diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-12-26 14:23:15 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-05 17:17:28 +0100 |
commit | 3042e38d519411e774e110b16a2eeeaef4b25a65 (patch) | |
tree | e8586dd2c248ad1091c36d52bf69e031201bd0f4 /source3/auth | |
parent | 0c0c23f3fe6f7c55d69d6ca19f8252b12aa8fe5a (diff) | |
download | samba-3042e38d519411e774e110b16a2eeeaef4b25a65.tar.gz samba-3042e38d519411e774e110b16a2eeeaef4b25a65.tar.bz2 samba-3042e38d519411e774e110b16a2eeeaef4b25a65.zip |
s3-auth use gensec directly rather than via auth_generic_state
This is possible because the s3 gensec modules are started as
normal gensec modules, so we do not need a wrapper any more.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source3/auth')
-rw-r--r-- | source3/auth/auth_generic.c | 62 | ||||
-rw-r--r-- | source3/auth/proto.h | 6 |
2 files changed, 24 insertions, 44 deletions
diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c index 8141f18eac..cd4b764e85 100644 --- a/source3/auth/auth_generic.c +++ b/source3/auth/auth_generic.c @@ -33,89 +33,73 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, const struct tsocket_address *remote_address, - struct auth_generic_state **auth_ntlmssp_state) + struct gensec_security **gensec_security_out) { + struct gensec_security *gensec_security; struct auth_context *auth_context; - struct auth_generic_state *ans; NTSTATUS nt_status; - ans = talloc_zero(mem_ctx, struct auth_generic_state); - if (!ans) { - DEBUG(0,("auth_ntlmssp_start: talloc failed!\n")); - return NT_STATUS_NO_MEMORY; - } + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + NT_STATUS_HAVE_NO_MEMORY(tmp_ctx); - nt_status = make_auth_context_subsystem(talloc_tos(), &auth_context); + nt_status = make_auth_context_subsystem(tmp_ctx, &auth_context); if (!NT_STATUS_IS_OK(nt_status)) { - TALLOC_FREE(ans); + TALLOC_FREE(tmp_ctx); return nt_status; } - ans->auth_context = talloc_steal(ans, auth_context); - if (auth_context->prepare_gensec) { - nt_status = auth_context->prepare_gensec(ans, - &ans->gensec_security); + nt_status = auth_context->prepare_gensec(tmp_ctx, + &gensec_security); if (!NT_STATUS_IS_OK(nt_status)) { - TALLOC_FREE(ans); + TALLOC_FREE(tmp_ctx); return nt_status; } } else { struct gensec_settings *gensec_settings; struct loadparm_context *lp_ctx; - lp_ctx = loadparm_init_s3(ans, loadparm_s3_context()); + lp_ctx = loadparm_init_s3(tmp_ctx, loadparm_s3_context()); if (lp_ctx == NULL) { DEBUG(10, ("loadparm_init_s3 failed\n")); - TALLOC_FREE(ans); + TALLOC_FREE(tmp_ctx); return NT_STATUS_INVALID_SERVER_STATE; } - gensec_settings = lpcfg_gensec_settings(ans, lp_ctx); + gensec_settings = lpcfg_gensec_settings(tmp_ctx, lp_ctx); if (lp_ctx == NULL) { DEBUG(10, ("lpcfg_gensec_settings failed\n")); - TALLOC_FREE(ans); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } gensec_settings->backends = talloc_zero_array(gensec_settings, struct gensec_security_ops *, 2); if (gensec_settings->backends == NULL) { - TALLOC_FREE(ans); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } gensec_settings->backends[0] = &gensec_ntlmssp3_server_ops; - nt_status = gensec_server_start(ans, gensec_settings, - NULL, &ans->gensec_security); + nt_status = gensec_server_start(tmp_ctx, gensec_settings, + NULL, &gensec_security); if (!NT_STATUS_IS_OK(nt_status)) { - TALLOC_FREE(ans); + TALLOC_FREE(tmp_ctx); return nt_status; } - talloc_unlink(ans, lp_ctx); - talloc_unlink(ans, gensec_settings); + talloc_unlink(tmp_ctx, lp_ctx); + talloc_unlink(tmp_ctx, gensec_settings); } - nt_status = gensec_set_remote_address(ans->gensec_security, + nt_status = gensec_set_remote_address(gensec_security, remote_address); if (!NT_STATUS_IS_OK(nt_status)) { - TALLOC_FREE(ans); + TALLOC_FREE(tmp_ctx); return nt_status; } - *auth_ntlmssp_state = ans; + *gensec_security_out = talloc_steal(mem_ctx, gensec_security); + TALLOC_FREE(tmp_ctx); return NT_STATUS_OK; } - -NTSTATUS auth_generic_start(struct auth_generic_state *auth_ntlmssp_state, const char *oid) -{ - return gensec_start_mech_by_oid(auth_ntlmssp_state->gensec_security, oid); -} - -NTSTATUS auth_generic_authtype_start(struct auth_generic_state *auth_ntlmssp_state, - uint8_t auth_type, uint8_t auth_level) -{ - return gensec_start_mech_by_authtype(auth_ntlmssp_state->gensec_security, - auth_type, auth_level); -} diff --git a/source3/auth/proto.h b/source3/auth/proto.h index 31271da3e5..77f0f543e9 100644 --- a/source3/auth/proto.h +++ b/source3/auth/proto.h @@ -70,11 +70,7 @@ NTSTATUS auth_netlogond_init(void); /* The following definitions come from auth/auth_ntlmssp.c */ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, const struct tsocket_address *remote_address, - struct auth_generic_state **auth_ntlmssp_state); -NTSTATUS auth_generic_start(struct auth_generic_state *auth_ntlmssp_state, const char *oid); -NTSTATUS auth_generic_authtype_start(struct auth_generic_state *auth_ntlmssp_state, - uint8_t auth_type, uint8_t auth_level); - + struct gensec_security **gensec_security_out); /* The following definitions come from auth/auth_sam.c */ |