diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/ads.h | 18 | ||||
-rw-r--r-- | source3/include/asn_1.h | 10 | ||||
-rw-r--r-- | source3/libads/ads_status.c | 37 | ||||
-rw-r--r-- | source3/libsmb/ntlmssp.c | 2 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_ads.c | 2 | ||||
-rw-r--r-- | source3/rpc_parse/parse_prs.c | 8 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 2 | ||||
-rw-r--r-- | source3/utils/net_ads.c | 2 |
8 files changed, 45 insertions, 36 deletions
diff --git a/source3/include/ads.h b/source3/include/ads.h index b85ad21fba..65a5ade556 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -39,8 +39,8 @@ typedef struct { } ADS_STRUCT; /* there are 5 possible types of errors the ads subsystem can produce */ -enum ads_error_type {ADS_ERROR_KRB5, ADS_ERROR_GSS, - ADS_ERROR_LDAP, ADS_ERROR_SYSTEM, ADS_ERROR_NT}; +enum ads_error_type {ENUM_ADS_ERROR_KRB5, ENUM_ADS_ERROR_GSS, + ENUM_ADS_ERROR_LDAP, ENUM_ADS_ERROR_SYSTEM, ENUM_ADS_ERROR_NT}; typedef struct { enum ads_error_type error_type; @@ -48,7 +48,7 @@ typedef struct { int rc; NTSTATUS nt_status; } err; - /* For error_type = ADS_ERROR_GSS minor_status describe GSS API error */ + /* For error_type = ENUM_ADS_ERROR_GSS minor_status describe GSS API error */ /* Where rc represents major_status of GSS API error */ int minor_status; } ADS_STATUS; @@ -61,13 +61,13 @@ typedef void **ADS_MODLIST; /* macros to simplify error returning */ #define ADS_ERROR(rc) ADS_ERROR_LDAP(rc) -#define ADS_ERROR_LDAP(rc) ads_build_error(ADS_ERROR_LDAP, rc, 0) -#define ADS_ERROR_SYSTEM(rc) ads_build_error(ADS_ERROR_SYSTEM, rc?rc:EINVAL, 0) -#define ADS_ERROR_KRB5(rc) ads_build_error(ADS_ERROR_KRB5, rc, 0) -#define ADS_ERROR_GSS(rc, minor) ads_build_error(ADS_ERROR_GSS, rc, minor) -#define ADS_ERROR_NT(rc) ads_build_nt_error(ADS_ERROR_NT,rc) +#define ADS_ERROR_LDAP(rc) ads_build_error(ENUM_ADS_ERROR_LDAP, rc, 0) +#define ADS_ERROR_SYSTEM(rc) ads_build_error(ENUM_ADS_ERROR_SYSTEM, rc?rc:EINVAL, 0) +#define ADS_ERROR_KRB5(rc) ads_build_error(ENUM_ADS_ERROR_KRB5, rc, 0) +#define ADS_ERROR_GSS(rc, minor) ads_build_error(ENUM_ADS_ERROR_GSS, rc, minor) +#define ADS_ERROR_NT(rc) ads_build_nt_error(ENUM_ADS_ERROR_NT,rc) -#define ADS_ERR_OK(status) ((status.error_type == ADS_ERROR_NT) ? NT_STATUS_IS_OK(status.err.nt_status):(status.err.rc == 0)) +#define ADS_ERR_OK(status) ((status.error_type == ENUM_ADS_ERROR_NT) ? NT_STATUS_IS_OK(status.err.nt_status):(status.err.rc == 0)) #define ADS_SUCCESS ADS_ERROR(0) /* time between reconnect attempts */ diff --git a/source3/include/asn_1.h b/source3/include/asn_1.h index 7d4da0db0c..796c8bb740 100644 --- a/source3/include/asn_1.h +++ b/source3/include/asn_1.h @@ -60,10 +60,10 @@ typedef struct { #define SPNEGO_NEG_RESULT_REJECT 2 /* not really ASN.1, but RFC 1964 */ -#define TOK_ID_KRB_AP_REQ "\x01\x00" -#define TOK_ID_KRB_AP_REP "\x02\x00" -#define TOK_ID_KRB_ERROR "\x03\x00" -#define TOK_ID_GSS_GETMIC "\x01\x01" -#define TOK_ID_GSS_WRAP "\x02\x01" +#define TOK_ID_KRB_AP_REQ (uchar*)"\x01\x00" +#define TOK_ID_KRB_AP_REP (uchar*)"\x02\x00" +#define TOK_ID_KRB_ERROR (uchar*)"\x03\x00" +#define TOK_ID_GSS_GETMIC (uchar*)"\x01\x01" +#define TOK_ID_GSS_WRAP (uchar*)"\x02\x01" #endif /* _ASN_1_H */ diff --git a/source3/libads/ads_status.c b/source3/libads/ads_status.c index 11f9d66b92..463f647f9c 100644 --- a/source3/libads/ads_status.c +++ b/source3/libads/ads_status.c @@ -31,10 +31,10 @@ ADS_STATUS ads_build_error(enum ads_error_type etype, { ADS_STATUS ret; - if (etype == ADS_ERROR_NT) { - DEBUG(0,("don't use ads_build_error with ADS_ERROR_NT!\n")); + if (etype == ENUM_ADS_ERROR_NT) { + DEBUG(0,("don't use ads_build_error with ENUM_ADS_ERROR_NT!\n")); ret.err.rc = -1; - ret.error_type = ADS_ERROR_SYSTEM; + ret.error_type = ENUM_ADS_ERROR_SYSTEM; ret.minor_status = 0; return ret; } @@ -50,10 +50,10 @@ ADS_STATUS ads_build_nt_error(enum ads_error_type etype, { ADS_STATUS ret; - if (etype != ADS_ERROR_NT) { - DEBUG(0,("don't use ads_build_nt_error without ADS_ERROR_NT!\n")); + if (etype != ENUM_ADS_ERROR_NT) { + DEBUG(0,("don't use ads_build_nt_error without ENUM_ADS_ERROR_NT!\n")); ret.err.rc = -1; - ret.error_type = ADS_ERROR_SYSTEM; + ret.error_type = ENUM_ADS_ERROR_SYSTEM; ret.minor_status = 0; return ret; } @@ -69,15 +69,24 @@ ADS_STATUS ads_build_nt_error(enum ads_error_type etype, */ NTSTATUS ads_ntstatus(ADS_STATUS status) { - if (status.error_type == ADS_ERROR_NT){ + if (status.error_type == ENUM_ADS_ERROR_NT){ return status.err.nt_status; } #ifdef HAVE_LDAP - if ((status.error_type == ADS_ERROR_LDAP) + if ((status.error_type == ENUM_ADS_ERROR_LDAP) && (status.err.rc == LDAP_NO_MEMORY)) { return NT_STATUS_NO_MEMORY; } #endif +#ifdef HAVE_KRB5 + if (status.error_type == ENUM_ADS_ERROR_KRB5) { + if (status.err.rc == KRB5KDC_ERR_PREAUTH_FAILED) { + return NT_STATUS_LOGON_FAILURE; + } else if (status.err.rc == KRB5_KDC_UNREACH) { + return NT_STATUS_NO_LOGON_SERVERS; + } + } +#endif if (ADS_ERR_OK(status)) return NT_STATUS_OK; return NT_STATUS_UNSUCCESSFUL; } @@ -94,18 +103,18 @@ const char *ads_errstr(ADS_STATUS status) msg_ctx = 0; switch (status.error_type) { - case ADS_ERROR_SYSTEM: + case ENUM_ADS_ERROR_SYSTEM: return strerror(status.err.rc); #ifdef HAVE_LDAP - case ADS_ERROR_LDAP: + case ENUM_ADS_ERROR_LDAP: return ldap_err2string(status.err.rc); #endif #ifdef HAVE_KRB5 - case ADS_ERROR_KRB5: + case ENUM_ADS_ERROR_KRB5: return error_message(status.err.rc); #endif #ifdef HAVE_GSSAPI - case ADS_ERROR_GSS: + case ENUM_ADS_ERROR_GSS: { uint32 minor; @@ -122,8 +131,8 @@ const char *ads_errstr(ADS_STATUS status) return ret; } #endif - case ADS_ERROR_NT: - return nt_errstr(ads_ntstatus(status)); + case ENUM_ADS_ERROR_NT: + return get_friendly_nt_error_msg(ads_ntstatus(status)); default: return "Unknown ADS error type!? (not compiled in?)"; } diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 40d7f41109..a80b4b66b0 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -974,7 +974,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, DEBUG(5, ("NTLMSSP challenge set by NTLM2\n")); DEBUG(5, ("challenge is: \n")); - dump_data(5, session_nonce_hash, 8); + dump_data(5, (const char *)session_nonce_hash, 8); nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24); SMBNTencrypt(ntlmssp_state->password, diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index 90b83bccd0..ec93d494d0 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -67,7 +67,7 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain) /* if we get ECONNREFUSED then it might be a NT4 server, fall back to MSRPC */ - if (status.error_type == ADS_ERROR_SYSTEM && + if (status.error_type == ENUM_ADS_ERROR_SYSTEM && status.err.rc == ECONNREFUSED) { DEBUG(1,("Trying MSRPC methods\n")); if (domain->methods == &cache_methods) { diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 9056348239..58652fa0c5 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -1574,9 +1574,9 @@ BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags, checksum after the decode, below */ DEBUG(2, ("netsec_decode: FAILED: packet sequence number:\n")); - dump_data(2, verf->seq_num, sizeof(verf->seq_num)); + dump_data(2, (const char*)verf->seq_num, sizeof(verf->seq_num)); DEBUG(2, ("should be:\n")); - dump_data(2, seq_num, sizeof(seq_num)); + dump_data(2, (const char*)seq_num, sizeof(seq_num)); return False; } @@ -1584,9 +1584,9 @@ BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags, if (memcmp(verf->sig, netsec_sig, sizeof(verf->sig))) { /* Validate that the other end sent the expected header */ DEBUG(2, ("netsec_decode: FAILED: packet header:\n")); - dump_data(2, verf->sig, sizeof(verf->sig)); + dump_data(2, (const char*)verf->sig, sizeof(verf->sig)); DEBUG(2, ("should be:\n")); - dump_data(2, netsec_sig, sizeof(netsec_sig)); + dump_data(2, (const char*)netsec_sig, sizeof(netsec_sig)); return False; } diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index bd26ce6849..b9974cba8a 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -4277,7 +4277,7 @@ NTSTATUS _samr_remove_sid_foreign_domain(pipes_struct *p, if ( is_user ) { GROUP_MAP *mappings = NULL; - uint32 num_groups, i; + int num_groups, i; struct group *grp2; if ( pdb_enum_group_mapping(type, &mappings, &num_groups, False) && num_groups>0 ) { diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 9ee2f3c093..24ae9a8811 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -688,7 +688,7 @@ int net_ads_join(int argc, const char **argv) rc = ads_search_dn(ads, &res, dn, NULL); ads_msgfree(ads, res); - if (rc.error_type == ADS_ERROR_LDAP && rc.err.rc == LDAP_NO_SUCH_OBJECT) { + if (rc.error_type == ENUM_ADS_ERROR_LDAP && rc.err.rc == LDAP_NO_SUCH_OBJECT) { d_printf("ads_join_realm: organizational unit %s does not exist (dn:%s)\n", org_unit, dn); return -1; |