diff options
author | Volker Lendecke <vl@samba.org> | 2017-02-11 11:38:56 +0100 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2017-03-08 22:01:16 +0100 |
commit | 66f94e557eecc4a48762543414cda690c08ff8cb (patch) | |
tree | 4af05f83d579287f6c3e9470bd1474584a94f42e /source3/auth/auth.c | |
parent | 56b0303a611d1fdcee4f37285164fe94866fda59 (diff) | |
download | samba-66f94e557eecc4a48762543414cda690c08ff8cb.tar.gz |
auth3: Simplify auth_check_ntlm_password logic with a "goto fail"
No intended code change, just reformatting and a goto fail with
inverted logic
Best viewed with "git show -b" :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source3/auth/auth.c')
-rw-r--r-- | source3/auth/auth.c | 83 |
1 files changed, 43 insertions, 40 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c index 437cca74103..249d0cbf12a 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -257,55 +257,58 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx, /* successful authentication */ - if (NT_STATUS_IS_OK(nt_status)) { - unix_username = server_info->unix_name; - - /* We skip doing this step if the caller asked us not to */ - if (!(user_info->flags & USER_INFO_INFO3_AND_NO_AUTHZ) - && !(server_info->guest)) { - const char *rhost; - - if (tsocket_address_is_inet(user_info->remote_host, "ip")) { - rhost = tsocket_address_inet_addr_string(user_info->remote_host, - talloc_tos()); - if (rhost == NULL) { - nt_status = NT_STATUS_NO_MEMORY; - goto fail; - } - } else { - rhost = "127.0.0.1"; - } + if (!NT_STATUS_IS_OK(nt_status)) { + goto fail; + } - /* We might not be root if we are an RPC call */ - become_root(); - nt_status = smb_pam_accountcheck(unix_username, - rhost); - unbecome_root(); + unix_username = server_info->unix_name; - if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(5, ("check_ntlm_password: PAM Account for user [%s] succeeded\n", - unix_username)); - } else { - DEBUG(3, ("check_ntlm_password: PAM Account for user [%s] FAILED with error %s\n", - unix_username, nt_errstr(nt_status))); - } + /* We skip doing this step if the caller asked us not to */ + if (!(user_info->flags & USER_INFO_INFO3_AND_NO_AUTHZ) + && !(server_info->guest)) { + const char *rhost; + + if (tsocket_address_is_inet(user_info->remote_host, "ip")) { + rhost = tsocket_address_inet_addr_string( + user_info->remote_host, talloc_tos()); + if (rhost == NULL) { + nt_status = NT_STATUS_NO_MEMORY; + goto fail; + } + } else { + rhost = "127.0.0.1"; } + /* We might not be root if we are an RPC call */ + become_root(); + nt_status = smb_pam_accountcheck(unix_username, rhost); + unbecome_root(); + if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(server_info->guest ? 5 : 2, - ("check_ntlm_password: %sauthentication for user [%s] -> [%s] -> [%s] succeeded\n", - server_info->guest ? "guest " : "", - user_info->client.account_name, - user_info->mapped.account_name, - unix_username)); - - *pserver_info = talloc_move(mem_ctx, &server_info); + DEBUG(5, ("check_ntlm_password: PAM Account for user [%s] " + "succeeded\n", unix_username)); + } else { + DEBUG(3, ("check_ntlm_password: PAM Account for user [%s] " + "FAILED with error %s\n", + unix_username, nt_errstr(nt_status))); } + } - TALLOC_FREE(frame); - return nt_status; + if (NT_STATUS_IS_OK(nt_status)) { + DEBUG(server_info->guest ? 5 : 2, + ("check_ntlm_password: %sauthentication for user " + "[%s] -> [%s] -> [%s] succeeded\n", + server_info->guest ? "guest " : "", + user_info->client.account_name, + user_info->mapped.account_name, + unix_username)); + + *pserver_info = talloc_move(mem_ctx, &server_info); } + TALLOC_FREE(frame); + return nt_status; + fail: /* failed authentication; check for guest lapping */ |