Move authpolicy's ErrorType to a proto

Allows strongly typed last_auth_error proto member.

CQ-DEPEND=CL:488901

BUG=None
TEST=Compiles fine with platform2 changes.

Change-Id: Ia98944628b31bfd43a1b289dcf0bc5092db00927
Reviewed-on: https://chromium-review.googlesource.com/488881
Commit-Ready: Lutz Justen <ljusten@chromium.org>
Tested-by: Lutz Justen <ljusten@chromium.org>
Reviewed-by: Dan Erat <derat@chromium.org>

1 files changed, 65 insertions, 2 deletions

diff --git a/dbus/authpolicy/active_directory_info.proto b/dbus/authpolicy/active_directory_info.proto
index 90c1047..a07278b 100644
--- a/dbus/authpolicy/active_directory_info.proto
+++ b/dbus/authpolicy/active_directory_info.proto
@@ -8,6 +8,69 @@ option optimize_for = LITE_RUNTIME;
 
 package authpolicy;
 
+// D-Bus call error codes. These values are written to logs. New enum values can
+// be added, but existing enums must never be renumbered or deleted and reused.
+enum ErrorType {
+  // Everything is A-OK!
+  ERROR_NONE = 0;
+  // Unspecified error.
+  ERROR_UNKNOWN = 1;
+  // Unspecified D-Bus error.
+  ERROR_DBUS_FAILURE = 2;
+  // Badly formatted user principal name.
+  ERROR_PARSE_UPN_FAILED = 3;
+  // Auth failed because of bad user name.
+  ERROR_BAD_USER_NAME = 4;
+  // Auth failed because of bad password.
+  ERROR_BAD_PASSWORD = 5;
+  // Auth failed because of expired password.
+  ERROR_PASSWORD_EXPIRED = 6;
+  // Auth failed because of bad realm or network.
+  ERROR_CANNOT_RESOLVE_KDC = 7;
+  // kinit exited with unspecified error.
+  ERROR_KINIT_FAILED = 8;
+  // net exited with unspecified error.
+  ERROR_NET_FAILED = 9;
+  // smdclient exited with unspecified error.
+  ERROR_SMBCLIENT_FAILED = 10;
+  // authpolicy_parser exited with unknown error.
+  ERROR_PARSE_FAILED = 11;
+  // Parsing GPOs failed.
+  ERROR_PARSE_PREG_FAILED = 12;
+  // GPO data is bad.
+  ERROR_BAD_GPOS = 13;
+  // Some local IO operation failed.
+  ERROR_LOCAL_IO = 14;
+  // Machine is not joined to AD domain yet.
+  ERROR_NOT_JOINED = 15;
+  // User is not logged in yet.
+  ERROR_NOT_LOGGED_IN = 16;
+  // Failed to send policy to Session Manager.
+  ERROR_STORE_POLICY_FAILED = 17;
+  // User doesn't have the right to join machines to the domain.
+  ERROR_JOIN_ACCESS_DENIED = 18;
+  // General network problem.
+  ERROR_NETWORK_PROBLEM = 19;
+  // Machine name contains restricted characters.
+  ERROR_INVALID_MACHINE_NAME = 20;
+  // Machine name too long.
+  ERROR_MACHINE_NAME_TOO_LONG = 21;
+  // User joined maximum number of machines to the domain.
+  ERROR_USER_HIT_JOIN_QUOTA = 22;
+  // Kinit or smbclient failed to contact Key Distribution Center.
+  ERROR_CONTACTING_KDC_FAILED = 23;
+  // Kerberos credentials cache not found.
+  ERROR_NO_CREDENTIALS_CACHE_FOUND = 24;
+  // Kerberos ticket expired while renewing credentials.
+  ERROR_KERBEROS_TICKET_EXPIRED = 25;
+  // Klist exited with unspecified error.
+  ERROR_KLIST_FAILED = 26;
+  // Kinit failed because of bad machine name.
+  ERROR_BAD_MACHINE_NAME = 27;
+  // Should be the last.
+  ERROR_COUNT = 28;
+}
+
 // Message sent to Chromium by authpolicy service as a response of a successful
 // AuthenticateUser call. Contains information about authenticated user fetched
 // from Active Directory server with "net ads search ...".
@@ -62,7 +125,7 @@ message ActiveDirectoryUserStatus {
   optional TgtStatus tgt_status = 2;
   // Status of the user's password.
   optional PasswordStatus password_status = 3;
-  // Last error returned from AuthenticateUser D-Bus call, see ErrorType.
-  optional int32 last_auth_error = 4;
+  // Last error returned from AuthenticateUser D-Bus call.
+  optional ErrorType last_auth_error = 4;
   // Next ID to use: 5
 }