diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2009-02-13 10:24:16 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2009-02-13 10:24:16 +1100 |
| commit | 71632a16977a93968b0d520a491a52f635e611a1 (patch) | |
| tree | 75604f676004c10bdd9c4ee1cfdf917a90ddfc0b /source4/smb_server/smb/negprot.c | |
| parent | 147a2e3440056ec30d8b386901754a58ea3947d1 (diff) | |
| download | samba-71632a16977a93968b0d520a491a52f635e611a1.tar.gz samba-71632a16977a93968b0d520a491a52f635e611a1.tar.bz2 samba-71632a16977a93968b0d520a491a52f635e611a1.zip | |
Remove auth/ntlm as a dependency of GENSEC by means of function pointers.
When starting GENSEC on the server, the auth subsystem context must be
passed in, which now includes function pointers to the key elements.
This should (when the other dependencies are fixed up) allow GENSEC to
exist as a client or server library without bundling in too much of
our server code.
Andrew Bartlett
Diffstat (limited to 'source4/smb_server/smb/negprot.c')
| -rw-r--r-- | source4/smb_server/smb/negprot.c | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/source4/smb_server/smb/negprot.c b/source4/smb_server/smb/negprot.c index 71ee82d162..c3399fdd48 100644 --- a/source4/smb_server/smb/negprot.c +++ b/source4/smb_server/smb/negprot.c @@ -350,23 +350,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice) DATA_BLOB blob; const char *oid; NTSTATUS nt_status; - - nt_status = gensec_server_start(req->smb_conn, - req->smb_conn->connection->event.ctx, - lp_gensec_settings(req->smb_conn, req->smb_conn->lp_ctx), - req->smb_conn->connection->msg_ctx, - &gensec_security); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Failed to start GENSEC: %s\n", nt_errstr(nt_status))); - smbsrv_terminate_connection(req->smb_conn, "Failed to start GENSEC\n"); - return; - } - - if (req->smb_conn->negotiate.auth_context) { - smbsrv_terminate_connection(req->smb_conn, "reply_nt1: is this a secondary negprot? auth_context is non-NULL!\n"); - return; - } - + server_credentials = cli_credentials_init(req); if (!server_credentials) { @@ -382,6 +366,24 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice) server_credentials = NULL; } + nt_status = samba_server_gensec_start(req, + req->smb_conn->connection->event.ctx, + req->smb_conn->connection->msg_ctx, + req->smb_conn->lp_ctx, + server_credentials, + "cifs", + &gensec_security); + + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(0, ("Failed to start GENSEC: %s\n", nt_errstr(nt_status))); + smbsrv_terminate_connection(req->smb_conn, "Failed to start GENSEC\n"); + return; + } + + if (req->smb_conn->negotiate.auth_context) { + smbsrv_terminate_connection(req->smb_conn, "reply_nt1: is this a secondary negprot? auth_context is non-NULL!\n"); + return; + } req->smb_conn->negotiate.server_credentials = talloc_steal(req->smb_conn, server_credentials); gensec_set_target_service(gensec_security, "cifs"); |