s3:gse: add simple gensec_gse_update_send/recv() wrapper functions

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

1 files changed, 71 insertions, 15 deletions

diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c
index 972bbe023a8..bcda8de896f 100644
--- a/source3/librpc/crypto/gse.c
+++ b/source3/librpc/crypto/gse.c
@@ -22,6 +22,8 @@
 /* We support only GSSAPI/KRB5 here */
 
 #include "includes.h"
+#include <tevent.h>
+#include "lib/util/tevent_ntstatus.h"
 #include "gse.h"
 #include "libads/kerberos_proto.h"
 #include "auth/common_auth.h"
@@ -807,21 +809,51 @@ static NTSTATUS gensec_gse_server_start(struct gensec_security *gensec_security)
 	return NT_STATUS_OK;
 }
 
-/**
- * Next state function for the GSE GENSEC mechanism
- *
- * @param gensec_gse_state GSE State
- * @param mem_ctx The TALLOC_CTX for *out to be allocated on
- * @param in The request, as a DATA_BLOB
- * @param out The reply, as an talloc()ed DATA_BLOB, on *mem_ctx
- * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
- *                or NT_STATUS_OK if the user is authenticated.
- */
+struct gensec_gse_update_state {
+	NTSTATUS status;
+	DATA_BLOB out;
+};
 
-static NTSTATUS gensec_gse_update(struct gensec_security *gensec_security,
-				  TALLOC_CTX *mem_ctx,
-				  struct tevent_context *ev,
-				  const DATA_BLOB in, DATA_BLOB *out)
+static NTSTATUS gensec_gse_update_internal(struct gensec_security *gensec_security,
+					   TALLOC_CTX *mem_ctx,
+					   const DATA_BLOB in,
+					   DATA_BLOB *out);
+
+static struct tevent_req *gensec_gse_update_send(TALLOC_CTX *mem_ctx,
+						 struct tevent_context *ev,
+						 struct gensec_security *gensec_security,
+						 const DATA_BLOB in)
+{
+	struct tevent_req *req = NULL;
+	struct gensec_gse_update_state *state = NULL;
+	NTSTATUS status;
+
+	req = tevent_req_create(mem_ctx, &state,
+				struct gensec_gse_update_state);
+	if (req == NULL) {
+		return NULL;
+	}
+
+	status = gensec_gse_update_internal(gensec_security,
+					    state, in,
+					    &state->out);
+	state->status = status;
+	if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+		tevent_req_done(req);
+		return tevent_req_post(req, ev);
+	}
+	if (tevent_req_nterror(req, status)) {
+		return tevent_req_post(req, ev);
+	}
+
+	tevent_req_done(req);
+	return tevent_req_post(req, ev);
+}
+
+static NTSTATUS gensec_gse_update_internal(struct gensec_security *gensec_security,
+					   TALLOC_CTX *mem_ctx,
+					   const DATA_BLOB in,
+					   DATA_BLOB *out)
 {
 	NTSTATUS status;
 
@@ -844,6 +876,29 @@ static NTSTATUS gensec_gse_update(struct gensec_security *gensec_security,
 	return NT_STATUS_OK;
 }
 
+static NTSTATUS gensec_gse_update_recv(struct tevent_req *req,
+				       TALLOC_CTX *out_mem_ctx,
+				       DATA_BLOB *out)
+{
+	struct gensec_gse_update_state *state =
+		tevent_req_data(req,
+		struct gensec_gse_update_state);
+	NTSTATUS status;
+
+	*out = data_blob_null;
+
+	if (tevent_req_is_nterror(req, &status)) {
+		tevent_req_received(req);
+		return status;
+	}
+
+	*out = state->out;
+	talloc_steal(out_mem_ctx, state->out.data);
+	status = state->status;
+	tevent_req_received(req);
+	return status;
+}
+
 static NTSTATUS gensec_gse_wrap(struct gensec_security *gensec_security,
 				TALLOC_CTX *mem_ctx,
 				const DATA_BLOB *in,
@@ -1295,7 +1350,8 @@ const struct gensec_security_ops gensec_gse_krb5_security_ops = {
 	.client_start   = gensec_gse_client_start,
 	.server_start   = gensec_gse_server_start,
 	.magic  	= gensec_magic_check_krb5_oid,
-	.update 	= gensec_gse_update,
+	.update_send	= gensec_gse_update_send,
+	.update_recv	= gensec_gse_update_recv,
 	.session_key	= gensec_gse_session_key,
 	.session_info	= gensec_gse_session_info,
 	.sig_size	= gensec_gse_sig_size,