refactor(devolitions-gateway): better error handling;

TheBestTvarynka · TheBestTvarynka · commit 406f0f8bf287 · 2025-06-26T14:11:43.000+03:00
diff --git a/devolutions-gateway/src/config.rs b/devolutions-gateway/src/config.rs
@@ -1106,7 +1106,7 @@ pub mod dto {
 
     /// Kerberos server config
     ///
-    /// This config is used to configure the kerberos server during RDP proxying.
+    /// This config is used to configure the Kerberos server during RDP proxying.
     #[derive(PartialEq, Eq, Debug, Clone, Serialize, Deserialize)]
     pub struct KerberosServer {
         /// The maximum allowed time difference between client and proxy clocks
diff --git a/devolutions-gateway/src/rdp_proxy.rs b/devolutions-gateway/src/rdp_proxy.rs
@@ -16,7 +16,7 @@ use ironrdp_connector::sspi::credssp::{ClientState, ServerError, ServerState};
 use ironrdp_connector::sspi::generator::GeneratorState;
 use ironrdp_connector::sspi::kerberos::ServerProperties;
 use ironrdp_connector::sspi::{
-    AuthIdentityBuffers, CredentialsBuffers, KerberosConfig as SspiKerberosConfig, KerberosServerConfig,
+    self, AuthIdentityBuffers, CredentialsBuffers, KerberosConfig as SspiKerberosConfig, KerberosServerConfig,
 };
 use ironrdp_pdu::{mcs, nego, x224};
 use ironrdp_tokio::AsyncSendableNetworkClient;
@@ -453,7 +453,14 @@ async fn resolve_server_generator(
     loop {
         match state {
             GeneratorState::Suspended(request) => {
-                let response = network_client.send(&request).await.expect("todo");
+                let response = network_client
+                    .send(&request)
+                    .await
+                    .inspect_err(|err| error!(?err, "Failed to send a Kerberos message"))
+                    .map_err(|err| ServerError {
+                        ts_request: None,
+                        error: sspi::Error::new(sspi::ErrorKind::InternalError, err),
+                    })?;
                 state = generator.resume(Ok(response));
             }
             GeneratorState::Completed(client_state) => {
@@ -552,10 +559,9 @@ where
             password,
         } = credentials;
 
-        let username =
-            ironrdp_connector::sspi::Username::new(username, domain.as_deref()).context("invalid username")?;
+        let username = sspi::Username::new(username, domain.as_deref()).context("invalid username")?;
 
-        let identity = ironrdp_connector::sspi::AuthIdentity {
+        let identity = sspi::AuthIdentity {
             username,
             password: password.expose_secret().to_owned().into(),
         };
