New release 5.9.8.0

ENH: Detailed error messages available when authentication is refused

ApacheLicense.txt

@@ -190,7 +190,7 @@
  Copyright 2014-2015 LastSquirrelIT
  Copyright 2015-2016 ArcadeJust
  Copyright 2016-2021 NetKnights GmbH
- Copyright 2010-2023 SysCo systemes de communication sa
+ Copyright 2010-2024 SysCo systemes de communication sa
 
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.

CppClientCore/CppClientCore/Debug/CppClientCore.Build.CppClean.log

@@ -0,0 +1,24 @@
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\vc142.pdb
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\multiotpregistryreader.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\multiotpregistry.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\multiotphelpers.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\multiotp.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\guid.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\registryreader.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\privacyidea.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\offlinehandler.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\offlinedata.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\logger.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\endpoint.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\challenge.obj
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\debug\cppclientcore.pdb
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\cl.command.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\cl.read.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\cl.write.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\link-cvtres.read.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\link-cvtres.write.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\link-rc.read.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\link-rc.write.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\link.command.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\link.read.1.tlog
+c:\data\projects\multiotp\multiotpcredentialproviderprivacyidea\cppclientcore\cppclientcore\debug\cppclientcore.tlog\link.write.1.tlog

CppClientCore/CppClientCore/Debug/CppClientCore.log

@@ -0,0 +1,42 @@
+ Challenge.cpp
+ Endpoint.cpp
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\Endpoint.cpp(149,2): warning C4996: 'GetVersionExW': a été déclaré déconseillé
+ Logger.cpp
+ OfflineData.cpp
+ OfflineHandler.cpp
+ PrivacyIDEA.cpp
+C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.28.29910\include\algorithm(3372,24): warning C4244: '=' : conversion de 'int' en 'wchar_t', perte possible de données
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\PrivacyIDEA.cpp(321): message : voir la référence à l'instanciation de la fonction modèle '_OutIt std::transform<std::_String_iterator<std::_String_val<std::_Simple_types<_Elem>>>,std::_String_iterator<std::_String_val<std::_Simple_types<_Elem>>>,int(__cdecl *)(int)>(const _InIt,const _InIt,_OutIt,_Fn)' en cours de compilation
+ with
+ [
+ _OutIt=std::_String_iterator<std::_String_val<std::_Simple_types<wchar_t>>>,
+ _Elem=wchar_t,
+ _InIt=std::_String_iterator<std::_String_val<std::_Simple_types<wchar_t>>>,
+ _Fn=int (__cdecl *)(int)
+ ]
+ RegistryReader.cpp
+ guid.cpp
+ MultiOTP.cpp
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\MultiOTP.cpp(40,136): warning C4100: 'transaction_id' : paramètre formel non référencé
+ MultiotpHelpers.cpp
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\MultiotpHelpers.cpp(1514,13): warning C4101: 'otp_name' : variable locale non référencée
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\MultiotpHelpers.cpp(1712,19): warning C4244: 'return' : conversion de 'time_t' en 'int', perte possible de données
+ MultiotpRegistry.cpp
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\MultiotpRegistry.cpp(50,21): warning C4130: '!=' : opération logique sur l'adresse d'une constante de chaîne
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\MultiotpRegistry.cpp(125,21): warning C4130: '!=' : opération logique sur l'adresse d'une constante de chaîne
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\MultiotpRegistry.cpp(355,21): warning C4130: '!=' : opération logique sur l'adresse d'une constante de chaîne
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\CppClientCore\CppClientCore\MultiotpRegistry.cpp(395,21): warning C4130: '!=' : opération logique sur l'adresse d'une constante de chaîne
+ MultiOTPRegistryReader.cpp
+ Génération de code en cours...
+LINK : warning LNK4075: ' /INCREMENTAL' ignoré à cause de la spécification '/OPT:ICF'
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu _LsaLookupAuthenticationPackage@12 référencé dans la fonction "long __cdecl MultiOTPRetrieveNegotiateAuthPackage(unsigned long *)" (?MultiOTPRetrieveNegotiateAuthPackage@@YAJPAK@Z)
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu _LsaDeregisterLogonProcess@4 référencé dans la fonction "long __cdecl MultiOTPRetrieveNegotiateAuthPackage(unsigned long *)" (?MultiOTPRetrieveNegotiateAuthPackage@@YAJPAK@Z)
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu _LsaConnectUntrusted@4 référencé dans la fonction "long __cdecl MultiOTPRetrieveNegotiateAuthPackage(unsigned long *)" (?MultiOTPRetrieveNegotiateAuthPackage@@YAJPAK@Z)
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu _TranslateNameW@20 référencé dans la fonction "class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> > __cdecl getCleanUsername(class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> >,class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> >)" (?getCleanUsername@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@0@Z)
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu __imp__CredUnPackAuthenticationBufferW@36 référencé dans la fonction "long __cdecl MultiOTPKerbInteractiveUnlockLogonRepackNative(unsigned char *,unsigned long,unsigned char * *,unsigned long *)" (?MultiOTPKerbInteractiveUnlockLogonRepackNative@@YAJPAEKPAPAEPAK@Z)
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu __imp__CredPackAuthenticationBufferW@20 référencé dans la fonction "long __cdecl MultiOTPKerbInteractiveUnlockLogonRepackNative(unsigned char *,unsigned long,unsigned char * *,unsigned long *)" (?MultiOTPKerbInteractiveUnlockLogonRepackNative@@YAJPAEKPAPAEPAK@Z)
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu _WTSQuerySessionInformationW@20 référencé dans la fonction "int __cdecl IsRemoteSession(void)" (?IsRemoteSession@@YAHXZ)
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu _WTSFreeMemory@4 référencé dans la fonction "int __cdecl IsRemoteSession(void)" (?IsRemoteSession@@YAHXZ)
+MultiotpHelpers.obj : error LNK2019: symbole externe non résolu __imp__DsGetDcNameW@24 référencé dans la fonction "class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> > __cdecl getCleanUsername(class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> >,class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> >)" (?getCleanUsername@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@0@Z)
+LIBCMTD.lib(exe_main.obj) : error LNK2019: symbole externe non résolu _main référencé dans la fonction "int __cdecl invoke_main(void)" (?invoke_main@@YAHXZ)
+C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\Debug\CppClientCore.exe : fatal error LNK1120: 10 externes non résolus

CppClientCore/CppClientCore/Debug/CppClientCore.tlog/CppClientCore.lastbuildstate

@@ -0,0 +1,2 @@
+PlatformToolSet=v142:VCToolArchitecture=Native32Bit:VCToolsVersion=14.28.29910:TargetPlatformVersion=10.0.19041.0:
+Debug|Win32|C:\data\projects\multiotp\multiOTPCredentialProviderPrivacyIdea\|

CppClientCore/CppClientCore/Debug/CppClientCore.tlog/link-cvtres.read.1.tlog

@@ -0,0 +1 @@
+��

CppClientCore/CppClientCore/Debug/CppClientCore.tlog/link-cvtres.write.1.tlog

@@ -0,0 +1 @@
+��

CppClientCore/CppClientCore/Debug/CppClientCore.tlog/link-rc.read.1.tlog

@@ -0,0 +1 @@
+��

CppClientCore/CppClientCore/Debug/CppClientCore.tlog/link-rc.write.1.tlog

@@ -0,0 +1 @@
+��

CppClientCore/CppClientCore/Debug/CppClientCore.tlog/link.command.1.tlog

@@ -0,0 +1 @@
+��

CppClientCore/CppClientCore/Debug/CppClientCore.tlog/link.read.1.tlog

@@ -0,0 +1 @@
+��

CppClientCore/CppClientCore/Debug/CppClientCore.tlog/link.write.1.tlog

@@ -0,0 +1 @@
+��

CppClientCore/CppClientCore/MultiOTP.cpp

@@ -2,10 +2,10 @@
  * multiOTP Credential Provider, extends privacyIdea
  *
  * @author Yann Jeanrenaud, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.7.1
- * @date 2023-12-03
+ * @version 5.9.8.0
+ * @date 2024-08-26
  * @since 2021
- * @copyright (c) 2016-2023 SysCo systemes de communication sa
+ * @copyright (c) 2016-2024 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)
  * @copyright (c) 2013-2015 Last Squirrel IT
  * @copyright Apache License, Version 2.0
@@ -37,20 +37,19 @@ MultiOTP::MultiOTP(PICONFIG conf):PrivacyIDEA(conf)
 {
 }
 
-HRESULT MultiOTP::validateCheck(const std::wstring& username, const std::wstring& domain, const SecureWString& otp, const std::string& transaction_id)
+HRESULT MultiOTP::validateCheck(const std::wstring& username, const std::wstring& domain, const SecureWString& otp, const std::string& transaction_id, HRESULT& error_code)
 {
  HRESULT hr = E_UNEXPECTED;
 
  hr = multiotp_request(getCleanUsername(username, domain), L"", otp);
-
+ error_code = hr;
  // Gérer le prev OTP
-
  if ((hr == MULTIOTP_SUCCESS)) {
- if (DEVELOP_MODE) PrintLn("MultiotpCredential::multiOTP Success, value ", hr);//OTP ok
+ if (DEVELOP_MODE) PrintLn("MultiotpCredential::multiOTP Success, value  %d", hr);//OTP ok
  return PI_AUTH_SUCCESS;
  }
  else {
- if (DEVELOP_MODE) PrintLn("MultiotpCredential::multiOTP Error, value ", hr);//OTP ok
+ if (DEVELOP_MODE) PrintLn("MultiotpCredential::multiOTP Error, value  %d", hr);//OTP ok
  return PI_AUTH_FAILURE;
  }
 }

CppClientCore/CppClientCore/MultiOTP.h

@@ -2,10 +2,10 @@
  * multiOTP Credential Provider, extends privacyIdea
  *
  * @author Yann Jeanrenaud, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.7.1
- * @date 2023-12-03
+ * @version 5.9.8.0
+ * @date 2024-08-26
  * @since 2021
- * @copyright (c) 2016-2023 SysCo systemes de communication sa
+ * @copyright (c) 2016-2024 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)
  * @copyright (c) 2013-2015 Last Squirrel IT
  * @copyright Apache License, Version 2.0
@@ -39,7 +39,7 @@ class MultiOTP : public PrivacyIDEA {
  // sends the parameters to privacyIDEA and checks the response for
  // 1. Offline otp data, 2. Triggered challenges, 3. Authentication success
  // <returns> PI_AUTH_SUCCESS, PI_TRIGGERED_CHALLENGE, PI_AUTH_FAILURE, PI_AUTH_ERROR, PI_ENDPOINT_SETUP_ERROR, PI_WRONG_OFFLINE_SERVER_UNAVAILABLE </returns>
- HRESULT validateCheck(const std::wstring& username, const std::wstring& domain, const SecureWString& otp, const std::string& transaction_id = std::string());
+ HRESULT validateCheck(const std::wstring& username, const std::wstring& domain, const SecureWString& otp, const std::string& transaction_id, HRESULT& error_code);
  bool MultiOTP::isWithout2FA(const std::wstring& username, const std::wstring& domain);
 
 private:

CppClientCore/CppClientCore/MultiOTPConfiguration.cpp

@@ -1,7 +1,7 @@
 /* * * * * * * * * * * * * * * * * * * * *
 **
 ** Copyright 2019 NetKnights GmbH
-** 2020-2023 SysCo systemes de communication sa
+** 2020-2024 SysCo systemes de communication sa
 ** Author: Nils Behlen
 ** Yann Jeanrenaud, Andre Liechti
 **

CppClientCore/CppClientCore/MultiOTPRegistryReader.cpp

@@ -2,10 +2,10 @@
  * multiOTP Credential Provider, extends privacyIdea RegistryReader
  *
  * @author Yann Jeanrenaud, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.7.1
- * @date 2023-12-03
+ * @version 5.9.8.0
+ * @date 2024-08-26
  * @since 2021
- * @copyright (c) 2016-2023 SysCo systemes de communication sa
+ * @copyright (c) 2016-2024 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)
  * @copyright (c) 2013-2015 Last Squirrel IT
  * @copyright Apache License, Version 2.0

CppClientCore/CppClientCore/MultiOTPRegistryReader.h

@@ -2,10 +2,10 @@
  * multiOTP Credential Provider, extends privacyIdea RegistryReader
  *
  * @author Yann Jeanrenaud, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.7.1
- * @date 2023-12-03
+ * @version 5.9.8.0
+ * @date 2024-08-26
  * @since 2021
- * @copyright (c) 2016-2023 SysCo systemes de communication sa
+ * @copyright (c) 2016-2024 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)
  * @copyright (c) 2013-2015 Last Squirrel IT
  * @copyright Apache License, Version 2.0

CppClientCore/CppClientCore/MultiotpHelpers.cpp

@@ -4,10 +4,10 @@
  * Extra code provided "as is" for the multiOTP open source project
  *
  * @author Andre Liechti, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.7.1
- * @date 2023-12-03
+ * @version 5.9.8.0
+ * @date 2024-08-26
  * @since 2013
- * @copyright (c) 2016-2023 SysCo systemes de communication sa
+ * @copyright (c) 2016-2024 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)
  * @copyright (c) 2013-2015 Last Squirrel IT
  * @copyright (c) 2012 Dominik Pretzsch
@@ -1884,4 +1884,94 @@ void replaceAll(std::wstring& str, const std::wstring& from, const std::wstring&
  str.replace(start_pos, from.length(), to);
  start_pos += to.length(); // In case 'to' contains 'from', like replacing 'x' with 'yx'
  }
+}
+
+std::wstring getErrorMessage(HRESULT code) {
+ PWSTR tempStr = L"";
+
+ std::wstring msg = L"";
+ // Load default message
+ if (readRegistryValueString(CONF_ERROR_MESSAGE, &tempStr, L"") > 1) {
+ msg = tempStr;
+ }
+
+ // Initialization of the array
+ std::wstring texts[100] = { L"" };
+
+ texts[20] = L"User blacklisted";
+ texts[21] = L"User doesn't exist";
+ texts[22] = L"User already exists";
+ texts[23] = L"Invalid algorithm";
+ texts[24] = L"User locked (too many tries)";
+ texts[25] = L"User delayed (too many tries, but still a hope in a few minutes)";
+ texts[26] = L"This token has already been used";
+ texts[27] = L"Resynchronization of the token has failed";
+ texts[28] = L"Unable to write the changes in the file";
+ texts[29] = L"Token doesn't exist";
+
+ texts[30] = L"At least one parameter is missing";
+ texts[31] = L"Tokens definition file doesn't exist";
+ texts[32] = L"Tokens definition file not successfully imported";
+ texts[33] = L"Encryption hash error, encryption key is not matching";
+ texts[34] = L"Linked user doesn't exist";
+ texts[35] = L"User not created";
+ texts[36] = L"Token doesn't exist";
+ texts[37] = L"Token already attributed";
+ texts[38] = L"User is desactivated";
+ texts[39] = L"Requested operation aborted";
+
+ texts[40] = L"SQL query error";
+ texts[41] = L"SQL error";
+ texts[42] = L"They key is not in the table schema";
+ texts[43] = L"SQL entry cannot be updated";
+
+ texts[50] = L"QRcode not created";
+ texts[51] = L"UrlLink not created (no provisionable client for this protocol)";
+ texts[52] = L"HTML info not created";
+ texts[58] = L"File is missing";
+ texts[59] = L"Bad restore configuration password";
+
+ texts[60] = L"No information on where to send SMS code";
+ texts[61] = L"SMS code request received, but an error occurred during transmission";
+ texts[62] = L"SMS provider not supported";
+ texts[63] = L"This SMS code has expired";
+ texts[64] = L"Cannot resent an SMS code right now";
+ texts[65] = L"SMS code request not allowed";
+ texts[66] = L"Email code request not allowed";
+ texts[67] = L"No information on where to send Email code";
+ texts[68] = L"Email code request received, but an error occurred during transmission";
+ texts[69] = L"Failed to send email";
+
+ texts[70] = L"Server authentication error";
+ texts[71] = L"Server request is not correctly formatted";
+ texts[72] = L"Server answer is not correctly formatted";
+ texts[73] = L"Email SMTP server not defined";
+ texts[79] = L"AD/LDAP connection error";
+
+ texts[80] = L"Server cache error";
+ texts[81] = L"Cache too old for this user, account autolocked";
+ texts[82] = L"User not allowed for this device";
+ texts[88] = L"Device is not defined as a HA slave";
+ texts[89] = L"Device is not defined as a HA master";
+
+ texts[91] = L"Authentication failed (without2fa token not authorized here)";
+ texts[92] = L"Authentication failed (bad password)";
+ texts[93] = L"Authentication failed (time based token probably out of sync)";
+ texts[94] = L"API request error";
+ texts[95] = L"API authentication failed";
+ texts[96] = L"Authentication failed (CRC error)";
+ texts[97] = L"Authentication failed (wrong private id)";
+ texts[98] = L"Authentication failed (wrong token length)";
+ texts[99] = L"Authentication failed (and other possible unknown errors)";
+ if (code >= 0 && code < 100) {
+ // Replace %S by multiOTP error message
+ replaceAll(msg, L"%s", texts[code]);
+ replaceAll(msg, L"%S", texts[code]);
+ }
+ else {
+ // Remove %S
+ replaceAll(msg, L"%s", std::to_wstring(code));
+ replaceAll(msg, L"%S", std::to_wstring(code));
+ }
+ return msg;
 }

CppClientCore/CppClientCore/MultiotpHelpers.h

@@ -4,10 +4,10 @@
  * Extra code provided "as is" for the multiOTP open source project
  *
  * @author Andre Liechti, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.7.1
- * @date 2023-12-03
+ * @version 5.9.8.0
+ * @date 2024-08-26
  * @since 2013
- * @copyright (c) 2016-2023 SysCo systemes de communication sa
+ * @copyright (c) 2016-2024 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)
  * @copyright (c) 2013-2015 Last Squirrel IT
  * @copyright (c) 2012 Dominik Pretzsch
@@ -268,4 +268,6 @@ int minutesSinceEpoch();
 HRESULT multiotp_request_command(_In_ std::wstring command, _In_ std::wstring params);
 
 void replaceAll(std::wstring& str, const std::wstring& from, const std::wstring& to);
+
+std::wstring getErrorMessage(HRESULT code);
 #endif