libfreerdp-core: cleanup connect error codes, fix Win32 NLA

2015-02-17 21:01:27 -05:00 · 2015-02-17 21:01:27 -05:00 · 0e57706de5
commit 0e57706de5
parent ccf144e10f
8 changed files with 69 additions and 65 deletions
--- a/libfreerdp/core/connection.c
+++ b/libfreerdp/core/connection.c
@ -268,9 +268,7 @@ BOOL rdp_client_connect(rdpRdp* rdp)
 	if (!nego_connect(rdp->nego))
 	{
 		if (!freerdp_get_last_error(rdp->context))
-		{
 			freerdp_set_last_error(rdp->context, FREERDP_ERROR_SECURITY_NEGO_CONNECT_FAILED);
-		}

 		WLog_ERR(TAG, "Error: protocol security negotiation or connection failure");
 		return FALSE;
@ -300,9 +298,7 @@ BOOL rdp_client_connect(rdpRdp* rdp)
 		if (rdp_check_fds(rdp) < 0)
 		{
 			if (!freerdp_get_last_error(rdp->context))
-			{
 				freerdp_set_last_error(rdp->context, FREERDP_ERROR_CONNECT_TRANSPORT_FAILED);
-			}

 			return FALSE;
 		}
--- a/libfreerdp/core/freerdp.c
+++ b/libfreerdp/core/freerdp.c
@ -84,17 +84,10 @@ BOOL freerdp_connect(freerdp* instance)

 	if (!status)
 	{
-		if (!connectErrorCode)
-		{
-			connectErrorCode = PREECONNECTERROR;
-		}
-
 		if (!freerdp_get_last_error(rdp->context))
-		{
 			freerdp_set_last_error(instance->context, FREERDP_ERROR_PRE_CONNECT_FAILED);
-		}

-		WLog_ERR(TAG,  "freerdp_pre_connect failed");
+		WLog_ERR(TAG, "freerdp_pre_connect failed");
 		goto freerdp_connect_finally;
 	}

@ -103,7 +96,7 @@ BOOL freerdp_connect(freerdp* instance)
 	/* --authonly tests the connection without a UI */
 	if (instance->settings->AuthenticationOnly)
 	{
-		WLog_ERR(TAG,  "Authentication only, exit status %d", !status);
+		WLog_ERR(TAG, "Authentication only, exit status %d", !status);
 		goto freerdp_connect_finally;
 	}

@ -122,17 +115,10 @@ BOOL freerdp_connect(freerdp* instance)

 		if (!status)
 		{
-			WLog_ERR(TAG,  "freerdp_post_connect failed");
-
-			if (!connectErrorCode)
-			{
-				connectErrorCode = POSTCONNECTERROR;
-			}
+			WLog_ERR(TAG, "freerdp_post_connect failed");

 			if (!freerdp_get_last_error(rdp->context))
-			{
 				freerdp_set_last_error(instance->context, FREERDP_ERROR_POST_CONNECT_FAILED);
-			}

 			goto freerdp_connect_finally;
 		}
@ -183,10 +169,7 @@ BOOL freerdp_connect(freerdp* instance)
 	}

 	if (rdp->errorInfo == ERRINFO_SERVER_INSUFFICIENT_PRIVILEGES)
-	{
-		connectErrorCode = INSUFFICIENTPRIVILEGESERROR;
 		freerdp_set_last_error(instance->context, FREERDP_ERROR_INSUFFICIENT_PRIVILEGES);
-	}

 	SetEvent(rdp->transport->connectedEvent);
 freerdp_connect_finally:
@ -531,9 +514,64 @@ UINT32 freerdp_get_last_error(rdpContext* context)
 void freerdp_set_last_error(rdpContext* context, UINT32 lastError)
 {
 	if (lastError)
-		WLog_ERR(TAG,  "freerdp_set_last_error 0x%04X", lastError);
+		WLog_ERR(TAG, "freerdp_set_last_error 0x%04X", lastError);

 	context->LastError = lastError;
+
+	switch (lastError)
+	{
+		case FREERDP_ERROR_PRE_CONNECT_FAILED:
+			connectErrorCode = PREECONNECTERROR;
+			break;
+
+		case FREERDP_ERROR_CONNECT_UNDEFINED:
+			connectErrorCode = UNDEFINEDCONNECTERROR;
+			break;
+
+		case FREERDP_ERROR_POST_CONNECT_FAILED:
+			connectErrorCode = POSTCONNECTERROR;
+			break;
+
+		case FREERDP_ERROR_DNS_ERROR:
+			connectErrorCode = DNSERROR;
+			break;
+
+		case FREERDP_ERROR_DNS_NAME_NOT_FOUND:
+			connectErrorCode = DNSNAMENOTFOUND;
+			break;
+
+		case FREERDP_ERROR_CONNECT_FAILED:
+			connectErrorCode = CONNECTERROR;
+			break;
+
+		case FREERDP_ERROR_MCS_CONNECT_INITIAL_ERROR:
+			connectErrorCode = MCSCONNECTINITIALERROR;
+			break;
+
+		case FREERDP_ERROR_TLS_CONNECT_FAILED:
+			connectErrorCode = TLSCONNECTERROR;
+			break;
+
+		case FREERDP_ERROR_AUTHENTICATION_FAILED:
+			connectErrorCode = AUTHENTICATIONERROR;
+			break;
+
+		case FREERDP_ERROR_INSUFFICIENT_PRIVILEGES:
+			connectErrorCode = INSUFFICIENTPRIVILEGESERROR;
+			break;
+
+		case FREERDP_ERROR_CONNECT_CANCELLED:
+			connectErrorCode = CANCELEDBYUSER;
+			break;
+
+		case FREERDP_ERROR_SECURITY_NEGO_CONNECT_FAILED:
+			connectErrorCode = CONNECTERROR;
+			break;
+
+		case FREERDP_ERROR_CONNECT_TRANSPORT_FAILED:
+			connectErrorCode = CONNECTERROR;
+			break;
+	}
 }

 /** Allocator function for the rdp_freerdp structure.
--- a/libfreerdp/core/gateway/ncacn_http.c
+++ b/libfreerdp/core/gateway/ncacn_http.c
@ -132,7 +132,6 @@ int rpc_ncacn_http_ntlm_init(rdpRpc* rpc, RpcChannel* channel)

 			if (!proceed)
 			{
-				connectErrorCode = CANCELEDBYUSER;
 				freerdp_set_last_error(context, FREERDP_ERROR_CONNECT_CANCELLED);
 				return 0;
 			}
--- a/libfreerdp/core/gateway/rpc_bind.c
+++ b/libfreerdp/core/gateway/rpc_bind.c
@ -143,7 +143,6 @@ int rpc_send_bind_pdu(rdpRpc* rpc)

 			if (!proceed)
 			{
-				connectErrorCode = CANCELEDBYUSER;
 				freerdp_set_last_error(instance->context, FREERDP_ERROR_CONNECT_CANCELLED);
 				return 0;
 			}
--- a/libfreerdp/core/gateway/rpc_client.c
+++ b/libfreerdp/core/gateway/rpc_client.c
@ -525,13 +525,8 @@ int rpc_client_out_channel_recv(rdpRpc* rpc)

 			if (response->StatusCode == HTTP_STATUS_DENIED)
 			{
-				if (!connectErrorCode)
-					connectErrorCode = AUTHENTICATIONERROR;
-
 				if (!freerdp_get_last_error(rpc->context))
-				{
 					freerdp_set_last_error(rpc->context, FREERDP_ERROR_AUTHENTICATION_FAILED);
-				}
 			}

 			return -1;
--- a/libfreerdp/core/mcs.c
+++ b/libfreerdp/core/mcs.c
@ -1056,15 +1056,8 @@ BOOL mcs_client_begin(rdpMcs* mcs)

 	if (!mcs_send_connect_initial(mcs))
 	{
-		if (!connectErrorCode)
-		{
-			connectErrorCode = MCSCONNECTINITIALERROR;
-		}
-
 		if (!freerdp_get_last_error(context))
-		{
 			freerdp_set_last_error(context, FREERDP_ERROR_MCS_CONNECT_INITIAL_ERROR);
-		}

 		WLog_ERR(TAG, "Error: unable to send MCS Connect Initial");
 		return FALSE;
--- a/libfreerdp/core/nla.c
+++ b/libfreerdp/core/nla.c
@ -109,13 +109,10 @@ int nla_client_init(rdpNla* nla)
 {
 	char* spn;
 	int length;
-	BOOL PromptPassword;
 	rdpTls* tls = NULL;
-	freerdp* instance;
-	rdpSettings* settings;
-	PromptPassword = FALSE;
-	settings = nla->settings;
-	instance = (freerdp*) settings->instance;
+	BOOL PromptPassword = FALSE;
+	freerdp* instance = nla->instance;
+	rdpSettings* settings = nla->settings;

 	nla->state = NLA_STATE_INITIAL;

@ -129,7 +126,6 @@ int nla_client_init(rdpNla* nla)
 	}

 #ifndef _WIN32
-
 	if (PromptPassword)
 	{
 		if (settings->RestrictedAdminModeRequired)
@ -138,7 +134,6 @@ int nla_client_init(rdpNla* nla)
 				PromptPassword = FALSE;
 		}
 	}
-
 #endif

 	if (PromptPassword)
@ -150,7 +145,6 @@ int nla_client_init(rdpNla* nla)

 			if (!proceed)
 			{
-				connectErrorCode = CANCELEDBYUSER;
 				freerdp_set_last_error(instance->context, FREERDP_ERROR_CONNECT_CANCELLED);
 				return 0;
 			}
@ -158,6 +152,7 @@ int nla_client_init(rdpNla* nla)
 	}

 	sspi_SetAuthIdentity(&(nla->identity), settings->Username, settings->Domain, settings->Password);
+
 #ifndef _WIN32
 	{
 		SEC_WINNT_AUTH_IDENTITY* identity = &(nla->identity);
@ -184,9 +179,6 @@ int nla_client_init(rdpNla* nla)
 	}
 #endif

-	WLog_DBG(TAG, "User: %s Domain: %s Password: %s",
-			 (char*) nla->identity.User, (char*) nla->identity.Domain, (char*) nla->identity.Password);
-
 	tls = nla->transport->tls;

 	if (!tls)
@ -205,15 +197,16 @@ int nla_client_init(rdpNla* nla)
 		return -1;

 	sprintf(spn, "%s%s", TERMSRV_SPN_PREFIX, settings->ServerHostname);
+
 #ifdef UNICODE
-	nla->ServicePrincipalName = (LPTSTR) malloc(length * 2 + 2);
-	MultiByteToWideChar(CP_UTF8, 0, spn, length, (LPWSTR) nla->ServicePrincipalName, length);
+	nla->ServicePrincipalName = NULL;
+	ConvertToUnicode(CP_UTF8, 0, spn, -1, &nla->ServicePrincipalName, 0);
 	free(spn);
 #else
 	nla->ServicePrincipalName = spn;
 #endif

-	nla->table = InitSecurityInterfaceEx(0);
+	nla->table = InitSecurityInterfaceEx(SSPI_INTERFACE_WINPR);
 	nla->status = nla->table->QuerySecurityPackageInfo(NLA_PKG_NAME, &nla->pPackageInfo);

 	if (nla->status != SEC_E_OK)
@ -771,9 +764,9 @@ SECURITY_STATUS nla_decrypt_public_key_echo(rdpNla* nla)
 	SecBufferDesc Message;
 	SECURITY_STATUS status;

-	if (nla->PublicKey.cbBuffer + nla->ContextSizes.cbMaxSignature != nla->pubKeyAuth.cbBuffer)
+	if ((nla->PublicKey.cbBuffer + nla->ContextSizes.cbMaxSignature) != nla->pubKeyAuth.cbBuffer)
 	{
-		WLog_ERR(TAG, "unexpected pubKeyAuth buffer size:%d", (int) nla->pubKeyAuth.cbBuffer);
+		WLog_ERR(TAG, "unexpected pubKeyAuth buffer size: %d", (int) nla->pubKeyAuth.cbBuffer);
 		return SEC_E_INVALID_TOKEN;
 	}

--- a/libfreerdp/core/transport.c
+++ b/libfreerdp/core/transport.c
@ -130,9 +130,6 @@ BOOL transport_connect_tls(rdpTransport* transport)
 	{
 		if (tlsStatus < 0)
 		{
-			if (!connectErrorCode)
-				connectErrorCode = TLSCONNECTERROR;
-
 			if (!freerdp_get_last_error(context))
 				freerdp_set_last_error(context, FREERDP_ERROR_TLS_CONNECT_FAILED);
 		}
@ -187,15 +184,9 @@ BOOL transport_connect_nla(rdpTransport* transport)

 	if (nla_client_begin(rdp->nla) < 0)
 	{
-		if (!connectErrorCode)
-			connectErrorCode = AUTHENTICATIONERROR;
-
 		if (!freerdp_get_last_error(context))
 			freerdp_set_last_error(context, FREERDP_ERROR_AUTHENTICATION_FAILED);

-		WLog_ERR(TAG, "Authentication failure, check credentials."
-				 "If credentials are valid, the NTLMSSP implementation may be to blame.");
-
 		transport_set_nla_mode(transport, FALSE);

 		return FALSE;