summaryrefslogtreecommitdiff
path: root/auth
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2017-06-29 16:55:09 +0200
committerStefan Metzmacher <metze@samba.org>2017-07-05 02:17:12 +0200
commitc0b2f85da2dcceaeb156262a68a7e37fce5a6951 (patch)
treedd45e9169b17f1d04f6bbe0b01fdf929e8fb5caf /auth
parentb337d2661707ea763064c138c27a00c85ea6c241 (diff)
downloadsamba-c0b2f85da2dcceaeb156262a68a7e37fce5a6951.tar.gz
auth/spnego: set spnego_state->{state_position,expected_packet} gensec_spnego_create_negTokenInit()
We should only do the state change in a defined place and not with any error gensec_spnego_create_negTokenInit() might return. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth')
-rw-r--r--auth/gensec/spnego.c26
1 files changed, 16 insertions, 10 deletions
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index 65aa5693a2d..594de18a591 100644
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -555,6 +555,14 @@ static NTSTATUS gensec_spnego_create_negTokenInit(struct gensec_security *gensec
/* set next state */
spnego_state->neg_oid = all_sec[i].oid;
+ if (spnego_state->state_position == SPNEGO_SERVER_START) {
+ spnego_state->state_position = SPNEGO_SERVER_START;
+ spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
+ } else {
+ spnego_state->state_position = SPNEGO_CLIENT_TARG;
+ spnego_state->expected_packet = SPNEGO_NEG_TOKEN_TARG;
+ }
+
return NT_STATUS_MORE_PROCESSING_REQUIRED;
}
gensec_spnego_update_sub_abort(spnego_state);
@@ -645,11 +653,10 @@ static NTSTATUS gensec_spnego_update_client(struct gensec_security *gensec_secur
if (!in.length) {
/* client to produce negTokenInit */
- nt_status = gensec_spnego_create_negTokenInit(gensec_security, spnego_state,
- out_mem_ctx, ev, out);
- spnego_state->state_position = SPNEGO_CLIENT_TARG;
- spnego_state->expected_packet = SPNEGO_NEG_TOKEN_TARG;
- return nt_status;
+ return gensec_spnego_create_negTokenInit(gensec_security,
+ spnego_state,
+ out_mem_ctx,
+ ev, out);
}
len = spnego_read_data(gensec_security, in, &spnego);
@@ -1119,11 +1126,10 @@ static NTSTATUS gensec_spnego_update_server(struct gensec_security *gensec_secur
return nt_status;
} else {
- nt_status = gensec_spnego_create_negTokenInit(gensec_security, spnego_state,
- out_mem_ctx, ev, out);
- spnego_state->state_position = SPNEGO_SERVER_START;
- spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
- return nt_status;
+ return gensec_spnego_create_negTokenInit(gensec_security,
+ spnego_state,
+ out_mem_ctx,
+ ev, out);
}
}