diff options
author | Andreas Schneider <asn@samba.org> | 2019-06-11 15:18:26 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-06-24 06:11:17 +0000 |
commit | d9a6cbd9e14e7564877ad262b81c1e4f1eb21b4c (patch) | |
tree | 08c1763ceec03d3bdbdfb53e9135529da493bce8 /auth | |
parent | 35573821b633e421fc02d6620abfdb13f25e7622 (diff) | |
download | samba-d9a6cbd9e14e7564877ad262b81c1e4f1eb21b4c.tar.gz |
auth:ntlmssp: Use gnutls_error_to_ntstatus() in ntlmssp_server
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'auth')
-rw-r--r-- | auth/ntlmssp/ntlmssp_server.c | 26 |
1 files changed, 9 insertions, 17 deletions
diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c index 48bd743ef74..6d090b023f8 100644 --- a/auth/ntlmssp/ntlmssp_server.c +++ b/auth/ntlmssp/ntlmssp_server.c @@ -36,6 +36,7 @@ #include "param/loadparm.h" #include "libcli/security/session.h" +#include "libcli/util/gnutls_error.h" #include <gnutls/gnutls.h> #include <gnutls/crypto.h> @@ -772,10 +773,7 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security, 16, session_nonce_hash); if (rc < 0) { - if (rc == GNUTLS_E_UNWANTED_ALGORITHM) { - return NT_STATUS_NTLM_BLOCKED; - } - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_NTLM_BLOCKED); } @@ -951,10 +949,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, sizeof(state->session_nonce), session_key.data); if (rc < 0) { - if (rc == GNUTLS_E_UNWANTED_ALGORITHM) { - return NT_STATUS_NTLM_BLOCKED; - } - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_NTLM_BLOCKED); } DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n")); @@ -1067,24 +1062,21 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, ntlmssp_state->session_key.data, MIN(ntlmssp_state->session_key.length, 64)); if (rc < 0) { - if (rc == GNUTLS_E_UNWANTED_ALGORITHM) { - return NT_STATUS_NTLM_BLOCKED; - } - return NT_STATUS_NO_MEMORY; + return gnutls_error_to_ntstatus(rc, NT_STATUS_NTLM_BLOCKED); } rc = gnutls_hmac(hmac_hnd, ntlmssp_state->negotiate_blob.data, ntlmssp_state->negotiate_blob.length); if (rc < 0) { gnutls_hmac_deinit(hmac_hnd, NULL); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_NTLM_BLOCKED); } rc = gnutls_hmac(hmac_hnd, ntlmssp_state->challenge_blob.data, ntlmssp_state->challenge_blob.length); if (rc < 0) { gnutls_hmac_deinit(hmac_hnd, NULL); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_NTLM_BLOCKED); } /* checked were we set ntlmssp_state->new_spnego */ @@ -1094,19 +1086,19 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, rc = gnutls_hmac(hmac_hnd, request.data, NTLMSSP_MIC_OFFSET); if (rc < 0) { gnutls_hmac_deinit(hmac_hnd, NULL); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_NTLM_BLOCKED); } rc = gnutls_hmac(hmac_hnd, mic_buffer, NTLMSSP_MIC_SIZE); if (rc < 0) { gnutls_hmac_deinit(hmac_hnd, NULL); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_NTLM_BLOCKED); } rc = gnutls_hmac(hmac_hnd, request.data + (NTLMSSP_MIC_OFFSET + NTLMSSP_MIC_SIZE), request.length - (NTLMSSP_MIC_OFFSET + NTLMSSP_MIC_SIZE)); if (rc < 0) { gnutls_hmac_deinit(hmac_hnd, NULL); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_NTLM_BLOCKED); } gnutls_hmac_deinit(hmac_hnd, mic_buffer); |