diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-12-26 14:23:15 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-05 17:17:28 +0100 |
commit | 3042e38d519411e774e110b16a2eeeaef4b25a65 (patch) | |
tree | e8586dd2c248ad1091c36d52bf69e031201bd0f4 /source3/rpc_server | |
parent | 0c0c23f3fe6f7c55d69d6ca19f8252b12aa8fe5a (diff) | |
download | samba-3042e38d519411e774e110b16a2eeeaef4b25a65.tar.gz samba-3042e38d519411e774e110b16a2eeeaef4b25a65.tar.bz2 samba-3042e38d519411e774e110b16a2eeeaef4b25a65.zip |
s3-auth use gensec directly rather than via auth_generic_state
This is possible because the s3 gensec modules are started as
normal gensec modules, so we do not need a wrapper any more.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source3/rpc_server')
-rw-r--r-- | source3/rpc_server/dcesrv_auth_generic.c | 56 |
1 files changed, 24 insertions, 32 deletions
diff --git a/source3/rpc_server/dcesrv_auth_generic.c b/source3/rpc_server/dcesrv_auth_generic.c index dee3c16ca3..78d0d78ffa 100644 --- a/source3/rpc_server/dcesrv_auth_generic.c +++ b/source3/rpc_server/dcesrv_auth_generic.c @@ -35,10 +35,10 @@ NTSTATUS auth_generic_server_start(TALLOC_CTX *mem_ctx, const struct tsocket_address *remote_address, struct gensec_security **ctx) { - struct auth_generic_state *a = NULL; + struct gensec_security *gensec_security = NULL; NTSTATUS status; - status = auth_generic_prepare(talloc_tos(), remote_address, &a); + status = auth_generic_prepare(talloc_tos(), remote_address, &gensec_security); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, (__location__ ": auth_generic_prepare failed: %s\n", nt_errstr(status))); @@ -46,40 +46,36 @@ NTSTATUS auth_generic_server_start(TALLOC_CTX *mem_ctx, } if (do_sign) { - gensec_want_feature(a->gensec_security, GENSEC_FEATURE_SIGN); + gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN); } if (do_seal) { - gensec_want_feature(a->gensec_security, GENSEC_FEATURE_SIGN); - gensec_want_feature(a->gensec_security, GENSEC_FEATURE_SEAL); + gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN); + gensec_want_feature(gensec_security, GENSEC_FEATURE_SEAL); } if (is_dcerpc) { - gensec_want_feature(a->gensec_security, GENSEC_FEATURE_DCE_STYLE); + gensec_want_feature(gensec_security, GENSEC_FEATURE_DCE_STYLE); } - status = auth_generic_start(a, oid); + status = gensec_start_mech_by_oid(gensec_security, oid); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, (__location__ ": auth_generic_start failed: %s\n", nt_errstr(status))); + TALLOC_FREE(gensec_security); return status; } - status = gensec_update(a->gensec_security, mem_ctx, NULL, *token_in, token_out); + status = gensec_update(gensec_security, mem_ctx, NULL, *token_in, token_out); if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { DEBUG(2, (__location__ ": gensec_update failed: %s\n", nt_errstr(status))); - goto done; + TALLOC_FREE(gensec_security); + return status; } - /* steal gensec context too */ - *ctx = talloc_move(mem_ctx, &a->gensec_security); - - status = NT_STATUS_OK; - -done: - TALLOC_FREE(a); - - return status; + /* steal gensec context to the caller */ + *ctx = talloc_move(mem_ctx, &gensec_security); + return NT_STATUS_OK; } NTSTATUS auth_generic_server_authtype_start(TALLOC_CTX *mem_ctx, @@ -89,39 +85,35 @@ NTSTATUS auth_generic_server_authtype_start(TALLOC_CTX *mem_ctx, const struct tsocket_address *remote_address, struct gensec_security **ctx) { - struct auth_generic_state *a = NULL; + struct gensec_security *gensec_security = NULL; NTSTATUS status; - status = auth_generic_prepare(talloc_tos(), remote_address, &a); + status = auth_generic_prepare(talloc_tos(), remote_address, &gensec_security); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, (__location__ ": auth_generic_prepare failed: %s\n", nt_errstr(status))); return status; } - status = auth_generic_authtype_start(a, auth_type, auth_level); + status = gensec_start_mech_by_authtype(gensec_security, auth_type, auth_level); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, (__location__ ": auth_generic_start failed: %s\n", nt_errstr(status))); + TALLOC_FREE(gensec_security); return status; } - status = gensec_update(a->gensec_security, mem_ctx, NULL, *token_in, token_out); + status = gensec_update(gensec_security, mem_ctx, NULL, *token_in, token_out); if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { DEBUG(2, (__location__ ": gensec_update failed: %s\n", nt_errstr(status))); - goto done; + TALLOC_FREE(gensec_security); + return status; } - /* steal gensec context too */ - *ctx = talloc_move(mem_ctx, &a->gensec_security); - - status = NT_STATUS_OK; - -done: - TALLOC_FREE(a); - - return status; + /* steal gensec context to the caller */ + *ctx = talloc_move(mem_ctx, &gensec_security); + return NT_STATUS_OK; } NTSTATUS auth_generic_server_step(struct gensec_security *gensec_security, |