From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Thu, 23 Nov 2023 06:40:05 +0000 (+1300)
Subject: auth/gensec: Return more consistent status codes on gnutls hashing failure
X-Git-Tag: talloc-2.4.2~458
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=150a6ca38ab57676a328be1ca55e1614cbbef867;p=thirdparty%2Fsamba.git

auth/gensec: Return more consistent status codes on gnutls hashing failure

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c
index 4f5db9fc32e..1f8680743e9 100644
--- a/auth/gensec/schannel.c
+++ b/auth/gensec/schannel.c
@@ -480,13 +480,13 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state,
 
 		rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
 		if (rc < 0) {
-			return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+			return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 		}
 
 		rc = gnutls_hash(hash_hnd, zeros, sizeof(zeros));
 		if (rc < 0) {
 			gnutls_hash_deinit(hash_hnd, NULL);
-			return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+			return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 		}
 		if (confounder) {
 			SSVAL(header, 0, NL_SIGN_HMAC_MD5);
@@ -497,12 +497,12 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state,
 			rc = gnutls_hash(hash_hnd, header, 8);
 			if (rc < 0) {
 				gnutls_hash_deinit(hash_hnd, NULL);
-				return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+				return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 			}
 			rc = gnutls_hash(hash_hnd, confounder, 8);
 			if (rc < 0) {
 				gnutls_hash_deinit(hash_hnd, NULL);
-				return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+				return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 			}
 		} else {
 			SSVAL(header, 0, NL_SIGN_HMAC_MD5);
@@ -513,13 +513,13 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state,
 			rc = gnutls_hash(hash_hnd, header, 8);
 			if (rc < 0) {
 				gnutls_hash_deinit(hash_hnd, NULL);
-				return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+				return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 			}
 		}
 		rc = gnutls_hash(hash_hnd, data, length);
 		if (rc < 0) {
 			gnutls_hash_deinit(hash_hnd, NULL);
-			return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+			return gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
 		}
 		gnutls_hash_deinit(hash_hnd, packet_digest);