diff options
author | Andreas Schneider <asn@samba.org> | 2019-11-13 12:48:18 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-11-14 08:01:43 +0000 |
commit | dc75a5f27eb32caf2f2adc289bc82fb0f8042cb3 (patch) | |
tree | bb060fee73ad8904b9f06b7fc0adc79bbf9c3a50 | |
parent | 0914824684b3a69a9926402d447e1d5781f2ec02 (diff) | |
download | samba-dc75a5f27eb32caf2f2adc289bc82fb0f8042cb3.tar.gz |
libcli:auth: Return NTSTATUS for SMBOWFencrypt_ntv2()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | libcli/auth/proto.h | 8 | ||||
-rw-r--r-- | libcli/auth/smbencrypt.c | 25 |
2 files changed, 19 insertions, 14 deletions
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index 4c20783124b..52a33d8d457 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -135,10 +135,10 @@ bool ntv2_owf_gen(const uint8_t owf[16], void SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24]); void SMBNTencrypt_hash(const uint8_t nt_hash[16], const uint8_t *c8, uint8_t *p24); void SMBNTencrypt(const char *passwd, const uint8_t *c8, uint8_t *p24); -void SMBOWFencrypt_ntv2(const uint8_t kr[16], - const DATA_BLOB *srv_chal, - const DATA_BLOB *smbcli_chal, - uint8_t resp_buf[16]); +NTSTATUS SMBOWFencrypt_ntv2(const uint8_t kr[16], + const DATA_BLOB *srv_chal, + const DATA_BLOB *smbcli_chal, + uint8_t resp_buf[16]); NTSTATUS SMBsesskeygen_ntv2(const uint8_t kr[16], const uint8_t *nt_resp, uint8_t sess_key[16]); diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c index 1412274dd21..e7ed0630cdc 100644 --- a/libcli/auth/smbencrypt.c +++ b/libcli/auth/smbencrypt.c @@ -334,12 +334,13 @@ void SMBNTencrypt(const char *passwd, const uint8_t *c8, uint8_t *p24) /* Does the md5 encryption from the Key Response for NTLMv2. */ -void SMBOWFencrypt_ntv2(const uint8_t kr[16], - const DATA_BLOB *srv_chal, - const DATA_BLOB *smbcli_chal, - uint8_t resp_buf[16]) +NTSTATUS SMBOWFencrypt_ntv2(const uint8_t kr[16], + const DATA_BLOB *srv_chal, + const DATA_BLOB *smbcli_chal, + uint8_t resp_buf[16]) { gnutls_hmac_hd_t hmac_hnd = NULL; + NTSTATUS status; int rc; rc = gnutls_hmac_init(&hmac_hnd, @@ -347,27 +348,31 @@ void SMBOWFencrypt_ntv2(const uint8_t kr[16], kr, 16); if (rc < 0) { - return; + return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } rc = gnutls_hmac(hmac_hnd, srv_chal->data, srv_chal->length); if (rc < 0) { - return; + status = gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); + goto out; } rc = gnutls_hmac(hmac_hnd, smbcli_chal->data, smbcli_chal->length); if (rc < 0) { - gnutls_hmac_deinit(hmac_hnd, NULL); - return; + status = gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); + goto out; } - gnutls_hmac_deinit(hmac_hnd, resp_buf); - #ifdef DEBUG_PASSWORD DEBUG(100, ("SMBOWFencrypt_ntv2: srv_chal, smbcli_chal, resp_buf\n")); dump_data(100, srv_chal->data, srv_chal->length); dump_data(100, smbcli_chal->data, smbcli_chal->length); dump_data(100, resp_buf, 16); #endif + + status = NT_STATUS_OK; +out: + gnutls_hmac_deinit(hmac_hnd, resp_buf); + return status; } NTSTATUS SMBsesskeygen_ntv2(const uint8_t kr[16], |