summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libads/ads_status.c35
-rw-r--r--source3/libsmb/errormap.c37
2 files changed, 54 insertions, 18 deletions
diff --git a/source3/libads/ads_status.c b/source3/libads/ads_status.c
index 5a4165c2f9..00427936ad 100644
--- a/source3/libads/ads_status.c
+++ b/source3/libads/ads_status.c
@@ -69,30 +69,29 @@ ADS_STATUS ads_build_nt_error(enum ads_error_type etype,
*/
NTSTATUS ads_ntstatus(ADS_STATUS status)
{
- if (status.error_type == ENUM_ADS_ERROR_NT){
+ switch (status.error_type) {
+ case ENUM_ADS_ERROR_NT:
return status.err.nt_status;
- }
- if (status.error_type == ENUM_ADS_ERROR_SYSTEM) {
+ case ENUM_ADS_ERROR_SYSTEM:
return map_nt_error_from_unix(status.err.rc);
- }
#ifdef HAVE_LDAP
- if ((status.error_type == ENUM_ADS_ERROR_LDAP)
- && (status.err.rc == LDAP_NO_MEMORY)) {
- return NT_STATUS_NO_MEMORY;
- }
+ case ENUM_ADS_ERROR_LDAP:
+ if (status.err.rc == LDAP_NO_MEMORY) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ break;
#endif
#ifdef HAVE_KRB5
- if (status.error_type == ENUM_ADS_ERROR_KRB5) {
- if (status.err.rc == KRB5KDC_ERR_PREAUTH_FAILED) {
- return NT_STATUS_LOGON_FAILURE;
- } else if (status.err.rc == KRB5_KDC_UNREACH) {
- return NT_STATUS_NO_LOGON_SERVERS;
- } else if (status.err.rc == KRB5KRB_AP_ERR_SKEW) {
- return NT_STATUS_TIME_DIFFERENCE_AT_DC;
- }
- }
+ case ENUM_ADS_ERROR_KRB5:
+ return krb5_to_ntstatus(status.err.rc);
#endif
- if (ADS_ERR_OK(status)) return NT_STATUS_OK;
+ default:
+ break;
+ }
+
+ if (ADS_ERR_OK(status)) {
+ return NT_STATUS_OK;
+ }
return NT_STATUS_UNSUCCESSFUL;
}
diff --git a/source3/libsmb/errormap.c b/source3/libsmb/errormap.c
index cb5e8311ca..7758246929 100644
--- a/source3/libsmb/errormap.c
+++ b/source3/libsmb/errormap.c
@@ -1566,3 +1566,40 @@ NTSTATUS map_nt_error_from_unix(int unix_error)
/* Default return */
return NT_STATUS_ACCESS_DENIED;
}
+
+#ifdef HAVE_KRB5
+/*********************************************************************
+ Map a krb5 error code to an NT error code
+*********************************************************************/
+
+struct krb5_error_map {
+ int krb5_error;
+ NTSTATUS nt_error;
+};
+
+const struct krb5_error_map krb5_nt_errmap[] = {
+ { KRB5KDC_ERR_PREAUTH_FAILED, NT_STATUS_LOGON_FAILURE },
+ { KRB5_KDC_UNREACH, NT_STATUS_NO_LOGON_SERVERS },
+ { KRB5KRB_AP_ERR_SKEW, NT_STATUS_TIME_DIFFERENCE_AT_DC },
+ /* not sure if this mapping is appropriate */
+ { KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, NT_STATUS_NO_TRUST_SAM_ACCOUNT },
+ { KRB5KDC_ERR_NONE, NT_STATUS_OK },
+ /* end of array flag - not used as error code... */
+ { 0, NT_STATUS_OK }
+};
+
+NTSTATUS krb5_to_ntstatus(int error)
+{
+ int i = 0;
+
+ while (krb5_nt_errmap[i].krb5_error != 0) {
+ if (krb5_nt_errmap[i].krb5_error == error) {
+ return krb5_nt_errmap[i].nt_error;
+ }
+ i++;
+ }
+
+ return NT_STATUS_ACCESS_DENIED;
+}
+#endif
+