windows: use native error code types more

- curlx_get_winapi_error: accept DWORD (was: int), move casts one level
  up the callstack.

- sspi: bump some types to `SECURITY_STATUS` (int -> LONG).

- digest_sspi: drop unnecessary cast.

Closes #18868

diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c
index 96dc9c83558c9a9af177c9383af8da2e1e728c14..e5227554e5630bd01b5ecc259c31ba0d3fd14d4a 100644 (file)
--- a/lib/curlx/strerr.c
+++ b/lib/curlx/strerr.c
@@ -298,7 +298,7 @@ const char *curlx_strerror(int err, char *buf, size_t buflen)
 #ifdef USE_WINSOCK
       !get_winsock_error(err, buf, buflen) &&
 #endif
-      !curlx_get_winapi_error(err, buf, buflen))
+      !curlx_get_winapi_error((DWORD)err, buf, buflen))
       SNPRINTF(buf, buflen, "Unknown error %d (%#x)", err, err);
   }
 #else /* !_WIN32 */

diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c
index cc008e3087a5ddaf05764183e2bb4c308a09ed8d..6d94733bedea40d974a7eecfb239092b2405fba1 100644 (file)
--- a/lib/curlx/winapi.c
+++ b/lib/curlx/winapi.c
@@ -48,7 +48,7 @@
  * codes (GetLastError) to error messages.
  * Returns NULL if no error message was found for error code.
  */
-const char *curlx_get_winapi_error(int err, char *buf, size_t buflen)
+const char *curlx_get_winapi_error(DWORD err, char *buf, size_t buflen)
 {
   char *p;
   wchar_t wbuf[256];
@@ -64,7 +64,7 @@ const char *curlx_get_winapi_error(int err, char *buf, size_t buflen)
      expect the local codepage (eg fprintf, failf, infof).
      FormatMessageW -> wcstombs is used for Windows CE compatibility. */
   if(FormatMessageW((FORMAT_MESSAGE_FROM_SYSTEM |
-                     FORMAT_MESSAGE_IGNORE_INSERTS), NULL, (DWORD)err,
+                     FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err,
                     LANG_NEUTRAL, wbuf, CURL_ARRAYSIZE(wbuf), NULL)) {
     size_t written = wcstombs(buf, wbuf, buflen - 1);
     if(written != (size_t)-1)
@@ -96,7 +96,7 @@ const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen)
   *buf = '\0';
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
-  if(!curlx_get_winapi_error((int)err, buf, buflen)) {
+  if(!curlx_get_winapi_error(err, buf, buflen)) {
 #if defined(__GNUC__) && __GNUC__ >= 7
 #pragma GCC diagnostic push
 #pragma GCC diagnostic warning "-Wformat-truncation=1"

diff --git a/lib/curlx/winapi.h b/lib/curlx/winapi.h
index 76ddcc53b8bc3edbf7c90563c22a7b16f5df00cd..d30f5efa13c77400ca4e3b181eb77a7a34e31b91 100644 (file)
--- a/lib/curlx/winapi.h
+++ b/lib/curlx/winapi.h
@@ -26,7 +26,7 @@
 
 #ifdef _WIN32
 #define WINAPI_ERROR_LEN 100
-const char *curlx_get_winapi_error(int err, char *buf, size_t buflen);
+const char *curlx_get_winapi_error(DWORD err, char *buf, size_t buflen);
 const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen);
 #endif
 

diff --git a/lib/strerror.c b/lib/strerror.c
index c4545af888248bc9b1f353c1e0829860c35aa4b2..8d22ac9b343b50f7bcf31ff38421a4674a127a5b 100644 (file)
--- a/lib/strerror.c
+++ b/lib/strerror.c
@@ -546,7 +546,7 @@ curl_url_strerror(CURLUcode error)
  * Curl_sspi_strerror:
  * Variant of curlx_strerror if the error code is definitely Windows SSPI.
  */
-const char *Curl_sspi_strerror(int err, char *buf, size_t buflen)
+const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen)
 {
 #ifdef _WIN32
   DWORD old_win_err = GetLastError();
@@ -656,17 +656,17 @@ const char *Curl_sspi_strerror(int err, char *buf, size_t buflen)
 
   if(err == SEC_E_ILLEGAL_MESSAGE) {
     curl_msnprintf(buf, buflen,
-                   "SEC_E_ILLEGAL_MESSAGE (0x%08X) - This error usually "
+                   "SEC_E_ILLEGAL_MESSAGE (0x%08lX) - This error usually "
                    "occurs when a fatal SSL/TLS alert is received (e.g. "
                    "handshake failed). More detail may be available in "
                    "the Windows System event log.", err);
   }
   else {
     char msgbuf[256];
-    if(curlx_get_winapi_error(err, msgbuf, sizeof(msgbuf)))
-      curl_msnprintf(buf, buflen, "%s (0x%08X) - %s", txt, err, msgbuf);
+    if(curlx_get_winapi_error((DWORD)err, msgbuf, sizeof(msgbuf)))
+      curl_msnprintf(buf, buflen, "%s (0x%08lX) - %s", txt, err, msgbuf);
     else
-      curl_msnprintf(buf, buflen, "%s (0x%08X)", txt, err);
+      curl_msnprintf(buf, buflen, "%s (0x%08lX)", txt, err);
   }
 
 #else

diff --git a/lib/strerror.h b/lib/strerror.h
index 2120726c9ff0d50532724ad0e81cd9514a83291e..c52503ed9316878177d1d634551131cb342df877 100644 (file)
--- a/lib/strerror.h
+++ b/lib/strerror.h
@@ -25,7 +25,7 @@
  ***************************************************************************/
 
 #ifdef USE_WINDOWS_SSPI
-const char *Curl_sspi_strerror(int err, char *buf, size_t buflen);
+const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen);
 #endif
 
 #endif /* HEADER_CURL_STRERROR_H */

diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index 2f4b8d4a1dcaf1dcffb23c5214b8aa6b1c3a010d..f231dabc81dfb3a40f5824dcf6f0960ee0732830 100644 (file)
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -473,8 +473,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
     if(status == SEC_E_OK)
       output_token_len = chlg_buf[4].cbBuffer;
     else { /* delete the context so a new one can be made */
-      infof(data, "digest_sspi: MakeSignature failed, error 0x%08lx",
-            (long)status);
+      infof(data, "digest_sspi: MakeSignature failed, error 0x%08lx", status);
       Curl_pSecFn->DeleteSecurityContext(digest->http_context);
       Curl_safefree(digest->http_context);
     }

diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index ae44523d328afa25e4eda187254e814509245165..935468f3a65e3bc940f3ed3f2e49ae8fe0c823ee 100644 (file)
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -127,7 +127,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
 
   if(!nego->output_token) {
     /* Query the security package for Negotiate */
-    nego->status = (DWORD)Curl_pSecFn->QuerySecurityPackageInfo(
+    nego->status = Curl_pSecFn->QuerySecurityPackageInfo(
                                 (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_NEGOTIATE)),
                                 &SecurityPackage);
     if(nego->status != SEC_E_OK) {
@@ -167,8 +167,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       return CURLE_OUT_OF_MEMORY;
 
     /* Acquire our credentials handle */
-    nego->status = (DWORD)
-      Curl_pSecFn->AcquireCredentialsHandle(NULL,
+    nego->status = Curl_pSecFn->AcquireCredentialsHandle(NULL,
                                 (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_NEGOTIATE)),
                                 SECPKG_CRED_OUTBOUND, NULL,
                                 nego->p_identity, NULL, NULL,
@@ -216,11 +215,10 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       SEC_CHANNEL_BINDINGS channelBindings;
       SecPkgContext_Bindings pkgBindings;
       pkgBindings.Bindings = &channelBindings;
-      nego->status = (DWORD)Curl_pSecFn->QueryContextAttributes(
+      nego->status = Curl_pSecFn->QueryContextAttributes(
           nego->sslContext,
           SECPKG_ATTR_ENDPOINT_BINDINGS,
-          &pkgBindings
-      );
+          &pkgBindings);
       if(nego->status == SEC_E_OK) {
         chlg_desc.cBuffers++;
         chlg_buf[1].BufferType = SECBUFFER_CHANNEL_BINDINGS;
@@ -241,14 +239,14 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
 
   /* Generate our challenge-response message */
   nego->status =
-    (DWORD)Curl_pSecFn->InitializeSecurityContext(nego->credentials,
-                                                  chlg ? nego->context : NULL,
-                                                  nego->spn,
-                                                  ISC_REQ_CONFIDENTIALITY,
-                                                  0, SECURITY_NATIVE_DREP,
-                                                  chlg ? &chlg_desc : NULL,
-                                                  0, nego->context,
-                                                  &resp_desc, &attrs, NULL);
+    Curl_pSecFn->InitializeSecurityContext(nego->credentials,
+                                           chlg ? nego->context : NULL,
+                                           nego->spn,
+                                           ISC_REQ_CONFIDENTIALITY,
+                                           0, SECURITY_NATIVE_DREP,
+                                           chlg ? &chlg_desc : NULL,
+                                           0, nego->context,
+                                           &resp_desc, &attrs, NULL);
 
   /* Free the decoded challenge as it is not required anymore */
   free(chlg);
@@ -256,9 +254,9 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
   if(GSS_ERROR(nego->status)) {
     char buffer[STRERROR_LEN];
     failf(data, "InitializeSecurityContext failed: %s",
-          Curl_sspi_strerror((int)nego->status, buffer, sizeof(buffer)));
+          Curl_sspi_strerror(nego->status, buffer, sizeof(buffer)));
 
-    if(nego->status == (DWORD)SEC_E_INSUFFICIENT_MEMORY)
+    if(nego->status == SEC_E_INSUFFICIENT_MEMORY)
       return CURLE_OUT_OF_MEMORY;
 
     return CURLE_AUTH_ERROR;
@@ -266,14 +264,13 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
 
   if(nego->status == SEC_I_COMPLETE_NEEDED ||
      nego->status == SEC_I_COMPLETE_AND_CONTINUE) {
-    nego->status = (DWORD)Curl_pSecFn->CompleteAuthToken(nego->context,
-                                                         &resp_desc);
+    nego->status = Curl_pSecFn->CompleteAuthToken(nego->context, &resp_desc);
     if(GSS_ERROR(nego->status)) {
       char buffer[STRERROR_LEN];
       failf(data, "CompleteAuthToken failed: %s",
-            Curl_sspi_strerror((int)nego->status, buffer, sizeof(buffer)));
+            Curl_sspi_strerror(nego->status, buffer, sizeof(buffer)));
 
-      if(nego->status == (DWORD)SEC_E_INSUFFICIENT_MEMORY)
+      if(nego->status == SEC_E_INSUFFICIENT_MEMORY)
         return CURLE_OUT_OF_MEMORY;
 
       return CURLE_AUTH_ERROR;

diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h
index d9e73a0ed12f6608e8e97f686b0eed083ea238df..57fd27a6a7f350e5fe681c7c64391b32588888d0 100644 (file)
--- a/lib/vauth/vauth.h
+++ b/lib/vauth/vauth.h
@@ -317,7 +317,7 @@ struct negotiatedata {
 #ifdef SECPKG_ATTR_ENDPOINT_BINDINGS
   CtxtHandle *sslContext;
 #endif
-  DWORD status;
+  SECURITY_STATUS status;
   CredHandle *credentials;
   CtxtHandle *context;
   SEC_WINNT_AUTH_IDENTITY identity;