auth: Make more of the ntlmssp code private or static
authorAndrew Bartlett <abartlet@samba.org>
Tue, 31 Jan 2012 10:20:34 +0000 (21:20 +1100)
committerStefan Metzmacher <metze@samba.org>
Fri, 17 Feb 2012 09:48:10 +0000 (10:48 +0100)
Now that there is only one gensec_ntlmssp server, some of these functions can be static

For the rest, put the implemtnation of the gensec_ntlmssp code into ntlmssp_private.h

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
auth/ntlmssp/gensec_ntlmssp_server.c
auth/ntlmssp/ntlmssp.h
auth/ntlmssp/ntlmssp_private.h
source3/libsmb/ntlmssp_wrap.c
source4/torture/auth/ntlmssp.c

index de86dd5..6ba3976 100644 (file)
@@ -81,8 +81,8 @@ NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security,
  * @return an 8 byte random challenge
  */
 
-NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
-                                   uint8_t chal[8])
+static NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
+                                          uint8_t chal[8])
 {
        struct gensec_ntlmssp_context *gensec_ntlmssp =
                talloc_get_type_abort(ntlmssp_state->callback_private,
@@ -107,7 +107,7 @@ NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
  *
  * @return If the effective challenge used by the auth subsystem may be modified
  */
-bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
+static bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
 {
        struct gensec_ntlmssp_context *gensec_ntlmssp =
                talloc_get_type_abort(ntlmssp_state->callback_private,
@@ -124,7 +124,7 @@ bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
  * NTLM2 authentication modifies the effective challenge,
  * @param challenge The new challenge value
  */
-NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge)
+static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge)
 {
        struct gensec_ntlmssp_context *gensec_ntlmssp =
                talloc_get_type_abort(ntlmssp_state->callback_private,
@@ -153,9 +153,9 @@ NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BL
  * Return the session keys used on the connection.
  */
 
-NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
-                                    TALLOC_CTX *mem_ctx,
-                                    DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
+static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
+                                           TALLOC_CTX *mem_ctx,
+                                           DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
 {
        struct gensec_ntlmssp_context *gensec_ntlmssp =
                talloc_get_type_abort(ntlmssp_state->callback_private,
index eb44913..0d6a64e 100644 (file)
@@ -22,8 +22,6 @@
 
 #include "../librpc/gen_ndr/ntlmssp.h"
 
-NTSTATUS gensec_ntlmssp_init(void);
-
 struct auth_context;
 struct auth_serversupplied_info;
 struct tsocket_address;
@@ -31,15 +29,6 @@ struct auth_user_info_dc;
 struct gensec_security;
 struct ntlmssp_state;
 
-struct gensec_ntlmssp_context {
-       /* For GENSEC users */
-       struct gensec_security *gensec_security;
-       void *server_returned_info;
-
-       /* used by both client and server implementation */
-       struct ntlmssp_state *ntlmssp_state;
-};
-
 /* NTLMSSP mode */
 enum ntlmssp_role
 {
@@ -189,51 +178,7 @@ NTSTATUS ntlmssp_unwrap(struct ntlmssp_state *ntlmssp_stae,
 NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state);
 
 bool ntlmssp_blob_matches_magic(const DATA_BLOB *blob);
-/* The following definitions come from ../source4/auth/ntlmssp/ntlmssp.c  */
-
-
-/**
- * Return the NTLMSSP master session key
- *
- * @param ntlmssp_state NTLMSSP State
- */
-NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security,
-                             const DATA_BLOB *first_packet);
-bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
-                                uint32_t feature);
-NTSTATUS gensec_ntlmssp_session_key(struct gensec_security *gensec_security,
-                                   TALLOC_CTX *mem_ctx,
-                                   DATA_BLOB *session_key);
-NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security);
-
-/* The following definitions come from ../source4/auth/ntlmssp/ntlmssp_sign.c  */
-
-NTSTATUS gensec_ntlmssp_sign_packet(struct gensec_security *gensec_security,
-                                   TALLOC_CTX *sig_mem_ctx,
-                                   const uint8_t *data, size_t length,
-                                   const uint8_t *whole_pdu, size_t pdu_length,
-                                   DATA_BLOB *sig);
-NTSTATUS gensec_ntlmssp_check_packet(struct gensec_security *gensec_security,
-                                    const uint8_t *data, size_t length,
-                                    const uint8_t *whole_pdu, size_t pdu_length,
-                                    const DATA_BLOB *sig);
-NTSTATUS gensec_ntlmssp_seal_packet(struct gensec_security *gensec_security,
-                                   TALLOC_CTX *sig_mem_ctx,
-                                   uint8_t *data, size_t length,
-                                   const uint8_t *whole_pdu, size_t pdu_length,
-                                   DATA_BLOB *sig);
-NTSTATUS gensec_ntlmssp_unseal_packet(struct gensec_security *gensec_security,
-                                     uint8_t *data, size_t length,
-                                     const uint8_t *whole_pdu, size_t pdu_length,
-                                     const DATA_BLOB *sig);
-size_t gensec_ntlmssp_sig_size(struct gensec_security *gensec_security, size_t data_size) ;
-NTSTATUS gensec_ntlmssp_wrap(struct gensec_security *gensec_security,
-                            TALLOC_CTX *out_mem_ctx,
-                            const DATA_BLOB *in,
-                            DATA_BLOB *out);
-NTSTATUS gensec_ntlmssp_unwrap(struct gensec_security *gensec_security,
-                              TALLOC_CTX *out_mem_ctx,
-                              const DATA_BLOB *in,
-                              DATA_BLOB *out);
+
+/* The following definitions come from auth/ntlmssp/gensec_ntlmssp.c  */
 
 NTSTATUS gensec_ntlmssp_init(void);
index 7953d8e..cd9f9db 100644 (file)
@@ -41,6 +41,15 @@ union ntlmssp_crypt_state {
        } ntlm2;
 };
 
+struct gensec_ntlmssp_context {
+       /* For GENSEC users */
+       struct gensec_security *gensec_security;
+       void *server_returned_info;
+
+       /* used by both client and server implementation */
+       struct ntlmssp_state *ntlmssp_state;
+};
+
 /* The following definitions come from auth/ntlmssp.c  */
 
 NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security,
@@ -94,7 +103,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
                                  const DATA_BLOB in, DATA_BLOB *out) ;
 NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security);
 
-/* The following definitions come from auth/ntlmssp/ntlmssp_server.c  */
+/* The following definitions come from auth/ntlmssp/gensec_ntlmssp_server.c  */
 
 
 /**
@@ -123,6 +132,12 @@ NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security,
                                    TALLOC_CTX *out_mem_ctx,
                                    const DATA_BLOB in, DATA_BLOB *out);
 
+/**
+ * Start NTLMSSP on the server side
+ *
+ */
+NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security);
+
 /**
  * Return the credentials of a logged on user, including session keys
  * etc.
@@ -136,39 +151,47 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security,
                                     TALLOC_CTX *mem_ctx,
                                     struct auth_session_info **session_info) ;
 
-/**
- * Start NTLMSSP on the server side
- *
- */
-NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security);
-
-/**
- * Return the challenge as determined by the authentication subsystem
- * @return an 8 byte random challenge
- */
-
-NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
-                                   uint8_t chal[8]);
-
-/**
- * Some authentication methods 'fix' the challenge, so we may not be able to set it
- *
- * @return If the effective challenge used by the auth subsystem may be modified
- */
-bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_state);
-
-/**
- * NTLM2 authentication modifies the effective challenge,
- * @param challenge The new challenge value
- */
-NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge);
+/* The following definitions come from auth/ntlmssp/gensec_ntlmssp.c  */
+
+NTSTATUS gensec_ntlmssp_sign_packet(struct gensec_security *gensec_security,
+                                   TALLOC_CTX *sig_mem_ctx,
+                                   const uint8_t *data, size_t length,
+                                   const uint8_t *whole_pdu, size_t pdu_length,
+                                   DATA_BLOB *sig);
+NTSTATUS gensec_ntlmssp_check_packet(struct gensec_security *gensec_security,
+                                    const uint8_t *data, size_t length,
+                                    const uint8_t *whole_pdu, size_t pdu_length,
+                                    const DATA_BLOB *sig);
+NTSTATUS gensec_ntlmssp_seal_packet(struct gensec_security *gensec_security,
+                                   TALLOC_CTX *sig_mem_ctx,
+                                   uint8_t *data, size_t length,
+                                   const uint8_t *whole_pdu, size_t pdu_length,
+                                   DATA_BLOB *sig);
+NTSTATUS gensec_ntlmssp_unseal_packet(struct gensec_security *gensec_security,
+                                     uint8_t *data, size_t length,
+                                     const uint8_t *whole_pdu, size_t pdu_length,
+                                     const DATA_BLOB *sig);
+size_t gensec_ntlmssp_sig_size(struct gensec_security *gensec_security, size_t data_size) ;
+NTSTATUS gensec_ntlmssp_wrap(struct gensec_security *gensec_security,
+                            TALLOC_CTX *out_mem_ctx,
+                            const DATA_BLOB *in,
+                            DATA_BLOB *out);
+NTSTATUS gensec_ntlmssp_unwrap(struct gensec_security *gensec_security,
+                              TALLOC_CTX *out_mem_ctx,
+                              const DATA_BLOB *in,
+                              DATA_BLOB *out);
 
 /**
- * Check the password on an NTLMSSP login.
+ * Return the NTLMSSP master session key
  *
- * Return the session keys used on the connection.
+ * @param ntlmssp_state NTLMSSP State
  */
+NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security,
+                             const DATA_BLOB *first_packet);
+bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
+                                uint32_t feature);
+NTSTATUS gensec_ntlmssp_session_key(struct gensec_security *gensec_security,
+                                   TALLOC_CTX *mem_ctx,
+                                   DATA_BLOB *session_key);
+NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security);
 
-NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
-                                    TALLOC_CTX *mem_ctx,
-                                    DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key);
index 1dda3fb..c0b1307 100644 (file)
@@ -20,6 +20,7 @@
 
 #include "includes.h"
 #include "auth/ntlmssp/ntlmssp.h"
+#include "auth/ntlmssp/ntlmssp_private.h"
 #include "auth_generic.h"
 #include "auth/gensec/gensec.h"
 #include "auth/credentials/credentials.h"
index db2f2db..bdaa65b 100644 (file)
@@ -20,6 +20,7 @@
 #include "includes.h"
 #include "auth/gensec/gensec.h"
 #include "auth/ntlmssp/ntlmssp.h"
+#include "auth/ntlmssp/ntlmssp_private.h"
 #include "lib/cmdline/popt_common.h"
 #include "torture/torture.h"
 #include "param/param.h"