diff options
author | Günther Deschner <gd@samba.org> | 2009-09-13 18:42:45 +0200 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2009-09-16 00:16:04 +0200 |
commit | 1f4123677e509f4479b87c0a9c20abdc556890b1 (patch) | |
tree | 58123b5e2ce352996f9a103ca01188afd1171038 | |
parent | 9cb205d7535ce1ff811892580e3419c3f562d607 (diff) | |
download | samba-1f4123677e509f4479b87c0a9c20abdc556890b1.tar.gz samba-1f4123677e509f4479b87c0a9c20abdc556890b1.tar.bz2 samba-1f4123677e509f4479b87c0a9c20abdc556890b1.zip |
s4-schannel: first step of decoupling schannel from gensec.
Guenther
-rw-r--r-- | source4/auth/gensec/schannel.c | 51 | ||||
-rw-r--r-- | source4/auth/gensec/schannel_sign.c | 20 |
2 files changed, 51 insertions, 20 deletions
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c index 15d64436e3..90b90fca9c 100644 --- a/source4/auth/gensec/schannel.c +++ b/source4/auth/gensec/schannel.c @@ -281,6 +281,49 @@ static bool schannel_have_feature(struct gensec_security *gensec_security, return false; } +static NTSTATUS schannel_seal_packet_wrap(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, + uint8_t *data, size_t length, + const uint8_t *whole_pdu, size_t pdu_length, + DATA_BLOB *sig) +{ + struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); + + return schannel_seal_packet(state, mem_ctx, data, length, sig); +} + +static NTSTATUS schannel_sign_packet_wrap(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, + const uint8_t *data, size_t length, + const uint8_t *whole_pdu, size_t pdu_length, + DATA_BLOB *sig) +{ + struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); + + return schannel_sign_packet(state, mem_ctx, data, length, sig); +} + +static NTSTATUS schannel_check_packet_wrap(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, + const uint8_t *data, size_t length, + const uint8_t *whole_pdu, size_t pdu_length, + const DATA_BLOB *sig) +{ + struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); + + return schannel_check_packet(state, mem_ctx, data, length, sig); +} + +static NTSTATUS schannel_unseal_packet_wrap(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, + uint8_t *data, size_t length, + const uint8_t *whole_pdu, size_t pdu_length, + const DATA_BLOB *sig) +{ + struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); + + return schannel_unseal_packet(state, mem_ctx, data, length, sig); +} static const struct gensec_security_ops gensec_schannel_security_ops = { .name = "schannel", @@ -288,10 +331,10 @@ static const struct gensec_security_ops gensec_schannel_security_ops = { .client_start = schannel_client_start, .server_start = schannel_server_start, .update = schannel_update, - .seal_packet = schannel_seal_packet, - .sign_packet = schannel_sign_packet, - .check_packet = schannel_check_packet, - .unseal_packet = schannel_unseal_packet, + .seal_packet = schannel_seal_packet_wrap, + .sign_packet = schannel_sign_packet_wrap, + .check_packet = schannel_check_packet_wrap, + .unseal_packet = schannel_unseal_packet_wrap, .session_key = schannel_session_key, .session_info = schannel_session_info, .sig_size = schannel_sig_size, diff --git a/source4/auth/gensec/schannel_sign.c b/source4/auth/gensec/schannel_sign.c index 1547175658..ca066b102d 100644 --- a/source4/auth/gensec/schannel_sign.c +++ b/source4/auth/gensec/schannel_sign.c @@ -99,14 +99,11 @@ static void schannel_digest(const uint8_t sess_key[16], /* unseal a packet */ -NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security, +NTSTATUS schannel_unseal_packet(struct schannel_state *state, TALLOC_CTX *mem_ctx, uint8_t *data, size_t length, - const uint8_t *whole_pdu, size_t pdu_length, const DATA_BLOB *sig) { - struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); - uint8_t digest_final[16]; uint8_t confounder[8]; uint8_t seq_num[8]; @@ -150,14 +147,11 @@ NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security, /* check the signature on a packet */ -NTSTATUS schannel_check_packet(struct gensec_security *gensec_security, +NTSTATUS schannel_check_packet(struct schannel_state *state, TALLOC_CTX *mem_ctx, const uint8_t *data, size_t length, - const uint8_t *whole_pdu, size_t pdu_length, const DATA_BLOB *sig) { - struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); - uint8_t digest_final[16]; uint8_t seq_num[8]; static const uint8_t netsec_sig[8] = NETSEC_SIGN_SIGNATURE; @@ -198,14 +192,11 @@ NTSTATUS schannel_check_packet(struct gensec_security *gensec_security, /* seal a packet */ -NTSTATUS schannel_seal_packet(struct gensec_security *gensec_security, +NTSTATUS schannel_seal_packet(struct schannel_state *state, TALLOC_CTX *mem_ctx, uint8_t *data, size_t length, - const uint8_t *whole_pdu, size_t pdu_length, DATA_BLOB *sig) { - struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); - uint8_t digest_final[16]; uint8_t confounder[8]; uint8_t seq_num[8]; @@ -246,14 +237,11 @@ NTSTATUS schannel_seal_packet(struct gensec_security *gensec_security, /* sign a packet */ -NTSTATUS schannel_sign_packet(struct gensec_security *gensec_security, +NTSTATUS schannel_sign_packet(struct schannel_state *state, TALLOC_CTX *mem_ctx, const uint8_t *data, size_t length, - const uint8_t *whole_pdu, size_t pdu_length, DATA_BLOB *sig) { - struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); - uint8_t digest_final[16]; uint8_t seq_num[8]; static const uint8_t netsec_sig[8] = NETSEC_SIGN_SIGNATURE; |