From fc2c76f9218b1e92982b4b1813f44b9010dcd842 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 11 Jan 2012 19:00:34 +1100 Subject: s4:auth: Make sure to check the optional auth_context hooks before using them These are optional to supply - some callers only provide an auth_context for the other plugin functions, and so we need to deal with this cleanly. Andrew Bartlett Signed-off-by: Stefan Metzmacher Autobuild-User: Stefan Metzmacher Autobuild-Date: Wed Jan 11 10:49:13 CET 2012 on sn-devel-104 --- source4/auth/ntlmssp/ntlmssp_server.c | 44 +++++++++++++++++++++-------------- 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 2deb68b6b5..dcd6123499 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -90,13 +90,15 @@ static NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_s talloc_get_type_abort(ntlmssp_state->callback_private, struct gensec_ntlmssp_context); struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context; - NTSTATUS status; - - status = auth_context->get_challenge(auth_context, chal); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(1, ("auth_ntlmssp_get_challenge: failed to get challenge: %s\n", - nt_errstr(status))); - return status; + NTSTATUS status = NT_STATUS_NOT_IMPLEMENTED; + + if (auth_context->get_challenge) { + status = auth_context->get_challenge(auth_context, chal); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("auth_ntlmssp_get_challenge: failed to get challenge: %s\n", + nt_errstr(status))); + return status; + } } return NT_STATUS_OK; @@ -114,7 +116,10 @@ static bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_s struct gensec_ntlmssp_context); struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context; - return auth_context->challenge_may_be_modified(auth_context); + if (auth_context->challenge_may_be_modified) { + return auth_context->challenge_may_be_modified(auth_context); + } + return false; } /** @@ -127,7 +132,7 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, talloc_get_type_abort(ntlmssp_state->callback_private, struct gensec_ntlmssp_context); struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context; - NTSTATUS nt_status; + NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED; const uint8_t *chal; if (challenge->length != 8) { @@ -136,10 +141,11 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, chal = challenge->data; - nt_status = auth_context->set_challenge(auth_context, - chal, - "NTLMSSP callback (NTLM2)"); - + if (auth_context->set_challenge) { + nt_status = auth_context->set_challenge(auth_context, + chal, + "NTLMSSP callback (NTLM2)"); + } return nt_status; } @@ -157,7 +163,7 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, talloc_get_type_abort(ntlmssp_state->callback_private, struct gensec_ntlmssp_context); struct auth4_context *auth_context = gensec_ntlmssp->gensec_security->auth_context; - NTSTATUS nt_status; + NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED; struct auth_usersupplied_info *user_info; user_info = talloc_zero(ntlmssp_state, struct auth_usersupplied_info); @@ -179,10 +185,12 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, user_info->password.response.nt = ntlmssp_state->nt_resp; user_info->password.response.nt.data = talloc_steal(user_info, ntlmssp_state->nt_resp.data); - nt_status = auth_context->check_password(auth_context, - gensec_ntlmssp, - user_info, - &gensec_ntlmssp->user_info_dc); + if (auth_context->check_password) { + nt_status = auth_context->check_password(auth_context, + gensec_ntlmssp, + user_info, + &gensec_ntlmssp->user_info_dc); + } talloc_free(user_info); NT_STATUS_NOT_OK_RETURN(nt_status); -- cgit