libcli:auth: Return NTSTATUS for SMBOWFencrypt_ntv2()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

2 files changed, 19 insertions, 10 deletions

diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
index 714652bdb76..4c20783124b 100644
--- a/libcli/auth/proto.h
+++ b/libcli/auth/proto.h
@@ -139,8 +139,9 @@ void SMBOWFencrypt_ntv2(const uint8_t kr[16],
 			const DATA_BLOB *srv_chal,
 			const DATA_BLOB *smbcli_chal,
 			uint8_t resp_buf[16]);
-void SMBsesskeygen_ntv2(const uint8_t kr[16],
-			const uint8_t * nt_resp, uint8_t sess_key[16]);
+NTSTATUS SMBsesskeygen_ntv2(const uint8_t kr[16],
+			    const uint8_t *nt_resp,
+			    uint8_t sess_key[16]);
 void SMBsesskeygen_ntv1(const uint8_t kr[16], uint8_t sess_key[16]);
 void SMBsesskeygen_lm_sess_key(const uint8_t lm_hash[16],
 			       const uint8_t lm_resp[24], /* only uses 8 */ 
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
index cc5e1fbb899..904d2c38219 100644
--- a/libcli/auth/smbencrypt.c
+++ b/libcli/auth/smbencrypt.c
@@ -370,21 +370,29 @@ void SMBOWFencrypt_ntv2(const uint8_t kr[16],
 #endif
 }
 
-void SMBsesskeygen_ntv2(const uint8_t kr[16],
-			const uint8_t * nt_resp, uint8_t sess_key[16])
+NTSTATUS SMBsesskeygen_ntv2(const uint8_t kr[16],
+			    const uint8_t *nt_resp,
+			    uint8_t sess_key[16])
 {
+	int rc;
+
 	/* a very nice, 128 bit, variable session key */
-	gnutls_hmac_fast(GNUTLS_MAC_MD5,
-			 kr,
-			 16,
-			 nt_resp,
-			 16,
-			 sess_key);
+	rc = gnutls_hmac_fast(GNUTLS_MAC_MD5,
+			      kr,
+			      16,
+			      nt_resp,
+			      16,
+			      sess_key);
+	if (rc != 0) {
+		return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
+	}
 
 #ifdef DEBUG_PASSWORD
 	DEBUG(100, ("SMBsesskeygen_ntv2:\n"));
 	dump_data(100, sess_key, 16);
 #endif
+
+	return NT_STATUS_OK;
 }
 
 void SMBsesskeygen_ntv1(const uint8_t kr[16], uint8_t sess_key[16])