r1294: A nice, large, commit...

This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.

This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal).  This causes
changes in all the existing gensec users.

Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.

Gensec has also taken over the role of auth/auth_ntlmssp.c

An important part of gensec, is the output of the 'session_info'
struct.  This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.

The schannel code is reworked, to be in the same file for client and
server.

ntlm_auth is reworked to use gensec.

The major problem with this code is the way it relies on subsystem
auto-initialisation.  The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.

There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
  valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.

Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)

10 files changed, 132 insertions, 633 deletions

diff --git a/source4/rpc_server/config.m4 b/source4/rpc_server/config.m4
index 3f64cdcf4b..73cae66456 100644
--- a/source4/rpc_server/config.m4
+++ b/source4/rpc_server/config.m4
@@ -3,6 +3,7 @@ dnl # DCERPC Server subsystem
 SMB_SUBSYSTEM_MK(DCERPC_COMMON,rpc_server/config.mk)
 
 SMB_SUBSYSTEM_MK(SAMDB,rpc_server/config.mk)
+SMB_SUBSYSTEM_MK(SCHANNELDB,rpc_server/config.mk)
 
 SMB_MODULE_MK(dcerpc_rpcecho,DCERPC,STATIC,rpc_server/config.mk)
 SMB_MODULE_MK(dcerpc_epmapper,DCERPC,STATIC,rpc_server/config.mk)
diff --git a/source4/rpc_server/config.mk b/source4/rpc_server/config.mk
index 9d9f12d9aa..dbe8b8344e 100644
--- a/source4/rpc_server/config.mk
+++ b/source4/rpc_server/config.mk
@@ -19,12 +19,22 @@ INIT_OBJ_FILES = \
 ADD_OBJ_FILES = \
 		rpc_server/samr/samr_utils.o
 REQUIRED_SUBSYSTEMS = \
+		DCERPC_COMMON \
 		LIBLDB
 #
 # End SUBSYSTEM SAMDB
 ################################################
 
 ################################################
+# Start SUBSYSTEM SCHANNELDB
+[SUBSYSTEM::SCHANNELDB]
+INIT_OBJ_FILES = \
+		rpc_server/netlogon/schannel_state.o
+#
+# End SUBSYSTEM SCHANNELDB
+################################################
+
+################################################
 # Start MODULE dcerpc_rpcecho
 [MODULE::dcerpc_rpcecho]
 INIT_OBJ_FILES = \
@@ -98,10 +108,9 @@ REQUIRED_SUBSYSTEMS = \
 [MODULE::dcerpc_netlogon]
 INIT_OBJ_FILES = \
 		rpc_server/netlogon/dcerpc_netlogon.o
-ADD_OBJ_FILES = \
-		rpc_server/netlogon/schannel_state.o
 REQUIRED_SUBSYSTEMS = \
-		DCERPC_COMMON
+		DCERPC_COMMON \
+		SCHANNELDB
 # End MODULE dcerpc_netlogon
 ################################################
 
@@ -135,10 +144,9 @@ INIT_OBJ_FILES = \
 ADD_OBJ_FILES = \
 		rpc_server/dcerpc_tcp.o \
 		rpc_server/dcesrv_auth.o \
-		rpc_server/dcesrv_crypto.o \
-		rpc_server/dcesrv_crypto_ntlmssp.o \
-		rpc_server/dcesrv_crypto_schannel.o \
 		rpc_server/handles.o
+REQUIRED_SUBSYSTEMS = \
+		LIBCLI_AUTH
 #
 # End SUBSYSTEM DCERPC
 ################################################
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index 90ebaf285c..e5c4c120a5 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -146,9 +146,9 @@ static struct dcesrv_call_state *dcesrv_find_call(struct dcesrv_connection *dce_
   register an interface on an endpoint
 */
 NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx,
-				const char *ep_name,
-				const struct dcesrv_interface *iface,
-				const struct security_descriptor *sd)
+				   const char *ep_name,
+				   const struct dcesrv_interface *iface,
+				   const struct security_descriptor *sd)
 {
 	struct dcesrv_ep_description ep_description;
 	struct dcesrv_endpoint *ep;
@@ -269,8 +269,7 @@ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
 	(*p)->handles = NULL;
 	(*p)->partial_input = data_blob(NULL, 0);
 	(*p)->auth_state.auth_info = NULL;
-	(*p)->auth_state.crypto_ctx.private_data = NULL;
-	(*p)->auth_state.crypto_ctx.ops = NULL;
+	(*p)->auth_state.gensec_security = NULL;
 	(*p)->auth_state.session_info = NULL;
 
 	return NT_STATUS_OK;
@@ -298,6 +297,7 @@ NTSTATUS dcesrv_endpoint_search_connect(struct dcesrv_context *dce_ctx,
 		return status;
 	}
 
+	session_info->refcount++;
 	(*dce_conn_p)->auth_state.session_info = session_info;
 
 	/* TODO: check security descriptor of the endpoint here 
@@ -323,8 +323,12 @@ void dcesrv_endpoint_disconnect(struct dcesrv_connection *p)
 		dcesrv_handle_destroy(p, p->handles);
 	}
 
-	if (p->auth_state.crypto_ctx.ops) {
-		p->auth_state.crypto_ctx.ops->end(&p->auth_state);
+	if (p->auth_state.gensec_security) {
+		gensec_end(&p->auth_state.gensec_security);
+	}
+
+	if (p->auth_state.session_info) {
+		free_session_info(&p->auth_state.session_info);
 	}
 
 	talloc_destroy(p->mem_ctx);
@@ -1027,7 +1031,7 @@ static int num_ep_servers;
 
   The 'type' is used to specify whether this is for a disk, printer or IPC$ share
 */
-static NTSTATUS dcerpc_register_ep_server(void *_ep_server)
+static NTSTATUS dcerpc_register_ep_server(const void *_ep_server)
 {
 	const struct dcesrv_endpoint_server *ep_server = _ep_server;
 	
diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h
index 3ad768b32e..b1754dd4a3 100644
--- a/source4/rpc_server/dcerpc_server.h
+++ b/source4/rpc_server/dcerpc_server.h
@@ -94,31 +94,10 @@ struct dcesrv_handle {
 	void (*destroy)(struct dcesrv_connection *, struct dcesrv_handle *);
 };
 
-struct dcesrv_crypto_ops {
-	const char *name;
-	uint8 auth_type;
-	NTSTATUS (*start)(struct dcesrv_auth *auth, DATA_BLOB *auth_blob);
-	NTSTATUS (*update)(struct dcesrv_auth *auth, TALLOC_CTX *out_mem_ctx,
-				const DATA_BLOB in, DATA_BLOB *out);
-	NTSTATUS (*seal)(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-				uint8_t *data, size_t length, DATA_BLOB *sig);
-	NTSTATUS (*sign)(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-				const uint8_t *data, size_t length, DATA_BLOB *sig);
-	NTSTATUS (*check_sig)(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx, 
-				const uint8_t *data, size_t length, const DATA_BLOB *sig);
-	NTSTATUS (*unseal)(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-				uint8_t *data, size_t length, DATA_BLOB *sig);
-	NTSTATUS (*session_key)(struct dcesrv_auth *auth, uint8_t session_key[16]);
-	void (*end)(struct dcesrv_auth *auth);
-};
-
 /* hold the authentication state information */
 struct dcesrv_auth {
 	struct dcerpc_auth *auth_info;
-	struct {
-		void *private_data;
-		const struct dcesrv_crypto_ops *ops;
-	} crypto_ctx;
+	struct gensec_security *gensec_security;
 	struct auth_session_info *session_info;
 };
 
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index 26053b47b9..84a5460d68 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -4,6 +4,7 @@
    server side dcerpc authentication code
 
    Copyright (C) Andrew Tridgell 2003
+   Copyright (C) Stefan (metze) Metzmacher 2004
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -23,6 +24,48 @@
 #include "includes.h"
 
 /*
+  startup the cryptographic side of an authenticated dcerpc server
+*/
+NTSTATUS dcesrv_crypto_select_type(struct dcesrv_connection *dce_conn,
+			       struct dcesrv_auth *auth)
+{
+	NTSTATUS status;
+	if (auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_INTEGRITY &&
+	    auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_PRIVACY) {
+		DEBUG(2,("auth_level %d not supported in dcesrv auth\n", 
+			 auth->auth_info->auth_level));
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	if (auth->gensec_security != NULL) {
+		/* TODO:
+		 * this this function should not be called
+		 * twice per dcesrv_connection!
+		 * 
+		 * so we need to find out the right
+		 * dcerpc error to return
+		 */
+	}
+
+	status = gensec_server_start(&auth->gensec_security);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
+		return status;
+	}
+
+	status = gensec_start_mech_by_authtype(auth->gensec_security, auth->auth_info->auth_type);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(1, ("Failed to start GENSEC mech-specific server code (%d): %s\n", 
+			  (int)auth->auth_info->auth_type,
+			  nt_errstr(status)));
+		return status;
+	}
+
+	return status;
+}
+
+/*
   parse any auth information from a dcerpc bind request
   return False if we can't handle the auth request for some 
   reason (in which case we send a bind_nak)
@@ -56,40 +99,43 @@ BOOL dcesrv_auth_bind(struct dcesrv_call_state *call)
 		return False;
 	}
 
-	status = dcesrv_crypto_start(&dce_conn->auth_state, &dce_conn->auth_state.auth_info->credentials);
-	if (!NT_STATUS_IS_OK(status)) {
-		return False;
-	}
-
 	return True;
 }
 
 /*
-  add any auth information needed in a bind ack
+  add any auth information needed in a bind ack, and process the authentication
+  information found in the bind.
 */
 BOOL dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct dcerpc_packet *pkt)
 {
 	struct dcesrv_connection *dce_conn = call->conn;
 	NTSTATUS status;
 
-	if (!call->conn->auth_state.crypto_ctx.ops) {
+	if (!call->conn->auth_state.gensec_security) {
 		return True;
 	}
 
-	status = dcesrv_crypto_update(&dce_conn->auth_state,
-				      call->mem_ctx,
-				      dce_conn->auth_state.auth_info->credentials, 
-				      &dce_conn->auth_state.auth_info->credentials);
-	if (!NT_STATUS_IS_OK(status) && 
-	    !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+	status = gensec_update(dce_conn->auth_state.gensec_security,
+			       call->mem_ctx,
+			       dce_conn->auth_state.auth_info->credentials, 
+			       &dce_conn->auth_state.auth_info->credentials);
+	
+	if (NT_STATUS_IS_OK(status)) {
+		status = gensec_session_info(dce_conn->auth_state.gensec_security,
+					     &dce_conn->auth_state.session_info);
+		if (!NT_STATUS_IS_OK(status)) {
+			DEBUG(1, ("Failed to establish session_info: %s\n", nt_errstr(status)));
+			return False;
+		}
+		return True;
+	} else if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+		dce_conn->auth_state.auth_info->auth_pad_length = 0;
+		dce_conn->auth_state.auth_info->auth_reserved = 0;
+		return True;
+	} else {
 		DEBUG(2, ("Failed to start dcesrv auth negotiate: %s\n", nt_errstr(status)));
 		return False;
 	}
-
-	dce_conn->auth_state.auth_info->auth_pad_length = 0;
-	dce_conn->auth_state.auth_info->auth_reserved = 0;
-				     
-	return True;
 }
 
 
@@ -103,7 +149,7 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call)
 	NTSTATUS status;
 
 	if (!dce_conn->auth_state.auth_info ||
-	    !dce_conn->auth_state.crypto_ctx.ops ||
+	    !dce_conn->auth_state.gensec_security ||
 	    pkt->u.auth.auth_info.length == 0) {
 		return False;
 	}
@@ -116,11 +162,19 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call)
 		return False;
 	}
 
-	status = dcesrv_crypto_update(&dce_conn->auth_state,
-				      call->mem_ctx,
-				      dce_conn->auth_state.auth_info->credentials, 
-				      &dce_conn->auth_state.auth_info->credentials);
-	if (!NT_STATUS_IS_OK(status)) {
+	status = gensec_update(dce_conn->auth_state.gensec_security,
+			       call->mem_ctx,
+			       dce_conn->auth_state.auth_info->credentials, 
+			       &dce_conn->auth_state.auth_info->credentials);
+	if (NT_STATUS_IS_OK(status)) {
+		status = gensec_session_info(dce_conn->auth_state.gensec_security,
+					     &dce_conn->auth_state.session_info);
+		if (!NT_STATUS_IS_OK(status)) {
+			DEBUG(1, ("Failed to establish session_info: %s\n", nt_errstr(status)));
+			return False;
+		}
+		return True;
+	} else {
 		DEBUG(4, ("dcesrv_auth_auth3: failed to authenticate: %s\n", 
 			  nt_errstr(status)));
 		return False;
@@ -143,7 +197,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call)
 	NTSTATUS status;
 
 	if (!dce_conn->auth_state.auth_info ||
-	    !dce_conn->auth_state.crypto_ctx.ops) {
+	    !dce_conn->auth_state.gensec_security) {
 		return True;
 	}
 
@@ -177,7 +231,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call)
 	/* check signature or unseal the packet */
 	switch (dce_conn->auth_state.auth_info->auth_level) {
 	case DCERPC_AUTH_LEVEL_PRIVACY:
-		status = dcesrv_crypto_unseal(&dce_conn->auth_state,
+		status = gensec_unseal_packet(dce_conn->auth_state.gensec_security,
 					      call->mem_ctx,
 					      pkt->u.request.stub_and_verifier.data, 
 					      pkt->u.request.stub_and_verifier.length, 
@@ -185,11 +239,11 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call)
 		break;
 
 	case DCERPC_AUTH_LEVEL_INTEGRITY:
-		status = dcesrv_crypto_check_sig(&dce_conn->auth_state,
-						 call->mem_ctx,
-						 pkt->u.request.stub_and_verifier.data, 
-						 pkt->u.request.stub_and_verifier.length,
-						 &auth.credentials);
+		status = gensec_check_packet(dce_conn->auth_state.gensec_security,
+					     call->mem_ctx,
+					     pkt->u.request.stub_and_verifier.data, 
+					     pkt->u.request.stub_and_verifier.length,
+					     &auth.credentials);
 		break;
 
 	default:
@@ -218,7 +272,7 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
 	struct ndr_push *ndr;
 
 	/* non-signed packets are simple */
-	if (!dce_conn->auth_state.auth_info || !dce_conn->auth_state.crypto_ctx.ops) {
+	if (!dce_conn->auth_state.auth_info || !dce_conn->auth_state.gensec_security) {
 		status = dcerpc_push_auth(blob, call->mem_ctx, pkt, NULL);
 		return NT_STATUS_IS_OK(status);
 	}
@@ -244,15 +298,15 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
 	/* sign or seal the packet */
 	switch (dce_conn->auth_state.auth_info->auth_level) {
 	case DCERPC_AUTH_LEVEL_PRIVACY:
-		status = dcesrv_crypto_seal(&dce_conn->auth_state, 
-					    call->mem_ctx,
-					    ndr->data + DCERPC_REQUEST_LENGTH, 
-					    ndr->offset - DCERPC_REQUEST_LENGTH,
-					    &dce_conn->auth_state.auth_info->credentials);
+		status = gensec_seal_packet(dce_conn->auth_state.gensec_security, 
+					      call->mem_ctx,
+					      ndr->data + DCERPC_REQUEST_LENGTH, 
+					      ndr->offset - DCERPC_REQUEST_LENGTH,
+					      &dce_conn->auth_state.auth_info->credentials);
 		break;
 
 	case DCERPC_AUTH_LEVEL_INTEGRITY:
-		status = dcesrv_crypto_sign(&dce_conn->auth_state, 
+		status = gensec_sign_packet(dce_conn->auth_state.gensec_security, 
 					    call->mem_ctx,
 					    ndr->data + DCERPC_REQUEST_LENGTH, 
 					    ndr->offset - DCERPC_REQUEST_LENGTH,
diff --git a/source4/rpc_server/dcesrv_crypto.c b/source4/rpc_server/dcesrv_crypto.c
deleted file mode 100644
index 7765815f3b..0000000000
--- a/source4/rpc_server/dcesrv_crypto.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* 
-   Unix SMB/CIFS implementation.
-
-   server side dcerpc authentication code - crypto support
-
-   Copyright (C) Andrew Tridgell 2004
-   Copyright (C) Stefan (metze) Metzmacher 2004
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
-   (at your option) any later version.
-   
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-   
-   You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-/*
-  this provides a crypto interface to the various backends (such as
-  NTLMSSP and SCHANNEL) for the rpc server code
-*/
-
-#include "includes.h"
-
-/*
-  startup the cryptographic side of an authenticated dcerpc server
-*/
-NTSTATUS dcesrv_crypto_select_type(struct dcesrv_connection *dce_conn,
-			       struct dcesrv_auth *auth)
-{
-	if (auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_INTEGRITY &&
-	    auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_PRIVACY) {
-		DEBUG(2,("auth_level %d not supported in dcesrv auth\n", 
-			 auth->auth_info->auth_level));
-		return NT_STATUS_INVALID_PARAMETER;
-	}
-
-	if (auth->crypto_ctx.ops != NULL) {
-		/* TODO:
-		 * this this function should not be called
-		 * twice per dcesrv_connection!
-		 * 
-		 * so we need to find out the right
-		 * dcerpc error to return
-		 */
-	}
-
-	/*
-	 * TODO:
-	 * maybe a dcesrv_crypto_find_backend_by_type() whould be better here
-	 * to make thinks more generic
-	 */
-	auth->crypto_ctx.ops = dcesrv_crypto_backend_bytype(auth->auth_info->auth_type);
-	if (auth->crypto_ctx.ops == NULL) {
-		DEBUG(2,("dcesrv auth_type %d not supported\n", auth->auth_info->auth_type));
-		return NT_STATUS_INVALID_PARAMETER;
-	}
-
-	return NT_STATUS_OK;
-}
-
-/*
-  start crypto state
-*/
-NTSTATUS dcesrv_crypto_start(struct dcesrv_auth *auth, DATA_BLOB *auth_blob) 
-{
-	return auth->crypto_ctx.ops->start(auth, auth_blob);
-}
-
-/*
-  update crypto state
-*/
-NTSTATUS dcesrv_crypto_update(struct dcesrv_auth *auth, 
-			      TALLOC_CTX *out_mem_ctx, 
-			      const DATA_BLOB in, DATA_BLOB *out) 
-{
-	return auth->crypto_ctx.ops->update(auth, out_mem_ctx, in, out);
-}
-
-/*
-  seal a packet
-*/
-NTSTATUS dcesrv_crypto_seal(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-				uint8_t *data, size_t length, DATA_BLOB *sig)
-{
-	return auth->crypto_ctx.ops->seal(auth, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  sign a packet
-*/
-NTSTATUS dcesrv_crypto_sign(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-				const uint8_t *data, size_t length, DATA_BLOB *sig) 
-{
-	return auth->crypto_ctx.ops->sign(auth, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  check a packet signature
-*/
-NTSTATUS dcesrv_crypto_check_sig(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-				const uint8_t *data, size_t length, const DATA_BLOB *sig)
-{
-	return auth->crypto_ctx.ops->check_sig(auth, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  unseal a packet
-*/
-NTSTATUS dcesrv_crypto_unseal(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-				uint8_t *data, size_t length, DATA_BLOB *sig)
-{
-	return auth->crypto_ctx.ops->unseal(auth, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  get the negotiated session key
-*/
-NTSTATUS dcesrv_crypto_session_key(struct dcesrv_auth *auth, uint8_t session_key[16])
-{
-	return auth->crypto_ctx.ops->session_key(auth, session_key);
-}
-
-/*
-  end crypto state
-*/
-void dcesrv_crypto_end(struct dcesrv_auth *auth) 
-{
-	auth->crypto_ctx.ops->end(auth);
-}
-
-const struct dcesrv_crypto_ops *dcesrv_crypto_backend_bytype(uint8_t auth_type)
-{
-	switch (auth_type) {
-		case DCERPC_AUTH_TYPE_SCHANNEL:
-			return dcesrv_crypto_schannel_get_ops();
-		case DCERPC_AUTH_TYPE_NTLMSSP:
-			return dcesrv_crypto_ntlmssp_get_ops();
-	}
-
-	return NULL;
-}
diff --git a/source4/rpc_server/dcesrv_crypto_ntlmssp.c b/source4/rpc_server/dcesrv_crypto_ntlmssp.c
deleted file mode 100644
index 35029a0fee..0000000000
--- a/source4/rpc_server/dcesrv_crypto_ntlmssp.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/* 
-   Unix SMB/CIFS implementation.
-
-   server side dcerpc authentication code - NTLMSSP auth/crypto code
-
-   Copyright (C) Andrew Tridgell 2004
-   Copyright (C) Stefan (metze) Metzmacher 2004
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
-   (at your option) any later version.
-   
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-   
-   You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-/*
-  this provides the NTLMSSP backend for server side rpc
-*/
-
-#include "includes.h"
-
-
-/*
-  start crypto state
-*/
-static NTSTATUS dcesrv_crypto_ntlmssp_start(struct dcesrv_auth *auth, DATA_BLOB *auth_blob)
-{
-	struct auth_ntlmssp_state *ntlmssp = NULL;
-	NTSTATUS status;
-
-	/* the auth_blob is ignored here, and is handled in the call
-	   to auth_ntlmssp_update() */
-	
-	status = auth_ntlmssp_start(&ntlmssp);
-
-	auth->crypto_ctx.private_data = ntlmssp;
-
-	return status;
-}
-
-/*
-  update crypto state
-*/
-static NTSTATUS dcesrv_crypto_ntlmssp_update(struct dcesrv_auth *auth, TALLOC_CTX *out_mem_ctx, 
-						const DATA_BLOB in, DATA_BLOB *out) 
-{
-	struct auth_ntlmssp_state *auth_ntlmssp_state = auth->crypto_ctx.private_data;
-	NTSTATUS status;
-
-	status = auth_ntlmssp_update(auth_ntlmssp_state, out_mem_ctx, in, out);
-	if (NT_STATUS_IS_OK(status)) {
-		/* TODO: what is when the session_info is already set */
-		return auth_ntlmssp_get_session_info(auth_ntlmssp_state, &auth->session_info);
-	}
-
-	return status;
-}
-
-/*
-  seal a packet
-*/
-static NTSTATUS dcesrv_crypto_ntlmssp_seal(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-						uint8_t *data, size_t length, DATA_BLOB *sig)
-{
-	struct auth_ntlmssp_state *auth_ntlmssp_state = auth->crypto_ctx.private_data;
-
-	return ntlmssp_seal_packet(auth_ntlmssp_state->ntlmssp_state, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  sign a packet
-*/
-static NTSTATUS dcesrv_crypto_ntlmssp_sign(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-						const uint8_t *data, size_t length, DATA_BLOB *sig) 
-{
-	struct auth_ntlmssp_state *auth_ntlmssp_state = auth->crypto_ctx.private_data;
-
-	return ntlmssp_sign_packet(auth_ntlmssp_state->ntlmssp_state, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  check a packet signature
-*/
-static NTSTATUS dcesrv_crypto_ntlmssp_check_sig(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-						const uint8_t *data, size_t length, const DATA_BLOB *sig)
-{
-	struct auth_ntlmssp_state *auth_ntlmssp_state = auth->crypto_ctx.private_data;
-
-	return ntlmssp_check_packet(auth_ntlmssp_state->ntlmssp_state, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  unseal a packet
-*/
-static NTSTATUS dcesrv_crypto_ntlmssp_unseal(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-						uint8_t *data, size_t length, DATA_BLOB *sig)
-{
-	struct auth_ntlmssp_state *auth_ntlmssp_state = auth->crypto_ctx.private_data;
-
-	return ntlmssp_unseal_packet(auth_ntlmssp_state->ntlmssp_state, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  get the session key
-*/
-static NTSTATUS dcesrv_crypto_ntlmssp_session_key(struct dcesrv_auth *auth, uint8_t session_key[16])
-{
-	struct auth_ntlmssp_state *auth_ntlmssp_state = auth->crypto_ctx.private_data;
-
-	if (auth_ntlmssp_state->ntlmssp_state->session_key.length != 16) {
-		return NT_STATUS_NO_USER_SESSION_KEY;
-	}
-	memcpy(session_key, auth_ntlmssp_state->ntlmssp_state->session_key.data, 16);
-
-	return NT_STATUS_OK;
-}
-
-/*
-  end crypto state
-*/
-static void dcesrv_crypto_ntlmssp_end(struct dcesrv_auth *auth)
-{
-	struct auth_ntlmssp_state *auth_ntlmssp_state = auth->crypto_ctx.private_data;
-
-	auth->crypto_ctx.private_data = NULL;
-
-	auth_ntlmssp_end(&auth_ntlmssp_state);
-
-	return;
-}
-
-static const struct dcesrv_crypto_ops dcesrv_crypto_ntlmssp_ops = {
-	.name		= "ntlmssp",
-	.auth_type	= DCERPC_AUTH_TYPE_NTLMSSP,
-	.start 		= dcesrv_crypto_ntlmssp_start,
-	.update 	= dcesrv_crypto_ntlmssp_update,
-	.seal 		= dcesrv_crypto_ntlmssp_seal,
-	.sign		= dcesrv_crypto_ntlmssp_sign,
-	.check_sig	= dcesrv_crypto_ntlmssp_check_sig,
-	.unseal		= dcesrv_crypto_ntlmssp_unseal,
-	.session_key	= dcesrv_crypto_ntlmssp_session_key,
-	.end		= dcesrv_crypto_ntlmssp_end
-};
-
-/*
-  startup the cryptographic side of an authenticated dcerpc server
-*/
-const struct dcesrv_crypto_ops *dcesrv_crypto_ntlmssp_get_ops(void)
-{
-	return &dcesrv_crypto_ntlmssp_ops;
-}
diff --git a/source4/rpc_server/dcesrv_crypto_schannel.c b/source4/rpc_server/dcesrv_crypto_schannel.c
deleted file mode 100644
index 5da1a171f9..0000000000
--- a/source4/rpc_server/dcesrv_crypto_schannel.c
+++ /dev/null
@@ -1,239 +0,0 @@
-/* 
-   Unix SMB/CIFS implementation.
-
-   server side dcerpc authentication code - schannel auth/crypto code
-
-   Copyright (C) Andrew Tridgell 2004
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
-   (at your option) any later version.
-   
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-   
-   You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-struct srv_schannel_state {
-	TALLOC_CTX *mem_ctx;
-	struct schannel_bind bind_info;
-	struct schannel_state *state;
-};
-
-static NTSTATUS schannel_setup_session_info(struct srv_schannel_state *schannel, 
-					    const char *account_name, 
-					    struct auth_session_info **session_info)
-{
-	TALLOC_CTX *mem_ctx;
-
-	mem_ctx = talloc_init("schannel_setup");
-	if (mem_ctx == NULL) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	(*session_info) = talloc_p(mem_ctx, struct auth_session_info);
-	if (*session_info == NULL) {
-		talloc_destroy(mem_ctx);
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	ZERO_STRUCTP(*session_info);
-	
-	(*session_info)->workstation = talloc_strdup(mem_ctx, account_name);
-	if ((*session_info)->workstation == NULL) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	/* TODO: fill in the rest of the session_info structure */
-
-	return NT_STATUS_OK;
-}
-
-
-/*
-  start crypto state
-*/
-static NTSTATUS dcesrv_crypto_schannel_start(struct dcesrv_auth *auth, DATA_BLOB *auth_blob)
-{
-	struct srv_schannel_state *schannel = NULL;
-	NTSTATUS status;
-	TALLOC_CTX *mem_ctx;
-	const char *account_name;
-	struct schannel_bind_ack ack;
-	struct creds_CredentialState creds;
-
-	mem_ctx = talloc_init("schannel_start");
-	if (!mem_ctx) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	schannel = talloc_p(mem_ctx, struct srv_schannel_state);
-	if (!schannel) {
-		talloc_destroy(mem_ctx);
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	schannel->mem_ctx = mem_ctx;
-
-	/* parse the schannel startup blob */
-	status = ndr_pull_struct_blob(auth_blob, mem_ctx, &schannel->bind_info, 
-				      (ndr_pull_flags_fn_t)ndr_pull_schannel_bind);
-	if (!NT_STATUS_IS_OK(status)) {
-		talloc_destroy(mem_ctx);
-		return status;
-	}
-
-	if (schannel->bind_info.bind_type == 23) {
-		account_name = schannel->bind_info.u.info23.account_name;
-	} else {
-		account_name = schannel->bind_info.u.info3.account_name;
-	}
-
-	/* pull the session key for this client */
-	status = schannel_fetch_session_key(mem_ctx, account_name, &creds);
-	if (!NT_STATUS_IS_OK(status)) {
-		talloc_destroy(mem_ctx);
-		return status;
-	}
-
-	/* start up the schannel server code */
-	status = schannel_start(&schannel->state, creds.session_key, False);
-	if (!NT_STATUS_IS_OK(status)) {
-		talloc_destroy(mem_ctx);
-		return status;
-	}
-
-	status = schannel_setup_session_info(schannel, account_name, 
-					     &auth->session_info);
-	if (!NT_STATUS_IS_OK(status)) {
-		talloc_destroy(mem_ctx);
-		return status;
-	}
-
-	auth->crypto_ctx.private_data = schannel;
-
-	ack.unknown1 = 1;
-	ack.unknown2 = 0;
-	ack.unknown3 = 0x6c0000;
-
-	status = ndr_push_struct_blob(auth_blob, mem_ctx, &ack, 
-				      (ndr_push_flags_fn_t)ndr_push_schannel_bind_ack);
-	if (!NT_STATUS_IS_OK(status)) {
-		talloc_destroy(mem_ctx);
-		return NT_STATUS_INVALID_PARAMETER;
-	}
-
-	return status;
-}
-
-/*
-  update crypto state
-*/
-static NTSTATUS dcesrv_crypto_schannel_update(struct dcesrv_auth *auth, TALLOC_CTX *out_mem_ctx, 
-						const DATA_BLOB in, DATA_BLOB *out) 
-{
-	return NT_STATUS_OK;
-}
-
-/*
-  seal a packet
-*/
-static NTSTATUS dcesrv_crypto_schannel_seal(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-						uint8_t *data, size_t length, DATA_BLOB *sig)
-{
-	struct srv_schannel_state *srv_schannel_state = auth->crypto_ctx.private_data;
-
-	return schannel_seal_packet(srv_schannel_state->state, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  sign a packet
-*/
-static NTSTATUS dcesrv_crypto_schannel_sign(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-					    const uint8_t *data, size_t length, DATA_BLOB *sig) 
-{
-	struct srv_schannel_state *srv_schannel_state = auth->crypto_ctx.private_data;
-
-	return schannel_sign_packet(srv_schannel_state->state, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  check a packet signature
-*/
-static NTSTATUS dcesrv_crypto_schannel_check_sig(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-						const uint8_t *data, size_t length, const DATA_BLOB *sig)
-{
-	struct srv_schannel_state *srv_schannel_state = auth->crypto_ctx.private_data;
-
-	return schannel_check_packet(srv_schannel_state->state, data, length, sig);
-}
-
-/*
-  unseal a packet
-*/
-static NTSTATUS dcesrv_crypto_schannel_unseal(struct dcesrv_auth *auth, TALLOC_CTX *sig_mem_ctx,
-						uint8_t *data, size_t length, DATA_BLOB *sig)
-{
-	struct srv_schannel_state *srv_schannel_state = auth->crypto_ctx.private_data;
-
-	return schannel_unseal_packet(srv_schannel_state->state, sig_mem_ctx, data, length, sig);
-}
-
-/*
-  get the session key
-*/
-static NTSTATUS dcesrv_crypto_schannel_session_key(struct dcesrv_auth *auth, uint8_t session_key[16])
-{
-	struct srv_schannel_state *srv_schannel_state = auth->crypto_ctx.private_data;
-
-	memcpy(session_key, srv_schannel_state->state->session_key, 16);
-
-	return NT_STATUS_OK;
-}
-
-/*
-  end crypto state
-*/
-static void dcesrv_crypto_schannel_end(struct dcesrv_auth *auth)
-{
-	struct srv_schannel_state *srv_schannel_state = auth->crypto_ctx.private_data;
-
-	if (srv_schannel_state == NULL) {
-		return;
-	}
-
-	schannel_end(&srv_schannel_state->state);
-
-	talloc_destroy(srv_schannel_state->mem_ctx);
-
-	auth->crypto_ctx.private_data = NULL;
-}
-
-static const struct dcesrv_crypto_ops dcesrv_crypto_schannel_ops = {
-	.name		= "schannel",
-	.auth_type	= DCERPC_AUTH_TYPE_SCHANNEL,
-	.start 		= dcesrv_crypto_schannel_start,
-	.update 	= dcesrv_crypto_schannel_update,
-	.seal 		= dcesrv_crypto_schannel_seal,
-	.sign		= dcesrv_crypto_schannel_sign,
-	.check_sig	= dcesrv_crypto_schannel_check_sig,
-	.unseal		= dcesrv_crypto_schannel_unseal,
-	.session_key	= dcesrv_crypto_schannel_session_key,
-	.end		= dcesrv_crypto_schannel_end
-};
-
-/*
-  startup the cryptographic side of an authenticated dcerpc server
-*/
-const struct dcesrv_crypto_ops *dcesrv_crypto_schannel_get_ops(void)
-{
-	return &dcesrv_crypto_schannel_ops;
-}
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 80bbb6b583..7eb4c0e815 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -58,21 +58,15 @@ static NTSTATUS netlogon_schannel_setup(struct dcesrv_call_state *dce_call)
 	state->mem_ctx = mem_ctx;
 	state->authenticated = True;
 	
-	state->creds = talloc_p(mem_ctx, struct creds_CredentialState);
-	if (state->creds == NULL) {
-		talloc_destroy(mem_ctx);
-		return NT_STATUS_NO_MEMORY;
-	}
-	ZERO_STRUCTP(state->creds);
-	
 	if (dce_call->conn->auth_state.session_info == NULL) {
 		talloc_destroy(mem_ctx);
 		return NT_STATUS_NO_USER_SESSION_KEY;
 	}
 	
-	status = schannel_fetch_session_key(mem_ctx, 
-					    dce_call->conn->auth_state.session_info->workstation, 
-					    state->creds);
+	status = dcerpc_schannel_creds(dce_call->conn->auth_state.gensec_security, 
+				       mem_ctx, 
+				       &state->creds);
+
 	if (!NT_STATUS_IS_OK(status)) {
 		talloc_destroy(mem_ctx);
 		return status;
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 988c52e4ee..f1947022a2 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -693,7 +693,7 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
 {
 	char new_pass[512];
 	uint32_t new_pass_len;
-	DATA_BLOB session_key; 
+	DATA_BLOB session_key = data_blob(NULL, 0);
 
 	session_key = data_blob(NULL,0);
 
@@ -703,7 +703,7 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
 
 	if (session_key.length == 0) {
 		DEBUG(3,("Bad session key in samr_set_password\n"));
-		return NT_STATUS_WRONG_PASSWORD;
+		return NT_STATUS_NO_USER_SESSION_KEY;
 	}
 
 	arcfour_crypt_blob(pwbuf->data, 516, &session_key);
@@ -740,7 +740,7 @@ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call,
 	char new_pass[512];
 	uint32_t new_pass_len;
 	DATA_BLOB co_session_key;
-	DATA_BLOB session_key;
+	DATA_BLOB session_key = data_blob(NULL, 0);
 	struct MD5Context ctx;
 
 	session_key = data_blob(NULL,0);
@@ -749,6 +749,11 @@ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call,
 		session_key = dce_call->conn->auth_state.session_info->session_key;
 	}
 
+	if (session_key.length == 0) {
+		DEBUG(3,("Bad session key in samr_set_password\n"));
+		return NT_STATUS_NO_USER_SESSION_KEY;
+	}
+
 	co_session_key = data_blob_talloc(mem_ctx, NULL, 16);
 	if (!co_session_key.data) {
 		return NT_STATUS_NO_MEMORY;