From 7d43aecb5002902486a6c57ff14a1dcbd64b0f40 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 16 Jun 2017 17:14:35 +0200
Subject: auth/ntlmssp: merge ntlmssp_server_check_password() into
 ntlmssp_server_auth_send()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---
 auth/ntlmssp/ntlmssp_server.c | 70 ++++++++++++++-----------------------------
 1 file changed, 22 insertions(+), 48 deletions(-)

(limited to 'auth')

diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c
index b7d74e61dfb..4990f77f66f 100644
--- a/auth/ntlmssp/ntlmssp_server.c
+++ b/auth/ntlmssp/ntlmssp_server.c
@@ -310,11 +310,6 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
 				       struct gensec_ntlmssp_context *gensec_ntlmssp,
 				       struct ntlmssp_server_auth_state *state,
 				       const DATA_BLOB request);
-static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
-					      struct gensec_ntlmssp_context *gensec_ntlmssp,
-					      const struct auth_usersupplied_info *user_info,
-					      TALLOC_CTX *mem_ctx,
-					      DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key);
 static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
 					struct gensec_ntlmssp_context *gensec_ntlmssp,
 					struct ntlmssp_server_auth_state *state,
@@ -328,8 +323,10 @@ struct tevent_req *ntlmssp_server_auth_send(TALLOC_CTX *mem_ctx,
 	struct gensec_ntlmssp_context *gensec_ntlmssp =
 		talloc_get_type_abort(gensec_security->private_data,
 				      struct gensec_ntlmssp_context);
+	struct auth4_context *auth_context = gensec_security->auth_context;
 	struct tevent_req *req = NULL;
 	struct ntlmssp_server_auth_state *state = NULL;
+	uint8_t authoritative = 0;
 	NTSTATUS status;
 
 	req = tevent_req_create(mem_ctx, &state,
@@ -345,15 +342,29 @@ struct tevent_req *ntlmssp_server_auth_send(TALLOC_CTX *mem_ctx,
 		return tevent_req_post(req, ev);
 	}
 
-	status = ntlmssp_server_check_password(gensec_security,
-					       gensec_ntlmssp,
-					       state->user_info,
-					       state,
-					       &state->user_session_key,
-					       &state->lm_session_key);
+	if (auth_context->check_ntlm_password == NULL) {
+		tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
+		return tevent_req_post(req, ev);
+	}
+
+	status = auth_context->check_ntlm_password(auth_context,
+						   gensec_ntlmssp,
+						   state->user_info,
+						   &authoritative,
+						   &gensec_ntlmssp->server_returned_info,
+						   &state->user_session_key,
+						   &state->lm_session_key);
+	if (!NT_STATUS_IS_OK(status)) {
+		DBG_INFO("Checking NTLMSSP password for %s\\%s failed: %s\n",
+			 state->user_info->client.domain_name,
+			 state->user_info->client.account_name,
+			 nt_errstr(status));
+	}
 	if (tevent_req_nterror(req, status)) {
 		return tevent_req_post(req, ev);
 	}
+	talloc_steal(state, state->user_session_key.data);
+	talloc_steal(state, state->lm_session_key.data);
 
 	status = ntlmssp_server_postauth(gensec_security,
 					 gensec_ntlmssp,
@@ -783,43 +794,6 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
 	return NT_STATUS_OK;
 }
 
-/**
- * Check the password on an NTLMSSP login.
- *
- * Return the session keys used on the connection.
- */
-
-static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
-					      struct gensec_ntlmssp_context *gensec_ntlmssp,
-					      const struct auth_usersupplied_info *user_info,
-					      TALLOC_CTX *mem_ctx,
-					      DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
-{
-	struct auth4_context *auth_context = gensec_security->auth_context;
-	NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
-
-	if (auth_context->check_ntlm_password) {
-		uint8_t authoritative = 0;
-
-		nt_status = auth_context->check_ntlm_password(auth_context,
-							      gensec_ntlmssp,
-							      user_info,
-							      &authoritative,
-							      &gensec_ntlmssp->server_returned_info,
-							      user_session_key, lm_session_key);
-	}
-
-	if (!NT_STATUS_IS_OK(nt_status)) {
-		DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s failed: %s\n", user_info->client.domain_name, user_info->client.account_name, nt_errstr(nt_status)));
-	}
-	NT_STATUS_NOT_OK_RETURN(nt_status);
-
-	talloc_steal(mem_ctx, user_session_key->data);
-	talloc_steal(mem_ctx, lm_session_key->data);
-
-	return nt_status;
-}
-
 /**
  * Next state function for the Authenticate packet
  * (after authentication - figures out the session keys etc)
-- 
cgit v1.2.1