The table below lists the error strings that can be returned by Barracuda App Server (BAS) Lua APIs. These strings are used across multiple modules (for example network, HTTP client, file I/O, ZIP, TLS, and proxy-related APIs).
In BAS Lua code, many functions return nil/false plus an error string when an operation fails. The recommended pattern is to compare the returned error string against the values in this table and handle the cases you care about, then fall back to a generic error handler for everything else.
For Lua developers, the important part is the Lua error string (for example cannotconnect, timeout, or notfound). The underlying C constant names are included only as secondary reference information.
Handle the most common connectivity errors explicitly and log the returned BAS error string for everything else.
local http = require "httpc".create()
local ok, err = http:request{url = "https://x.com"}
if not ok then
if err == "cannotresolve" or err == "cannotconnect" then
print("Server is not available")
elseif err == "timeout" then
print("Server did not respond in time")
else
print("HTTP request failed, code:", err)
end
end
Use a specific message for expected file-system cases such as notfound, while still reporting unexpected errors.
local dio = ba.openio("disk")
local fp, err = dio:open("/tmp/myfile.txt")
if not fp then
if err == "notfound" then
print("Cannot find the file")
elseif err == "noaccess" then
print("Access denied")
else
print("Cannot open file, code:", err)
end
end
For larger applications, centralize common checks so the same BAS error strings are handled consistently across modules.
local function isTransientNetworkError(err)
return err == "cannotresolve"
or err == "cannotconnect"
or err == "timeout"
or err == "socketreadfailed"
or err == "socketwritefailed"
end
local ok, err = someOperation()
if not ok then
if isTransientNetworkError(err) then
print("Temporary network problem, retry later")
else
print("Operation failed, code:", err)
end
end
| Lua Error | Description |
|---|---|
| General / I/O Interface (IoIntf) | |
no error | Success (E_NO_ERROR / no failure condition). |
invalidname | invalid resource name or a name not accepted by the underlying I/O implementation (for example, a DOS 8.3 file system rejecting long names). Source mapping: IOINTF_INVALIDNAME. |
notfound | requested resource was not found. Source mapping: IOINTF_NOTFOUND. |
exist | resource already exists and cannot be overwritten by the attempted operation. Source mapping: IOINTF_EXIST. |
enoent | path or parent directory was not found. Source mapping: IOINTF_ENOENT. |
noaccess | access denied or resource locked by the file system / storage backend. Source mapping: IOINTF_NOACCESS. |
notempty | directory resource is not empty. Source mapping: IOINTF_NOTEMPTY. |
ioerror | generic I/O failure. A secondary/native error value may provide more detail. Source mapping: IOINTF_IOERROR. |
nospace | no space left on the target storage device. Source mapping: IOINTF_NOSPACE. |
mem | memory allocation failure while working with a resource. Source mapping: IOINTF_MEM. |
locked | resource is locked (implementation-specific lock state). Source mapping: IOINTF_LOCKED. |
buftoosmall | caller-provided buffer is too small for the requested operation. Source mapping: IOINTF_BUFTOOSMALL. |
noimplementation | requested I/O method is not implemented by the active backend. Source mapping: IOINTF_NOIMPLEMENTATION. |
noaeslib | encrypted ZIP access requires AES support, but AES was not enabled in the build (e.g., ZipIo compiled without SharkSSL/AES support). Source mapping: IOINTF_NOAESLIB. |
notcompressed | data/resource is not handled as compressed in this call path; caller should use the normal open/read path instead of a compressed/gzip path. Source mapping: IOINTF_NOTCOMPRESSED. |
ziperror | compressed data error (ZIP/gzip decoding problem or corrupted compressed data). Source mapping: IOINTF_ZIPERROR. |
noziplib | zlib decompression support is unavailable in the build (for example when NO_ZLIB is defined). Source mapping: IOINTF_NOZIPLIB. |
aesnosupport | unknown/unsupported AES ZIP encryption, or the file is not an AES-encrypted ZIP file. Source mapping: IOINTF_AES_NO_SUPPORT. |
nopassword | file is AES encrypted, but no password was provided. Source mapping: IOINTF_NO_PASSWORD. |
wrongpassword | password is incorrect for the AES-encrypted file. Source mapping: IOINTF_WRONG_PASSWORD. |
aeswrongauth | AES authentication check failed. Typical causes are wrong password, a corrupted ZIP file, or a compromised ZIP file. Source mapping: IOINTF_AES_WRONG_AUTH. |
aescompromised | file content appears compromised (for example changed from encrypted to non-encrypted). Detection depends on IoIntf_setPassword(..., passwordRequired) usage. Source mapping: IOINTF_AES_COMPROMISED. |
| Socket / Network / HTTP Client | |
invalidsocketcon | invalid or unusable socket connection object/state. Source mapping: E_INVALID_SOCKET_CON. |
gethostbyname | host name lookup / DNS resolution failed. Source mapping: E_GETHOSTBYNAME. |
bind | socket bind operation failed. Source mapping: E_BIND. |
socketclosed | socket was closed (locally or by peer) before the operation completed. Source mapping: E_SOCKET_CLOSED. |
socketwritefailed | socket send/write operation failed. Source mapping: E_SOCKET_WRITE_FAILED. |
socketreadfailed | socket receive/read operation failed. Source mapping: E_SOCKET_READ_FAILED. |
timeout | timeout expired before required data/event/operation completion. Source mapping: E_TIMEOUT. |
| SharkSSL PEM Parsing (when SharkSSL is enabled) | |
pem_key_parse_error | PEM private key parsing failed. Source mapping: SHARKSSL_PEM_KEY_PARSE_ERROR. |
pem_key_wrong_iv | PEM-encrypted key has an invalid/unsupported initialization vector (IV). Source mapping: SHARKSSL_PEM_KEY_WRONG_IV. |
pem_key_wrong_length | PEM key data has an invalid length/encoding layout. Source mapping: SHARKSSL_PEM_KEY_WRONG_LENGTH. |
pem_key_passphrase_required | encrypted PEM key requires a passphrase, but none was supplied. Source mapping: SHARKSSL_PEM_KEY_PASSPHRASE_REQUIRED. |
pem_key_unrecognized_format | PEM key format was not recognized. Source mapping: SHARKSSL_PEM_KEY_UNRECOGNIZED_FORMAT. |
pem_key_unsupported_format | PEM key format is recognized but not supported by the build/runtime. Source mapping: SHARKSSL_PEM_KEY_UNSUPPORTED_FORMAT. |
pem_key_unsupported_modulus_length | key size (typically RSA modulus length) is unsupported. Source mapping: SHARKSSL_PEM_KEY_UNSUPPORTED_MODULUS_LENGTH. |
pem_key_unsupported_encryption_type | PEM key uses an unsupported encryption algorithm/type. Source mapping: SHARKSSL_PEM_KEY_UNSUPPORTED_ENCRYPTION_TYPE. |
pem_key_cert_mismatch | private key does not match the supplied certificate. Source mapping: SHARKSSL_PEM_KEY_CERT_MISMATCH. |
pem_cert_unrecognized_format | PEM certificate format was not recognized. Source mapping: SHARKSSL_PEM_CERT_UNRECOGNIZED_FORMAT. |
pem_cert_unsupported_type | PEM certificate type is not supported. Source mapping: SHARKSSL_PEM_CERT_UNSUPPORTED_TYPE. |
malloc | Memory allocation failed. Source mapping: E_MALLOC; when SharkSSL is enabled, SHARKSSL_PEM_ALLOCATION_ERROR also maps to this Lua error string. |
| HTTP Response / Server API Usage | |
alreadyinserted | object/item was already inserted; duplicate insertion attempt. Source mapping: E_ALREADY_INSERTED. |
toomuchdata | more data than the API/state accepts for the operation. Source mapping: E_TOO_MUCH_DATA. |
pagenotfound | page not found during an HttpResponse include/forward operation. Source mapping: E_PAGE_NOT_FOUND. |
iscommitted | HTTP response is already committed, so the requested modification/write operation is no longer valid. Source mapping: E_IS_COMMITTED. |
invalidparam | invalid parameter value passed to the API. Source mapping: E_INVALID_PARAM. |
mixingwritesend | incompatible response output methods were mixed (e.g., write-style and send-style APIs in the same response flow). Source mapping: E_MIXING_WRITE_SEND. |
toomanyincludes | include nesting/recursion limit exceeded. Source mapping: E_TOO_MANY_INCLUDES. |
toomanyforwards | forward nesting/recursion limit exceeded. Source mapping: E_TOO_MANY_FORWARDS. |
includeopnotvalid | include/forward-related operation is not valid in the current response context/state. Source mapping: E_INCLUDE_OP_NOT_VALID. |
cannotresolve | failed to resolve host/address for a remote request. Source mapping: E_CANNOT_RESOLVE. |
cannotconnect | network connection could not be established. Source mapping: E_CANNOT_CONNECT. |
invalidurl | malformed or unsupported URL. Source mapping: E_INVALID_URL. |
invalidresponse | remote endpoint returned an invalid or unexpected response format. Source mapping: E_INVALID_RESPONSE. |
incorrectuse | API was used incorrectly (invalid call sequence or state assumptions). Source mapping: E_INCORRECT_USE. |
| TLS / SSL (SharkSSL) | |
sslnotenabled | TLS/SSL support is not enabled in the build/runtime. Source mapping: E_TLS_NOT_ENABLED. |
sslalertrecv | TLS alert received from peer. Additional detail can be obtained using SharkSSL alert-description APIs. Source mapping: E_SHARK_ALERT_RECV. |
sslcryptoerr | TLS cryptographic processing error. Source mapping: E_TLS_CRYPTOERR. |
sslhandshake | TLS handshake failed. Source mapping: E_TLS_HANDSHAKE. |
sslnottrusted | certificate is not trusted or the certificate/domain name does not match. Source mapping: E_NOT_TRUSTED. |
sslclosenotify | peer sent TLS close_notify (connection is closing gracefully). Source mapping: E_TLS_CLOSE_NOTIFY. |
| SOCKS Proxy / Proxy Negotiation | |
prxgeneral | general SOCKS server failure. Source mapping: E_PROXY_GENERAL. |
prxnotallowed | connection not allowed by proxy ruleset/policy. Source mapping: E_PROXY_NOT_ALLOWED. |
prxnetwork | network unreachable (reported by proxy). Source mapping: E_PROXY_NETWORK. |
prxhost | host unreachable (reported by proxy). Source mapping: E_PROXY_HOST. |
prxrefused | connection refused by remote target or proxy. Source mapping: E_PROXY_REFUSED. |
prxttl | TTL expired during proxy-mediated connection. Source mapping: E_PROXY_TTL. |
prxcommand | SOCKS command is not supported. Source mapping: E_PROXY_COMMAND_NOT_SUP. |
prxaddress | SOCKS address type is not supported. Source mapping: E_PROXY_ADDRESS_NOT_SUP. |
prxnotcompat | endpoint is not a supported SOCKS version / incompatible proxy protocol. Source mapping: E_PROXY_NOT_COMPATIBLE. |
prxready | proxy negotiation completed and socket is ready. This is explicitly marked in the source as not an error. Source mapping: E_PROXY_READY. |
prxunknown | unknown SOCKS/proxy error code. Source mapping: E_PROXY_UNKNOWN. |
proxyauth | proxy authentication required or provided proxy credentials were rejected. Source mapping: E_PROXY_AUTH and HTTP status 407. |
auth | authentication required or credentials were rejected. Source mapping: HTTP status 401. |
| System / ZIP Iterator / Fallback | |
sysshutdown | system/server process is shutting down (used by Mako Server and related products when the program exits). Source mapping: E_SYS_SHUTDOWN. |
zipbuf | ZIP parser buffer is too small. Source mapping: ZipErr_Buf. |
zipreading | reading ZIP data failed. Source mapping: ZipErr_Reading. |
zipspanned | spanned/split ZIP archives are not supported. Source mapping: ZipErr_Spanned. |
zipcompression | unsupported ZIP compression method (supported methods are typically Stored and Deflated). Source mapping: ZipErr_Compression. |
zipincompatible | unknown or incompatible ZIP central directory structure. Source mapping: ZipErr_Incompatible. |
failed | generic failure sentinel when no more specific error code is used. Source mapping: numeric code -1. |
unknown | Fallback string returned by baErr2Str() when the input error code has no explicit mapping in the switch statement. |