summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2009-09-13 18:42:45 +0200
committerGünther Deschner <gd@samba.org>2009-09-16 00:16:04 +0200
commit1f4123677e509f4479b87c0a9c20abdc556890b1 (patch)
tree58123b5e2ce352996f9a103ca01188afd1171038
parent9cb205d7535ce1ff811892580e3419c3f562d607 (diff)
downloadsamba-1f4123677e509f4479b87c0a9c20abdc556890b1.tar.gz
samba-1f4123677e509f4479b87c0a9c20abdc556890b1.tar.xz
samba-1f4123677e509f4479b87c0a9c20abdc556890b1.zip
s4-schannel: first step of decoupling schannel from gensec.
Guenther
-rw-r--r--source4/auth/gensec/schannel.c51
-rw-r--r--source4/auth/gensec/schannel_sign.c20
2 files changed, 51 insertions, 20 deletions
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index 15d64436e3..90b90fca9c 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -281,6 +281,49 @@ static bool schannel_have_feature(struct gensec_security *gensec_security,
return false;
}
+static NTSTATUS schannel_seal_packet_wrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ DATA_BLOB *sig)
+{
+ struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
+
+ return schannel_seal_packet(state, mem_ctx, data, length, sig);
+}
+
+static NTSTATUS schannel_sign_packet_wrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ DATA_BLOB *sig)
+{
+ struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
+
+ return schannel_sign_packet(state, mem_ctx, data, length, sig);
+}
+
+static NTSTATUS schannel_check_packet_wrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ const DATA_BLOB *sig)
+{
+ struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
+
+ return schannel_check_packet(state, mem_ctx, data, length, sig);
+}
+
+static NTSTATUS schannel_unseal_packet_wrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ const DATA_BLOB *sig)
+{
+ struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
+
+ return schannel_unseal_packet(state, mem_ctx, data, length, sig);
+}
static const struct gensec_security_ops gensec_schannel_security_ops = {
.name = "schannel",
@@ -288,10 +331,10 @@ static const struct gensec_security_ops gensec_schannel_security_ops = {
.client_start = schannel_client_start,
.server_start = schannel_server_start,
.update = schannel_update,
- .seal_packet = schannel_seal_packet,
- .sign_packet = schannel_sign_packet,
- .check_packet = schannel_check_packet,
- .unseal_packet = schannel_unseal_packet,
+ .seal_packet = schannel_seal_packet_wrap,
+ .sign_packet = schannel_sign_packet_wrap,
+ .check_packet = schannel_check_packet_wrap,
+ .unseal_packet = schannel_unseal_packet_wrap,
.session_key = schannel_session_key,
.session_info = schannel_session_info,
.sig_size = schannel_sig_size,
diff --git a/source4/auth/gensec/schannel_sign.c b/source4/auth/gensec/schannel_sign.c
index 1547175658..ca066b102d 100644
--- a/source4/auth/gensec/schannel_sign.c
+++ b/source4/auth/gensec/schannel_sign.c
@@ -99,14 +99,11 @@ static void schannel_digest(const uint8_t sess_key[16],
/*
unseal a packet
*/
-NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
+NTSTATUS schannel_unseal_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
- struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
-
uint8_t digest_final[16];
uint8_t confounder[8];
uint8_t seq_num[8];
@@ -150,14 +147,11 @@ NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
/*
check the signature on a packet
*/
-NTSTATUS schannel_check_packet(struct gensec_security *gensec_security,
+NTSTATUS schannel_check_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
- struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
-
uint8_t digest_final[16];
uint8_t seq_num[8];
static const uint8_t netsec_sig[8] = NETSEC_SIGN_SIGNATURE;
@@ -198,14 +192,11 @@ NTSTATUS schannel_check_packet(struct gensec_security *gensec_security,
/*
seal a packet
*/
-NTSTATUS schannel_seal_packet(struct gensec_security *gensec_security,
+NTSTATUS schannel_seal_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
{
- struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
-
uint8_t digest_final[16];
uint8_t confounder[8];
uint8_t seq_num[8];
@@ -246,14 +237,11 @@ NTSTATUS schannel_seal_packet(struct gensec_security *gensec_security,
/*
sign a packet
*/
-NTSTATUS schannel_sign_packet(struct gensec_security *gensec_security,
+NTSTATUS schannel_sign_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
{
- struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
-
uint8_t digest_final[16];
uint8_t seq_num[8];
static const uint8_t netsec_sig[8] = NETSEC_SIGN_SIGNATURE;