* @param[in] context The krb5_context
* @param[in] principal The principal
* @param[in] component The component
- * @return string component
+ * @param[out] out The output string
+ * @return krb5_error_code
*
* Caller must talloc_free if the return value is not NULL.
*
*/
-char *smb_krb5_principal_get_comp_string(TALLOC_CTX *mem_ctx,
- krb5_context context,
- krb5_const_principal principal,
- unsigned int component)
+krb5_error_code smb_krb5_principal_get_comp_string(TALLOC_CTX *mem_ctx,
+ krb5_context context,
+ krb5_const_principal principal,
+ unsigned int component,
+ char **out)
{
+ char *out_str = NULL;
#if defined(HAVE_KRB5_PRINCIPAL_GET_COMP_STRING)
const char *str = NULL;
str = krb5_principal_get_comp_string(context, principal, component);
if (str == NULL) {
- return NULL;
+ return ENOENT;
}
- return talloc_strdup(mem_ctx, str);
+ out_str = talloc_strdup(mem_ctx, str);
+ if (out_str == NULL) {
+ return ENOMEM;
+ }
#else
krb5_data *data;
if (component >= krb5_princ_size(context, principal)) {
- return NULL;
+ return ENOENT;
}
data = krb5_princ_component(context, principal, component);
if (data == NULL) {
- return NULL;
+ return ENOENT;
}
- return talloc_strndup(mem_ctx, data->data, data->length);
+ out_str = talloc_strndup(mem_ctx, data->data, data->length);
+ if (out_str == NULL) {
+ return ENOMEM;
+ }
#endif
+ *out = out_str;
+ return 0;
}
/**
{
char *p = NULL;
int eq = 1;
+ krb5_error_code ret = 0;
- p = smb_krb5_principal_get_comp_string(NULL, context, principal, 0);
- if (p == NULL) {
+ ret = smb_krb5_principal_get_comp_string(NULL, context, principal, 0, &p);
+ if (ret == ENOENT) {
+ return 0;
+ } else if (ret) {
return -1;
}
const char *netbios_name,
const char *ntds_guid)
{
- int ret, princ_size;
+ krb5_error_code ret, princ_size;
krb5_context krb_ctx;
krb5_error_code kerr;
krb5_principal principal;
goto fail;
}
- instanceName = smb_krb5_principal_get_comp_string(mem_ctx, krb_ctx,
- principal, 1);
- serviceType = smb_krb5_principal_get_comp_string(mem_ctx, krb_ctx,
- principal, 0);
+ ret = smb_krb5_principal_get_comp_string(mem_ctx, krb_ctx,
+ principal, 1, &instanceName);
+ if (ret) {
+ goto fail;
+ }
+ ret = smb_krb5_principal_get_comp_string(mem_ctx, krb_ctx,
+ principal, 0, &serviceType);
+ if (ret) {
+ goto fail;
+ }
if (krb5_princ_size(krb_ctx, principal) == 3) {
- serviceName = smb_krb5_principal_get_comp_string(mem_ctx, krb_ctx,
- principal, 2);
+ ret = smb_krb5_principal_get_comp_string(mem_ctx, krb_ctx,
+ principal, 2, &serviceName);
+ if (ret) {
+ goto fail;
+ }
}
if (serviceName) {
bool is_our_realm;
bool is_dc;
- third_part = smb_krb5_principal_get_comp_string(tmp_ctx,
- context,
- principal,
- 2);
- if (third_part == NULL) {
- ret = ENOMEM;
+ ret = smb_krb5_principal_get_comp_string(tmp_ctx,
+ context,
+ principal,
+ 2,
+ &third_part);
+ if (ret) {
krb5_set_error_message(context, ret, "smb_krb5_principal_get_comp_string: out of memory");
goto out;
}
char *principal_string = NULL;
if (smb_krb5_principal_get_type(context, principal) == KRB5_NT_ENTERPRISE_PRINCIPAL) {
- principal_string = smb_krb5_principal_get_comp_string(mem_ctx, context,
- principal, 0);
- if (principal_string == NULL) {
- return ENOMEM;
+ krb5_error_code ret = 0;
+
+ ret = smb_krb5_principal_get_comp_string(mem_ctx, context,
+ principal, 0, &principal_string);
+ if (ret) {
+ return ret;
}
} else {
char *principal_string_m = NULL;
if (num_comp == 1) {
size_t len;
- fallback_account = smb_krb5_principal_get_comp_string(mem_ctx,
- context, fallback_principal, 0);
- if (fallback_account == NULL) {
+ ret = smb_krb5_principal_get_comp_string(mem_ctx,
+ context, fallback_principal, 0, &fallback_account);
+ if (ret) {
krb5_free_principal(context, fallback_principal);
TALLOC_FREE(fallback_realm);
- return ENOMEM;
+ return ret;
}
len = strlen(fallback_account);
/* krbtgt case. Either us or a trusted realm */
- realm_princ_comp = smb_krb5_principal_get_comp_string(tmp_ctx, context, principal, 1);
+ ret = smb_krb5_principal_get_comp_string(tmp_ctx, context, principal, 1, &realm_princ_comp);
+ if (ret == ENOENT) {
+ /* OK. */
+ } else if (ret) {
+ goto out;
+ }
if (lpcfg_is_my_domain_or_realm(lp_ctx, realm_from_princ)
&& lpcfg_is_my_domain_or_realm(lp_ctx, realm_princ_comp)) {
krb5_princ_size(context, principal));
return ret;
}
- str = smb_krb5_principal_get_comp_string(mem_ctx, context, principal, 0);
- if (str == NULL) {
+ ret = smb_krb5_principal_get_comp_string(mem_ctx, context, principal, 0, &str);
+ if (ret) {
return KRB5_PARSE_MALFORMED;
}
ret = krb5_parse_name(context, str,
return SDB_ERR_NOENTRY;
}
- principal_string = smb_krb5_principal_get_comp_string(frame, context,
- principal, 0);
- if (principal_string == NULL) {
+ ret = smb_krb5_principal_get_comp_string(frame, context,
+ principal, 0, &principal_string);
+ if (ret) {
TALLOC_FREE(frame);
- return ENOMEM;
+ return ret;
}
ret = krb5_parse_name(context, principal_string,
}
if (flags & SDB_F_GET_SERVER) {
- char *service_realm = NULL;
-
ret = principal_comp_strcmp(context, principal, 0, KRB5_TGS_NAME);
if (ret == 0) {
/*
*/
if (num_comp == 2 || num_comp == 3) {
- service_realm = smb_krb5_principal_get_comp_string(frame,
- context,
- principal,
- num_comp - 1);
- }
+ char *service_realm = NULL;
- if (service_realm != NULL) {
- realm = service_realm;
+ ret = smb_krb5_principal_get_comp_string(frame,
+ context,
+ principal,
+ num_comp - 1,
+ &service_realm);
+ if (ret) {
+ TALLOC_FREE(frame);
+ return ret;
+ } else {
+ realm = service_realm;
+ }
}
}
projects / thirdparty / samba.git / commitdiff
