diff options
author | Stefan Metzmacher <metze@samba.org> | 2006-07-27 19:20:57 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:15:06 -0500 |
commit | 622d1db80ac57245daa758860c24559d323b3bc0 (patch) | |
tree | 944a4af2fa00f36da7203a3db081d12aa70e193f | |
parent | 1575743c36e742403c48a15a61bb0afa518012d8 (diff) | |
download | samba-622d1db80ac57245daa758860c24559d323b3bc0.tar.gz samba-622d1db80ac57245daa758860c24559d323b3bc0.tar.bz2 samba-622d1db80ac57245daa758860c24559d323b3bc0.zip |
r17284: move the input checking stuff from ntlmssp_update() into its
own function.
metze
(This used to be commit ee81ad57938a9f54533a0028b87fd84bde90db8d)
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp.c | 84 |
1 files changed, 44 insertions, 40 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c index bb9ff9cc63..c75ebe9eb8 100644 --- a/source4/auth/ntlmssp/ntlmssp.c +++ b/source4/auth/ntlmssp/ntlmssp.c @@ -108,28 +108,12 @@ static NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security, } } -/** - * Next state function for the wrapped NTLMSSP state machine - * - * @param gensec_security GENSEC state, initialised to NTLMSSP - * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on - * @param in The request, as a DATA_BLOB - * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx - * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, - * or NT_STATUS_OK if the user is authenticated. - */ - -static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, - TALLOC_CTX *out_mem_ctx, - const DATA_BLOB input, DATA_BLOB *out) +static NTSTATUS gensec_ntlmssp_update_find(struct gensec_ntlmssp_state *gensec_ntlmssp_state, + const DATA_BLOB input, uint32_t *idx) { - struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data; - NTSTATUS status; - + struct gensec_security *gensec_security = gensec_ntlmssp_state->gensec_security; uint32_t ntlmssp_command; - int i; - - *out = data_blob(NULL, 0); + uint32_t i; if (gensec_ntlmssp_state->expected_state == NTLMSSP_DONE) { /* We are strict here because other modules, which we @@ -140,12 +124,6 @@ static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, return NT_STATUS_INVALID_PARAMETER; } - if (!out_mem_ctx) { - /* if the caller doesn't want to manage/own the memory, - we can put it on our context */ - out_mem_ctx = gensec_ntlmssp_state; - } - if (!input.length) { switch (gensec_ntlmssp_state->role) { case NTLMSSP_CLIENT: @@ -179,27 +157,53 @@ static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, } for (i=0; i < ARRAY_SIZE(ntlmssp_callbacks); i++) { - if (ntlmssp_callbacks[i].role == gensec_ntlmssp_state->role - && ntlmssp_callbacks[i].ntlmssp_command == ntlmssp_command) { - status = ntlmssp_callbacks[i].fn(gensec_security, out_mem_ctx, input, out); - break; + if (ntlmssp_callbacks[i].role == gensec_ntlmssp_state->role && + ntlmssp_callbacks[i].ntlmssp_command == ntlmssp_command) { + *idx = i; + return NT_STATUS_OK; } } - if (i == ARRAY_SIZE(ntlmssp_callbacks)) { + DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n", + gensec_ntlmssp_state->role, ntlmssp_command)); - DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n", - gensec_ntlmssp_state->role, ntlmssp_command)); - - return NT_STATUS_INVALID_PARAMETER; - } + return NT_STATUS_INVALID_PARAMETER; +} + +/** + * Next state function for the wrapped NTLMSSP state machine + * + * @param gensec_security GENSEC state, initialised to NTLMSSP + * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on + * @param in The request, as a DATA_BLOB + * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx + * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, + * or NT_STATUS_OK if the user is authenticated. + */ - if (!NT_STATUS_IS_OK(status)) { - /* error or more processing required */ - return status; +static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB input, DATA_BLOB *out) +{ + struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data; + NTSTATUS status; + uint32_t i; + + *out = data_blob(NULL, 0); + + if (!out_mem_ctx) { + /* if the caller doesn't want to manage/own the memory, + we can put it on our context */ + out_mem_ctx = gensec_ntlmssp_state; } + + status = gensec_ntlmssp_update_find(gensec_ntlmssp_state, input, &i); + NT_STATUS_NOT_OK_RETURN(status); + + status = ntlmssp_callbacks[i].fn(gensec_security, out_mem_ctx, input, out); + NT_STATUS_NOT_OK_RETURN(status); - return status; + return NT_STATUS_OK; } /** |