From 1231b784a1a30c475960d429465ca104c906801c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 27 Jul 2011 13:52:27 +1000 Subject: s3-ntlmssp Remove auth_ntlmssp_and_flags() There is no need to mask out these flags as they simply are not set yet. The correct abstraction is to ask for NTLMSSP features. Andrew Bartlett Signed-off-by: Andrew Tridgell --- source3/include/ntlmssp_wrap.h | 1 - source3/libads/sasl.c | 1 - source3/librpc/crypto/cli_spnego.c | 7 ------- source3/libsmb/ntlmssp_wrap.c | 5 ----- source3/rpc_client/cli_pipe.c | 6 ------ 5 files changed, 20 deletions(-) diff --git a/source3/include/ntlmssp_wrap.h b/source3/include/ntlmssp_wrap.h index 789842cc65..22cd582bb7 100644 --- a/source3/include/ntlmssp_wrap.h +++ b/source3/include/ntlmssp_wrap.h @@ -70,7 +70,6 @@ NTSTATUS auth_ntlmssp_set_domain(struct auth_ntlmssp_state *ans, const char *domain); NTSTATUS auth_ntlmssp_set_password(struct auth_ntlmssp_state *ans, const char *password); -void auth_ntlmssp_and_flags(struct auth_ntlmssp_state *ans, uint32_t flags); void auth_ntlmssp_want_feature(struct auth_ntlmssp_state *ans, uint32_t feature); DATA_BLOB auth_ntlmssp_get_session_key(struct auth_ntlmssp_state *ans, TALLOC_CTX *mem_ctx); diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c index 45cf569c79..a3001863b8 100644 --- a/source3/libads/sasl.c +++ b/source3/libads/sasl.c @@ -148,7 +148,6 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads) if (!NT_STATUS_IS_OK(nt_status)) { return ADS_ERROR_NT(nt_status); } - ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_SIGN; if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_username(ntlmssp_state, ads->auth.user_name))) { return ADS_ERROR_NT(nt_status); diff --git a/source3/librpc/crypto/cli_spnego.c b/source3/librpc/crypto/cli_spnego.c index c30a297cc5..65b5050ed3 100644 --- a/source3/librpc/crypto/cli_spnego.c +++ b/source3/librpc/crypto/cli_spnego.c @@ -130,13 +130,6 @@ NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx, return status; } - /* - * Turn off sign+seal to allow selected auth level to turn it back on. - */ - auth_ntlmssp_and_flags(sp_ctx->mech_ctx.ntlmssp_state, - ~(NTLMSSP_NEGOTIATE_SIGN | - NTLMSSP_NEGOTIATE_SEAL)); - if (do_sign) { auth_ntlmssp_want_feature(sp_ctx->mech_ctx.ntlmssp_state, NTLMSSP_FEATURE_SIGN); diff --git a/source3/libsmb/ntlmssp_wrap.c b/source3/libsmb/ntlmssp_wrap.c index da04ceb245..91e5d0e5d9 100644 --- a/source3/libsmb/ntlmssp_wrap.c +++ b/source3/libsmb/ntlmssp_wrap.c @@ -138,11 +138,6 @@ NTSTATUS auth_ntlmssp_set_password(struct auth_ntlmssp_state *ans, return ntlmssp_set_password(ans->ntlmssp_state, password); } -void auth_ntlmssp_and_flags(struct auth_ntlmssp_state *ans, uint32_t flags) -{ - ans->ntlmssp_state->neg_flags &= flags; -} - void auth_ntlmssp_want_feature(struct auth_ntlmssp_state *ans, uint32_t feature) { if (ans->gensec_security) { diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 80e3c4b1ae..e352c86300 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2315,12 +2315,6 @@ static NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx, goto fail; } - /* - * Turn off sign+seal to allow selected auth level to turn it back on. - */ - auth_ntlmssp_and_flags(ntlmssp_ctx, ~(NTLMSSP_NEGOTIATE_SIGN | - NTLMSSP_NEGOTIATE_SEAL)); - if (auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) { auth_ntlmssp_want_feature(ntlmssp_ctx, NTLMSSP_FEATURE_SIGN); } else if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { -- cgit