auth/ntlmssp: merge ntlmssp_server_check_password() into ntlmssp_server_auth_send()

Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
author: Stefan Metzmacher <metze@samba.org> 2017-06-16 17:14:35 +0200
committer: Andreas Schneider <asn@cryptomilk.org> 2017-08-07 15:20:03 +0200
commit: 7d43aecb5002902486a6c57ff14a1dcbd64b0f40 (patch)
tree: e686687289f2fdb2b5bae5aa363faceae491fc97 /auth
parent: 260e535252c2643ca435e036bfdbb44ddf4c28d1 (diff)
download: samba-7d43aecb5002902486a6c57ff14a1dcbd64b0f40.tar.gz
1 files changed, 22 insertions, 48 deletions
diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c
index b7d74e61dfb..4990f77f66f 100644
--- a/auth/ntlmssp/ntlmssp_server.c
+++ b/auth/ntlmssp/ntlmssp_server.c
@@ -310,11 +310,6 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
 				       struct gensec_ntlmssp_context *gensec_ntlmssp,
 				       struct ntlmssp_server_auth_state *state,
 				       const DATA_BLOB request);
-static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
-					      struct gensec_ntlmssp_context *gensec_ntlmssp,
-					      const struct auth_usersupplied_info *user_info,
-					      TALLOC_CTX *mem_ctx,
-					      DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key);
 static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
 					struct gensec_ntlmssp_context *gensec_ntlmssp,
 					struct ntlmssp_server_auth_state *state,
@@ -328,8 +323,10 @@ struct tevent_req *ntlmssp_server_auth_send(TALLOC_CTX *mem_ctx,
 	struct gensec_ntlmssp_context *gensec_ntlmssp =
 		talloc_get_type_abort(gensec_security->private_data,
 				      struct gensec_ntlmssp_context);
+	struct auth4_context *auth_context = gensec_security->auth_context;
 	struct tevent_req *req = NULL;
 	struct ntlmssp_server_auth_state *state = NULL;
+	uint8_t authoritative = 0;
 	NTSTATUS status;
 
 	req = tevent_req_create(mem_ctx, &state,
@@ -345,15 +342,29 @@ struct tevent_req *ntlmssp_server_auth_send(TALLOC_CTX *mem_ctx,
 		return tevent_req_post(req, ev);
 	}
 
-	status = ntlmssp_server_check_password(gensec_security,
-					       gensec_ntlmssp,
-					       state->user_info,
-					       state,
-					       &state->user_session_key,
-					       &state->lm_session_key);
+	if (auth_context->check_ntlm_password == NULL) {
+		tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
+		return tevent_req_post(req, ev);
+	}
+
+	status = auth_context->check_ntlm_password(auth_context,
+						   gensec_ntlmssp,
+						   state->user_info,
+						   &authoritative,
+						   &gensec_ntlmssp->server_returned_info,
+						   &state->user_session_key,
+						   &state->lm_session_key);
+	if (!NT_STATUS_IS_OK(status)) {
+		DBG_INFO("Checking NTLMSSP password for %s\\%s failed: %s\n",
+			 state->user_info->client.domain_name,
+			 state->user_info->client.account_name,
+			 nt_errstr(status));
+	}
 	if (tevent_req_nterror(req, status)) {
 		return tevent_req_post(req, ev);
 	}
+	talloc_steal(state, state->user_session_key.data);
+	talloc_steal(state, state->lm_session_key.data);
 
 	status = ntlmssp_server_postauth(gensec_security,
 					 gensec_ntlmssp,
@@ -784,43 +795,6 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
 }
 
 /**
- * Check the password on an NTLMSSP login.
- *
- * Return the session keys used on the connection.
- */
-
-static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
-					      struct gensec_ntlmssp_context *gensec_ntlmssp,
-					      const struct auth_usersupplied_info *user_info,
-					      TALLOC_CTX *mem_ctx,
-					      DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
-{
-	struct auth4_context *auth_context = gensec_security->auth_context;
-	NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
-
-	if (auth_context->check_ntlm_password) {
-		uint8_t authoritative = 0;
-
-		nt_status = auth_context->check_ntlm_password(auth_context,
-							      gensec_ntlmssp,
-							      user_info,
-							      &authoritative,
-							      &gensec_ntlmssp->server_returned_info,
-							      user_session_key, lm_session_key);
-	}
-
-	if (!NT_STATUS_IS_OK(nt_status)) {
-		DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s failed: %s\n", user_info->client.domain_name, user_info->client.account_name, nt_errstr(nt_status)));
-	}
-	NT_STATUS_NOT_OK_RETURN(nt_status);
-
-	talloc_steal(mem_ctx, user_session_key->data);
-	talloc_steal(mem_ctx, lm_session_key->data);
-
-	return nt_status;
-}
-
-/**
  * Next state function for the Authenticate packet
  * (after authentication - figures out the session keys etc)
  *
author	Stefan Metzmacher <metze@samba.org>	2017-06-16 17:14:35 +0200
committer	Andreas Schneider <asn@cryptomilk.org>	2017-08-07 15:20:03 +0200
commit	7d43aecb5002902486a6c57ff14a1dcbd64b0f40 (patch)
tree	e686687289f2fdb2b5bae5aa363faceae491fc97 /auth
parent	260e535252c2643ca435e036bfdbb44ddf4c28d1 (diff)
download	samba-7d43aecb5002902486a6c57ff14a1dcbd64b0f40.tar.gz