mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
s3-libsmb: use struct gensec_security directly
This is rather than via a now one-element union. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
parent
06f7105490
commit
41ed715d42
@ -180,7 +180,7 @@ NTSTATUS common_encrypt_buffer(struct smb_trans_enc_state *es, char *buffer, cha
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
return common_gensec_encrypt_buffer(es->s.gensec_security, es->enc_ctx_num, buffer, buf_out);
|
||||
return common_gensec_encrypt_buffer(es->gensec_security, es->enc_ctx_num, buffer, buf_out);
|
||||
}
|
||||
|
||||
/******************************************************************************
|
||||
@ -196,7 +196,7 @@ NTSTATUS common_decrypt_buffer(struct smb_trans_enc_state *es, char *buf)
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
return common_gensec_decrypt_buffer(es->s.gensec_security, buf);
|
||||
return common_gensec_decrypt_buffer(es->gensec_security, buf);
|
||||
}
|
||||
|
||||
/******************************************************************************
|
||||
@ -211,8 +211,8 @@ void common_free_encryption_state(struct smb_trans_enc_state **pp_es)
|
||||
return;
|
||||
}
|
||||
|
||||
if (es->s.gensec_security) {
|
||||
TALLOC_FREE(es->s.gensec_security);
|
||||
if (es->gensec_security) {
|
||||
TALLOC_FREE(es->gensec_security);
|
||||
}
|
||||
SAFE_FREE(es);
|
||||
*pp_es = NULL;
|
||||
|
@ -47,9 +47,7 @@ struct smb_trans_enc_state {
|
||||
enum smb_trans_enc_type smb_enc_type;
|
||||
uint16_t enc_ctx_num;
|
||||
bool enc_on;
|
||||
union {
|
||||
struct gensec_security *gensec_security;
|
||||
} s;
|
||||
};
|
||||
|
||||
/* The following definitions come from smb_seal.c */
|
||||
|
@ -662,7 +662,7 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
|
||||
/* We only need the gensec_security part from here.
|
||||
* es is a malloc()ed pointer, so we cannot make
|
||||
* gensec_security a talloc child */
|
||||
es->s.gensec_security = talloc_move(NULL,
|
||||
es->gensec_security = talloc_move(NULL,
|
||||
&auth_generic_state->gensec_security);
|
||||
smb1cli_conn_set_encryption(cli->conn, es);
|
||||
es = NULL;
|
||||
@ -783,7 +783,7 @@ NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
|
||||
/* We only need the gensec_security part from here.
|
||||
* es is a malloc()ed pointer, so we cannot make
|
||||
* gensec_security a talloc child */
|
||||
es->s.gensec_security = talloc_move(NULL,
|
||||
es->gensec_security = talloc_move(NULL,
|
||||
&auth_generic_state->gensec_security);
|
||||
smb1cli_conn_set_encryption(cli->conn, es);
|
||||
es = NULL;
|
||||
|
@ -101,7 +101,7 @@ static NTSTATUS make_auth_gensec(const struct tsocket_address *remote_address,
|
||||
return nt_status_squash(status);
|
||||
}
|
||||
|
||||
es->s.gensec_security = gensec_security;
|
||||
es->gensec_security = gensec_security;
|
||||
|
||||
return status;
|
||||
}
|
||||
@ -247,7 +247,7 @@ static NTSTATUS srv_enc_spnego_gss_negotiate(const struct tsocket_address *remot
|
||||
|
||||
become_root();
|
||||
|
||||
status = gensec_update(partial_srv_trans_enc_ctx->s.gensec_security,
|
||||
status = gensec_update(partial_srv_trans_enc_ctx->gensec_security,
|
||||
talloc_tos(), NULL,
|
||||
secblob, &unwrapped_response);
|
||||
|
||||
@ -292,7 +292,7 @@ static NTSTATUS srv_enc_ntlm_negotiate(const struct tsocket_address *remote_addr
|
||||
return status;
|
||||
}
|
||||
|
||||
status = gensec_update(partial_srv_trans_enc_ctx->s.gensec_security,
|
||||
status = gensec_update(partial_srv_trans_enc_ctx->gensec_security,
|
||||
talloc_tos(), NULL,
|
||||
secblob, &chal);
|
||||
|
||||
@ -400,7 +400,7 @@ static NTSTATUS srv_enc_spnego_ntlm_auth(connection_struct *conn,
|
||||
|
||||
/* We must have a partial context here. */
|
||||
|
||||
if (!es || es->s.gensec_security == NULL || es->smb_enc_type != SMB_TRANS_ENC_NTLM) {
|
||||
if (!es || es->gensec_security == NULL || es->smb_enc_type != SMB_TRANS_ENC_NTLM) {
|
||||
srv_free_encryption_context(&partial_srv_trans_enc_ctx);
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
@ -411,7 +411,7 @@ static NTSTATUS srv_enc_spnego_ntlm_auth(connection_struct *conn,
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
status = gensec_update(es->s.gensec_security, talloc_tos(), NULL, auth, &auth_reply);
|
||||
status = gensec_update(es->gensec_security, talloc_tos(), NULL, auth, &auth_reply);
|
||||
data_blob_free(&auth);
|
||||
|
||||
/* From RFC4178.
|
||||
@ -475,13 +475,13 @@ static NTSTATUS srv_enc_raw_ntlm_auth(connection_struct *conn,
|
||||
}
|
||||
|
||||
es = partial_srv_trans_enc_ctx;
|
||||
if (!es || es->s.gensec_security == NULL || es->smb_enc_type != SMB_TRANS_ENC_NTLM) {
|
||||
if (!es || es->gensec_security == NULL || es->smb_enc_type != SMB_TRANS_ENC_NTLM) {
|
||||
srv_free_encryption_context(&partial_srv_trans_enc_ctx);
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
/* Second step. */
|
||||
status = gensec_update(partial_srv_trans_enc_ctx->s.gensec_security,
|
||||
status = gensec_update(partial_srv_trans_enc_ctx->gensec_security,
|
||||
talloc_tos(), NULL,
|
||||
blob, &response);
|
||||
|
||||
@ -558,11 +558,11 @@ static NTSTATUS check_enc_good(struct smb_trans_enc_state *es)
|
||||
}
|
||||
|
||||
if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) {
|
||||
if (!gensec_have_feature(es->s.gensec_security, GENSEC_FEATURE_SIGN)) {
|
||||
if (!gensec_have_feature(es->gensec_security, GENSEC_FEATURE_SIGN)) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
if (!gensec_have_feature(es->s.gensec_security, GENSEC_FEATURE_SEAL)) {
|
||||
if (!gensec_have_feature(es->gensec_security, GENSEC_FEATURE_SEAL)) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user