summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-10-18 21:13:16 +1100
committerStefan Metzmacher <metze@samba.org>2011-10-21 08:43:10 +0200
commit083025ccd53fe3ee90fcc81eb8d4c566e11fd6ac (patch)
tree7352125c6a227d7a7d1224e2bfb00de7386f0fc7
parent915fe7981b48537bb000ae5f90e630caacf657e0 (diff)
downloadsamba-083025ccd53fe3ee90fcc81eb8d4c566e11fd6ac.tar.gz
samba-083025ccd53fe3ee90fcc81eb8d4c566e11fd6ac.tar.bz2
samba-083025ccd53fe3ee90fcc81eb8d4c566e11fd6ac.zip
s3-ntlmssp Remove auth_ntlmssp_update wrapper
We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r--source3/include/ntlmssp_wrap.h4
-rw-r--r--source3/librpc/crypto/cli_spnego.c5
-rw-r--r--source3/libsmb/clifsinfo.c5
-rw-r--r--source3/libsmb/ntlmssp_wrap.c7
-rw-r--r--source3/rpc_client/cli_pipe.c7
-rw-r--r--source3/rpc_server/dcesrv_ntlmssp.c4
-rw-r--r--source3/smbd/negprot.c4
-rw-r--r--source3/smbd/seal.c15
-rw-r--r--source3/smbd/sesssetup.c14
-rw-r--r--source3/smbd/smb2_sesssetup.c23
10 files changed, 41 insertions, 47 deletions
diff --git a/source3/include/ntlmssp_wrap.h b/source3/include/ntlmssp_wrap.h
index bfbfdebd26..71fa3b7370 100644
--- a/source3/include/ntlmssp_wrap.h
+++ b/source3/include/ntlmssp_wrap.h
@@ -72,10 +72,6 @@ void auth_ntlmssp_want_feature(struct auth_ntlmssp_state *ans, uint32_t feature)
DATA_BLOB auth_ntlmssp_get_session_key(struct auth_ntlmssp_state *ans,
TALLOC_CTX *mem_ctx);
-NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *ans,
- TALLOC_CTX *mem_ctx,
- const DATA_BLOB request, DATA_BLOB *reply);
-
NTSTATUS auth_ntlmssp_client_prepare(TALLOC_CTX *mem_ctx,
struct auth_ntlmssp_state **_ans);
NTSTATUS auth_ntlmssp_client_start(struct auth_ntlmssp_state *ans);
diff --git a/source3/librpc/crypto/cli_spnego.c b/source3/librpc/crypto/cli_spnego.c
index 4742158b24..db03fdc852 100644
--- a/source3/librpc/crypto/cli_spnego.c
+++ b/source3/librpc/crypto/cli_spnego.c
@@ -24,6 +24,7 @@
#include "auth/ntlmssp/ntlmssp.h"
#include "librpc/crypto/gse.h"
#include "librpc/crypto/spnego.h"
+#include "auth/gensec/gensec.h"
static NTSTATUS spnego_context_init(TALLOC_CTX *mem_ctx,
bool do_sign, bool do_seal,
@@ -213,8 +214,8 @@ NTSTATUS spnego_get_client_auth_token(TALLOC_CTX *mem_ctx,
case SPNEGO_NTLMSSP:
ntlmssp_ctx = sp_ctx->mech_ctx.ntlmssp_state;
- status = auth_ntlmssp_update(ntlmssp_ctx, mem_ctx,
- token_in, &token_out);
+ status = gensec_update(ntlmssp_ctx->gensec_security, mem_ctx, NULL,
+ token_in, &token_out);
if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
mech_wants_more = true;
diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c
index b312cfbd48..fa8dba5fbd 100644
--- a/source3/libsmb/clifsinfo.c
+++ b/source3/libsmb/clifsinfo.c
@@ -27,6 +27,7 @@
#include "smb_crypt.h"
#include "trans2.h"
#include "ntlmssp_wrap.h"
+#include "auth/gensec/gensec.h"
/****************************************************************************
Get UNIX extensions version info.
@@ -637,8 +638,8 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
}
do {
- status = auth_ntlmssp_update(es->s.auth_ntlmssp_state, es->s.auth_ntlmssp_state,
- blob_in, &blob_out);
+ status = gensec_update(es->s.auth_ntlmssp_state->gensec_security, es->s.auth_ntlmssp_state,
+ NULL, blob_in, &blob_out);
data_blob_free(&blob_in);
data_blob_free(&param_out);
if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(status)) {
diff --git a/source3/libsmb/ntlmssp_wrap.c b/source3/libsmb/ntlmssp_wrap.c
index 3d1d099a58..af5f2c9f68 100644
--- a/source3/libsmb/ntlmssp_wrap.c
+++ b/source3/libsmb/ntlmssp_wrap.c
@@ -127,13 +127,6 @@ DATA_BLOB auth_ntlmssp_get_session_key(struct auth_ntlmssp_state *ans, TALLOC_CT
}
}
-NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *ans,
- TALLOC_CTX *mem_ctx,
- const DATA_BLOB request, DATA_BLOB *reply)
-{
- return gensec_update(ans->gensec_security, mem_ctx, NULL, request, reply);
-}
-
static NTSTATUS gensec_ntlmssp3_client_update(struct gensec_security *gensec_security,
TALLOC_CTX *out_mem_ctx,
struct tevent_context *ev,
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 94e4a5106f..9af351b274 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -34,6 +34,7 @@
#include "rpc_dce.h"
#include "cli_pipe.h"
#include "libsmb/libsmb.h"
+#include "auth/gensec/gensec.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_CLI
@@ -1048,7 +1049,7 @@ static NTSTATUS create_ntlmssp_auth_rpc_bind_req(struct rpc_pipe_client *cli,
struct auth_ntlmssp_state);
DEBUG(5, ("create_ntlmssp_auth_rpc_bind_req: Processing NTLMSSP Negotiate\n"));
- status = auth_ntlmssp_update(ntlmssp_ctx, mem_ctx, null_blob, auth_token);
+ status = gensec_update(ntlmssp_ctx->gensec_security, mem_ctx, NULL, null_blob, auth_token);
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
data_blob_free(auth_token);
@@ -1773,8 +1774,8 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
case DCERPC_AUTH_TYPE_NTLMSSP:
ntlmssp_ctx = talloc_get_type_abort(pauth->auth_ctx,
struct auth_ntlmssp_state);
- status = auth_ntlmssp_update(ntlmssp_ctx, state,
- auth.credentials, &auth_token);
+ status = gensec_update(ntlmssp_ctx->gensec_security, state, NULL,
+ auth.credentials, &auth_token);
if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
status = rpc_bind_next_send(req, state,
diff --git a/source3/rpc_server/dcesrv_ntlmssp.c b/source3/rpc_server/dcesrv_ntlmssp.c
index 04dd9e6521..dcbfafb1c2 100644
--- a/source3/rpc_server/dcesrv_ntlmssp.c
+++ b/source3/rpc_server/dcesrv_ntlmssp.c
@@ -59,7 +59,7 @@ NTSTATUS ntlmssp_server_auth_start(TALLOC_CTX *mem_ctx,
return status;
}
- status = auth_ntlmssp_update(a, mem_ctx, *token_in, token_out);
+ status = gensec_update(a->gensec_security, mem_ctx, NULL, *token_in, token_out);
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
DEBUG(0, (__location__ ": auth_ntlmssp_update failed: %s\n",
nt_errstr(status)));
@@ -88,7 +88,7 @@ NTSTATUS ntlmssp_server_step(struct auth_ntlmssp_state *ctx,
/* this has to be done as root in order to verify the password */
become_root();
- status = auth_ntlmssp_update(ctx, mem_ctx, *token_in, token_out);
+ status = gensec_update(ctx->gensec_security, mem_ctx, NULL, *token_in, token_out);
unbecome_root();
return status;
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 89ef52c6e8..a0ed52d659 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -208,8 +208,8 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
if (NT_STATUS_IS_OK(status)) {
status = auth_generic_start(auth_ntlmssp_state, GENSEC_OID_SPNEGO);
if (NT_STATUS_IS_OK(status)) {
- status = auth_ntlmssp_update(auth_ntlmssp_state, ctx,
- data_blob_null, &blob);
+ status = gensec_update(auth_ntlmssp_state->gensec_security, ctx,
+ NULL, data_blob_null, &blob);
/* If we get the list of OIDs, the 'OK' answer
* is NT_STATUS_MORE_PROCESSING_REQUIRED */
if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c
index f68b6c7a8f..73efc6ceff 100644
--- a/source3/smbd/seal.c
+++ b/source3/smbd/seal.c
@@ -28,6 +28,7 @@
#include "auth.h"
#include "libsmb/libsmb.h"
#include "../lib/tsocket/tsocket.h"
+#include "auth/gensec/gensec.h"
/******************************************************************************
Server side encryption.
@@ -488,9 +489,9 @@ static NTSTATUS srv_enc_ntlm_negotiate(const struct tsocket_address *remote_addr
return status;
}
- status = auth_ntlmssp_update(partial_srv_trans_enc_ctx->auth_ntlmssp_state,
- talloc_tos(),
- secblob, &chal);
+ status = gensec_update(partial_srv_trans_enc_ctx->auth_ntlmssp_state->gensec_security,
+ talloc_tos(), NULL,
+ secblob, &chal);
/* status here should be NT_STATUS_MORE_PROCESSING_REQUIRED
* for success ... */
@@ -613,7 +614,7 @@ static NTSTATUS srv_enc_spnego_ntlm_auth(connection_struct *conn,
return NT_STATUS_INVALID_PARAMETER;
}
- status = auth_ntlmssp_update(ec->auth_ntlmssp_state, talloc_tos(), auth, &auth_reply);
+ status = gensec_update(ec->auth_ntlmssp_state->gensec_security, talloc_tos(), NULL, auth, &auth_reply);
data_blob_free(&auth);
/* From RFC4178.
@@ -683,9 +684,9 @@ static NTSTATUS srv_enc_raw_ntlm_auth(connection_struct *conn,
}
/* Second step. */
- status = auth_ntlmssp_update(partial_srv_trans_enc_ctx->auth_ntlmssp_state,
- talloc_tos(),
- blob, &response);
+ status = gensec_update(partial_srv_trans_enc_ctx->auth_ntlmssp_state->gensec_security,
+ talloc_tos(), NULL,
+ blob, &response);
if (NT_STATUS_IS_OK(status)) {
/* Return the context we're using for this encryption state. */
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index a5f2030ee5..7729ff675b 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -644,8 +644,8 @@ static void reply_spnego_negotiate(struct smb_request *req,
return;
}
- status = auth_ntlmssp_update(*auth_ntlmssp_state, talloc_tos(),
- secblob, &chal);
+ status = gensec_update((*auth_ntlmssp_state)->gensec_security, talloc_tos(),
+ NULL, secblob, &chal);
data_blob_free(&secblob);
@@ -757,8 +757,8 @@ static void reply_spnego_auth(struct smb_request *req,
}
}
- status = auth_ntlmssp_update(*auth_ntlmssp_state, talloc_tos(),
- auth, &auth_reply);
+ status = gensec_update((*auth_ntlmssp_state)->gensec_security, talloc_tos(),
+ NULL, auth, &auth_reply);
data_blob_free(&auth);
@@ -1171,9 +1171,9 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
}
}
- status = auth_ntlmssp_update(vuser->auth_ntlmssp_state,
- talloc_tos(),
- blob1, &chal);
+ status = gensec_update(vuser->auth_ntlmssp_state->gensec_security,
+ talloc_tos(), NULL,
+ blob1, &chal);
data_blob_free(&blob1);
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index aa898eaad7..059b26f0bf 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -388,10 +388,10 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session,
goto out;
}
- status = auth_ntlmssp_update(session->auth_ntlmssp_state,
- talloc_tos(),
- secblob_in,
- &chal_out);
+ status = gensec_update(session->auth_ntlmssp_state->gensec_security,
+ talloc_tos(), NULL,
+ secblob_in,
+ &chal_out);
}
if (!NT_STATUS_IS_OK(status) &&
@@ -582,9 +582,10 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session,
}
}
- status = auth_ntlmssp_update(session->auth_ntlmssp_state,
- talloc_tos(), auth,
- &auth_out);
+ status = gensec_update(session->auth_ntlmssp_state->gensec_security,
+ talloc_tos(), NULL,
+ auth,
+ &auth_out);
/* If status is NT_STATUS_OK then we need to get the token.
* Map to guest is now internal to auth_ntlmssp */
if (NT_STATUS_IS_OK(status)) {
@@ -661,10 +662,10 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session,
}
/* RAW NTLMSSP */
- status = auth_ntlmssp_update(session->auth_ntlmssp_state,
- smb2req,
- in_security_buffer,
- out_security_buffer);
+ status = gensec_update(session->auth_ntlmssp_state->gensec_security,
+ smb2req, NULL,
+ in_security_buffer,
+ out_security_buffer);
if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
*out_session_id = session->vuid;