1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

auth/ntlmssp: merge ntlmssp_server_check_password() into ntlmssp_server_auth_send()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Stefan Metzmacher 2017-06-16 17:14:35 +02:00 committed by Andreas Schneider
parent 260e535252
commit 7d43aecb50

View File

@ -310,11 +310,6 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
struct gensec_ntlmssp_context *gensec_ntlmssp,
struct ntlmssp_server_auth_state *state,
const DATA_BLOB request);
static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
struct gensec_ntlmssp_context *gensec_ntlmssp,
const struct auth_usersupplied_info *user_info,
TALLOC_CTX *mem_ctx,
DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key);
static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
struct gensec_ntlmssp_context *gensec_ntlmssp,
struct ntlmssp_server_auth_state *state,
@ -328,8 +323,10 @@ struct tevent_req *ntlmssp_server_auth_send(TALLOC_CTX *mem_ctx,
struct gensec_ntlmssp_context *gensec_ntlmssp =
talloc_get_type_abort(gensec_security->private_data,
struct gensec_ntlmssp_context);
struct auth4_context *auth_context = gensec_security->auth_context;
struct tevent_req *req = NULL;
struct ntlmssp_server_auth_state *state = NULL;
uint8_t authoritative = 0;
NTSTATUS status;
req = tevent_req_create(mem_ctx, &state,
@ -345,15 +342,29 @@ struct tevent_req *ntlmssp_server_auth_send(TALLOC_CTX *mem_ctx,
return tevent_req_post(req, ev);
}
status = ntlmssp_server_check_password(gensec_security,
if (auth_context->check_ntlm_password == NULL) {
tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
return tevent_req_post(req, ev);
}
status = auth_context->check_ntlm_password(auth_context,
gensec_ntlmssp,
state->user_info,
state,
&authoritative,
&gensec_ntlmssp->server_returned_info,
&state->user_session_key,
&state->lm_session_key);
if (!NT_STATUS_IS_OK(status)) {
DBG_INFO("Checking NTLMSSP password for %s\\%s failed: %s\n",
state->user_info->client.domain_name,
state->user_info->client.account_name,
nt_errstr(status));
}
if (tevent_req_nterror(req, status)) {
return tevent_req_post(req, ev);
}
talloc_steal(state, state->user_session_key.data);
talloc_steal(state, state->lm_session_key.data);
status = ntlmssp_server_postauth(gensec_security,
gensec_ntlmssp,
@ -783,43 +794,6 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
return NT_STATUS_OK;
}
/**
* Check the password on an NTLMSSP login.
*
* Return the session keys used on the connection.
*/
static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
struct gensec_ntlmssp_context *gensec_ntlmssp,
const struct auth_usersupplied_info *user_info,
TALLOC_CTX *mem_ctx,
DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
{
struct auth4_context *auth_context = gensec_security->auth_context;
NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
if (auth_context->check_ntlm_password) {
uint8_t authoritative = 0;
nt_status = auth_context->check_ntlm_password(auth_context,
gensec_ntlmssp,
user_info,
&authoritative,
&gensec_ntlmssp->server_returned_info,
user_session_key, lm_session_key);
}
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s failed: %s\n", user_info->client.domain_name, user_info->client.account_name, nt_errstr(nt_status)));
}
NT_STATUS_NOT_OK_RETURN(nt_status);
talloc_steal(mem_ctx, user_session_key->data);
talloc_steal(mem_ctx, lm_session_key->data);
return nt_status;
}
/**
* Next state function for the Authenticate packet
* (after authentication - figures out the session keys etc)