EAP_ERROR replaced with C++ exceptions for increased code readability

lib/TTLS/include/Config.h

@@ -93,29 +93,19 @@ namespace eap {
         /// @{
 
         ///
-        /// Save configuration to XML document
+        /// Save to XML document
         ///
         /// \param[in]  pDoc         XML document
-        /// \param[in]  pConfigRoot  Suggested root element for saving configuration
-        /// \param[out] ppEapError   Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
+        /// \param[in]  pConfigRoot  Suggested root element for saving
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
+        virtual void save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const;
 
         ///
-        /// Load configuration from XML document
+        /// Load from XML document
         ///
-        /// \param[in]  pConfigRoot  Root element for loading configuration
-        /// \param[out] ppEapError   Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
+        /// \param[in]  pConfigRoot  Root element for loading
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
+        virtual void load(_In_ IXMLDOMNode *pConfigRoot);
 
         /// @}
 

lib/TTLS/include/Credentials.h

@@ -103,29 +103,19 @@ namespace eap
         /// @{
 
         ///
-        /// Save credentials to XML document
+        /// Save to XML document
         ///
         /// \param[in]  pDoc         XML document
-        /// \param[in]  pConfigRoot  Suggested root element for saving credentials
-        /// \param[out] ppEapError   Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
+        /// \param[in]  pConfigRoot  Suggested root element for saving
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
+        virtual void save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const;
 
         ///
-        /// Load credentials from XML document
+        /// Load from XML document
         ///
-        /// \param[in]  pConfigRoot  Root element for loading credentials
-        /// \param[out] ppEapError   Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
+        /// \param[in]  pConfigRoot  Root element for loading
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
+        virtual void load(_In_ IXMLDOMNode *pConfigRoot);
 
         /// @}
 
@@ -160,25 +150,15 @@ namespace eap
         /// Save credentials to Windows Credential Manager
         ///
         /// \param[in]  pszTargetName  The name in Windows Credential Manager to store credentials as
-        /// \param[out] ppEapError     Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const;
+        virtual void store(_In_ LPCTSTR pszTargetName) const;
 
         ///
         /// Retrieve credentials from Windows Credential Manager
         ///
         /// \param[in]  pszTargetName  The name in Windows Credential Manager to retrieve credentials from
-        /// \param[out] ppEapError     Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError);
+        virtual void retrieve(_In_ LPCTSTR pszTargetName);
 
         ///
         /// Return target suffix for Windows Credential Manager credential name

lib/TTLS/include/Method.h

@@ -101,59 +101,39 @@ namespace eap
         ///
         /// \sa [EapPeerBeginSession function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363600.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool begin_session(
+        virtual void begin_session(
             _In_        DWORD         dwFlags,
             _In_  const EapAttributes *pAttributeArray,
             _In_        HANDLE        hTokenImpersonateUser,
-            _In_        DWORD         dwMaxSendPacketSize,
-            _Out_       EAP_ERROR     **ppEapError);
+            _In_        DWORD         dwMaxSendPacketSize);
 
         ///
         /// Processes a packet received by EAPHost from a supplicant.
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
         /// \sa [EapPeerProcessRequestPacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363621.aspx)
         ///
-        virtual bool process_request_packet(
+        virtual void process_request_packet(
             _In_bytecount_(dwReceivedPacketSize) const EapPacket           *pReceivedPacket,
             _In_                                       DWORD               dwReceivedPacketSize,
-            _Out_                                      EapPeerMethodOutput *pEapOutput,
-            _Out_                                      EAP_ERROR           **ppEapError);
+            _Inout_                                    EapPeerMethodOutput *pEapOutput);
 
         ///
         /// Obtains a response packet from the EAP method.
         ///
         /// \sa [EapPeerGetResponsePacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363610.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool get_response_packet(
+        virtual void get_response_packet(
             _Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
-            _Inout_                            DWORD     *pdwSendPacketSize,
-            _Out_                              EAP_ERROR **ppEapError);
+            _Inout_                            DWORD     *pdwSendPacketSize);
 
         ///
         /// Obtains the result of an authentication session from the EAP method.
         ///
         /// \sa [EapPeerGetResult function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363611.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool get_result(
-            _In_  EapPeerMethodResultReason reason,
-            _Out_ EapPeerMethodResult       *ppResult,
-            _Out_ EAP_ERROR                 **ppEapError);
+        virtual void get_result(
+            _In_    EapPeerMethodResultReason reason,
+            _Inout_ EapPeerMethodResult       *ppResult);
 
         /// @}
 

lib/TTLS/include/Module.h

@@ -53,55 +53,38 @@ namespace eap
         ///
         /// \sa [EapPeerGetInfo function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363613.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool initialize(_Out_ EAP_ERROR **ppEapError);
+        virtual void initialize();
 
         ///
         /// Shuts down the EAP method and prepares to unload its corresponding DLL.
         ///
         /// \sa [EapPeerShutdown function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363627.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool shutdown(_Out_ EAP_ERROR **ppEapError);
+        virtual void shutdown();
 
         ///
         /// Returns the user data and user identity after being called by EAPHost.
         ///
         /// \sa [EapPeerGetIdentity function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363607.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool get_identity(
-            _In_                                   DWORD     dwFlags,
-            _In_count_(dwConnectionDataSize) const BYTE      *pConnectionData,
-            _In_                                   DWORD     dwConnectionDataSize,
-            _In_count_(dwUserDataSize)       const BYTE      *pUserData,
-            _In_                                   DWORD     dwUserDataSize,
-            _Out_                                  BYTE      **ppUserDataOut,
-            _Out_                                  DWORD     *pdwUserDataOutSize,
-            _In_                                   HANDLE    hTokenImpersonateUser,
-            _Out_                                  BOOL      *pfInvokeUI,
-            _Out_                                  WCHAR     **ppwszIdentity,
-            _Out_                                  EAP_ERROR **ppEapError);
+        virtual void get_identity(
+            _In_                                   DWORD  dwFlags,
+            _In_count_(dwConnectionDataSize) const BYTE   *pConnectionData,
+            _In_                                   DWORD  dwConnectionDataSize,
+            _In_count_(dwUserDataSize)       const BYTE   *pUserData,
+            _In_                                   DWORD  dwUserDataSize,
+            _Inout_                                BYTE   **ppUserDataOut,
+            _Inout_                                DWORD  *pdwUserDataOutSize,
+            _In_                                   HANDLE hTokenImpersonateUser,
+            _Inout_                                BOOL   *pfInvokeUI,
+            _Inout_                                WCHAR  **ppwszIdentity);
 
         ///
         /// Defines the implementation of an EAP method-specific function that retrieves the properties of an EAP method given the connection and user data.
         ///
         /// \sa [EapPeerGetMethodProperties function](https://msdn.microsoft.com/en-us/library/windows/desktop/hh706636.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool get_method_properties(
+        virtual void get_method_properties(
             _In_                                   DWORD                     dwVersion,
             _In_                                   DWORD                     dwFlags,
             _In_                                   HANDLE                    hUserImpersonationToken,
@@ -109,26 +92,20 @@ namespace eap
             _In_                                   DWORD                     dwConnectionDataSize,
             _In_count_(dwUserDataSize)       const BYTE                      *pUserData,
             _In_                                   DWORD                     dwUserDataSize,
-            _Out_                                  EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
-            _Out_                                  EAP_ERROR                 **ppEapError);
+            _Inout_                                EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray);
 
         ///
         /// Converts XML into the configuration BLOB. The XML based credentials can come from group policy or from a system administrator.
         ///
         /// \sa [EapPeerCredentialsXml2Blob function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363603.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool credentials_xml2blob(
+        virtual void credentials_xml2blob(
             _In_                                   DWORD       dwFlags,
             _In_                                   IXMLDOMNode *pConfigRoot,
             _In_count_(dwConnectionDataSize) const BYTE        *pConnectionData,
             _In_                                   DWORD       dwConnectionDataSize,
-            _Out_                                  BYTE        **ppCredentialsOut,
-            _Out_                                  DWORD       *pdwCredentialsOutSize,
-            _Out_                                  EAP_ERROR   **ppEapError);
+            _Inout_                                BYTE        **ppCredentialsOut,
+            _Inout_                                DWORD       *pdwCredentialsOutSize);
 
         /// \name Session management
         /// @{
@@ -138,11 +115,9 @@ namespace eap
         ///
         /// \sa [EapPeerBeginSession function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363600.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
+        /// \returns Session handle
         ///
-        virtual bool begin_session(
+        virtual EAP_SESSION_HANDLE begin_session(
             _In_                                   DWORD              dwFlags,
             _In_                           const   EapAttributes      *pAttributeArray,
             _In_                                   HANDLE             hTokenImpersonateUser,
@@ -150,68 +125,45 @@ namespace eap
             _In_                                   DWORD              dwConnectionDataSize,
             _In_count_(dwUserDataSize)       const BYTE               *pUserData,
             _In_                                   DWORD              dwUserDataSize,
-            _In_                                   DWORD              dwMaxSendPacketSize,
-            _Out_                                  EAP_SESSION_HANDLE *phSession,
-            _Out_                                  EAP_ERROR          **ppEapError);
+            _In_                                   DWORD              dwMaxSendPacketSize);
 
         ///
         /// Ends an EAP authentication session for the EAP method.
         ///
         /// \sa [EapPeerEndSession function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363604.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool end_session(
-            _In_ EAP_SESSION_HANDLE hSession,
-            _Out_ EAP_ERROR **ppEapError);
+        virtual void end_session(_In_ EAP_SESSION_HANDLE hSession);
 
         ///
         /// Processes a packet received by EAPHost from a supplicant.
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
         /// \sa [EapPeerProcessRequestPacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363621.aspx)
         ///
-        virtual bool process_request_packet(
+        virtual void process_request_packet(
             _In_                                       EAP_SESSION_HANDLE  hSession,
             _In_bytecount_(dwReceivedPacketSize) const EapPacket           *pReceivedPacket,
             _In_                                       DWORD               dwReceivedPacketSize,
-            _Out_                                      EapPeerMethodOutput *pEapOutput,
-            _Out_                                      EAP_ERROR           **ppEapError);
+            _Inout_                                    EapPeerMethodOutput *pEapOutput);
 
         ///
         /// Obtains a response packet from the EAP method.
         ///
         /// \sa [EapPeerGetResponsePacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363610.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool get_response_packet(
+        virtual void get_response_packet(
             _In_                               EAP_SESSION_HANDLE hSession,
             _Inout_bytecap_(*dwSendPacketSize) EapPacket          *pSendPacket,
-            _Inout_                            DWORD              *pdwSendPacketSize,
-            _Out_                              EAP_ERROR          **ppEapError);
+            _Inout_                            DWORD              *pdwSendPacketSize);
 
         ///
         /// Obtains the result of an authentication session from the EAP method.
         ///
         /// \sa [EapPeerGetResult function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363611.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool get_result(
-            _In_  EAP_SESSION_HANDLE        hSession,
-            _In_  EapPeerMethodResultReason reason,
-            _Out_ EapPeerMethodResult       *ppResult,
-            _Out_ EAP_ERROR                 **ppEapError);
+        virtual void get_result(
+            _In_    EAP_SESSION_HANDLE        hSession,
+            _In_    EapPeerMethodResultReason reason,
+            _Inout_ EapPeerMethodResult       *ppResult);
 
         ///
         /// Obtains the user interface context from the EAP method.
@@ -220,15 +172,10 @@ namespace eap
         ///
         /// \sa [EapPeerGetUIContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363612.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool get_ui_context(
-            _In_  EAP_SESSION_HANDLE hSession,
-            _Out_ BYTE               **ppUIContextData,
-            _Out_ DWORD              *pdwUIContextDataSize,
-            _Out_ EAP_ERROR          **ppEapError);
+        virtual void get_ui_context(
+            _In_    EAP_SESSION_HANDLE hSession,
+            _Inout_ BYTE               **ppUIContextData,
+            _Inout_ DWORD              *pdwUIContextDataSize);
 
         ///
         /// Provides a user interface context to the EAP method.
@@ -237,45 +184,30 @@ namespace eap
         ///
         /// \sa [EapPeerSetUIContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363626.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool set_ui_context(
+        virtual void set_ui_context(
             _In_                                  EAP_SESSION_HANDLE  hSession,
             _In_count_(dwUIContextDataSize) const BYTE                *pUIContextData,
             _In_                                  DWORD               dwUIContextDataSize,
-            _In_                            const EapPeerMethodOutput *pEapOutput,
-            _Out_                                 EAP_ERROR           **ppEapError);
+            _In_                            const EapPeerMethodOutput *pEapOutput);
 
         ///
         /// Obtains an array of EAP response attributes from the EAP method.
         ///
         /// \sa [EapPeerGetResponseAttributes function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363609.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool get_response_attributes(
-            _In_  EAP_SESSION_HANDLE hSession,
-            _Out_ EapAttributes      *pAttribs,
-            _Out_ EAP_ERROR          **ppEapError);
+        virtual void get_response_attributes(
+            _In_    EAP_SESSION_HANDLE hSession,
+            _Inout_ EapAttributes      *pAttribs);
 
         ///
         /// Provides an updated array of EAP response attributes to the EAP method.
         ///
         /// \sa [EapPeerSetResponseAttributes function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363625.aspx)
         ///
-        /// \returns
-        /// - \c true if succeeded
-        /// - \c false otherwise. See \p ppEapError for details.
-        ///
-        virtual bool set_response_attributes(
+        virtual void set_response_attributes(
             _In_       EAP_SESSION_HANDLE  hSession,
             _In_ const EapAttributes       *pAttribs,
-            _Out_      EapPeerMethodOutput *pEapOutput,
-            _Out_      EAP_ERROR           **ppEapError);
+            _Inout_    EapPeerMethodOutput *pEapOutput);
 
         /// @}
 

lib/TTLS/src/Config.cpp

@@ -85,69 +85,51 @@ eap::config* eap::config_method_ttls::clone() const
 }
 
 
-bool eap::config_method_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
+void eap::config_method_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
 {
     assert(pDoc);
     assert(pConfigRoot);
-    assert(ppEapError);
 
-    if (!config_method::save(pDoc, pConfigRoot, ppEapError))
-        return false;
+    config_method::save(pDoc, pConfigRoot);
 
     const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
     DWORD dwResult;
 
     // <ClientSideCredential>
     com_obj<IXMLDOMElement> pXmlElClientSideCredential;
-    if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)) != ERROR_SUCCESS) {
-        *ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ClientSideCredential> element."));
-        return false;
-    }
+    if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)) != ERROR_SUCCESS)
+        throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ClientSideCredential> element."));
 
     // <ClientSideCredential>/<AnonymousIdentity>
     if (!m_anonymous_identity.empty())
-        if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, bstr(L"AnonymousIdentity"), bstrNamespace, bstr(m_anonymous_identity))) != ERROR_SUCCESS) {
-            *ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <AnonymousIdentity> element."));
-            return false;
-        }
+        if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, bstr(L"AnonymousIdentity"), bstrNamespace, bstr(m_anonymous_identity))) != ERROR_SUCCESS)
+            throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <AnonymousIdentity> element."));
 
-    if (!m_outer.save(pDoc, pConfigRoot, ppEapError))
-        return false;
+    m_outer.save(pDoc, pConfigRoot);
 
     // <InnerAuthenticationMethod>
     com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
-    if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
-        *ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."));
-        return false;
-    }
+    if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS)
+        throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."));
 
     if (dynamic_cast<const config_method_pap*>(m_inner.get())) {
         // <InnerAuthenticationMethod>/<NonEAPAuthMethod>
-        if ((dwResult = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"NonEAPAuthMethod"), bstrNamespace, bstr(L"PAP"))) != ERROR_SUCCESS) {
-            *ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <NonEAPAuthMethod> element."));
-            return false;
-        }
+        if ((dwResult = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"NonEAPAuthMethod"), bstrNamespace, bstr(L"PAP"))) != ERROR_SUCCESS)
+            throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <NonEAPAuthMethod> element."));
 
         // <InnerAuthenticationMethod>/...
-        if (!m_inner->save(pDoc, pXmlElInnerAuthenticationMethod, ppEapError))
-            return false;
-    } else {
-        *ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported inner authentication method."));
-        return false;
-    }
-
-    return true;
+        m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
+    } else
+        throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported inner authentication method."));
 }
 
 
-bool eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
+void eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
 {
     assert(pConfigRoot);
-    assert(ppEapError);
     DWORD dwResult;
 
-    if (!config_method::load(pConfigRoot, ppEapError))
-        return false;
+    config_method::load(pConfigRoot);
 
     std::wstring xpath(eapxml::get_xpath(pConfigRoot));
 
@@ -163,15 +145,12 @@ bool eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERRO
         m_module.log_config((xpathClientSideCredential + L"/AnonymousIdentity").c_str(), m_anonymous_identity.c_str());
     }
 
-    if (!m_outer.load(pConfigRoot, ppEapError))
-        return false;
+    m_outer.load(pConfigRoot);
 
     // <InnerAuthenticationMethod>
     com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
-    if ((dwResult = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
-        *ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
-        return false;
-    }
+    if ((dwResult = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS)
+        throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."));
 
     // Determine inner authentication type (<EAPMethod> and <NonEAPAuthMethod>).
     //DWORD dwMethodID;
@@ -188,14 +167,9 @@ bool eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERRO
         // PAP
         m_module.log_config((xpath + L"/NonEAPAuthMethod").c_str(), L"PAP");
         m_inner.reset(new config_method_pap(m_module));
-        if (!m_inner->load(pXmlElInnerAuthenticationMethod, ppEapError))
-            return false;
-    } else {
-        *ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported inner authentication method."));
-        return false;
-    }
-
-    return true;
+        m_inner->load(pXmlElInnerAuthenticationMethod);
+    } else
+        throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported inner authentication method."));
 }
 
 

lib/TTLS/src/Credentials.cpp

@@ -96,17 +96,14 @@ bool eap::credentials_ttls::empty() const
 }
 
 
-bool eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
+void eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
 {
     assert(pDoc);
     assert(pConfigRoot);
-    assert(ppEapError);
 
-    if (!credentials::save(pDoc, pConfigRoot, ppEapError))
-        return false;
+    credentials::save(pDoc, pConfigRoot);
 
-    if (!m_outer.save(pDoc, pConfigRoot, ppEapError))
-        return false;
+    m_outer.save(pDoc, pConfigRoot);
 
     const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
     DWORD dwResult;
@@ -115,49 +112,34 @@ bool eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
     if (m_inner) {
         // <InnerAuthenticationMethod>
         winstd::com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
-        if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod))) {
-            *ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."));
-            return false;
-        }
+        if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)))
+            throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."));
 
-        if (!m_inner->save(pDoc, pXmlElInnerAuthenticationMethod, ppEapError))
-            return false;
+        m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
 
-        if (FAILED(hr = pConfigRoot->appendChild(pXmlElInnerAuthenticationMethod, NULL))) {
-            *ppEapError = m_module.make_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <InnerAuthenticationMethod> element."));
-            return false;
-        }
+        if (FAILED(hr = pConfigRoot->appendChild(pXmlElInnerAuthenticationMethod, NULL)))
+            throw win_runtime_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <InnerAuthenticationMethod> element."));
     }
-
-    return true;
 }
 
 
-bool eap::credentials_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
+void eap::credentials_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
 {
     assert(pConfigRoot);
-    assert(ppEapError);
     DWORD dwResult;
 
-    if (!credentials::load(pConfigRoot, ppEapError))
-        return false;
+    credentials::load(pConfigRoot);
 
-    if (!m_outer.load(pConfigRoot, ppEapError))
-        return false;
+    m_outer.load(pConfigRoot);
 
     // TODO: For the time being, there is no detection what type is inner method. Introduce one!
     if (m_inner) {
         com_obj<IXMLDOMNode> pXmlElInnerAuthenticationMethod;
-        if ((dwResult = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
-            *ppEapError = m_module.make_error(ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
-            return false;
-        }
+        if ((dwResult = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS)
+            throw invalid_argument(__FUNCTION__ " Error selecting <InnerAuthenticationMethod> element.");
 
-        if (!m_inner->load(pXmlElInnerAuthenticationMethod, ppEapError))
-            return false;
+        m_inner->load(pXmlElInnerAuthenticationMethod);
     }
-
-    return true;
 }
 
 
@@ -219,31 +201,21 @@ void eap::credentials_ttls::operator>>(_Inout_ cursor_in &cursor)
 }
 
 
-bool eap::credentials_ttls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
+void eap::credentials_ttls::store(_In_ LPCTSTR pszTargetName) const
 {
-    if (!m_outer.store(pszTargetName, ppEapError))
-        return false;
+    m_outer.store(pszTargetName);
 
-    if (m_inner) {
-        if (!m_inner->store(pszTargetName, ppEapError))
-            return false;
-    }
-
-    return true;
+    if (m_inner)
+        m_inner->store(pszTargetName);
 }
 
 
-bool eap::credentials_ttls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
+void eap::credentials_ttls::retrieve(_In_ LPCTSTR pszTargetName)
 {
-    if (!m_outer.retrieve(pszTargetName, ppEapError))
-        return false;
+    m_outer.retrieve(pszTargetName);
 
-    if (m_inner) {
-        if (!m_inner->retrieve(pszTargetName, ppEapError))
-            return false;
-    }
-
-    return true;
+    if (m_inner)
+        m_inner->retrieve(pszTargetName);
 }
 
 

lib/TTLS/src/Method.cpp

@@ -71,34 +71,26 @@ eap::method_ttls& eap::method_ttls::operator=(_Inout_ method_ttls &&other)
 }
 
 
-bool eap::method_ttls::begin_session(
+void eap::method_ttls::begin_session(
     _In_        DWORD         dwFlags,
     _In_  const EapAttributes *pAttributeArray,
     _In_        HANDLE        hTokenImpersonateUser,
-    _In_        DWORD         dwMaxSendPacketSize,
-    _Out_       EAP_ERROR     **ppEapError)
+    _In_        DWORD         dwMaxSendPacketSize)
 {
-    if (!m_outer.begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize, ppEapError))
-        return false;
-
-    return true;
+    m_outer.begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize);
 }
 
 
-bool eap::method_ttls::process_request_packet(
+void eap::method_ttls::process_request_packet(
     _In_bytecount_(dwReceivedPacketSize) const EapPacket           *pReceivedPacket,
     _In_                                       DWORD               dwReceivedPacketSize,
-    _Out_                                      EapPeerMethodOutput *pEapOutput,
-    _Out_                                      EAP_ERROR           **ppEapError)
+    _Inout_                                    EapPeerMethodOutput *pEapOutput)
 {
     // Is this a valid EAP-TTLS packet?
-    if (dwReceivedPacketSize < 6) {
-        *ppEapError = m_module.make_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Packet is too small. EAP-%s packets should be at least 6B."));
-        return false;
-    } else if (pReceivedPacket->Data[0] != eap_type_ttls) {
-        *ppEapError = m_module.make_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, wstring_printf(_T(__FUNCTION__) _T(" Packet is not EAP-TTLS (expected: %u, received: %u)."), eap_type_ttls, pReceivedPacket->Data[0]).c_str());
-        return false;
-    }
+    if (dwReceivedPacketSize < 6)
+        throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Packet is too small. EAP-%s packets should be at least 6B."));
+    else if (pReceivedPacket->Data[0] != eap_type_ttls)
+        throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, wstring_printf(_T(__FUNCTION__) _T(" Packet is not EAP-TTLS (expected: %u, received: %u)."), eap_type_ttls, pReceivedPacket->Data[0]).c_str());
 
     if (pReceivedPacket->Code == EapCodeRequest && (pReceivedPacket->Data[1] & flags_start)) {
         // This is a start EAP-TTLS packet.
@@ -109,31 +101,26 @@ bool eap::method_ttls::process_request_packet(
         m_module.log_event(&EAPMETHOD_HANDSHAKE_START1, event_data((unsigned int)eap_type_ttls), event_data((unsigned char)m_version), event_data((unsigned char)ver_remote), event_data::blank);
     }
 
-    return m_outer.process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput, ppEapError);
+    m_outer.process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput);
 }
 
 
-bool eap::method_ttls::get_response_packet(
+void eap::method_ttls::get_response_packet(
     _Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
-    _Inout_                            DWORD     *pdwSendPacketSize,
-    _Out_                              EAP_ERROR **ppEapError)
+    _Inout_                            DWORD     *pdwSendPacketSize)
 {
-    if (!m_outer.get_response_packet(pSendPacket, pdwSendPacketSize, ppEapError))
-        return false;
+    m_outer.get_response_packet(pSendPacket, pdwSendPacketSize);
 
     // Change packet type to EAP-TTLS, and add EAP-TTLS version.
     pSendPacket->Data[0]  = (BYTE)eap_type_ttls;
     pSendPacket->Data[1] &= ~flags_ver_mask;
     pSendPacket->Data[1] |= m_version;
-
-    return true;
 }
 
 
-bool eap::method_ttls::get_result(
-    _In_  EapPeerMethodResultReason reason,
-    _Out_ EapPeerMethodResult       *ppResult,
-    _Out_ EAP_ERROR                 **ppEapError)
+void eap::method_ttls::get_result(
+    _In_    EapPeerMethodResultReason reason,
+    _Inout_ EapPeerMethodResult       *ppResult)
 {
-    return m_outer.get_result(reason, ppResult, ppEapError);
+    m_outer.get_result(reason, ppResult);
 }

lib/TTLS/src/Module.cpp

@@ -39,10 +39,8 @@ eap::config_method* eap::peer_ttls::make_config_method()
 }
 
 
-bool eap::peer_ttls::initialize(_Out_ EAP_ERROR **ppEapError)
+void eap::peer_ttls::initialize()
 {
-    UNREFERENCED_PARAMETER(ppEapError);
-
     // MSI's feature completeness check removed: It might invoke UI (prompt user for missing MSI),
     // which would be disasterous in EapHost system service.
 #if 0
@@ -52,43 +50,34 @@ bool eap::peer_ttls::initialize(_Out_ EAP_ERROR **ppEapError)
     if (MsiQueryFeatureState(_T(PRODUCT_VERSION_GUID), _T("featEAPTTLS")) != INSTALLSTATE_UNKNOWN)
         MsiUseFeature(_T(PRODUCT_VERSION_GUID), _T("featEAPTTLS"));
 #endif
-
-    return true;
 }
 
 
-bool eap::peer_ttls::shutdown(_Out_ EAP_ERROR **ppEapError)
+void eap::peer_ttls::shutdown()
 {
-    UNREFERENCED_PARAMETER(ppEapError);
-    return true;
 }
 
 
-bool eap::peer_ttls::get_identity(
-    _In_                                   DWORD     dwFlags,
-    _In_count_(dwConnectionDataSize) const BYTE      *pConnectionData,
-    _In_                                   DWORD     dwConnectionDataSize,
-    _In_count_(dwUserDataSize)       const BYTE      *pUserData,
-    _In_                                   DWORD     dwUserDataSize,
-    _Out_                                  BYTE      **ppUserDataOut,
-    _Out_                                  DWORD     *pdwUserDataOutSize,
-    _In_                                   HANDLE    hTokenImpersonateUser,
-    _Out_                                  BOOL      *pfInvokeUI,
-    _Out_                                  WCHAR     **ppwszIdentity,
-    _Out_                                  EAP_ERROR **ppEapError)
+void eap::peer_ttls::get_identity(
+    _In_                                   DWORD  dwFlags,
+    _In_count_(dwConnectionDataSize) const BYTE   *pConnectionData,
+    _In_                                   DWORD  dwConnectionDataSize,
+    _In_count_(dwUserDataSize)       const BYTE   *pUserData,
+    _In_                                   DWORD  dwUserDataSize,
+    _Inout_                                BYTE   **ppUserDataOut,
+    _Inout_                                DWORD  *pdwUserDataOutSize,
+    _In_                                   HANDLE hTokenImpersonateUser,
+    _Inout_                                BOOL   *pfInvokeUI,
+    _Inout_                                WCHAR  **ppwszIdentity)
 {
     assert(pfInvokeUI);
     assert(ppwszIdentity);
-    assert(ppEapError);
 
     // Unpack configuration.
     config_provider_list cfg(*this);
-    if (!unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError))
-        return false;
-    else if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty()) {
-        *ppEapError = make_error(ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" Configuration has no providers and/or methods."));
-        return false;
-    }
+    unpack(cfg, pConnectionData, dwConnectionDataSize);
+    if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty())
+        throw invalid_argument(__FUNCTION__ " Configuration has no providers and/or methods.");
 
     // Get method configuration.
     const config_provider &cfg_prov(cfg.m_providers.front());
@@ -98,8 +87,8 @@ bool eap::peer_ttls::get_identity(
 
     // Unpack cached credentials.
     credentials_ttls cred_in(*this);
-    if (dwUserDataSize && !unpack(cred_in, pUserData, dwUserDataSize, ppEapError))
-        return false;
+    if (dwUserDataSize)
+        unpack(cred_in, pUserData, dwUserDataSize);
 
     credentials_ttls cred_out(*this);
 
@@ -160,15 +149,16 @@ bool eap::peer_ttls::get_identity(
         bool user_ctx_changed = hTokenImpersonateUser && ImpersonateLoggedOnUser(hTokenImpersonateUser);
 
         if (!is_outer_set) {
-            credentials_tls cred_loaded(*this);
-            if (cred_loaded.retrieve(cfg_prov.m_id.c_str(), ppEapError)) {
+            try {
+                credentials_tls cred_loaded(*this);
+                cred_loaded.retrieve(cfg_prov.m_id.c_str());
+
                 // Outer TLS: Using stored credentials.
                 cred_out.m_outer = std::move(cred_loaded);
                 log_event(&EAPMETHOD_TRACE_EVT_CRED_STORED1, event_data((unsigned int)eap_type_tls), event_data(cred_out.m_outer.get_name()), event_data::blank);
                 is_outer_set = true;
-            } else {
+            } catch (...) {
                 // Not actually an error.
-                free_error_memory(*ppEapError);
             }
         }
 
@@ -176,14 +166,15 @@ bool eap::peer_ttls::get_identity(
             unique_ptr<credentials> cred_loaded;
             if (cfg_inner_pap) cred_loaded.reset(new credentials_pap(*this));
             else               assert(0); // Unsupported inner authentication method type.
-            if (cred_loaded->retrieve(cfg_prov.m_id.c_str(), ppEapError)) {
+            try {
+                cred_loaded->retrieve(cfg_prov.m_id.c_str());
+
                 // Inner PAP: Using stored credentials.
                 cred_out.m_inner = std::move(cred_loaded);
                 log_event(&EAPMETHOD_TRACE_EVT_CRED_STORED1, event_data((unsigned int)type_inner), event_data(cred_out.m_inner->get_name()), event_data::blank);
                 is_inner_set = true;
-            } else {
+            } catch(...) {
                 // Not actually an error.
-                free_error_memory(*ppEapError);
             }
         }
 
@@ -197,20 +188,18 @@ bool eap::peer_ttls::get_identity(
         if (!is_outer_set) {
             log_event(&EAPMETHOD_TRACE_EVT_CRED_INVOKE_UI1, event_data((unsigned int)eap_type_tls), event_data::blank);
             *pfInvokeUI = TRUE;
-            return true;
+            return;
         }
 
         if (!is_inner_set) {
             log_event(&EAPMETHOD_TRACE_EVT_CRED_INVOKE_UI1, event_data((unsigned int)type_inner), event_data::blank);
             *pfInvokeUI = TRUE;
-            return true;
+            return;
         }
     } else {
         // Per-machine authentication
-        if (!is_outer_set || !is_inner_set) {
-            *ppEapError = make_error(ERROR_NO_SUCH_USER, _T(__FUNCTION__) _T(" Credentials for per-machine authentication not available."));
-            return false;
-        }
+        if (!is_outer_set || !is_inner_set)
+            throw win_runtime_error(ERROR_NO_SUCH_USER, _T(__FUNCTION__) _T(" Credentials for per-machine authentication not available."));
     }
 
     // If we got here, we have all credentials we need.
@@ -223,11 +212,11 @@ bool eap::peer_ttls::get_identity(
     memcpy(*ppwszIdentity, identity.c_str(), size);
 
     // Pack credentials.
-    return pack(cred_out, ppUserDataOut, pdwUserDataOutSize, ppEapError);
+    pack(cred_out, ppUserDataOut, pdwUserDataOutSize);
 }
 
 
-bool eap::peer_ttls::get_method_properties(
+void eap::peer_ttls::get_method_properties(
     _In_                                   DWORD                     dwVersion,
     _In_                                   DWORD                     dwFlags,
     _In_                                   HANDLE                    hUserImpersonationToken,
@@ -235,8 +224,7 @@ bool eap::peer_ttls::get_method_properties(
     _In_                                   DWORD                     dwConnectionDataSize,
     _In_count_(dwUserDataSize)       const BYTE                      *pUserData,
     _In_                                   DWORD                     dwUserDataSize,
-    _Out_                                  EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
-    _Out_                                  EAP_ERROR                 **ppEapError)
+    _Inout_                                EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray)
 {
     UNREFERENCED_PARAMETER(dwVersion);
     UNREFERENCED_PARAMETER(dwFlags);
@@ -246,7 +234,6 @@ bool eap::peer_ttls::get_method_properties(
     UNREFERENCED_PARAMETER(pUserData);
     UNREFERENCED_PARAMETER(dwUserDataSize);
     assert(pMethodPropertyArray);
-    assert(ppEapError);
 
     vector<EAP_METHOD_PROPERTY> properties;
     properties.reserve(20);
@@ -275,27 +262,22 @@ bool eap::peer_ttls::get_method_properties(
     // Allocate property array.
     DWORD dwCount = (DWORD)properties.size();
     pMethodPropertyArray->pMethodProperty = (EAP_METHOD_PROPERTY*)alloc_memory(sizeof(EAP_METHOD_PROPERTY) * dwCount);
-    if (!pMethodPropertyArray->pMethodProperty) {
-        *ppEapError = make_error(ERROR_OUTOFMEMORY, _T(__FUNCTION__) _T(" Error allocating memory for propery array."));
-        return false;
-    }
+    if (!pMethodPropertyArray->pMethodProperty)
+        throw win_runtime_error(ERROR_OUTOFMEMORY, _T(__FUNCTION__) _T(" Error allocating memory for propery array."));
 
     // Copy properties.
     memcpy(pMethodPropertyArray->pMethodProperty, properties.data(), sizeof(EAP_METHOD_PROPERTY) * dwCount);
     pMethodPropertyArray->dwNumberOfProperties = dwCount;
-
-    return true;
 }
 
 
-bool eap::peer_ttls::credentials_xml2blob(
+void eap::peer_ttls::credentials_xml2blob(
     _In_                                   DWORD       dwFlags,
     _In_                                   IXMLDOMNode *pConfigRoot,
     _In_count_(dwConnectionDataSize) const BYTE        *pConnectionData,
     _In_                                   DWORD       dwConnectionDataSize,
-    _Out_                                  BYTE        **ppCredentialsOut,
-    _Out_                                  DWORD       *pdwCredentialsOutSize,
-    _Out_                                  EAP_ERROR   **ppEapError)
+    _Inout_                                BYTE        **ppCredentialsOut,
+    _Inout_                                DWORD       *pdwCredentialsOutSize)
 {
     UNREFERENCED_PARAMETER(dwFlags);
     UNREFERENCED_PARAMETER(pConnectionData);
@@ -303,15 +285,14 @@ bool eap::peer_ttls::credentials_xml2blob(
 
     // Load credentials from XML.
     credentials_ttls cred(*this);
-    if (!cred.load(pConfigRoot, ppEapError))
-        return false;
+    cred.load(pConfigRoot);
 
     // Pack credentials.
-    return pack(cred, ppCredentialsOut, pdwCredentialsOutSize, ppEapError);
+    pack(cred, ppCredentialsOut, pdwCredentialsOutSize);
 }
 
 
-bool eap::peer_ttls::begin_session(
+EAP_SESSION_HANDLE eap::peer_ttls::begin_session(
     _In_                                   DWORD              dwFlags,
     _In_                           const   EapAttributes      *pAttributeArray,
     _In_                                   HANDLE             hTokenImpersonateUser,
@@ -319,152 +300,118 @@ bool eap::peer_ttls::begin_session(
     _In_                                   DWORD              dwConnectionDataSize,
     _In_count_(dwUserDataSize)       const BYTE               *pUserData,
     _In_                                   DWORD              dwUserDataSize,
-    _In_                                   DWORD              dwMaxSendPacketSize,
-    _Out_                                  EAP_SESSION_HANDLE *phSession,
-    _Out_                                  EAP_ERROR          **ppEapError)
+    _In_                                   DWORD              dwMaxSendPacketSize)
 {
-    *phSession = NULL;
-
-    // Allocate new session.
+    // Create new session.
     unique_ptr<session> s(new session(*this));
-    if (!s) {
-        *ppEapError = make_error(ERROR_OUTOFMEMORY, _T(__FUNCTION__) _T(" Error allocating memory for EAP-TTLS session."));
-        return false;
-    }
 
     // Unpack configuration.
     config_provider_list cfg(*this);
-    if (!unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError))
-        return false;
-    else if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty()) {
-        *ppEapError = make_error(ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" Configuration has no providers and/or methods."));
-        return false;
-    }
+    unpack(cfg, pConnectionData, dwConnectionDataSize);
+    if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty())
+        throw invalid_argument(__FUNCTION__ " Configuration has no providers and/or methods.");
 
     // Copy method configuration.
     const config_provider &cfg_prov(cfg.m_providers.front());
     s->m_cfg = *dynamic_cast<const config_method_ttls*>(cfg_prov.m_methods.front().get());
 
     // Unpack credentials.
-    if (!unpack(s->m_cred, pUserData, dwUserDataSize, ppEapError))
-        return false;
+    unpack(s->m_cred, pUserData, dwUserDataSize);
 
     // Initialize method.
-    if (!s->m_method.begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize, ppEapError))
-        return false;
+    s->m_method.begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize);
 
-    *phSession = s.release();
-    return true;
+    return s.release();
 }
 
 
-bool eap::peer_ttls::end_session(_In_ EAP_SESSION_HANDLE hSession, _Out_ EAP_ERROR **ppEapError)
+void eap::peer_ttls::end_session(_In_ EAP_SESSION_HANDLE hSession)
 {
     assert(hSession);
-    UNREFERENCED_PARAMETER(ppEapError); // What could possibly go wrong when destroying!? ;)
 
     // End the session.
     session *s = static_cast<session*>(hSession);
     //s->end(ppEapError);
     delete s;
-
-    return true;
 }
 
 
-bool eap::peer_ttls::process_request_packet(
+void eap::peer_ttls::process_request_packet(
     _In_                                       EAP_SESSION_HANDLE  hSession,
     _In_bytecount_(dwReceivedPacketSize) const EapPacket           *pReceivedPacket,
     _In_                                       DWORD               dwReceivedPacketSize,
-    _Out_                                      EapPeerMethodOutput *pEapOutput,
-    _Out_                                      EAP_ERROR           **ppEapError)
+    _Inout_                                    EapPeerMethodOutput *pEapOutput)
 {
     assert(dwReceivedPacketSize == ntohs(*(WORD*)pReceivedPacket->Length));
-    return static_cast<session*>(hSession)->m_method.process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput, ppEapError);
+    static_cast<session*>(hSession)->m_method.process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput);
 }
 
 
-bool eap::peer_ttls::get_response_packet(
+void eap::peer_ttls::get_response_packet(
     _In_                               EAP_SESSION_HANDLE hSession,
     _Inout_bytecap_(*dwSendPacketSize) EapPacket          *pSendPacket,
-    _Inout_                            DWORD              *pdwSendPacketSize,
-    _Out_                              EAP_ERROR          **ppEapError)
+    _Inout_                            DWORD              *pdwSendPacketSize)
 {
-    return static_cast<session*>(hSession)->m_method.get_response_packet(pSendPacket, pdwSendPacketSize, ppEapError);
+    static_cast<session*>(hSession)->m_method.get_response_packet(pSendPacket, pdwSendPacketSize);
 }
 
 
-bool eap::peer_ttls::get_result(
-    _In_  EAP_SESSION_HANDLE        hSession,
-    _In_  EapPeerMethodResultReason reason,
-    _Out_ EapPeerMethodResult       *ppResult,
-    _Out_ EAP_ERROR                 **ppEapError)
+void eap::peer_ttls::get_result(
+    _In_    EAP_SESSION_HANDLE        hSession,
+    _In_    EapPeerMethodResultReason reason,
+    _Inout_ EapPeerMethodResult       *ppResult)
 {
-    return static_cast<session*>(hSession)->m_method.get_result(reason, ppResult, ppEapError);
+    static_cast<session*>(hSession)->m_method.get_result(reason, ppResult);
 }
 
 
-bool eap::peer_ttls::get_ui_context(
-    _In_  EAP_SESSION_HANDLE hSession,
-    _Out_ BYTE               **ppUIContextData,
-    _Out_ DWORD              *pdwUIContextDataSize,
-    _Out_ EAP_ERROR          **ppEapError)
+void eap::peer_ttls::get_ui_context(
+    _In_    EAP_SESSION_HANDLE hSession,
+    _Inout_ BYTE               **ppUIContextData,
+    _Inout_ DWORD              *pdwUIContextDataSize)
 {
     UNREFERENCED_PARAMETER(hSession);
     UNREFERENCED_PARAMETER(ppUIContextData);
     UNREFERENCED_PARAMETER(pdwUIContextDataSize);
-    assert(ppEapError);
 
-    *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
-    return false;
+    throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
 }
 
 
-bool eap::peer_ttls::set_ui_context(
+void eap::peer_ttls::set_ui_context(
     _In_                                  EAP_SESSION_HANDLE  hSession,
     _In_count_(dwUIContextDataSize) const BYTE                *pUIContextData,
     _In_                                  DWORD               dwUIContextDataSize,
-    _In_                            const EapPeerMethodOutput *pEapOutput,
-    _Out_                                 EAP_ERROR           **ppEapError)
+    _In_                            const EapPeerMethodOutput *pEapOutput)
 {
     UNREFERENCED_PARAMETER(hSession);
     UNREFERENCED_PARAMETER(pUIContextData);
     UNREFERENCED_PARAMETER(dwUIContextDataSize);
     UNREFERENCED_PARAMETER(pEapOutput);
-    assert(ppEapError);
 
-    *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
-    return false;
+    throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
 }
 
 
-bool eap::peer_ttls::get_response_attributes(
-    _In_  EAP_SESSION_HANDLE hSession,
-    _Out_ EapAttributes      *pAttribs,
-    _Out_ EAP_ERROR          **ppEapError)
+void eap::peer_ttls::get_response_attributes(
+    _In_    EAP_SESSION_HANDLE hSession,
+    _Inout_ EapAttributes      *pAttribs)
 {
     UNREFERENCED_PARAMETER(hSession);
     UNREFERENCED_PARAMETER(pAttribs);
-    UNREFERENCED_PARAMETER(ppEapError);
-    assert(ppEapError);
 
-    *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
-    return false;
+    throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
 }
 
 
-bool eap::peer_ttls::set_response_attributes(
-    _In_       EAP_SESSION_HANDLE  hSession,
-    _In_ const EapAttributes       *pAttribs,
-    _Out_      EapPeerMethodOutput *pEapOutput,
-    _Out_      EAP_ERROR           **ppEapError)
+void eap::peer_ttls::set_response_attributes(
+            _In_       EAP_SESSION_HANDLE  hSession,
+            _In_ const EapAttributes       *pAttribs,
+            _Inout_    EapPeerMethodOutput *pEapOutput)
 {
     UNREFERENCED_PARAMETER(hSession);
     UNREFERENCED_PARAMETER(pAttribs);
     UNREFERENCED_PARAMETER(pEapOutput);
-    UNREFERENCED_PARAMETER(ppEapError);
-    assert(ppEapError);
 
-    *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
-    return false;
+    throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
 }