diff options
Diffstat (limited to 'source4/smb_server/smb2')
| -rw-r--r-- | source4/smb_server/smb2/config.mk | 2 | ||||
| -rw-r--r-- | source4/smb_server/smb2/negprot.c | 25 | ||||
| -rw-r--r-- | source4/smb_server/smb2/sesssetup.c | 16 |
3 files changed, 22 insertions, 21 deletions
diff --git a/source4/smb_server/smb2/config.mk b/source4/smb_server/smb2/config.mk index 68ee6e58f6..f0c3739926 100644 --- a/source4/smb_server/smb2/config.mk +++ b/source4/smb_server/smb2/config.mk @@ -2,7 +2,7 @@ # Start SUBSYSTEM SMB2_PROTOCOL [SUBSYSTEM::SMB2_PROTOCOL] PUBLIC_DEPENDENCIES = \ - ntvfs LIBPACKET LIBCLI_SMB2 + ntvfs LIBPACKET LIBCLI_SMB2 samba_server_gensec # End SUBSYSTEM SMB2_PROTOCOL ####################### diff --git a/source4/smb_server/smb2/negprot.c b/source4/smb_server/smb2/negprot.c index 03e5c9356d..0b65a19634 100644 --- a/source4/smb_server/smb2/negprot.c +++ b/source4/smb_server/smb2/negprot.c @@ -20,6 +20,7 @@ #include "includes.h" #include "auth/credentials/credentials.h" +#include "auth/auth.h" #include "auth/gensec/gensec.h" #include "libcli/raw/libcliraw.h" #include "libcli/raw/raw_proto.h" @@ -40,17 +41,6 @@ static NTSTATUS smb2srv_negprot_secblob(struct smb2srv_request *req, DATA_BLOB * NTSTATUS nt_status; struct cli_credentials *server_credentials; - nt_status = gensec_server_start(req, - req->smb_conn->connection->event.ctx, - lp_gensec_settings(req, req->smb_conn->lp_ctx), - req->smb_conn->connection->msg_ctx, - &gensec_security); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Failed to start GENSEC: %s\n", nt_errstr(nt_status))); - smbsrv_terminate_connection(req->smb_conn, "Failed to start GENSEC\n"); - return nt_status; - } - server_credentials = cli_credentials_init(req); if (!server_credentials) { smbsrv_terminate_connection(req->smb_conn, "Failed to init server credentials\n"); @@ -67,6 +57,19 @@ static NTSTATUS smb2srv_negprot_secblob(struct smb2srv_request *req, DATA_BLOB * req->smb_conn->negotiate.server_credentials = talloc_steal(req->smb_conn, server_credentials); + nt_status = samba_server_gensec_start(req, + req->smb_conn->connection->event.ctx, + req->smb_conn->connection->msg_ctx, + req->smb_conn->lp_ctx, + server_credentials, + "cifs", + &gensec_security); + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(0, ("Failed to start GENSEC: %s\n", nt_errstr(nt_status))); + smbsrv_terminate_connection(req->smb_conn, "Failed to start GENSEC\n"); + return nt_status; + } + gensec_set_target_service(gensec_security, "cifs"); gensec_set_credentials(gensec_security, server_credentials); diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 176be0b3ea..9a8c1bfaa9 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -124,20 +124,18 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses if (vuid == 0) { struct gensec_security *gensec_ctx; - status = gensec_server_start(req, - req->smb_conn->connection->event.ctx, - lp_gensec_settings(req, req->smb_conn->lp_ctx), - req->smb_conn->connection->msg_ctx, - &gensec_ctx); + status = samba_server_gensec_start(req, + req->smb_conn->connection->event.ctx, + req->smb_conn->connection->msg_ctx, + req->smb_conn->lp_ctx, + req->smb_conn->negotiate.server_credentials, + "cifs", + &gensec_ctx); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status))); goto failed; } - gensec_set_credentials(gensec_ctx, req->smb_conn->negotiate.server_credentials); - - gensec_set_target_service(gensec_ctx, "cifs"); - gensec_want_feature(gensec_ctx, GENSEC_FEATURE_SESSION_KEY); status = gensec_start_mech_by_oid(gensec_ctx, GENSEC_OID_SPNEGO); |