data_blob_clear_free(&client_key_data);
if (memcmp(value_from_encryption, ntv2_response->data, 16) == 0) {
if (user_sess_key != NULL) {
+ NTSTATUS status;
*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
- SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key->data);
+
+ status = SMBsesskeygen_ntv2(kr,
+ value_from_encryption,
+ user_sess_key->data);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
}
return true;
}
uint8_t kr[16];
uint8_t value_from_encryption[16];
DATA_BLOB client_key_data;
+ NTSTATUS status;
if (part_passwd == NULL) {
DEBUG(10,("No password set - DISALLOWING access\n"));
SMBOWFencrypt_ntv2(kr, sec_blob, &client_key_data, value_from_encryption);
*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
- SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key->data);
+ status = SMBsesskeygen_ntv2(kr,
+ value_from_encryption,
+ user_sess_key->data);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
return true;
}
DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key)
{
uint8_t ntlm_v2_hash[16];
+ NTSTATUS status;
/* We don't use the NT# directly. Instead we use it mashed up with
the username and domain.
/* The NTLMv2 calculations also provide a session key, for signing etc later */
/* use only the first 16 bytes of nt_response for session key */
- SMBsesskeygen_ntv2(ntlm_v2_hash, nt_response->data, user_session_key->data);
+ status = SMBsesskeygen_ntv2(ntlm_v2_hash,
+ nt_response->data,
+ user_session_key->data);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
}
}
/* The NTLMv2 calculations also provide a session key, for signing etc later */
/* use only the first 16 bytes of lm_response for session key */
- SMBsesskeygen_ntv2(ntlm_v2_hash, lm_response->data, lm_session_key->data);
+ status = SMBsesskeygen_ntv2(ntlm_v2_hash,
+ lm_response->data,
+ lm_session_key->data);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
}
}