The Major Status is a 32-bit unsigned integer that is mechanism independent. Major Status is returned by all TDGSS functions.
In hexadecimal format, Major Status codes use the format CCRRSSSS:
- CC = Calling Errors
- RR = Routine Errors
- SSSS = Supplementary Status (indicate status, not errors)
Calling Errors
Value | Calling Error | Description |
---|---|---|
01 | Inaccessible read | A required input parameter could not be read (likely NULL). |
02 | Inaccessible write | A required output parameter could not be written (likely NULL). |
03 | Bad structure | A parameter was malformed. |
Routine Errors
Value | Routine Error | Description |
---|---|---|
01 | Bad Mech | An unsupported mechanism was requested. |
02 | Bad Name | An invalid name was supplied. |
03 | Bad Name Type | A supplied name was of an unsupported type. |
04 | Bad bindings | Incorrect channel bindings were supplied. |
05 | Bad status | An invalid status code was supplied. |
06 | Bad MIC | A token had an invalid Message Integrity Code (MIC). |
07 | No Credentials | Credentials were not supplied, or unavailable or inaccessible. |
08 | No Context | No security context has been established. |
09 | Defective Token | A token was invalid. |
0A | Defective Credential | A credential was invalid. |
0B | Credentials Expired | The referenced credentials have expired. |
0C | Context Expired | The security context has expired. |
0D | Failure | Miscellaneous failure. |
0E | Bad QOP | The Quality Of Protection requested could not be provided. |
0F | Unauthorized | The operation is forbidden by local security policy. |
10 | Unavailable | The operation or option is unavailable. |
11 | Duplicate Element | The requested credential element already exists. |
12 | Name Not MN | The provided name was not a mechanism name. |
13 | Continue | tdgss_terminate didn’t unload TDGSS, as it was still in use. |
Supplementary Status
Value | Supplementary Status | Description |
---|---|---|
0010 | Gap Token | An expected per-message token was not received. |
0008 | Out of Seq. Token | A later token has already been processed. |
0004 | Old Token | The validity period of the token has expired. |
0002 | Duplicate Token | The token was a duplicate of an earlier token. |
0001 | Continue Needed | The routine must be called again to complete its function (only returned by tdgss_init_sec_context and tdgss_accept_sec_context). |
Example
Major Status = 01020004 (hexadecimal):
- 01 = Inaccessible read
- 02 = Bad name
- 0004 = Old Token
TDGSS function was passed a bad pointer for a name parameter that was required.