summaryrefslogtreecommitdiff
path: root/libcli/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-04-20 17:39:50 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-04-27 11:21:37 +1000
commite04bab4a19658009e53949b814a58d177966a9cd (patch)
treebb9bb8962f23590a8b1272cd5fc2cdbea37a4993 /libcli/auth
parente81ea8a291d1a51a1b69dfeabf686e72f284689b (diff)
downloadsamba-e04bab4a19658009e53949b814a58d177966a9cd.tar.gz
samba-e04bab4a19658009e53949b814a58d177966a9cd.tar.bz2
samba-e04bab4a19658009e53949b814a58d177966a9cd.zip
libcli/auth Move Samba4's gssapi_error_string from GENSEC to libcli/auth
This will allow the GSSAPI PAC fetch code to use it. Andrew Bartlett
Diffstat (limited to 'libcli/auth')
-rw-r--r--libcli/auth/krb5_wrap.c39
-rw-r--r--libcli/auth/krb5_wrap.h5
-rw-r--r--libcli/auth/wscript_build2
3 files changed, 44 insertions, 2 deletions
diff --git a/libcli/auth/krb5_wrap.c b/libcli/auth/krb5_wrap.c
index c69e3946c6..7725261408 100644
--- a/libcli/auth/krb5_wrap.c
+++ b/libcli/auth/krb5_wrap.c
@@ -5,6 +5,7 @@
Copyright (C) Luke Howard 2002-2003
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2011
Copyright (C) Guenther Deschner 2005-2009
+ Copyright (C) Simo Sorce 2010.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -307,6 +308,44 @@ krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
return ret;
}
+char *gssapi_error_string(TALLOC_CTX *mem_ctx,
+ OM_uint32 maj_stat, OM_uint32 min_stat,
+ const gss_OID mech)
+{
+ OM_uint32 disp_min_stat, disp_maj_stat;
+ gss_buffer_desc maj_error_message;
+ gss_buffer_desc min_error_message;
+ char *maj_error_string, *min_error_string;
+ OM_uint32 msg_ctx = 0;
+
+ char *ret;
+
+ maj_error_message.value = NULL;
+ min_error_message.value = NULL;
+ maj_error_message.length = 0;
+ min_error_message.length = 0;
+
+ disp_maj_stat = gss_display_status(&disp_min_stat, maj_stat, GSS_C_GSS_CODE,
+ mech, &msg_ctx, &maj_error_message);
+ disp_maj_stat = gss_display_status(&disp_min_stat, min_stat, GSS_C_MECH_CODE,
+ mech, &msg_ctx, &min_error_message);
+
+ maj_error_string = talloc_strndup(mem_ctx, (char *)maj_error_message.value, maj_error_message.length);
+
+ min_error_string = talloc_strndup(mem_ctx, (char *)min_error_message.value, min_error_message.length);
+
+ ret = talloc_asprintf(mem_ctx, "%s: %s", maj_error_string, min_error_string);
+
+ talloc_free(maj_error_string);
+ talloc_free(min_error_string);
+
+ gss_release_buffer(&disp_min_stat, &maj_error_message);
+ gss_release_buffer(&disp_min_stat, &min_error_message);
+
+ return ret;
+}
+
+
char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx)
{
char *ret;
diff --git a/libcli/auth/krb5_wrap.h b/libcli/auth/krb5_wrap.h
index 4f333cc4b0..31bee352ab 100644
--- a/libcli/auth/krb5_wrap.h
+++ b/libcli/auth/krb5_wrap.h
@@ -31,7 +31,6 @@ int create_kerberos_key_from_string_direct(krb5_context context,
krb5_enctype enctype);
void kerberos_free_data_contents(krb5_context context, krb5_data *pdata);
krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry);
-char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx);
krb5_error_code smb_krb5_parse_name(krb5_context context,
const char *name, /* in unix charset */
@@ -54,6 +53,10 @@ krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
krb5_checksum *cksum,
uint8_t *data,
size_t length);
+char *gssapi_error_string(TALLOC_CTX *mem_ctx,
+ OM_uint32 maj_stat, OM_uint32 min_stat,
+ const gss_OID mech);
+char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx);
krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
DATA_BLOB pac_data,
diff --git a/libcli/auth/wscript_build b/libcli/auth/wscript_build
index bdf52d0399..541eaf0434 100644
--- a/libcli/auth/wscript_build
+++ b/libcli/auth/wscript_build
@@ -41,4 +41,4 @@ bld.SAMBA_SUBSYSTEM('SPNEGO_PARSE',
bld.SAMBA_SUBSYSTEM('KRB5_WRAP',
source='krb5_wrap.c kerberos_pac.c',
- deps='krb5 ndr-krb5pac com_err')
+ deps='gssapi krb5 ndr-krb5pac com_err')