diff options
author | Stefan Metzmacher <metze@samba.org> | 2018-10-31 17:12:02 +0100 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2019-01-12 03:13:36 +0100 |
commit | 72643248d9aef3ce793e156ec80021a2163bdce3 (patch) | |
tree | dd9abcd1e7df01cdadd51df04102ac5d6c960bdd /source4 | |
parent | c621a87322c60811483c735a23922f85064a684a (diff) | |
download | samba-72643248d9aef3ce793e156ec80021a2163bdce3.tar.gz |
s4:rpc_server: use helper variables to access 'struct dcesrv_auth' in dcesrv_auth.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source4')
-rw-r--r-- | source4/rpc_server/dcesrv_auth.c | 87 |
1 files changed, 45 insertions, 42 deletions
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c index efc16e91339..bd05accc6c4 100644 --- a/source4/rpc_server/dcesrv_auth.c +++ b/source4/rpc_server/dcesrv_auth.c @@ -70,7 +70,7 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call) "DCE/RPC", auth_type, transport_protection, - call->conn->auth_state.session_info); + auth->session_info); return true; } @@ -244,6 +244,7 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call) NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status) { struct dcesrv_connection *dce_conn = call->conn; + struct dcesrv_auth *auth = &call->conn->auth_state; const char *pdu = "<unknown>"; switch (call->pkt.ptype) { @@ -274,15 +275,15 @@ NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status) return status; } - status = gensec_session_info(dce_conn->auth_state.gensec_security, - dce_conn, - &dce_conn->auth_state.session_info); + status = gensec_session_info(auth->gensec_security, + dce_conn, // TODO + &auth->session_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to establish session_info: %s\n", nt_errstr(status))); return status; } - dce_conn->auth_state.auth_finished = true; + auth->auth_finished = true; dce_conn->allow_request = true; if (call->pkt.ptype != DCERPC_PKT_AUTH3) { @@ -305,29 +306,30 @@ NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status) NTSTATUS dcesrv_auth_prepare_bind_ack(struct dcesrv_call_state *call, struct ncacn_packet *pkt) { struct dcesrv_connection *dce_conn = call->conn; + struct dcesrv_auth *auth = &call->conn->auth_state; dce_conn->allow_alter = true; dce_conn->allow_auth3 = true; if (call->pkt.auth_length == 0) { - dce_conn->auth_state.auth_finished = true; + auth->auth_finished = true; dce_conn->allow_request = true; return NT_STATUS_OK; } /* We can't work without an existing gensec state */ - if (!call->conn->auth_state.gensec_security) { + if (auth->gensec_security == NULL) { return NT_STATUS_INTERNAL_ERROR; } - if (dce_conn->auth_state.hdr_signing) { + if (auth->hdr_signing) { pkt->pfc_flags |= DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN; } call->_out_auth_info = (struct dcerpc_auth) { - .auth_type = dce_conn->auth_state.auth_type, - .auth_level = dce_conn->auth_state.auth_level, - .auth_context_id = dce_conn->auth_state.auth_context_id, + .auth_type = auth->auth_type, + .auth_level = auth->auth_level, + .auth_context_id = auth->auth_context_id, }; call->out_auth_info = &call->_out_auth_info; @@ -340,19 +342,19 @@ NTSTATUS dcesrv_auth_prepare_bind_ack(struct dcesrv_call_state *call, struct nca bool dcesrv_auth_prepare_auth3(struct dcesrv_call_state *call) { struct ncacn_packet *pkt = &call->pkt; - struct dcesrv_connection *dce_conn = call->conn; + struct dcesrv_auth *auth = &call->conn->auth_state; NTSTATUS status; if (pkt->auth_length == 0) { return false; } - if (dce_conn->auth_state.auth_finished) { + if (auth->auth_finished) { return false; } /* We can't work without an existing gensec state */ - if (!dce_conn->auth_state.gensec_security) { + if (auth->gensec_security == NULL) { return false; } @@ -367,22 +369,22 @@ bool dcesrv_auth_prepare_auth3(struct dcesrv_call_state *call) return false; } - if (call->in_auth_info.auth_type != dce_conn->auth_state.auth_type) { + if (call->in_auth_info.auth_type != auth->auth_type) { return false; } - if (call->in_auth_info.auth_level != dce_conn->auth_state.auth_level) { + if (call->in_auth_info.auth_level != auth->auth_level) { return false; } - if (call->in_auth_info.auth_context_id != dce_conn->auth_state.auth_context_id) { + if (call->in_auth_info.auth_context_id != auth->auth_context_id) { return false; } call->_out_auth_info = (struct dcerpc_auth) { - .auth_type = dce_conn->auth_state.auth_type, - .auth_level = dce_conn->auth_state.auth_level, - .auth_context_id = dce_conn->auth_state.auth_context_id, + .auth_type = auth->auth_type, + .auth_level = auth->auth_level, + .auth_context_id = auth->auth_context_id, }; call->out_auth_info = &call->_out_auth_info; @@ -397,24 +399,24 @@ bool dcesrv_auth_prepare_auth3(struct dcesrv_call_state *call) bool dcesrv_auth_alter(struct dcesrv_call_state *call) { struct ncacn_packet *pkt = &call->pkt; - struct dcesrv_connection *dce_conn = call->conn; + struct dcesrv_auth *auth = &call->conn->auth_state; NTSTATUS status; /* on a pure interface change there is no auth blob */ if (pkt->auth_length == 0) { - if (!dce_conn->auth_state.auth_finished) { + if (!auth->auth_finished) { return false; } return true; } - if (dce_conn->auth_state.auth_finished) { + if (auth->auth_finished) { call->fault_code = DCERPC_FAULT_ACCESS_DENIED; return false; } /* We can't work without an existing gensec state */ - if (!dce_conn->auth_state.gensec_security) { + if (auth->gensec_security == NULL) { return false; } @@ -430,15 +432,15 @@ bool dcesrv_auth_alter(struct dcesrv_call_state *call) return false; } - if (call->in_auth_info.auth_type != dce_conn->auth_state.auth_type) { + if (call->in_auth_info.auth_type != auth->auth_type) { return false; } - if (call->in_auth_info.auth_level != dce_conn->auth_state.auth_level) { + if (call->in_auth_info.auth_level != auth->auth_level) { return false; } - if (call->in_auth_info.auth_context_id != dce_conn->auth_state.auth_context_id) { + if (call->in_auth_info.auth_context_id != auth->auth_context_id) { return false; } @@ -451,7 +453,7 @@ bool dcesrv_auth_alter(struct dcesrv_call_state *call) */ NTSTATUS dcesrv_auth_prepare_alter_ack(struct dcesrv_call_state *call, struct ncacn_packet *pkt) { - struct dcesrv_connection *dce_conn = call->conn; + struct dcesrv_auth *auth = &call->conn->auth_state; /* on a pure interface change there is no auth_info structure setup */ @@ -459,14 +461,14 @@ NTSTATUS dcesrv_auth_prepare_alter_ack(struct dcesrv_call_state *call, struct nc return NT_STATUS_OK; } - if (!call->conn->auth_state.gensec_security) { + if (auth->gensec_security == NULL) { return NT_STATUS_INTERNAL_ERROR; } call->_out_auth_info = (struct dcerpc_auth) { - .auth_type = dce_conn->auth_state.auth_type, - .auth_level = dce_conn->auth_state.auth_level, - .auth_context_id = dce_conn->auth_state.auth_context_id, + .auth_type = auth->auth_type, + .auth_level = auth->auth_level, + .auth_context_id = auth->auth_context_id, }; call->out_auth_info = &call->_out_auth_info; @@ -485,10 +487,11 @@ bool dcesrv_auth_pkt_pull(struct dcesrv_call_state *call, { struct ncacn_packet *pkt = &call->pkt; struct dcesrv_connection *dce_conn = call->conn; + struct dcesrv_auth *auth = &call->conn->auth_state; const struct dcerpc_auth tmp_auth = { - .auth_type = dce_conn->auth_state.auth_type, - .auth_level = dce_conn->auth_state.auth_level, - .auth_context_id = dce_conn->auth_state.auth_context_id, + .auth_type = auth->auth_type, + .auth_level = auth->auth_level, + .auth_context_id = auth->auth_context_id, }; NTSTATUS status; @@ -497,12 +500,12 @@ bool dcesrv_auth_pkt_pull(struct dcesrv_call_state *call, return false; } - if (dce_conn->auth_state.auth_invalid) { + if (auth->auth_invalid) { return false; } status = dcerpc_ncacn_pull_pkt_auth(&tmp_auth, - dce_conn->auth_state.gensec_security, + auth->gensec_security, call, pkt->ptype, required_flags, @@ -543,16 +546,16 @@ bool dcesrv_auth_pkt_push(struct dcesrv_call_state *call, const DATA_BLOB *payload, const struct ncacn_packet *pkt) { - struct dcesrv_connection *dce_conn = call->conn; + struct dcesrv_auth *auth = &call->conn->auth_state; const struct dcerpc_auth tmp_auth = { - .auth_type = dce_conn->auth_state.auth_type, - .auth_level = dce_conn->auth_state.auth_level, - .auth_context_id = dce_conn->auth_state.auth_context_id, + .auth_type = auth->auth_type, + .auth_level = auth->auth_level, + .auth_context_id = auth->auth_context_id, }; NTSTATUS status; status = dcerpc_ncacn_push_pkt_auth(&tmp_auth, - dce_conn->auth_state.gensec_security, + auth->gensec_security, call, blob, sig_size, payload_offset, payload, |