---------------------
PatchSet 1497 
Date: 2001/02/06 10:49:41
Author: kinkie
Branch: ntlm
Tag: (none) 
Log:
Improved error handling A LOT.

Members: 
	src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c:1.1.4.5->1.1.4.6 

Index: squid/src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c
===================================================================
RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/helpers/NTLMSSP/Attic/ntlm_auth.c,v
retrieving revision 1.1.4.5
retrieving revision 1.1.4.6
diff -u -r1.1.4.5 -r1.1.4.6
--- squid/src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c	30 Jan 2001 21:25:44 -0000	1.1.4.5
+++ squid/src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c	6 Feb 2001 10:49:41 -0000	1.1.4.6
@@ -19,11 +19,18 @@
 #include "ntlmauth.h"
 #include "ntlm.h"
 #include "util.h"
+#include "smbval/smblib-common.h"
+#include "smbval/rfcnb-error.h"
 
 /* these are part of rfcnb-priv.h and smblib-priv.h */
 extern int SMB_Get_Error_Msg (int msg, char *msgbuf, int len);
 extern int SMB_Get_Last_Error ();
 extern int SMB_Get_Last_SMB_Err();
+extern int RFCNB_Get_Last_Error();
+
+#ifdef DEBUG
+#include <errno.h>
+#endif
 
 
 #define BUFFER_SIZE 10240
@@ -263,9 +270,14 @@
   const char *ch;
   char *ch2, *decoded, *cred;
   int plen;
-
-  if (fgets (buf, BUFFER_SIZE, stdin) == NULL)
-    exit (0);			/* BIIG buffer */
+			
+  if (fgets (buf, BUFFER_SIZE, stdin) == NULL) {
+	fprintf(stderr,"fgets() failed! dying..... errno=%d (%s)\n",errno,
+					strerror(errno));
+	abort();
+    exit (1);			/* BIIG buffer */
+  }
+		debug ("managing request\n");
   ch2 = memchr (buf, '\n', BUFFER_SIZE);	/* safer against overrun than strchr */
   if (ch2)
     {
@@ -310,6 +322,7 @@
 	  /* check against the DC */
 	  plen = strlen (buf) * 3 / 4;	/* we only need it here. Optimization */
 	  cred = ntlm_check_auth ((ntlm_authenticate *) decoded, plen);
+#ifdef OLDCRUFT
 	  if (cred == NULL)
 	    {
 				int errorclass, errorcode;
@@ -320,6 +333,10 @@
 							"Code=%d\n",
 							SMB_Get_Last_SMB_Err(), error_messages_buffer,
 							SMB_Get_Last_SMB_Err() & 0xff, SMB_Get_Last_SMB_Err() >>16);
+				RFCNB_Get_Error_Msg(RFCNB_Get_Last_Error(),error_messages_buffer,
+														BUFFER_SIZE);
+				debug("RFCNB error status: code=%d (%s)\n",
+							RFCNB_Get_Last_Error(),error_messages_buffer);
 #endif
 				/* This is kind of a special case, which happens when the
 					 client sends credentials in a domain which is not trusted
@@ -389,6 +406,84 @@
 		  return;
 		}
 	    }
+#else	 /* OLDCRUFT */
+		if (cred==NULL) {
+			int smblib_err, smb_errorclass, smb_errorcode, nb_error;
+			/* there was an error. We have two errno's to look at.
+			 * libntlmssp's erno is insufficient, we'll have to look at
+			 * the actual SMB library error codes, to acually figure
+			 * out what's happening. The thing has braindamaged interfacess..*/
+			smblib_err=SMB_Get_Last_Error();
+			smb_errorclass=SMBlib_Error_Class(SMB_Get_Last_SMB_Err());
+			smb_errorcode=SMBlib_Error_Code(SMB_Get_Last_SMB_Err());
+			nb_error=RFCNB_Get_Last_Error();
+			debug("No creds. SMBlib error %d, SMB error class %d, "
+						"SMB error code %d, NB error %d\n",
+						smblib_err, smb_errorclass, smb_errorcode, nb_error);
+			/* Should I use smblib_err? Actually it seems I can do as well
+			 * without it.. */
+			if (nb_error!=0) {				/* netbios-level error */
+				send_bh_or_ld("NetBios error!", (ntlm_authenticate *) decoded, plen);
+				fprintf(stderr,"NetBios error code %d (%s)\n",
+								nb_error,RFCNB_Error_Strings[abs(nb_error)]);
+				return;
+			}
+			switch(smb_errorclass) {
+			case SMBC_SUCCESS:
+				debug("Huh? Got a SMB success code but could check auth..");
+				SEND("NA Authentication failed");
+				/*
+				send_bh_or_ld("SMB success, but no creds. Internal error?",
+											(ntlm_authenticate *) decoded, plen);
+				*/
+				return;
+			case SMBC_ERRDOS:
+				/*this is the most important one for errors*/
+				debug("DOS error\n");
+				switch (smb_errorcode) {
+					/* two categories matter to us: those which could be
+						 server errors, and those which are auth errors */
+				case SMBD_noaccess: /* 5 */
+					SEND("NA Access denied");
+					return;
+				case SMBD_badformat:
+					SEND("NA bad format in authentication packet");
+					return;
+				case SMBD_badaccess:
+					SEND("NA Bad access request");
+					return;
+				case SMBD_baddata:
+					SEND("NA Bad Data");
+					return;
+				default:
+					send_bh_or_ld("DOS Error",(ntlm_authenticate *) decoded, plen);
+					return;
+				}
+			case SMBC_ERRSRV:					/* server errors */
+				debug("Server error");
+				switch(smb_errorcode) {
+					/* mostly same as above */
+				case SMBV_badpw:
+					SEND("NA Bad password");
+					return;
+				case SMBV_access:
+					SEND("NA Server access error");
+					return;
+				default:
+					send_bh_or_ld("Server Error",(ntlm_authenticate *) decoded, plen);
+					return;
+				}
+			case SMBC_ERRHRD:					/* hardware errors don't really matter */
+				send_bh_or_ld("Domain Controller Hardware error",
+											(ntlm_authenticate *) decoded, plen);
+				return;
+			case SMBC_ERRCMD:
+				send_bh_or_ld("Domain Controller Command Error",
+											(ntlm_authenticate *) decoded, plen);
+				return;
+				}
+			}
+#endif /* OLDCRUFT */
 	  lc (cred);		/* let's lowercase them for our convenience */
 	  SEND2 ("AF %s", cred);
 	  return;
@@ -428,6 +523,10 @@
 {
 
   debug ("ntlm_auth build " __DATE__ ", " __TIME__ " starting up...\n");
+#ifdef DEBUG
+  debug("changing dir to /tmp");
+  chdir("/tmp");
+#endif
 
   my_program_name = argv[0];
   process_options (argc, argv);
@@ -454,7 +553,6 @@
     }
   while (1)
     {
-      debug ("managing request\n");
       manage_request ();
     }
   return 0;