The branch, master has been updated via ee9f437 auth/gensec: finally remove unused gensec_update_ev() via 39353c9 auth/gensec: don't allow gensec_update[_ev] to be called on a subcontext via a7f4012 auth/gensec: make use of gensec_update_send/recv in gensec_update_ev() via 8268374 s4:lib/http: rewrite http_send_auth_request_*() using gensec_update_send/recv via eb6b2b6 auth/gensec: introduce gensec_security_ops.glue in order to avoid depending on GENSEC_OID_SPNEGO being special via 692425f auth/gensec: add some useful debugging to gensec_update_send/gensec_update_done via 97788f4 auth/spnego: Use talloc_get_type_abort() in gsensec_spnego_update_out() via 62ffe20 auth/spnego: Use talloc_get_type_abort() in gsensec_spnego_update_in() via e492950 auth/spnego: Rename gensec_spnego_update_sub_abort() via 832e9ff auth/spnego: replace gensec_spnego_neg_loop() by real async processing of {start,step,finish}_fn() via 75e6728 auth/spnego: split gensec_spnego_server_negTokenTarg() into subfunctions via 2d1fcde auth/spnego: split gensec_spnego_server_negTokenInit() into subfunctions via 7ff159e auth/spnego: split gensec_spnego_client_negTokenTarg() into subfunctions via e337d4f auth/spnego: split gensec_spnego_client_negTokenInit() into subfunctions via e9eb0f3 auth/spnego: split gensec_spnego_create_negTokenInit() into subfunctions via c56103e auth/spnego: don't produce an output token for errors in gensec_spnego_server_response() via eedb810 auth/spnego: don't call gensec_spnego_server_response() with a fatal error via 3e6daa3 auth/spnego: generate a valid packet if gensec_spnego_client_negTokenTarg() gives MORE_PROCESSING_REQUIRED via a97057d auth/spnego: make sure we don't return OK without sub_sec_ready in gensec_spnego_client_negTokenTarg() via f7f9de4 auth/spnego: do an early return for the success case in gensec_spnego_client_negTokenTarg() via 9b4d44a auth/spnego: use better variable names in gensec_spnego_create_negTokenInit() via d9e764e auth/spnego: introduce an early return in gensec_spnego_create_negTokenInit() via 6a3c50f auth/spnego: add more error checking to gensec_spnego_create_negTokenInit() via 1ff5381 auth/spnego: rename 'nt_status' to 'status' in gensec_spnego_create_negTokenInit() via 1010034 auth/spnego: make the debug messages in gensec_spnego_create_negTokenInit() more useful via 71ca6fc auth/spnego: remove one more useless indentation level in gensec_spnego_create_negTokenInit() via 3042107 auth/spnego: introduce an early goto reply: for the server in gensec_spnego_create_negTokenInit() via 248be3b auth/spnego: move the output generation to the end of gensec_spnego_create_negTokenInit() via 81df16a auth/spnego: make the SPNEGO_FALLBACK continuation completely async via 9502f53 auth/spnego: invert the fallback logic in gensec_spnego_client_negTokenInit() via 3bf4946 auth/spnego: split out gensec_spnego_update_pre/post() functions via cb8f370 auth/spnego: inline gensec_spnego_parse_negTokenInit() into gensec_spnego_server_negTokenInit() via efacdf9 auth/spnego: remove more dead code from gensec_spnego_parse_negTokenInit() via ba9c51d auth/spnego: add an early return for OK or MORE PROCESSING in gensec_spnego_parse_negTokenInit() via 32836a7 auth/spnego: add an early return for a hard error in gensec_spnego_parse_negTokenInit() via 1523a77 auth/spnego: do an early return when we downgraded the mech in gensec_spnego_parse_negTokenInit() via 2a846ba auth/spnego: remove one more useless indentation level from gensec_spnego_parse_negTokenInit() via f204402 auth/spnego: remove dead code from gensec_spnego_parse_negTokenInit() via 1c2ed3d auth/spnego: remove unused indentation level from gensec_spnego_parse_negTokenInit() via 8ddfafd auth/spnego: inline gensec_spnego_parse_negTokenInit() client logic into gensec_spnego_client_negTokenInit() via 482fe65 auth/spnego: let gensec_spnego_parse_negTokenInit() require client provides mechs via 7c04ee94 auth/spnego: inline gensec_spnego_update_server() into gensec_spnego_update_send() via fe4521d auth/spnego: inline gensec_spnego_update_client() into gensec_spnego_update_send() via f85f9da auth/spnego: split out a gensec_spnego_server_negTokenTarg() function via e60222d auth/spnego: introduce a 'struct spnego_negTokenTarg *ta' helper variable in gensec_spnego_update_server() via 909d190 auth/spnego: split out a gensec_spnego_client_negTokenTarg() function via 7128dd8 auth/spnego: make more use of the 'ta' helper variable in gensec_spnego_update_client() via 2054008 auth/spnego: split out a gensec_spnego_server_negTokenInit() function. via 3ed3d81 auth/spnego: split out a gensec_spnego_client_negTokenInit() function. via ce6c80a auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_update_client() via 3866d55 auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_create_negTokenInit() via eee973a auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_update_send() via dc07418 auth/spnego: simplify the error handling logic in gensec_spnego_parse_negTokenInit() via 3903ba8 auth/spnego: call gensec_spnego_create_negTokenInit() directly in gensec_spnego_update_send() via 6521967 auth/spnego: do parse the incoming blob already in gensec_spnego_update_send() via 00c195b auth/spnego: introduce a 'spnego_in' helper variable in gensec_spnego_update_client() via c988596 auth/spnego: introduce a 'spnego_in' helper variable in gensec_spnego_update_client() via e243fb5 auth/spnego: skip gensec_update_ev() if sub_sec_ready is already true in gensec_spnego_update_server() via a2a4483 auth/spnego: move gensec_update_ev() out of gensec_spnego_server_try_fallback() via 404f923 auth/spnego: Fix withespace and indent in gensec_spnego_server_try_fallback() from 4830902 s3:tests: Add tests for smbspool_krb5_wrapper
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit ee9f4374ed5e531e8af008eb0642108bca1d2744 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jun 15 00:05:29 2017 +0200 auth/gensec: finally remove unused gensec_update_ev() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org> Autobuild-Date(master): Tue Jul 25 17:42:55 CEST 2017 on sn-devel-144 commit 39353c9a6e3628a670fc9aa130b6eaf05d1083be Author: Stefan Metzmacher <me...@samba.org> Date: Thu May 11 14:22:27 2017 +0200 auth/gensec: don't allow gensec_update[_ev] to be called on a subcontext Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit a7f401243cb179dc3af6c6084474785ad189307a Author: Stefan Metzmacher <me...@samba.org> Date: Thu May 11 13:16:16 2017 +0200 auth/gensec: make use of gensec_update_send/recv in gensec_update_ev() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 8268374c8307170f03b149a8fa7ed049c21889bf Author: Stefan Metzmacher <me...@samba.org> Date: Thu May 11 15:34:08 2017 +0200 s4:lib/http: rewrite http_send_auth_request_*() using gensec_update_send/recv The new logic makes it much clearer that we have a loop of gensec_update_send() gensec_update_recv() http_send_request_send() http_send_request_recv() http_read_response_send() http_read_response_recv() Until the local gensec and the server are ready. I've tested this against Windows 2008R2 like this: bin/smbtorture \ -W BLA --realm=BLA.BASE \ -s /dev/null -Uadministrator%A1b2C3d4 \ ncacn_http:w2k8r2-219[593,RpcProxy=w2k8r2-219.bla.base,HttpUseTls=false,HttpAuthOption=basic] \ rpc.epmapper.epmapper.Lookup_simple \ and: bin/smbtorture \ -W BLA --realm=BLA.BASE \ -s /dev/null -Uadministrator%A1b2C3d4 \ ncacn_http:w2k8r2-219[593,RpcProxy=w2k8r2-219.bla.base,HttpUseTls=false,HttpAuthOption=ntlm] \ rpc.epmapper.epmapper.Lookup_simple \ Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit eb6b2b63e997967b9222741dff166ba73ec54064 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 20 23:28:51 2017 +0200 auth/gensec: introduce gensec_security_ops.glue in order to avoid depending on GENSEC_OID_SPNEGO being special In future we have get more backends that can negotiate other backends, we should keep all of them even if we require kerberos. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 692425f09a6d03a13861140f8e5446ca1e848887 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 20 15:42:58 2017 +0200 auth/gensec: add some useful debugging to gensec_update_send/gensec_update_done This makes it easier to spot problems with all the abstraction and async layers. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 97788f4a75ec0ade93c69c127fefcedeb08a1fcf Author: Andreas Schneider <a...@samba.org> Date: Wed Jul 19 11:05:32 2017 +0200 auth/spnego: Use talloc_get_type_abort() in gsensec_spnego_update_out() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 62ffe20fcbbd1a78922e0e9a02cf151362ee1de8 Author: Andreas Schneider <a...@samba.org> Date: Wed Jul 19 11:02:39 2017 +0200 auth/spnego: Use talloc_get_type_abort() in gsensec_spnego_update_in() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit e492950184c3df7cfb0a2e7fb75ed5e5df8e0805 Author: Andreas Schneider <a...@samba.org> Date: Wed Jul 19 10:53:30 2017 +0200 auth/spnego: Rename gensec_spnego_update_sub_abort() The name is not ideal as someone might think we will panic and abort the process. So rename it to gensec_spnego_reset_sub_sec(). Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 832e9ff59402f2c369aac0a9ee65364de75d057c Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 14 11:01:23 2017 +0200 auth/spnego: replace gensec_spnego_neg_loop() by real async processing of {start,step,finish}_fn() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 75e6728bcf25d24392f1dba28444c6696632107b Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 14 15:40:41 2017 +0200 auth/spnego: split gensec_spnego_server_negTokenTarg() into subfunctions Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 2d1fcde331a9f1f43850a9bfcb046d245672af46 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 14 15:22:57 2017 +0200 auth/spnego: split gensec_spnego_server_negTokenInit() into subfunctions Check with git show -U15 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 7ff159e3c8886f2ae021bdcb957866dbde7a6d69 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 14 13:56:02 2017 +0200 auth/spnego: split gensec_spnego_client_negTokenTarg() into subfunctions Check with git show -U15 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit e337d4f82f70e950ae2f4fc84ee58a1faf42e334 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 14 12:59:43 2017 +0200 auth/spnego: split gensec_spnego_client_negTokenInit() into subfunctions Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit e9eb0f3cc58c37efee34d0141e2063759846ad19 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 14 01:52:09 2017 +0200 auth/spnego: split gensec_spnego_create_negTokenInit() into subfunctions This adds and uses the gensec_spnego_neg_loop() abstraction, which abstracts start, step and finish hooks. The start hook does the initial processing on the incoming paket and may start the first possible subcontext. It indicates that gensec_update() is required on the subcontext by returning NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in 'in_next'. Note that 'in_mem_ctx' is just passed as a hint, the caller should treat 'in_next' as const and don't attempt to free the content. NT_STATUS_OK indicates the finish hook should be invoked directly withing the need of gensec_update() on the subcontext. Every other error indicates an error that's returned to the caller. The step hook processes the result of a failed gensec_update() and can decide to ignore a failure or continue the negotiation by setting up the next possible subcontext. It indicates that gensec_update() is required on the subcontext by returning NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in 'in_next'. Note that 'in_mem_ctx' is just passed as a hint, the caller should treat 'in_next' as const and don't attempt to free the content. NT_STATUS_OK indicates the finish hook should be invoced directly withing the need of gensec_update() on the subcontext. Every other error indicated an error that's returned to the caller. The finish hook processes the result of a successful gensec_update() (NT_STATUS_OK or NT_STATUS_MORE_PROCESSING_REQUIRED). It forms the response pdu that will be returned from the toplevel gensec_update() together with NT_STATUS_OK or NT_STATUS_MORE_PROCESSING_REQUIRED. It may also alter the state machine to prepare receiving the next pdu from the peer. This is the start of using this abstraction for the initial client or server start with on empty input token from the peer. This abstraction will be applied to all four other spnego states, gensec_spnego_{client,server}_negToken{Init,Targ}() in the following commits. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit c56103e3fee118c051bf3561c2e98954de74d29b Author: Stefan Metzmacher <me...@samba.org> Date: Mon Jul 17 22:00:10 2017 +0200 auth/spnego: don't produce an output token for errors in gensec_spnego_server_response() gensec_spnego_server_response() is never called with a fatal error anymore. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit eedb8105507ed14ed19da185dcf32537dc39c7fe Author: Stefan Metzmacher <me...@samba.org> Date: Mon Jul 17 21:54:51 2017 +0200 auth/spnego: don't call gensec_spnego_server_response() with a fatal error It doesn't make sense to produce an output token without returning OK or MORE_PROCESSING_REQUIRED. Even in v4-0-test we had gensec_spnego_update_wrapper() which only passed the constructed output token to the caller with OK or MORE_PROCESSING_REQUIRED. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3e6daa30f5594c25da190773be79003eef9b157a Author: Stefan Metzmacher <me...@samba.org> Date: Tue Jul 18 11:42:43 2017 +0200 auth/spnego: generate a valid packet if gensec_spnego_client_negTokenTarg() gives MORE_PROCESSING_REQUIRED If we wait for the mechListMIC from the server we should send a valid paket instead of an empty blob. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit a97057d5b88c02bb3874f2dfe2ed5a8c2edfc596 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Jul 17 20:49:34 2017 +0200 auth/spnego: make sure we don't return OK without sub_sec_ready in gensec_spnego_client_negTokenTarg() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit f7f9de406a2d1a5e4fea1633c77c3907545a48a3 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Jul 17 20:47:57 2017 +0200 auth/spnego: do an early return for the success case in gensec_spnego_client_negTokenTarg() Check with git show -w Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 9b4d44a0559e57d921e0a1c033b2ca0c35326f57 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 16:26:42 2017 +0200 auth/spnego: use better variable names in gensec_spnego_create_negTokenInit() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit d9e764ed9b134f3c7e0869bd5567dbf49513d45f Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 16:20:59 2017 +0200 auth/spnego: introduce an early return in gensec_spnego_create_negTokenInit() This avoids print two debug message for the same failure. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 6a3c50f368979c8bf5dc6c8c88bf34227c61a56e Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 16:16:35 2017 +0200 auth/spnego: add more error checking to gensec_spnego_create_negTokenInit() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 1ff538124dc9b8785591002937c2b59ee6c07d8c Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 16:08:05 2017 +0200 auth/spnego: rename 'nt_status' to 'status' in gensec_spnego_create_negTokenInit() This makes future diffs smaller. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 10100348de01a9f5f0bb781f8acda9980ea2d3f1 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 16:05:39 2017 +0200 auth/spnego: make the debug messages in gensec_spnego_create_negTokenInit() more useful Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 71ca6fcf13aca7dae3201fc3ec45c5ea77a9f333 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 15:49:32 2017 +0200 auth/spnego: remove one more useless indentation level in gensec_spnego_create_negTokenInit() Check with git show -w -U20 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3042107a83c1d5e18e39ddc93deaede5610e1049 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 15:44:53 2017 +0200 auth/spnego: introduce an early goto reply: for the server in gensec_spnego_create_negTokenInit() This removes a useless indentation level and simplifies future patches. Check with git show -w Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 248be3bfa63aa52a41993ee70dcf5380be394f20 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 15:41:23 2017 +0200 auth/spnego: move the output generation to the end of gensec_spnego_create_negTokenInit() This will simplify the diff of future patches. Check with git show -w Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 81df16a54ab28b0e4925623aaec93ac6238eb4be Author: Stefan Metzmacher <me...@samba.org> Date: Tue Jun 13 23:43:01 2017 +0200 auth/spnego: make the SPNEGO_FALLBACK continuation completely async Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 9502f535338f06f334e294827ea339001d8625b8 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 13 16:49:57 2017 +0200 auth/spnego: invert the fallback logic in gensec_spnego_client_negTokenInit() We should do the return first, that will simplify further changes. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3bf494645044f858e7e34501d7b39e2677745ede Author: Stefan Metzmacher <me...@samba.org> Date: Tue Jun 13 23:43:01 2017 +0200 auth/spnego: split out gensec_spnego_update_pre/post() functions For now we keep doing sync processing only, in future we'll do some preprocessing before a gensec_update_send() on the subcontext in gensec_spnego_update_pre() and handle the the result of gensec_update_recv() in gensec_spnego_update_post(). Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit cb8f370abd3f1dc83e434c08977c5b46a698e428 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 11:39:39 2017 +0200 auth/spnego: inline gensec_spnego_parse_negTokenInit() into gensec_spnego_server_negTokenInit() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit efacdf970e36b8d4aea553d84c1ef4c10cfbe75a Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 11:11:57 2017 +0200 auth/spnego: remove more dead code from gensec_spnego_parse_negTokenInit() Now we finally have a logic that someone can understand while reading it. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit ba9c51d51db4ba5663357fb0ef1b07db640b3428 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 11:09:59 2017 +0200 auth/spnego: add an early return for OK or MORE PROCESSING in gensec_spnego_parse_negTokenInit() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 32836a77b1d46c2fdfea5586298cbf2ee402566a Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 11:07:41 2017 +0200 auth/spnego: add an early return for a hard error in gensec_spnego_parse_negTokenInit() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 1523a778e9f1d847d1a0d49b3c717779114b9d97 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 11:05:39 2017 +0200 auth/spnego: do an early return when we downgraded the mech in gensec_spnego_parse_negTokenInit() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 2a846bab19aaa7fc52c16e9fc78318285858ff8e Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 11:03:37 2017 +0200 auth/spnego: remove one more useless indentation level from gensec_spnego_parse_negTokenInit() Check with 'git show -w -U45' and carefully check the 'break' vs. 'continue' changes. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit f2044028fcd1d756085067190045ee87a4ea3537 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 10:57:52 2017 +0200 auth/spnego: remove dead code from gensec_spnego_parse_negTokenInit() Check with git show -U15 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 1c2ed3dec96cb201cd78b7a324dbe96ab7ac26e9 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 10:54:54 2017 +0200 auth/spnego: remove unused indentation level from gensec_spnego_parse_negTokenInit() gensec_spnego_parse_negTokenInit() is only used as server now. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 8ddfafdb7e6df21b83475b593e908ee11d1304b6 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 10:11:43 2017 +0200 auth/spnego: inline gensec_spnego_parse_negTokenInit() client logic into gensec_spnego_client_negTokenInit() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 482fe65eb9ca4dee9b26e2634d0810a923ea07c0 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 10:44:00 2017 +0200 auth/spnego: let gensec_spnego_parse_negTokenInit() require client provides mechs Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 7c04ee943f2236e73a259ba79c70d16c73875498 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 09:22:25 2017 +0200 auth/spnego: inline gensec_spnego_update_server() into gensec_spnego_update_send() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit fe4521dcc8779f0835748b6a0e87f2c694c8c582 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 09:22:25 2017 +0200 auth/spnego: inline gensec_spnego_update_client() into gensec_spnego_update_send() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit f85f9da24a810f8833a3f359b5add678e7df300e Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 09:18:18 2017 +0200 auth/spnego: split out a gensec_spnego_server_negTokenTarg() function Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit e60222d5c31b524a8b952b46ef04ef86fc15b87d Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 09:05:29 2017 +0200 auth/spnego: introduce a 'struct spnego_negTokenTarg *ta' helper variable in gensec_spnego_update_server() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 909d190ec2d7cf45ec49fb7f63de8dcc759559f6 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 09:01:18 2017 +0200 auth/spnego: split out a gensec_spnego_client_negTokenTarg() function Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 7128dd8f514afc50d71886bd9b14c4d8ca8ef1bf Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 08:42:08 2017 +0200 auth/spnego: make more use of the 'ta' helper variable in gensec_spnego_update_client() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 2054008f7db8838e1aa98369fb19153f810469e6 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 08:30:24 2017 +0200 auth/spnego: split out a gensec_spnego_server_negTokenInit() function. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3ed3d81eee47821f97b593a9d7beaf3faf0cd745 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 08:11:32 2017 +0200 auth/spnego: split out a gensec_spnego_client_negTokenInit() function. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit ce6c80ab0dac167f554d021f02166005a0ca95bb Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 08:00:00 2017 +0200 auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_update_client() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3866d559510396441895dcd82f7e61a27a814c59 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 07:58:51 2017 +0200 auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_create_negTokenInit() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit eee973a6aee5c1298c1dfed12fced34f3deeaf85 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 28 14:53:49 2017 +0200 auth/spnego: make use of GENSEC_UPDATE_IS_NTERROR() in gensec_spnego_update_send() Check with git show -U15 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit dc074180be692d2cfe36e70edae96b1c28e1a094 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jul 7 07:53:29 2017 +0200 auth/spnego: simplify the error handling logic in gensec_spnego_parse_negTokenInit() We can just use GENSEC_UPDATE_IS_NTERROR() as NT_STATUS_INVALID_PARAMETER is mapped to NT_STATUS_MORE_PROCESSING_REQUIRED in the lines above. Check with git show -U10 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3903ba821b80ba9abb2c265a4e315cf6108a4501 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 6 15:36:36 2017 +0200 auth/spnego: call gensec_spnego_create_negTokenInit() directly in gensec_spnego_update_send() This simplifies further refactoring. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 6521967c4b5e89ac9ceefc38c591fa717e5aedd6 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 14 03:39:02 2017 +0200 auth/spnego: do parse the incoming blob already in gensec_spnego_update_send() It's easier to have this in one central place. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 00c195b43152fd9d14f82b0861ef137269abe051 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jul 5 09:59:16 2017 +0200 auth/spnego: introduce a 'spnego_in' helper variable in gensec_spnego_update_client() In the following commits we'll pass that variable from the caller and this preparation will reduce the diff for the following patches. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit c988596cb5880b2d0278a1471535f70dc890c69c Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jul 5 09:59:16 2017 +0200 auth/spnego: introduce a 'spnego_in' helper variable in gensec_spnego_update_client() In the following commits we'll pass that variable from the caller and this preparation will reduce the diff for the following patches. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit e243fb510dcec8cf1f8ba6ee76077ca99be8cb9c Author: Stefan Metzmacher <me...@samba.org> Date: Fri Dec 30 12:59:01 2016 +0100 auth/spnego: skip gensec_update_ev() if sub_sec_ready is already true in gensec_spnego_update_server() This matches the flow already used in the client case. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit a2a4483ce11ac10e57b24a7581112bdaf38e86c6 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jun 14 03:39:02 2017 +0200 auth/spnego: move gensec_update_ev() out of gensec_spnego_server_try_fallback() This makes it easier to handle SPNEGO_FALLBACK code path completely async from the first packet in future. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 404f923e34ecdb51577b6cfee0cda2a7b3e8efd3 Author: Andreas Schneider <a...@samba.org> Date: Wed Jul 19 10:47:37 2017 +0200 auth/spnego: Fix withespace and indent in gensec_spnego_server_try_fallback() Pair-Programmed-With: Stefan Metzmacher <me...@samba.org> Signed-off-by: Andreas Schneider <a...@samba.org> Signed-off-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: auth/gensec/gensec.c | 110 +- auth/gensec/gensec.h | 4 - auth/gensec/gensec_internal.h | 1 + auth/gensec/gensec_start.c | 11 +- auth/gensec/spnego.c | 2426 +++++++++++++++++++++++++---------------- source4/lib/http/http.h | 2 +- source4/lib/http/http_auth.c | 337 +++--- 7 files changed, 1691 insertions(+), 1200 deletions(-) Changeset truncated at 500 lines: diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c index 014516f..61bff22 100644 --- a/auth/gensec/gensec.c +++ b/auth/gensec/gensec.c @@ -319,38 +319,48 @@ static NTSTATUS gensec_verify_features(struct gensec_security *gensec_security) return NT_STATUS_OK; } -_PUBLIC_ NTSTATUS gensec_update_ev(struct gensec_security *gensec_security, - TALLOC_CTX *out_mem_ctx, - struct tevent_context *ev, - const DATA_BLOB in, DATA_BLOB *out) +/** + * Next state function for the GENSEC state machine + * + * @param gensec_security GENSEC State + * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on + * @param in The request, as a DATA_BLOB + * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx + * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, + * or NT_STATUS_OK if the user is authenticated. + */ +_PUBLIC_ NTSTATUS gensec_update(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB in, DATA_BLOB *out) { NTSTATUS status; - const struct gensec_security_ops *ops = gensec_security->ops; TALLOC_CTX *frame = NULL; + struct tevent_context *ev = NULL; struct tevent_req *subreq = NULL; bool ok; - if (gensec_security->child_security != NULL) { - return NT_STATUS_INVALID_PARAMETER; + if (gensec_security->subcontext) { + /* + * gensec modules are not allowed to call the sync version. + */ + return NT_STATUS_INTERNAL_ERROR; } frame = talloc_stackframe(); + ev = samba_tevent_context_init(frame); if (ev == NULL) { - ev = samba_tevent_context_init(frame); - if (ev == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - - /* - * TODO: remove this hack once the backends - * are fixed. - */ - tevent_loop_allow_nesting(ev); + status = NT_STATUS_NO_MEMORY; + goto fail; } - subreq = ops->update_send(frame, ev, gensec_security, in); + /* + * TODO: remove this hack once the backends + * are fixed. + */ + tevent_loop_allow_nesting(ev); + + subreq = gensec_update_send(frame, ev, gensec_security, in); if (subreq == NULL) { status = NT_STATUS_NO_MEMORY; goto fail; @@ -359,43 +369,12 @@ _PUBLIC_ NTSTATUS gensec_update_ev(struct gensec_security *gensec_security, if (!ok) { goto fail; } - status = ops->update_recv(subreq, out_mem_ctx, out); - if (!NT_STATUS_IS_OK(status)) { - goto fail; - } - - /* - * Because callers using the - * gensec_start_mech_by_auth_type() never call - * gensec_want_feature(), it isn't sensible for them - * to have to call gensec_have_feature() manually, and - * these are not points of negotiation, but are - * asserted by the client - */ - status = gensec_verify_features(gensec_security); + status = gensec_update_recv(subreq, out_mem_ctx, out); fail: TALLOC_FREE(frame); return status; } -/** - * Next state function for the GENSEC state machine - * - * @param gensec_security GENSEC State - * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on - * @param in The request, as a DATA_BLOB - * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx - * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, - * or NT_STATUS_OK if the user is authenticated. - */ - -_PUBLIC_ NTSTATUS gensec_update(struct gensec_security *gensec_security, - TALLOC_CTX *out_mem_ctx, - const DATA_BLOB in, DATA_BLOB *out) -{ - return gensec_update_ev(gensec_security, out_mem_ctx, NULL, in, out); -} - struct gensec_update_state { const struct gensec_security_ops *ops; struct gensec_security *gensec_security; @@ -454,6 +433,9 @@ _PUBLIC_ struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx, } tevent_req_set_callback(subreq, gensec_update_done, req); + DBG_DEBUG("%s[%p]: subreq: %p\n", state->ops->name, + state->gensec_security, subreq); + return req; } @@ -484,15 +466,35 @@ static void gensec_update_done(struct tevent_req *subreq) tevent_req_data(req, struct gensec_update_state); NTSTATUS status; + const char *debug_subreq = NULL; + + if (CHECK_DEBUGLVL(DBGLVL_DEBUG)) { + /* + * We need to call tevent_req_print() + * before calling the _recv function, + * before tevent_req_received() was called. + * in order to print the pointer value of + * the subreq state. + */ + debug_subreq = tevent_req_print(state, subreq); + } status = state->ops->update_recv(subreq, state, &state->out); TALLOC_FREE(subreq); state->status = status; - if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - tevent_req_done(req); + if (GENSEC_UPDATE_IS_NTERROR(status)) { + DBG_INFO("%s[%p]: %s%s%s\n", state->ops->name, + state->gensec_security, nt_errstr(status), + debug_subreq ? " " : "", + debug_subreq ? debug_subreq : ""); + tevent_req_nterror(req, status); return; } - if (tevent_req_nterror(req, status)) { + DBG_DEBUG("%s[%p]: %s %s\n", state->ops->name, + state->gensec_security, nt_errstr(status), + debug_subreq); + if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + tevent_req_done(req); return; } diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h index a466f27..d424067 100644 --- a/auth/gensec/gensec.h +++ b/auth/gensec/gensec.h @@ -138,10 +138,6 @@ size_t gensec_max_update_size(struct gensec_security *gensec_security); NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, const DATA_BLOB in, DATA_BLOB *out); -NTSTATUS gensec_update_ev(struct gensec_security *gensec_security, - TALLOC_CTX *out_mem_ctx, - struct tevent_context *ev, - const DATA_BLOB in, DATA_BLOB *out); struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct gensec_security *gensec_security, diff --git a/auth/gensec/gensec_internal.h b/auth/gensec/gensec_internal.h index c73be11..911b48b 100644 --- a/auth/gensec/gensec_internal.h +++ b/auth/gensec/gensec_internal.h @@ -86,6 +86,7 @@ struct gensec_security_ops { bool enabled; bool kerberos; enum gensec_priority priority; + bool glue; }; struct gensec_security_ops_wrapper { diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c index 6a12935..4276620 100644 --- a/auth/gensec/gensec_start.c +++ b/auth/gensec/gensec_start.c @@ -98,15 +98,12 @@ _PUBLIC_ const struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX j = 0; for (i=0; old_gensec_list && old_gensec_list[i]; i++) { - int oid_idx; bool keep = false; - for (oid_idx = 0; old_gensec_list[i]->oid && old_gensec_list[i]->oid[oid_idx]; oid_idx++) { - if (strcmp(old_gensec_list[i]->oid[oid_idx], GENSEC_OID_SPNEGO) == 0) { - keep = true; - break; - } - } + /* + * We want to keep SPNGEO and other backends + */ + keep = old_gensec_list[i]->glue; if (old_gensec_list[i]->auth_type == DCERPC_AUTH_TYPE_SCHANNEL) { keep = keep_schannel; diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c index 6168c93..9857e78 100644 --- a/auth/gensec/spnego.c +++ b/auth/gensec/spnego.c @@ -47,6 +47,74 @@ enum spnego_state_position { SPNEGO_DONE }; +struct spnego_state; +struct spnego_neg_ops; +struct spnego_neg_state; + +struct spnego_neg_state { + const struct spnego_neg_ops *ops; + const struct gensec_security_ops_wrapper *all_sec; + size_t all_idx; + const char * const *mech_types; + size_t mech_idx; +}; + +struct spnego_neg_ops { + const char *name; + /* + * The start hook does the initial processing on the incoming paket and + * may starts the first possible subcontext. It indicates that + * gensec_update() is required on the subcontext by returning + * NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in + * 'in_next'. Note that 'in_mem_ctx' is just passed as a hint, the + * caller should treat 'in_next' as const and don't attempt to free the + * content. NT_STATUS_OK indicates the finish hook should be invoked + * directly withing the need of gensec_update() on the subcontext. + * Every other error indicates an error that's returned to the caller. + */ + NTSTATUS (*start_fn)(struct gensec_security *gensec_security, + struct spnego_state *spnego_state, + struct spnego_neg_state *n, + struct spnego_data *spnego_in, + TALLOC_CTX *in_mem_ctx, + DATA_BLOB *in_next); + /* + * The step hook processes the result of a failed gensec_update() and + * can decide to ignore a failure and continue the negotiation by + * setting up the next possible subcontext. It indicates that + * gensec_update() is required on the subcontext by returning + * NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in + * 'in_next'. Note that 'in_mem_ctx' is just passed as a hint, the + * caller should treat 'in_next' as const and don't attempt to free the + * content. NT_STATUS_OK indicates the finish hook should be invoked + * directly withing the need of gensec_update() on the subcontext. + * Every other error indicates an error that's returned to the caller. + */ + NTSTATUS (*step_fn)(struct gensec_security *gensec_security, + struct spnego_state *spnego_state, + struct spnego_neg_state *n, + struct spnego_data *spnego_in, + NTSTATUS last_status, + TALLOC_CTX *in_mem_ctx, + DATA_BLOB *in_next); + /* + * The finish hook processes the result of a successful gensec_update() + * (NT_STATUS_OK or NT_STATUS_MORE_PROCESSING_REQUIRED). It forms the + * response pdu that will be returned from the toplevel gensec_update() + * together with NT_STATUS_OK or NT_STATUS_MORE_PROCESSING_REQUIRED. It + * may also alter the state machine to prepare receiving the next pdu + * from the peer. + */ + NTSTATUS (*finish_fn)(struct gensec_security *gensec_security, + struct spnego_state *spnego_state, + struct spnego_neg_state *n, + struct spnego_data *spnego_in, + NTSTATUS sub_status, + const DATA_BLOB sub_out, + TALLOC_CTX *out_mem_ctx, + DATA_BLOB *out); +}; + struct spnego_state { enum spnego_message_type expected_packet; enum spnego_state_position state_position; @@ -77,7 +145,21 @@ struct spnego_state { NTSTATUS out_status; }; -static void gensec_spnego_update_sub_abort(struct spnego_state *spnego_state) +static struct spnego_neg_state *gensec_spnego_neg_state(TALLOC_CTX *mem_ctx, + const struct spnego_neg_ops *ops) +{ + struct spnego_neg_state *n = NULL; + + n = talloc_zero(mem_ctx, struct spnego_neg_state); + if (n == NULL) { + return NULL; + } + n->ops = ops; + + return n; +} + +static void gensec_spnego_reset_sub_sec(struct spnego_state *spnego_state) { spnego_state->sub_sec_ready = false; TALLOC_FREE(spnego_state->sub_sec_security); @@ -140,22 +222,23 @@ static NTSTATUS gensec_spnego_server_start(struct gensec_security *gensec_securi static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec_security, struct spnego_state *spnego_state, - struct tevent_context *ev, - TALLOC_CTX *out_mem_ctx, - const DATA_BLOB in, DATA_BLOB *out) + TALLOC_CTX *mem_ctx, + const DATA_BLOB in) { int i,j; const struct gensec_security_ops **all_ops; - all_ops = gensec_security_mechs(gensec_security, out_mem_ctx); + all_ops = gensec_security_mechs(gensec_security, mem_ctx); for (i=0; all_ops && all_ops[i]; i++) { bool is_spnego; NTSTATUS nt_status; - if (gensec_security != NULL && - !gensec_security_ops_enabled(all_ops[i], gensec_security)) - continue; + if (gensec_security != NULL && + !gensec_security_ops_enabled(all_ops[i], gensec_security)) + { + continue; + } if (!all_ops[i]->oid) { continue; @@ -195,392 +278,811 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } - nt_status = gensec_update_ev(spnego_state->sub_sec_security, - out_mem_ctx, ev, in, out); - return nt_status; + + return NT_STATUS_OK; } DEBUG(1, ("Failed to parse SPNEGO request\n")); return NT_STATUS_INVALID_PARAMETER; } -/* - Parse the netTokenInit, either from the client, to the server, or - from the server to the client. -*/ +static NTSTATUS gensec_spnego_create_negTokenInit_start( + struct gensec_security *gensec_security, + struct spnego_state *spnego_state, + struct spnego_neg_state *n, + struct spnego_data *spnego_in, + TALLOC_CTX *in_mem_ctx, + DATA_BLOB *in_next) +{ + n->mech_idx = 0; + n->mech_types = gensec_security_oids(gensec_security, n, + GENSEC_OID_SPNEGO); + if (n->mech_types == NULL) { + DBG_WARNING("gensec_security_oids() failed\n"); + return NT_STATUS_NO_MEMORY; + } + + n->all_idx = 0; + n->all_sec = gensec_security_by_oid_list(gensec_security, + n, n->mech_types, + GENSEC_OID_SPNEGO); + if (n->all_sec == NULL) { + DBG_WARNING("gensec_security_by_oid_list() failed\n"); + return NT_STATUS_NO_MEMORY; + } + + return n->ops->step_fn(gensec_security, spnego_state, n, + spnego_in, NT_STATUS_OK, in_mem_ctx, in_next); +} -static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_security, - struct spnego_state *spnego_state, - TALLOC_CTX *out_mem_ctx, - struct tevent_context *ev, - struct spnego_data *spnego_in, - DATA_BLOB *unwrapped_out) +static NTSTATUS gensec_spnego_create_negTokenInit_step( + struct gensec_security *gensec_security, + struct spnego_state *spnego_state, + struct spnego_neg_state *n, + struct spnego_data *spnego_in, + NTSTATUS last_status, + TALLOC_CTX *in_mem_ctx, + DATA_BLOB *in_next) { - int i; - NTSTATUS nt_status = NT_STATUS_INVALID_PARAMETER; - const char * const *mechType = NULL; - DATA_BLOB unwrapped_in = data_blob_null; - bool ok; - const struct gensec_security_ops_wrapper *all_sec = NULL; + if (!NT_STATUS_IS_OK(last_status)) { + const struct gensec_security_ops_wrapper *cur_sec = + &n->all_sec[n->all_idx]; + const struct gensec_security_ops_wrapper *next_sec = NULL; + const char *next = NULL; + const char *principal = NULL; + int dbg_level = DBGLVL_WARNING; + NTSTATUS status = last_status; + + if (cur_sec[1].op != NULL) { + next_sec = &cur_sec[1]; + } + + if (next_sec != NULL) { + next = next_sec->op->name; + dbg_level = DBGLVL_NOTICE; + } + + if (gensec_security->target.principal != NULL) { + principal = gensec_security->target.principal; + } else if (gensec_security->target.service != NULL && + gensec_security->target.hostname != NULL) + { + principal = talloc_asprintf(spnego_state->sub_sec_security, + "%s/%s", + gensec_security->target.service, + gensec_security->target.hostname); + } else { + principal = gensec_security->target.hostname; + } + + DBG_PREFIX(dbg_level, ( + "%s: creating NEG_TOKEN_INIT for %s failed " + "(next[%s]): %s\n", cur_sec->op->name, + principal, next, nt_errstr(status))); + + if (next == NULL) { + /* + * A hard error without a possible fallback. + */ + return status; + } + + /* + * Pretend we never started it + */ + gensec_spnego_reset_sub_sec(spnego_state); - if (spnego_in->type != SPNEGO_NEG_TOKEN_INIT) { - return NT_STATUS_INTERNAL_ERROR; + /* + * And try the next one... + */ + n->all_idx += 1; } - mechType = spnego_in->negTokenInit.mechTypes; - unwrapped_in = spnego_in->negTokenInit.mechToken; + for (; n->all_sec[n->all_idx].op != NULL; n->all_idx++) { + const struct gensec_security_ops_wrapper *cur_sec = + &n->all_sec[n->all_idx]; + NTSTATUS status; + + status = gensec_subcontext_start(spnego_state, + gensec_security, + &spnego_state->sub_sec_security); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + /* select the sub context */ + status = gensec_start_mech_by_ops(spnego_state->sub_sec_security, + cur_sec->op); + if (!NT_STATUS_IS_OK(status)) { + gensec_spnego_reset_sub_sec(spnego_state); + continue; + } + + /* In the client, try and produce the first (optimistic) packet */ + if (spnego_state->state_position == SPNEGO_CLIENT_START) { + *in_next = data_blob_null; + return NT_STATUS_MORE_PROCESSING_REQUIRED; -- Samba Shared Repository