sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-23 06:50:21 +03:00
Code

s3-auth re-create the auth context in the s3 ntlmssp server module

Browse Source 
This removes the abstraction violation in auth_generic.c.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Andrew Bartlett 2011-12-26 12:26:43 +11:00 committed by Stefan Metzmacher
parent 1075efabc7
commit e22b1b4f9e
5 changed files with 8 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
source3/auth/auth.c
View File

@ -464,8 +464,6 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx,
for (method = (*auth_context)->auth_method_list; method; method = method->next) {
if (method->prepare_gensec) {
(*auth_context)->prepare_gensec = method->prepare_gensec;
(*auth_context)->gensec_start_mech_by_oid = method->gensec_start_mech_by_oid;
(*auth_context)->gensec_start_mech_by_authtype = method->gensec_start_mech_by_authtype;
break;
}
}

60
source3/auth/auth_generic.c
View File

@ -112,66 +112,12 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx,
NTSTATUS auth_generic_start(struct auth_generic_state *auth_ntlmssp_state, const char *oid)
{
struct gensec_ntlmssp_context *gensec_ntlmssp;
NTSTATUS status;
if (auth_ntlmssp_state->auth_context->gensec_start_mech_by_oid) {
return auth_ntlmssp_state->auth_context->gensec_start_mech_by_oid(
auth_ntlmssp_state->gensec_security, oid);
}
if (strcmp(oid, GENSEC_OID_NTLMSSP) != 0) {
return NT_STATUS_NOT_IMPLEMENTED;
}
status = gensec_start_mech_by_oid(auth_ntlmssp_state->gensec_security, oid);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
gensec_ntlmssp =
talloc_get_type_abort(auth_ntlmssp_state->gensec_security->private_data,
struct gensec_ntlmssp_context);
gensec_ntlmssp->auth_context = talloc_move(gensec_ntlmssp, &auth_ntlmssp_state->auth_context);
return NT_STATUS_OK;
return gensec_start_mech_by_oid(auth_ntlmssp_state->gensec_security, oid);
}
NTSTATUS auth_generic_authtype_start(struct auth_generic_state *auth_ntlmssp_state,
uint8_t auth_type, uint8_t auth_level)
{
struct gensec_ntlmssp_context *gensec_ntlmssp;
NTSTATUS status;
if (auth_ntlmssp_state->auth_context->gensec_start_mech_by_authtype) {
return auth_ntlmssp_state->auth_context->gensec_start_mech_by_authtype(
auth_ntlmssp_state->gensec_security,
auth_type, auth_level);
}
if (auth_type != DCERPC_AUTH_TYPE_NTLMSSP) {
/* The caller will then free the auth_ntlmssp_state,
* undoing what was done in auth_generic_prepare().
*
* We can't do that logic here, as
* auth_ntlmssp_want_feature() may have been called in
* between.
*/
return NT_STATUS_NOT_IMPLEMENTED;
}
status = gensec_start_mech_by_authtype(auth_ntlmssp_state->gensec_security,
auth_type, auth_level);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
gensec_ntlmssp =
talloc_get_type_abort(auth_ntlmssp_state->gensec_security->private_data,
struct gensec_ntlmssp_context);
gensec_ntlmssp->auth_context = talloc_move(gensec_ntlmssp, &auth_ntlmssp_state->auth_context);
return NT_STATUS_OK;
return gensec_start_mech_by_authtype(auth_ntlmssp_state->gensec_security,
auth_type, auth_level);
}

5
source3/auth/auth_ntlmssp.c
View File

@ -242,6 +242,11 @@ static NTSTATUS gensec_ntlmssp3_server_start(struct gensec_security *gensec_secu
talloc_get_type_abort(gensec_security->private_data,
struct gensec_ntlmssp_context);
nt_status = make_auth_context_subsystem(gensec_ntlmssp, &gensec_ntlmssp->auth_context);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
nt_status = ntlmssp_server_start(gensec_ntlmssp,
is_standalone,
netbios_name,

2
source3/auth/auth_samba4.c
View File

@ -185,8 +185,6 @@ static NTSTATUS auth_init_samba4(struct auth_context *auth_context,
result->name = "samba4";
result->auth = check_samba4_security;
result->prepare_gensec = prepare_gensec;
result->gensec_start_mech_by_oid = gensec_start_mech_by_oid;
result->gensec_start_mech_by_authtype = gensec_start_mech_by_authtype;
*auth_method = result;
return NT_STATUS_OK;

9
source3/include/auth.h
View File

@ -68,11 +68,6 @@ struct auth_serversupplied_info {
typedef NTSTATUS (*prepare_gensec_fn)(TALLOC_CTX *mem_ctx,
struct gensec_security **gensec_context);
typedef NTSTATUS (*gensec_start_mech_by_oid_fn)(struct gensec_security *gensec_context,
const char *oid_string);
typedef NTSTATUS (*gensec_start_mech_by_authtype_fn)(struct gensec_security *gensec_context,
uint8_t auth_type,
uint8_t auth_level);
struct auth_context {
DATA_BLOB challenge;
@ -94,8 +89,6 @@ struct auth_context {
NTSTATUS (*nt_status_squash)(NTSTATUS nt_status);
prepare_gensec_fn prepare_gensec;
gensec_start_mech_by_oid_fn gensec_start_mech_by_oid;
gensec_start_mech_by_authtype_fn gensec_start_mech_by_authtype;
};
typedef struct auth_methods
@ -119,8 +112,6 @@ typedef struct auth_methods
/* Optional methods allowing this module to provide a way to get a gensec context */
prepare_gensec_fn prepare_gensec;
gensec_start_mech_by_oid_fn gensec_start_mech_by_oid;
gensec_start_mech_by_authtype_fn gensec_start_mech_by_authtype;
/* Used to keep tabs on things like the cli for SMB server authentication */
void *private_data;