[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher Thu, 24 Dec 2009 14:05:06 -0800

The branch, master has been updated
       via  078482a... s4:auth: change auth_check_password_send/recv to 
tevent_req
       via  577857d... s4:gensec: change gensec_update_send/recv to tevent_req
      from  5126b52... s4:kdc: use the remote and local address from the 
stream_connection struct


http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 078482ad0efc9c4902601080f146853a1a3494fe
Author: Stefan Metzmacher <me...@samba.org>
Date:   Wed Dec 23 09:09:37 2009 +0100

    s4:auth: change auth_check_password_send/recv to tevent_req
    
    metze

commit 577857d351df3d7b40db4d69afb3d67ee4960fb2
Author: Stefan Metzmacher <me...@samba.org>
Date:   Tue Dec 22 16:24:44 2009 +0100

    s4:gensec: change gensec_update_send/recv to tevent_req
    
    metze

-----------------------------------------------------------------------

Summary of changes:
 source4/auth/auth.h                 |   12 +-
 source4/auth/gensec/config.mk       |    2 +-
 source4/auth/gensec/gensec.c        |  117 +++++++++++------
 source4/auth/gensec/gensec.h        |   22 +---
 source4/auth/ntlm/auth.c            |  242 +++++++++++++++++++---------------
 source4/auth/ntlm/config.mk         |    2 +-
 source4/smb_server/smb/sesssetup.c  |   59 ++++++---
 source4/smb_server/smb2/sesssetup.c |   17 ++-
 8 files changed, 279 insertions(+), 194 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index c625c87..28b955a 100644
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -275,14 +275,16 @@ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
                                           const char *nt4_username,
                                           const char *password,
                                           struct auth_session_info 
**session_info);
-NTSTATUS auth_check_password_recv(struct auth_check_password_request *req,
+
+struct tevent_req *auth_check_password_send(TALLOC_CTX *mem_ctx,
+                                           struct tevent_context *ev,
+                                           struct auth_context *auth_ctx,
+                                           const struct auth_usersupplied_info 
*user_info);
+NTSTATUS auth_check_password_recv(struct tevent_req *req,
                                  TALLOC_CTX *mem_ctx,
                                  struct auth_serversupplied_info 
**server_info);
 
-void auth_check_password_send(struct auth_context *auth_ctx,
-                             const struct auth_usersupplied_info *user_info,
-                             void (*callback)(struct 
auth_check_password_request *req, void *private_data),
-                             void *private_data);
+
 NTSTATUS auth_context_set_challenge(struct auth_context *auth_ctx, const 
uint8_t chal[8], const char *set_by);
 
 NTSTATUS samba_server_gensec_start(TALLOC_CTX *mem_ctx,
diff --git a/source4/auth/gensec/config.mk b/source4/auth/gensec/config.mk
index f7cbd5b..947a91e 100644
--- a/source4/auth/gensec/config.mk
+++ b/source4/auth/gensec/config.mk
@@ -2,7 +2,7 @@
 # Start SUBSYSTEM gensec
 [LIBRARY::gensec]
 PUBLIC_DEPENDENCIES = \
-               CREDENTIALS LIBSAMBA-UTIL LIBCRYPTO ASN1_UTIL samba_socket 
LIBPACKET LIBTSOCKET
+               CREDENTIALS LIBSAMBA-UTIL LIBCRYPTO ASN1_UTIL samba_socket 
LIBPACKET LIBTSOCKET UTIL_TEVENT
 # End SUBSYSTEM gensec
 #################################
 
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index ecd0778..3de0e1c 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -25,6 +25,7 @@
 #include "lib/events/events.h"
 #include "lib/socket/socket.h"
 #include "lib/tsocket/tsocket.h"
+#include "../lib/util/tevent_ntstatus.h"
 #include "librpc/rpc/dcerpc.h"
 #include "auth/credentials/credentials.h"
 #include "auth/gensec/gensec.h"
@@ -982,71 +983,105 @@ _PUBLIC_ NTSTATUS gensec_update(struct gensec_security 
*gensec_security, TALLOC_
        return gensec_security->ops->update(gensec_security, out_mem_ctx, in, 
out);
 }
 
-static void gensec_update_async_timed_handler(struct tevent_context *ev, 
struct tevent_timer *te,
-                                             struct timeval t, void *ptr)
-{
-       struct gensec_update_request *req = talloc_get_type(ptr, struct 
gensec_update_request);
-       req->status = req->gensec_security->ops->update(req->gensec_security, 
req, req->in, &req->out);
-       req->callback.fn(req, req->callback.private_data);
-}
+struct gensec_update_state {
+       struct tevent_immediate *im;
+       struct gensec_security *gensec_security;
+       DATA_BLOB in;
+       DATA_BLOB out;
+};
 
+static void gensec_update_async_trigger(struct tevent_context *ctx,
+                                       struct tevent_immediate *im,
+                                       void *private_data);
 /**
  * Next state function for the GENSEC state machine async version
- * 
+ *
+ * @param mem_ctx The memory context for the request
+ * @param ev The event context for the request
  * @param gensec_security GENSEC State
  * @param in The request, as a DATA_BLOB
- * @param callback The function that will be called when the operation is
- *                 finished, it should return gensec_update_recv() to get 
output
- * @param private_data A private pointer that will be passed to the callback 
function
+ *
+ * @return The request handle or NULL on no memory failure
  */
 
-_PUBLIC_ void gensec_update_send(struct gensec_security *gensec_security, 
const DATA_BLOB in,
-                                void (*callback)(struct gensec_update_request 
*req, void *private_data),
-                                void *private_data)
+_PUBLIC_ struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx,
+                                              struct tevent_context *ev,
+                                              struct gensec_security 
*gensec_security,
+                                              const DATA_BLOB in)
+{
+       struct tevent_req *req;
+       struct gensec_update_state *state = NULL;
+
+       req = tevent_req_create(mem_ctx, &state,
+                               struct gensec_update_state);
+       if (req == NULL) {
+               return NULL;
+       }
+
+       state->gensec_security          = gensec_security;
+       state->in                       = in;
+       state->out                      = data_blob(NULL, 0);
+       state->im                       = tevent_create_immediate(state);
+       if (tevent_req_nomem(state->im, req)) {
+               return tevent_req_post(req, ev);
+       }
+
+       tevent_schedule_immediate(state->im, ev,
+                                 gensec_update_async_trigger,
+                                 req);
+
+       return req;
+}
+
+static void gensec_update_async_trigger(struct tevent_context *ctx,
+                                       struct tevent_immediate *im,
+                                       void *private_data)
 {
-       struct gensec_update_request *req = NULL;
-       struct tevent_timer *te = NULL;
-
-       req = talloc(gensec_security, struct gensec_update_request);
-       if (!req) goto failed;
-       req->gensec_security            = gensec_security;
-       req->in                         = in;
-       req->out                        = data_blob(NULL, 0);
-       req->callback.fn                = callback;
-       req->callback.private_data      = private_data;
-
-       te = event_add_timed(gensec_security->event_ctx, req,
-                            timeval_zero(),
-                            gensec_update_async_timed_handler, req);
-       if (!te) goto failed;
-
-       return;
-
-failed:
-       talloc_free(req);
-       callback(NULL, private_data);
+       struct tevent_req *req =
+               talloc_get_type_abort(private_data, struct tevent_req);
+       struct gensec_update_state *state =
+               tevent_req_data(req, struct gensec_update_state);
+       NTSTATUS status;
+
+       status = gensec_update(state->gensec_security, state,
+                              state->in, &state->out);
+       if (tevent_req_nterror(req, status)) {
+               return;
+       }
+
+       tevent_req_done(req);
 }
 
 /**
  * Next state function for the GENSEC state machine
  * 
- * @param req GENSEC update request state
+ * @param req request state
  * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
  * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
  * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, 
  *                or NT_STATUS_OK if the user is authenticated. 
  */
-_PUBLIC_ NTSTATUS gensec_update_recv(struct gensec_update_request *req, 
TALLOC_CTX *out_mem_ctx, DATA_BLOB *out)
+_PUBLIC_ NTSTATUS gensec_update_recv(struct tevent_req *req,
+                                    TALLOC_CTX *out_mem_ctx,
+                                    DATA_BLOB *out)
 {
+       struct gensec_update_state *state =
+               tevent_req_data(req, struct gensec_update_state);
        NTSTATUS status;
 
-       NT_STATUS_HAVE_NO_MEMORY(req);
+       if (tevent_req_is_nterror(req, &status)) {
+               if (!NT_STATUS_EQUAL(status, 
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+                       tevent_req_received(req);
+                       return status;
+               }
+       } else {
+               status = NT_STATUS_OK;
+       }
 
-       *out = req->out;
+       *out = state->out;
        talloc_steal(out_mem_ctx, out->data);
-       status = req->status;
 
-       talloc_free(req);
+       tevent_req_received(req);
        return status;
 }
 
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index 2ea2402..232f1a4 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -69,18 +69,7 @@ struct auth_session_info;
 struct cli_credentials;
 struct gensec_settings;
 struct tevent_context;
-
-struct gensec_update_request {
-       struct gensec_security *gensec_security;
-       void *private_data;
-       DATA_BLOB in;
-       DATA_BLOB out;
-       NTSTATUS status;
-       struct {
-               void (*fn)(struct gensec_update_request *req, void 
*private_data);
-               void *private_data;
-       } callback;
-};
+struct tevent_req;
 
 struct gensec_settings {
        struct loadparm_context *lp_ctx;
@@ -231,10 +220,11 @@ NTSTATUS gensec_start_mech_by_sasl_list(struct 
gensec_security *gensec_security,
                                                 const char **sasl_names);
 NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX 
*out_mem_ctx, 
                       const DATA_BLOB in, DATA_BLOB *out);
-void gensec_update_send(struct gensec_security *gensec_security, const 
DATA_BLOB in,
-                                void (*callback)(struct gensec_update_request 
*req, void *private_data),
-                                void *private_data);
-NTSTATUS gensec_update_recv(struct gensec_update_request *req, TALLOC_CTX 
*out_mem_ctx, DATA_BLOB *out);
+struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx,
+                                     struct tevent_context *ev,
+                                     struct gensec_security *gensec_security,
+                                     const DATA_BLOB in);
+NTSTATUS gensec_update_recv(struct tevent_req *req, TALLOC_CTX *out_mem_ctx, 
DATA_BLOB *out);
 void gensec_want_feature(struct gensec_security *gensec_security,
                         uint32_t feature);
 bool gensec_have_feature(struct gensec_security *gensec_security,
diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c
index d0c8ed3..fafaf9c 100644
--- a/source4/auth/ntlm/auth.c
+++ b/source4/auth/ntlm/auth.c
@@ -19,10 +19,11 @@
 */
 
 #include "includes.h"
+#include <tevent.h>
+#include "../lib/util/tevent_ntstatus.h"
 #include "../lib/util/dlinklist.h"
 #include "auth/auth.h"
 #include "auth/ntlm/auth_proto.h"
-#include "lib/events/events.h"
 #include "param/param.h"
 
 /***************************************************************************
@@ -124,22 +125,6 @@ _PUBLIC_ NTSTATUS 
auth_get_server_info_principal(TALLOC_CTX *mem_ctx,
        return NT_STATUS_OK;
 }
 
-struct auth_check_password_sync_state {
-       bool finished;
-       NTSTATUS status;
-       struct auth_serversupplied_info *server_info;
-};
-
-static void auth_check_password_sync_callback(struct 
auth_check_password_request *req,
-                                             void *private_data)
-{
-       struct auth_check_password_sync_state *s = talloc_get_type(private_data,
-                                                  struct 
auth_check_password_sync_state);
-
-       s->finished = true;
-       s->status = auth_check_password_recv(req, s, &s->server_info);
-}
-
 /**
  * Check a user's Plaintext, LM or NTLM password.
  * (sync version)
@@ -172,48 +157,43 @@ _PUBLIC_ NTSTATUS auth_check_password(struct auth_context 
*auth_ctx,
                             const struct auth_usersupplied_info *user_info, 
                             struct auth_serversupplied_info **server_info)
 {
-       struct auth_check_password_sync_state *sync_state;
+       struct tevent_req *subreq;
+       struct tevent_context *ev;
+       bool ok;
        NTSTATUS status;
 
-       sync_state = talloc_zero(auth_ctx, struct 
auth_check_password_sync_state);
-       NT_STATUS_HAVE_NO_MEMORY(sync_state);
+       /*TODO: create a new event context here! */
+       ev = auth_ctx->event_ctx;
 
-       auth_check_password_send(auth_ctx, user_info, 
auth_check_password_sync_callback, sync_state);
-
-       while (!sync_state->finished) {
-               event_loop_once(auth_ctx->event_ctx);
+       subreq = auth_check_password_send(mem_ctx,
+                                         ev,
+                                         auth_ctx,
+                                         user_info);
+       if (subreq == NULL) {
+               return NT_STATUS_NO_MEMORY;
        }
 
-       status = sync_state->status;
-
-       if (NT_STATUS_IS_OK(status)) {
-               *server_info = talloc_steal(mem_ctx, sync_state->server_info);
+       ok = tevent_req_poll(subreq, ev);
+       if (!ok) {
+               return NT_STATUS_INTERNAL_ERROR;
        }
 
-       talloc_free(sync_state);
+       status = auth_check_password_recv(subreq, mem_ctx, server_info);
+       TALLOC_FREE(subreq);
+
        return status;
 }
 
-struct auth_check_password_request {
+struct auth_check_password_state {
        struct auth_context *auth_ctx;
        const struct auth_usersupplied_info *user_info;
        struct auth_serversupplied_info *server_info;
        struct auth_method_context *method;
-       NTSTATUS status;
-       struct {
-               void (*fn)(struct auth_check_password_request *req, void 
*private_data);
-               void *private_data;
-       } callback;
 };
 
-static void auth_check_password_async_timed_handler(struct tevent_context *ev, 
struct tevent_timer *te,
-                                                   struct timeval t, void *ptr)
-{
-       struct auth_check_password_request *req = talloc_get_type(ptr, struct 
auth_check_password_request);
-       req->status = req->method->ops->check_password(req->method, req, 
req->user_info, &req->server_info);
-       req->callback.fn(req, req->callback.private_data);
-}
-
+static void auth_check_password_async_trigger(struct tevent_context *ev,
+                                             struct tevent_immediate *im,
+                                             void *private_data);
 /**
  * Check a user's Plaintext, LM or NTLM password.
  * async send hook
@@ -225,6 +205,10 @@ static void auth_check_password_async_timed_handler(struct 
tevent_context *ev, s
  * struct.  When the return is other than NT_STATUS_OK the contents 
  * of that structure is undefined.
  *
+ * @param mem_ctx The memory context the request should operate on
+ *
+ * @param ev The tevent context the request should operate on
+ *
  * @param auth_ctx Supplies the challenges and some other data. 
  *                  Must be created with make_auth_context(), and the 
challenges should be 
  *                  filled in, either at creation or by calling the challenge 
geneation 
@@ -232,93 +216,131 @@ static void 
auth_check_password_async_timed_handler(struct tevent_context *ev, s
  *
  * @param user_info Contains the user supplied components, including the 
passwords.
  *
- * @param callback A callback function which will be called when the operation 
is finished.
- *                 The callback function needs to call 
auth_check_password_recv() to get the return values
- *
- * @param private_data A private pointer which will ba passed to the callback 
function
+ * @return The request handle or NULL on no memory error.
  *
  **/
 
-_PUBLIC_ void auth_check_password_send(struct auth_context *auth_ctx,
-                             const struct auth_usersupplied_info *user_info,
-                             void (*callback)(struct 
auth_check_password_request *req, void *private_data),
-                             void *private_data)
+_PUBLIC_ struct tevent_req *auth_check_password_send(TALLOC_CTX *mem_ctx,
+                               struct tevent_context *ev,
+                               struct auth_context *auth_ctx,
+                               const struct auth_usersupplied_info *user_info)
 {
+       struct tevent_req *req;
+       struct auth_check_password_state *state;
        /* if all the modules say 'not for me' this is reasonable */
        NTSTATUS nt_status;
        struct auth_method_context *method;
        uint8_t chal[8];
        struct auth_usersupplied_info *user_info_tmp;
-       struct auth_check_password_request *req = NULL;
+       struct tevent_immediate *im;
 
-       DEBUG(3,   ("auth_check_password_send:  Checking password for unmapped 
user [%s]\\[...@[%s]\n", 
-                   user_info->client.domain_name, 
user_info->client.account_name, user_info->workstation_name));
+       DEBUG(3,("auth_check_password_send: "
+                "Checking password for unmapped user [%s]\\[...@[%s]\n",
+                user_info->client.domain_name, user_info->client.account_name,
+                user_info->workstation_name));
 
-       req = talloc_zero(auth_ctx, struct auth_check_password_request);
-       if (!req) {
-               callback(NULL, private_data);
-               return;
+       req = tevent_req_create(mem_ctx, &state,
+                               struct auth_check_password_state);
+       if (req == NULL) {
+               return NULL;
        }
-       req->auth_ctx                   = auth_ctx;
-       req->user_info                  = user_info;
-       req->callback.fn                = callback;
-       req->callback.private_data      = private_data;
+
+       state->auth_ctx         = auth_ctx;
+       state->user_info        = user_info;
+       state->method           = NULL;
 
        if (!user_info->mapped_state) {
-               nt_status = map_user_info(req, lp_workgroup(auth_ctx->lp_ctx), 
user_info, &user_info_tmp);
-               if (!NT_STATUS_IS_OK(nt_status)) goto failed;
+               nt_status = map_user_info(req, lp_workgroup(auth_ctx->lp_ctx),
+                                         user_info, &user_info_tmp);
+               if (tevent_req_nterror(req, nt_status)) {
+                       return tevent_req_post(req, ev);
+               }
                user_info = user_info_tmp;
-               req->user_info  = user_info_tmp;
+               state->user_info = user_info_tmp;
        }
 
-       DEBUGADD(3,("auth_check_password_send:  mapped user is: 
[%s]\\[...@[%s]\n", 
-                   user_info->mapped.domain_name, 
user_info->mapped.account_name, user_info->workstation_name));
+       DEBUGADD(3,("auth_check_password_send: "
+                   "mapped user is: [%s]\\[...@[%s]\n",
+                   user_info->mapped.domain_name,
+                   user_info->mapped.account_name,
+                   user_info->workstation_name));
 
        nt_status = auth_get_challenge(auth_ctx, chal);
-       if (!NT_STATUS_IS_OK(nt_status)) {
-               DEBUG(0, ("auth_check_password_send:  Invalid challenge (length 
%u) stored for this auth context set_by %s - cannot continue: %s\n",
-                       (unsigned)auth_ctx->challenge.data.length, 
auth_ctx->challenge.set_by, nt_errstr(nt_status)));
-               goto failed;
+       if (tevent_req_nterror(req, nt_status)) {
+               DEBUG(0,("auth_check_password_send: "
+                        "Invalid challenge (length %u) stored for "
+                        "this auth context set_by %s - cannot continue: %s\n",
+                       (unsigned)auth_ctx->challenge.data.length,
+                       auth_ctx->challenge.set_by,
+                       nt_errstr(nt_status)));
+               return tevent_req_post(req, ev);
        }
 
        if (auth_ctx->challenge.set_by) {
-               DEBUG(10, ("auth_check_password_send: auth_context challenge 
created by %s\n",
-                                       auth_ctx->challenge.set_by));
+               DEBUG(10,("auth_check_password_send: "
+                         "auth_context challenge created by %s\n",
+                         auth_ctx->challenge.set_by));
        }
 
        DEBUG(10, ("auth_check_password_send: challenge is: \n"));
-       dump_data(5, auth_ctx->challenge.data.data, 
auth_ctx->challenge.data.length);
+       dump_data(5, auth_ctx->challenge.data.data,
+                 auth_ctx->challenge.data.length);
+
+       im = tevent_create_immediate(state);
+       if (tevent_req_nomem(im, req)) {
+               return tevent_req_post(req, ev);
+       }
 
-       nt_status = NT_STATUS_NO_SUCH_USER; /* If all the modules say 'not for 
me', then this is reasonable */
        for (method = auth_ctx->methods; method; method = method->next) {
                NTSTATUS result;
-               struct tevent_timer *te = NULL;
 
                /* check if the module wants to chek the password */
                result = method->ops->want_check(method, req, user_info);
                if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_IMPLEMENTED)) {
-                       DEBUG(11,("auth_check_password_send: %s had nothing to 
say\n", method->ops->name));
+                       DEBUG(11,("auth_check_password_send: "
+                                 "%s had nothing to say\n",
+                                 method->ops->name));
                        continue;
                }
 
-               nt_status = result;
-               req->method     = method;
+               state->method = method;
 
-               if (!NT_STATUS_IS_OK(nt_status)) break;
-
-               te = event_add_timed(auth_ctx->event_ctx, req,
-                                    timeval_zero(),
-                                    auth_check_password_async_timed_handler, 
req);
-               if (!te) {
-                       nt_status = NT_STATUS_NO_MEMORY;
-                       goto failed;
+               if (tevent_req_nterror(req, result)) {
+                       return tevent_req_post(req, ev);
                }
+


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

Reply via email to