[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Tue Jul 25 15:43:03 UTC 2017
The branch, master has been updated
via ee9f437 auth/gensec: finally remove unused gensec_update_ev()
via 39353c9 auth/gensec: don't allow gensec_update[_ev] to be called on a subcontext
via a7f4012 auth/gensec: make use of gensec_update_send/recv in gensec_update_ev()
via 8268374 s4:lib/http: rewrite http_send_auth_request_*() using gensec_update_send/recv
via eb6b2b6 auth/gensec: introduce gensec_security_ops.glue in order to avoid depending on GENSEC_OID_SPNEGO being special
via 692425f auth/gensec: add some useful debugging to gensec_update_send/gensec_update_done
via 97788f4 auth/spnego: Use talloc_get_type_abort() in gsensec_spnego_update_out()
via 62ffe20 auth/spnego: Use talloc_get_type_abort() in gsensec_spnego_update_in()
via e492950 auth/spnego: Rename gensec_spnego_update_sub_abort()
via 832e9ff auth/spnego: replace gensec_spnego_neg_loop() by real async processing of {start,step,finish}_fn()
via 75e6728 auth/spnego: split gensec_spnego_server_negTokenTarg() into subfunctions
via 2d1fcde auth/spnego: split gensec_spnego_server_negTokenInit() into subfunctions
via 7ff159e auth/spnego: split gensec_spnego_client_negTokenTarg() into subfunctions
via e337d4f auth/spnego: split gensec_spnego_client_negTokenInit() into subfunctions
via e9eb0f3 auth/spnego: split gensec_spnego_create_negTokenInit() into subfunctions
via c56103e auth/spnego: don't produce an output token for errors in gensec_spnego_server_response()
via eedb810 auth/spnego: don't call gensec_spnego_server_response() with a fatal error
via 3e6daa3 auth/spnego: generate a valid packet if gensec_spnego_client_negTokenTarg() gives MORE_PROCESSING_REQUIRED
via a97057d auth/spnego: make sure we don't return OK without sub_sec_ready in gensec_spnego_client_negTokenTarg()
via f7f9de4 auth/spnego: do an early return for the success case in gensec_spnego_client_negTokenTarg()
via 9b4d44a auth/spnego: use better variable names in gensec_spnego_create_negTokenInit()
via d9e764e auth/spnego: introduce an early return in gensec_spnego_create_negTokenInit()
via 6a3c50f auth/spnego: add more error checking to gensec_spnego_create_negTokenInit()
via 1ff5381 auth/spnego: rename 'nt_status' to 'status' in gensec_spnego_create_negTokenInit()
via 1010034 auth/spnego: make the debug messages in gensec_spnego_create_negTokenInit() more useful
via 71ca6fc auth/spnego: remove one more useless indentation level in gensec_spnego_create_negTokenInit()
via 3042107 auth/spnego: introduce an early goto reply: for the server in gensec_spnego_create_negTokenInit()
via 248be3b auth/spnego: move the output generation to the end of gensec_spnego_create_negTokenInit()
via 81df16a auth/spnego: make the SPNEGO_FALLBACK continuation completely async
via 9502f53 auth/spnego: invert the fallback logic in gensec_spnego_client_negTokenInit()
via 3bf4946 auth/spnego: split out gensec_spnego_update_pre/post() functions
via cb8f370 auth/spnego: inline gensec_spnego_parse_negTokenInit() into gensec_spnego_server_negTokenInit()
via efacdf9 auth/spnego: remove more dead code from gensec_spnego_parse_negTokenInit()
via ba9c51d auth/spnego: add an early return for OK or MORE PROCESSING in gensec_spnego_parse_negTokenInit()
via 32836a7 auth/spnego: add an early return for a hard error in gensec_spnego_parse_negTokenInit()
via 1523a77 auth/spnego: do an early return when we downgraded the mech in gensec_spnego_parse_negTokenInit()
via 2a846ba auth/spnego: remove one more useless indentation level from gensec_spnego_parse_negTokenInit()
via f204402 auth/spnego: remove dead code from gensec_spnego_parse_negTokenInit()
via 1c2ed3d auth/spnego: remove unused indentation level from gensec_spnego_parse_negTokenInit()
via 8ddfafd auth/spnego: inline gensec_spnego_parse_negTokenInit() client logic into gensec_spnego_client_negTokenInit()
via 482fe65 auth/spnego: let gensec_spnego_parse_negTokenInit() require client provides mechs
via 7c04ee94 auth/spnego: inline gensec_spnego_update_server() into gensec_spnego_update_send()
via fe4521d auth/spnego: inline gensec_spnego_update_client() into gensec_spnego_update_send()
via f85f9da auth/spnego: split out a gensec_spnego_server_negTokenTarg() function
via e60222d auth/spnego: introduce a 'struct spnego_negTokenTarg *ta' helper variable in gensec_spnego_update_server()
via 909d190 auth/spnego: split out a gensec_spnego_client_negTokenTarg() function
via 7128dd8 auth/spnego: make more use of the 'ta' helper variable in gensec_spnego_update_client()
via 2054008 auth/spnego: split out a gensec_spnego_server_negTokenInit() function.
via 3ed3d81 auth/spnego: split out a gensec_spnego_client_negTokenInit() function.
via ce6c80a auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_update_client()
via 3866d55 auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_create_negTokenInit()
via eee973a auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_update_send()
via dc07418 auth/spnego: simplify the error handling logic in gensec_spnego_parse_negTokenInit()
via 3903ba8 auth/spnego: call gensec_spnego_create_negTokenInit() directly in gensec_spnego_update_send()
via 6521967 auth/spnego: do parse the incoming blob already in gensec_spnego_update_send()
via 00c195b auth/spnego: introduce a 'spnego_in' helper variable in gensec_spnego_update_client()
via c988596 auth/spnego: introduce a 'spnego_in' helper variable in gensec_spnego_update_client()
via e243fb5 auth/spnego: skip gensec_update_ev() if sub_sec_ready is already true in gensec_spnego_update_server()
via a2a4483 auth/spnego: move gensec_update_ev() out of gensec_spnego_server_try_fallback()
via 404f923 auth/spnego: Fix withespace and indent in gensec_spnego_server_try_fallback()
from 4830902 s3:tests: Add tests for smbspool_krb5_wrapper
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ee9f4374ed5e531e8af008eb0642108bca1d2744
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 15 00:05:29 2017 +0200
auth/gensec: finally remove unused gensec_update_ev()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jul 25 17:42:55 CEST 2017 on sn-devel-144
commit 39353c9a6e3628a670fc9aa130b6eaf05d1083be
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu May 11 14:22:27 2017 +0200
auth/gensec: don't allow gensec_update[_ev] to be called on a subcontext
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit a7f401243cb179dc3af6c6084474785ad189307a
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu May 11 13:16:16 2017 +0200
auth/gensec: make use of gensec_update_send/recv in gensec_update_ev()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 8268374c8307170f03b149a8fa7ed049c21889bf
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu May 11 15:34:08 2017 +0200
s4:lib/http: rewrite http_send_auth_request_*() using gensec_update_send/recv
The new logic makes it much clearer that we have a loop of
gensec_update_send()
gensec_update_recv()
http_send_request_send()
http_send_request_recv()
http_read_response_send()
http_read_response_recv()
Until the local gensec and the server are ready.
I've tested this against Windows 2008R2 like this:
bin/smbtorture \
-W BLA --realm=BLA.BASE \
-s /dev/null -Uadministrator%A1b2C3d4 \
ncacn_http:w2k8r2-219[593,RpcProxy=w2k8r2-219.bla.base,HttpUseTls=false,HttpAuthOption=basic] \
rpc.epmapper.epmapper.Lookup_simple \
and:
bin/smbtorture \
-W BLA --realm=BLA.BASE \
-s /dev/null -Uadministrator%A1b2C3d4 \
ncacn_http:w2k8r2-219[593,RpcProxy=w2k8r2-219.bla.base,HttpUseTls=false,HttpAuthOption=ntlm] \
rpc.epmapper.epmapper.Lookup_simple \
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit eb6b2b63e997967b9222741dff166ba73ec54064
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 20 23:28:51 2017 +0200
auth/gensec: introduce gensec_security_ops.glue in order to avoid depending on GENSEC_OID_SPNEGO being special
In future we have get more backends that can negotiate other backends,
we should keep all of them even if we require kerberos.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 692425f09a6d03a13861140f8e5446ca1e848887
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 20 15:42:58 2017 +0200
auth/gensec: add some useful debugging to gensec_update_send/gensec_update_done
This makes it easier to spot problems with all the abstraction and async layers.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 97788f4a75ec0ade93c69c127fefcedeb08a1fcf
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 19 11:05:32 2017 +0200
auth/spnego: Use talloc_get_type_abort() in gsensec_spnego_update_out()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 62ffe20fcbbd1a78922e0e9a02cf151362ee1de8
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 19 11:02:39 2017 +0200
auth/spnego: Use talloc_get_type_abort() in gsensec_spnego_update_in()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit e492950184c3df7cfb0a2e7fb75ed5e5df8e0805
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 19 10:53:30 2017 +0200
auth/spnego: Rename gensec_spnego_update_sub_abort()
The name is not ideal as someone might think we will panic and abort the
process. So rename it to gensec_spnego_reset_sub_sec().
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 832e9ff59402f2c369aac0a9ee65364de75d057c
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 14 11:01:23 2017 +0200
auth/spnego: replace gensec_spnego_neg_loop() by real async processing of {start,step,finish}_fn()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 75e6728bcf25d24392f1dba28444c6696632107b
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 14 15:40:41 2017 +0200
auth/spnego: split gensec_spnego_server_negTokenTarg() into subfunctions
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 2d1fcde331a9f1f43850a9bfcb046d245672af46
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 14 15:22:57 2017 +0200
auth/spnego: split gensec_spnego_server_negTokenInit() into subfunctions
Check with git show -U15
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 7ff159e3c8886f2ae021bdcb957866dbde7a6d69
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 14 13:56:02 2017 +0200
auth/spnego: split gensec_spnego_client_negTokenTarg() into subfunctions
Check with git show -U15
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit e337d4f82f70e950ae2f4fc84ee58a1faf42e334
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 14 12:59:43 2017 +0200
auth/spnego: split gensec_spnego_client_negTokenInit() into subfunctions
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit e9eb0f3cc58c37efee34d0141e2063759846ad19
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 14 01:52:09 2017 +0200
auth/spnego: split gensec_spnego_create_negTokenInit() into subfunctions
This adds and uses the gensec_spnego_neg_loop() abstraction, which
abstracts start, step and finish hooks.
The start hook does the initial processing on the incoming paket and
may start the first possible subcontext. It indicates that
gensec_update() is required on the subcontext by returning
NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in
'in_next'. Note that 'in_mem_ctx' is just passed as a hint, the
caller should treat 'in_next' as const and don't attempt to free the
content. NT_STATUS_OK indicates the finish hook should be invoked
directly withing the need of gensec_update() on the subcontext.
Every other error indicates an error that's returned to the caller.
The step hook processes the result of a failed gensec_update() and
can decide to ignore a failure or continue the negotiation by
setting up the next possible subcontext. It indicates that
gensec_update() is required on the subcontext by returning
NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in
'in_next'. Note that 'in_mem_ctx' is just passed as a hint, the
caller should treat 'in_next' as const and don't attempt to free the
content. NT_STATUS_OK indicates the finish hook should be invoced
directly withing the need of gensec_update() on the subcontext.
Every other error indicated an error that's returned to the caller.
The finish hook processes the result of a successful gensec_update()
(NT_STATUS_OK or NT_STATUS_MORE_PROCESSING_REQUIRED). It forms the
response pdu that will be returned from the toplevel gensec_update()
together with NT_STATUS_OK or NT_STATUS_MORE_PROCESSING_REQUIRED. It
may also alter the state machine to prepare receiving the next pdu
from the peer.
This is the start of using this abstraction for the initial client or server
start with on empty input token from the peer.
This abstraction will be applied to all four other spnego states,
gensec_spnego_{client,server}_negToken{Init,Targ}() in the following
commits.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit c56103e3fee118c051bf3561c2e98954de74d29b
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jul 17 22:00:10 2017 +0200
auth/spnego: don't produce an output token for errors in gensec_spnego_server_response()
gensec_spnego_server_response() is never called with a fatal error anymore.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit eedb8105507ed14ed19da185dcf32537dc39c7fe
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jul 17 21:54:51 2017 +0200
auth/spnego: don't call gensec_spnego_server_response() with a fatal error
It doesn't make sense to produce an output token without
returning OK or MORE_PROCESSING_REQUIRED.
Even in v4-0-test we had gensec_spnego_update_wrapper()
which only passed the constructed output token to the caller
with OK or MORE_PROCESSING_REQUIRED.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3e6daa30f5594c25da190773be79003eef9b157a
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jul 18 11:42:43 2017 +0200
auth/spnego: generate a valid packet if gensec_spnego_client_negTokenTarg() gives MORE_PROCESSING_REQUIRED
If we wait for the mechListMIC from the server we should send a valid paket
instead of an empty blob.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit a97057d5b88c02bb3874f2dfe2ed5a8c2edfc596
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jul 17 20:49:34 2017 +0200
auth/spnego: make sure we don't return OK without sub_sec_ready in gensec_spnego_client_negTokenTarg()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit f7f9de406a2d1a5e4fea1633c77c3907545a48a3
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jul 17 20:47:57 2017 +0200
auth/spnego: do an early return for the success case in gensec_spnego_client_negTokenTarg()
Check with git show -w
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 9b4d44a0559e57d921e0a1c033b2ca0c35326f57
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 16:26:42 2017 +0200
auth/spnego: use better variable names in gensec_spnego_create_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit d9e764ed9b134f3c7e0869bd5567dbf49513d45f
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 16:20:59 2017 +0200
auth/spnego: introduce an early return in gensec_spnego_create_negTokenInit()
This avoids print two debug message for the same failure.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 6a3c50f368979c8bf5dc6c8c88bf34227c61a56e
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 16:16:35 2017 +0200
auth/spnego: add more error checking to gensec_spnego_create_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 1ff538124dc9b8785591002937c2b59ee6c07d8c
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 16:08:05 2017 +0200
auth/spnego: rename 'nt_status' to 'status' in gensec_spnego_create_negTokenInit()
This makes future diffs smaller.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 10100348de01a9f5f0bb781f8acda9980ea2d3f1
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 16:05:39 2017 +0200
auth/spnego: make the debug messages in gensec_spnego_create_negTokenInit() more useful
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 71ca6fcf13aca7dae3201fc3ec45c5ea77a9f333
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 15:49:32 2017 +0200
auth/spnego: remove one more useless indentation level in gensec_spnego_create_negTokenInit()
Check with git show -w -U20
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3042107a83c1d5e18e39ddc93deaede5610e1049
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 15:44:53 2017 +0200
auth/spnego: introduce an early goto reply: for the server in gensec_spnego_create_negTokenInit()
This removes a useless indentation level and simplifies future patches.
Check with git show -w
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 248be3bfa63aa52a41993ee70dcf5380be394f20
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 15:41:23 2017 +0200
auth/spnego: move the output generation to the end of gensec_spnego_create_negTokenInit()
This will simplify the diff of future patches.
Check with git show -w
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 81df16a54ab28b0e4925623aaec93ac6238eb4be
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 13 23:43:01 2017 +0200
auth/spnego: make the SPNEGO_FALLBACK continuation completely async
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 9502f535338f06f334e294827ea339001d8625b8
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 13 16:49:57 2017 +0200
auth/spnego: invert the fallback logic in gensec_spnego_client_negTokenInit()
We should do the return first, that will simplify further changes.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3bf494645044f858e7e34501d7b39e2677745ede
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 13 23:43:01 2017 +0200
auth/spnego: split out gensec_spnego_update_pre/post() functions
For now we keep doing sync processing only, in future
we'll do some preprocessing before a gensec_update_send()
on the subcontext in gensec_spnego_update_pre()
and handle the the result of gensec_update_recv()
in gensec_spnego_update_post().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit cb8f370abd3f1dc83e434c08977c5b46a698e428
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 11:39:39 2017 +0200
auth/spnego: inline gensec_spnego_parse_negTokenInit() into gensec_spnego_server_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit efacdf970e36b8d4aea553d84c1ef4c10cfbe75a
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 11:11:57 2017 +0200
auth/spnego: remove more dead code from gensec_spnego_parse_negTokenInit()
Now we finally have a logic that someone can understand while reading it.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit ba9c51d51db4ba5663357fb0ef1b07db640b3428
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 11:09:59 2017 +0200
auth/spnego: add an early return for OK or MORE PROCESSING in gensec_spnego_parse_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 32836a77b1d46c2fdfea5586298cbf2ee402566a
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 11:07:41 2017 +0200
auth/spnego: add an early return for a hard error in gensec_spnego_parse_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 1523a778e9f1d847d1a0d49b3c717779114b9d97
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 11:05:39 2017 +0200
auth/spnego: do an early return when we downgraded the mech in gensec_spnego_parse_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 2a846bab19aaa7fc52c16e9fc78318285858ff8e
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 11:03:37 2017 +0200
auth/spnego: remove one more useless indentation level from gensec_spnego_parse_negTokenInit()
Check with 'git show -w -U45' and carefully check the 'break' vs. 'continue'
changes.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit f2044028fcd1d756085067190045ee87a4ea3537
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 10:57:52 2017 +0200
auth/spnego: remove dead code from gensec_spnego_parse_negTokenInit()
Check with git show -U15
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 1c2ed3dec96cb201cd78b7a324dbe96ab7ac26e9
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 10:54:54 2017 +0200
auth/spnego: remove unused indentation level from gensec_spnego_parse_negTokenInit()
gensec_spnego_parse_negTokenInit() is only used as server now.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 8ddfafdb7e6df21b83475b593e908ee11d1304b6
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 10:11:43 2017 +0200
auth/spnego: inline gensec_spnego_parse_negTokenInit() client logic into gensec_spnego_client_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 482fe65eb9ca4dee9b26e2634d0810a923ea07c0
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 10:44:00 2017 +0200
auth/spnego: let gensec_spnego_parse_negTokenInit() require client provides mechs
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 7c04ee943f2236e73a259ba79c70d16c73875498
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 09:22:25 2017 +0200
auth/spnego: inline gensec_spnego_update_server() into gensec_spnego_update_send()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit fe4521dcc8779f0835748b6a0e87f2c694c8c582
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 09:22:25 2017 +0200
auth/spnego: inline gensec_spnego_update_client() into gensec_spnego_update_send()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit f85f9da24a810f8833a3f359b5add678e7df300e
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 09:18:18 2017 +0200
auth/spnego: split out a gensec_spnego_server_negTokenTarg() function
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit e60222d5c31b524a8b952b46ef04ef86fc15b87d
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 09:05:29 2017 +0200
auth/spnego: introduce a 'struct spnego_negTokenTarg *ta' helper variable in gensec_spnego_update_server()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 909d190ec2d7cf45ec49fb7f63de8dcc759559f6
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 09:01:18 2017 +0200
auth/spnego: split out a gensec_spnego_client_negTokenTarg() function
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 7128dd8f514afc50d71886bd9b14c4d8ca8ef1bf
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 08:42:08 2017 +0200
auth/spnego: make more use of the 'ta' helper variable in gensec_spnego_update_client()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 2054008f7db8838e1aa98369fb19153f810469e6
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 08:30:24 2017 +0200
auth/spnego: split out a gensec_spnego_server_negTokenInit() function.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3ed3d81eee47821f97b593a9d7beaf3faf0cd745
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 08:11:32 2017 +0200
auth/spnego: split out a gensec_spnego_client_negTokenInit() function.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit ce6c80ab0dac167f554d021f02166005a0ca95bb
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 08:00:00 2017 +0200
auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_update_client()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3866d559510396441895dcd82f7e61a27a814c59
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 07:58:51 2017 +0200
auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_create_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit eee973a6aee5c1298c1dfed12fced34f3deeaf85
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 28 14:53:49 2017 +0200
auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_update_send()
Check with git show -U15
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit dc074180be692d2cfe36e70edae96b1c28e1a094
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 7 07:53:29 2017 +0200
auth/spnego: simplify the error handling logic in gensec_spnego_parse_negTokenInit()
We can just use GENSEC_UPDATE_IS_NTERROR() as NT_STATUS_INVALID_PARAMETER
is mapped to NT_STATUS_MORE_PROCESSING_REQUIRED in the lines above.
Check with git show -U10
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3903ba821b80ba9abb2c265a4e315cf6108a4501
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 6 15:36:36 2017 +0200
auth/spnego: call gensec_spnego_create_negTokenInit() directly in gensec_spnego_update_send()
This simplifies further refactoring.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 6521967c4b5e89ac9ceefc38c591fa717e5aedd6
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 14 03:39:02 2017 +0200
auth/spnego: do parse the incoming blob already in gensec_spnego_update_send()
It's easier to have this in one central place.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 00c195b43152fd9d14f82b0861ef137269abe051
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jul 5 09:59:16 2017 +0200
auth/spnego: introduce a 'spnego_in' helper variable in gensec_spnego_update_client()
In the following commits we'll pass that variable from the caller
and this preparation will reduce the diff for the following patches.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit c988596cb5880b2d0278a1471535f70dc890c69c
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jul 5 09:59:16 2017 +0200
auth/spnego: introduce a 'spnego_in' helper variable in gensec_spnego_update_client()
In the following commits we'll pass that variable from the caller
and this preparation will reduce the diff for the following patches.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit e243fb510dcec8cf1f8ba6ee76077ca99be8cb9c
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Dec 30 12:59:01 2016 +0100
auth/spnego: skip gensec_update_ev() if sub_sec_ready is already true in gensec_spnego_update_server()
This matches the flow already used in the client case.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit a2a4483ce11ac10e57b24a7581112bdaf38e86c6
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 14 03:39:02 2017 +0200
auth/spnego: move gensec_update_ev() out of gensec_spnego_server_try_fallback()
This makes it easier to handle SPNEGO_FALLBACK code path completely async
from the first packet in future.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 404f923e34ecdb51577b6cfee0cda2a7b3e8efd3
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 19 10:47:37 2017 +0200
auth/spnego: Fix withespace and indent in gensec_spnego_server_try_fallback()
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/gensec/gensec.c | 110 +-
auth/gensec/gensec.h | 4 -
auth/gensec/gensec_internal.h | 1 +
auth/gensec/gensec_start.c | 11 +-
auth/gensec/spnego.c | 2426 +++++++++++++++++++++++++----------------
source4/lib/http/http.h | 2 +-
source4/lib/http/http_auth.c | 337 +++---
7 files changed, 1691 insertions(+), 1200 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c
index 014516f..61bff22 100644
--- a/auth/gensec/gensec.c
+++ b/auth/gensec/gensec.c
@@ -319,38 +319,48 @@ static NTSTATUS gensec_verify_features(struct gensec_security *gensec_security)
return NT_STATUS_OK;
}
-_PUBLIC_ NTSTATUS gensec_update_ev(struct gensec_security *gensec_security,
- TALLOC_CTX *out_mem_ctx,
- struct tevent_context *ev,
- const DATA_BLOB in, DATA_BLOB *out)
+/**
+ * Next state function for the GENSEC state machine
+ *
+ * @param gensec_security GENSEC State
+ * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
+ * @param in The request, as a DATA_BLOB
+ * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
+ * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
+ * or NT_STATUS_OK if the user is authenticated.
+ */
+_PUBLIC_ NTSTATUS gensec_update(struct gensec_security *gensec_security,
+ TALLOC_CTX *out_mem_ctx,
+ const DATA_BLOB in, DATA_BLOB *out)
{
NTSTATUS status;
- const struct gensec_security_ops *ops = gensec_security->ops;
TALLOC_CTX *frame = NULL;
+ struct tevent_context *ev = NULL;
struct tevent_req *subreq = NULL;
bool ok;
- if (gensec_security->child_security != NULL) {
- return NT_STATUS_INVALID_PARAMETER;
+ if (gensec_security->subcontext) {
+ /*
+ * gensec modules are not allowed to call the sync version.
+ */
+ return NT_STATUS_INTERNAL_ERROR;
}
frame = talloc_stackframe();
+ ev = samba_tevent_context_init(frame);
if (ev == NULL) {
- ev = samba_tevent_context_init(frame);
- if (ev == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
-
- /*
- * TODO: remove this hack once the backends
- * are fixed.
- */
- tevent_loop_allow_nesting(ev);
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
}
- subreq = ops->update_send(frame, ev, gensec_security, in);
+ /*
+ * TODO: remove this hack once the backends
+ * are fixed.
+ */
+ tevent_loop_allow_nesting(ev);
+
+ subreq = gensec_update_send(frame, ev, gensec_security, in);
if (subreq == NULL) {
status = NT_STATUS_NO_MEMORY;
goto fail;
@@ -359,43 +369,12 @@ _PUBLIC_ NTSTATUS gensec_update_ev(struct gensec_security *gensec_security,
if (!ok) {
goto fail;
}
- status = ops->update_recv(subreq, out_mem_ctx, out);
- if (!NT_STATUS_IS_OK(status)) {
- goto fail;
- }
-
- /*
- * Because callers using the
- * gensec_start_mech_by_auth_type() never call
- * gensec_want_feature(), it isn't sensible for them
- * to have to call gensec_have_feature() manually, and
- * these are not points of negotiation, but are
- * asserted by the client
- */
- status = gensec_verify_features(gensec_security);
+ status = gensec_update_recv(subreq, out_mem_ctx, out);
fail:
TALLOC_FREE(frame);
return status;
}
-/**
- * Next state function for the GENSEC state machine
- *
- * @param gensec_security GENSEC State
- * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
- * @param in The request, as a DATA_BLOB
- * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
- * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
- * or NT_STATUS_OK if the user is authenticated.
- */
-
-_PUBLIC_ NTSTATUS gensec_update(struct gensec_security *gensec_security,
- TALLOC_CTX *out_mem_ctx,
- const DATA_BLOB in, DATA_BLOB *out)
-{
- return gensec_update_ev(gensec_security, out_mem_ctx, NULL, in, out);
-}
-
struct gensec_update_state {
const struct gensec_security_ops *ops;
struct gensec_security *gensec_security;
@@ -454,6 +433,9 @@ _PUBLIC_ struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx,
}
tevent_req_set_callback(subreq, gensec_update_done, req);
+ DBG_DEBUG("%s[%p]: subreq: %p\n", state->ops->name,
+ state->gensec_security, subreq);
+
return req;
}
@@ -484,15 +466,35 @@ static void gensec_update_done(struct tevent_req *subreq)
tevent_req_data(req,
struct gensec_update_state);
NTSTATUS status;
+ const char *debug_subreq = NULL;
+
+ if (CHECK_DEBUGLVL(DBGLVL_DEBUG)) {
+ /*
+ * We need to call tevent_req_print()
+ * before calling the _recv function,
+ * before tevent_req_received() was called.
+ * in order to print the pointer value of
+ * the subreq state.
+ */
+ debug_subreq = tevent_req_print(state, subreq);
+ }
status = state->ops->update_recv(subreq, state, &state->out);
TALLOC_FREE(subreq);
state->status = status;
- if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- tevent_req_done(req);
+ if (GENSEC_UPDATE_IS_NTERROR(status)) {
+ DBG_INFO("%s[%p]: %s%s%s\n", state->ops->name,
+ state->gensec_security, nt_errstr(status),
+ debug_subreq ? " " : "",
+ debug_subreq ? debug_subreq : "");
+ tevent_req_nterror(req, status);
return;
}
- if (tevent_req_nterror(req, status)) {
+ DBG_DEBUG("%s[%p]: %s %s\n", state->ops->name,
+ state->gensec_security, nt_errstr(status),
+ debug_subreq);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ tevent_req_done(req);
return;
}
diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h
index a466f27..d424067 100644
--- a/auth/gensec/gensec.h
+++ b/auth/gensec/gensec.h
@@ -138,10 +138,6 @@ size_t gensec_max_update_size(struct gensec_security *gensec_security);
NTSTATUS gensec_update(struct gensec_security *gensec_security,
TALLOC_CTX *out_mem_ctx,
const DATA_BLOB in, DATA_BLOB *out);
-NTSTATUS gensec_update_ev(struct gensec_security *gensec_security,
- TALLOC_CTX *out_mem_ctx,
- struct tevent_context *ev,
- const DATA_BLOB in, DATA_BLOB *out);
struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct gensec_security *gensec_security,
diff --git a/auth/gensec/gensec_internal.h b/auth/gensec/gensec_internal.h
index c73be11..911b48b 100644
--- a/auth/gensec/gensec_internal.h
+++ b/auth/gensec/gensec_internal.h
@@ -86,6 +86,7 @@ struct gensec_security_ops {
bool enabled;
bool kerberos;
enum gensec_priority priority;
+ bool glue;
};
struct gensec_security_ops_wrapper {
diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c
index 6a12935..4276620 100644
--- a/auth/gensec/gensec_start.c
+++ b/auth/gensec/gensec_start.c
@@ -98,15 +98,12 @@ _PUBLIC_ const struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX
j = 0;
for (i=0; old_gensec_list && old_gensec_list[i]; i++) {
- int oid_idx;
bool keep = false;
- for (oid_idx = 0; old_gensec_list[i]->oid && old_gensec_list[i]->oid[oid_idx]; oid_idx++) {
- if (strcmp(old_gensec_list[i]->oid[oid_idx], GENSEC_OID_SPNEGO) == 0) {
- keep = true;
- break;
- }
- }
+ /*
+ * We want to keep SPNGEO and other backends
+ */
+ keep = old_gensec_list[i]->glue;
if (old_gensec_list[i]->auth_type == DCERPC_AUTH_TYPE_SCHANNEL) {
keep = keep_schannel;
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index 6168c93..9857e78 100644
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -47,6 +47,74 @@ enum spnego_state_position {
SPNEGO_DONE
};
+struct spnego_state;
+struct spnego_neg_ops;
+struct spnego_neg_state;
+
+struct spnego_neg_state {
+ const struct spnego_neg_ops *ops;
+ const struct gensec_security_ops_wrapper *all_sec;
+ size_t all_idx;
+ const char * const *mech_types;
+ size_t mech_idx;
+};
+
+struct spnego_neg_ops {
+ const char *name;
+ /*
+ * The start hook does the initial processing on the incoming paket and
+ * may starts the first possible subcontext. It indicates that
+ * gensec_update() is required on the subcontext by returning
+ * NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in
+ * 'in_next'. Note that 'in_mem_ctx' is just passed as a hint, the
+ * caller should treat 'in_next' as const and don't attempt to free the
+ * content. NT_STATUS_OK indicates the finish hook should be invoked
+ * directly withing the need of gensec_update() on the subcontext.
+ * Every other error indicates an error that's returned to the caller.
+ */
+ NTSTATUS (*start_fn)(struct gensec_security *gensec_security,
+ struct spnego_state *spnego_state,
+ struct spnego_neg_state *n,
+ struct spnego_data *spnego_in,
+ TALLOC_CTX *in_mem_ctx,
+ DATA_BLOB *in_next);
+ /*
+ * The step hook processes the result of a failed gensec_update() and
+ * can decide to ignore a failure and continue the negotiation by
+ * setting up the next possible subcontext. It indicates that
+ * gensec_update() is required on the subcontext by returning
+ * NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in
+ * 'in_next'. Note that 'in_mem_ctx' is just passed as a hint, the
+ * caller should treat 'in_next' as const and don't attempt to free the
+ * content. NT_STATUS_OK indicates the finish hook should be invoked
+ * directly withing the need of gensec_update() on the subcontext.
+ * Every other error indicates an error that's returned to the caller.
+ */
+ NTSTATUS (*step_fn)(struct gensec_security *gensec_security,
+ struct spnego_state *spnego_state,
+ struct spnego_neg_state *n,
+ struct spnego_data *spnego_in,
+ NTSTATUS last_status,
+ TALLOC_CTX *in_mem_ctx,
+ DATA_BLOB *in_next);
+ /*
+ * The finish hook processes the result of a successful gensec_update()
+ * (NT_STATUS_OK or NT_STATUS_MORE_PROCESSING_REQUIRED). It forms the
+ * response pdu that will be returned from the toplevel gensec_update()
+ * together with NT_STATUS_OK or NT_STATUS_MORE_PROCESSING_REQUIRED. It
+ * may also alter the state machine to prepare receiving the next pdu
+ * from the peer.
+ */
+ NTSTATUS (*finish_fn)(struct gensec_security *gensec_security,
+ struct spnego_state *spnego_state,
+ struct spnego_neg_state *n,
+ struct spnego_data *spnego_in,
+ NTSTATUS sub_status,
+ const DATA_BLOB sub_out,
+ TALLOC_CTX *out_mem_ctx,
+ DATA_BLOB *out);
+};
+
struct spnego_state {
enum spnego_message_type expected_packet;
enum spnego_state_position state_position;
@@ -77,7 +145,21 @@ struct spnego_state {
NTSTATUS out_status;
};
-static void gensec_spnego_update_sub_abort(struct spnego_state *spnego_state)
+static struct spnego_neg_state *gensec_spnego_neg_state(TALLOC_CTX *mem_ctx,
+ const struct spnego_neg_ops *ops)
+{
+ struct spnego_neg_state *n = NULL;
+
+ n = talloc_zero(mem_ctx, struct spnego_neg_state);
+ if (n == NULL) {
+ return NULL;
+ }
+ n->ops = ops;
+
+ return n;
+}
+
+static void gensec_spnego_reset_sub_sec(struct spnego_state *spnego_state)
{
spnego_state->sub_sec_ready = false;
TALLOC_FREE(spnego_state->sub_sec_security);
@@ -140,22 +222,23 @@ static NTSTATUS gensec_spnego_server_start(struct gensec_security *gensec_securi
static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec_security,
struct spnego_state *spnego_state,
- struct tevent_context *ev,
- TALLOC_CTX *out_mem_ctx,
- const DATA_BLOB in, DATA_BLOB *out)
+ TALLOC_CTX *mem_ctx,
+ const DATA_BLOB in)
{
int i,j;
const struct gensec_security_ops **all_ops;
- all_ops = gensec_security_mechs(gensec_security, out_mem_ctx);
+ all_ops = gensec_security_mechs(gensec_security, mem_ctx);
for (i=0; all_ops && all_ops[i]; i++) {
bool is_spnego;
NTSTATUS nt_status;
- if (gensec_security != NULL &&
- !gensec_security_ops_enabled(all_ops[i], gensec_security))
- continue;
+ if (gensec_security != NULL &&
+ !gensec_security_ops_enabled(all_ops[i], gensec_security))
+ {
+ continue;
+ }
if (!all_ops[i]->oid) {
continue;
@@ -195,392 +278,811 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
- nt_status = gensec_update_ev(spnego_state->sub_sec_security,
- out_mem_ctx, ev, in, out);
- return nt_status;
+
+ return NT_STATUS_OK;
}
DEBUG(1, ("Failed to parse SPNEGO request\n"));
return NT_STATUS_INVALID_PARAMETER;
}
-/*
- Parse the netTokenInit, either from the client, to the server, or
- from the server to the client.
-*/
+static NTSTATUS gensec_spnego_create_negTokenInit_start(
+ struct gensec_security *gensec_security,
+ struct spnego_state *spnego_state,
+ struct spnego_neg_state *n,
+ struct spnego_data *spnego_in,
+ TALLOC_CTX *in_mem_ctx,
+ DATA_BLOB *in_next)
+{
+ n->mech_idx = 0;
+ n->mech_types = gensec_security_oids(gensec_security, n,
+ GENSEC_OID_SPNEGO);
+ if (n->mech_types == NULL) {
+ DBG_WARNING("gensec_security_oids() failed\n");
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ n->all_idx = 0;
+ n->all_sec = gensec_security_by_oid_list(gensec_security,
+ n, n->mech_types,
+ GENSEC_OID_SPNEGO);
+ if (n->all_sec == NULL) {
+ DBG_WARNING("gensec_security_by_oid_list() failed\n");
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return n->ops->step_fn(gensec_security, spnego_state, n,
+ spnego_in, NT_STATUS_OK, in_mem_ctx, in_next);
+}
-static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_security,
- struct spnego_state *spnego_state,
- TALLOC_CTX *out_mem_ctx,
- struct tevent_context *ev,
- struct spnego_data *spnego_in,
- DATA_BLOB *unwrapped_out)
+static NTSTATUS gensec_spnego_create_negTokenInit_step(
+ struct gensec_security *gensec_security,
+ struct spnego_state *spnego_state,
+ struct spnego_neg_state *n,
+ struct spnego_data *spnego_in,
+ NTSTATUS last_status,
+ TALLOC_CTX *in_mem_ctx,
+ DATA_BLOB *in_next)
{
- int i;
- NTSTATUS nt_status = NT_STATUS_INVALID_PARAMETER;
- const char * const *mechType = NULL;
- DATA_BLOB unwrapped_in = data_blob_null;
- bool ok;
- const struct gensec_security_ops_wrapper *all_sec = NULL;
+ if (!NT_STATUS_IS_OK(last_status)) {
+ const struct gensec_security_ops_wrapper *cur_sec =
+ &n->all_sec[n->all_idx];
+ const struct gensec_security_ops_wrapper *next_sec = NULL;
+ const char *next = NULL;
+ const char *principal = NULL;
+ int dbg_level = DBGLVL_WARNING;
+ NTSTATUS status = last_status;
+
+ if (cur_sec[1].op != NULL) {
+ next_sec = &cur_sec[1];
+ }
+
+ if (next_sec != NULL) {
+ next = next_sec->op->name;
+ dbg_level = DBGLVL_NOTICE;
+ }
+
+ if (gensec_security->target.principal != NULL) {
+ principal = gensec_security->target.principal;
+ } else if (gensec_security->target.service != NULL &&
+ gensec_security->target.hostname != NULL)
+ {
+ principal = talloc_asprintf(spnego_state->sub_sec_security,
+ "%s/%s",
+ gensec_security->target.service,
+ gensec_security->target.hostname);
+ } else {
+ principal = gensec_security->target.hostname;
+ }
+
+ DBG_PREFIX(dbg_level, (
+ "%s: creating NEG_TOKEN_INIT for %s failed "
+ "(next[%s]): %s\n", cur_sec->op->name,
+ principal, next, nt_errstr(status)));
+
+ if (next == NULL) {
+ /*
+ * A hard error without a possible fallback.
+ */
+ return status;
+ }
+
+ /*
+ * Pretend we never started it
+ */
+ gensec_spnego_reset_sub_sec(spnego_state);
- if (spnego_in->type != SPNEGO_NEG_TOKEN_INIT) {
- return NT_STATUS_INTERNAL_ERROR;
+ /*
+ * And try the next one...
+ */
+ n->all_idx += 1;
}
- mechType = spnego_in->negTokenInit.mechTypes;
- unwrapped_in = spnego_in->negTokenInit.mechToken;
+ for (; n->all_sec[n->all_idx].op != NULL; n->all_idx++) {
+ const struct gensec_security_ops_wrapper *cur_sec =
+ &n->all_sec[n->all_idx];
+ NTSTATUS status;
+
+ status = gensec_subcontext_start(spnego_state,
+ gensec_security,
+ &spnego_state->sub_sec_security);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ /* select the sub context */
+ status = gensec_start_mech_by_ops(spnego_state->sub_sec_security,
+ cur_sec->op);
+ if (!NT_STATUS_IS_OK(status)) {
+ gensec_spnego_reset_sub_sec(spnego_state);
+ continue;
+ }
+
+ /* In the client, try and produce the first (optimistic) packet */
+ if (spnego_state->state_position == SPNEGO_CLIENT_START) {
+ *in_next = data_blob_null;
+ return NT_STATUS_MORE_PROCESSING_REQUIRED;
--
Samba Shared Repository
More information about the samba-cvs
mailing list