summaryrefslogtreecommitdiff
path: root/source4/kdc
diff options
context:
space:
mode:
Diffstat (limited to 'source4/kdc')
-rw-r--r--source4/kdc/hdb-ldb.c14
-rw-r--r--source4/kdc/pac-glue.c16
2 files changed, 17 insertions, 13 deletions
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c
index 3ef5f9510a..52f7da25bf 100644
--- a/source4/kdc/hdb-ldb.c
+++ b/source4/kdc/hdb-ldb.c
@@ -186,7 +186,7 @@ static krb5_error_code LDB_message2entry_keys(krb5_context context,
hdb_entry_ex *entry_ex)
{
krb5_error_code ret = 0;
- NTSTATUS status;
+ enum ndr_err_code ndr_err;
struct samr_Password *hash;
const struct ldb_val *sc_val;
struct supplementalCredentialsBlob scb;
@@ -213,9 +213,9 @@ static krb5_error_code LDB_message2entry_keys(krb5_context context,
/* supplementalCredentials if present */
if (sc_val) {
- status = ndr_pull_struct_blob_all(sc_val, mem_ctx, &scb,
- (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
- if (!NT_STATUS_IS_OK(status)) {
+ ndr_err = ndr_pull_struct_blob_all(sc_val, mem_ctx, &scb,
+ (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
dump_data(0, sc_val->data, sc_val->length);
ret = EINVAL;
goto out;
@@ -250,9 +250,9 @@ static krb5_error_code LDB_message2entry_keys(krb5_context context,
talloc_steal(mem_ctx, blob.data);
/* TODO: use ndr_pull_struct_blob_all(), when the ndr layer handles it correct with relative pointers */
- status = ndr_pull_struct_blob(&blob, mem_ctx, &_pkb,
- (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob);
- if (!NT_STATUS_IS_OK(status)) {
+ ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &_pkb,
+ (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
krb5_set_error_string(context, "LDB_message2entry_keys: could not parse package_PrimaryKerberosBlob");
krb5_warnx(context, "LDB_message2entry_keys: could not parse package_PrimaryKerberosBlob");
ret = EINVAL;
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index 9b2ea15513..d82718dda2 100644
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -52,6 +52,7 @@ static krb5_error_code make_pac(krb5_context context,
struct netr_SamInfo3 *info3;
krb5_data pac_data;
NTSTATUS nt_status;
+ enum ndr_err_code ndr_err;
DATA_BLOB pac_out;
krb5_error_code ret;
@@ -70,9 +71,10 @@ static krb5_error_code make_pac(krb5_context context,
logon_info.info->info3 = *info3;
- nt_status = ndr_push_struct_blob(&pac_out, mem_ctx, &logon_info,
- (ndr_push_flags_fn_t)ndr_push_PAC_LOGON_INFO_CTR);
- if (!NT_STATUS_IS_OK(nt_status)) {
+ ndr_err = ndr_push_struct_blob(&pac_out, mem_ctx, &logon_info,
+ (ndr_push_flags_fn_t)ndr_push_PAC_LOGON_INFO_CTR);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC (presig) push failed: %s\n", nt_errstr(nt_status)));
return EINVAL;
}
@@ -147,6 +149,7 @@ krb5_error_code samba_kdc_reget_pac(void *priv, krb5_context context,
struct hdb_entry_ex *server, krb5_pac *pac)
{
NTSTATUS nt_status;
+ enum ndr_err_code ndr_err;
krb5_error_code ret;
unsigned int userAccountControl;
@@ -184,9 +187,10 @@ krb5_error_code samba_kdc_reget_pac(void *priv, krb5_context context,
return ENOMEM;
}
- nt_status = ndr_pull_struct_blob(&pac_in, mem_ctx, &logon_info,
- (ndr_pull_flags_fn_t)ndr_pull_PAC_LOGON_INFO_CTR);
- if (!NT_STATUS_IS_OK(nt_status) || !logon_info.info) {
+ ndr_err = ndr_pull_struct_blob(&pac_in, mem_ctx, &logon_info,
+ (ndr_pull_flags_fn_t)ndr_pull_PAC_LOGON_INFO_CTR);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err) || !logon_info.info) {
+ nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)));
talloc_free(mem_ctx);
return EINVAL;