Add a touch of 'const' to some auth components, and move the simple plaintext

password check into its own helper funciton.  (This will allow it to be called
from other places).

Andrew Bartlett

2 files changed, 41 insertions, 32 deletions

diff --git a/source/auth/auth_compat.c b/source/auth/auth_compat.c
index 28a9780d3f9..8cf304a071a 100644
--- a/source/auth/auth_compat.c
+++ b/source/auth/auth_compat.c
@@ -31,8 +31,34 @@ SMB hash
 return True if the password is correct, False otherwise
 ****************************************************************************/
 
-static NTSTATUS pass_check_smb(char *smb_name,
-			       char *domain, 
+NTSTATUS check_plaintext_password(const char *smb_name, DATA_BLOB plaintext_password, auth_serversupplied_info **server_info)
+{
+	struct auth_context *plaintext_auth_context = NULL;
+	auth_usersupplied_info *user_info = NULL;
+	const uint8 *chal;
+	NTSTATUS nt_status;
+	if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&plaintext_auth_context))) {
+		return nt_status;
+	}
+	
+	chal = plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context);
+	
+	if (!make_user_info_for_reply(&user_info, 
+				      smb_name, lp_workgroup(), chal,
+				      plaintext_password)) {
+		return NT_STATUS_NO_MEMORY;
+	}
+	
+	nt_status = plaintext_auth_context->check_ntlm_password(plaintext_auth_context, 
+								user_info, server_info); 
+	
+	(plaintext_auth_context->free)(&plaintext_auth_context);
+	free_user_info(&user_info);
+	return nt_status;
+}
+
+static NTSTATUS pass_check_smb(const char *smb_name,
+			       const char *domain, 
 			       DATA_BLOB lm_pwd,
 			       DATA_BLOB nt_pwd,
 			       DATA_BLOB plaintext_password,
@@ -40,37 +66,20 @@ static NTSTATUS pass_check_smb(char *smb_name,
 
 {
 	NTSTATUS nt_status;
-	auth_usersupplied_info *user_info = NULL;
 	extern struct auth_context *negprot_global_auth_context;
 	auth_serversupplied_info *server_info = NULL;
 	if (encrypted) {		
+		auth_usersupplied_info *user_info = NULL;
 		make_user_info_for_reply_enc(&user_info, smb_name, 
 					     domain,
 					     lm_pwd, 
 					     nt_pwd);
 		nt_status = negprot_global_auth_context->check_ntlm_password(negprot_global_auth_context, 
 									     user_info, &server_info);
+		free_user_info(&user_info);
 	} else {
-		struct auth_context *plaintext_auth_context = NULL;
-		const uint8 *chal;
-		if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&plaintext_auth_context))) {
-			return nt_status;
-		}
-
-		chal = plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context);
-
-		if (!make_user_info_for_reply(&user_info, 
-					      smb_name, domain, chal,
-					      plaintext_password)) {
-			return NT_STATUS_NO_MEMORY;
-		}
-		
-		nt_status = plaintext_auth_context->check_ntlm_password(plaintext_auth_context, 
-									user_info, &server_info); 
-		
-		(plaintext_auth_context->free)(&plaintext_auth_context);
+		nt_status = check_plaintext_password(smb_name, plaintext_password, &server_info);
 	}		
-	free_user_info(&user_info);
 	free_server_info(&server_info);
 	return nt_status;
 }
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index 0839b196658..5b252f42cdb 100644
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -241,11 +241,11 @@ BOOL make_user_info_map(auth_usersupplied_info **user_info,
 ****************************************************************************/
 
 BOOL make_user_info_netlogon_network(auth_usersupplied_info **user_info, 
-				     char *smb_name, 
-				     char *client_domain, 
-				     char *wksta_name, 
-				     uchar *lm_network_pwd, int lm_pwd_len,
-				     uchar *nt_network_pwd, int nt_pwd_len)
+				     const char *smb_name, 
+				     const char *client_domain, 
+				     const char *wksta_name, 
+				     const uchar *lm_network_pwd, int lm_pwd_len,
+				     const uchar *nt_network_pwd, int nt_pwd_len)
 {
 	BOOL ret;
 	DATA_BLOB lm_blob = data_blob(lm_network_pwd, lm_pwd_len);
@@ -361,8 +361,8 @@ BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
 ****************************************************************************/
 
 BOOL make_user_info_for_reply(auth_usersupplied_info **user_info, 
-			      char *smb_name, 
-			      char *client_domain,
+			      const char *smb_name, 
+			      const char *client_domain,
 			      const uint8 chal[8],
 			      DATA_BLOB plaintext_password)
 {
@@ -416,9 +416,9 @@ BOOL make_user_info_for_reply(auth_usersupplied_info **user_info,
 ****************************************************************************/
 
 BOOL make_user_info_for_reply_enc(auth_usersupplied_info **user_info, 
-			      char *smb_name,
-			      char *client_domain, 
-			      DATA_BLOB lm_resp, DATA_BLOB nt_resp)
+				  const char *smb_name,
+				  const char *client_domain, 
+				  DATA_BLOB lm_resp, DATA_BLOB nt_resp)
 {
 	uint32 auth_flags = AUTH_FLAG_NONE;