diff options
author | Stefan Metzmacher <metze@samba.org> | 2017-06-29 16:55:09 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2017-07-05 02:17:12 +0200 |
commit | c0b2f85da2dcceaeb156262a68a7e37fce5a6951 (patch) | |
tree | dd45e9169b17f1d04f6bbe0b01fdf929e8fb5caf | |
parent | b337d2661707ea763064c138c27a00c85ea6c241 (diff) | |
download | samba-c0b2f85da2dcceaeb156262a68a7e37fce5a6951.tar.gz |
auth/spnego: set spnego_state->{state_position,expected_packet} gensec_spnego_create_negTokenInit()
We should only do the state change in a defined place
and not with any error gensec_spnego_create_negTokenInit() might return.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
-rw-r--r-- | auth/gensec/spnego.c | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c index 65aa5693a2d..594de18a591 100644 --- a/auth/gensec/spnego.c +++ b/auth/gensec/spnego.c @@ -555,6 +555,14 @@ static NTSTATUS gensec_spnego_create_negTokenInit(struct gensec_security *gensec /* set next state */ spnego_state->neg_oid = all_sec[i].oid; + if (spnego_state->state_position == SPNEGO_SERVER_START) { + spnego_state->state_position = SPNEGO_SERVER_START; + spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT; + } else { + spnego_state->state_position = SPNEGO_CLIENT_TARG; + spnego_state->expected_packet = SPNEGO_NEG_TOKEN_TARG; + } + return NT_STATUS_MORE_PROCESSING_REQUIRED; } gensec_spnego_update_sub_abort(spnego_state); @@ -645,11 +653,10 @@ static NTSTATUS gensec_spnego_update_client(struct gensec_security *gensec_secur if (!in.length) { /* client to produce negTokenInit */ - nt_status = gensec_spnego_create_negTokenInit(gensec_security, spnego_state, - out_mem_ctx, ev, out); - spnego_state->state_position = SPNEGO_CLIENT_TARG; - spnego_state->expected_packet = SPNEGO_NEG_TOKEN_TARG; - return nt_status; + return gensec_spnego_create_negTokenInit(gensec_security, + spnego_state, + out_mem_ctx, + ev, out); } len = spnego_read_data(gensec_security, in, &spnego); @@ -1119,11 +1126,10 @@ static NTSTATUS gensec_spnego_update_server(struct gensec_security *gensec_secur return nt_status; } else { - nt_status = gensec_spnego_create_negTokenInit(gensec_security, spnego_state, - out_mem_ctx, ev, out); - spnego_state->state_position = SPNEGO_SERVER_START; - spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT; - return nt_status; + return gensec_spnego_create_negTokenInit(gensec_security, + spnego_state, + out_mem_ctx, + ev, out); } } |