From edba46ce94c335411ab337eeb4ef6f88fb3aae80 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 2 Jun 2010 22:35:53 +1000
Subject: s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS

It's nicer to have an NTSTATUS return, and in s3compat there may be a
reason other than 'no memory' why this can fail.

Andrew Bartlett
---
 source3/auth/auth_ntlmssp.c   | 10 ++++++----
 source3/include/proto.h       |  5 +++--
 source3/rpc_server/srv_pipe.c |  7 ++++---
 source3/smbd/sesssetup.c      |  2 +-
 source3/smbd/smb2_sesssetup.c |  7 ++++---
 5 files changed, 18 insertions(+), 13 deletions(-)

(limited to 'source3')

diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index e0e0003f9d..1b48ba022d 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -74,8 +74,9 @@ bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *auth_ntlmssp_state)
 	return auth_ntlmssp_state->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL;
 }
 
-struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
-							  struct auth_ntlmssp_state *auth_ntlmssp_state)
+NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
+				  struct auth_ntlmssp_state *auth_ntlmssp_state,
+				  struct auth_serversupplied_info **_server_info)
 {
 	struct auth_serversupplied_info *server_info = auth_ntlmssp_state->server_info;
 	data_blob_free(&server_info->user_session_key);
@@ -85,10 +86,11 @@ struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
 			auth_ntlmssp_state->ntlmssp_state->session_key.data,
 			auth_ntlmssp_state->ntlmssp_state->session_key.length);
 	if (auth_ntlmssp_state->ntlmssp_state->session_key.length && !server_info->user_session_key.data) {
-		return NULL;
+		return NT_STATUS_NO_MEMORY;
 	}
 	auth_ntlmssp_state->server_info = NULL;
-	return talloc_steal(mem_ctx, server_info);
+	*_server_info = talloc_steal(mem_ctx, server_info);
+	return NT_STATUS_OK;
 }
 
 struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index dc6b555fd2..268e2b50aa 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -54,8 +54,9 @@ NTSTATUS auth_netlogond_init(void);
 
 /* The following definitions come from auth/auth_ntlmssp.c  */
 
-struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
-							  struct auth_ntlmssp_state *auth_ntlmssp_state);
+NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
+				  struct auth_ntlmssp_state *auth_ntlmssp_state,
+				  struct auth_serversupplied_info **_server_info);
 struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state);
 const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *auth_ntlmssp_state);
 const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_state);
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index fccc41c33a..0f60cdff1c 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -713,9 +713,10 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
 
 	TALLOC_FREE(p->server_info);
 
-	p->server_info = auth_ntlmssp_server_info(p, a);
-	if (p->server_info == NULL) {
-		DEBUG(0, ("auth_ntlmssp_server_info failed to obtain the server info for authenticated user\n"));
+	status = auth_ntlmssp_server_info(p, a, &p->server_info);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0, ("auth_ntlmssp_server_info failed to obtain the server info for authenticated user: %s\n",
+			  nt_errstr(status)));
 		return false;
 	}
 
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index d707ba3021..28e5aea39b 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -637,7 +637,7 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 	struct smbd_server_connection *sconn = smbd_server_conn;
 
 	if (NT_STATUS_IS_OK(nt_status)) {
-		server_info = auth_ntlmssp_server_info(talloc_tos(), (*auth_ntlmssp_state));
+		nt_status = auth_ntlmssp_server_info(talloc_tos(), (*auth_ntlmssp_state), &server_info);
 	} else {
 		/* Note that this server_info won't have a session
 		 * key.  But for map to guest, that's exactly the right
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index af9157107e..963dbe19e1 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -614,11 +614,12 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
 					uint64_t *out_session_id)
 {
 	fstring tmp;
-	session->server_info = auth_ntlmssp_server_info(session, session->auth_ntlmssp_state);
-	if (!session->server_info) {
+	NTSTATUS status = auth_ntlmssp_server_info(session, session->auth_ntlmssp_state,
+						   &session->server_info);
+	if (!NT_STATUS_IS_OK(status)) {
 		auth_ntlmssp_end(&session->auth_ntlmssp_state);
 		TALLOC_FREE(session);
-		return NT_STATUS_NO_MEMORY;
+		return status;
 	}
 
 	if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
-- 
cgit