summaryrefslogtreecommitdiff
path: root/daemon/ntlm.c
diff options
context:
space:
mode:
Diffstat (limited to 'daemon/ntlm.c')
-rw-r--r--daemon/ntlm.c137
1 files changed, 75 insertions, 62 deletions
diff --git a/daemon/ntlm.c b/daemon/ntlm.c
index 736ac28..ef889f1 100644
--- a/daemon/ntlm.c
+++ b/daemon/ntlm.c
@@ -70,44 +70,6 @@ static pthread_mutexattr_t g_smblib_mutexattr;
* Internal Functions
*/
-static ntlm_connection_t* getpending(ntlm_context_t* ctx, const void* key)
-{
- ntlm_connection_t* ret;
-
- ASSERT(ctx && key);
-
- ha_lock(NULL);
-
- ret = (ntlm_connection_t*)hash_rem(ctx->pending, key);
-
- ha_unlock(NULL);
-
- return ret;
-}
-
-static int putpending(ntlm_context_t* ctx, const void* key, ntlm_connection_t* conn)
-{
- int r = 0;
-
- ASSERT(ctx && key && conn);
- ASSERT(conn->handle);
-
- if(!hash_get(ctx->pending, key))
- {
- ha_lock(NULL);
-
- if(!hash_set(ctx->pending, key, (void*)conn))
- {
- ha_messagex(LOG_ERR, "out of memory");
- r = -1;
- }
-
- ha_unlock(NULL);
- }
-
- return r;
-}
-
static ntlm_connection_t* makeconnection(ntlm_context_t* ctx)
{
ntlm_connection_t* conn;
@@ -163,6 +125,45 @@ static void free_hash_object(void* arg, void* val)
}
}
+static ntlm_connection_t* getpending(ntlm_context_t* ctx, const void* key)
+{
+ ntlm_connection_t* ret;
+
+ ASSERT(ctx && key);
+
+ ha_lock(NULL);
+
+ ret = (ntlm_connection_t*)hash_rem(ctx->pending, key);
+
+ ha_unlock(NULL);
+
+ return ret;
+}
+
+static int putpending(ntlm_context_t* ctx, const void* key, ntlm_connection_t* conn)
+{
+ int r = 0;
+
+ ASSERT(ctx && key && conn);
+ ASSERT(conn->handle);
+
+ if(!hash_get(ctx->pending, key))
+ {
+ ha_lock(NULL);
+
+ if(!hash_set(ctx->pending, key, (void*)conn))
+ {
+ free_hash_object(NULL, conn);
+ ha_messagex(LOG_ERR, "out of memory");
+ r = -1;
+ }
+
+ ha_unlock(NULL);
+ }
+
+ return r;
+}
+
int ntlm_auth_basic(ntlm_context_t* ctx, char* key, const char* header,
ha_response_t* resp, ha_buffer_t* buf)
{
@@ -171,6 +172,7 @@ int ntlm_auth_basic(ntlm_context_t* ctx, char* key, const char* header,
basic_header_t basic;
const char* domain = NULL;
int found = 0;
+ int r;
ASSERT(ctx && key && header && resp && buf);
@@ -183,8 +185,8 @@ int ntlm_auth_basic(ntlm_context_t* ctx, char* key, const char* header,
if(conn)
freeconnection(conn);
- if(basic_parse(header, buf, &basic) == HA_ERROR)
- return HA_ERROR;
+ if((r = basic_parse(header, buf, &basic)) < 0)
+ return r;
/* Check and see if this connection is in the cache */
ha_lock(NULL);
@@ -249,7 +251,7 @@ int ntlm_auth_basic(ntlm_context_t* ctx, char* key, const char* header,
if(!r)
{
ha_messagex(LOG_CRIT, "out of memory");
- return HA_ERROR;
+ return HA_CRITERROR;
}
return HA_OK;
@@ -329,11 +331,19 @@ int ntlm_auth_ntlm(ntlm_context_t* ctx, void* key, const char* header,
* pending stack so that the correct request will complete
* properly when it comes through.
*/
- if(putpending(ctx, key, conn) != -1)
- conn = NULL;
+ r = putpending(ctx, key, conn);
+ conn = NULL;
+
+ if(r < 0)
+ {
+ ret = HA_CRITERROR;
+ }
+ else
+ {
+ ha_messagex(LOG_ERR, "received out of order NTLM request from client");
+ resp->code = HA_SERVER_BADREQ;
+ }
- ha_messagex(LOG_ERR, "received out of order NTLM request from client");
- resp->code = HA_SERVER_BADREQ;
goto finally;
}
@@ -362,7 +372,7 @@ int ntlm_auth_ntlm(ntlm_context_t* ctx, void* key, const char* header,
if(!conn)
{
- resp->code = HA_SERVER_ERROR;
+ ret = HA_FAILED;
goto finally;
}
@@ -396,11 +406,7 @@ int ntlm_auth_ntlm(ntlm_context_t* ctx, void* key, const char* header,
*/
/* Cache this connection in our pending set ... */
- if(putpending(ctx, key, conn) == -1)
- {
- resp->code = HA_SERVER_ERROR;
- goto finally;
- }
+ r = putpending(ctx, key, conn);
/*
* By marking this as null, the cleanup code
@@ -409,8 +415,15 @@ int ntlm_auth_ntlm(ntlm_context_t* ctx, void* key, const char* header,
*/
conn = NULL;
- ha_addheader(resp, "WWW-Authenticate", ha_bufdata(buf));
- resp->code = HA_SERVER_DECLINE;
+ if(r < 0)
+ {
+ ret = HA_CRITERROR;
+ }
+ else
+ {
+ ha_addheader(resp, "WWW-Authenticate", ha_bufdata(buf));
+ resp->code = HA_SERVER_DECLINE;
+ }
goto finally;
}
@@ -475,7 +488,7 @@ int ntlm_auth_ntlm(ntlm_context_t* ctx, void* key, const char* header,
if(!r)
{
ha_messagex(LOG_CRIT, "out of memory");
- ret = HA_ERROR;
+ ret = HA_CRITERROR;
}
else
{
@@ -495,7 +508,7 @@ int ntlm_auth_ntlm(ntlm_context_t* ctx, void* key, const char* header,
finally:
if(ha_buferr(buf))
- ret = HA_ERROR;
+ ret = HA_CRITERROR;
if(conn)
freeconnection(conn);
@@ -565,7 +578,7 @@ int ntlm_init(ha_context_t* context)
{
ha_messagex(LOG_ERR, "NTLM module configured, but does not implement any "
"configured authentication type.");
- return HA_ERROR;
+ return HA_FAILED;
}
/* Check for mandatory configuration */
@@ -573,7 +586,7 @@ int ntlm_init(ha_context_t* context)
{
ha_messagex(LOG_ERR, "NTLM configuration incomplete. "
"Must have NTLMServer and NTLMDomain configured.");
- return HA_ERROR;
+ return HA_FAILED;
}
ASSERT(!ctx->pending);
@@ -584,7 +597,7 @@ int ntlm_init(ha_context_t* context)
!(ctx->established = hash_create(NTLM_HASH_KEY_LEN, NULL, NULL)))
{
ha_messagex(LOG_CRIT, "out of memory");
- return HA_ERROR;
+ return HA_CRITERROR;
}
}
@@ -597,7 +610,7 @@ int ntlm_init(ha_context_t* context)
pthread_mutex_init(&g_smblib_mutex, &g_smblib_mutexattr) != 0)
{
ha_messagex(LOG_CRIT, "threading problem. can't create mutex");
- return HA_ERROR;
+ return HA_CRITERROR;
}
}
@@ -671,7 +684,7 @@ int ntlm_process(ha_context_t* context, ha_request_t* req,
header++;
ret = ntlm_auth_ntlm(ctx, key, header, resp, buf);
- if(ret == HA_ERROR)
+ if(ret < 0)
return ret;
}
}
@@ -688,7 +701,7 @@ int ntlm_process(ha_context_t* context, ha_request_t* req,
header++;
ret = ntlm_auth_basic(ctx, key, header, resp, buf);
- if(ret == HA_ERROR)
+ if(ret < 0)
return ret;
}
}
@@ -730,7 +743,7 @@ int ntlm_process(ha_context_t* context, ha_request_t* req,
ctx->basic_realm ? ctx->basic_realm : "", "\"", NULL);
if(ha_buferr(buf))
- return HA_ERROR;
+ return HA_CRITERROR;
ha_addheader(resp, "WWW-Authenticate", ha_bufdata(buf));
}