Even more status reporting for SSPI functions.

These functions have not been problematic, but it makes it more consistent with the rest of the file. Also, the log output of the underlying SECURITY_STATUS codes are output in hex. BUG=53850 TEST=None Review URL: http://codereview.chromium.org/3319011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@60576 0039d316-1c4b-4281-b951-d872f2087c98
author: cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-09-25 11:15:21 +0000
committer: cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-09-25 11:15:21 +0000
commit: b3909d5383516d114432751463f39eb639cb1cfa (patch)
tree: 30e7b6608c1e1960c2ef4fa8c4d90cf0261b8b58 /net
parent: 0ad181595fbf5a13aad9584501c644004c8a2284 (diff)
download: chromium_src-b3909d5383516d114432751463f39eb639cb1cfa.zip
chromium_src-b3909d5383516d114432751463f39eb639cb1cfa.tar.gz
chromium_src-b3909d5383516d114432751463f39eb639cb1cfa.tar.bz2
1 files changed, 89 insertions, 71 deletions
diff --git a/net/http/http_auth_sspi_win.cc b/net/http/http_auth_sspi_win.cc
index 03742e4..276eea4 100644
--- a/net/http/http_auth_sspi_win.cc
+++ b/net/http/http_auth_sspi_win.cc
@@ -21,14 +21,13 @@ namespace {
 
 int MapAcquireCredentialsStatusToError(SECURITY_STATUS status,
                                        const SEC_WCHAR* package) {
-  LOG(INFO) << "AcquireCredentialsHandle returned " << status;
+  LOG(INFO) << "AcquireCredentialsHandle returned 0x" << std::hex << status;
   switch (status) {
     case SEC_E_OK:
       return OK;
     case SEC_E_INSUFFICIENT_MEMORY:
       return ERR_OUT_OF_MEMORY;
     case SEC_E_INTERNAL_ERROR:
-      LOG(ERROR) << "Unexpected SECURITY_STATUS " << status;
       return ERR_UNEXPECTED_SECURITY_LIBRARY_STATUS;
     case SEC_E_NO_CREDENTIALS:
     case SEC_E_NOT_OWNER:
@@ -36,10 +35,11 @@ int MapAcquireCredentialsStatusToError(SECURITY_STATUS status,
       return ERR_INVALID_AUTH_CREDENTIALS;
     case SEC_E_SECPKG_NOT_FOUND:
       // This indicates that the SSPI configuration does not match expectations
-      LOG(ERROR) << "Received SEC_E_SECPKG_NOT_FOUND for " << package;
       return ERR_UNSUPPORTED_AUTH_SCHEME;
     default:
-      LOG(ERROR) << "Undocumented SECURITY_STATUS " << status;
+      LOG(WARNING)
+          << "AcquireSecurityCredentials returned undocumented status 0x"
+          << std::hex << status;
       return ERR_UNDOCUMENTED_SECURITY_LIBRARY_STATUS;
   }
 }
@@ -101,6 +101,85 @@ int AcquireDefaultCredentials(SSPILibrary* library, const SEC_WCHAR* package,
   return MapAcquireCredentialsStatusToError(status, package);
 }
 
+int MapInitializeSecurityContextStatusToError(SECURITY_STATUS status) {
+  LOG(INFO) << "InitializeSecurityContext returned 0x" << std::hex << status;
+  switch (status) {
+    case SEC_E_OK:
+    case SEC_I_CONTINUE_NEEDED:
+      return OK;
+    case SEC_I_COMPLETE_AND_CONTINUE:
+    case SEC_I_COMPLETE_NEEDED:
+    case SEC_I_INCOMPLETE_CREDENTIALS:
+    case SEC_E_INCOMPLETE_MESSAGE:
+    case SEC_E_INTERNAL_ERROR:
+      // These are return codes reported by InitializeSecurityContext
+      // but not expected by Chrome (for example, INCOMPLETE_CREDENTIALS
+      // and INCOMPLETE_MESSAGE are intended for schannel).
+      LOG(WARNING)
+          << "InitializeSecurityContext returned unexpected status 0x"
+          << std::hex << status;
+      return ERR_UNEXPECTED_SECURITY_LIBRARY_STATUS;
+    case SEC_E_INSUFFICIENT_MEMORY:
+      return ERR_OUT_OF_MEMORY;
+    case SEC_E_UNSUPPORTED_FUNCTION:
+      NOTREACHED();
+      return ERR_UNEXPECTED;
+    case SEC_E_INVALID_HANDLE:
+      NOTREACHED();
+      return ERR_INVALID_HANDLE;
+    case SEC_E_INVALID_TOKEN:
+      return ERR_INVALID_RESPONSE;
+    case SEC_E_LOGON_DENIED:
+      return ERR_ACCESS_DENIED;
+    case SEC_E_NO_CREDENTIALS:
+    case SEC_E_WRONG_PRINCIPAL:
+      return ERR_INVALID_AUTH_CREDENTIALS;
+    case SEC_E_NO_AUTHENTICATING_AUTHORITY:
+    case SEC_E_TARGET_UNKNOWN:
+      return ERR_MISCONFIGURED_AUTH_ENVIRONMENT;
+    default:
+      LOG(WARNING)
+          << "InitializeSecurityContext returned undocumented status 0x"
+          << std::hex << status;
+      return ERR_UNDOCUMENTED_SECURITY_LIBRARY_STATUS;
+  }
+}
+
+int MapQuerySecurityPackageInfoStatusToError(SECURITY_STATUS status) {
+  LOG(INFO) << "QuerySecurityPackageInfo returned 0x" << std::hex << status;
+  switch (status) {
+    case SEC_E_OK:
+      return OK;
+    case SEC_E_SECPKG_NOT_FOUND:
+      // This isn't a documented return code, but has been encountered
+      // during testing.
+      return ERR_UNSUPPORTED_AUTH_SCHEME;
+    default:
+      LOG(WARNING)
+          << "QuerySecurityPackageInfo returned undocumented status 0x"
+          << std::hex << status;
+      return ERR_UNDOCUMENTED_SECURITY_LIBRARY_STATUS;
+  }
+}
+
+int MapFreeContextBufferStatusToError(SECURITY_STATUS status) {
+  LOG(INFO) << "FreeContextBuffer returned 0x" << std::hex << status;
+  switch (status) {
+    case SEC_E_OK:
+      return OK;
+    default:
+      // The documentation at
+      // http://msdn.microsoft.com/en-us/library/aa375416(VS.85).aspx
+      // only mentions that a non-zero (or non-SEC_E_OK) value is returned
+      // if the function fails, and does not indicate what the failure
+      // conditions are.
+      LOG(WARNING)
+          << "FreeContextBuffer returned undocumented status 0x"
+          << std::hex << status;
+      return ERR_UNDOCUMENTED_SECURITY_LIBRARY_STATUS;
+  }
+}
+
 }  // anonymous namespace
 
 HttpAuthSSPI::HttpAuthSSPI(SSPILibrary* library,
@@ -233,50 +312,6 @@ int HttpAuthSSPI::OnFirstRound(const string16* username,
   return rv;
 }
 
-namespace {
-
-int MapInitializeSecurityContextStatusToError(SECURITY_STATUS status) {
-  LOG(INFO) << "InitializeSecurityContext returned " << status;
-  switch (status) {
-    case SEC_E_OK:
-    case SEC_I_CONTINUE_NEEDED:
-      return OK;
-    case SEC_I_COMPLETE_AND_CONTINUE:
-    case SEC_I_COMPLETE_NEEDED:
-    case SEC_I_INCOMPLETE_CREDENTIALS:
-    case SEC_E_INCOMPLETE_MESSAGE:
-    case SEC_E_INTERNAL_ERROR:
-      // These are return codes reported by InitializeSecurityContext
-      // but not expected by Chrome (for example, INCOMPLETE_CREDENTIALS
-      // and INCOMPLETE_MESSAGE are intended for schannel).
-      LOG(ERROR) << "Unexpected SECURITY_STATUS " << status;
-      return ERR_UNEXPECTED_SECURITY_LIBRARY_STATUS;
-    case SEC_E_INSUFFICIENT_MEMORY:
-      return ERR_OUT_OF_MEMORY;
-    case SEC_E_UNSUPPORTED_FUNCTION:
-      NOTREACHED();
-      return ERR_UNEXPECTED;
-    case SEC_E_INVALID_HANDLE:
-      NOTREACHED();
-      return ERR_INVALID_HANDLE;
-    case SEC_E_INVALID_TOKEN:
-      return ERR_INVALID_RESPONSE;
-    case SEC_E_LOGON_DENIED:
-      return ERR_ACCESS_DENIED;
-    case SEC_E_NO_CREDENTIALS:
-    case SEC_E_WRONG_PRINCIPAL:
-      return ERR_INVALID_AUTH_CREDENTIALS;
-    case SEC_E_NO_AUTHENTICATING_AUTHORITY:
-    case SEC_E_TARGET_UNKNOWN:
-      return ERR_MISCONFIGURED_AUTH_ENVIRONMENT;
-    default:
-      LOG(ERROR) << "Undocumented SECURITY_STATUS " << status;
-      return ERR_UNDOCUMENTED_SECURITY_LIBRARY_STATUS;
-  }
-}
-
-}
-
 int HttpAuthSSPI::GetNextSecurityToken(
     const std::wstring& spn,
     const void* in_token,
@@ -380,31 +415,14 @@ int DetermineMaxTokenLength(SSPILibrary* library,
   PSecPkgInfo pkg_info = NULL;
   SECURITY_STATUS status = library->QuerySecurityPackageInfo(
       const_cast<wchar_t *>(package.c_str()), &pkg_info);
-  if (status != SEC_E_OK) {
-    // The documentation at
-    // http://msdn.microsoft.com/en-us/library/aa379359(VS.85).aspx
-    // only mentions that a non-zero (or non-SEC_E_OK) value is returned
-    // if the function fails. In practice, it appears to return
-    // SEC_E_SECPKG_NOT_FOUND for invalid/unknown packages.
-    LOG(ERROR) << "Security package " << package << " not found."
-               << " Status code: " << status;
-    if (status == SEC_E_SECPKG_NOT_FOUND)
-      return ERR_UNSUPPORTED_AUTH_SCHEME;
-    else
-      return ERR_UNEXPECTED;
-  }
+  int rv = MapQuerySecurityPackageInfoStatusToError(status);
+  if (rv != OK)
+    return rv;
   int token_length = pkg_info->cbMaxToken;
   status = library->FreeContextBuffer(pkg_info);
-  if (status != SEC_E_OK) {
-    // The documentation at
-    // http://msdn.microsoft.com/en-us/library/aa375416(VS.85).aspx
-    // only mentions that a non-zero (or non-SEC_E_OK) value is returned
-    // if the function fails, and does not indicate what the failure conditions
-    // are.
-    LOG(ERROR) << "Unexpected problem freeing context buffer. Status code: "
-               << status;
-    return ERR_UNEXPECTED;
-  }
+  rv = MapFreeContextBufferStatusToError(status);
+  if (rv != OK)
+    return rv;
   *max_token_length = token_length;
   return OK;
 }
author	cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-09-25 11:15:21 +0000
committer	cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-09-25 11:15:21 +0000
commit	b3909d5383516d114432751463f39eb639cb1cfa (patch)
tree	30e7b6608c1e1960c2ef4fa8c4d90cf0261b8b58 /net
parent	0ad181595fbf5a13aad9584501c644004c8a2284 (diff)
download	chromium_src-b3909d5383516d114432751463f39eb639cb1cfa.zip chromium_src-b3909d5383516d114432751463f39eb639cb1cfa.tar.gz chromium_src-b3909d5383516d114432751463f39eb639cb1cfa.tar.bz2