sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-27 14:04:05 +03:00
Code

s3:libsmb/smb_seal: avoid ads_errstr() dependency and use gssapi_error_string()

Browse Source 
metze
This commit is contained in:
Stefan Metzmacher 2011-10-20 13:23:27 +02:00
parent 8df8277b0a
commit 2a3bf9eb2f
1 changed files with 28 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
source3/libsmb/smb_seal.c
View File

@ -22,6 +22,7 @@
#include "smb_crypt.h" #include "smb_crypt.h"
#include "libsmb/libsmb.h" #include "libsmb/libsmb.h"
#include "ntlmssp_wrap.h" #include "ntlmssp_wrap.h"
#include "libcli/auth/krb5_wrap.h"
/****************************************************************************** /******************************************************************************
@ -209,14 +210,23 @@ static NTSTATUS common_gss_decrypt_buffer(struct smb_tran_enc_state_gss *gss_sta
(gss_qop_t *) NULL); (gss_qop_t *) NULL);
if (ret != GSS_S_COMPLETE) { if (ret != GSS_S_COMPLETE) {
ADS_STATUS adss = ADS_ERROR_GSS(ret, minor); NTSTATUS status = NT_STATUS_ACCESS_DENIED;
DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap failed. Error %s\n", char *gss_err;
ads_errstr(adss) ));
return map_nt_error_from_gss(ret, minor); gss_err = gssapi_error_string(talloc_tos(),
ret, minor,
GSS_C_NULL_OID);
DEBUG(0,("common_gss_decrypt_buffer: gss_unwrap failed. "
"Error [%d/%d] - %s - %s\n",
ret, minor, nt_errstr(status),
gss_err ? gss_err : "<unknown>"));
talloc_free(gss_err);
return status;
} }
if (out_buf.length > in_buf.length) { if (out_buf.length > in_buf.length) {
DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap size (%u) too large (%u) !\n", DEBUG(0,("common_gss_decrypt_buffer: gss_unwrap size (%u) too large (%u) !\n",
(unsigned int)out_buf.length, (unsigned int)out_buf.length,
(unsigned int)in_buf.length )); (unsigned int)in_buf.length ));
gss_release_buffer(&minor, &out_buf); gss_release_buffer(&minor, &out_buf);
@ -266,10 +276,19 @@ static NTSTATUS common_gss_encrypt_buffer(struct smb_tran_enc_state_gss *gss_sta
&out_buf); &out_buf);
if (ret != GSS_S_COMPLETE) { if (ret != GSS_S_COMPLETE) {
ADS_STATUS adss = ADS_ERROR_GSS(ret, minor); NTSTATUS status = NT_STATUS_ACCESS_DENIED;
DEBUG(0,("common_gss_encrypt_buffer: gss_wrap failed. Error %s\n", char *gss_err;
ads_errstr(adss) ));
return map_nt_error_from_gss(ret, minor); gss_err = gssapi_error_string(talloc_tos(),
ret, minor,
GSS_C_NULL_OID);
DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap failed. "
"Error [%d/%d] - %s - %s\n",
ret, minor, nt_errstr(status),
gss_err ? gss_err : "<unknown>"));
talloc_free(gss_err);
return status;
} }
if (!flags_got) { if (!flags_got) {