summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-12-26 14:23:15 +1100
committerStefan Metzmacher <metze@samba.org>2012-01-05 17:17:28 +0100
commit3042e38d519411e774e110b16a2eeeaef4b25a65 (patch)
treee8586dd2c248ad1091c36d52bf69e031201bd0f4 /source3/rpc_server
parent0c0c23f3fe6f7c55d69d6ca19f8252b12aa8fe5a (diff)
downloadsamba-3042e38d519411e774e110b16a2eeeaef4b25a65.tar.gz
samba-3042e38d519411e774e110b16a2eeeaef4b25a65.tar.bz2
samba-3042e38d519411e774e110b16a2eeeaef4b25a65.zip
s3-auth use gensec directly rather than via auth_generic_state
This is possible because the s3 gensec modules are started as normal gensec modules, so we do not need a wrapper any more. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/dcesrv_auth_generic.c56
1 files changed, 24 insertions, 32 deletions
diff --git a/source3/rpc_server/dcesrv_auth_generic.c b/source3/rpc_server/dcesrv_auth_generic.c
index dee3c16ca3..78d0d78ffa 100644
--- a/source3/rpc_server/dcesrv_auth_generic.c
+++ b/source3/rpc_server/dcesrv_auth_generic.c
@@ -35,10 +35,10 @@ NTSTATUS auth_generic_server_start(TALLOC_CTX *mem_ctx,
const struct tsocket_address *remote_address,
struct gensec_security **ctx)
{
- struct auth_generic_state *a = NULL;
+ struct gensec_security *gensec_security = NULL;
NTSTATUS status;
- status = auth_generic_prepare(talloc_tos(), remote_address, &a);
+ status = auth_generic_prepare(talloc_tos(), remote_address, &gensec_security);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, (__location__ ": auth_generic_prepare failed: %s\n",
nt_errstr(status)));
@@ -46,40 +46,36 @@ NTSTATUS auth_generic_server_start(TALLOC_CTX *mem_ctx,
}
if (do_sign) {
- gensec_want_feature(a->gensec_security, GENSEC_FEATURE_SIGN);
+ gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN);
}
if (do_seal) {
- gensec_want_feature(a->gensec_security, GENSEC_FEATURE_SIGN);
- gensec_want_feature(a->gensec_security, GENSEC_FEATURE_SEAL);
+ gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN);
+ gensec_want_feature(gensec_security, GENSEC_FEATURE_SEAL);
}
if (is_dcerpc) {
- gensec_want_feature(a->gensec_security, GENSEC_FEATURE_DCE_STYLE);
+ gensec_want_feature(gensec_security, GENSEC_FEATURE_DCE_STYLE);
}
- status = auth_generic_start(a, oid);
+ status = gensec_start_mech_by_oid(gensec_security, oid);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, (__location__ ": auth_generic_start failed: %s\n",
nt_errstr(status)));
+ TALLOC_FREE(gensec_security);
return status;
}
- status = gensec_update(a->gensec_security, mem_ctx, NULL, *token_in, token_out);
+ status = gensec_update(gensec_security, mem_ctx, NULL, *token_in, token_out);
if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
DEBUG(2, (__location__ ": gensec_update failed: %s\n",
nt_errstr(status)));
- goto done;
+ TALLOC_FREE(gensec_security);
+ return status;
}
- /* steal gensec context too */
- *ctx = talloc_move(mem_ctx, &a->gensec_security);
-
- status = NT_STATUS_OK;
-
-done:
- TALLOC_FREE(a);
-
- return status;
+ /* steal gensec context to the caller */
+ *ctx = talloc_move(mem_ctx, &gensec_security);
+ return NT_STATUS_OK;
}
NTSTATUS auth_generic_server_authtype_start(TALLOC_CTX *mem_ctx,
@@ -89,39 +85,35 @@ NTSTATUS auth_generic_server_authtype_start(TALLOC_CTX *mem_ctx,
const struct tsocket_address *remote_address,
struct gensec_security **ctx)
{
- struct auth_generic_state *a = NULL;
+ struct gensec_security *gensec_security = NULL;
NTSTATUS status;
- status = auth_generic_prepare(talloc_tos(), remote_address, &a);
+ status = auth_generic_prepare(talloc_tos(), remote_address, &gensec_security);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, (__location__ ": auth_generic_prepare failed: %s\n",
nt_errstr(status)));
return status;
}
- status = auth_generic_authtype_start(a, auth_type, auth_level);
+ status = gensec_start_mech_by_authtype(gensec_security, auth_type, auth_level);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, (__location__ ": auth_generic_start failed: %s\n",
nt_errstr(status)));
+ TALLOC_FREE(gensec_security);
return status;
}
- status = gensec_update(a->gensec_security, mem_ctx, NULL, *token_in, token_out);
+ status = gensec_update(gensec_security, mem_ctx, NULL, *token_in, token_out);
if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
DEBUG(2, (__location__ ": gensec_update failed: %s\n",
nt_errstr(status)));
- goto done;
+ TALLOC_FREE(gensec_security);
+ return status;
}
- /* steal gensec context too */
- *ctx = talloc_move(mem_ctx, &a->gensec_security);
-
- status = NT_STATUS_OK;
-
-done:
- TALLOC_FREE(a);
-
- return status;
+ /* steal gensec context to the caller */
+ *ctx = talloc_move(mem_ctx, &gensec_security);
+ return NT_STATUS_OK;
}
NTSTATUS auth_generic_server_step(struct gensec_security *gensec_security,