|
 |
1524bc |
From 1a04e7bc20749e262a61ce52c8173245af8fb69d Mon Sep 17 00:00:00 2001
|
|
|
1524bc |
From: Andrew Bartlett <abartlet@samba.org>
|
|
|
1524bc |
Date: Fri, 16 Aug 2019 15:43:01 +1200
|
|
|
1524bc |
Subject: [PATCH 100/187] auth/gensec: Use gnutls_error_to_ntstatus()
|
|
|
1524bc |
consistently in schannel
|
|
|
1524bc |
|
|
|
1524bc |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
1524bc |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
|
1524bc |
(cherry picked from commit 3b27fd8a490f29cbc94b8ac377b3a2cb6db7598c)
|
|
|
1524bc |
---
|
|
|
1524bc |
auth/gensec/schannel.c | 16 +++++++---------
|
|
|
1524bc |
1 file changed, 7 insertions(+), 9 deletions(-)
|
|
|
1524bc |
|
|
|
1524bc |
diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c
|
|
|
1524bc |
index 719849fa0cc..2a36d0cfa7d 100644
|
|
|
1524bc |
--- a/auth/gensec/schannel.c
|
|
|
1524bc |
+++ b/auth/gensec/schannel.c
|
|
|
1524bc |
@@ -172,17 +172,15 @@ static NTSTATUS netsec_do_seq_num(struct schannel_state *state,
|
|
|
1524bc |
&key,
|
|
|
1524bc |
&iv;;
|
|
|
1524bc |
if (rc < 0) {
|
|
|
1524bc |
- DBG_ERR("ERROR: gnutls_cipher_init: %s\n",
|
|
|
1524bc |
- gnutls_strerror(rc));
|
|
|
1524bc |
- return NT_STATUS_INTERNAL_ERROR;
|
|
|
1524bc |
+ return gnutls_error_to_ntstatus(rc,
|
|
|
1524bc |
+ NT_STATUS_CRYPTO_SYSTEM_INVALID);
|
|
|
1524bc |
}
|
|
|
1524bc |
|
|
|
1524bc |
rc = gnutls_cipher_encrypt(cipher_hnd, seq_num, 8);
|
|
|
1524bc |
gnutls_cipher_deinit(cipher_hnd);
|
|
|
1524bc |
if (rc < 0) {
|
|
|
1524bc |
- DBG_ERR("ERROR: gnutls_cipher_encrypt: %s\n",
|
|
|
1524bc |
- gnutls_strerror(rc));
|
|
|
1524bc |
- return NT_STATUS_INTERNAL_ERROR;
|
|
|
1524bc |
+ return gnutls_error_to_ntstatus(rc,
|
|
|
1524bc |
+ NT_STATUS_CRYPTO_SYSTEM_INVALID);
|
|
|
1524bc |
}
|
|
|
1524bc |
|
|
|
1524bc |
#else /* NOT HAVE_GNUTLS_AES_CFB8 */
|
|
|
1524bc |
@@ -306,7 +304,7 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state,
|
|
|
1524bc |
digest2);
|
|
|
1524bc |
if (rc < 0) {
|
|
|
1524bc |
ZERO_ARRAY(digest2);
|
|
|
1524bc |
- return NT_STATUS_INTERNAL_ERROR;
|
|
|
1524bc |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
|
|
|
1524bc |
}
|
|
|
1524bc |
|
|
|
1524bc |
rc = gnutls_hmac_fast(GNUTLS_MAC_MD5,
|
|
|
1524bc |
@@ -318,7 +316,7 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state,
|
|
|
1524bc |
|
|
|
1524bc |
ZERO_ARRAY(digest2);
|
|
|
1524bc |
if (rc < 0) {
|
|
|
1524bc |
- return NT_STATUS_INTERNAL_ERROR;
|
|
|
1524bc |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
|
|
|
1524bc |
}
|
|
|
1524bc |
|
|
|
1524bc |
rc = gnutls_cipher_init(&cipher_hnd,
|
|
|
1524bc |
@@ -377,7 +375,7 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state,
|
|
|
1524bc |
state->creds->session_key,
|
|
|
1524bc |
sizeof(state->creds->session_key));
|
|
|
1524bc |
if (rc < 0) {
|
|
|
1524bc |
- return NT_STATUS_NO_MEMORY;
|
|
|
1524bc |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
|
|
|
1524bc |
}
|
|
|
1524bc |
|
|
|
1524bc |
if (confounder) {
|
|
|
1524bc |
--
|
|
|
1524bc |
2.23.0
|
|
|
1524bc |
|