preliminary RADIUS error handling

diff --git a/display_status.c b/display_status.c
index 9426d73..ebe66bd 100644 (file)
--- a/display_status.c
+++ b/display_status.c
@@ -120,25 +120,6 @@ gssEapSaveStatusInfo(OM_uint32 minor, const char *format, ...)
         saveStatusInfoNoCopy(minor, s);
 }
 
-#if 0
-void
-gssEapSaveKrbStatusInfo(OM_uint32 minor)
-{
-    krb5_context krbContext = NULL;
-    OM_uint32 tmpMinor;
-    const char *s;
-
-    gssEapKerberosInit(&tmpMinor, &krbContext);
-
-    if (krbContext != NULL) {
-        s = krb5_get_error_message(krbContext, minor);
-        gssEapSaveStatusInfo(minor, "%s", s);
-        krb5_set_error_message(krbContext, minor, "%s", s);
-        krb5_free_error_message(krbContext, s);
-    }
-}
-#endif
-
 OM_uint32
 gss_display_status(OM_uint32 *minor,
                    OM_uint32 status_value,
@@ -148,7 +129,7 @@ gss_display_status(OM_uint32 *minor,
                    gss_buffer_t status_string)
 {
     OM_uint32 major = GSS_S_COMPLETE;
-    krb5_context krbContext;
+    krb5_context krbContext = NULL;
     const char *errMsg;
 
     status_string->length = 0;
@@ -163,15 +144,18 @@ gss_display_status(OM_uint32 *minor,
         return GSS_S_BAD_STATUS;
     }
 
-    GSSEAP_KRB_INIT(&krbContext);
+    errMsg = getStatusInfo(status_value);
+    if (errMsg == NULL) {
+        GSSEAP_KRB_INIT(&krbContext);
 
-    errMsg = krb5_get_error_message(krbContext, status_value);
+        errMsg = krb5_get_error_message(krbContext, status_value);
+    }
 
-    if (errMsg != NULL) {
+    if (errMsg != NULL)
         major = makeStringBuffer(minor, errMsg, status_string);
-    }
 
-    krb5_free_error_message(krbContext, errMsg);
+    if (krbContext != NULL)
+        krb5_free_error_message(krbContext, errMsg);
 
     return major;
 }

diff --git a/util_radius.cpp b/util_radius.cpp
index 43d329f..b84dc73 100644 (file)
--- a/util_radius.cpp
+++ b/util_radius.cpp
@@ -32,6 +32,7 @@
 
 #include "gssapiP_eap.h"
 
+/* stuff that should be provided by libradsec/libfreeradius-radius */
 #define VENDORATTR(vendor, attr)            ((vendor) << 16 | (attr))
 
 #ifndef ATTRID
@@ -512,13 +513,30 @@ gssEapRadiusAttrProviderFinalize(OM_uint32 *minor)
     return GSS_S_COMPLETE;
 }
 
+/* partition error namespace so it does not conflict with krb5 */
+#define ERROR_TABLE_BASE_rse (46882560L)
+
+#define RS_TO_COM_ERR(rse)                  ((rse) == RSE_OK ? 0 : (rse) + ERROR_TABLE_BASE_rse)
+#define COM_TO_RS_ERR(err)                  ((err) > ERROR_TABLE_BASE_rse && \
+                                             (err) <= (ERROR_TABLE_BASE_rse + RSE_SOME_ERROR) ? \
+                                             (err) - ERROR_TABLE_BASE_rse : RSE_SOME_ERROR)
+
 OM_uint32
 gssEapRadiusMapError(OM_uint32 *minor,
                      struct rs_error *err)
 {
+    int code = RSE_OK;
+
     if (err != NULL)
-        rs_err_code(err, 1);
+        code = rs_err_code(err, 0);
+    else
+        code = RSE_SOME_ERROR;
+
+    *minor = RS_TO_COM_ERR(code);
+
+    gssEapSaveStatusInfo(*minor, "radsec: %s", rs_err_msg(err, 0));
 
+    rs_err_free(err);
     return GSS_S_FAILURE;
 }