diff options
| author | Günther Deschner <gd@samba.org> | 2007-05-04 09:55:40 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:19:53 -0500 |
| commit | 116c1532e7e8c398a1b22253a361bd88b729fb0f (patch) | |
| tree | 6d1d569c0c8835add355016eceffb2e295d79c96 /source3/libsmb | |
| parent | 6288491e90e542c02857935a528e9765a636cf2a (diff) | |
| download | samba-116c1532e7e8c398a1b22253a361bd88b729fb0f.tar.gz samba-116c1532e7e8c398a1b22253a361bd88b729fb0f.tar.bz2 samba-116c1532e7e8c398a1b22253a361bd88b729fb0f.zip | |
r22664: When we have krb5_get_init_creds_opt_get_error() then try to get the NTSTATUS
codes directly out of the krb5_error edata.
Guenther
(This used to be commit dcd902f24a59288bbb7400d59c0afc0c8303ed69)
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/clikrb5.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index 474c6823ea..64cfe6e952 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -272,6 +272,45 @@ static krb5_error_code smb_krb5_parse_name_norealm_conv(krb5_context context, } #endif +BOOL unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx, + DATA_BLOB *edata, + DATA_BLOB *edata_out) +{ + DATA_BLOB edata_contents; + ASN1_DATA data; + int edata_type; + + if (!edata->length) { + return False; + } + + asn1_load(&data, *edata); + asn1_start_tag(&data, ASN1_SEQUENCE(0)); + asn1_start_tag(&data, ASN1_CONTEXT(1)); + asn1_read_Integer(&data, &edata_type); + + if (edata_type != KRB5_PADATA_PW_SALT) { + DEBUG(0,("edata is not of required type %d but of type %d\n", + KRB5_PADATA_PW_SALT, edata_type)); + asn1_free(&data); + return False; + } + + asn1_start_tag(&data, ASN1_CONTEXT(2)); + asn1_read_OctetString(&data, &edata_contents); + asn1_end_tag(&data); + asn1_end_tag(&data); + asn1_end_tag(&data); + asn1_free(&data); + + *edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length); + + data_blob_free(&edata_contents); + + return True; +} + + BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_pac_data) { DATA_BLOB pac_contents; |