summaryrefslogtreecommitdiff
path: root/source4/auth/ntlmssp
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2009-12-29 10:44:19 +0100
committerStefan Metzmacher <metze@samba.org>2009-12-29 17:06:23 +0100
commita8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a (patch)
tree79941f48b29c87abef14fd1fde0d71b6eaebd4a1 /source4/auth/ntlmssp
parentc9b6ad25004caab854cf6301faa472bb5c890a71 (diff)
downloadsamba-a8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a.tar.gz
samba-a8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a.tar.bz2
samba-a8e61ac084fc84fe9b1246ab97f0ca34cd9a0e8a.zip
s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer
metze
Diffstat (limited to 'source4/auth/ntlmssp')
-rw-r--r--source4/auth/ntlmssp/ntlmssp.h3
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c23
2 files changed, 13 insertions, 13 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index f596cb81ee..3354af9dbf 100644
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -81,7 +81,8 @@ struct gensec_ntlmssp_state
* @return 8 bytes of challenge data, determined by the server to be the challenge for NTLM authentication
*
*/
- const uint8_t *(*get_challenge)(const struct gensec_ntlmssp_state *);
+ NTSTATUS (*get_challenge)(const struct gensec_ntlmssp_state *,
+ uint8_t challenge[8]);
/**
* Callback to find if the challenge used by NTLM authentication may be modified
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 281ffbfa6d..ae19970044 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -124,8 +124,9 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
DATA_BLOB struct_blob;
uint32_t neg_flags = 0;
uint32_t ntlmssp_command, chal_flags;
- const uint8_t *cryptkey;
+ uint8_t cryptkey[8];
const char *target_name;
+ NTSTATUS status;
/* parse the NTLMSSP packet */
#if 0
@@ -150,10 +151,11 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
ntlmssp_handle_neg_flags(gensec_ntlmssp_state, neg_flags, gensec_ntlmssp_state->allow_lm_key);
/* Ask our caller what challenge they would like in the packet */
- cryptkey = gensec_ntlmssp_state->get_challenge(gensec_ntlmssp_state);
- if (!cryptkey) {
- DEBUG(1, ("ntlmssp_server_negotiate: backend doesn't give a challenge\n"));
- return NT_STATUS_INTERNAL_ERROR;
+ status = gensec_ntlmssp_state->get_challenge(gensec_ntlmssp_state, cryptkey);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("ntlmssp_server_negotiate: backend doesn't give a challenge: %s\n",
+ nt_errstr(status)));
+ return status;
}
/* Check if we may set the challenge */
@@ -597,22 +599,19 @@ NTSTATUS ntlmssp_server_auth(struct gensec_security *gensec_security,
* @return an 8 byte random challenge
*/
-static const uint8_t *auth_ntlmssp_get_challenge(const struct gensec_ntlmssp_state *gensec_ntlmssp_state)
+static NTSTATUS auth_ntlmssp_get_challenge(const struct gensec_ntlmssp_state *gensec_ntlmssp_state,
+ uint8_t chal[8])
{
NTSTATUS status;
- uint8_t *chal = talloc_array(gensec_ntlmssp_state, uint8_t, 8);
- if (!chal) {
- return NULL;
- }
status = gensec_ntlmssp_state->auth_context->get_challenge(gensec_ntlmssp_state->auth_context, chal);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("auth_ntlmssp_get_challenge: failed to get challenge: %s\n",
nt_errstr(status)));
- return NULL;
+ return status;
}
- return chal;
+ return NT_STATUS_OK;
}
/**