From af237084ecd4f9928c6c282b9c5c73598d5c73d6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 16 Jun 2005 11:36:09 +0000 Subject: r7633: this patch started as an attempt to make the dcerpc code use a given event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9) --- source4/auth/auth.c | 15 +++++++++++++- source4/auth/auth.h | 3 +++ source4/auth/auth_domain.c | 2 +- source4/auth/gensec/gensec.c | 37 ++++++++++++++++++++++++----------- source4/auth/gensec/gensec.h | 1 + source4/auth/ntlmssp/ntlmssp_server.c | 4 +++- 6 files changed, 48 insertions(+), 14 deletions(-) (limited to 'source4/auth') diff --git a/source4/auth/auth.c b/source4/auth/auth.c index 674e9a7f46..dab1912d8e 100644 --- a/source4/auth/auth.c +++ b/source4/auth/auth.c @@ -22,6 +22,7 @@ #include "includes.h" #include "dlinklist.h" #include "auth/auth.h" +#include "lib/events/events.h" /*************************************************************************** Set a fixed challenge @@ -199,7 +200,9 @@ NTSTATUS auth_check_password(struct auth_context *auth_ctx, /*************************************************************************** Make a auth_info struct for the auth subsystem ***************************************************************************/ -NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **methods, struct auth_context **auth_ctx) +NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **methods, + struct auth_context **auth_ctx, + struct event_context *ev) { int i; struct auth_context *ctx; @@ -215,6 +218,16 @@ NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **methods, struct a ctx->challenge.may_be_modified = False; ctx->challenge.data = data_blob(NULL, 0); ctx->methods = NULL; + + if (ev == NULL) { + ev = event_context_init(ctx); + if (ev == NULL) { + talloc_free(ctx); + return NT_STATUS_NO_MEMORY; + } + } + + ctx->event_ctx = ev; for (i=0; methods[i] ; i++) { struct auth_method_context *method; diff --git a/source4/auth/auth.h b/source4/auth/auth.h index d1f8caa2a0..b4f08b2859 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -144,6 +144,9 @@ struct auth_context { /* methods, in the order they should be called */ struct auth_method_context *methods; + + /* the event context to use for calls that can block */ + struct event_context *event_ctx; }; /* this structure is used by backends to determine the size of some critical types */ diff --git a/source4/auth/auth_domain.c b/source4/auth/auth_domain.c index 041135e4d4..339cc18531 100644 --- a/source4/auth/auth_domain.c +++ b/source4/auth/auth_domain.c @@ -84,7 +84,7 @@ static NTSTATUS domain_check_password(struct auth_method_context *ctx, status = dcerpc_pipe_connect_b(mem_ctx, &p, b, DCERPC_NETLOGON_UUID, DCERPC_NETLOGON_VERSION, - credentials); + credentials, ctx->auth_ctx->event_ctx); if (!NT_STATUS_IS_OK(status)) { return status; diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c index 1608f21114..d9c264cdd8 100644 --- a/source4/auth/gensec/gensec.c +++ b/source4/auth/gensec/gensec.c @@ -23,6 +23,7 @@ #include "includes.h" #include "auth/auth.h" +#include "lib/events/events.h" /* the list of currently registered GENSEC backends */ const static struct gensec_security_ops **generic_security_ops; @@ -228,12 +229,12 @@ const char **gensec_security_oids(TALLOC_CTX *mem_ctx, const char *skip) @param gensec_security Returned GENSEC context pointer. @note The mem_ctx is only a parent and may be NULL. */ -static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security) +static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, + struct gensec_security **gensec_security, + struct event_context *ev) { (*gensec_security) = talloc(mem_ctx, struct gensec_security); - if (!(*gensec_security)) { - return NT_STATUS_NO_MEMORY; - } + NT_STATUS_HAVE_NO_MEMORY(*gensec_security); (*gensec_security)->ops = NULL; @@ -241,6 +242,17 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, struct gensec_security **gense (*gensec_security)->subcontext = False; (*gensec_security)->want_features = 0; + + if (ev == NULL) { + ev = event_context_init(*gensec_security); + if (ev == NULL) { + talloc_free(*gensec_security); + return NT_STATUS_NO_MEMORY; + } + } + + (*gensec_security)->event_ctx = ev; + return NT_STATUS_OK; } @@ -257,15 +269,14 @@ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security) { (*gensec_security) = talloc(mem_ctx, struct gensec_security); - if (!(*gensec_security)) { - return NT_STATUS_NO_MEMORY; - } + NT_STATUS_HAVE_NO_MEMORY(*gensec_security); (**gensec_security) = *parent; (*gensec_security)->ops = NULL; (*gensec_security)->private_data = NULL; (*gensec_security)->subcontext = True; + (*gensec_security)->event_ctx = parent->event_ctx; return NT_STATUS_OK; } @@ -276,10 +287,12 @@ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx, @param gensec_security Returned GENSEC context pointer. @note The mem_ctx is only a parent and may be NULL. */ -NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security) +NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, + struct gensec_security **gensec_security, + struct event_context *ev) { NTSTATUS status; - status = gensec_start(mem_ctx, gensec_security); + status = gensec_start(mem_ctx, gensec_security, ev); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -295,10 +308,12 @@ NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, struct gensec_security **gense @param gensec_security Returned GENSEC context pointer. @note The mem_ctx is only a parent and may be NULL. */ -NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security) +NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx, + struct gensec_security **gensec_security, + struct event_context *ev) { NTSTATUS status; - status = gensec_start(mem_ctx, gensec_security); + status = gensec_start(mem_ctx, gensec_security, ev); if (!NT_STATUS_IS_OK(status)) { return status; } diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h index be6731abfa..2951e13dd9 100644 --- a/source4/auth/gensec/gensec.h +++ b/source4/auth/gensec/gensec.h @@ -109,6 +109,7 @@ struct gensec_security { enum gensec_role gensec_role; BOOL subcontext; uint32_t want_features; + struct event_context *event_ctx; }; /* this structure is used by backends to determine the size of some critical types */ diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index ab214578dd..e50fe58305 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -800,7 +800,9 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL; } - nt_status = auth_context_create(gensec_ntlmssp_state, lp_auth_methods(), &gensec_ntlmssp_state->auth_context); + nt_status = auth_context_create(gensec_ntlmssp_state, lp_auth_methods(), + &gensec_ntlmssp_state->auth_context, + gensec_security->event_ctx); NT_STATUS_NOT_OK_RETURN(nt_status); gensec_ntlmssp_state->get_challenge = auth_ntlmssp_get_challenge; -- cgit