH_CERT_TYPE_UNSUPPORTED = -151, 339 340 // Error -152 was removed (ORIGIN_BOUND_CERT_GENERATION_TYPE_MISMATCH, 341 342 // An SSL peer sent us a fatal decrypt_error alert. This typically occurs when 343 // a peer could not correctly verify a signature (in CertificateVerify or 344 // ServerKeyExchange, or validate a Finished message. 345 CRONET_NET_ERROR_SSL_DECRYPT_ERROR_ALERT = -153, 346 347 // There are too many pending WebSocketJob instances = so the new job was not 348 // pushed to the queue. 349 CRONET_NET_ERROR_WS_THROTTLE_QUEUE_TOO_LARGE = -154, 350 351 // Error -155 was removed (TOO_MANY_SOCKET_STREAMS, 352 353 // The SSL server certificate changed in a renegotiation. 354 CRONET_NET_ERROR_SSL_SERVER_CERT_CHANGED = -156, 355 356 // Error -157 was removed (SSL_INAPPROPRIATE_FALLBACK,. 357 358 // Error -158 was removed (CT_NO_SCTS_VERIFIED_OK,. 359 360 // The SSL server sent us a fatal unrecognized_name alert. 361 CRONET_NET_ERROR_SSL_UNRECOGNIZED_NAME_ALERT = -159, 362 363 // Failed to set the socket's receive buffer size as requested. 364 CRONET_NET_ERROR_SOCKET_SET_RECEIVE_BUFFER_SIZE_ERROR = -160, 365 366 // Failed to set the socket's send buffer size as requested. 367 CRONET_NET_ERROR_SOCKET_SET_SEND_BUFFER_SIZE_ERROR = -161, 368 369 // Failed to set the socket's receive buffer size as requested = despite 370 // success 371 // return code from setsockopt. 372 CRONET_NET_ERROR_SOCKET_RECEIVE_BUFFER_SIZE_UNCHANGEABLE = -162, 373 374 // Failed to set the socket's send buffer size as requested = despite success 375 // return code from setsockopt. 376 CRONET_NET_ERROR_SOCKET_SEND_BUFFER_SIZE_UNCHANGEABLE = -163, 377 378 // Failed to import a client certificate from the platform store into the SSL 379 // library. 380 CRONET_NET_ERROR_SSL_CLIENT_AUTH_CERT_BAD_FORMAT = -164, 381 382 // Error -165 was removed (SSL_FALLBACK_BEYOND_MINIMUM_VERSION,. 383 384 // Resolving a hostname to an IP address list included the IPv4 address 385 // "127.0.53.53". This is a special IP address which ICANN has recommended to 386 // indicate there was a name collision = and alert admins to a potential 387 // problem. 388 CRONET_NET_ERROR_ICANN_NAME_COLLISION = -166, 389 390 // The SSL server presented a certificate which could not be decoded. This is 391 // not a certificate error code as no X509Certificate object is available. 392 // This 393 // error is fatal. 394 CRONET_NET_ERROR_SSL_SERVER_CERT_BAD_FORMAT = -167, 395 396 // Certificate Transparency: Received a signed tree head that failed to parse. 397 CRONET_NET_ERROR_CT_STH_PARSING_FAILED = -168, 398 399 // Certificate Transparency: Received a signed tree head whose JSON parsing 400 // was 401 // OK but was missing some of the fields. 402 CRONET_NET_ERROR_CT_STH_INCOMPLETE = -169, 403 404 // The attempt to reuse a connection to send proxy auth credentials failed 405 // before the AuthController was used to generate credentials. The caller 406 // should 407 // reuse the controller with a new connection. This error is only used 408 // internally by the network stack. 409 CRONET_NET_ERROR_UNABLE_TO_REUSE_CONNECTION_FOR_PROXY_AUTH = -170, 410 411 // Certificate Transparency: Failed to parse the received consistency proof. 412 CRONET_NET_ERROR_CT_CONSISTENCY_PROOF_PARSING_FAILED = -171, 413 414 // The SSL server required an unsupported cipher suite that has since been 415 // removed. This error will temporarily be signaled on a fallback for one or 416 // two 417 // releases immediately following a cipher suite's removal = after which the 418 // fallback will be removed. 419 CRONET_NET_ERROR_SSL_OBSOLETE_CIPHER = -172, 420 421 // When a WebSocket handshake is done successfully and the connection has been 422 // upgraded = the URLRequest is cancelled with this error code. 423 CRONET_NET_ERROR_WS_UPGRADE = -173, 424 425 // Socket ReadIfReady support is not implemented. This error should not be 426 // user 427 // visible = because the normal Read(, method is used as a fallback. 428 CRONET_NET_ERROR_READ_IF_READY_NOT_IMPLEMENTED = -174, 429 430 // Error -175 was removed (SSL_VERSION_INTERFERENCE,. 431 432 // No socket buffer space is available. 433 CRONET_NET_ERROR_NO_BUFFER_SPACE = -176, 434 435 // There were no common signature algorithms between our client certificate 436 // private key and the server's preferences. 437 CRONET_NET_ERROR_SSL_CLIENT_AUTH_NO_COMMON_ALGORITHMS = -177, 438 439 // TLS 1.3 early data was rejected by the server. This will be received before 440 // any data is returned from the socket. The request should be retried with 441 // early data disabled. 442 CRONET_NET_ERROR_EARLY_DATA_REJECTED = -178, 443 444 // TLS 1.3 early data was offered = but the server responded with TLS 1.2 or 445 // earlier. This is an internal error code to account for a 446 // backwards-compatibility issue with early data and TLS 1.2. It will be 447 // received before any data is returned from the socket. The request should be 448 // retried with early data disabled. 449 // 450 // See https: //tools.ietf.org/html/rfc8446#appendix-D.3 for details. 451 CRONET_NET_ERROR_WRONG_VERSION_ON_EARLY_DATA = -179, 452 453 // TLS 1.3 was enabled = but a lower version was negotiated and the server 454 // returned a value indicating it supported TLS 1.3. This is part of a 455 // security 456 // check in TLS 1.3 = but it may also indicate the user is behind a buggy 457 // TLS-terminating proxy which implemented TLS 1.2 incorrectly. (See 458 // https: //crbug.com/boringssl/226., 459 CRONET_NET_ERROR_TLS13_DOWNGRADE_DETECTED = -180, 460 461 // The server's certificate has a keyUsage extension incompatible with the 462 // negotiated TLS key exchange method. 463 CRONET_NET_ERROR_SSL_KEY_USAGE_INCOMPATIBLE = -181, 464 465 // Certificate error codes 466 // 467 // The values of certificate error codes must be consecutive. 468 469 // The server responded with a certificate whose common name did not match 470 // the host name. This could mean: 471 // 472 // 1. An attacker has redirected our traffic to their server and is 473 // presenting a certificate for which they know the private key. 474 // 475 // 2. The server is misconfigured and responding with the wrong cert. 476 // 477 // 3. The user is on a wireless network and is being redirected to the 478 // network's login page. 479 // 480 // 4. The OS has used a DNS search suffix and the server doesn't have 481 // a certificate for the abbreviated name in the address bar. 482 // 483 CRONET_NET_ERROR_CERT_COMMON_NAME_INVALID = -200, 484 485 // The server responded with a certificate that = by our clock = appears to 486 // either not yet be valid or to have expired. This could mean: 487 // 488 // 1. An attacker is presenting an old certificate for which they have 489 // managed to obtain the private key. 490 // 491 // 2. The server is misconfigured and is not presenting a valid cert. 492 // 493 // 3. Our clock is wrong. 494 // 495 CRONET_NET_ERROR_CERT_DATE_INVALID = -201, 496 497 // The server responded with a certificate that is signed by an authority 498 // we don't trust. The could mean: 499 // 500 // 1. An attacker has substituted the real certificate for a cert that 501 // contains their public key and is signed by their cousin. 502 // 503 // 2. The server operator has a legitimate certificate from a CA we don't 504 // know about = but should trust. 505 // 506 // 3. The server is presenting a self-signed certificate = providing no 507 // defense against active attackers (but foiling passive attackers,. 508 // 509 CRONET_NET_ERROR_CERT_AUTHORITY_INVALID = -202, 510 511 // The server responded with a certificate that contains errors. 512 // This error is not recoverable. 513 // 514 // MSDN describes this error as follows: 515 // "The SSL certificate contains errors." 516 // NOTE: It's unclear how this differs from ERR_CERT_INVALID. For consistency 517 // = 518 // use that code instead of this one from now on. 519 // 520 CRONET_NET_ERROR_CERT_CONTAINS_ERRORS = -203, 521 522 // The certificate has no mechanism for determining if it is revoked. In 523 // effect = this certificate cannot be revoked. 524 CRONET_NET_ERROR_CERT_NO_REVOCATION_MECHANISM = -204, 525 526 // Revocation information for the security certificate for this site is not 527 // available. This could mean: 528 // 529 // 1. An attacker has compromised the private key in the certificate and is 530 // blocking our attempt to find out that the cert was revoked. 531 // 532 // 2. The certificate is unrevoked = but the revocation server is busy or 533 // unavailable. 534 // 535 CRONET_NET_ERROR_CERT_UNABLE_TO_CHECK_REVOCATION = -205, 536 537 // The server responded with a certificate has been revoked. 538 // We have the capability to ignore this error = but it is probably not the 539 // thing to do. 540 CRONET_NET_ERROR_CERT_REVOKED = -206, 541 542 // The server responded with a certificate that is invalid. 543 // This error is not recoverable. 544 // 545 // MSDN describes this error as follows: 546 // "The SSL certificate is invalid." 547 // 548 CRONET_NET_ERROR_CERT_INVALID = -207, 549 550 // The server responded with a certificate that is signed using a weak 551 // signature algorithm. 552 CRONET_NET_ERROR_CERT_WEAK_SIGNATURE_ALGORITHM = -208, 553 554 // -209 is available: was CERT_NOT_IN_DNS. 555 556 // The host name specified in the certificate is not unique. 557 CRONET_NET_ERROR_CERT_NON_UNIQUE_NAME = -210, 558 559 // The server responded with a certificate that contains a weak key (e.g. 560 // a too-small RSA key,. 561 CRONET_NET_ERROR_CERT_WEAK_KEY = -211, 562 563 // The certificate claimed DNS names that are in violation of name 564 // constraints. 565 CRONET_NET_ERROR_CERT_NAME_CONSTRAINT_VIOLATION = -212, 566 567 // The certificate's validity period is too long. 568 CRONET_NET_ERROR_CERT_VALIDITY_TOO_LONG = -213, 569 570 // Certificate Transparency was required for this connection = but the server 571 // did not provide CT information that complied with the policy. 572 CRONET_NET_ERROR_CERTIFICATE_TRANSPARENCY_REQUIRED = -214, 573 574 // The certificate chained to a legacy Symantec root that is no longer 575 // trusted. 576 // https: //g.co/chrome/symantecpkicerts 577 CRONET_NET_ERROR_CERT_SYMANTEC_LEGACY = -215, 578 579 // -216 was QUIC_CERT_ROOT_NOT_KNOWN which has been renumbered to not be in 580 // the 581 // certificate error range. 582 583 // The certificate is known to be used for interception by an entity other 584 // the device owner. 585 CRONET_NET_ERROR_CERT_KNOWN_INTERCEPTION_BLOCKED = -217, 586 587 // The connection uses an obsolete version of SSL/TLS. 588 CRONET_NET_ERROR_SSL_OBSOLETE_VERSION = -218, 589 590 // Add new certificate error codes here. 591 // 592 // Update the value of CERT_END whenever you add a new certificate error 593 // code. 594 595 // The value immediately past the last certificate error code. 596 CRONET_NET_ERROR_CERT_END = -219, 597 598 // The URL is invalid. 599 CRONET_NET_ERROR_INVALID_URL = -300, 600 601 // The scheme of the URL is disallowed. 602 CRONET_NET_ERROR_DISALLOWED_URL_SCHEME = -301, 603 604 // The scheme of the URL is unknown. 605 CRONET_NET_ERROR_UNKNOWN_URL_SCHEME = -302, 606 607 // Attempting to load an URL resulted in a redirect to an invalid URL. 608 CRONET_NET_ERROR_INVALID_REDIRECT = -303, 609 610 // Attempting to load an URL resulted in too many redirects. 611 CRONET_NET_ERROR_TOO_MANY_REDIRECTS = -310, 612 613 // Attempting to load an URL resulted in an unsafe redirect (e.g. = a redirect 614 // to file: // is considered unsafe,. 615 CRONET_NET_ERROR_UNSAFE_REDIRECT = -311, 616 617 // Attempting to load an URL with an unsafe port number. These are port 618 // numbers that correspond to services = which are not robust to spurious 619 // input 620 // that may be constructed as a result of an allowed web construct (e.g. = 621 // HTTP 622 // looks a lot like SMTP = so form submission to port 25 is denied,. 623 CRONET_NET_ERROR_UNSAFE_PORT = -312, 624 625 // The server's response was invalid. 626 CRONET_NET_ERROR_INVALID_RESPONSE = -320, 627 628 // Error in chunked transfer encoding. 629 CRONET_NET_ERROR_INVALID_CHUNKED_ENCODING = -321, 630 631 // The server did not support the request method. 632 CRONET_NET_ERROR_METHOD_NOT_SUPPORTED = -322, 633 634 // The response was 407 (Proxy Authentication Required, = yet we did not send 635 // the request to a proxy. 636 CRONET_NET_ERROR_UNEXPECTED_PROXY_AUTH = -323, 637 638 // The server closed the connection without sending any data. 639 CRONET_NET_ERROR_EMPTY_RESPONSE = -324, 640 641 // The headers section of the response is too large. 642 CRONET_NET_ERROR_RESPONSE_HEADERS_TOO_BIG = -325, 643 644 // Error -326 was removed (PAC_STATUS_NOT_OK, 645 646 // The evaluation of the PAC script failed. 647 CRONET_NET_ERROR_PAC_SCRIPT_FAILED = -327, 648 649 // The response was 416 (Requested range not satisfiable, and the server 650 // cannot 651 // satisfy the range requested. 652 CRONET_NET_ERROR_REQUEST_RANGE_NOT_SATISFIABLE = -328, 653 654 // The identity used for authentication is invalid. 655 CRONET_NET_ERROR_MALFORMED_IDENTITY = -329, 656 657 // Content decoding of the response body failed. 658 CRONET_NET_ERROR_CONTENT_DECODING_FAILED = -330, 659 660 // An operation could not be completed because all network IO 661 // is suspended. 662 CRONET_NET_ERROR_NETWORK_IO_SUSPENDED = -331, 663 664 // FLIP data received without receiving a SYN_REPLY on the stream. 665 CRONET_NET_ERROR_SYN_REPLY_NOT_RECEIVED = -332, 666 667 // Converting the response to target encoding failed. 668 CRONET_NET_ERROR_ENCODING_CONVERSION_FAILED = -333, 669 670 // The server sent an FTP directory listing in a format we do not understand. 671 CRONET_NET_ERROR_UNRECOGNIZED_FTP_DIRECTORY_LISTING_FORMAT = -334, 672 673 // Obsolete. Was only logged in NetLog when an HTTP/2 pushed stream expired. 674 // CRONET_NET_ERROR_INVALID_SPDY_STREAM = -335, 675 676 // There are no supported proxies in the provided list. 677 CRONET_NET_ERROR_NO_SUPPORTED_PROXIES = -336, 678 679 // There is an HTTP/2 protocol error. 680 CRONET_NET_ERROR_HTTP2_PROTOCOL_ERROR = -337, 681 682 // Credentials could not be established during HTTP Authentication. 683 CRONET_NET_ERROR_INVALID_AUTH_CREDENTIALS = -338, 684 685 // An HTTP Authentication scheme was tried which is not supported on this 686 // machine. 687 CRONET_NET_ERROR_UNSUPPORTED_AUTH_SCHEME = -339, 688 689 // Detecting the encoding of the response failed. 690 CRONET_NET_ERROR_ENCODING_DETECTION_FAILED = -340, 691 692 // (GSSAPI, No Kerberos credentials were available during HTTP Authentication. 693 CRONET_NET_ERROR_MISSING_AUTH_CREDENTIALS = -341, 694 695 // An unexpected = but documented = SSPI or GSSAPI status code was returned. 696 CRONET_NET_ERROR_UNEXPECTED_SECURITY_LIBRARY_STATUS = -342, 697 698 // The environment was not set up correctly for authentication (for 699 // example = no KDC could be found or the principal is unknown. 700 CRONET_NET_ERROR_MISCONFIGURED_AUTH_ENVIRONMENT = -343, 701 702 // An undocumented SSPI or GSSAPI status code was returned. 703 CRONET_NET_ERROR_UNDOCUMENTED_SECURITY_LIBRARY_STATUS = -344, 704 705 // The HTTP response was too big to drain. 706 CRONET_NET_ERROR_RESPONSE_BODY_TOO_BIG_TO_DRAIN = -345, 707 708 // The HTTP response contained multiple distinct Content-Length headers. 709 CRONET_NET_ERROR_RESPONSE_HEADERS_MULTIPLE_CONTENT_LENGTH = -346, 710 711 // HTTP/2 headers have been received = but not all of them - status or version 712 // headers are missing = so we're expecting additional frames to complete 713 // them. 714 CRONET_NET_ERROR_INCOMPLETE_HTTP2_HEADERS = -347, 715 716 // No PAC URL configuration could be retrieved from DHCP. This can indicate 717 // either a failure to retrieve the DHCP configuration = or that there was no 718 // PAC URL configured in DHCP. 719 CRONET_NET_ERROR_PAC_NOT_IN_DHCP = -348, 720 721 // The HTTP response contained multiple Content-Disposition headers. 722 CRONET_NET_ERROR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION = -349, 723 724 // The HTTP response contained multiple Location headers. 725 CRONET_NET_ERROR_RESPONSE_HEADERS_MULTIPLE_LOCATION = -350, 726 727 // HTTP/2 server refused the request without processing = and sent either a 728 // GOAWAY frame with error code NO_ERROR and Last-Stream-ID lower than the 729 // stream id corresponding to the request indicating that this request has not 730 // been processed yet = or a RST_STREAM frame with error code REFUSED_STREAM. 731 // Client MAY retry (on a different connection,. See RFC7540 Section 8.1.4. 732 CRONET_NET_ERROR_HTTP2_SERVER_REFUSED_STREAM = -351, 733 734 // HTTP/2 server didn't respond to the PING message. 735 CRONET_NET_ERROR_HTTP2_PING_FAILED = -352, 736 737 // Obsolete. Kept here to avoid reuse = as the old error can still appear on 738 // histograms. 739 // CRONET_NET_ERROR_PIPELINE_EVICTION = -353, 740 741 // The HTTP response body transferred fewer bytes than were advertised by the 742 // Content-Length header when the connection is closed. 743 CRONET_NET_ERROR_CONTENT_LENGTH_MISMATCH = -354, 744 745 // The HTTP response body is transferred with Chunked-Encoding = but the 746 // terminating zero-length chunk was never sent when the connection is closed. 747 CRONET_NET_ERROR_INCOMPLETE_CHUNKED_ENCODING = -355, 748 749 // There is a QUIC protocol error. 750 CRONET_NET_ERROR_QUIC_PROTOCOL_ERROR = -356, 751 752 // The HTTP headers were truncated by an EOF. 753 CRONET_NET_ERROR_RESPONSE_HEADERS_TRUNCATED = -357, 754 755 // The QUIC crypto handshake failed. This means that the server was unable 756 // to read any requests sent = so they may be resent. 757 CRONET_NET_ERROR_QUIC_HANDSHAKE_FAILED = -358, 758 759 // Obsolete. Kept here to avoid reuse = as the old error can still appear on 760 // histograms. 761 // CRONET_NET_ERROR_REQUEST_FOR_SECURE_RESOURCE_OVER_INSECURE_QUIC = -359, 762 763 // Transport security is inadequate for the HTTP/2 version. 764 CRONET_NET_ERROR_HTTP2_INADEQUATE_TRANSPORT_SECURITY = -360, 765 766 // The peer violated HTTP/2 flow control. 767 CRONET_NET_ERROR_HTTP2_FLOW_CONTROL_ERROR = -361, 768 769 // The peer sent an improperly sized HTTP/2 frame. 770 CRONET_NET_ERROR_HTTP2_FRAME_SIZE_ERROR = -362, 771 772 // Decoding or encoding of compressed HTTP/2 headers failed. 773 CRONET_NET_ERROR_HTTP2_COMPRESSION_ERROR = -363, 774 775 // Proxy Auth Requested without a valid Client Socket Handle. 776 CRONET_NET_ERROR_PROXY_AUTH_REQUESTED_WITH_NO_CONNECTION = -364, 777 778 // HTTP_1_1_REQUIRED error code received on HTTP/2 session. 779 CRONET_NET_ERROR_HTTP_1_1_REQUIRED = -365, 780 781 // HTTP_1_1_REQUIRED error code received on HTTP/2 session to proxy. 782 CRONET_NET_ERROR_PROXY_HTTP_1_1_REQUIRED = -366, 783 784 // The PAC script terminated fatally and must be reloaded. 785 CRONET_NET_ERROR_PAC_SCRIPT_TERMINATED = -367, 786 787 // Obsolete. Kept here to avoid reuse. 788 // Request is throttled because of a Backoff header. 789 // See: crbug.com/486891. 790 // CRONET_NET_ERROR_TEMPORARY_BACKOFF = -369, 791 792 // The server was expected to return an HTTP/1.x response = but did not. 793 // Rather 794 // than treat it as HTTP/0.9 = this error is returned. 795 CRONET_NET_ERROR_INVALID_HTTP_RESPONSE = -370, 796 797 // Initializing content decoding failed. 798 CRONET_NET_ERROR_CONTENT_DECODING_INIT_FAILED = -371, 799 800 // Received HTTP/2 RST_STREAM frame with NO_ERROR error code. This error 801 // should 802 // be handled internally by HTTP/2 code = and should not make it above the 803 // SpdyStream layer. 804 CRONET_NET_ERROR_HTTP2_RST_STREAM_NO_ERROR_RECEIVED = -372, 805 806 // The pushed stream claimed by the request is no longer available. 807 CRONET_NET_ERROR_HTTP2_PUSHED_STREAM_NOT_AVAILABLE = -373, 808 809 // A pushed stream was claimed and later reset by the server. When this 810 // happens = 811 // the request should be retried. 812 CRONET_NET_ERROR_HTTP2_CLAIMED_PUSHED_STREAM_RESET_BY_SERVER = -374, 813 814 // An HTTP transaction was retried too many times due for authentication or 815 // invalid certificates. This may be due to a bug in the net stack that would 816 // otherwise infinite loop = or if the server or proxy continually requests 817 // fresh 818 // credentials or presents a fresh invalid certificate. 819 CRONET_NET_ERROR_TOO_MANY_RETRIES = -375, 820 821 // Received an HTTP/2 frame on a closed stream. 822 CRONET_NET_ERROR_HTTP2_STREAM_CLOSED = -376, 823 824 // Client is refusing an HTTP/2 stream. 825 CRONET_NET_ERROR_HTTP2_CLIENT_REFUSED_STREAM = -377, 826 827 // A pushed HTTP/2 stream was claimed by a request based on matching URL and 828 // request headers = but the pushed response headers do not match the request. 829 CRONET_NET_ERROR_HTTP2_PUSHED_RESPONSE_DOES_NOT_MATCH = -378, 830 831 // The server returned a non-2xx HTTP response code. 832 // 833 // Not that this error is only used by certain APIs that interpret the HTTP 834 // response itself. URLRequest for instance just passes most non-2xx 835 // response back as success. 836 CRONET_NET_ERROR_HTTP_RESPONSE_CODE_FAILURE = -379, 837 838 // The certificate presented on a QUIC connection does not chain to a known 839 // root 840 // and the origin connected to is not on a list of domains where unknown roots 841 // are allowed. 842 CRONET_NET_ERROR_QUIC_CERT_ROOT_NOT_KNOWN = -380, 843 844 // The cache does not have the requested entry. 845 CRONET_NET_ERROR_CACHE_MISS = -400, 846 847 // Unable to read from the disk cache. 848 CRONET_NET_ERROR_CACHE_READ_FAILURE = -401, 849 850 // Unable to write to the disk cache. 851 CRONET_NET_ERROR_CACHE_WRITE_FAILURE = -402, 852 853 // The operation is not supported for this entry. 854 CRONET_NET_ERROR_CACHE_OPERATION_NOT_SUPPORTED = -403, 855 856 // The disk cache is unable to open this entry. 857 CRONET_NET_ERROR_CACHE_OPEN_FAILURE = -404, 858 859 // The disk cache is unable to create this entry. 860 CRONET_NET_ERROR_CACHE_CREATE_FAILURE = -405, 861 862 // Multiple transactions are racing to create disk cache entries. This is an 863 // internal error returned from the HttpCache to the HttpCacheTransaction that 864 // tells the transaction to restart the entry-creation logic because the state 865 // of the cache has changed. 866 CRONET_NET_ERROR_CACHE_RACE = -406, 867 868 // The cache was unable to read a checksum record on an entry. This can be 869 // returned from attempts to read from the cache. It is an internal error = 870 // returned by the SimpleCache backend = but not by any URLRequest methods 871 // or members. 872 CRONET_NET_ERROR_CACHE_CHECKSUM_READ_FAILURE = -407, 873 874 // The cache found an entry with an invalid checksum. This can be returned 875 // from 876 // attempts to read from the cache. It is an internal error = returned by the 877 // SimpleCache backend = but not by any URLRequest methods or members. 878 CRONET_NET_ERROR_CACHE_CHECKSUM_MISMATCH = -408, 879 880 // Internal error code for the HTTP cache. The cache lock timeout has fired. 881 CRONET_NET_ERROR_CACHE_LOCK_TIMEOUT = -409, 882 883 // Received a challenge after the transaction has read some data = and the 884 // credentials aren't available. There isn't a way to get them at that point. 885 CRONET_NET_ERROR_CACHE_AUTH_FAILURE_AFTER_READ = -410, 886 887 // Internal not-quite error code for the HTTP cache. In-memory hints suggest 888 // that the cache entry would not have been useable with the transaction's 889 // current configuration (e.g. load flags = mode = etc., 890 CRONET_NET_ERROR_CACHE_ENTRY_NOT_SUITABLE = -411, 891 892 // The disk cache is unable to doom this entry. 893 CRONET_NET_ERROR_CACHE_DOOM_FAILURE = -412, 894 895 // The disk cache is unable to open or create this entry. 896 CRONET_NET_ERROR_CACHE_OPEN_OR_CREATE_FAILURE = -413, 897 898 // The server's response was insecure (e.g. there was a cert error,. 899 CRONET_NET_ERROR_INSECURE_RESPONSE = -501, 900 901 // An attempt to import a client certificate failed = as the user's key 902 // database lacked a corresponding private key. 903 CRONET_NET_ERROR_NO_PRIVATE_KEY_FOR_CERT = -502, 904 905 // An error adding a certificate to the OS certificate database. 906 CRONET_NET_ERROR_ADD_USER_CERT_FAILED = -503, 907 908 // An error occurred while handling a signed exchange. 909 CRONET_NET_ERROR_INVALID_SIGNED_EXCHANGE = -504, 910 911 // An error occurred while handling a Web Bundle source. 912 CRONET_NET_ERROR_INVALID_WEB_BUNDLE = -505, 913 914 // A Trust Tokens protocol operation-executing request failed for one of a 915 // number of reasons (precondition failure = internal error = bad response,. 916 CRONET_NET_ERROR_TRUST_TOKEN_OPERATION_FAILED = -506, 917 918 // When handling a Trust Tokens protocol operation-executing request = the 919 // system 920 // found that the request's desired Trust Tokens results were already present 921 // in 922 // a local cache; as a result = the main request was cancelled. 923 CRONET_NET_ERROR_TRUST_TOKEN_OPERATION_CACHE_HIT = -507, 924 925 // *** Code -600 is reserved (was FTP_PASV_COMMAND_FAILED,. *** 926 927 // A generic error for failed FTP control connection command. 928 // If possible = please use or add a more specific error code. 929 CRONET_NET_ERROR_FTP_FAILED = -601, 930 931 // The server cannot fulfill the request at this point. This is a temporary 932 // error. 933 // FTP response code 421. 934 CRONET_NET_ERROR_FTP_SERVICE_UNAVAILABLE = -602, 935 936 // The server has aborted the transfer. 937 // FTP response code 426. 938 CRONET_NET_ERROR_FTP_TRANSFER_ABORTED = -603, 939 940 // The file is busy = or some other temporary error condition on opening 941 // the file. 942 // FTP response code 450. 943 CRONET_NET_ERROR_FTP_FILE_BUSY = -604, 944 945 // Server rejected our command because of syntax errors. 946 // FTP response codes 500 = 501. 947 CRONET_NET_ERROR_FTP_SYNTAX_ERROR = -605, 948 949 // Server does not support the command we issued. 950 // FTP response codes 502 = 504. 951 CRONET_NET_ERROR_FTP_COMMAND_NOT_SUPPORTED = -606, 952 953 // Server rejected our command because we didn't issue the commands in right 954 // order. 955 // FTP response code 503. 956 CRONET_NET_ERROR_FTP_BAD_COMMAND_SEQUENCE = -607, 957 958 // PKCS #12 import failed due to incorrect password. 959 CRONET_NET_ERROR_PKCS12_IMPORT_BAD_PASSWORD = -701, 960 961 // PKCS #12 import failed due to other error. 962 CRONET_NET_ERROR_PKCS12_IMPORT_FAILED = -702, 963 964 // CA import failed - not a CA cert. 965 CRONET_NET_ERROR_IMPORT_CA_CERT_NOT_CA = -703, 966 967 // Import failed - certificate already exists in database. 968 // Note it's a little weird this is an error but reimporting a PKCS12 is ok 969 // (no-op,. That's how Mozilla does it = though. 970 CRONET_NET_ERROR_IMPORT_CERT_ALREADY_EXISTS = -704, 971 972 // CA import failed due to some other error. 973 CRONET_NET_ERROR_IMPORT_CA_CERT_FAILED = -705, 974 975 // Server certificate import failed due to some internal error. 976 CRONET_NET_ERROR_IMPORT_SERVER_CERT_FAILED = -706, 977 978 // PKCS #12 import failed due to invalid MAC. 979 CRONET_NET_ERROR_PKCS12_IMPORT_INVALID_MAC = -707, 980 981 // PKCS #12 import failed due to invalid/corrupt file. 982 CRONET_NET_ERROR_PKCS12_IMPORT_INVALID_FILE = -708, 983 984 // PKCS #12 import failed due to unsupported features. 985 CRONET_NET_ERROR_PKCS12_IMPORT_UNSUPPORTED = -709, 986 987 // Key generation failed. 988 CRONET_NET_ERROR_KEY_GENERATION_FAILED = -710, 989 990 // Error -711 was removed (ORIGIN_BOUND_CERT_GENERATION_FAILED, 991 992 // Failure to export private key. 993 CRONET_NET_ERROR_PRIVATE_KEY_EXPORT_FAILED = -712, 994 995 // Self-signed certificate generation failed. 996 CRONET_NET_ERROR_SELF_SIGNED_CERT_GENERATION_FAILED = -713, 997 998 // The certificate database changed in some way. 999 CRONET_NET_ERROR_CERT_DATABASE_CHANGED = -714, 1000 1001 // Error -715 was removed (CHANNEL_ID_IMPORT_FAILED, 1002 1003 // DNS error codes. 1004 1005 // DNS resolver received a malformed response. 1006 CRONET_NET_ERROR_DNS_MALFORMED_RESPONSE = -800, 1007 1008 // DNS server requires TCP 1009 CRONET_NET_ERROR_DNS_SERVER_REQUIRES_TCP = -801, 1010 1011 // DNS server failed. This error is returned for all of the following 1012 // error conditions: 1013 // 1 - Format error - The name server was unable to interpret the query. 1014 // 2 - Server failure - The name server was unable to process this query 1015 // due to a problem with the name server. 1016 // 4 - Not Implemented - The name server does not support the requested 1017 // kind of query. 1018 // 5 - Refused - The name server refuses to perform the specified 1019 // operation for policy reasons. 1020 CRONET_NET_ERROR_DNS_SERVER_FAILED = -802, 1021 1022 // DNS transaction timed out. 1023 CRONET_NET_ERROR_DNS_TIMED_OUT = -803, 1024 1025 // The entry was not found in cache or other local sources = for lookups where 1026 // only local sources were queried. 1027 CRONET_NET_ERROR_DNS_CACHE_MISS = -804, 1028 1029 // Suffix search list rules prevent resolution of the given host name. 1030 CRONET_NET_ERROR_DNS_SEARCH_EMPTY = -805, 1031 1032 // Failed to sort addresses according to RFC3484. 1033 CRONET_NET_ERROR_DNS_SORT_ERROR = -806, 1034 1035 // Error -807 was removed (DNS_HTTP_FAILED, 1036 1037 // Failed to resolve the hostname of a DNS-over-HTTPS server. 1038 CRONET_NET_ERROR_DNS_SECURE_RESOLVER_HOSTNAME_RESOLUTION_FAILED = -808, 1039 }; 1040 1041 const char* cronet_net_error_as_string(cronet_net_error_code net_error); 1042 grpc_status_code cronet_net_error_to_grpc_error( 1043 cronet_net_error_code net_error); 1044 1045 #endif /* GRPC_CORE_EXT_TRANSPORT_CRONET_TRANSPORT_CRONET_STATUS_H */ 1046