From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 14 Feb 2025 16:37:45 +0000 (+0100)
Subject: s3:rpc_server/netlogon: split out _netr_NTLMv2_RESPONSE_verify()
X-Git-Tag: tevent-0.17.0~680
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ddf0434c9625969b051b594ce2d3dce43a74dd91;p=thirdparty%2Fsamba.git

s3:rpc_server/netlogon: split out _netr_NTLMv2_RESPONSE_verify()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
---

diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index 896e4e60d5a..2a5bfb40a55 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1638,6 +1638,30 @@ static NTSTATUS _netr_LogonSamLogon_check(const struct netr_LogonSamLogonEx *r)
  _netr_LogonSamLogon_base
  *************************************************************************/
 
+static NTSTATUS _netr_NTLMv2_RESPONSE_verify(
+			struct dcesrv_call_state *dce_call,
+			const struct auth_usersupplied_info *user_info,
+			const struct netlogon_creds_CredentialState *creds)
+{
+	TALLOC_CTX *frame = talloc_stackframe();
+	const char *workgroup = lp_workgroup();
+	NTSTATUS status;
+
+	status = NTLMv2_RESPONSE_verify_netlogon_creds(
+					user_info->client.account_name,
+					user_info->client.domain_name,
+					user_info->password.response.nt,
+					creds,
+					workgroup);
+	if (!NT_STATUS_IS_OK(status)) {
+		TALLOC_FREE(frame);
+		return status;
+	}
+
+	TALLOC_FREE(frame);
+	return NT_STATUS_OK;
+}
+
 static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
 					 struct netr_LogonSamLogonEx *r,
 					 struct netlogon_creds_CredentialState *creds)
@@ -1788,7 +1812,6 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
 	case NetlogonNetworkTransitiveInformation:
 	{
 		const char *wksname = nt_workstation;
-		const char *workgroup = lp_workgroup();
 		bool ok;
 
 		ok = auth3_context_set_challenge(
@@ -1819,11 +1842,9 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
 		}
 
 		if (NT_STATUS_IS_OK(status)) {
-			status = NTLMv2_RESPONSE_verify_netlogon_creds(
-						user_info->client.account_name,
-						user_info->client.domain_name,
-						user_info->password.response.nt,
-						creds, workgroup);
+			status = _netr_NTLMv2_RESPONSE_verify(dce_call,
+							      user_info,
+							      creds);
 		}
 		break;
 	}