diff options
author | Stefan Metzmacher <metze@samba.org> | 2009-12-29 10:44:19 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2009-12-29 17:06:23 +0100 |
commit | a8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a (patch) | |
tree | 79941f48b29c87abef14fd1fde0d71b6eaebd4a1 | |
parent | c9b6ad25004caab854cf6301faa472bb5c890a71 (diff) | |
download | samba-a8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a.tar.gz samba-a8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a.tar.bz2 samba-a8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a.zip |
s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer
metze
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp.h | 3 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_server.c | 23 |
2 files changed, 13 insertions, 13 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h index f596cb81ee..3354af9dbf 100644 --- a/source4/auth/ntlmssp/ntlmssp.h +++ b/source4/auth/ntlmssp/ntlmssp.h @@ -81,7 +81,8 @@ struct gensec_ntlmssp_state * @return 8 bytes of challenge data, determined by the server to be the challenge for NTLM authentication * */ - const uint8_t *(*get_challenge)(const struct gensec_ntlmssp_state *); + NTSTATUS (*get_challenge)(const struct gensec_ntlmssp_state *, + uint8_t challenge[8]); /** * Callback to find if the challenge used by NTLM authentication may be modified diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 281ffbfa6d..ae19970044 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -124,8 +124,9 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, DATA_BLOB struct_blob; uint32_t neg_flags = 0; uint32_t ntlmssp_command, chal_flags; - const uint8_t *cryptkey; + uint8_t cryptkey[8]; const char *target_name; + NTSTATUS status; /* parse the NTLMSSP packet */ #if 0 @@ -150,10 +151,11 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, ntlmssp_handle_neg_flags(gensec_ntlmssp_state, neg_flags, gensec_ntlmssp_state->allow_lm_key); /* Ask our caller what challenge they would like in the packet */ - cryptkey = gensec_ntlmssp_state->get_challenge(gensec_ntlmssp_state); - if (!cryptkey) { - DEBUG(1, ("ntlmssp_server_negotiate: backend doesn't give a challenge\n")); - return NT_STATUS_INTERNAL_ERROR; + status = gensec_ntlmssp_state->get_challenge(gensec_ntlmssp_state, cryptkey); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("ntlmssp_server_negotiate: backend doesn't give a challenge: %s\n", + nt_errstr(status))); + return status; } /* Check if we may set the challenge */ @@ -597,22 +599,19 @@ NTSTATUS ntlmssp_server_auth(struct gensec_security *gensec_security, * @return an 8 byte random challenge */ -static const uint8_t *auth_ntlmssp_get_challenge(const struct gensec_ntlmssp_state *gensec_ntlmssp_state) +static NTSTATUS auth_ntlmssp_get_challenge(const struct gensec_ntlmssp_state *gensec_ntlmssp_state, + uint8_t chal[8]) { NTSTATUS status; - uint8_t *chal = talloc_array(gensec_ntlmssp_state, uint8_t, 8); - if (!chal) { - return NULL; - } status = gensec_ntlmssp_state->auth_context->get_challenge(gensec_ntlmssp_state->auth_context, chal); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("auth_ntlmssp_get_challenge: failed to get challenge: %s\n", nt_errstr(status))); - return NULL; + return status; } - return chal; + return NT_STATUS_OK; } /** |