svn commit: samba r9488 - in trunk/source: include rpc_server
jra at samba.org
jra at samba.org
Mon Aug 22 20:30:17 GMT 2005
Author: jra
Date: 2005-08-22 20:30:16 +0000 (Mon, 22 Aug 2005)
New Revision: 9488
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9488
Log:
Move the auth_level field into the pipe auth struct. Refactoring similar
to what I'm intending on the client side.
Jeremy.
Modified:
trunk/source/include/ntdomain.h
trunk/source/rpc_server/srv_pipe.c
trunk/source/rpc_server/srv_samr_nt.c
Changeset:
Modified: trunk/source/include/ntdomain.h
===================================================================
--- trunk/source/include/ntdomain.h 2005-08-22 19:48:20 UTC (rev 9487)
+++ trunk/source/include/ntdomain.h 2005-08-22 20:30:16 UTC (rev 9488)
@@ -184,7 +184,8 @@
/* auth state for all bind types. */
struct pipe_auth_data {
- enum pipe_auth_type auth_type;
+ enum pipe_auth_type auth_type; /* switch for union below. */
+ enum pipe_auth_level auth_level;
union {
struct schannel_auth_struct *schannel_auth;
AUTH_NTLMSSP_STATE *auth_ntlmssp_state;
@@ -218,9 +219,8 @@
TALLOC_CTX *pipe_state_mem_ctx;
struct pipe_auth_data auth;
- enum pipe_auth_level auth_level;
- struct dcinfo dc; /* Keeps the creds data. */
+ struct dcinfo dc; /* Keeps the creds data from netlogon. */
/*
* Windows user info.
Modified: trunk/source/rpc_server/srv_pipe.c
===================================================================
--- trunk/source/rpc_server/srv_pipe.c 2005-08-22 19:48:20 UTC (rev 9487)
+++ trunk/source/rpc_server/srv_pipe.c 2005-08-22 20:30:16 UTC (rev 9488)
@@ -200,7 +200,7 @@
} else {
auth_type = RPC_SPNEGO_AUTH_TYPE;
}
- if (p->auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
auth_level = RPC_AUTH_LEVEL_PRIVACY;
} else {
auth_level = RPC_AUTH_LEVEL_INTEGRITY;
@@ -215,7 +215,7 @@
/* Generate the sign blob. */
- switch (p->auth_level) {
+ switch (p->auth.auth_level) {
case PIPE_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
status = ntlmssp_seal_packet(a->ntlmssp_state,
@@ -417,7 +417,7 @@
init_rpc_hdr_auth(&auth_info,
RPC_SCHANNEL_AUTH_TYPE,
- p->auth_level == PIPE_AUTH_LEVEL_PRIVACY ?
+ p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY ?
RPC_AUTH_LEVEL_PRIVACY : RPC_AUTH_LEVEL_INTEGRITY,
ss_padding_len, 1);
@@ -431,7 +431,7 @@
prs_init(&rauth, 0, p->mem_ctx, MARSHALL);
schannel_encode(p->auth.a_u.schannel_auth,
- p->auth_level,
+ p->auth.auth_level,
SENDER_IS_ACCEPTOR,
&verf, data, data_len + ss_padding_len);
@@ -581,7 +581,7 @@
BOOL create_next_pdu(pipes_struct *p)
{
- switch(p->auth_level) {
+ switch(p->auth.auth_level) {
case PIPE_AUTH_LEVEL_NONE:
case PIPE_AUTH_LEVEL_CONNECT:
/* This is incorrect for auth level connect. Fixme. JRA */
@@ -600,7 +600,7 @@
}
DEBUG(0,("create_next_pdu: invalid internal auth level %u / type %u",
- (unsigned int)p->auth_level,
+ (unsigned int)p->auth.auth_level,
(unsigned int)p->auth.auth_type));
return False;
}
@@ -821,7 +821,7 @@
if (p->auth.auth_data_free_func) {
(*p->auth.auth_data_free_func)(&p->auth);
}
- p->auth_level = PIPE_AUTH_LEVEL_NONE;
+ p->auth.auth_level = PIPE_AUTH_LEVEL_NONE;
p->auth.auth_type = PIPE_AUTH_TYPE_NONE;
p->pipe_bound = False;
@@ -1481,10 +1481,10 @@
/* Work out if we have to sign or seal etc. */
switch (auth_info.auth_level) {
case RPC_AUTH_LEVEL_INTEGRITY:
- p->auth_level = PIPE_AUTH_LEVEL_INTEGRITY;
+ p->auth.auth_level = PIPE_AUTH_LEVEL_INTEGRITY;
break;
case RPC_AUTH_LEVEL_PRIVACY:
- p->auth_level = PIPE_AUTH_LEVEL_PRIVACY;
+ p->auth.auth_level = PIPE_AUTH_LEVEL_PRIVACY;
break;
default:
DEBUG(0,("api_pipe_bind_req: unexpected auth level (%u).\n",
@@ -1522,7 +1522,7 @@
/* We're finished - no more packets. */
p->auth.auth_type = PIPE_AUTH_TYPE_NONE;
/* We must set the pipe auth_level here also. */
- p->auth_level = PIPE_AUTH_LEVEL_NONE;
+ p->auth.auth_level = PIPE_AUTH_LEVEL_NONE;
p->pipe_bound = True;
break;
@@ -1837,7 +1837,7 @@
*pstatus = NT_STATUS_OK;
- if (p->auth_level == PIPE_AUTH_LEVEL_NONE || p->auth_level == PIPE_AUTH_LEVEL_CONNECT) {
+ if (p->auth.auth_level == PIPE_AUTH_LEVEL_NONE || p->auth.auth_level == PIPE_AUTH_LEVEL_CONNECT) {
return True;
}
@@ -1885,7 +1885,7 @@
auth_blob.data = prs_data_p(rpc_in) + prs_offset(rpc_in);
auth_blob.length = auth_len;
- switch (p->auth_level) {
+ switch (p->auth.auth_level) {
case PIPE_AUTH_LEVEL_PRIVACY:
/* Data is encrypted. */
*pstatus = ntlmssp_unseal_packet(a->ntlmssp_state,
@@ -1985,7 +1985,7 @@
}
if (!schannel_decode(p->auth.a_u.schannel_auth,
- p->auth_level,
+ p->auth.auth_level,
SENDER_IS_INITIATOR,
&schannel_chk,
prs_data_p(rpc_in)+old_offset, data_len)) {
Modified: trunk/source/rpc_server/srv_samr_nt.c
===================================================================
--- trunk/source/rpc_server/srv_samr_nt.c 2005-08-22 19:48:20 UTC (rev 9487)
+++ trunk/source/rpc_server/srv_samr_nt.c 2005-08-22 20:30:16 UTC (rev 9488)
@@ -1459,7 +1459,7 @@
return NT_STATUS_ACCESS_DENIED;
}
- if (p->auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
+ if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
return NT_STATUS_ACCESS_DENIED;
}
More information about the samba-cvs
mailing list