diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-12-26 14:23:15 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-05 17:17:28 +0100 |
commit | 3042e38d519411e774e110b16a2eeeaef4b25a65 (patch) | |
tree | e8586dd2c248ad1091c36d52bf69e031201bd0f4 /source3/smbd/smb2_sesssetup.c | |
parent | 0c0c23f3fe6f7c55d69d6ca19f8252b12aa8fe5a (diff) | |
download | samba-3042e38d519411e774e110b16a2eeeaef4b25a65.tar.gz samba-3042e38d519411e774e110b16a2eeeaef4b25a65.tar.bz2 samba-3042e38d519411e774e110b16a2eeeaef4b25a65.zip |
s3-auth use gensec directly rather than via auth_generic_state
This is possible because the s3 gensec modules are started as
normal gensec modules, so we do not need a wrapper any more.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source3/smbd/smb2_sesssetup.c')
-rw-r--r-- | source3/smbd/smb2_sesssetup.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 0a9edbc273..3878b76820 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -243,7 +243,7 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, status = NT_STATUS_NO_MEMORY; goto fail; } - session->compat_vuser->auth_ntlmssp_state = NULL; + session->compat_vuser->gensec_security = NULL; session->compat_vuser->homes_snum = -1; session->compat_vuser->session_info = session->session_info; session->compat_vuser->session_keystr = NULL; @@ -341,7 +341,7 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session, NTSTATUS status; /* Ensure we have no old NTLM state around. */ - TALLOC_FREE(session->auth_ntlmssp_state); + TALLOC_FREE(session->gensec_security); status = parse_spnego_mechanisms(talloc_tos(), in_security_buffer, &secblob_in, &kerb_mech); @@ -376,19 +376,19 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session, } else { /* Fall back to NTLMSSP. */ status = auth_generic_prepare(session, session->sconn->remote_address, - &session->auth_ntlmssp_state); + &session->gensec_security); if (!NT_STATUS_IS_OK(status)) { goto out; } - gensec_want_feature(session->auth_ntlmssp_state->gensec_security, GENSEC_FEATURE_SESSION_KEY); + gensec_want_feature(session->gensec_security, GENSEC_FEATURE_SESSION_KEY); - status = auth_generic_start(session->auth_ntlmssp_state, GENSEC_OID_NTLMSSP); + status = gensec_start_mech_by_oid(session->gensec_security, GENSEC_OID_NTLMSSP); if (!NT_STATUS_IS_OK(status)) { goto out; } - status = gensec_update(session->auth_ntlmssp_state->gensec_security, + status = gensec_update(session->gensec_security, talloc_tos(), NULL, secblob_in, &chal_out); @@ -453,7 +453,7 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s TALLOC_FREE(session); return NT_STATUS_NO_MEMORY; } - session->compat_vuser->auth_ntlmssp_state = session->auth_ntlmssp_state; + session->compat_vuser->gensec_security = session->gensec_security; session->compat_vuser->homes_snum = -1; session->compat_vuser->session_info = session->session_info; session->compat_vuser->session_keystr = NULL; @@ -560,18 +560,18 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session, data_blob_free(&secblob_in); } - if (session->auth_ntlmssp_state == NULL) { + if (session->gensec_security == NULL) { status = auth_generic_prepare(session, session->sconn->remote_address, - &session->auth_ntlmssp_state); + &session->gensec_security); if (!NT_STATUS_IS_OK(status)) { data_blob_free(&auth); TALLOC_FREE(session); return status; } - gensec_want_feature(session->auth_ntlmssp_state->gensec_security, GENSEC_FEATURE_SESSION_KEY); + gensec_want_feature(session->gensec_security, GENSEC_FEATURE_SESSION_KEY); - status = auth_generic_start(session->auth_ntlmssp_state, GENSEC_OID_NTLMSSP); + status = gensec_start_mech_by_oid(session->gensec_security, GENSEC_OID_NTLMSSP); if (!NT_STATUS_IS_OK(status)) { data_blob_free(&auth); TALLOC_FREE(session); @@ -579,14 +579,14 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session, } } - status = gensec_update(session->auth_ntlmssp_state->gensec_security, + status = gensec_update(session->gensec_security, talloc_tos(), NULL, auth, &auth_out); /* If status is NT_STATUS_OK then we need to get the token. * Map to guest is now internal to auth_ntlmssp */ if (NT_STATUS_IS_OK(status)) { - status = gensec_session_info(session->auth_ntlmssp_state->gensec_security, + status = gensec_session_info(session->gensec_security, session, &session->session_info); } @@ -635,20 +635,20 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session, *out_security_buffer = data_blob_null; - if (session->auth_ntlmssp_state == NULL) { + if (session->gensec_security == NULL) { status = auth_generic_prepare(session, session->sconn->remote_address, - &session->auth_ntlmssp_state); + &session->gensec_security); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(session); return status; } - gensec_want_feature(session->auth_ntlmssp_state->gensec_security, GENSEC_FEATURE_SESSION_KEY); + gensec_want_feature(session->gensec_security, GENSEC_FEATURE_SESSION_KEY); if (session->sconn->use_gensec_hook) { - status = auth_generic_start(session->auth_ntlmssp_state, GENSEC_OID_SPNEGO); + status = gensec_start_mech_by_oid(session->gensec_security, GENSEC_OID_SPNEGO); } else { - status = auth_generic_start(session->auth_ntlmssp_state, GENSEC_OID_NTLMSSP); + status = gensec_start_mech_by_oid(session->gensec_security, GENSEC_OID_NTLMSSP); } if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(session); @@ -657,7 +657,7 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session, } /* RAW NTLMSSP */ - status = gensec_update(session->auth_ntlmssp_state->gensec_security, + status = gensec_update(session->gensec_security, smb2req, NULL, in_security_buffer, out_security_buffer); @@ -667,7 +667,7 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session, return status; } - status = gensec_session_info(session->auth_ntlmssp_state->gensec_security, + status = gensec_session_info(session->gensec_security, session, &session->session_info); |