diff options
Diffstat (limited to 'source4/kdc')
-rw-r--r-- | source4/kdc/hdb-ldb.c | 14 | ||||
-rw-r--r-- | source4/kdc/pac-glue.c | 16 |
2 files changed, 17 insertions, 13 deletions
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c index 3ef5f9510a..52f7da25bf 100644 --- a/source4/kdc/hdb-ldb.c +++ b/source4/kdc/hdb-ldb.c @@ -186,7 +186,7 @@ static krb5_error_code LDB_message2entry_keys(krb5_context context, hdb_entry_ex *entry_ex) { krb5_error_code ret = 0; - NTSTATUS status; + enum ndr_err_code ndr_err; struct samr_Password *hash; const struct ldb_val *sc_val; struct supplementalCredentialsBlob scb; @@ -213,9 +213,9 @@ static krb5_error_code LDB_message2entry_keys(krb5_context context, /* supplementalCredentials if present */ if (sc_val) { - status = ndr_pull_struct_blob_all(sc_val, mem_ctx, &scb, - (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob); - if (!NT_STATUS_IS_OK(status)) { + ndr_err = ndr_pull_struct_blob_all(sc_val, mem_ctx, &scb, + (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { dump_data(0, sc_val->data, sc_val->length); ret = EINVAL; goto out; @@ -250,9 +250,9 @@ static krb5_error_code LDB_message2entry_keys(krb5_context context, talloc_steal(mem_ctx, blob.data); /* TODO: use ndr_pull_struct_blob_all(), when the ndr layer handles it correct with relative pointers */ - status = ndr_pull_struct_blob(&blob, mem_ctx, &_pkb, - (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob); - if (!NT_STATUS_IS_OK(status)) { + ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &_pkb, + (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { krb5_set_error_string(context, "LDB_message2entry_keys: could not parse package_PrimaryKerberosBlob"); krb5_warnx(context, "LDB_message2entry_keys: could not parse package_PrimaryKerberosBlob"); ret = EINVAL; diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 9b2ea15513..d82718dda2 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -52,6 +52,7 @@ static krb5_error_code make_pac(krb5_context context, struct netr_SamInfo3 *info3; krb5_data pac_data; NTSTATUS nt_status; + enum ndr_err_code ndr_err; DATA_BLOB pac_out; krb5_error_code ret; @@ -70,9 +71,10 @@ static krb5_error_code make_pac(krb5_context context, logon_info.info->info3 = *info3; - nt_status = ndr_push_struct_blob(&pac_out, mem_ctx, &logon_info, - (ndr_push_flags_fn_t)ndr_push_PAC_LOGON_INFO_CTR); - if (!NT_STATUS_IS_OK(nt_status)) { + ndr_err = ndr_push_struct_blob(&pac_out, mem_ctx, &logon_info, + (ndr_push_flags_fn_t)ndr_push_PAC_LOGON_INFO_CTR); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + nt_status = ndr_map_error2ntstatus(ndr_err); DEBUG(1, ("PAC (presig) push failed: %s\n", nt_errstr(nt_status))); return EINVAL; } @@ -147,6 +149,7 @@ krb5_error_code samba_kdc_reget_pac(void *priv, krb5_context context, struct hdb_entry_ex *server, krb5_pac *pac) { NTSTATUS nt_status; + enum ndr_err_code ndr_err; krb5_error_code ret; unsigned int userAccountControl; @@ -184,9 +187,10 @@ krb5_error_code samba_kdc_reget_pac(void *priv, krb5_context context, return ENOMEM; } - nt_status = ndr_pull_struct_blob(&pac_in, mem_ctx, &logon_info, - (ndr_pull_flags_fn_t)ndr_pull_PAC_LOGON_INFO_CTR); - if (!NT_STATUS_IS_OK(nt_status) || !logon_info.info) { + ndr_err = ndr_pull_struct_blob(&pac_in, mem_ctx, &logon_info, + (ndr_pull_flags_fn_t)ndr_pull_PAC_LOGON_INFO_CTR); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err) || !logon_info.info) { + nt_status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status))); talloc_free(mem_ctx); return EINVAL; |