1/* 2 Unix SMB/CIFS implementation. 3 ads (active directory) utility library 4 Copyright (C) Andrew Tridgell 2001 5 Copyright (C) Remus Koos 2001 6 Copyright (C) Andrew Bartlett 2001 7 8 9 This program is free software; you can redistribute it and/or modify 10 it under the terms of the GNU General Public License as published by 11 the Free Software Foundation; either version 3 of the License, or 12 (at your option) any later version. 13 14 This program is distributed in the hope that it will be useful, 15 but WITHOUT ANY WARRANTY; without even the implied warranty of 16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 GNU General Public License for more details. 18 19 You should have received a copy of the GNU General Public License 20 along with this program. If not, see <http://www.gnu.org/licenses/>. 21*/ 22 23#include "includes.h" 24#include "smb_krb5.h" 25 26/* 27 build a ADS_STATUS structure 28*/ 29ADS_STATUS ads_build_error(enum ads_error_type etype, 30 int rc, int minor_status) 31{ 32 ADS_STATUS ret; 33 34 if (etype == ENUM_ADS_ERROR_NT) { 35 DEBUG(0,("don't use ads_build_error with ENUM_ADS_ERROR_NT!\n")); 36 ret.err.rc = -1; 37 ret.error_type = ENUM_ADS_ERROR_SYSTEM; 38 ret.minor_status = 0; 39 return ret; 40 } 41 42 ret.err.rc = rc; 43 ret.error_type = etype; 44 ret.minor_status = minor_status; 45 return ret; 46} 47 48ADS_STATUS ads_build_nt_error(enum ads_error_type etype, 49 NTSTATUS nt_status) 50{ 51 ADS_STATUS ret; 52 53 if (etype != ENUM_ADS_ERROR_NT) { 54 DEBUG(0,("don't use ads_build_nt_error without ENUM_ADS_ERROR_NT!\n")); 55 ret.err.rc = -1; 56 ret.error_type = ENUM_ADS_ERROR_SYSTEM; 57 ret.minor_status = 0; 58 return ret; 59 } 60 ret.err.nt_status = nt_status; 61 ret.error_type = etype; 62 ret.minor_status = 0; 63 return ret; 64} 65 66/* 67 do a rough conversion between ads error codes and NT status codes 68 we'll need to fill this in more 69*/ 70NTSTATUS ads_ntstatus(ADS_STATUS status) 71{ 72 switch (status.error_type) { 73 case ENUM_ADS_ERROR_NT: 74 return status.err.nt_status; 75 case ENUM_ADS_ERROR_SYSTEM: 76 return map_nt_error_from_unix(status.err.rc); 77#ifdef HAVE_LDAP 78 case ENUM_ADS_ERROR_LDAP: 79 if (status.err.rc == LDAP_SUCCESS) { 80 return NT_STATUS_OK; 81 } 82 return NT_STATUS_LDAP(status.err.rc); 83#endif 84#ifdef HAVE_KRB5 85 case ENUM_ADS_ERROR_KRB5: 86 return krb5_to_nt_status(status.err.rc); 87#endif 88 default: 89 break; 90 } 91 92 if (ADS_ERR_OK(status)) { 93 return NT_STATUS_OK; 94 } 95 return NT_STATUS_UNSUCCESSFUL; 96} 97 98/* 99 return a string for an error from a ads routine 100*/ 101const char *ads_errstr(ADS_STATUS status) 102{ 103 switch (status.error_type) { 104 case ENUM_ADS_ERROR_SYSTEM: 105 return strerror(status.err.rc); 106#ifdef HAVE_LDAP 107 case ENUM_ADS_ERROR_LDAP: 108 return ldap_err2string(status.err.rc); 109#endif 110#ifdef HAVE_KRB5 111 case ENUM_ADS_ERROR_KRB5: 112 return error_message(status.err.rc); 113#endif 114#ifdef HAVE_GSSAPI 115 case ENUM_ADS_ERROR_GSS: 116 { 117 char *ret; 118 uint32 msg_ctx; 119 uint32 minor; 120 gss_buffer_desc msg1, msg2; 121 122 msg_ctx = 0; 123 124 msg1.value = NULL; 125 msg2.value = NULL; 126 gss_display_status(&minor, status.err.rc, GSS_C_GSS_CODE, 127 GSS_C_NULL_OID, &msg_ctx, &msg1); 128 gss_display_status(&minor, status.minor_status, GSS_C_MECH_CODE, 129 GSS_C_NULL_OID, &msg_ctx, &msg2); 130 ret = talloc_asprintf(talloc_tos(), "%s : %s", 131 (char *)msg1.value, (char *)msg2.value); 132 SMB_ASSERT(ret != NULL); 133 gss_release_buffer(&minor, &msg1); 134 gss_release_buffer(&minor, &msg2); 135 return ret; 136 } 137#endif 138 case ENUM_ADS_ERROR_NT: 139 return get_friendly_nt_error_msg(ads_ntstatus(status)); 140 default: 141 return "Unknown ADS error type!? (not compiled in?)"; 142 } 143} 144 145#ifdef HAVE_GSSAPI 146NTSTATUS gss_err_to_ntstatus(uint32 maj, uint32 min) 147{ 148 ADS_STATUS adss = ADS_ERROR_GSS(maj, min); 149 DEBUG(10,("gss_err_to_ntstatus: Error %s\n", 150 ads_errstr(adss) )); 151 return ads_ntstatus(adss); 152} 153#endif 154