diff options
Diffstat (limited to 'lib/http_negotiate_sspi.c')
-rw-r--r-- | lib/http_negotiate_sspi.c | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/lib/http_negotiate_sspi.c b/lib/http_negotiate_sspi.c index 99e8f3899..7afd60957 100644 --- a/lib/http_negotiate_sspi.c +++ b/lib/http_negotiate_sspi.c @@ -42,10 +42,8 @@ /* The last #include file should be: */ #include "memdebug.h" -/* returning zero (0) means success, everything else is treated as "failure" - with no care exactly what the failure was */ -int Curl_input_negotiate(struct connectdata *conn, bool proxy, - const char *header) +CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, + const char *header) { BYTE *input_token = NULL; SecBufferDesc out_buff_desc; @@ -88,20 +86,20 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, * rejected it (since we're again here). Exit with an error since we * can't invent anything better */ Curl_cleanup_negotiate(conn->data); - return -1; + return CURLE_LOGIN_DENIED; } if(!neg_ctx->server_name) { /* Check proxy auth requested but no given proxy name */ if(proxy && !conn->proxy.name) - return -1; + return CURLE_BAD_FUNCTION_ARGUMENT; /* Generate our SPN */ neg_ctx->server_name = Curl_sasl_build_spn("HTTP", proxy ? conn->proxy.name : conn->host.name); if(!neg_ctx->server_name) - return -1; + return CURLE_OUT_OF_MEMORY; } if(!neg_ctx->output_token) { @@ -110,7 +108,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, TEXT(SP_NAME_NEGOTIATE), &SecurityPackage); if(status != SEC_E_OK) - return -1; + return CURLE_NOT_BUILT_IN; /* Allocate input and output buffers according to the max token size as indicated by the security package */ @@ -130,7 +128,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, if(neg_ctx->context) { /* The server rejected our authentication and hasn't suppled any more negotiation mechanisms */ - return -1; + return CURLE_LOGIN_DENIED; } /* We have to acquire credentials and allocate memory for the context */ @@ -138,13 +136,13 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, neg_ctx->context = malloc(sizeof(CtxtHandle)); if(!neg_ctx->credentials || !neg_ctx->context) - return -1; + return CURLE_OUT_OF_MEMORY; if(userp && *userp) { /* Populate our identity structure */ result = Curl_create_sspi_identity(userp, passwdp, &neg_ctx->identity); if(result) - return -1; + return result; /* Allow proper cleanup of the identity structure */ neg_ctx->p_identity = &neg_ctx->identity; @@ -161,14 +159,17 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, neg_ctx->p_identity, NULL, NULL, neg_ctx->credentials, &expiry); if(neg_ctx->status != SEC_E_OK) - return -1; + return CURLE_LOGIN_DENIED; } else { result = Curl_base64_decode(header, (unsigned char **)&input_token, &input_token_len); - if(result || !input_token_len) - return -1; + if(result) + return result; + + if(!input_token_len) + return CURLE_BAD_CONTENT_ENCODING; } /* Setup the "output" security buffer */ @@ -207,22 +208,21 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, Curl_safefree(input_token); if(GSS_ERROR(neg_ctx->status)) - return -1; + return CURLE_OUT_OF_MEMORY; if(neg_ctx->status == SEC_I_COMPLETE_NEEDED || neg_ctx->status == SEC_I_COMPLETE_AND_CONTINUE) { neg_ctx->status = s_pSecFn->CompleteAuthToken(neg_ctx->context, &out_buff_desc); if(GSS_ERROR(neg_ctx->status)) - return -1; + return CURLE_RECV_ERROR; } neg_ctx->output_token_length = out_sec_buff.cbBuffer; - return 0; + return CURLE_OK; } - CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) { struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg: |