ntlm_auth: Improve compliance to the Squid helper protocol

author Kai Blin <kai@samba.org>

Wed, 19 Mar 2008 22:32:38 +0000 (23:32 +0100)

committer Kai Blin <kai@samba.org>

Wed, 19 Mar 2008 22:49:43 +0000 (23:49 +0100)
author Kai Blin <kai@samba.org>
Wed, 19 Mar 2008 22:32:38 +0000 (23:32 +0100)
committer Kai Blin <kai@samba.org>
Wed, 19 Mar 2008 22:49:43 +0000 (23:49 +0100)
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c

index df2bf9753bb524b5053273ec01a21ecfc629503b..e313d62d0206d6744b025bab03205ce72556ee09 100644 (file)
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -717,7 +717,7 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
  
         if (strlen(buf) < 2) {
                 DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH NTLMSSP query invalid\n");
                 return;
         }
  
@@ -744,7 +744,7 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
  
                 if (opt_password == NULL) {
                         DEBUG(1, ("Out of memory\n"));
-                       x_fprintf(x_stdout, "BH\n");
+                       x_fprintf(x_stdout, "BH Out of memory\n");
                         data_blob_free(&request);
                         return;
                 }
@@ -786,7 +786,7 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
                 return;
         } else {
                 DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH NTLMSSP query invalid\n");
                 return;
         }
  
@@ -853,7 +853,7 @@ static void manage_client_ntlmssp_request(struct ntlm_auth_state *state,
  
         if (strlen(buf) < 2) {
                 DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH NTLMSSP query invalid\n");
                 return;
         }
  
@@ -879,7 +879,7 @@ static void manage_client_ntlmssp_request(struct ntlm_auth_state *state,
  
                 if (opt_password == NULL) {
                         DEBUG(1, ("Out of memory\n"));
-                       x_fprintf(x_stdout, "BH\n");
+                       x_fprintf(x_stdout, "BH Out of memory\n");
                         data_blob_free(&request);
                         return;
                 }
@@ -945,7 +945,7 @@ static void manage_client_ntlmssp_request(struct ntlm_auth_state *state,
                 return;
         } else {
                 DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH NTLMSSP query invalid\n");
                 return;
         }
  
@@ -1087,7 +1087,7 @@ static void offer_gss_spnego_mechs(void) {
  
         if (len == -1) {
                 DEBUG(1, ("Could not write SPNEGO data blob\n"));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH Could not write SPNEGO data blob\n");
                 return;
         }
  
@@ -1119,7 +1119,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
  
         if (strlen(buf) < 2) {
                 DEBUG(1, ("SPENGO query [%s] invalid", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH SPENGO query invalid\n");
                 return;
         }
  
@@ -1130,7 +1130,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                 ;
         } else {
                 DEBUG(1, ("SPENGO query [%s] invalid", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH SPENGO query invalid\n");
                 return;
         }
  
@@ -1147,7 +1147,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
  
         if (strlen(buf) <= 3) {
                 DEBUG(1, ("GSS-SPNEGO query [%s] invalid\n", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH GSS-SPNEGO query invalid\n");
                 return;
         }
  
@@ -1157,7 +1157,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
  
         if (len == -1) {
                 DEBUG(1, ("GSS-SPNEGO query [%s] invalid", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH GSS-SPNEGO query invalid\n");
                 return;
         }
  
@@ -1169,7 +1169,8 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                 if ( (request.negTokenInit.mechTypes == NULL) ||
                      (request.negTokenInit.mechTypes[0] == NULL) ) {
                         DEBUG(1, ("Client did not offer any mechanism"));
-                       x_fprintf(x_stdout, "BH\n");
+                       x_fprintf(x_stdout, "BH Client did not offer any "
+                                           "mechanism\n");
                         return;
                 }
  
@@ -1177,15 +1178,18 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                 if (strcmp(request.negTokenInit.mechTypes[0], OID_NTLMSSP) == 0) {
  
                         if ( request.negTokenInit.mechToken.data == NULL ) {
-                               DEBUG(1, ("Client did not provide  NTLMSSP data\n"));
-                               x_fprintf(x_stdout, "BH\n");
+                               DEBUG(1, ("Client did not provide NTLMSSP data\n"));
+                               x_fprintf(x_stdout, "BH Client did not provide "
+                                                   "NTLMSSP data\n");
                                 return;
                         }
  
                         if ( ntlmssp_state != NULL ) {
                                 DEBUG(1, ("Client wants a new NTLMSSP challenge, but "
                                           "already got one\n"));
-                               x_fprintf(x_stdout, "BH\n");
+                               x_fprintf(x_stdout, "BH Client wants a new "
+                                                   "NTLMSSP challenge, but "
+                                                   "already got one\n");
                                 ntlmssp_end(&ntlmssp_state);
                                 return;
                         }
@@ -1219,7 +1223,8 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
  
                         if ( request.negTokenInit.mechToken.data == NULL ) {
                                 DEBUG(1, ("Client did not provide Kerberos data\n"));
-                               x_fprintf(x_stdout, "BH\n");
+                               x_fprintf(x_stdout, "BH Client did not provide "
+                                                   "Kerberos data\n");
                                 return;
                         }
  
@@ -1245,7 +1250,9 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                                 if (domain == NULL) {
                                         DEBUG(1, ("Did not get a valid principal "
                                                   "from ads_verify_ticket\n"));
-                                       x_fprintf(x_stdout, "BH\n");
+                                       x_fprintf(x_stdout, "BH Did not get a "
+                                                 "valid principal from "
+                                                 "ads_verify_ticket\n");
                                         return;
                                 }
  
@@ -1268,13 +1275,15 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                            is the only one we support that sends this stuff */
                         DEBUG(1, ("Got a negTokenTarg for something non-NTLMSSP: %s\n",
                                   request.negTokenTarg.supportedMech));
-                       x_fprintf(x_stdout, "BH\n");
+                       x_fprintf(x_stdout, "BH Got a negTokenTarg for "
+                                           "something non-NTLMSSP\n");
                         return;
                 }
  
                 if (request.negTokenTarg.responseToken.data == NULL) {
                         DEBUG(1, ("Got a negTokenTarg without a responseToken!\n"));
-                       x_fprintf(x_stdout, "BH\n");
+                       x_fprintf(x_stdout, "BH Got a negTokenTarg without a "
+                                           "responseToken!\n");
                         return;
                 }
  
@@ -1312,7 +1321,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
  
         if (!reply_argument) {
                 DEBUG(1, ("Could not write SPNEGO data blob\n"));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH Could not write SPNEGO data blob\n");
                 return;
         }
  
@@ -1324,7 +1333,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
  
         if (len == -1) {
                 DEBUG(1, ("Could not write SPNEGO data blob\n"));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH Could not write SPNEGO data blob\n");
                 return;
         }
  
@@ -1414,7 +1423,7 @@ static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego)
  
         if (client_ntlmssp_state == NULL) {
                 DEBUG(1, ("Got NTLMSSP tArg without a client state\n"));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH Got NTLMSSP tArg without a client state\n");
                 return;
         }
  
@@ -1438,7 +1447,8 @@ static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego)
                 DEBUG(1, ("Expected MORE_PROCESSING_REQUIRED from "
                           "ntlmssp_client_update, got: %s\n",
                           nt_errstr(status)));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH Expected MORE_PROCESSING_REQUIRED from "
+                                   "ntlmssp_client_update\n");
                 data_blob_free(&request);
                 ntlmssp_end(&client_ntlmssp_state);
                 return;
@@ -1556,7 +1566,8 @@ static void manage_client_krb5_targ(SPNEGO_DATA spnego)
         switch (spnego.negTokenTarg.negResult) {
         case SPNEGO_ACCEPT_INCOMPLETE:
                 DEBUG(1, ("Got a Kerberos negTokenTarg with ACCEPT_INCOMPLETE\n"));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH Got a Kerberos negTokenTarg with "
+                                   "ACCEPT_INCOMPLETE\n");
                 break;
         case SPNEGO_ACCEPT_COMPLETED:
                 DEBUG(10, ("Accept completed\n"));
@@ -1588,7 +1599,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
  
         if (strlen(buf) <= 3) {
                 DEBUG(1, ("SPNEGO query [%s] too short\n", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH SPNEGO query too short\n");
                 return;
         }
  
@@ -1602,7 +1613,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
                 
                 if (opt_password == NULL) {
                         DEBUG(1, ("Out of memory\n"));
-                       x_fprintf(x_stdout, "BH\n");
+                       x_fprintf(x_stdout, "BH Out of memory\n");
                         data_blob_free(&request);
                         return;
                 }
@@ -1616,7 +1627,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
              (strncmp(buf, "AF ", 3) != 0) &&
              (strncmp(buf, "NA ", 3) != 0) ) {
                 DEBUG(1, ("SPNEGO request [%s] invalid\n", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH SPNEGO request invalid\n");
                 data_blob_free(&request);
                 return;
         }
@@ -1629,7 +1640,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
  
         if (len == -1) {
                 DEBUG(1, ("Could not read SPNEGO data for [%s]\n", buf));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH Could not read SPNEGO data\n");
                 return;
         }
  
@@ -1658,7 +1669,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
                 }
  
                 DEBUG(1, ("Server offered no compatible mechanism\n"));
-               x_fprintf(x_stdout, "BH\n");
+               x_fprintf(x_stdout, "BH Server offered no compatible mechanism\n");
                 return;
         }
  
@@ -1680,7 +1691,9 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
                                 DEBUG(1, ("Got a negTokenTarg with no mech and an "
                                           "unknown negResult: %d\n",
                                           spnego.negTokenTarg.negResult));
-                               x_fprintf(x_stdout, "BH\n");
+                               x_fprintf(x_stdout, "BH Got a negTokenTarg with"
+                                                   " no mech and an unknown "
+                                                   "negResult\n");
                         }
  
                         ntlmssp_end(&client_ntlmssp_state);
@@ -1704,7 +1717,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
         }
  
         DEBUG(1, ("Got an SPNEGO token I could not handle [%s]!\n", buf));
-       x_fprintf(x_stdout, "BH\n");
+       x_fprintf(x_stdout, "BH Got an SPNEGO token I could not handle\n");
         return;
  
   out:
author	Kai Blin <kai@samba.org>
	Wed, 19 Mar 2008 22:32:38 +0000 (23:32 +0100)
committer	Kai Blin <kai@samba.org>
	Wed, 19 Mar 2008 22:49:43 +0000 (23:49 +0100)