summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-01-11 19:00:34 +1100
committerStefan Metzmacher <metze@samba.org>2012-01-11 10:49:13 +0100
commitfc2c76f9218b1e92982b4b1813f44b9010dcd842 (patch)
tree79a9e6bb5a960431c2ceb46e6df54e64a8b7dadd
parent5c92e9a46f46c0967fbec40826d5392ec86c3d6f (diff)
downloadsamba-fc2c76f9218b1e92982b4b1813f44b9010dcd842.tar.gz
samba-fc2c76f9218b1e92982b4b1813f44b9010dcd842.tar.bz2
samba-fc2c76f9218b1e92982b4b1813f44b9010dcd842.zip
s4:auth: Make sure to check the optional auth_context hooks before using them
These are optional to supply - some callers only provide an auth_context for the other plugin functions, and so we need to deal with this cleanly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 11 10:49:13 CET 2012 on sn-devel-104
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c44
1 files changed, 26 insertions, 18 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 2deb68b6b5..dcd6123499 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -90,13 +90,15 @@ static NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_s
talloc_get_type_abort(ntlmssp_state->callback_private,
struct gensec_ntlmssp_context);
struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context;
- NTSTATUS status;
-
- status = auth_context->get_challenge(auth_context, chal);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("auth_ntlmssp_get_challenge: failed to get challenge: %s\n",
- nt_errstr(status)));
- return status;
+ NTSTATUS status = NT_STATUS_NOT_IMPLEMENTED;
+
+ if (auth_context->get_challenge) {
+ status = auth_context->get_challenge(auth_context, chal);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("auth_ntlmssp_get_challenge: failed to get challenge: %s\n",
+ nt_errstr(status)));
+ return status;
+ }
}
return NT_STATUS_OK;
@@ -114,7 +116,10 @@ static bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_s
struct gensec_ntlmssp_context);
struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context;
- return auth_context->challenge_may_be_modified(auth_context);
+ if (auth_context->challenge_may_be_modified) {
+ return auth_context->challenge_may_be_modified(auth_context);
+ }
+ return false;
}
/**
@@ -127,7 +132,7 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state,
talloc_get_type_abort(ntlmssp_state->callback_private,
struct gensec_ntlmssp_context);
struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context;
- NTSTATUS nt_status;
+ NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
const uint8_t *chal;
if (challenge->length != 8) {
@@ -136,10 +141,11 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state,
chal = challenge->data;
- nt_status = auth_context->set_challenge(auth_context,
- chal,
- "NTLMSSP callback (NTLM2)");
-
+ if (auth_context->set_challenge) {
+ nt_status = auth_context->set_challenge(auth_context,
+ chal,
+ "NTLMSSP callback (NTLM2)");
+ }
return nt_status;
}
@@ -157,7 +163,7 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
talloc_get_type_abort(ntlmssp_state->callback_private,
struct gensec_ntlmssp_context);
struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context;
- NTSTATUS nt_status;
+ NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
struct auth_usersupplied_info *user_info;
user_info = talloc_zero(ntlmssp_state, struct auth_usersupplied_info);
@@ -179,10 +185,12 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
user_info->password.response.nt = ntlmssp_state->nt_resp;
user_info->password.response.nt.data = talloc_steal(user_info, ntlmssp_state->nt_resp.data);
- nt_status = auth_context->check_password(auth_context,
- gensec_ntlmssp,
- user_info,
- &gensec_ntlmssp->user_info_dc);
+ if (auth_context->check_password) {
+ nt_status = auth_context->check_password(auth_context,
+ gensec_ntlmssp,
+ user_info,
+ &gensec_ntlmssp->user_info_dc);
+ }
talloc_free(user_info);
NT_STATUS_NOT_OK_RETURN(nt_status);