/*******************************************************************
Encode or Decode the sequence number (which is symmetric)
********************************************************************/
-static void netsec_do_seq_num(struct schannel_state *state,
- const uint8_t *checksum,
- uint32_t checksum_length,
- uint8_t seq_num[8])
+static NTSTATUS netsec_do_seq_num(struct schannel_state *state,
+ const uint8_t *checksum,
+ uint32_t checksum_length,
+ uint8_t seq_num[8])
{
if (state->creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
AES_KEY key;
sizeof(zeros),
digest1);
if (rc < 0) {
- return;
+ if (rc == GNUTLS_E_UNWANTED_ALGORITHM) {
+ return NT_STATUS_HMAC_NOT_SUPPORTED;
+ }
+ return NT_STATUS_INTERNAL_ERROR;
}
rc = gnutls_hmac_fast(GNUTLS_MAC_MD5,
checksum_length,
sequence_key);
if (rc < 0) {
- return;
+ if (rc == GNUTLS_E_UNWANTED_ALGORITHM) {
+ return NT_STATUS_HMAC_NOT_SUPPORTED;
+ }
+ return NT_STATUS_INTERNAL_ERROR;
}
ZERO_ARRAY(digest1);
}
state->seq_num++;
+
+ return NT_STATUS_OK;
}
static void netsec_do_seal(struct schannel_state *state,
return NT_STATUS_ACCESS_DENIED;
}
- netsec_do_seq_num(state, checksum, checksum_length, seq_num);
+ status = netsec_do_seq_num(state, checksum, checksum_length, seq_num);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("netsec_do_seq_num failed: %s\n",
+ nt_errstr(status));
+ return status;
+ }
ZERO_ARRAY(checksum);
true);
}
- netsec_do_seq_num(state, checksum, checksum_length, seq_num);
+ status = netsec_do_seq_num(state, checksum, checksum_length, seq_num);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("netsec_do_seq_num failed: %s\n",
+ nt_errstr(status));
+ return status;
+ }
(*sig) = data_blob_talloc_zero(mem_ctx, used_sig_size);
git.samba.org / kseeger / samba-autobuild / .git / commitdiff