/* This creates the 'blob' of names that appears at the end of the packet */
if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO)
{
- msrpc_gen(ntlmssp_state, &struct_blob, "aaaaa",
+ status = msrpc_gen(ntlmssp_state, &struct_blob, "aaaaa",
MsvAvNbDomainName, target_name,
MsvAvNbComputerName, ntlmssp_state->server.netbios_name,
MsvAvDnsDomainName, ntlmssp_state->server.dns_domain,
MsvAvDnsComputerName, ntlmssp_state->server.dns_name,
MsvAvEOL, "");
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
} else {
struct_blob = data_blob_null;
}
if (chal_flags & NTLMSSP_NEGOTIATE_VERSION) {
enum ndr_err_code err;
- struct VERSION vers;
+ struct ntlmssp_VERSION vers;
/* "What Windows returns" as a version number. */
ZERO_STRUCT(vers);
err = ndr_push_struct_blob(&version_blob,
ntlmssp_state,
&vers,
- (ndr_push_flags_fn_t)ndr_push_VERSION);
+ (ndr_push_flags_fn_t)ndr_push_ntlmssp_VERSION);
if (!NDR_ERR_CODE_IS_SUCCESS(err)) {
data_blob_free(&struct_blob);
gen_string = "CdAdbddBb";
}
- msrpc_gen(out_mem_ctx, reply, gen_string,
+ status = msrpc_gen(out_mem_ctx, reply, gen_string,
"NTLMSSP",
NTLMSSP_CHALLENGE,
target_name,
struct_blob.data, struct_blob.length,
version_blob.data, version_blob.length);
+ if (!NT_STATUS_IS_OK(status)) {
+ data_blob_free(&version_blob);
+ data_blob_free(&struct_blob);
+ return status;
+ }
+
data_blob_free(&version_blob);
if (DEBUGLEVEL >= 10) {
{
DATA_BLOB user_session_key = state->user_session_key;
DATA_BLOB lm_session_key = state->lm_session_key;
- NTSTATUS nt_status;
+ NTSTATUS nt_status = NT_STATUS_OK;
DATA_BLOB session_key = data_blob(NULL, 0);
dump_data_pw("NT session key:\n", user_session_key.data, user_session_key.length);
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
if (!state->encrypted_session_key.data
|| state->encrypted_session_key.length != 16) {
- data_blob_free(&state->encrypted_session_key);
DEBUG(1, ("Client-supplied KEY_EXCH session key was of invalid length (%u)!\n",
(unsigned)state->encrypted_session_key.length));
return NT_STATUS_INVALID_PARAMETER;
DEBUG(5, ("server session key is invalid (len == %u), cannot do KEY_EXCH!\n",
(unsigned int)session_key.length));
ntlmssp_state->session_key = session_key;
+ talloc_steal(ntlmssp_state, session_key.data);
} else {
dump_data_pw("KEY_EXCH session key (enc):\n",
state->encrypted_session_key.data,
dump_data_pw("KEY_EXCH session key:\n",
state->encrypted_session_key.data,
state->encrypted_session_key.length);
- talloc_free(session_key.data);
}
} else {
ntlmssp_state->session_key = session_key;
+ talloc_steal(ntlmssp_state, session_key.data);
}
if (ntlmssp_state->session_key.length) {
/* Finally, actually ask if the password is OK */
nt_status = ntlmssp_state->check_password(ntlmssp_state,
+ state,
&state->user_session_key,
&state->lm_session_key);
if (!NT_STATUS_IS_OK(nt_status)) {
can be done in a callback */
nt_status = ntlmssp_server_postauth(ntlmssp_state, state);
- if (!NT_STATUS_IS_OK(nt_status)) {
- TALLOC_FREE(state);
- return nt_status;
- }
-
TALLOC_FREE(state);
- return NT_STATUS_OK;
+ return nt_status;
}