sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-25 17:57:42 +03:00
Code

s4:rpc_server: Hide gensec prepare behind function pointer

Browse Source 
This function will be different for s3 and s4

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Samuel Cabrero 2019-01-24 20:34:03 +01:00 committed by Andreas Schneider
parent bf09771953
commit 6fe23fa071
5 changed files with 47 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
source4/rpc_server/dcerpc_server.c
View File

@ -23,6 +23,7 @@
#include "includes.h"
#include "auth/auth.h"
#include "auth/gensec/gensec.h"
#include "auth/credentials/credentials.h"
#include "lib/util/dlinklist.h"
#include "rpc_server/dcerpc_server.h"
#include "rpc_server/dcerpc_server_proto.h"
@ -3436,3 +3437,38 @@ void log_successful_dcesrv_authz_event(struct dcesrv_call_state *call)
auth->auth_audited = true;
}
NTSTATUS dcesrv_gensec_prepare(TALLOC_CTX *mem_ctx,
struct dcesrv_call_state *call,
struct gensec_security **out)
{
struct cli_credentials *server_creds = NULL;
struct imessaging_context *imsg_ctx =
dcesrv_imessaging_context(call->conn);
NTSTATUS status;
server_creds = cli_credentials_init(call->auth_state);
if (!server_creds) {
DEBUG(1, ("Failed to init server credentials\n"));
return NT_STATUS_NO_MEMORY;
}
cli_credentials_set_conf(server_creds, call->conn->dce_ctx->lp_ctx);
status = cli_credentials_set_machine_account(server_creds,
call->conn->dce_ctx->lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to obtain server credentials: %s\n",
nt_errstr(status)));
talloc_free(server_creds);
return status;
}
return samba_server_gensec_start(mem_ctx,
call->event_ctx,
imsg_ctx,
call->conn->dce_ctx->lp_ctx,
server_creds,
NULL,
out);
}

6
source4/rpc_server/dcerpc_server.h
View File

@ -38,6 +38,7 @@ struct dcesrv_call_state;
struct dcesrv_auth;
struct dcesrv_connection_context;
struct dcesrv_iface_state;
struct cli_credentials;
struct dcesrv_interface {
const char *name;
@ -367,6 +368,11 @@ struct dcesrv_context_callbacks {
struct {
void (*successful_authz)(struct dcesrv_call_state *);
} log;
struct {
NTSTATUS (*gensec_prepare)(TALLOC_CTX *mem_ctx,
struct dcesrv_call_state *call,
struct gensec_security **out);
} auth;
};
/* server-wide context information for the dcerpc server */

28
source4/rpc_server/dcesrv_auth.c
View File

@ -78,11 +78,8 @@ static NTSTATUS dcesrv_auth_negotiate_hdr_signing(struct dcesrv_call_state *call
static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call)
{
struct cli_credentials *server_credentials = NULL;
struct dcesrv_connection *dce_conn = call->conn;
struct dcesrv_auth *auth = call->auth_state;
struct imessaging_context *imsg_ctx =
dcesrv_imessaging_context(call->conn);
NTSTATUS status;
if (auth->auth_started) {
@ -131,28 +128,9 @@ static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call)
auth->auth_level = call->in_auth_info.auth_level;
auth->auth_context_id = call->in_auth_info.auth_context_id;
server_credentials
= cli_credentials_init(auth);
if (!server_credentials) {
DEBUG(1, ("Failed to init server credentials\n"));
return false;
}
cli_credentials_set_conf(server_credentials, call->conn->dce_ctx->lp_ctx);
status = cli_credentials_set_machine_account(server_credentials, call->conn->dce_ctx->lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to obtain server credentials: %s\n",
nt_errstr(status)));
return false;
}
status = samba_server_gensec_start(auth,
call->event_ctx,
imsg_ctx,
call->conn->dce_ctx->lp_ctx,
server_credentials,
NULL,
&auth->gensec_security);
status = call->conn->dce_ctx->callbacks.auth.gensec_prepare(auth,
call,
&auth->gensec_security);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to call samba_server_gensec_start %s\n",
nt_errstr(status)));

1
source4/rpc_server/service_rpc.c
View File

@ -42,6 +42,7 @@
struct dcesrv_context_callbacks srv_callbacks = {
.log.successful_authz = log_successful_dcesrv_authz_event,
.auth.gensec_prepare = dcesrv_gensec_prepare,
};
/*

1
source4/torture/rpc/spoolss_notify.c
View File

@ -36,6 +36,7 @@
struct dcesrv_context_callbacks srv_cb = {
.log.successful_authz = log_successful_dcesrv_authz_event,
.auth.gensec_prepare = dcesrv_gensec_prepare,
};
static NTSTATUS spoolss__op_bind(struct dcesrv_connection_context *context,