svn commit: samba r6457 - in branches/SAMBA_4_0/source/rpc_server: .
abartlet at samba.org
abartlet at samba.org
Mon Apr 25 04:07:00 GMT 2005
Author: abartlet
Date: 2005-04-25 04:06:59 +0000 (Mon, 25 Apr 2005)
New Revision: 6457
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6457
Log:
Simply the RPC server code for the choice of GENSEC mech - it's just
one function call now, so no need for a wrapper function.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/rpc_server/dcesrv_auth.c
Changeset:
Modified: branches/SAMBA_4_0/source/rpc_server/dcesrv_auth.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/dcesrv_auth.c 2005-04-25 04:05:41 UTC (rev 6456)
+++ branches/SAMBA_4_0/source/rpc_server/dcesrv_auth.c 2005-04-25 04:06:59 UTC (rev 6457)
@@ -25,50 +25,6 @@
#include "rpc_server/dcerpc_server.h"
/*
- startup the cryptographic side of an authenticated dcerpc server
-*/
-NTSTATUS dcesrv_crypto_select_type(struct dcesrv_connection *dce_conn,
- struct dcesrv_auth *auth)
-{
- NTSTATUS status;
- if (auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_INTEGRITY &&
- auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_PRIVACY &&
- auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_CONNECT) {
- DEBUG(2,("auth_level %d not supported in dcesrv auth\n",
- auth->auth_info->auth_level));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (auth->gensec_security != NULL) {
- /* TODO:
- * this this function should not be called
- * twice per dcesrv_connection!
- *
- * so we need to find out the right
- * dcerpc error to return
- */
- }
-
- status = gensec_server_start(dce_conn, &auth->gensec_security);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
- return status;
- }
-
- status = gensec_start_mech_by_authtype(auth->gensec_security, auth->auth_info->auth_type,
- auth->auth_info->auth_level);
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("Failed to start GENSEC mech-specific server code (%d): %s\n",
- (int)auth->auth_info->auth_type,
- nt_errstr(status)));
- return status;
- }
-
- return status;
-}
-
-/*
parse any auth information from a dcerpc bind request
return False if we can't handle the auth request for some
reason (in which case we send a bind_nak)
@@ -77,6 +33,7 @@
{
struct dcerpc_packet *pkt = &call->pkt;
struct dcesrv_connection *dce_conn = call->conn;
+ struct dcesrv_auth *auth = &dce_conn->auth_state;
NTSTATUS status;
if (pkt->u.bind.auth_info.length == 0) {
@@ -97,11 +54,22 @@
return False;
}
- status = dcesrv_crypto_select_type(dce_conn, &dce_conn->auth_state);
+ status = gensec_server_start(dce_conn, &auth->gensec_security);
if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
return False;
}
+ status = gensec_start_mech_by_authtype(auth->gensec_security, auth->auth_info->auth_type,
+ auth->auth_info->auth_level);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("Failed to start GENSEC mech-specific server code (%d): %s\n",
+ (int)auth->auth_info->auth_type,
+ nt_errstr(status)));
+ return False;
+ }
+
return True;
}
@@ -131,7 +99,7 @@
return False;
}
- /* Now that we are authenticated, got back to the generic session key... */
+ /* Now that we are authenticated, go back to the generic session key... */
dce_conn->auth_state.session_key = dcesrv_generic_session_key;
return True;
} else if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
More information about the samba-cvs
mailing list