Author: jra Date: 2005-08-22 20:30:16 +0000 (Mon, 22 Aug 2005) New Revision: 9488
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9488 Log: Move the auth_level field into the pipe auth struct. Refactoring similar to what I'm intending on the client side. Jeremy. Modified: trunk/source/include/ntdomain.h trunk/source/rpc_server/srv_pipe.c trunk/source/rpc_server/srv_samr_nt.c Changeset: Modified: trunk/source/include/ntdomain.h =================================================================== --- trunk/source/include/ntdomain.h 2005-08-22 19:48:20 UTC (rev 9487) +++ trunk/source/include/ntdomain.h 2005-08-22 20:30:16 UTC (rev 9488) @@ -184,7 +184,8 @@ /* auth state for all bind types. */ struct pipe_auth_data { - enum pipe_auth_type auth_type; + enum pipe_auth_type auth_type; /* switch for union below. */ + enum pipe_auth_level auth_level; union { struct schannel_auth_struct *schannel_auth; AUTH_NTLMSSP_STATE *auth_ntlmssp_state; @@ -218,9 +219,8 @@ TALLOC_CTX *pipe_state_mem_ctx; struct pipe_auth_data auth; - enum pipe_auth_level auth_level; - struct dcinfo dc; /* Keeps the creds data. */ + struct dcinfo dc; /* Keeps the creds data from netlogon. */ /* * Windows user info. Modified: trunk/source/rpc_server/srv_pipe.c =================================================================== --- trunk/source/rpc_server/srv_pipe.c 2005-08-22 19:48:20 UTC (rev 9487) +++ trunk/source/rpc_server/srv_pipe.c 2005-08-22 20:30:16 UTC (rev 9488) @@ -200,7 +200,7 @@ } else { auth_type = RPC_SPNEGO_AUTH_TYPE; } - if (p->auth_level == PIPE_AUTH_LEVEL_PRIVACY) { + if (p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY) { auth_level = RPC_AUTH_LEVEL_PRIVACY; } else { auth_level = RPC_AUTH_LEVEL_INTEGRITY; @@ -215,7 +215,7 @@ /* Generate the sign blob. */ - switch (p->auth_level) { + switch (p->auth.auth_level) { case PIPE_AUTH_LEVEL_PRIVACY: /* Data portion is encrypted. */ status = ntlmssp_seal_packet(a->ntlmssp_state, @@ -417,7 +417,7 @@ init_rpc_hdr_auth(&auth_info, RPC_SCHANNEL_AUTH_TYPE, - p->auth_level == PIPE_AUTH_LEVEL_PRIVACY ? + p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY ? RPC_AUTH_LEVEL_PRIVACY : RPC_AUTH_LEVEL_INTEGRITY, ss_padding_len, 1); @@ -431,7 +431,7 @@ prs_init(&rauth, 0, p->mem_ctx, MARSHALL); schannel_encode(p->auth.a_u.schannel_auth, - p->auth_level, + p->auth.auth_level, SENDER_IS_ACCEPTOR, &verf, data, data_len + ss_padding_len); @@ -581,7 +581,7 @@ BOOL create_next_pdu(pipes_struct *p) { - switch(p->auth_level) { + switch(p->auth.auth_level) { case PIPE_AUTH_LEVEL_NONE: case PIPE_AUTH_LEVEL_CONNECT: /* This is incorrect for auth level connect. Fixme. JRA */ @@ -600,7 +600,7 @@ } DEBUG(0,("create_next_pdu: invalid internal auth level %u / type %u", - (unsigned int)p->auth_level, + (unsigned int)p->auth.auth_level, (unsigned int)p->auth.auth_type)); return False; } @@ -821,7 +821,7 @@ if (p->auth.auth_data_free_func) { (*p->auth.auth_data_free_func)(&p->auth); } - p->auth_level = PIPE_AUTH_LEVEL_NONE; + p->auth.auth_level = PIPE_AUTH_LEVEL_NONE; p->auth.auth_type = PIPE_AUTH_TYPE_NONE; p->pipe_bound = False; @@ -1481,10 +1481,10 @@ /* Work out if we have to sign or seal etc. */ switch (auth_info.auth_level) { case RPC_AUTH_LEVEL_INTEGRITY: - p->auth_level = PIPE_AUTH_LEVEL_INTEGRITY; + p->auth.auth_level = PIPE_AUTH_LEVEL_INTEGRITY; break; case RPC_AUTH_LEVEL_PRIVACY: - p->auth_level = PIPE_AUTH_LEVEL_PRIVACY; + p->auth.auth_level = PIPE_AUTH_LEVEL_PRIVACY; break; default: DEBUG(0,("api_pipe_bind_req: unexpected auth level (%u).\n", @@ -1522,7 +1522,7 @@ /* We're finished - no more packets. */ p->auth.auth_type = PIPE_AUTH_TYPE_NONE; /* We must set the pipe auth_level here also. */ - p->auth_level = PIPE_AUTH_LEVEL_NONE; + p->auth.auth_level = PIPE_AUTH_LEVEL_NONE; p->pipe_bound = True; break; @@ -1837,7 +1837,7 @@ *pstatus = NT_STATUS_OK; - if (p->auth_level == PIPE_AUTH_LEVEL_NONE || p->auth_level == PIPE_AUTH_LEVEL_CONNECT) { + if (p->auth.auth_level == PIPE_AUTH_LEVEL_NONE || p->auth.auth_level == PIPE_AUTH_LEVEL_CONNECT) { return True; } @@ -1885,7 +1885,7 @@ auth_blob.data = prs_data_p(rpc_in) + prs_offset(rpc_in); auth_blob.length = auth_len; - switch (p->auth_level) { + switch (p->auth.auth_level) { case PIPE_AUTH_LEVEL_PRIVACY: /* Data is encrypted. */ *pstatus = ntlmssp_unseal_packet(a->ntlmssp_state, @@ -1985,7 +1985,7 @@ } if (!schannel_decode(p->auth.a_u.schannel_auth, - p->auth_level, + p->auth.auth_level, SENDER_IS_INITIATOR, &schannel_chk, prs_data_p(rpc_in)+old_offset, data_len)) { Modified: trunk/source/rpc_server/srv_samr_nt.c =================================================================== --- trunk/source/rpc_server/srv_samr_nt.c 2005-08-22 19:48:20 UTC (rev 9487) +++ trunk/source/rpc_server/srv_samr_nt.c 2005-08-22 20:30:16 UTC (rev 9488) @@ -1459,7 +1459,7 @@ return NT_STATUS_ACCESS_DENIED; } - if (p->auth_level != PIPE_AUTH_LEVEL_PRIVACY) { + if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) { return NT_STATUS_ACCESS_DENIED; }