The branch, master has been updated via 9177a0d libcli/auth: add more const to spnego_negTokenInit->mechTypes via f1e6014 libcli/auth: avoid possible mem leak in read_negTokenInit() via 966faef auth/gensec: treat struct gensec_security_ops as const if possible. via c81b6f7 auth/gensec: use 'const char * const *' for function parameters via e81550c auth/gensec: make it possible to implement async backends via 6a7a44d auth/gensec: avoid talloc_reference in gensec_security_mechs() via 3e3534f auth/gensec: avoid talloc_reference in gensec_use_kerberos_mechs() via 71c63e8 auth/gensec: introduce gensec_internal.h via 57bcbb9 libcli/auth/schannel: remove unused schannel_position via 4c978b6 libcli/auth/schannel: make struct schannel_state private via e90e1b5 s4:gensec/schannel: only require librpc/gen_ndr/dcerpc.h via 9b9ab1a s4:gensec/schannel: there's no point in having schannel_session_key() via a07049a s4:gensec/schannel: GENSEC_FEATURE_ASYNC_REPLIES is not supported via b510476 s4:gensec/schannel: use the correct computer_name from netlogon_creds_CredentialState via 49f347e s4:gensec/schannel: simplify the code by using netsec_create_state() via 4cad5dc s4:gensec/schannel: remove unused dcerpc_schannel_creds() via 2ea3a24 s4:torture: avoid usage of dcerpc_schannel_creds() via c014427 s4:libnet: avoid usage of dcerpc_schannel_creds() via a36ccdc s3:dcerpc_helpers: remove unused DEBUG message of schannel_state->seq_num. via a964309 s3:rpc_server: make use of netsec_create_state() via af4dc30 s3:cli_pipe.c: return NO_USER_SESSION_KEY in cli_get_session_key() for schannel via 838cb53 s3:cli_pipe: pass down creds->computer_name to NL_AUTH_MESSAGE via e96142f s3:cli_pipe: make use of netsec_create_state() via 3321539 libcli/auth: add netsec_create_state() via 9f2e81a libcli/auth: maintain the sequence number for the NETLOGON SSP as 64bit via 59b0956 auth/gensec: add gensec_security_by_auth_type() via 45c74c8 auth/gensec: first check GENSEC_FEATURE_SESSION_KEY before returning NOT_IMPLEMENTED via 04938cb s3:rpc_client: remove unused cli_rpc_pipe_open_ntlmssp_auth_schannel() via 3302356 s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind* via eecb5ba s3:rpc_client: add netr_LogonGetCapabilities to cli_rpc_pipe_open_schannel_with_key() via e9c8e3f s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind via 90e28c1 s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done() via e77a64f s3:rpcclient: try to use NETLOGON_NEG_SUPPORTS_AES via 0460063 s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AES via beba326 s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AES via d82ab705 s3:auth_domain: try to use NETLOGON_NEG_SUPPORTS_AES via 11e0be0 s3:libsmb: remove unused cli_state->is_guestlogin from d944841 torture: add smb2 FSCTL_[GET/SET]_COMPRESSION test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 9177a0d1c1c92c45ef92fbda55fc6dd8aeb76b6c Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 10:46:47 2013 +0200 libcli/auth: add more const to spnego_negTokenInit->mechTypes Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Stefan Metzmacher <me...@samba.org> Autobuild-Date(master): Sat Aug 10 11:11:54 CEST 2013 on sn-devel-104 commit f1e60142e12deb560e3c62441fd9ff2acd086b60 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 10:43:38 2013 +0200 libcli/auth: avoid possible mem leak in read_negTokenInit() Also add error checks. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 966faef9c61d2ec02d75fc3ccc82a61524fb77e4 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 11:20:21 2013 +0200 auth/gensec: treat struct gensec_security_ops as const if possible. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit c81b6f7448d7f945635784de645bea4f7f2e230f Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 11:10:55 2013 +0200 auth/gensec: use 'const char * const *' for function parameters Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e81550c8117166d0fbf69ba1d3957cb950c42961 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 16:12:13 2013 +0200 auth/gensec: make it possible to implement async backends Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6a7a44db5999af7262478eb1c186d784d6075beb Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 10:39:16 2013 +0200 auth/gensec: avoid talloc_reference in gensec_security_mechs() We now always copy. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 3e3534f882651880093381f5a7846c0938df6501 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 10:37:26 2013 +0200 auth/gensec: avoid talloc_reference in gensec_use_kerberos_mechs() We now always copy. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 71c63e85e7a09acb57f6b75284358f2b3b29eeed Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 07:12:01 2013 +0200 auth/gensec: introduce gensec_internal.h We should treat most gensec related structures private. It's a long way, but this is a start. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 57bcbb9c50f0a0252110a1e04a2883b511cd9165 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 15:42:21 2013 +0200 libcli/auth/schannel: remove unused schannel_position Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 4c978b68d9a87001f625c10421e7d4cc140b4554 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 13:37:54 2013 +0200 libcli/auth/schannel: make struct schannel_state private Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e90e1b5c76db4cf589adf8856eb32e5f0d955734 Author: Stefan Metzmacher <me...@samba.org> Date: Sat Aug 3 11:32:31 2013 +0200 s4:gensec/schannel: only require librpc/gen_ndr/dcerpc.h We just need DCERPC_AUTH_TYPE_SCHANNEL Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9b9ab1ae6963b3819dc2b095cbe9e1432f3459b7 Author: Stefan Metzmacher <me...@samba.org> Date: Sat Aug 3 11:27:55 2013 +0200 s4:gensec/schannel: there's no point in having schannel_session_key() gensec_session_key() will return NT_STATUS_NO_USER_SESSION_KEY before calling schannel_session_key(), as we don't provide GENSEC_FEATURE_SESSION_KEY. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit a07049a839729e29ca888bae353cd37fd6238486 Author: Stefan Metzmacher <me...@samba.org> Date: Sat Aug 3 11:21:32 2013 +0200 s4:gensec/schannel: GENSEC_FEATURE_ASYNC_REPLIES is not supported There's a sequence number attached to the connection, which needs to be incremented with each message... Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit b5104768225ae0308aa3f22f8d9bca389ef3cb3a Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 13:25:20 2013 +0200 s4:gensec/schannel: use the correct computer_name from netlogon_creds_CredentialState We need to use the same computer_name we used in the netr_Authenticate3 request. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 49f347eb11bd12a3f25b0fcb8ba36d4a36594868 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 13:04:07 2013 +0200 s4:gensec/schannel: simplify the code by using netsec_create_state() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 4cad5dcb6d5e49cc9bb1aa4ca454f369e00e8c6f Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 12:31:41 2013 +0200 s4:gensec/schannel: remove unused dcerpc_schannel_creds() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 2ea3a24dced0814100e352bbbca124011be73602 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 10:08:54 2013 +0200 s4:torture: avoid usage of dcerpc_schannel_creds() We use cli_credentials_get_netlogon_creds() which returns the same value. dcerpc_schannel_creds() is a layer violation. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit c0144273af8f0956a05d102113c40cec77069f7a Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 10:08:54 2013 +0200 s4:libnet: avoid usage of dcerpc_schannel_creds() We use cli_credentials_get_netlogon_creds() which returns the same value. dcerpc_schannel_creds() is a layer violation. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit a36ccdc83edb7437dd00601c459421286fd79db4 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 13:36:30 2013 +0200 s3:dcerpc_helpers: remove unused DEBUG message of schannel_state->seq_num. This is a layer violation and not needed anymore as we know how the seqnum handling works now. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit a964309bf7631f4f6953e0d6556f8ed8e5300dcc Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 13:33:37 2013 +0200 s3:rpc_server: make use of netsec_create_state() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit af4dc306846a30a5a1201306cc2cbf4d494e16e7 Author: Stefan Metzmacher <me...@samba.org> Date: Sat Aug 3 08:50:54 2013 +0200 s3:cli_pipe.c: return NO_USER_SESSION_KEY in cli_get_session_key() for schannel SCHANNEL connections don't have a user session key, they're like anonymous connections. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 838cb539621ef19cac6badb4b10678dcc3a6f68a Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 13:28:59 2013 +0200 s3:cli_pipe: pass down creds->computer_name to NL_AUTH_MESSAGE We need to use the same computer_name value as in the netr_Authenticate3() request. We abuse cli->auth->user_name to pass the value down. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e96142fc439efb7c90719f9c387778c4218ae637 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 13:28:11 2013 +0200 s3:cli_pipe: make use of netsec_create_state() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 33215398f32c76f4b8ada7b547c6d0741cb2ac16 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Aug 2 12:53:42 2013 +0200 libcli/auth: add netsec_create_state() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9f2e81ae02549369db49c05edf7071612a03a8b8 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 24 12:33:28 2013 +0200 libcli/auth: maintain the sequence number for the NETLOGON SSP as 64bit See [MS-NPRC] 3.3.4.2 The Netlogon Signature Token. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 59b09564a7edac8dc241269587146342244ce58b Author: Stefan Metzmacher <me...@samba.org> Date: Sat Aug 3 11:43:58 2013 +0200 auth/gensec: add gensec_security_by_auth_type() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 45c74c8084d2db14fef6a79cd98068be2ab73f30 Author: Stefan Metzmacher <me...@samba.org> Date: Sat Aug 3 11:26:13 2013 +0200 auth/gensec: first check GENSEC_FEATURE_SESSION_KEY before returning NOT_IMPLEMENTED Preferr NT_STATUS_NO_USER_SESSION_KEY as return value of gensec_session_key(). Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 04938cbeecc777f7b799a11f1ca0461b351d968a Author: Stefan Metzmacher <me...@samba.org> Date: Thu Apr 25 19:33:28 2013 +0200 s3:rpc_client: remove unused cli_rpc_pipe_open_ntlmssp_auth_schannel() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 3302356226cca474f0afab9a129220241c16663f Author: Stefan Metzmacher <me...@samba.org> Date: Thu Apr 25 18:30:36 2013 +0200 s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind* It's done in the caller now. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit eecb5bafba5b362d4fdf33d6a2a32e4ee56f30a4 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Apr 25 19:34:13 2013 +0200 s3:rpc_client: add netr_LogonGetCapabilities to cli_rpc_pipe_open_schannel_with_key() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e9c8e3fb92143525f846523e446e2213e5b55d9d Author: Stefan Metzmacher <me...@samba.org> Date: Thu Apr 25 19:45:52 2013 +0200 s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 90e28c1825b2c48714d7b34fdb57d3878116d07e Author: Stefan Metzmacher <me...@samba.org> Date: Thu Apr 25 19:57:09 2013 +0200 s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e77a64f505fc43628e487e832033d0cd8ec4de8e Author: Stefan Metzmacher <me...@samba.org> Date: Sat Jun 15 09:41:52 2013 +0200 s3:rpcclient: try to use NETLOGON_NEG_SUPPORTS_AES Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 04600634b3e761d7c56f699fd4ba80b4cd2926a1 Author: Stefan Metzmacher <me...@samba.org> Date: Sat Jun 15 09:41:52 2013 +0200 s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AES Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit beba32619a91977543f882432fd08acc9de78fd3 Author: Stefan Metzmacher <me...@samba.org> Date: Sat Jun 15 09:41:52 2013 +0200 s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AES Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d82ab70579ff2bcb69f997068482b198f321d1ef Author: Stefan Metzmacher <me...@samba.org> Date: Sat Jun 15 09:41:52 2013 +0200 s3:auth_domain: try to use NETLOGON_NEG_SUPPORTS_AES Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 11e0be0e72cfc4bc65ba2b0ffd10cbae3ad69b2d Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 5 20:26:54 2013 +0200 s3:libsmb: remove unused cli_state->is_guestlogin Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: auth/gensec/gensec.c | 210 +++++++++++++++++------ auth/gensec/gensec.h | 119 ++----------- auth/gensec/gensec_internal.h | 134 ++++++++++++++ auth/gensec/gensec_start.c | 142 +++++++++------ auth/gensec/gensec_util.c | 1 + auth/gensec/spnego.c | 11 +- auth/ntlmssp/gensec_ntlmssp.c | 1 + auth/ntlmssp/gensec_ntlmssp_server.c | 1 + auth/ntlmssp/ntlmssp.c | 1 + auth/ntlmssp/ntlmssp_client.c | 1 + auth/ntlmssp/ntlmssp_server.c | 1 + libcli/auth/schannel.h | 13 -- libcli/auth/schannel_proto.h | 3 + libcli/auth/schannel_sign.c | 45 +++++- libcli/auth/spnego.h | 2 +- libcli/auth/spnego_parse.c | 36 +++- libcli/auth/spnego_proto.h | 2 +- source3/auth/auth_domain.c | 3 +- source3/auth/auth_generic.c | 15 +- source3/include/client.h | 1 - source3/libads/authdata.c | 12 +- source3/libnet/libnet_join.c | 3 +- source3/librpc/crypto/gse.c | 1 + source3/librpc/rpc/dcerpc_helpers.c | 3 - source3/libsmb/auth_generic.c | 15 +- source3/libsmb/cliconnect.c | 5 - source3/libsmb/ntlmssp_wrap.c | 1 + source3/rpc_client/cli_netlogon.c | 3 +- source3/rpc_client/cli_pipe.c | 301 ++++++++++++------------------- source3/rpc_client/cli_pipe.h | 9 - source3/rpc_client/cli_pipe_schannel.c | 82 +--------- source3/rpc_server/srv_pipe.c | 12 +- source3/rpcclient/cmd_netlogon.c | 3 +- source3/rpcclient/rpcclient.c | 3 +- source3/utils/ntlm_auth.c | 25 ++-- source4/auth/gensec/cyrus_sasl.c | 1 + source4/auth/gensec/gensec_gssapi.c | 1 + source4/auth/gensec/gensec_krb5.c | 1 + source4/auth/gensec/pygensec.c | 1 + source4/auth/gensec/schannel.c | 141 ++++----------- source4/auth/gensec/schannel.h | 26 --- source4/ldap_server/ldap_backend.c | 5 +- source4/libcli/ldap/ldap_bind.c | 1 + source4/libnet/libnet_samsync.c | 7 +- source4/torture/auth/ntlmssp.c | 1 + source4/torture/rpc/samlogon.c | 5 +- source4/torture/rpc/samr.c | 6 +- source4/torture/rpc/samsync.c | 11 +- source4/torture/rpc/schannel.c | 6 +- source4/utils/ntlm_auth.c | 1 + 50 files changed, 705 insertions(+), 729 deletions(-) create mode 100644 auth/gensec/gensec_internal.h delete mode 100644 source4/auth/gensec/schannel.h Changeset truncated at 500 lines: diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c index ea62861..abcbcb9 100644 --- a/auth/gensec/gensec.c +++ b/auth/gensec/gensec.c @@ -26,6 +26,7 @@ #include "lib/tsocket/tsocket.h" #include "lib/util/tevent_ntstatus.h" #include "auth/gensec/gensec.h" +#include "auth/gensec/gensec_internal.h" #include "librpc/rpc/dcerpc.h" /* @@ -155,13 +156,14 @@ _PUBLIC_ NTSTATUS gensec_session_key(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, DATA_BLOB *session_key) { - if (!gensec_security->ops->session_key) { - return NT_STATUS_NOT_IMPLEMENTED; - } if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SESSION_KEY)) { return NT_STATUS_NO_USER_SESSION_KEY; } + if (!gensec_security->ops->session_key) { + return NT_STATUS_NOT_IMPLEMENTED; + } + return gensec_security->ops->session_key(gensec_security, mem_ctx, session_key); } @@ -216,61 +218,92 @@ _PUBLIC_ NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_ const DATA_BLOB in, DATA_BLOB *out) { NTSTATUS status; + const struct gensec_security_ops *ops = gensec_security->ops; + TALLOC_CTX *frame = NULL; + struct tevent_req *subreq = NULL; + bool ok; - status = gensec_security->ops->update(gensec_security, out_mem_ctx, - ev, in, out); - if (!NT_STATUS_IS_OK(status)) { - return status; - } + if (ops->update_send == NULL) { - /* - * Because callers using the - * gensec_start_mech_by_auth_type() never call - * gensec_want_feature(), it isn't sensible for them - * to have to call gensec_have_feature() manually, and - * these are not points of negotiation, but are - * asserted by the client - */ - switch (gensec_security->dcerpc_auth_level) { - case DCERPC_AUTH_LEVEL_INTEGRITY: - if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) { - DEBUG(0,("Did not manage to negotiate mandetory feature " - "SIGN for dcerpc auth_level %u\n", - gensec_security->dcerpc_auth_level)); - return NT_STATUS_ACCESS_DENIED; - } - break; - case DCERPC_AUTH_LEVEL_PRIVACY: - if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) { - DEBUG(0,("Did not manage to negotiate mandetory feature " - "SIGN for dcerpc auth_level %u\n", - gensec_security->dcerpc_auth_level)); - return NT_STATUS_ACCESS_DENIED; + status = ops->update(gensec_security, out_mem_ctx, + ev, in, out); + if (!NT_STATUS_IS_OK(status)) { + return status; } - if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) { - DEBUG(0,("Did not manage to negotiate mandetory feature " - "SEAL for dcerpc auth_level %u\n", - gensec_security->dcerpc_auth_level)); - return NT_STATUS_ACCESS_DENIED; + + /* + * Because callers using the + * gensec_start_mech_by_auth_type() never call + * gensec_want_feature(), it isn't sensible for them + * to have to call gensec_have_feature() manually, and + * these are not points of negotiation, but are + * asserted by the client + */ + switch (gensec_security->dcerpc_auth_level) { + case DCERPC_AUTH_LEVEL_INTEGRITY: + if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) { + DEBUG(0,("Did not manage to negotiate mandetory feature " + "SIGN for dcerpc auth_level %u\n", + gensec_security->dcerpc_auth_level)); + return NT_STATUS_ACCESS_DENIED; + } + break; + case DCERPC_AUTH_LEVEL_PRIVACY: + if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) { + DEBUG(0,("Did not manage to negotiate mandetory feature " + "SIGN for dcerpc auth_level %u\n", + gensec_security->dcerpc_auth_level)); + return NT_STATUS_ACCESS_DENIED; + } + if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) { + DEBUG(0,("Did not manage to negotiate mandetory feature " + "SEAL for dcerpc auth_level %u\n", + gensec_security->dcerpc_auth_level)); + return NT_STATUS_ACCESS_DENIED; + } + break; + default: + break; } - break; - default: - break; + + return NT_STATUS_OK; } - return NT_STATUS_OK; + frame = talloc_stackframe(); + + subreq = ops->update_send(frame, ev, gensec_security, in); + if (subreq == NULL) { + goto fail; + } + ok = tevent_req_poll_ntstatus(subreq, ev, &status); + if (!ok) { + goto fail; + } + status = ops->update_recv(subreq, out_mem_ctx, out); + fail: + TALLOC_FREE(frame); + return status; } struct gensec_update_state { - struct tevent_immediate *im; + const struct gensec_security_ops *ops; + struct tevent_req *subreq; struct gensec_security *gensec_security; - DATA_BLOB in; DATA_BLOB out; + + /* + * only for sync backends, we should remove this + * once all backends are async. + */ + struct tevent_immediate *im; + DATA_BLOB in; }; static void gensec_update_async_trigger(struct tevent_context *ctx, struct tevent_immediate *im, void *private_data); +static void gensec_update_subreq_done(struct tevent_req *subreq); + /** * Next state function for the GENSEC state machine async version * @@ -296,17 +329,31 @@ _PUBLIC_ struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx, return NULL; } - state->gensec_security = gensec_security; - state->in = in; - state->out = data_blob(NULL, 0); - state->im = tevent_create_immediate(state); - if (tevent_req_nomem(state->im, req)) { + state->ops = gensec_security->ops; + state->gensec_security = gensec_security; + + if (state->ops->update_send == NULL) { + state->in = in; + state->im = tevent_create_immediate(state); + if (tevent_req_nomem(state->im, req)) { + return tevent_req_post(req, ev); + } + + tevent_schedule_immediate(state->im, ev, + gensec_update_async_trigger, + req); + + return req; + } + + state->subreq = state->ops->update_send(state, ev, gensec_security, in); + if (tevent_req_nomem(state->subreq, req)) { return tevent_req_post(req, ev); } - tevent_schedule_immediate(state->im, ev, - gensec_update_async_trigger, - req); + tevent_req_set_callback(state->subreq, + gensec_update_subreq_done, + req); return req; } @@ -321,12 +368,71 @@ static void gensec_update_async_trigger(struct tevent_context *ctx, tevent_req_data(req, struct gensec_update_state); NTSTATUS status; - status = gensec_update(state->gensec_security, state, ctx, - state->in, &state->out); + status = state->ops->update(state->gensec_security, state, ctx, + state->in, &state->out); + if (tevent_req_nterror(req, status)) { + return; + } + + tevent_req_done(req); +} + +static void gensec_update_subreq_done(struct tevent_req *subreq) +{ + struct tevent_req *req = + tevent_req_callback_data(subreq, + struct tevent_req); + struct gensec_update_state *state = + tevent_req_data(req, + struct gensec_update_state); + NTSTATUS status; + + state->subreq = NULL; + + status = state->ops->update_recv(subreq, state, &state->out); + TALLOC_FREE(subreq); if (tevent_req_nterror(req, status)) { return; } + /* + * Because callers using the + * gensec_start_mech_by_authtype() never call + * gensec_want_feature(), it isn't sensible for them + * to have to call gensec_have_feature() manually, and + * these are not points of negotiation, but are + * asserted by the client + */ + switch (state->gensec_security->dcerpc_auth_level) { + case DCERPC_AUTH_LEVEL_INTEGRITY: + if (!gensec_have_feature(state->gensec_security, GENSEC_FEATURE_SIGN)) { + DEBUG(0,("Did not manage to negotiate mandetory feature " + "SIGN for dcerpc auth_level %u\n", + state->gensec_security->dcerpc_auth_level)); + tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED); + return; + } + break; + case DCERPC_AUTH_LEVEL_PRIVACY: + if (!gensec_have_feature(state->gensec_security, GENSEC_FEATURE_SIGN)) { + DEBUG(0,("Did not manage to negotiate mandetory feature " + "SIGN for dcerpc auth_level %u\n", + state->gensec_security->dcerpc_auth_level)); + tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED); + return; + } + if (!gensec_have_feature(state->gensec_security, GENSEC_FEATURE_SEAL)) { + DEBUG(0,("Did not manage to negotiate mandetory feature " + "SEAL for dcerpc auth_level %u\n", + state->gensec_security->dcerpc_auth_level)); + tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED); + return; + } + break; + default: + break; + } + tevent_req_done(req); } diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h index 396a16d..ac1fadf 100644 --- a/auth/gensec/gensec.h +++ b/auth/gensec/gensec.h @@ -76,6 +76,7 @@ struct gensec_settings; struct tevent_context; struct tevent_req; struct smb_krb5_context; +struct tsocket_address; struct gensec_settings { struct loadparm_context *lp_ctx; @@ -84,7 +85,7 @@ struct gensec_settings { /* this allows callers to specify a specific set of ops that * should be used, rather than those loaded by the plugin * mechanism */ - struct gensec_security_ops **backends; + const struct gensec_security_ops * const *backends; /* To fill in our own name in the NTLMSSP server */ const char *server_dns_domain; @@ -93,106 +94,13 @@ struct gensec_settings { const char *server_netbios_name; }; -struct gensec_security_ops { - const char *name; - const char *sasl_name; - uint8_t auth_type; /* 0 if not offered on DCE-RPC */ - const char **oid; /* NULL if not offered by SPNEGO */ - NTSTATUS (*client_start)(struct gensec_security *gensec_security); - NTSTATUS (*server_start)(struct gensec_security *gensec_security); - /** - Determine if a packet has the right 'magic' for this mechanism - */ - NTSTATUS (*magic)(struct gensec_security *gensec_security, - const DATA_BLOB *first_packet); - NTSTATUS (*update)(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, - struct tevent_context *ev, - const DATA_BLOB in, DATA_BLOB *out); - NTSTATUS (*seal_packet)(struct gensec_security *gensec_security, TALLOC_CTX *sig_mem_ctx, - uint8_t *data, size_t length, - const uint8_t *whole_pdu, size_t pdu_length, - DATA_BLOB *sig); - NTSTATUS (*sign_packet)(struct gensec_security *gensec_security, TALLOC_CTX *sig_mem_ctx, - const uint8_t *data, size_t length, - const uint8_t *whole_pdu, size_t pdu_length, - DATA_BLOB *sig); - size_t (*sig_size)(struct gensec_security *gensec_security, size_t data_size); - size_t (*max_input_size)(struct gensec_security *gensec_security); - size_t (*max_wrapped_size)(struct gensec_security *gensec_security); - NTSTATUS (*check_packet)(struct gensec_security *gensec_security, - const uint8_t *data, size_t length, - const uint8_t *whole_pdu, size_t pdu_length, - const DATA_BLOB *sig); - NTSTATUS (*unseal_packet)(struct gensec_security *gensec_security, - uint8_t *data, size_t length, - const uint8_t *whole_pdu, size_t pdu_length, - const DATA_BLOB *sig); - NTSTATUS (*wrap)(struct gensec_security *gensec_security, - TALLOC_CTX *mem_ctx, - const DATA_BLOB *in, - DATA_BLOB *out); - NTSTATUS (*unwrap)(struct gensec_security *gensec_security, - TALLOC_CTX *mem_ctx, - const DATA_BLOB *in, - DATA_BLOB *out); - NTSTATUS (*wrap_packets)(struct gensec_security *gensec_security, - TALLOC_CTX *mem_ctx, - const DATA_BLOB *in, - DATA_BLOB *out, - size_t *len_processed); - NTSTATUS (*unwrap_packets)(struct gensec_security *gensec_security, - TALLOC_CTX *mem_ctx, - const DATA_BLOB *in, - DATA_BLOB *out, - size_t *len_processed); - NTSTATUS (*packet_full_request)(struct gensec_security *gensec_security, - DATA_BLOB blob, size_t *size); - NTSTATUS (*session_key)(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, - DATA_BLOB *session_key); - NTSTATUS (*session_info)(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, - struct auth_session_info **session_info); - void (*want_feature)(struct gensec_security *gensec_security, - uint32_t feature); - bool (*have_feature)(struct gensec_security *gensec_security, - uint32_t feature); - NTTIME (*expire_time)(struct gensec_security *gensec_security); - bool enabled; - bool kerberos; - enum gensec_priority priority; -}; - -struct gensec_security_ops_wrapper { - const struct gensec_security_ops *op; - const char *oid; -}; +struct gensec_security_ops; +struct gensec_security_ops_wrapper; #define GENSEC_INTERFACE_VERSION 0 -struct gensec_security { - const struct gensec_security_ops *ops; - void *private_data; - struct cli_credentials *credentials; - struct gensec_target target; - enum gensec_role gensec_role; - bool subcontext; - uint32_t want_features; - uint32_t max_update_size; - uint8_t dcerpc_auth_level; - struct tsocket_address *local_addr, *remote_addr; - struct gensec_settings *settings; - - /* When we are a server, this may be filled in to provide an - * NTLM authentication backend, and user lookup (such as if no - * PAC is found) */ - struct auth4_context *auth_context; -}; - /* this structure is used by backends to determine the size of some critical types */ -struct gensec_critical_sizes { - int interface_version; - int sizeof_gensec_security_ops; - int sizeof_gensec_security; -}; +struct gensec_critical_sizes; const struct gensec_critical_sizes *gensec_interface_version(void); /* Socket wrapper */ @@ -268,12 +176,15 @@ const struct gensec_security_ops *gensec_security_by_oid(struct gensec_security const char *oid_string); const struct gensec_security_ops *gensec_security_by_sasl_name(struct gensec_security *gensec_security, const char *sasl_name); -struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gensec_security, +const struct gensec_security_ops *gensec_security_by_auth_type( + struct gensec_security *gensec_security, + uint32_t auth_type); +const struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx); const struct gensec_security_ops_wrapper *gensec_security_by_oid_list( struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, - const char **oid_strings, + const char * const *oid_strings, const char *skip); const char **gensec_security_oids(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, @@ -332,11 +243,11 @@ NTSTATUS gensec_wrap(struct gensec_security *gensec_security, const DATA_BLOB *in, DATA_BLOB *out); -struct gensec_security_ops **gensec_security_all(void); -bool gensec_security_ops_enabled(struct gensec_security_ops *ops, struct gensec_security *security); -struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx, - struct gensec_security_ops **old_gensec_list, - struct cli_credentials *creds); +const struct gensec_security_ops * const *gensec_security_all(void); +bool gensec_security_ops_enabled(const struct gensec_security_ops *ops, struct gensec_security *security); +const struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx, + const struct gensec_security_ops * const *old_gensec_list, + struct cli_credentials *creds); NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security, const char *sasl_name); diff --git a/auth/gensec/gensec_internal.h b/auth/gensec/gensec_internal.h new file mode 100644 index 0000000..c04164a --- /dev/null +++ b/auth/gensec/gensec_internal.h @@ -0,0 +1,134 @@ +/* + Unix SMB/CIFS implementation. + + Generic Authentication Interface + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Andrew Bartlett <abart...@samba.org> 2004-2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef __GENSEC_INTERNAL_H__ +#define __GENSEC_INTERNAL_H__ + +struct gensec_security; + +struct gensec_security_ops { + const char *name; + const char *sasl_name; + uint8_t auth_type; /* 0 if not offered on DCE-RPC */ + const char **oid; /* NULL if not offered by SPNEGO */ + NTSTATUS (*client_start)(struct gensec_security *gensec_security); + NTSTATUS (*server_start)(struct gensec_security *gensec_security); + /** + Determine if a packet has the right 'magic' for this mechanism + */ + NTSTATUS (*magic)(struct gensec_security *gensec_security, + const DATA_BLOB *first_packet); + NTSTATUS (*update)(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, + struct tevent_context *ev, + const DATA_BLOB in, DATA_BLOB *out); + struct tevent_req *(*update_send)(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct gensec_security *gensec_security, + const DATA_BLOB in); + NTSTATUS (*update_recv)(struct tevent_req *req, + TALLOC_CTX *out_mem_ctx, + DATA_BLOB *out); + NTSTATUS (*seal_packet)(struct gensec_security *gensec_security, TALLOC_CTX *sig_mem_ctx, + uint8_t *data, size_t length, + const uint8_t *whole_pdu, size_t pdu_length, -- Samba Shared Repository