diff options
| author | Jeremy Allison <jra@samba.org> | 2007-04-18 00:34:10 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:19:27 -0500 |
| commit | 9812a7e32e515315302d3040a4145592640de7f7 (patch) | |
| tree | 0b8ae70050962dce88efe8bb90e64a4f8d3450a4 /source3/smbd | |
| parent | 8a210af339c116182790d039b93bfd60ce69028d (diff) | |
| download | samba-9812a7e32e515315302d3040a4145592640de7f7.tar.gz samba-9812a7e32e515315302d3040a4145592640de7f7.tar.bz2 samba-9812a7e32e515315302d3040a4145592640de7f7.zip | |
r22327: Finish the gss-spnego part of the seal code. Now
for testing....
Jeremy.
(This used to be commit 1c1f5360b67792f14b50835a2c5a4d4ac68aca8f)
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/seal.c | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c index 259aff014a..c6fab5f078 100644 --- a/source3/smbd/seal.c +++ b/source3/smbd/seal.c @@ -333,9 +333,12 @@ static NTSTATUS srv_enc_spnego_gss_negotiate(unsigned char **ppdata, size_t *p_d OM_uint32 flags = 0; gss_buffer_desc in_buf, out_buf; struct smb_tran_enc_state_gss *gss_state; + DATA_BLOB auth_reply = data_blob(NULL,0); + DATA_BLOB response = data_blob(NULL,0); + NTSTATUS status; if (!partial_srv_trans_enc_ctx) { - NTSTATUS status = make_srv_encryption_context(SMB_TRANS_ENC_GSS, &partial_srv_trans_enc_ctx); + status = make_srv_encryption_context(SMB_TRANS_ENC_GSS, &partial_srv_trans_enc_ctx); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -361,8 +364,9 @@ static NTSTATUS srv_enc_spnego_gss_negotiate(unsigned char **ppdata, size_t *p_d NULL, /* Ingore time. */ NULL); /* Ignore delegated creds. */ + status = gss_err_to_ntstatus(ret, min); if (ret != GSS_S_COMPLETE && ret != GSS_S_CONTINUE_NEEDED) { - return gss_err_to_ntstatus(ret, min); + return status; } /* Ensure we've got sign+seal available. */ @@ -376,20 +380,18 @@ static NTSTATUS srv_enc_spnego_gss_negotiate(unsigned char **ppdata, size_t *p_d } } - SAFE_FREE(*ppdata); - *ppdata = memdup(out_buf.value, out_buf.length); - if (!*ppdata) { - gss_release_buffer(&min, &out_buf); - return NT_STATUS_NO_MEMORY; - } - *p_data_size = out_buf.length; + auth_reply = data_blob(out_buf.value, out_buf.length); gss_release_buffer(&min, &out_buf); - if (ret != GSS_S_CONTINUE_NEEDED) { - return NT_STATUS_MORE_PROCESSING_REQUIRED; - } else { - return NT_STATUS_OK; - } + /* Wrap in SPNEGO. */ + response = spnego_gen_auth_response(&auth_reply, status, OID_KERBEROS5); + data_blob_free(&auth_reply); + + SAFE_FREE(*ppdata); + *ppdata = response.data; + *p_data_size = response.length; + + return status; } #endif |