svn commit: samba r17284 - in branches/SAMBA_4_0/source/auth/ntlmssp: .

metze at samba.org metze at samba.org
Thu Jul 27 19:20:57 GMT 2006


Author: metze
Date: 2006-07-27 19:20:57 +0000 (Thu, 27 Jul 2006)
New Revision: 17284

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17284

Log:
move the input checking stuff from ntlmssp_update() into its
own function.

metze
Modified:
   branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c
===================================================================
--- branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c	2006-07-27 19:07:15 UTC (rev 17283)
+++ branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c	2006-07-27 19:20:57 UTC (rev 17284)
@@ -108,29 +108,13 @@
 	}
 }
 
-/**
- * Next state function for the wrapped NTLMSSP state machine
- * 
- * @param gensec_security GENSEC state, initialised to NTLMSSP
- * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
- * @param in The request, as a DATA_BLOB
- * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
- * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, 
- *                or NT_STATUS_OK if the user is authenticated. 
- */
-
-static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, 
-				      TALLOC_CTX *out_mem_ctx, 
-				      const DATA_BLOB input, DATA_BLOB *out) 
+static NTSTATUS gensec_ntlmssp_update_find(struct gensec_ntlmssp_state *gensec_ntlmssp_state,
+					   const DATA_BLOB input, uint32_t *idx)
 {
-	struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data;
-	NTSTATUS status;
-
+	struct gensec_security *gensec_security = gensec_ntlmssp_state->gensec_security;
 	uint32_t ntlmssp_command;
-	int i;
+	uint32_t i;
 
-	*out = data_blob(NULL, 0);
-
 	if (gensec_ntlmssp_state->expected_state == NTLMSSP_DONE) {
 		/* We are strict here because other modules, which we
 		 * don't fully control (such as GSSAPI) are also
@@ -140,12 +124,6 @@
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	if (!out_mem_ctx) {
-		/* if the caller doesn't want to manage/own the memory, 
-		   we can put it on our context */
-		out_mem_ctx = gensec_ntlmssp_state;
-	}
-
 	if (!input.length) {
 		switch (gensec_ntlmssp_state->role) {
 		case NTLMSSP_CLIENT:
@@ -179,27 +157,53 @@
 	}
 
 	for (i=0; i < ARRAY_SIZE(ntlmssp_callbacks); i++) {
-		if (ntlmssp_callbacks[i].role == gensec_ntlmssp_state->role 
-		    && ntlmssp_callbacks[i].ntlmssp_command == ntlmssp_command) {
-			status = ntlmssp_callbacks[i].fn(gensec_security, out_mem_ctx, input, out);
-			break;
+		if (ntlmssp_callbacks[i].role == gensec_ntlmssp_state->role &&
+		    ntlmssp_callbacks[i].ntlmssp_command == ntlmssp_command) {
+			*idx = i;
+			return NT_STATUS_OK;
 		}
 	}
 
-	if (i == ARRAY_SIZE(ntlmssp_callbacks)) {
+	DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n", 
+		  gensec_ntlmssp_state->role, ntlmssp_command)); 
 		
-		DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n", 
-			  gensec_ntlmssp_state->role, ntlmssp_command)); 
-		
-		return NT_STATUS_INVALID_PARAMETER;
+	return NT_STATUS_INVALID_PARAMETER;
+}
+
+/**
+ * Next state function for the wrapped NTLMSSP state machine
+ * 
+ * @param gensec_security GENSEC state, initialised to NTLMSSP
+ * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
+ * @param in The request, as a DATA_BLOB
+ * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
+ * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, 
+ *                or NT_STATUS_OK if the user is authenticated. 
+ */
+
+static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, 
+				      TALLOC_CTX *out_mem_ctx, 
+				      const DATA_BLOB input, DATA_BLOB *out)
+{
+	struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data;
+	NTSTATUS status;
+	uint32_t i;
+
+	*out = data_blob(NULL, 0);
+
+	if (!out_mem_ctx) {
+		/* if the caller doesn't want to manage/own the memory, 
+		   we can put it on our context */
+		out_mem_ctx = gensec_ntlmssp_state;
 	}
 
-	if (!NT_STATUS_IS_OK(status)) {
-		/* error or more processing required */
-		return status;
-	}
+	status = gensec_ntlmssp_update_find(gensec_ntlmssp_state, input, &i);
+	NT_STATUS_NOT_OK_RETURN(status);
+
+	status = ntlmssp_callbacks[i].fn(gensec_security, out_mem_ctx, input, out);
+	NT_STATUS_NOT_OK_RETURN(status);
 	
-	return status;
+	return NT_STATUS_OK;
 }
 
 /**



More information about the samba-cvs mailing list