s3-ntlmssp Remove auth_ntlmssp_update wrapper

We now just call gensec_update directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>

source3/include/ntlmssp_wrap.h

@@ -72,10 +72,6 @@ void auth_ntlmssp_want_feature(struct auth_ntlmssp_state *ans, uint32_t feature)
 DATA_BLOB auth_ntlmssp_get_session_key(struct auth_ntlmssp_state *ans, 
 				       TALLOC_CTX *mem_ctx);
 
-NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *ans,
-			     TALLOC_CTX *mem_ctx,
-			     const DATA_BLOB request, DATA_BLOB *reply);
-
 NTSTATUS auth_ntlmssp_client_prepare(TALLOC_CTX *mem_ctx,
 				     struct auth_ntlmssp_state **_ans);
 NTSTATUS auth_ntlmssp_client_start(struct auth_ntlmssp_state *ans);

source3/librpc/crypto/cli_spnego.c

@@ -24,6 +24,7 @@
 #include "auth/ntlmssp/ntlmssp.h"
 #include "librpc/crypto/gse.h"
 #include "librpc/crypto/spnego.h"
+#include "auth/gensec/gensec.h"
 
 static NTSTATUS spnego_context_init(TALLOC_CTX *mem_ctx,
 				    bool do_sign, bool do_seal,
@@ -213,8 +214,8 @@ NTSTATUS spnego_get_client_auth_token(TALLOC_CTX *mem_ctx,
 	case SPNEGO_NTLMSSP:
 
 		ntlmssp_ctx = sp_ctx->mech_ctx.ntlmssp_state;
-		status = auth_ntlmssp_update(ntlmssp_ctx, mem_ctx,
-					     token_in, &token_out);
+		status = gensec_update(ntlmssp_ctx->gensec_security, mem_ctx, NULL,
+				       token_in, &token_out);
 		if (NT_STATUS_EQUAL(status,
 				    NT_STATUS_MORE_PROCESSING_REQUIRED)) {
 			mech_wants_more = true;

source3/libsmb/clifsinfo.c

@@ -27,6 +27,7 @@
 #include "smb_crypt.h"
 #include "trans2.h"
 #include "ntlmssp_wrap.h"
+#include "auth/gensec/gensec.h"
 
 /****************************************************************************
  Get UNIX extensions version info.
@@ -637,8 +638,8 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
 	}
 
 	do {
-		status = auth_ntlmssp_update(es->s.auth_ntlmssp_state, es->s.auth_ntlmssp_state,
-					     blob_in, &blob_out);
+		status = gensec_update(es->s.auth_ntlmssp_state->gensec_security, es->s.auth_ntlmssp_state,
+				       NULL, blob_in, &blob_out);
 		data_blob_free(&blob_in);
 		data_blob_free(&param_out);
 		if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(status)) {

source3/libsmb/ntlmssp_wrap.c

@@ -127,13 +127,6 @@ DATA_BLOB auth_ntlmssp_get_session_key(struct auth_ntlmssp_state *ans, TALLOC_CT
 	}
 }
 
-NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *ans,
-			     TALLOC_CTX *mem_ctx,
-			     const DATA_BLOB request, DATA_BLOB *reply)
-{
-	return gensec_update(ans->gensec_security, mem_ctx, NULL, request, reply);
-}
-
 static NTSTATUS gensec_ntlmssp3_client_update(struct gensec_security *gensec_security,
 					      TALLOC_CTX *out_mem_ctx,
 					      struct tevent_context *ev,

source3/rpc_client/cli_pipe.c

@@ -34,6 +34,7 @@
 #include "rpc_dce.h"
 #include "cli_pipe.h"
 #include "libsmb/libsmb.h"
+#include "auth/gensec/gensec.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_RPC_CLI
@@ -1048,7 +1049,7 @@ static NTSTATUS create_ntlmssp_auth_rpc_bind_req(struct rpc_pipe_client *cli,
 					    struct auth_ntlmssp_state);
 
 	DEBUG(5, ("create_ntlmssp_auth_rpc_bind_req: Processing NTLMSSP Negotiate\n"));
-	status = auth_ntlmssp_update(ntlmssp_ctx, mem_ctx, null_blob, auth_token);
+	status = gensec_update(ntlmssp_ctx->gensec_security, mem_ctx, NULL, null_blob, auth_token);
 
 	if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
 		data_blob_free(auth_token);
@@ -1773,8 +1774,8 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
 	case DCERPC_AUTH_TYPE_NTLMSSP:
 		ntlmssp_ctx = talloc_get_type_abort(pauth->auth_ctx,
 						    struct auth_ntlmssp_state);
-		status = auth_ntlmssp_update(ntlmssp_ctx, state,
-					     auth.credentials, &auth_token);
+		status = gensec_update(ntlmssp_ctx->gensec_security, state, NULL,
+				       auth.credentials, &auth_token);
 		if (NT_STATUS_EQUAL(status,
 				    NT_STATUS_MORE_PROCESSING_REQUIRED)) {
 			status = rpc_bind_next_send(req, state,

source3/rpc_server/dcesrv_ntlmssp.c

@@ -59,7 +59,7 @@ NTSTATUS ntlmssp_server_auth_start(TALLOC_CTX *mem_ctx,
 		return status;
 	}
 
-	status = auth_ntlmssp_update(a, mem_ctx, *token_in, token_out);
+	status = gensec_update(a->gensec_security, mem_ctx, NULL, *token_in, token_out);
 	if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
 		DEBUG(0, (__location__ ": auth_ntlmssp_update failed: %s\n",
 			  nt_errstr(status)));
@@ -88,7 +88,7 @@ NTSTATUS ntlmssp_server_step(struct auth_ntlmssp_state *ctx,
 
 	/* this has to be done as root in order to verify the password */
 	become_root();
-	status = auth_ntlmssp_update(ctx, mem_ctx, *token_in, token_out);
+	status = gensec_update(ctx->gensec_security, mem_ctx, NULL, *token_in, token_out);
 	unbecome_root();
 
 	return status;

source3/smbd/negprot.c

@@ -208,8 +208,8 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
 	if (NT_STATUS_IS_OK(status)) {
 		status = auth_generic_start(auth_ntlmssp_state, GENSEC_OID_SPNEGO);
 		if (NT_STATUS_IS_OK(status)) {
-			status = auth_ntlmssp_update(auth_ntlmssp_state, ctx,
-						     data_blob_null, &blob);
+			status = gensec_update(auth_ntlmssp_state->gensec_security, ctx,
+					       NULL, data_blob_null, &blob);
 			/* If we get the list of OIDs, the 'OK' answer
 			 * is NT_STATUS_MORE_PROCESSING_REQUIRED */
 			if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {

source3/smbd/seal.c

@@ -28,6 +28,7 @@
 #include "auth.h"
 #include "libsmb/libsmb.h"
 #include "../lib/tsocket/tsocket.h"
+#include "auth/gensec/gensec.h"
 
 /******************************************************************************
  Server side encryption.
@@ -488,9 +489,9 @@ static NTSTATUS srv_enc_ntlm_negotiate(const struct tsocket_address *remote_addr
 		return status;
 	}
 
-	status = auth_ntlmssp_update(partial_srv_trans_enc_ctx->auth_ntlmssp_state,
-				     talloc_tos(),
-				     secblob, &chal);
+	status = gensec_update(partial_srv_trans_enc_ctx->auth_ntlmssp_state->gensec_security,
+			       talloc_tos(), NULL,
+			       secblob, &chal);
 
 	/* status here should be NT_STATUS_MORE_PROCESSING_REQUIRED
 	 * for success ... */
@@ -613,7 +614,7 @@ static NTSTATUS srv_enc_spnego_ntlm_auth(connection_struct *conn,
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	status = auth_ntlmssp_update(ec->auth_ntlmssp_state, talloc_tos(), auth, &auth_reply);
+	status = gensec_update(ec->auth_ntlmssp_state->gensec_security, talloc_tos(), NULL, auth, &auth_reply);
 	data_blob_free(&auth);
 
 	/* From RFC4178.
@@ -683,9 +684,9 @@ static NTSTATUS srv_enc_raw_ntlm_auth(connection_struct *conn,
 	}
 
 	/* Second step. */
-	status = auth_ntlmssp_update(partial_srv_trans_enc_ctx->auth_ntlmssp_state,
-				     talloc_tos(),
-				     blob, &response);
+	status = gensec_update(partial_srv_trans_enc_ctx->auth_ntlmssp_state->gensec_security,
+			       talloc_tos(), NULL,
+			       blob, &response);
 
 	if (NT_STATUS_IS_OK(status)) {
 		/* Return the context we're using for this encryption state. */

source3/smbd/sesssetup.c

@@ -644,8 +644,8 @@ static void reply_spnego_negotiate(struct smb_request *req,
 		return;
 	}
 
-	status = auth_ntlmssp_update(*auth_ntlmssp_state, talloc_tos(),
-					secblob, &chal);
+	status = gensec_update((*auth_ntlmssp_state)->gensec_security, talloc_tos(),
+			       NULL, secblob, &chal);
 
 	data_blob_free(&secblob);
 
@@ -757,8 +757,8 @@ static void reply_spnego_auth(struct smb_request *req,
 		}
 	}
 
-	status = auth_ntlmssp_update(*auth_ntlmssp_state, talloc_tos(),
-				     auth, &auth_reply);
+	status = gensec_update((*auth_ntlmssp_state)->gensec_security, talloc_tos(),
+			       NULL, auth, &auth_reply);
 
 	data_blob_free(&auth);
 
@@ -1171,9 +1171,9 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
 			}
 		}
 
-		status = auth_ntlmssp_update(vuser->auth_ntlmssp_state,
-					     talloc_tos(),
-					     blob1, &chal);
+		status = gensec_update(vuser->auth_ntlmssp_state->gensec_security,
+				       talloc_tos(), NULL,
+				       blob1, &chal);
 
 		data_blob_free(&blob1);
 

source3/smbd/smb2_sesssetup.c

@@ -388,10 +388,10 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session,
 			goto out;
 		}
 
-		status = auth_ntlmssp_update(session->auth_ntlmssp_state,
-					     talloc_tos(),
-					     secblob_in,
-					     &chal_out);
+		status = gensec_update(session->auth_ntlmssp_state->gensec_security,
+				       talloc_tos(), NULL,
+				       secblob_in,
+				       &chal_out);
 	}
 
 	if (!NT_STATUS_IS_OK(status) &&
@@ -582,9 +582,10 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session,
 		}
 	}
 
-	status = auth_ntlmssp_update(session->auth_ntlmssp_state,
-				     talloc_tos(), auth,
-				     &auth_out);
+	status = gensec_update(session->auth_ntlmssp_state->gensec_security,
+			       talloc_tos(), NULL,
+			       auth,
+			       &auth_out);
 	/* If status is NT_STATUS_OK then we need to get the token.
 	 * Map to guest is now internal to auth_ntlmssp */
 	if (NT_STATUS_IS_OK(status)) {
@@ -661,10 +662,10 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session,
 	}
 
 	/* RAW NTLMSSP */
-	status = auth_ntlmssp_update(session->auth_ntlmssp_state,
-				     smb2req,
-				     in_security_buffer,
-				     out_security_buffer);
+	status = gensec_update(session->auth_ntlmssp_state->gensec_security,
+			       smb2req, NULL,
+			       in_security_buffer,
+			       out_security_buffer);
 
 	if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
 		*out_session_id = session->vuid;