r2629: convert gensec to the new talloc model

author Andrew Tridgell <tridge@samba.org>

Sat, 25 Sep 2004 12:08:57 +0000 (12:08 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 17:59:14 +0000 (12:59 -0500)
author Andrew Tridgell <tridge@samba.org>
Sat, 25 Sep 2004 12:08:57 +0000 (12:08 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 17:59:14 +0000 (12:59 -0500)
diff --git a/source4/libcli/auth/gensec.c b/source4/libcli/auth/gensec.c

index b47840dc65062f48552424b625388331982778c1..3d8246cd97b7aa9856a32e772e3356722adcdafd 100644 (file)
--- a/source4/libcli/auth/gensec.c
+++ b/source4/libcli/auth/gensec.c
@@ -114,26 +114,22 @@ const char **gensec_security_oids(TALLOC_CTX *mem_ctx, const char *skip)
         return oid_list;
  }
  
-static NTSTATUS gensec_start(struct gensec_security **gensec_security) 
+/*
+  note that memory context is the parent context to hang this gensec context off. It may be NULL.
+*/
+static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security) 
  {
-       TALLOC_CTX *mem_ctx;
         /* awaiting a correct fix from metze */
         if (!gensec_init()) {
                 return NT_STATUS_INTERNAL_ERROR;
         }
  
-       mem_ctx = talloc_init("gensec_security struct");
-       if (!mem_ctx) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       (*gensec_security) = talloc_p(mem_ctx, struct gensec_security);
+       (*gensec_security) = talloc_p(NULL, struct gensec_security);
         if (!(*gensec_security)) {
-               talloc_destroy(mem_ctx);
                 return NT_STATUS_NO_MEMORY;
         }
+       talloc_set_name(*gensec_security, "gensec_start");
  
-       (*gensec_security)->mem_ctx = mem_ctx;
         (*gensec_security)->ops = NULL;
  
         ZERO_STRUCT((*gensec_security)->user);
@@ -141,8 +137,8 @@ static NTSTATUS gensec_start(struct gensec_security **gensec_security)
         ZERO_STRUCT((*gensec_security)->default_user);
  
         (*gensec_security)->default_user.name = "";
-       (*gensec_security)->default_user.domain = talloc_strdup(mem_ctx, lp_workgroup());
-       (*gensec_security)->default_user.realm = talloc_strdup(mem_ctx, lp_realm());
+       (*gensec_security)->default_user.domain = talloc_strdup(*gensec_security, lp_workgroup());
+       (*gensec_security)->default_user.realm = talloc_strdup(*gensec_security, lp_realm());
  
         (*gensec_security)->subcontext = False;
         (*gensec_security)->want_features = 0;
@@ -158,7 +154,7 @@ static NTSTATUS gensec_start(struct gensec_security **gensec_security)
  NTSTATUS gensec_subcontext_start(struct gensec_security *parent, 
                                  struct gensec_security **gensec_security)
  {
-       (*gensec_security) = talloc_p(parent->mem_ctx, struct gensec_security);
+       (*gensec_security) = talloc_p(parent, struct gensec_security);
         if (!(*gensec_security)) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -172,10 +168,10 @@ NTSTATUS gensec_subcontext_start(struct gensec_security *parent,
         return NT_STATUS_OK;
  }
  
-NTSTATUS gensec_client_start(struct gensec_security **gensec_security)
+NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security)
  {
         NTSTATUS status;
-       status = gensec_start(gensec_security);
+       status = gensec_start(mem_ctx, gensec_security);
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
         }
@@ -187,10 +183,10 @@ NTSTATUS gensec_client_start(struct gensec_security **gensec_security)
         return status;
  }
  
-NTSTATUS gensec_server_start(struct gensec_security **gensec_security)
+NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security)
  {
         NTSTATUS status;
-       status = gensec_start(gensec_security);
+       status = gensec_start(mem_ctx, gensec_security);
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
         }
@@ -443,7 +439,7 @@ void gensec_end(struct gensec_security **gensec_security)
  
         if (!(*gensec_security)->subcontext) {
                 /* don't destory this if this is a subcontext - it belongs to the parent */
-               talloc_destroy((*gensec_security)->mem_ctx);
+               talloc_free(*gensec_security);
         }
         gensec_security = NULL;
  }
@@ -467,7 +463,7 @@ void gensec_want_feature(struct gensec_security *gensec_security,
  NTSTATUS gensec_set_unparsed_username(struct gensec_security *gensec_security, const char *user) 
  {
         char *p;
-       char *u = talloc_strdup(gensec_security->mem_ctx, user);
+       char *u = talloc_strdup(gensec_security, user);
         if (!u) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -476,12 +472,12 @@ NTSTATUS gensec_set_unparsed_username(struct gensec_security *gensec_security, c
         
         if (p) {
                 *p = '\0';
-               gensec_security->user.name = talloc_strdup(gensec_security->mem_ctx, u);
+               gensec_security->user.name = talloc_strdup(gensec_security, u);
                 if (!gensec_security->user.name) {
                         return NT_STATUS_NO_MEMORY;
                 }
                 
-               gensec_security->user.realm = talloc_strdup(gensec_security->mem_ctx, p+1);
+               gensec_security->user.realm = talloc_strdup(gensec_security, p+1);
                 if (!gensec_security->user.realm) {
                         return NT_STATUS_NO_MEMORY;
                 }
@@ -495,11 +491,11 @@ NTSTATUS gensec_set_unparsed_username(struct gensec_security *gensec_security, c
         
         if (p) {
                 *p = '\0';
-               gensec_security->user.domain = talloc_strdup(gensec_security->mem_ctx, u);
+               gensec_security->user.domain = talloc_strdup(gensec_security, u);
                 if (!gensec_security->user.domain) {
                         return NT_STATUS_NO_MEMORY;
                 }
-               gensec_security->user.name = talloc_strdup(gensec_security->mem_ctx, p+1);
+               gensec_security->user.name = talloc_strdup(gensec_security, p+1);
                 if (!gensec_security->user.name) {
                         return NT_STATUS_NO_MEMORY;
                 }
@@ -521,7 +517,7 @@ NTSTATUS gensec_set_unparsed_username(struct gensec_security *gensec_security, c
  
  NTSTATUS gensec_set_username(struct gensec_security *gensec_security, const char *user) 
  {
-       gensec_security->user.name = talloc_strdup(gensec_security->mem_ctx, user);
+       gensec_security->user.name = talloc_strdup(gensec_security, user);
         if (!gensec_security->user.name) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -548,7 +544,7 @@ const char *gensec_get_username(struct gensec_security *gensec_security)
  
  NTSTATUS gensec_set_domain(struct gensec_security *gensec_security, const char *domain) 
  {
-       gensec_security->user.domain = talloc_strdup(gensec_security->mem_ctx, domain);
+       gensec_security->user.domain = talloc_strdup(gensec_security, domain);
         if (!gensec_security->user.domain) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -577,7 +573,7 @@ const char *gensec_get_domain(struct gensec_security *gensec_security)
  
  NTSTATUS gensec_set_realm(struct gensec_security *gensec_security, const char *realm) 
  {
-       gensec_security->user.realm = talloc_strdup(gensec_security->mem_ctx, realm);
+       gensec_security->user.realm = talloc_strdup(gensec_security, realm);
         if (!gensec_security->user.realm) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -625,7 +621,7 @@ char *gensec_get_client_principal(struct gensec_security *gensec_security, TALLO
  NTSTATUS gensec_set_password(struct gensec_security *gensec_security,
                              const char *password) 
  {
-       gensec_security->user.password = talloc_strdup(gensec_security->mem_ctx, password);
+       gensec_security->user.password = talloc_strdup(gensec_security, password);
         if (!gensec_security->user.password) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -639,7 +635,7 @@ NTSTATUS gensec_set_password(struct gensec_security *gensec_security,
  
  NTSTATUS gensec_set_target_principal(struct gensec_security *gensec_security, const char *principal) 
  {
-       gensec_security->target.principal = talloc_strdup(gensec_security->mem_ctx, principal);
+       gensec_security->target.principal = talloc_strdup(gensec_security, principal);
         if (!gensec_security->target.principal) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -653,7 +649,7 @@ NTSTATUS gensec_set_target_principal(struct gensec_security *gensec_security, co
  
  NTSTATUS gensec_set_target_service(struct gensec_security *gensec_security, const char *service) 
  {
-       gensec_security->target.service = talloc_strdup(gensec_security->mem_ctx, service);
+       gensec_security->target.service = talloc_strdup(gensec_security, service);
         if (!gensec_security->target.service) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -667,7 +663,7 @@ NTSTATUS gensec_set_target_service(struct gensec_security *gensec_security, cons
  
  NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_security, const char *hostname) 
  {
-       gensec_security->target.hostname = talloc_strdup(gensec_security->mem_ctx, hostname);
+       gensec_security->target.hostname = talloc_strdup(gensec_security, hostname);
         if (!gensec_security->target.hostname) {
                 return NT_STATUS_NO_MEMORY;
         }
diff --git a/source4/libcli/auth/gensec.h b/source4/libcli/auth/gensec.h

index 00c1c0dd0a51de151f4fbeb2fa4579de62dd133b..7020435f44d26d4dddc392d4aa4a4cd17f7edc74 100644 (file)
--- a/source4/libcli/auth/gensec.h
+++ b/source4/libcli/auth/gensec.h
@@ -88,7 +88,6 @@ typedef NTSTATUS (*gensec_password_callback)(struct gensec_security *gensec_secu
  #define GENSEC_INTERFACE_VERSION 0
  
  struct gensec_security {
-       TALLOC_CTX *mem_ctx;
         gensec_password_callback password_callback;
         void *password_callback_private;
         const struct gensec_security_ops *ops;
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c

index c9e6d572db3566e0aaecebb4e32bdeb2188af93c..37fa95bac4b551fb0c2a85f3a8d18f52e1aa4b9b 100644 (file)
--- a/source4/libcli/auth/gensec_krb5.c
+++ b/source4/libcli/auth/gensec_krb5.c
@@ -367,14 +367,14 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
                         char *password;
                         time_t kdc_time = 0;
                         nt_status = gensec_get_password(gensec_security, 
-                                                       gensec_security->mem_ctx, 
+                                                       gensec_security, 
                                                         &password);
                         if (!NT_STATUS_IS_OK(nt_status)) {
                                 return nt_status;
                         }
  
                         ret = kerberos_kinit_password_cc(gensec_krb5_state->krb5_context, gensec_krb5_state->krb5_ccache, 
-                                                        gensec_get_client_principal(gensec_security, gensec_security->mem_ctx), 
+                                                        gensec_get_client_principal(gensec_security, gensec_security), 
                                                          password, NULL, &kdc_time);
  
                         /* cope with ticket being in the future due to clock skew */
diff --git a/source4/libcli/ldap/ldap.c b/source4/libcli/ldap/ldap.c

index 5d233bcdca755d3e2fde467b2479217e70919668..a94a4f2f30449d75d50f7d6b5bdff372d0c29098 100644 (file)
--- a/source4/libcli/ldap/ldap.c
+++ b/source4/libcli/ldap/ldap.c
@@ -1458,7 +1458,7 @@ int ldap_bind_sasl(struct ldap_connection *conn, const char *username, const cha
         if (conn == NULL)
                 return result;
  
-       status = gensec_client_start(&conn->gensec);
+       status = gensec_client_start(conn, &conn->gensec);
         if (!NT_STATUS_IS_OK(status)) {
                 DEBUG(0, ("Failed to start GENSEC engine (%s)\n", nt_errstr(status)));
                 return result;
diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c

index 264c1cd616f9173893fa63cf4f4a7371f346a762..37992968a4da7e3befcf908bffef2d6fb39c6088 100644 (file)
--- a/source4/libcli/raw/clisession.c
+++ b/source4/libcli/raw/clisession.c
@@ -395,7 +395,7 @@ static NTSTATUS smb_raw_session_setup_generic_spnego(struct smbcli_session *sess
  
         smbcli_temp_set_signing(session->transport);
  
-       status = gensec_client_start(&session->gensec);
+       status = gensec_client_start(session, &session->gensec);
         if (!NT_STATUS_IS_OK(status)) {
                 DEBUG(1, ("Failed to start GENSEC client mode: %s\n", nt_errstr(status)));
                 goto done;
diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c

index 0966b7033855968acdd8069dd1b7aa4fcbd8fb9a..af138ffe2c49245c28f65062cb515a35b89434e9 100644 (file)
--- a/source4/librpc/rpc/dcerpc_auth.c
+++ b/source4/librpc/rpc/dcerpc_auth.c
@@ -58,7 +58,7 @@ NTSTATUS dcerpc_bind_auth3(struct dcerpc_pipe *p, uint8_t auth_type, uint8_t aut
         }
         
         if (!p->security_state.generic_state) {
-               status = gensec_client_start(&p->security_state.generic_state);
+               status = gensec_client_start(p, &p->security_state.generic_state);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -136,7 +136,7 @@ NTSTATUS dcerpc_bind_alter(struct dcerpc_pipe *p, uint8_t auth_type, uint8_t aut
         }
         
         if (!p->security_state.generic_state) {
-               status = gensec_client_start(&p->security_state.generic_state);
+               status = gensec_client_start(p, &p->security_state.generic_state);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
diff --git a/source4/librpc/rpc/dcerpc_ntlm.c b/source4/librpc/rpc/dcerpc_ntlm.c

index 905be5b76c0e04c882602962c399814a4ee7d074..c236b6c5164937ac0f0aebf8a7f025160038e993 100644 (file)
--- a/source4/librpc/rpc/dcerpc_ntlm.c
+++ b/source4/librpc/rpc/dcerpc_ntlm.c
@@ -37,7 +37,7 @@ NTSTATUS dcerpc_bind_auth_ntlm(struct dcerpc_pipe *p,
                 p->flags |= DCERPC_CONNECT;
         }
  
-       status = gensec_client_start(&p->security_state.generic_state);
+       status = gensec_client_start(p, &p->security_state.generic_state);
         if (!NT_STATUS_IS_OK(status)) {
                 DEBUG(1, ("Failed to start GENSEC client mode: %s\n", nt_errstr(status)));
                 return status;
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c

index 9aa2b0c88d48ac4fb5c8bd03c7a573fe7952051c..057e20f49721d8e5a7f879bc806c6481b8f66b3f 100644 (file)
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -436,7 +436,7 @@ NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p,
         NTSTATUS status;
         int chan_type = 0;
  
-       status = gensec_client_start(&p->security_state.generic_state);
+       status = gensec_client_start(p, &p->security_state.generic_state);
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
         }
diff --git a/source4/librpc/rpc/dcerpc_spnego.c b/source4/librpc/rpc/dcerpc_spnego.c

index f5e2be0da45f9c16e504da4bf09e6c3d3b7f2b93..d15224b9812442bd5c152da47f124790f2f0797a 100644 (file)
--- a/source4/librpc/rpc/dcerpc_spnego.c
+++ b/source4/librpc/rpc/dcerpc_spnego.c
@@ -33,7 +33,7 @@ NTSTATUS dcerpc_bind_auth_spnego(struct dcerpc_pipe *p,
  {
         NTSTATUS status;
  
-       status = gensec_client_start(&p->security_state.generic_state);
+       status = gensec_client_start(p, &p->security_state.generic_state);
         if (!NT_STATUS_IS_OK(status)) {
                 DEBUG(1, ("Failed to start GENSEC client mode: %s\n", nt_errstr(status)));
                 return status;
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c

index 7065b3f259724423d2da8d2d6c6cfea54bc468fd..bcf55d221d0338a2ab8371a51f12357956d71827 100644 (file)
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -48,7 +48,7 @@ NTSTATUS dcesrv_crypto_select_type(struct dcesrv_connection *dce_conn,
                  */
         }
  
-       status = gensec_server_start(&auth->gensec_security);
+       status = gensec_server_start(dce_conn, &auth->gensec_security);
         if (!NT_STATUS_IS_OK(status)) {
                 DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
                 return status;
diff --git a/source4/smb_server/negprot.c b/source4/smb_server/negprot.c

index 25ab1ab4a941bb177c4fd823669517dbfb4ca28e..576fcc22bf30e047c734932e55c5d0c986bc928a 100644 (file)
--- a/source4/smb_server/negprot.c
+++ b/source4/smb_server/negprot.c
@@ -306,7 +306,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
                 struct gensec_security *gensec_security;
                 DATA_BLOB null_data_blob = data_blob(NULL, 0);
                 DATA_BLOB blob;
-               NTSTATUS nt_status = gensec_server_start(&gensec_security);
+               NTSTATUS nt_status = gensec_server_start(req->smb_conn, &gensec_security);
                 
                 if (req->smb_conn->negotiate.auth_context) {
                         smbsrv_terminate_connection(req->smb_conn, "reply_nt1: is this a secondary negprot?  auth_context is non-NULL!\n");
diff --git a/source4/smb_server/sesssetup.c b/source4/smb_server/sesssetup.c

index aeae404d6a6017326001c95aa1686d23fdce5e6e..4cb0447d3222bddae9407fd631d991257c7aa55c 100644 (file)
--- a/source4/smb_server/sesssetup.c
+++ b/source4/smb_server/sesssetup.c
@@ -221,7 +221,7 @@ static NTSTATUS sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup
  
                 status = gensec_update(smb_sess->gensec_ctx, req, sess->spnego.in.secblob, &sess->spnego.out.secblob);
         } else {
-               status = gensec_server_start(&gensec_ctx);
+               status = gensec_server_start(req->smb_conn, &gensec_ctx);
                 if (!NT_STATUS_IS_OK(status)) {
                         DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
                         return status;
diff --git a/source4/utils/ntlm_auth.c b/source4/utils/ntlm_auth.c

index ec5f5c6abd8272d37f5849fd96b2f09804f585cb..d1e2b80fcf6ccd296757f578d44ce9f14fed9478 100644 (file)
--- a/source4/utils/ntlm_auth.c
+++ b/source4/utils/ntlm_auth.c
@@ -315,7 +315,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
                 case NTLMSSP_CLIENT_1:
                         /* setup the client side */
                         
-                       if (!NT_STATUS_IS_OK(gensec_client_start(gensec_state))) {
+                       if (!NT_STATUS_IS_OK(gensec_client_start(NULL, gensec_state))) {
                                 exit(1);
                         }
                         gensec_set_username(*gensec_state, opt_username);
@@ -334,7 +334,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
                         break;
                 case GSS_SPNEGO_SERVER:
                 case SQUID_2_5_NTLMSSP:
-                       if (!NT_STATUS_IS_OK(gensec_server_start(gensec_state))) {
+                       if (!NT_STATUS_IS_OK(gensec_server_start(NULL, gensec_state))) {
                                 exit(1);
                         }
                         break;
author	Andrew Tridgell <tridge@samba.org>
	Sat, 25 Sep 2004 12:08:57 +0000 (12:08 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 17:59:14 +0000 (12:59 -0500)
source4/libcli/auth/gensec.c		patch \| blob \| history
source4/libcli/auth/gensec.h		patch \| blob \| history
source4/libcli/auth/gensec_krb5.c		patch \| blob \| history
source4/libcli/ldap/ldap.c		patch \| blob \| history
source4/libcli/raw/clisession.c		patch \| blob \| history
source4/librpc/rpc/dcerpc_auth.c		patch \| blob \| history
source4/librpc/rpc/dcerpc_ntlm.c		patch \| blob \| history
source4/librpc/rpc/dcerpc_schannel.c		patch \| blob \| history
source4/librpc/rpc/dcerpc_spnego.c		patch \| blob \| history
source4/rpc_server/dcesrv_auth.c		patch \| blob \| history
source4/smb_server/negprot.c		patch \| blob \| history
source4/smb_server/sesssetup.c		patch \| blob \| history
source4/utils/ntlm_auth.c		patch \| blob \| history