s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS

It's nicer to have an NTSTATUS return, and in s3compat there may be a
reason other than 'no memory' why this can fail.

Andrew Bartlett

diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 7510d43f2b2c446b1db1064b3228f3a3b506f5d0..938ddb798c5f347ede941cebeef2f3952c711fef 100644 (file)
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -74,8 +74,9 @@ bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *auth_ntlmssp_state)
        return auth_ntlmssp_state->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL;
 }
 
-struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
-                                                         struct auth_ntlmssp_state *auth_ntlmssp_state)
+NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
+                                 struct auth_ntlmssp_state *auth_ntlmssp_state, 
+                                 struct auth_serversupplied_info **_server_info)
 {
        struct auth_serversupplied_info *server_info = auth_ntlmssp_state->server_info;
        data_blob_free(&server_info->user_session_key);
@@ -85,10 +86,11 @@ struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
                        auth_ntlmssp_state->ntlmssp_state->session_key.data,
                        auth_ntlmssp_state->ntlmssp_state->session_key.length);
        if (auth_ntlmssp_state->ntlmssp_state->session_key.length && !server_info->user_session_key.data) {
-               return NULL;
+               return NT_STATUS_NO_MEMORY;
        }
        auth_ntlmssp_state->server_info = NULL;
-       return talloc_steal(mem_ctx, server_info);
+       *_server_info = talloc_steal(mem_ctx, server_info);
+       return NT_STATUS_OK;
 }
 
 struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state)

diff --git a/source3/include/proto.h b/source3/include/proto.h
index faaa03e38c34df558caa11c724d5781ea76034b5..6dda7742d8ccfd4c7563dd0d74b00aa04ed8b01d 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -55,8 +55,9 @@ NTSTATUS auth_netlogond_init(void);
 
 /* The following definitions come from auth/auth_ntlmssp.c  */
 
-struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
-                                                         struct auth_ntlmssp_state *auth_ntlmssp_state);
+NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
+                                 struct auth_ntlmssp_state *auth_ntlmssp_state, 
+                                 struct auth_serversupplied_info **_server_info);
 struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state);
 const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *auth_ntlmssp_state);
 const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_state);

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 50914acfbde1f2122814e229645629ba8543c50c..ba96ed0d20e5f730eb8173c4f3970d7f500d1c09 100644 (file)
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -712,9 +712,10 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
 
        TALLOC_FREE(p->server_info);
 
-       p->server_info = auth_ntlmssp_server_info(p, a);
-       if (p->server_info == NULL) {
-               DEBUG(0, ("auth_ntlmssp_server_info failed to obtain the server info for authenticated user\n"));
+       status = auth_ntlmssp_server_info(p, a, &p->server_info);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0, ("auth_ntlmssp_server_info failed to obtain the server info for authenticated user: %s\n", 
+                         nt_errstr(status)));
                return false;
        }
 

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 486b4d137fc92c57513ad783f6fd49f09039e2ee..2cf32c9b9a409cac2a7e9e5edbc7ffc4f22155be 100644 (file)
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -635,7 +635,7 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
        struct smbd_server_connection *sconn = smbd_server_conn;
 
        if (NT_STATUS_IS_OK(nt_status)) {
-               server_info = auth_ntlmssp_server_info(talloc_tos(), (*auth_ntlmssp_state));
+               nt_status = auth_ntlmssp_server_info(talloc_tos(), (*auth_ntlmssp_state), &server_info);
        } else {
                /* Note that this server_info won't have a session
                 * key.  But for map to guest, that's exactly the right

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 88454c122270d4ea82acb87e20b8ed53ee8d405f..8c94cf1037918af695d6abde2bd9dfa40f5fc55b 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -604,11 +604,12 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
                                        uint64_t *out_session_id)
 {
        fstring tmp;
-       session->server_info = auth_ntlmssp_server_info(session, session->auth_ntlmssp_state);
-       if (!session->server_info) {
+       NTSTATUS status = auth_ntlmssp_server_info(session, session->auth_ntlmssp_state, 
+                                                  &session->server_info);
+       if (!NT_STATUS_IS_OK(status)) {
                auth_ntlmssp_end(&session->auth_ntlmssp_state);
                TALLOC_FREE(session);
-               return NT_STATUS_NO_MEMORY;
+               return status;
        }
 
        if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||

diff --git a/source4/s3compat/compat/config.h b/source4/s3compat/compat/config.h
index 0135ffe63c0fb136878229a654c19442bf044777..5adb87008af5f1d616aa1e6a4ee8c8d2699bbcb5 100644 (file)
--- a/source4/s3compat/compat/config.h
+++ b/source4/s3compat/compat/config.h
@@ -220,10 +220,10 @@ extern const char *dyn_CONFIGFILE;
 #define DEFAULT_UNIX_CHARSET "UTF-8"
 
 /* s3 modules */
-#define STRING_STATIC_MODULES "pdb_ldap pdb_ads pdb_smbpasswd     pdb_tdbsam pdb_wbc_sam rpc_lsarpc rpc_winreg rpc_initshutdown rpc_dssetup     rpc_wkssvc rpc_svcctl rpc_ntsvcs rpc_netlogon rpc_netdfs rpc_srvsvc     rpc_spoolss rpc_eventlog rpc_samr rpc_rpcecho idmap_ldap idmap_tdb     idmap_passdb idmap_nss nss_info_template auth_builtin vfs_default"
+#define STRING_STATIC_MODULES "pdb_ldap pdb_ads pdb_smbpasswd     pdb_tdbsam pdb_wbc_sam rpc_winreg rpc_initshutdown      rpc_wkssvc rpc_svcctl rpc_ntsvcs rpc_netdfs rpc_srvsvc     rpc_spoolss rpc_eventlog rpc_samr rpc_rpcecho idmap_ldap idmap_tdb     idmap_passdb idmap_nss nss_info_template auth_builtin vfs_default"
 #define static_init_vfs {  vfs_default_init();}
 #define static_init_pdb { pdb_smbpasswd_init();  pdb_tdbsam_init();  pdb_wbc_sam_init();}
-#define static_init_rpc {  rpc_lsarpc_init();  rpc_winreg_init();     rpc_initshutdown_init();  rpc_dssetup_init();  rpc_wkssvc_init();     rpc_svcctl_init();  rpc_ntsvcs_init();  rpc_netlogon_init();     rpc_netdfs_init();  rpc_srvsvc_init();  rpc_spoolss_init();     rpc_eventlog_init();  rpc_samr_init();  rpc_rpcecho_init();}
+#define static_init_rpc {  rpc_winreg_init();     rpc_initshutdown_init();  rpc_wkssvc_init();     rpc_svcctl_init();  rpc_ntsvcs_init();  rpc_netdfs_init();  rpc_srvsvc_init();  rpc_spoolss_init();     rpc_eventlog_init();  rpc_rpcecho_init();}
 #define static_init_auth {  auth_builtin_init();  }
 #define static_init_nss_info {}
 #define static_init_charset {}