auth/gensec: Return more consistent status codes on gnutls hashing failure

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

auth/gensec/schannel.c

@@ -480,13 +480,13 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state,
 
 		rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
 		if (rc < 0) {
-			return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+			return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 		}
 
 		rc = gnutls_hash(hash_hnd, zeros, sizeof(zeros));
 		if (rc < 0) {
 			gnutls_hash_deinit(hash_hnd, NULL);
-			return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+			return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 		}
 		if (confounder) {
 			SSVAL(header, 0, NL_SIGN_HMAC_MD5);
@@ -497,12 +497,12 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state,
 			rc = gnutls_hash(hash_hnd, header, 8);
 			if (rc < 0) {
 				gnutls_hash_deinit(hash_hnd, NULL);
-				return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+				return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 			}
 			rc = gnutls_hash(hash_hnd, confounder, 8);
 			if (rc < 0) {
 				gnutls_hash_deinit(hash_hnd, NULL);
-				return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+				return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 			}
 		} else {
 			SSVAL(header, 0, NL_SIGN_HMAC_MD5);
@@ -513,13 +513,13 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state,
 			rc = gnutls_hash(hash_hnd, header, 8);
 			if (rc < 0) {
 				gnutls_hash_deinit(hash_hnd, NULL);
-				return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+				return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 			}
 		}
 		rc = gnutls_hash(hash_hnd, data, length);
 		if (rc < 0) {
 			gnutls_hash_deinit(hash_hnd, NULL);
-			return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+			return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 		}
 		gnutls_hash_deinit(hash_hnd, packet_digest);