mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
auth/gensec: remove tevent_context argument from gensec_update()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
01575faf67
commit
2103c373b4
@ -321,10 +321,9 @@ _PUBLIC_ NTSTATUS gensec_update_ev(struct gensec_security *gensec_security,
|
||||
|
||||
_PUBLIC_ NTSTATUS gensec_update(struct gensec_security *gensec_security,
|
||||
TALLOC_CTX *out_mem_ctx,
|
||||
struct tevent_context *ev,
|
||||
const DATA_BLOB in, DATA_BLOB *out)
|
||||
{
|
||||
return gensec_update_ev(gensec_security, out_mem_ctx, ev, in, out);
|
||||
return gensec_update_ev(gensec_security, out_mem_ctx, NULL, in, out);
|
||||
}
|
||||
|
||||
struct gensec_update_state {
|
||||
|
@ -146,8 +146,8 @@ NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_security,
|
||||
void gensec_set_max_update_size(struct gensec_security *gensec_security,
|
||||
uint32_t max_update_size);
|
||||
size_t gensec_max_update_size(struct gensec_security *gensec_security);
|
||||
NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
|
||||
struct tevent_context *ev,
|
||||
NTSTATUS gensec_update(struct gensec_security *gensec_security,
|
||||
TALLOC_CTX *out_mem_ctx,
|
||||
const DATA_BLOB in, DATA_BLOB *out);
|
||||
NTSTATUS gensec_update_ev(struct gensec_security *gensec_security,
|
||||
TALLOC_CTX *out_mem_ctx,
|
||||
|
@ -276,7 +276,7 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
/* Do a client-server update dance */
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, NULL, tkt_wrapped, &ap_rep);
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, tkt_wrapped, &ap_rep);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1, ("gensec_update() failed: %s\n", nt_errstr(status)));
|
||||
goto out;
|
||||
|
@ -177,7 +177,7 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
|
||||
|
||||
do {
|
||||
nt_status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), NULL, blob_in, &blob_out);
|
||||
talloc_tos(), blob_in, &blob_out);
|
||||
data_blob_free(&blob_in);
|
||||
if ((NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)
|
||||
|| NT_STATUS_IS_OK(nt_status))
|
||||
|
@ -615,7 +615,7 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
|
||||
|
||||
do {
|
||||
status = gensec_update(auth_generic_state->gensec_security, auth_generic_state,
|
||||
NULL, blob_in, &blob_out);
|
||||
blob_in, &blob_out);
|
||||
data_blob_free(&blob_in);
|
||||
data_blob_free(¶m_out);
|
||||
if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(status)) {
|
||||
@ -700,7 +700,7 @@ NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(),
|
||||
NULL, blob_recv, &blob_send);
|
||||
blob_recv, &blob_send);
|
||||
|
||||
do {
|
||||
data_blob_free(&blob_recv);
|
||||
@ -710,7 +710,7 @@ NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
|
||||
}
|
||||
data_blob_free(&blob_send);
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(),
|
||||
NULL, blob_recv, &blob_send);
|
||||
blob_recv, &blob_send);
|
||||
} while (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED));
|
||||
data_blob_free(&blob_recv);
|
||||
|
||||
|
@ -1011,7 +1011,7 @@ static NTSTATUS create_generic_auth_rpc_bind_req(struct rpc_pipe_client *cli,
|
||||
struct gensec_security);
|
||||
|
||||
DEBUG(5, ("create_generic_auth_rpc_bind_req: generate first token\n"));
|
||||
status = gensec_update(gensec_security, mem_ctx, NULL, null_blob, auth_token);
|
||||
status = gensec_update(gensec_security, mem_ctx, null_blob, auth_token);
|
||||
|
||||
if (!NT_STATUS_IS_OK(status) &&
|
||||
!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED))
|
||||
@ -1895,7 +1895,7 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
|
||||
}
|
||||
}
|
||||
|
||||
status = gensec_update(gensec_security, state, NULL,
|
||||
status = gensec_update(gensec_security, state,
|
||||
auth.credentials, &auth_token);
|
||||
if (NT_STATUS_EQUAL(status,
|
||||
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
|
@ -49,7 +49,7 @@ static NTSTATUS auth_generic_server_authtype_start_as_root(TALLOC_CTX *mem_ctx,
|
||||
return status;
|
||||
}
|
||||
|
||||
status = gensec_update(gensec_security, mem_ctx, NULL, *token_in, token_out);
|
||||
status = gensec_update(gensec_security, mem_ctx, *token_in, token_out);
|
||||
if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
DEBUG(2, (__location__ ": gensec_update failed: %s\n",
|
||||
nt_errstr(status)));
|
||||
@ -92,7 +92,7 @@ NTSTATUS auth_generic_server_step(struct gensec_security *gensec_security,
|
||||
|
||||
/* this has to be done as root in order to verify the password */
|
||||
become_root();
|
||||
status = gensec_update(gensec_security, mem_ctx, NULL, *token_in, token_out);
|
||||
status = gensec_update(gensec_security, mem_ctx, *token_in, token_out);
|
||||
unbecome_root();
|
||||
|
||||
return status;
|
||||
|
@ -177,7 +177,7 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
|
||||
status = gensec_start_mech_by_oid(gensec_security, GENSEC_OID_SPNEGO);
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
status = gensec_update(gensec_security, ctx,
|
||||
NULL, data_blob_null, &blob);
|
||||
data_blob_null, &blob);
|
||||
/* If we get the list of OIDs, the 'OK' answer
|
||||
* is NT_STATUS_MORE_PROCESSING_REQUIRED */
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
|
@ -225,7 +225,7 @@ NTSTATUS srv_request_encryption_setup(connection_struct *conn,
|
||||
/* Second step. */
|
||||
become_root();
|
||||
status = gensec_update(es->gensec_security,
|
||||
talloc_tos(), NULL,
|
||||
talloc_tos(),
|
||||
blob, &response);
|
||||
unbecome_root();
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) &&
|
||||
|
@ -258,7 +258,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
|
||||
|
||||
become_root();
|
||||
status = gensec_update(session->gensec,
|
||||
talloc_tos(), NULL,
|
||||
talloc_tos(),
|
||||
in_blob, &out_blob);
|
||||
unbecome_root();
|
||||
if (!NT_STATUS_IS_OK(status) &&
|
||||
|
@ -440,7 +440,8 @@ bool run_smb2_session_reconnect(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, data_blob_null, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), data_blob_null, &in_blob);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
printf("gensec_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -477,7 +478,8 @@ bool run_smb2_session_reconnect(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, out_blob, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), out_blob, &in_blob);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("auth_generic_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -953,7 +955,8 @@ bool run_smb2_multi_channel(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, data_blob_null, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), data_blob_null, &in_blob);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
printf("gensec_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -987,7 +990,8 @@ bool run_smb2_multi_channel(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, out_blob, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), out_blob, &in_blob);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("auth_generic_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -1079,7 +1083,8 @@ bool run_smb2_multi_channel(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, data_blob_null, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), data_blob_null, &in_blob);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
printf("gensec_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -1113,7 +1118,8 @@ bool run_smb2_multi_channel(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, out_blob, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), out_blob, &in_blob);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("auth_generic_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -1263,7 +1269,8 @@ bool run_smb2_multi_channel(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, data_blob_null, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), data_blob_null, &in_blob);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
printf("gensec_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -1297,7 +1304,8 @@ bool run_smb2_multi_channel(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, out_blob, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), out_blob, &in_blob);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("auth_generic_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -1578,7 +1586,8 @@ bool run_smb2_session_reauth(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, data_blob_null, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), data_blob_null, &in_blob);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
printf("gensec_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
@ -1612,7 +1621,8 @@ bool run_smb2_session_reauth(int dummy)
|
||||
return false;
|
||||
}
|
||||
|
||||
status = gensec_update(auth_generic_state->gensec_security, talloc_tos(), ev, out_blob, &in_blob);
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), out_blob, &in_blob);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("auth_generic_update returned %s\n", nt_errstr(status));
|
||||
return false;
|
||||
|
@ -1631,7 +1631,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
|
||||
return;
|
||||
}
|
||||
|
||||
nt_status = gensec_update(state->gensec_state, mem_ctx, NULL, in, &out);
|
||||
nt_status = gensec_update(state->gensec_state, mem_ctx, in, &out);
|
||||
|
||||
/* don't leak 'bad password'/'no such user' info to the network client */
|
||||
nt_status = nt_status_squash(nt_status);
|
||||
|
@ -109,7 +109,7 @@ static NTSTATUS do_ntlm_auth_with_stored_pw(const char *username,
|
||||
dummy_msg = data_blob_null;
|
||||
reply = data_blob_null;
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
talloc_tos(), NULL, dummy_msg, &reply);
|
||||
talloc_tos(), dummy_msg, &reply);
|
||||
data_blob_free(&reply);
|
||||
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
|
||||
@ -120,7 +120,7 @@ static NTSTATUS do_ntlm_auth_with_stored_pw(const char *username,
|
||||
|
||||
/* Now we are ready to handle the server's actual response. */
|
||||
status = gensec_update(auth_generic_state->gensec_security,
|
||||
NULL, NULL, challenge_msg, &reply);
|
||||
NULL, challenge_msg, &reply);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_OK)) {
|
||||
DEBUG(1, ("We didn't get a response to the challenge! [%s]\n",
|
||||
nt_errstr(status)));
|
||||
|
@ -415,7 +415,7 @@ static PyObject *py_gensec_update(PyObject *self, PyObject *args)
|
||||
in.data = (uint8_t *)PyString_AsString(py_in);
|
||||
in.length = PyString_Size(py_in);
|
||||
|
||||
status = gensec_update(security, mem_ctx, NULL, in, &out);
|
||||
status = gensec_update(security, mem_ctx, in, &out);
|
||||
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)
|
||||
&& !NT_STATUS_IS_OK(status)) {
|
||||
|
@ -170,7 +170,7 @@ static bool test_dlz_bind9_gensec(struct torture_context *tctx, const char *mech
|
||||
server_to_client = data_blob(NULL, 0);
|
||||
|
||||
/* Do one step of the client-server update dance */
|
||||
status = gensec_update(gensec_client_context, tctx, tctx->ev, server_to_client, &client_to_server);
|
||||
status = gensec_update(gensec_client_context, tctx, server_to_client, &client_to_server);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (client) failed");
|
||||
}
|
||||
|
@ -195,12 +195,12 @@ static bool test_PACVerify(struct torture_context *tctx,
|
||||
|
||||
do {
|
||||
/* Do a client-server update dance */
|
||||
status = gensec_update(gensec_client_context, tmp_ctx, tctx->ev, server_to_client, &client_to_server);
|
||||
status = gensec_update(gensec_client_context, tmp_ctx, server_to_client, &client_to_server);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (client) failed");
|
||||
}
|
||||
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, tctx->ev, client_to_server, &server_to_client);
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, client_to_server, &server_to_client);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (server) failed");
|
||||
}
|
||||
@ -589,12 +589,12 @@ static bool test_S2U4Self(struct torture_context *tctx,
|
||||
|
||||
do {
|
||||
/* Do a client-server update dance */
|
||||
status = gensec_update(gensec_client_context, tmp_ctx, tctx->ev, server_to_client, &client_to_server);
|
||||
status = gensec_update(gensec_client_context, tmp_ctx, server_to_client, &client_to_server);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (client) failed");
|
||||
}
|
||||
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, tctx->ev, client_to_server, &server_to_client);
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, client_to_server, &server_to_client);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (server) failed");
|
||||
}
|
||||
@ -646,12 +646,12 @@ static bool test_S2U4Self(struct torture_context *tctx,
|
||||
|
||||
do {
|
||||
/* Do a client-server update dance */
|
||||
status = gensec_update(gensec_client_context, tmp_ctx, tctx->ev, server_to_client, &client_to_server);
|
||||
status = gensec_update(gensec_client_context, tmp_ctx, server_to_client, &client_to_server);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (client) failed");
|
||||
}
|
||||
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, tctx->ev, client_to_server, &server_to_client);
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, client_to_server, &server_to_client);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (server) failed");
|
||||
}
|
||||
|
@ -224,12 +224,12 @@ static bool torture_winbind_pac(struct torture_context *tctx)
|
||||
|
||||
do {
|
||||
/* Do a client-server update dance */
|
||||
status = gensec_update(gensec_client_context, tmp_ctx, tctx->ev, server_to_client, &client_to_server);
|
||||
status = gensec_update(gensec_client_context, tmp_ctx, server_to_client, &client_to_server);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (client) failed");
|
||||
}
|
||||
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, tctx->ev, client_to_server, &server_to_client);
|
||||
status = gensec_update(gensec_server_context, tmp_ctx, client_to_server, &server_to_client);
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {;
|
||||
torture_assert_ntstatus_ok(tctx, status, "gensec_update (server) failed");
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user