s3-librpc: Simplify SPNEGO code now that all mechs use a struct gensec_security

Signed-off-by: Stefan Metzmacher <metze@samba.org>

3 files changed, 28 insertions, 80 deletions

diff --git a/source3/librpc/crypto/cli_spnego.c b/source3/librpc/crypto/cli_spnego.c
index 0a4bd18b22..dfc31b2d52 100644
--- a/source3/librpc/crypto/cli_spnego.c
+++ b/source3/librpc/crypto/cli_spnego.c
@@ -273,31 +273,13 @@ bool spnego_require_more_processing(struct spnego_context *sp_ctx)
 		return true;
 	}
 
-	/* otherwise see if underlying mechnism does */
-	switch (sp_ctx->mech) {
-	case SPNEGO_KRB5:
-	case SPNEGO_NTLMSSP:
-		return sp_ctx->more_processing;
-	default:
-		DEBUG(0, ("Unsupported type in request!\n"));
-		return false;
-	}
+	return sp_ctx->more_processing;
 }
 
 NTSTATUS spnego_get_negotiated_mech(struct spnego_context *sp_ctx,
-				    enum spnego_mech *type,
 				    struct gensec_security **auth_context)
 {
-	switch (sp_ctx->mech) {
-	case SPNEGO_KRB5:
-	case SPNEGO_NTLMSSP:
-		*auth_context = sp_ctx->mech_ctx.gensec_security;
-		break;
-	default:
-		return NT_STATUS_INTERNAL_ERROR;
-	}
-
-	*type = sp_ctx->mech;
+	*auth_context = sp_ctx->mech_ctx.gensec_security;
 	return NT_STATUS_OK;
 }
 
@@ -306,18 +288,11 @@ DATA_BLOB spnego_get_session_key(TALLOC_CTX *mem_ctx,
 {
 	DATA_BLOB sk;
 	NTSTATUS status;
-	switch (sp_ctx->mech) {
-	case SPNEGO_KRB5:
-	case SPNEGO_NTLMSSP:
-		status = gensec_session_key(sp_ctx->mech_ctx.gensec_security, mem_ctx, &sk);
-		if (!NT_STATUS_IS_OK(status)) {
-			return data_blob_null;
-		}
-		return sk;
-	default:
-		DEBUG(0, ("Unsupported type in request!\n"));
+	status = gensec_session_key(sp_ctx->mech_ctx.gensec_security, mem_ctx, &sk);
+	if (!NT_STATUS_IS_OK(status)) {
 		return data_blob_null;
 	}
+	return sk;
 }
 
 NTSTATUS spnego_sign(TALLOC_CTX *mem_ctx,
@@ -325,18 +300,12 @@ NTSTATUS spnego_sign(TALLOC_CTX *mem_ctx,
 			DATA_BLOB *data, DATA_BLOB *full_data,
 			DATA_BLOB *signature)
 {
-	switch(sp_ctx->mech) {
-	case SPNEGO_KRB5:
-	case SPNEGO_NTLMSSP:
-		return gensec_sign_packet(
-			sp_ctx->mech_ctx.gensec_security,
-			mem_ctx,
-			data->data, data->length,
-			full_data->data, full_data->length,
-			signature);
-	default:
-		return NT_STATUS_INVALID_PARAMETER;
-	}
+	return gensec_sign_packet(
+		sp_ctx->mech_ctx.gensec_security,
+		mem_ctx,
+		data->data, data->length,
+		full_data->data, full_data->length,
+		signature);
 }
 
 NTSTATUS spnego_sigcheck(TALLOC_CTX *mem_ctx,
@@ -344,17 +313,11 @@ NTSTATUS spnego_sigcheck(TALLOC_CTX *mem_ctx,
 			 DATA_BLOB *data, DATA_BLOB *full_data,
 			 DATA_BLOB *signature)
 {
-	switch(sp_ctx->mech) {
-	case SPNEGO_KRB5:
-	case SPNEGO_NTLMSSP:
-		return gensec_check_packet(
-			sp_ctx->mech_ctx.gensec_security,
-			data->data, data->length,
-			full_data->data, full_data->length,
-			signature);
-	default:
-		return NT_STATUS_INVALID_PARAMETER;
-	}
+	return gensec_check_packet(
+		sp_ctx->mech_ctx.gensec_security,
+		data->data, data->length,
+		full_data->data, full_data->length,
+		signature);
 }
 
 NTSTATUS spnego_seal(TALLOC_CTX *mem_ctx,
@@ -362,18 +325,12 @@ NTSTATUS spnego_seal(TALLOC_CTX *mem_ctx,
 			DATA_BLOB *data, DATA_BLOB *full_data,
 			DATA_BLOB *signature)
 {
-	switch(sp_ctx->mech) {
-	case SPNEGO_KRB5:
-	case SPNEGO_NTLMSSP:
-		return gensec_seal_packet(
-			sp_ctx->mech_ctx.gensec_security,
-			mem_ctx,
-			data->data, data->length,
-			full_data->data, full_data->length,
-			signature);
-	default:
-		return NT_STATUS_INVALID_PARAMETER;
-	}
+	return gensec_seal_packet(
+		sp_ctx->mech_ctx.gensec_security,
+		mem_ctx,
+		data->data, data->length,
+		full_data->data, full_data->length,
+		signature);
 }
 
 NTSTATUS spnego_unseal(TALLOC_CTX *mem_ctx,
@@ -381,15 +338,9 @@ NTSTATUS spnego_unseal(TALLOC_CTX *mem_ctx,
 			DATA_BLOB *data, DATA_BLOB *full_data,
 			DATA_BLOB *signature)
 {
-	switch(sp_ctx->mech) {
-	case SPNEGO_KRB5:
-	case SPNEGO_NTLMSSP:
-		return gensec_unseal_packet(
-			sp_ctx->mech_ctx.gensec_security,
-			data->data, data->length,
-			full_data->data, full_data->length,
-			signature);
-	default:
-		return NT_STATUS_INVALID_PARAMETER;
-	}
+	return gensec_unseal_packet(
+		sp_ctx->mech_ctx.gensec_security,
+		data->data, data->length,
+		full_data->data, full_data->length,
+		signature);
 }
diff --git a/source3/librpc/crypto/spnego.h b/source3/librpc/crypto/spnego.h
index 57396a63c5..5a63a7f9c4 100644
--- a/source3/librpc/crypto/spnego.h
+++ b/source3/librpc/crypto/spnego.h
@@ -72,7 +72,6 @@ NTSTATUS spnego_get_client_auth_token(TALLOC_CTX *mem_ctx,
 bool spnego_require_more_processing(struct spnego_context *sp_ctx);
 
 NTSTATUS spnego_get_negotiated_mech(struct spnego_context *sp_ctx,
-				    enum spnego_mech *type,
 				    struct gensec_security **auth_context);
 
 DATA_BLOB spnego_get_session_key(TALLOC_CTX *mem_ctx,
diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c
index ed0e0fe932..5a50f2b24a 100644
--- a/source3/librpc/rpc/dcerpc_helpers.c
+++ b/source3/librpc/rpc/dcerpc_helpers.c
@@ -268,7 +268,6 @@ NTSTATUS dcerpc_guess_sizes(struct pipe_auth_data *auth,
 	struct gensec_security *gensec_security;
 	struct schannel_state *schannel_auth;
 	struct spnego_context *spnego_ctx;
-	enum spnego_mech auth_type;
 	NTSTATUS status;
 
 	/* no auth token cases first */
@@ -303,8 +302,7 @@ NTSTATUS dcerpc_guess_sizes(struct pipe_auth_data *auth,
 	case DCERPC_AUTH_TYPE_SPNEGO:
 		spnego_ctx = talloc_get_type_abort(auth->auth_ctx,
 						   struct spnego_context);
-		status = spnego_get_negotiated_mech(spnego_ctx,
-						    &auth_type, &gensec_security);
+		status = spnego_get_negotiated_mech(spnego_ctx, &gensec_security);
 		if (!NT_STATUS_IS_OK(status)) {
 			return status;
 		}