sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-26 21:57:41 +03:00
Code

s3:rpc_server: let auth_generic_server_step() handle gensec_security == NULL

Browse Source 
This simplifies the caller, we don't need to look at the auth_type anymore.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Stefan Metzmacher 2014-04-23 13:02:35 +02:00
parent 5d3bb5671e
commit 2c5ed102b7
2 changed files with 16 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
source3/rpc_server/dcesrv_auth_generic.c
View File

@ -90,6 +90,10 @@ NTSTATUS auth_generic_server_step(struct gensec_security *gensec_security,
{
NTSTATUS status;
if (gensec_security == NULL) {
return NT_STATUS_INTERNAL_ERROR;
}
/* this has to be done as root in order to verify the password */
become_root();
status = gensec_update(gensec_security, mem_ctx, *token_in, token_out);

47
source3/rpc_server/srv_pipe.c
View File

@ -929,21 +929,12 @@ bool api_pipe_bind_auth3(struct pipes_struct *p, struct ncacn_packet *pkt)
goto err;
}
switch (auth_info.auth_type) {
case DCERPC_AUTH_TYPE_NTLMSSP:
case DCERPC_AUTH_TYPE_KRB5:
case DCERPC_AUTH_TYPE_SPNEGO:
gensec_security = talloc_get_type_abort(p->auth.auth_ctx,
struct gensec_security);
status = auth_generic_server_step(gensec_security,
pkt, &auth_info.credentials,
&response);
break;
default:
DEBUG(1, (__location__ ": incorrect auth type (%u).\n",
(unsigned int)auth_info.auth_type));
return false;
}
gensec_security = talloc_get_type(p->auth.auth_ctx,
struct gensec_security);
status = auth_generic_server_step(gensec_security,
pkt, &auth_info.credentials,
&response);
if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED) ||
@ -1065,26 +1056,12 @@ static bool api_pipe_alter_context(struct pipes_struct *p,
goto err_exit;
}
switch (auth_info.auth_type) {
case DCERPC_AUTH_TYPE_SPNEGO:
case DCERPC_AUTH_TYPE_KRB5:
case DCERPC_AUTH_TYPE_NTLMSSP:
gensec_security = talloc_get_type_abort(p->auth.auth_ctx,
struct gensec_security);
status = auth_generic_server_step(gensec_security,
pkt,
&auth_info.credentials,
&auth_resp);
break;
default:
DEBUG(3, (__location__ ": Usupported auth type (%d) "
"in alter-context call\n",
auth_info.auth_type));
goto err_exit;
}
gensec_security = talloc_get_type(p->auth.auth_ctx,
struct gensec_security);
status = auth_generic_server_step(gensec_security,
pkt,
&auth_info.credentials,
&auth_resp);
if (NT_STATUS_IS_OK(status)) {
/* third leg of auth, verify auth info */
status = pipe_auth_verify_final(p);