struct spnego_context **spnego_ctx)
{
struct spnego_context *sp_ctx = NULL;
+ struct auth_generic_state *auth_ntlmssp_state;
NTSTATUS status;
status = spnego_context_init(mem_ctx, do_sign, do_seal, &sp_ctx);
sp_ctx->mech = SPNEGO_NTLMSSP;
status = auth_ntlmssp_client_prepare(sp_ctx,
- &sp_ctx->mech_ctx.ntlmssp_state);
+ &auth_ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
return status;
}
- status = auth_ntlmssp_set_username(sp_ctx->mech_ctx.ntlmssp_state,
+ status = auth_ntlmssp_set_username(auth_ntlmssp_state,
username);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
return status;
}
- status = auth_ntlmssp_set_domain(sp_ctx->mech_ctx.ntlmssp_state,
+ status = auth_ntlmssp_set_domain(auth_ntlmssp_state,
domain);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
return status;
}
- status = auth_ntlmssp_set_password(sp_ctx->mech_ctx.ntlmssp_state,
+ status = auth_ntlmssp_set_password(auth_ntlmssp_state,
password);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
}
if (do_sign) {
- auth_ntlmssp_want_feature(sp_ctx->mech_ctx.ntlmssp_state,
- NTLMSSP_FEATURE_SIGN);
+ gensec_want_feature(auth_ntlmssp_state->gensec_security,
+ GENSEC_FEATURE_SIGN);
} else if (do_seal) {
- auth_ntlmssp_want_feature(sp_ctx->mech_ctx.ntlmssp_state,
- NTLMSSP_FEATURE_SEAL);
+ gensec_want_feature(auth_ntlmssp_state->gensec_security,
+ GENSEC_FEATURE_SEAL);
}
- status = auth_ntlmssp_client_start(sp_ctx->mech_ctx.ntlmssp_state);
+ status = auth_ntlmssp_client_start(auth_ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
return status;
}
+ sp_ctx->mech_ctx.gensec_security = talloc_move(sp_ctx, &auth_ntlmssp_state->gensec_security);
+ TALLOC_FREE(auth_ntlmssp_state);
*spnego_ctx = sp_ctx;
return NT_STATUS_OK;
}
DATA_BLOB *spnego_out)
{
struct gse_context *gse_ctx;
- struct auth_ntlmssp_state *ntlmssp_ctx;
+ struct gensec_security *gensec_security;
struct spnego_data sp_in, sp_out;
DATA_BLOB token_in = data_blob_null;
DATA_BLOB token_out = data_blob_null;
case SPNEGO_NTLMSSP:
- ntlmssp_ctx = sp_ctx->mech_ctx.ntlmssp_state;
- status = gensec_update(ntlmssp_ctx->gensec_security, mem_ctx, NULL,
+ gensec_security = sp_ctx->mech_ctx.gensec_security;
+ status = gensec_update(gensec_security, mem_ctx, NULL,
token_in, &token_out);
if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
*auth_context = sp_ctx->mech_ctx.gssapi_state;
break;
case SPNEGO_NTLMSSP:
- *auth_context = sp_ctx->mech_ctx.ntlmssp_state;
+ *auth_context = sp_ctx->mech_ctx.gensec_security;
break;
default:
return NT_STATUS_INTERNAL_ERROR;
DATA_BLOB spnego_get_session_key(TALLOC_CTX *mem_ctx,
struct spnego_context *sp_ctx)
{
+ DATA_BLOB sk;
+ NTSTATUS status;
switch (sp_ctx->mech) {
case SPNEGO_KRB5:
return gse_get_session_key(mem_ctx,
sp_ctx->mech_ctx.gssapi_state);
case SPNEGO_NTLMSSP:
- return auth_ntlmssp_get_session_key(
- sp_ctx->mech_ctx.ntlmssp_state, mem_ctx);
+ status = gensec_session_key(sp_ctx->mech_ctx.gensec_security, mem_ctx, &sk);
+ if (!NT_STATUS_IS_OK(status)) {
+ return data_blob_null;
+ }
+ return sk;
default:
DEBUG(0, ("Unsupported type in request!\n"));
return data_blob_null;
sp_ctx->mech_ctx.gssapi_state,
data, signature);
case SPNEGO_NTLMSSP:
- return auth_ntlmssp_sign_packet(
- sp_ctx->mech_ctx.ntlmssp_state,
- mem_ctx,
- data->data, data->length,
- full_data->data, full_data->length,
- signature);
+ return gensec_sign_packet(
+ sp_ctx->mech_ctx.gensec_security,
+ mem_ctx,
+ data->data, data->length,
+ full_data->data, full_data->length,
+ signature);
default:
return NT_STATUS_INVALID_PARAMETER;
}
sp_ctx->mech_ctx.gssapi_state,
data, signature);
case SPNEGO_NTLMSSP:
- return auth_ntlmssp_check_packet(
- sp_ctx->mech_ctx.ntlmssp_state,
- data->data, data->length,
- full_data->data, full_data->length,
- signature);
+ return gensec_check_packet(
+ sp_ctx->mech_ctx.gensec_security,
+ data->data, data->length,
+ full_data->data, full_data->length,
+ signature);
default:
return NT_STATUS_INVALID_PARAMETER;
}
sp_ctx->mech_ctx.gssapi_state,
data, signature);
case SPNEGO_NTLMSSP:
- return auth_ntlmssp_seal_packet(
- sp_ctx->mech_ctx.ntlmssp_state,
- mem_ctx,
- data->data, data->length,
- full_data->data, full_data->length,
- signature);
+ return gensec_seal_packet(
+ sp_ctx->mech_ctx.gensec_security,
+ mem_ctx,
+ data->data, data->length,
+ full_data->data, full_data->length,
+ signature);
default:
return NT_STATUS_INVALID_PARAMETER;
}
sp_ctx->mech_ctx.gssapi_state,
data, signature);
case SPNEGO_NTLMSSP:
- return auth_ntlmssp_unseal_packet(
- sp_ctx->mech_ctx.ntlmssp_state,
- data->data, data->length,
- full_data->data, full_data->length,
- signature);
+ return gensec_unseal_packet(
+ sp_ctx->mech_ctx.gensec_security,
+ data->data, data->length,
+ full_data->data, full_data->length,
+ signature);
default:
return NT_STATUS_INVALID_PARAMETER;
}
git.samba.org / mat / samba.git / blobdiff