From: Steve Holme Date: Sun, 17 Aug 2014 21:36:22 +0000 (+0100) Subject: sasl_sspi: Corrected some of the GSSAPI security message error codes X-Git-Tag: curl-7_38_0~81 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f6e15d25a38d285932016486a33a44515faa6ebc;p=thirdparty%2Fcurl.git sasl_sspi: Corrected some of the GSSAPI security message error codes Corrected a number of the error codes that can be returned from the Curl_sasl_create_gssapi_security_message() function when things go wrong. It makes more sense to return CURLE_BAD_CONTENT_ENCODING when the inbound security challenge can't be decoded correctly or doesn't contain the KERB_WRAP_NO_ENCRYPT flag and CURLE_OUT_OF_MEMORY when EncryptMessage() fails. Unfortunately the previous error code of CURLE_RECV_ERROR was a copy and paste mistakes on my part and should have been correct in commit 4b491c675f :( --- diff --git a/lib/curl_sasl_sspi.c b/lib/curl_sasl_sspi.c index 95f5d90aa3..e1c8a57dc9 100644 --- a/lib/curl_sasl_sspi.c +++ b/lib/curl_sasl_sspi.c @@ -528,14 +528,14 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, if(status != SEC_E_OK) { Curl_safefree(chlg); - return CURLE_RECV_ERROR; + return CURLE_BAD_CONTENT_ENCODING; } /* Not 4 octets long to fail as per RFC4752 Section 3.1 */ if(input_buf[1].cbBuffer != 4) { Curl_safefree(chlg); - return CURLE_RECV_ERROR; + return CURLE_BAD_CONTENT_ENCODING; } /* Copy the data out into a coinput_bufnvenient variable and free the SSPI @@ -548,7 +548,7 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, if(!(sec_layer & KERB_WRAP_NO_ENCRYPT)) { Curl_safefree(chlg); - return CURLE_RECV_ERROR; + return CURLE_BAD_CONTENT_ENCODING; } /* Extract the maximum message size the server can receive */ @@ -621,7 +621,7 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, Curl_safefree(trailer); Curl_safefree(chlg); - return CURLE_RECV_ERROR; + return CURLE_OUT_OF_MEMORY; } /* Allocate the encryption (wrap) buffer */