Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

source: vendor/3.5.11/source3/libads/krb5_errs.c

Visit:

Last change on this file was 414, checked in by Herwig Bauernfeind, 16 years ago
Samba 3.5.0: Initial import
File size: 4.0 KB

Line
1	/*
2	* Unix SMB/CIFS implementation.
3	* Kerberos error mapping functions
4	* Copyright (C) Guenther Deschner 2005
5	*
6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of the GNU General Public License as published by
8	* the Free Software Foundation; either version 3 of the License, or
9	* (at your option) any later version.
10	*
11	* This program is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License
17	* along with this program; if not, see <http://www.gnu.org/licenses/>.
18	*/
19
20	#include "includes.h"
21	#include "smb_krb5.h"
22
23	#ifdef HAVE_KRB5
24
25	static const struct {
26	krb5_error_code krb5_code;
27	NTSTATUS ntstatus;
28	} krb5_to_nt_status_map[] = {
29	{KRB5_CC_IO, NT_STATUS_UNEXPECTED_IO_ERROR},
30	{KRB5KDC_ERR_BADOPTION, NT_STATUS_INVALID_PARAMETER},
31	{KRB5KDC_ERR_CLIENT_REVOKED, NT_STATUS_ACCESS_DENIED},
32	{KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, NT_STATUS_INVALID_ACCOUNT_NAME},
33	{KRB5KDC_ERR_ETYPE_NOSUPP, NT_STATUS_LOGON_FAILURE},
34	#if defined(KRB5KDC_ERR_KEY_EXP) /* MIT */
35	{KRB5KDC_ERR_KEY_EXP, NT_STATUS_PASSWORD_EXPIRED},
36	#else /* old Heimdal releases have it with different name only in an enum: */
37	{KRB5KDC_ERR_KEY_EXPIRED, NT_STATUS_PASSWORD_EXPIRED},
38	#endif
39	{25, NT_STATUS_PASSWORD_EXPIRED}, /* FIXME: bug in heimdal 0.7 krb5_get_init_creds_password (Inappropriate ioctl for device (25)) */
40	{KRB5KDC_ERR_NULL_KEY, NT_STATUS_LOGON_FAILURE},
41	{KRB5KDC_ERR_POLICY, NT_STATUS_INVALID_WORKSTATION},
42	{KRB5KDC_ERR_PREAUTH_FAILED, NT_STATUS_LOGON_FAILURE},
43	{KRB5KDC_ERR_SERVICE_REVOKED, NT_STATUS_ACCESS_DENIED},
44	{KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN, NT_STATUS_INVALID_ACCOUNT_NAME},
45	{KRB5KDC_ERR_SUMTYPE_NOSUPP, NT_STATUS_LOGON_FAILURE},
46	{KRB5KDC_ERR_TGT_REVOKED, NT_STATUS_ACCESS_DENIED},
47	{KRB5_KDC_UNREACH, NT_STATUS_NO_LOGON_SERVERS},
48	{KRB5KRB_AP_ERR_BAD_INTEGRITY, NT_STATUS_LOGON_FAILURE},
49	{KRB5KRB_AP_ERR_MODIFIED, NT_STATUS_LOGON_FAILURE},
50	{KRB5KRB_AP_ERR_SKEW, NT_STATUS_TIME_DIFFERENCE_AT_DC},
51	{KRB5_KDCREP_SKEW, NT_STATUS_TIME_DIFFERENCE_AT_DC},
52	{KRB5KRB_AP_ERR_TKT_EXPIRED, NT_STATUS_LOGON_FAILURE},
53	{KRB5KRB_ERR_GENERIC, NT_STATUS_UNSUCCESSFUL},
54	#if defined(KRB5KRB_ERR_RESPONSE_TOO_BIG)
55	{KRB5KRB_ERR_RESPONSE_TOO_BIG, NT_STATUS_PROTOCOL_UNREACHABLE},
56	#endif
57	{KRB5_CC_NOTFOUND, NT_STATUS_NO_SUCH_FILE},
58	{KRB5_FCC_NOFILE, NT_STATUS_NO_SUCH_FILE},
59	{KRB5_RC_MALLOC, NT_STATUS_NO_MEMORY},
60	{ENOMEM, NT_STATUS_NO_MEMORY},
61	{KRB5_REALM_CANT_RESOLVE, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND},
62
63	/* Must be last entry */
64	{KRB5KDC_ERR_NONE, NT_STATUS_OK}
65	};
66
67	static const struct {
68	NTSTATUS ntstatus;
69	krb5_error_code krb5_code;
70	} nt_status_to_krb5_map[] = {
71	{NT_STATUS_LOGON_FAILURE, KRB5KDC_ERR_PREAUTH_FAILED},
72	{NT_STATUS_NO_LOGON_SERVERS, KRB5_KDC_UNREACH},
73	{NT_STATUS_OK, 0}
74	};
75
76	/*****************************************************************************
77	convert a KRB5 error to a NT status32 code
78	*****************************************************************************/
79	NTSTATUS krb5_to_nt_status(krb5_error_code kerberos_error)
80	{
81	int i;
82
83	if (kerberos_error == 0) {
84	return NT_STATUS_OK;
85	}
86
87	for (i=0; NT_STATUS_V(krb5_to_nt_status_map[i].ntstatus); i++) {
88	if (kerberos_error == krb5_to_nt_status_map[i].krb5_code)
89	return krb5_to_nt_status_map[i].ntstatus;
90	}
91
92	return NT_STATUS_UNSUCCESSFUL;
93	}
94
95	/*****************************************************************************
96	convert an NT status32 code to a KRB5 error
97	*****************************************************************************/
98	krb5_error_code nt_status_to_krb5(NTSTATUS nt_status)
99	{
100	int i;
101
102	if NT_STATUS_IS_OK(nt_status) {
103	return 0;
104	}
105
106	for (i=0; NT_STATUS_V(nt_status_to_krb5_map[i].ntstatus); i++) {
107	if (NT_STATUS_EQUAL(nt_status,nt_status_to_krb5_map[i].ntstatus))
108	return nt_status_to_krb5_map[i].krb5_code;
109	}
110
111	return KRB5KRB_ERR_GENERIC;
112	}
113
114	#endif
115

Note: See TracBrowser for help on using the repository browser.

Download in other formats: