summaryrefslogtreecommitdiffstats
path: root/source4/auth
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2005-06-16 11:36:09 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:18:15 -0500
commitaf237084ecd4f9928c6c282b9c5c73598d5c73d6 (patch)
treea11f156dd4a4d20deaf74c16d90ae20d0f59f365 /source4/auth
parent3b9dfb0da3e6e7afff7be60b571493bb288d385f (diff)
downloadsamba-af237084ecd4f9928c6c282b9c5c73598d5c73d6.tar.gz
samba-af237084ecd4f9928c6c282b9c5c73598d5c73d6.tar.xz
samba-af237084ecd4f9928c6c282b9c5c73598d5c73d6.zip
r7633: this patch started as an attempt to make the dcerpc code use a given
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/auth.c15
-rw-r--r--source4/auth/auth.h3
-rw-r--r--source4/auth/auth_domain.c2
-rw-r--r--source4/auth/gensec/gensec.c37
-rw-r--r--source4/auth/gensec/gensec.h1
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c4
6 files changed, 48 insertions, 14 deletions
diff --git a/source4/auth/auth.c b/source4/auth/auth.c
index 674e9a7f46..dab1912d8e 100644
--- a/source4/auth/auth.c
+++ b/source4/auth/auth.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "dlinklist.h"
#include "auth/auth.h"
+#include "lib/events/events.h"
/***************************************************************************
Set a fixed challenge
@@ -199,7 +200,9 @@ NTSTATUS auth_check_password(struct auth_context *auth_ctx,
/***************************************************************************
Make a auth_info struct for the auth subsystem
***************************************************************************/
-NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **methods, struct auth_context **auth_ctx)
+NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **methods,
+ struct auth_context **auth_ctx,
+ struct event_context *ev)
{
int i;
struct auth_context *ctx;
@@ -215,6 +218,16 @@ NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **methods, struct a
ctx->challenge.may_be_modified = False;
ctx->challenge.data = data_blob(NULL, 0);
ctx->methods = NULL;
+
+ if (ev == NULL) {
+ ev = event_context_init(ctx);
+ if (ev == NULL) {
+ talloc_free(ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+
+ ctx->event_ctx = ev;
for (i=0; methods[i] ; i++) {
struct auth_method_context *method;
diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index d1f8caa2a0..b4f08b2859 100644
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -144,6 +144,9 @@ struct auth_context {
/* methods, in the order they should be called */
struct auth_method_context *methods;
+
+ /* the event context to use for calls that can block */
+ struct event_context *event_ctx;
};
/* this structure is used by backends to determine the size of some critical types */
diff --git a/source4/auth/auth_domain.c b/source4/auth/auth_domain.c
index 041135e4d4..339cc18531 100644
--- a/source4/auth/auth_domain.c
+++ b/source4/auth/auth_domain.c
@@ -84,7 +84,7 @@ static NTSTATUS domain_check_password(struct auth_method_context *ctx,
status = dcerpc_pipe_connect_b(mem_ctx, &p, b,
DCERPC_NETLOGON_UUID,
DCERPC_NETLOGON_VERSION,
- credentials);
+ credentials, ctx->auth_ctx->event_ctx);
if (!NT_STATUS_IS_OK(status)) {
return status;
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index 1608f21114..d9c264cdd8 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -23,6 +23,7 @@
#include "includes.h"
#include "auth/auth.h"
+#include "lib/events/events.h"
/* the list of currently registered GENSEC backends */
const static struct gensec_security_ops **generic_security_ops;
@@ -228,12 +229,12 @@ const char **gensec_security_oids(TALLOC_CTX *mem_ctx, const char *skip)
@param gensec_security Returned GENSEC context pointer.
@note The mem_ctx is only a parent and may be NULL.
*/
-static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security)
+static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
+ struct gensec_security **gensec_security,
+ struct event_context *ev)
{
(*gensec_security) = talloc(mem_ctx, struct gensec_security);
- if (!(*gensec_security)) {
- return NT_STATUS_NO_MEMORY;
- }
+ NT_STATUS_HAVE_NO_MEMORY(*gensec_security);
(*gensec_security)->ops = NULL;
@@ -241,6 +242,17 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, struct gensec_security **gense
(*gensec_security)->subcontext = False;
(*gensec_security)->want_features = 0;
+
+ if (ev == NULL) {
+ ev = event_context_init(*gensec_security);
+ if (ev == NULL) {
+ talloc_free(*gensec_security);
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+
+ (*gensec_security)->event_ctx = ev;
+
return NT_STATUS_OK;
}
@@ -257,15 +269,14 @@ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
struct gensec_security **gensec_security)
{
(*gensec_security) = talloc(mem_ctx, struct gensec_security);
- if (!(*gensec_security)) {
- return NT_STATUS_NO_MEMORY;
- }
+ NT_STATUS_HAVE_NO_MEMORY(*gensec_security);
(**gensec_security) = *parent;
(*gensec_security)->ops = NULL;
(*gensec_security)->private_data = NULL;
(*gensec_security)->subcontext = True;
+ (*gensec_security)->event_ctx = parent->event_ctx;
return NT_STATUS_OK;
}
@@ -276,10 +287,12 @@ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
@param gensec_security Returned GENSEC context pointer.
@note The mem_ctx is only a parent and may be NULL.
*/
-NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security)
+NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx,
+ struct gensec_security **gensec_security,
+ struct event_context *ev)
{
NTSTATUS status;
- status = gensec_start(mem_ctx, gensec_security);
+ status = gensec_start(mem_ctx, gensec_security, ev);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -295,10 +308,12 @@ NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, struct gensec_security **gense
@param gensec_security Returned GENSEC context pointer.
@note The mem_ctx is only a parent and may be NULL.
*/
-NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx, struct gensec_security **gensec_security)
+NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
+ struct gensec_security **gensec_security,
+ struct event_context *ev)
{
NTSTATUS status;
- status = gensec_start(mem_ctx, gensec_security);
+ status = gensec_start(mem_ctx, gensec_security, ev);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index be6731abfa..2951e13dd9 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -109,6 +109,7 @@ struct gensec_security {
enum gensec_role gensec_role;
BOOL subcontext;
uint32_t want_features;
+ struct event_context *event_ctx;
};
/* this structure is used by backends to determine the size of some critical types */
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index ab214578dd..e50fe58305 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -800,7 +800,9 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
}
- nt_status = auth_context_create(gensec_ntlmssp_state, lp_auth_methods(), &gensec_ntlmssp_state->auth_context);
+ nt_status = auth_context_create(gensec_ntlmssp_state, lp_auth_methods(),
+ &gensec_ntlmssp_state->auth_context,
+ gensec_security->event_ctx);
NT_STATUS_NOT_OK_RETURN(nt_status);
gensec_ntlmssp_state->get_challenge = auth_ntlmssp_get_challenge;