From c4b8b3218229d425ed81caf8ec652a84ed4c8457 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Wed, 6 Aug 2014 10:58:21 -0400
Subject: Pass ctx and cred to external_xxx_auth functions

This allows external auth mechanisms to see all the data they may need.
---
 src/external.c    | 32 ++++++++++++++++----------------
 src/gss_auth.c    | 12 ++----------
 src/gss_ntlmssp.h | 16 ++++++----------
 3 files changed, 24 insertions(+), 36 deletions(-)

diff --git a/src/external.c b/src/external.c
index 4d04b71..02c54f1 100644
--- a/src/external.c
+++ b/src/external.c
@@ -27,34 +27,34 @@ uint32_t external_get_creds(struct gssntlm_name *name,
 #endif
 }
 
-uint32_t external_cli_auth(char *user, char *domain,
-                           gss_channel_bindings_t input_chan_bindings,
+uint32_t external_cli_auth(struct gssntlm_ctx *ctx,
+                           struct gssntlm_cred *cred,
                            uint32_t in_flags,
-                           uint32_t *neg_flags,
-                           struct ntlm_buffer *nego_msg,
-                           struct ntlm_buffer *chal_msg,
-                           struct ntlm_buffer *auth_msg,
-                           struct ntlm_key *exported_session_key)
+                           gss_channel_bindings_t input_chan_bindings)
 {
 #if HAVE_WBCLIENT
-    return winbind_cli_auth(user, domain, input_chan_bindings,
-                            in_flags, neg_flags,
-                            nego_msg, chal_msg, auth_msg,
-                            exported_session_key);
+    return winbind_cli_auth(cred->cred.external.user.data.user.name,
+                            cred->cred.external.user.data.user.domain,
+                            input_chan_bindings,
+                            in_flags, &ctx->neg_flags,
+                            &ctx->nego_msg, &ctx->chal_msg, &ctx->auth_msg,
+                            &ctx->exported_session_key);
 #else
     return ENOSYS;
 #endif
 }
 
-uint32_t external_srv_auth(char *user, char *domain,
-                           char *workstation, uint8_t *challenge,
+uint32_t external_srv_auth(struct gssntlm_ctx *ctx,
+                           struct gssntlm_cred *cred,
                            struct ntlm_buffer *nt_chal_resp,
                            struct ntlm_buffer *lm_chal_resp,
-                           struct ntlm_key *ntlmv2_key)
+                           struct ntlm_key *session_base_key)
 {
 #if HAVE_WBCLIENT
-    return winbind_srv_auth(user, domain, workstation, challenge,
-                            nt_chal_resp, lm_chal_resp, ntlmv2_key);
+    return winbind_srv_auth(cred->cred.external.user.data.user.name,
+                            cred->cred.external.user.data.user.domain,
+                            ctx->workstation, ctx->server_chal,
+                            nt_chal_resp, lm_chal_resp, session_base_key);
 #else
     return ENOSYS;
 #endif
diff --git a/src/gss_auth.c b/src/gss_auth.c
index 60f85a9..f6faa0f 100644
--- a/src/gss_auth.c
+++ b/src/gss_auth.c
@@ -280,12 +280,7 @@ uint32_t gssntlm_cli_auth(uint32_t *minor,
         break;
 
     case GSSNTLM_CRED_EXTERNAL:
-        retmin = external_cli_auth(cred->cred.external.user.data.user.name,
-                                   cred->cred.external.user.data.user.domain,
-                                   input_chan_bindings, in_flags,
-                                   &ctx->neg_flags, &ctx->nego_msg,
-                                   &ctx->chal_msg, &ctx->auth_msg,
-                                   &ctx->exported_session_key);
+        retmin = external_cli_auth(ctx, cred, in_flags, input_chan_bindings);
         if (retmin) {
             retmaj = GSS_S_FAILURE;
             goto done;
@@ -382,10 +377,7 @@ uint32_t gssntlm_srv_auth(uint32_t *minor,
         break;
 
     case GSSNTLM_CRED_EXTERNAL:
-        retmin = external_srv_auth(cred->cred.external.user.data.user.name,
-                                   cred->cred.external.user.data.user.domain,
-                                   ctx->workstation, ctx->server_chal,
-                                   nt_chal_resp, lm_chal_resp,
+        retmin = external_srv_auth(ctx, cred, nt_chal_resp, lm_chal_resp,
                                    key_exchange_key);
         if (retmin) {
             retmaj = GSS_S_FAILURE;
diff --git a/src/gss_ntlmssp.h b/src/gss_ntlmssp.h
index 55e6570..a0689c7 100644
--- a/src/gss_ntlmssp.h
+++ b/src/gss_ntlmssp.h
@@ -173,19 +173,15 @@ int gssntlm_copy_creds(struct gssntlm_cred *in, struct gssntlm_cred *out);
 uint32_t external_netbios_get_names(char **computer, char **domain);
 uint32_t external_get_creds(struct gssntlm_name *name,
                             struct gssntlm_cred *cred);
-uint32_t external_cli_auth(char *user, char *domain,
-                           gss_channel_bindings_t input_chan_bindings,
+uint32_t external_cli_auth(struct gssntlm_ctx *ctx,
+                           struct gssntlm_cred *cred,
                            uint32_t in_flags,
-                           uint32_t *neg_flags,
-                           struct ntlm_buffer *nego_msg,
-                           struct ntlm_buffer *chal_msg,
-                           struct ntlm_buffer *auth_msg,
-                           struct ntlm_key *exported_session_key);
-uint32_t external_srv_auth(char *user, char *domain,
-                           char *workstation, uint8_t *challenge,
+                           gss_channel_bindings_t input_chan_bindings);
+uint32_t external_srv_auth(struct gssntlm_ctx *ctx,
+                           struct gssntlm_cred *cred,
                            struct ntlm_buffer *nt_chal_resp,
                            struct ntlm_buffer *lm_chal_resp,
-                           struct ntlm_key *ntlmv2_key);
+                           struct ntlm_key *session_base_key);
 
 uint32_t netbios_get_names(char *computer_name,
                            char **netbios_host, char **netbios_domain);
-- 
cgit