s3:rpc_server: let auth_generic_server_step() handle gensec_security == NULL

This simplifies the caller, we don't need to look at the auth_type anymore.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/rpc_server/dcesrv_auth_generic.c b/source3/rpc_server/dcesrv_auth_generic.c
index 116512172d98418a703aa073f2d4d63452da63a4..b6e45684e7ff8735fee29720191d3f35769ffa7d 100644 (file)
--- a/source3/rpc_server/dcesrv_auth_generic.c
+++ b/source3/rpc_server/dcesrv_auth_generic.c
@@ -90,6 +90,10 @@ NTSTATUS auth_generic_server_step(struct gensec_security *gensec_security,
 {
        NTSTATUS status;
 
+       if (gensec_security == NULL) {
+               return NT_STATUS_INTERNAL_ERROR;
+       }
+
        /* this has to be done as root in order to verify the password */
        become_root();
        status = gensec_update(gensec_security, mem_ctx, *token_in, token_out);

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 23d84311649cc2e770f19abf0d9a9748df7ed121..cdbe5faf5733c352d2958c34d3e3c563f4d6f224 100644 (file)
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -929,21 +929,12 @@ bool api_pipe_bind_auth3(struct pipes_struct *p, struct ncacn_packet *pkt)
                goto err;
        }
 
-       switch (auth_info.auth_type) {
-       case DCERPC_AUTH_TYPE_NTLMSSP:
-       case DCERPC_AUTH_TYPE_KRB5:
-       case DCERPC_AUTH_TYPE_SPNEGO:
-               gensec_security = talloc_get_type_abort(p->auth.auth_ctx,
-                                                   struct gensec_security);
-               status = auth_generic_server_step(gensec_security,
-                                            pkt, &auth_info.credentials,
-                                            &response);
-               break;
-       default:
-               DEBUG(1, (__location__ ": incorrect auth type (%u).\n",
-                         (unsigned int)auth_info.auth_type));
-               return false;
-       }
+       gensec_security = talloc_get_type(p->auth.auth_ctx,
+                                         struct gensec_security);
+
+       status = auth_generic_server_step(gensec_security,
+                                         pkt, &auth_info.credentials,
+                                         &response);
 
        if (NT_STATUS_EQUAL(status,
                            NT_STATUS_MORE_PROCESSING_REQUIRED) ||
@@ -1065,26 +1056,12 @@ static bool api_pipe_alter_context(struct pipes_struct *p,
                        goto err_exit;
                }
 
-
-               switch (auth_info.auth_type) {
-               case DCERPC_AUTH_TYPE_SPNEGO:
-               case DCERPC_AUTH_TYPE_KRB5:
-               case DCERPC_AUTH_TYPE_NTLMSSP:
-                       gensec_security = talloc_get_type_abort(p->auth.auth_ctx,
-                                                   struct gensec_security);
-                       status = auth_generic_server_step(gensec_security,
-                                                    pkt,
-                                                    &auth_info.credentials,
-                                                    &auth_resp);
-                       break;
-
-               default:
-                       DEBUG(3, (__location__ ": Usupported auth type (%d) "
-                                 "in alter-context call\n",
-                                 auth_info.auth_type));
-                       goto err_exit;
-               }
-
+               gensec_security = talloc_get_type(p->auth.auth_ctx,
+                                                 struct gensec_security);
+               status = auth_generic_server_step(gensec_security,
+                                                 pkt,
+                                                 &auth_info.credentials,
+                                                 &auth_resp);
                if (NT_STATUS_IS_OK(status)) {
                        /* third leg of auth, verify auth info */
                        status = pipe_auth_verify_final(p);