diff options
author | Günther Deschner <gd@samba.org> | 2011-03-03 01:05:33 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2011-03-04 01:18:42 +0100 |
commit | dc35442fb163c6f14cf8c5730056a4a094ead85a (patch) | |
tree | 5e90c6b5ae6010bb5965db4a61f712827ed8211d /source4/libcli/util | |
parent | 9f4b3b103fea1f2b5f54bae79a86b1490ddc21eb (diff) | |
download | samba-dc35442fb163c6f14cf8c5730056a4a094ead85a.tar.gz samba-dc35442fb163c6f14cf8c5730056a4a094ead85a.tar.bz2 samba-dc35442fb163c6f14cf8c5730056a4a094ead85a.zip |
s4-nterr: move auth_nt_status_squash to nt_status_squash and move to nterr.c
Guenther
Diffstat (limited to 'source4/libcli/util')
-rw-r--r-- | source4/libcli/util/nterr.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/source4/libcli/util/nterr.c b/source4/libcli/util/nterr.c index cb0c081602..ca998bbf6f 100644 --- a/source4/libcli/util/nterr.c +++ b/source4/libcli/util/nterr.c @@ -929,3 +929,30 @@ NTSTATUS nt_status_string_to_code(const char *nt_status_str) } return NT_STATUS_UNSUCCESSFUL; } + +/** + * Squash an NT_STATUS in line with security requirements. + * In an attempt to avoid giving the whole game away when users + * are authenticating, NT replaces both NT_STATUS_NO_SUCH_USER and + * NT_STATUS_WRONG_PASSWORD with NT_STATUS_LOGON_FAILURE in certain situations + * (session setups in particular). + * + * @param nt_status NTSTATUS input for squashing. + * @return the 'squashed' nt_status + **/ + +NTSTATUS nt_status_squash(NTSTATUS nt_status) +{ + if NT_STATUS_IS_OK(nt_status) { + return nt_status; + } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) { + /* Match WinXP and don't give the game away */ + return NT_STATUS_LOGON_FAILURE; + + } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) { + /* Match WinXP and don't give the game away */ + return NT_STATUS_LOGON_FAILURE; + } else { + return nt_status; + } +} |