diff options
author | Andrew Bartlett <abartlet@samba.org> | 2019-08-16 15:43:01 +1200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-08-21 09:57:30 +0000 |
commit | 3b27fd8a490f29cbc94b8ac377b3a2cb6db7598c (patch) | |
tree | 10f62424db936bc69437acf853b25b6dd5a5b6a3 /auth | |
parent | 58c781dc93e24895b2c4b97fa311c66af30e278e (diff) | |
download | samba-3b27fd8a490f29cbc94b8ac377b3a2cb6db7598c.tar.gz |
auth/gensec: Use gnutls_error_to_ntstatus() consistently in schannel
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth')
-rw-r--r-- | auth/gensec/schannel.c | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c index bbaf3e5fe0b..78d559b803d 100644 --- a/auth/gensec/schannel.c +++ b/auth/gensec/schannel.c @@ -172,17 +172,15 @@ static NTSTATUS netsec_do_seq_num(struct schannel_state *state, &key, &iv); if (rc < 0) { - DBG_ERR("ERROR: gnutls_cipher_init: %s\n", - gnutls_strerror(rc)); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, + NT_STATUS_CRYPTO_SYSTEM_INVALID); } rc = gnutls_cipher_encrypt(cipher_hnd, seq_num, 8); gnutls_cipher_deinit(cipher_hnd); if (rc < 0) { - DBG_ERR("ERROR: gnutls_cipher_encrypt: %s\n", - gnutls_strerror(rc)); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, + NT_STATUS_CRYPTO_SYSTEM_INVALID); } #else /* NOT HAVE_GNUTLS_AES_CFB8 */ @@ -306,7 +304,7 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, digest2); if (rc < 0) { ZERO_ARRAY(digest2); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } rc = gnutls_hmac_fast(GNUTLS_MAC_MD5, @@ -318,7 +316,7 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, ZERO_ARRAY(digest2); if (rc < 0) { - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } rc = gnutls_cipher_init(&cipher_hnd, @@ -368,7 +366,7 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state, state->creds->session_key, sizeof(state->creds->session_key)); if (rc < 0) { - return NT_STATUS_NO_MEMORY; + return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } if (confounder) { |