diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-01-11 19:00:34 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-11 10:49:13 +0100 |
commit | fc2c76f9218b1e92982b4b1813f44b9010dcd842 (patch) | |
tree | 79a9e6bb5a960431c2ceb46e6df54e64a8b7dadd | |
parent | 5c92e9a46f46c0967fbec40826d5392ec86c3d6f (diff) | |
download | samba-fc2c76f9218b1e92982b4b1813f44b9010dcd842.tar.gz samba-fc2c76f9218b1e92982b4b1813f44b9010dcd842.tar.bz2 samba-fc2c76f9218b1e92982b4b1813f44b9010dcd842.zip |
s4:auth: Make sure to check the optional auth_context hooks before using them
These are optional to supply - some callers only provide an auth_context for the
other plugin functions, and so we need to deal with this cleanly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 11 10:49:13 CET 2012 on sn-devel-104
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_server.c | 44 |
1 files changed, 26 insertions, 18 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 2deb68b6b5..dcd6123499 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -90,13 +90,15 @@ static NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_s talloc_get_type_abort(ntlmssp_state->callback_private, struct gensec_ntlmssp_context); struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context; - NTSTATUS status; - - status = auth_context->get_challenge(auth_context, chal); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(1, ("auth_ntlmssp_get_challenge: failed to get challenge: %s\n", - nt_errstr(status))); - return status; + NTSTATUS status = NT_STATUS_NOT_IMPLEMENTED; + + if (auth_context->get_challenge) { + status = auth_context->get_challenge(auth_context, chal); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("auth_ntlmssp_get_challenge: failed to get challenge: %s\n", + nt_errstr(status))); + return status; + } } return NT_STATUS_OK; @@ -114,7 +116,10 @@ static bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_s struct gensec_ntlmssp_context); struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context; - return auth_context->challenge_may_be_modified(auth_context); + if (auth_context->challenge_may_be_modified) { + return auth_context->challenge_may_be_modified(auth_context); + } + return false; } /** @@ -127,7 +132,7 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, talloc_get_type_abort(ntlmssp_state->callback_private, struct gensec_ntlmssp_context); struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context; - NTSTATUS nt_status; + NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED; const uint8_t *chal; if (challenge->length != 8) { @@ -136,10 +141,11 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, chal = challenge->data; - nt_status = auth_context->set_challenge(auth_context, - chal, - "NTLMSSP callback (NTLM2)"); - + if (auth_context->set_challenge) { + nt_status = auth_context->set_challenge(auth_context, + chal, + "NTLMSSP callback (NTLM2)"); + } return nt_status; } @@ -157,7 +163,7 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, talloc_get_type_abort(ntlmssp_state->callback_private, struct gensec_ntlmssp_context); struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context; - NTSTATUS nt_status; + NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED; struct auth_usersupplied_info *user_info; user_info = talloc_zero(ntlmssp_state, struct auth_usersupplied_info); @@ -179,10 +185,12 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, user_info->password.response.nt = ntlmssp_state->nt_resp; user_info->password.response.nt.data = talloc_steal(user_info, ntlmssp_state->nt_resp.data); - nt_status = auth_context->check_password(auth_context, - gensec_ntlmssp, - user_info, - &gensec_ntlmssp->user_info_dc); + if (auth_context->check_password) { + nt_status = auth_context->check_password(auth_context, + gensec_ntlmssp, + user_info, + &gensec_ntlmssp->user_info_dc); + } talloc_free(user_info); NT_STATUS_NOT_OK_RETURN(nt_status); |