summaryrefslogtreecommitdiff
path: root/source4/smb_server/smb
diff options
context:
space:
mode:
Diffstat (limited to 'source4/smb_server/smb')
-rw-r--r--source4/smb_server/smb/config.mk2
-rw-r--r--source4/smb_server/smb/negprot.c36
-rw-r--r--source4/smb_server/smb/sesssetup.c16
3 files changed, 27 insertions, 27 deletions
diff --git a/source4/smb_server/smb/config.mk b/source4/smb_server/smb/config.mk
index 9adf334850..eadc122831 100644
--- a/source4/smb_server/smb/config.mk
+++ b/source4/smb_server/smb/config.mk
@@ -2,7 +2,7 @@
# Start SUBSYSTEM SMB_PROTOCOL
[SUBSYSTEM::SMB_PROTOCOL]
PUBLIC_DEPENDENCIES = \
- ntvfs LIBPACKET CREDENTIALS
+ ntvfs LIBPACKET CREDENTIALS samba_server_gensec
# End SUBSYSTEM SMB_PROTOCOL
#######################
diff --git a/source4/smb_server/smb/negprot.c b/source4/smb_server/smb/negprot.c
index 71ee82d162..c3399fdd48 100644
--- a/source4/smb_server/smb/negprot.c
+++ b/source4/smb_server/smb/negprot.c
@@ -350,23 +350,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
DATA_BLOB blob;
const char *oid;
NTSTATUS nt_status;
-
- nt_status = gensec_server_start(req->smb_conn,
- req->smb_conn->connection->event.ctx,
- lp_gensec_settings(req->smb_conn, req->smb_conn->lp_ctx),
- req->smb_conn->connection->msg_ctx,
- &gensec_security);
- if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(0, ("Failed to start GENSEC: %s\n", nt_errstr(nt_status)));
- smbsrv_terminate_connection(req->smb_conn, "Failed to start GENSEC\n");
- return;
- }
-
- if (req->smb_conn->negotiate.auth_context) {
- smbsrv_terminate_connection(req->smb_conn, "reply_nt1: is this a secondary negprot? auth_context is non-NULL!\n");
- return;
- }
-
+
server_credentials
= cli_credentials_init(req);
if (!server_credentials) {
@@ -382,6 +366,24 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
server_credentials = NULL;
}
+ nt_status = samba_server_gensec_start(req,
+ req->smb_conn->connection->event.ctx,
+ req->smb_conn->connection->msg_ctx,
+ req->smb_conn->lp_ctx,
+ server_credentials,
+ "cifs",
+ &gensec_security);
+
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0, ("Failed to start GENSEC: %s\n", nt_errstr(nt_status)));
+ smbsrv_terminate_connection(req->smb_conn, "Failed to start GENSEC\n");
+ return;
+ }
+
+ if (req->smb_conn->negotiate.auth_context) {
+ smbsrv_terminate_connection(req->smb_conn, "reply_nt1: is this a secondary negprot? auth_context is non-NULL!\n");
+ return;
+ }
req->smb_conn->negotiate.server_credentials = talloc_steal(req->smb_conn, server_credentials);
gensec_set_target_service(gensec_security, "cifs");
diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c
index 0767a187e5..e38447703b 100644
--- a/source4/smb_server/smb/sesssetup.c
+++ b/source4/smb_server/smb/sesssetup.c
@@ -363,20 +363,18 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se
if (!smb_sess) {
struct gensec_security *gensec_ctx;
- status = gensec_server_start(req,
- req->smb_conn->connection->event.ctx,
- lp_gensec_settings(req, req->smb_conn->lp_ctx),
- req->smb_conn->connection->msg_ctx,
- &gensec_ctx);
+ status = samba_server_gensec_start(req,
+ req->smb_conn->connection->event.ctx,
+ req->smb_conn->connection->msg_ctx,
+ req->smb_conn->lp_ctx,
+ req->smb_conn->negotiate.server_credentials,
+ "cifs",
+ &gensec_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
goto failed;
}
- gensec_set_credentials(gensec_ctx, req->smb_conn->negotiate.server_credentials);
-
- gensec_set_target_service(gensec_ctx, "cifs");
-
gensec_want_feature(gensec_ctx, GENSEC_FEATURE_SESSION_KEY);
status = gensec_start_mech_by_oid(gensec_ctx, req->smb_conn->negotiate.oid);
generated by cgit (git 2.34.1) at 2024-07-08 14:28:35 +0000