mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
auth3: Centralize auth_check_ntlm_password failure handling
Preparation for simplified talloc handling. Slight behaviour change: We now ZERO_STRUCTP(pserver_info) in all failure cases. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
parent
57286d5773
commit
1bbbc152d3
@ -182,7 +182,8 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
|
||||
|
||||
if (auth_context->challenge.length != 8) {
|
||||
DEBUG(0, ("check_ntlm_password: Invalid challenge stored for this auth context - cannot continue\n"));
|
||||
return NT_STATUS_LOGON_FAILURE;
|
||||
nt_status = NT_STATUS_LOGON_FAILURE;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (auth_context->challenge_set_by)
|
||||
@ -202,8 +203,11 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
|
||||
#endif
|
||||
|
||||
/* This needs to be sorted: If it doesn't match, what should we do? */
|
||||
if (!check_domain_match(user_info->client.account_name, user_info->mapped.domain_name))
|
||||
return NT_STATUS_LOGON_FAILURE;
|
||||
if (!check_domain_match(user_info->client.account_name,
|
||||
user_info->mapped.domain_name)) {
|
||||
nt_status = NT_STATUS_LOGON_FAILURE;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) {
|
||||
struct auth_serversupplied_info *server_info;
|
||||
@ -275,7 +279,8 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
|
||||
rhost = tsocket_address_inet_addr_string(user_info->remote_host,
|
||||
talloc_tos());
|
||||
if (rhost == NULL) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
nt_status = NT_STATUS_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
} else {
|
||||
rhost = "127.0.0.1";
|
||||
@ -308,6 +313,8 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
|
||||
return nt_status;
|
||||
}
|
||||
|
||||
fail:
|
||||
|
||||
/* failed authentication; check for guest lapping */
|
||||
|
||||
DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
|
||||
|
Loading…
Reference in New Issue
Block a user