*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
/* NT error codes. please read nterr.h */
#include "includes.h"
-typedef const struct
+typedef struct
{
const char *nt_errstr;
NTSTATUS nt_errcode;
} nt_err_code_struct;
-static nt_err_code_struct nt_errs[] =
+static const nt_err_code_struct nt_errs[] =
{
{ "NT_STATUS_OK", NT_STATUS_OK },
{ "NT_STATUS_UNSUCCESSFUL", NT_STATUS_UNSUCCESSFUL },
{ "NT_STATUS_TOO_MANY_LINKS", NT_STATUS_TOO_MANY_LINKS },
{ "NT_STATUS_QUOTA_LIST_INCONSISTENT", NT_STATUS_QUOTA_LIST_INCONSISTENT },
{ "NT_STATUS_FILE_IS_OFFLINE", NT_STATUS_FILE_IS_OFFLINE },
+ { "NT_STATUS_DS_NO_MORE_RIDS", NT_STATUS_DS_NO_MORE_RIDS },
+ { "NT_STATUS_NOT_A_REPARSE_POINT", NT_STATUS_NOT_A_REPARSE_POINT },
{ "NT_STATUS_NO_MORE_ENTRIES", NT_STATUS_NO_MORE_ENTRIES },
{ "STATUS_MORE_ENTRIES", STATUS_MORE_ENTRIES },
{ "STATUS_SOME_UNMAPPED", STATUS_SOME_UNMAPPED },
+ { "STATUS_NO_MORE_FILES", STATUS_NO_MORE_FILES },
{ NULL, NT_STATUS(0) }
};
+/* These need sorting..... */
+
nt_err_code_struct nt_err_desc[] =
{
{ "Success", NT_STATUS_OK },
{ "Invalid workstation", NT_STATUS_INVALID_WORKSTATION },
{ "Password expired", NT_STATUS_PASSWORD_EXPIRED },
{ "Account disabled", NT_STATUS_ACCOUNT_DISABLED },
- { "Unexpected information received", NT_STATUS_INVALID_PARAMETER },
{ "Memory allocation error", NT_STATUS_NO_MEMORY },
{ "No domain controllers located", NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND },
- { "Account locked out", NT_STATUS_ACCOUNT_LOCKED_OUT },
{ "Named pipe not available", NT_STATUS_PIPE_NOT_AVAILABLE },
{ "Not implemented", NT_STATUS_NOT_IMPLEMENTED },
{ "Invalid information class", NT_STATUS_INVALID_INFO_CLASS },
{ "No memory", NT_STATUS_NO_MEMORY },
{ "Buffer too small", NT_STATUS_BUFFER_TOO_SMALL },
{ "Revision mismatch", NT_STATUS_REVISION_MISMATCH },
- { "No logon servers", NT_STATUS_NO_LOGON_SERVERS },
{ "No such logon session", NT_STATUS_NO_SUCH_LOGON_SESSION },
{ "No such privilege", NT_STATUS_NO_SUCH_PRIVILEGE },
{ "Procedure not found", NT_STATUS_PROCEDURE_NOT_FOUND },
{ "Duplicate name on network", NT_STATUS_DUPLICATE_NAME },
{ "Print queue is full", NT_STATUS_PRINT_QUEUE_FULL },
{ "No print spool space available", NT_STATUS_NO_SPOOL_SPACE },
+ { "The network name cannot be found", NT_STATUS_BAD_NETWORK_NAME },
+ { "The connection was refused", NT_STATUS_CONNECTION_REFUSED },
{ "Too many names", NT_STATUS_TOO_MANY_NAMES },
{ "Too many sessions", NT_STATUS_TOO_MANY_SESSIONS },
{ "Invalid server state", NT_STATUS_INVALID_SERVER_STATE },
{ "Insufficient logon information", NT_STATUS_INSUFFICIENT_LOGON_INFO },
{ "License quota exceeded", NT_STATUS_LICENSE_QUOTA_EXCEEDED },
+ { "No more files", STATUS_NO_MORE_FILES },
{ NULL, NT_STATUS(0) }
};
-
/*****************************************************************************
- returns an NT error message. not amazingly helpful, but better than a number.
+ Returns an NT error message. not amazingly helpful, but better than a number.
*****************************************************************************/
+
const char *nt_errstr(NTSTATUS nt_code)
{
static pstring msg;
int idx = 0;
+#ifdef HAVE_LDAP
+ if (NT_STATUS_TYPE(nt_code) == NT_STATUS_TYPE_LDAP) {
+ return ldap_err2string(NT_STATUS_LDAP_CODE(nt_code));
+ }
+#endif
+
slprintf(msg, sizeof(msg), "NT code 0x%08x", NT_STATUS_V(nt_code));
while (nt_errs[idx].nt_errstr != NULL) {
- if (NT_STATUS_V(nt_errs[idx].nt_errcode) ==
- NT_STATUS_V(nt_code)) {
+ if (NT_STATUS_EQUAL(nt_errs[idx].nt_errcode, nt_code)) {
return nt_errs[idx].nt_errstr;
}
idx++;
int idx = 0;
while (nt_err_desc[idx].nt_errstr != NULL) {
- if (NT_STATUS_V(nt_err_desc[idx].nt_errcode) == NT_STATUS_V(nt_code))
- {
+ if (NT_STATUS_V(nt_err_desc[idx].nt_errcode) == NT_STATUS_V(nt_code)) {
return nt_err_desc[idx].nt_errstr;
}
idx++;
}
/*****************************************************************************
- returns an NT_STATUS constant as a string for inclusion in autogen C code
+ Returns an NT_STATUS constant as a string for inclusion in autogen C code.
*****************************************************************************/
+
const char *get_nt_error_c_code(NTSTATUS nt_code)
{
static pstring out;
}
/*****************************************************************************
- returns the NT_STATUS constant matching the string supplied (as an NTSTATUS)
+ Returns the NT_STATUS constant matching the string supplied (as an NTSTATUS)
*****************************************************************************/
+
NTSTATUS nt_status_string_to_code(char *nt_status_str)
{
int idx = 0;
}
return NT_STATUS_UNSUCCESSFUL;
}
+
+/**
+ * Squash an NT_STATUS in line with security requirements.
+ * In an attempt to avoid giving the whole game away when users
+ * are authenticating, NT replaces both NT_STATUS_NO_SUCH_USER and
+ * NT_STATUS_WRONG_PASSWORD with NT_STATUS_LOGON_FAILURE in certain situations
+ * (session setups in particular).
+ *
+ * @param nt_status NTSTATUS input for squashing.
+ * @return the 'squashed' nt_status
+ **/
+
+NTSTATUS nt_status_squash(NTSTATUS nt_status)
+{
+ if NT_STATUS_IS_OK(nt_status) {
+ return nt_status;
+ } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) {
+ /* Match WinXP and don't give the game away */
+ return NT_STATUS_LOGON_FAILURE;
+
+ } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) {
+ /* Match WinXP and don't give the game away */
+ return NT_STATUS_LOGON_FAILURE;
+ } else {
+ return nt_status;
+ }
+}
git.samba.org / tprouty / samba.git / blobdiff