GSSAPI Error Codes
Generic GSSAPI Errors:
     
- G_BAD_SERVICE_NAME:  No  in SERVICE-NAME name string
- G_BAD_STRING_UID: STRING-UID-NAME contains nondigits
- G_NOUSER:  UID does not resolve to username
- G_VALIDATE_FAILED:  Validation error
- G_BUFFER_ALLOC:  Couldn't allocate gss_buffer_t data
- G_BAD_MSG_CTX:  Message context invalid
- G_WRONG_SIZE:  Buffer is the wrong size
- G_BAD_USAGE:  Credential usage type is unknown
- G_UNKNOWN_QOP:  Unknown quality of protection specified
- G_BAD_HOSTNAME:  Hostname in SERVICE-NAME string could not be
canonicalized
- G_WRONG_MECH: Mechanism is incorrect
- G_BAD_TOK_HEADER: Token header is malformed or corrupt
- G_BAD_DIRECTION: Packet was replayed in wrong direction
- G_TOK_TRUNC: Token is missing data
- G_REFLECT: Token was reflected
- G_WRONG_TOKID: Received token ID does not match expected token ID
     
Kerberos 5 GSSAPI Errors:
     
- KG_CCACHE_NOMATCH:  Principal in credential cache does not match desired
name
- KG_KEYTAB_NOMATCH:  No principal in keytab matches desired name
- KG_TGT_MISSING:  Credential cache has no TGT
- KG_NO_SUBKEY:  Authenticator has no subkey
- KG_CONTEXT_ESTABLISHED:  Context is already fully established
- KG_BAD_SIGN_TYPE:  Unknown signature type in token
- KG_BAD_LENGTH:  Invalid field length in token
- KG_CTX_INCOMPLETE:  Attempt to use incomplete security context
- KG_CONTEXT:  Bad magic number for krb5_gss_ctx_id_t
- KG_CRED:  Bad magic number for krb5_gss_cred_id_t
- KG_ENC_DESC:  Bad magic number for krb5_gss_enc_desc
- KG_BAD_SEQ: Sequence number in token is corrupt
- KG_EMPTY_CCACHE: Credential cache is empty
- KG_NO_CTYPES: Acceptor and Initiator share no checksum types