librpc: gensec is our security provider abstraction, remove a void *

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/librpc/rpc/dcerpc.h b/source3/librpc/rpc/dcerpc.h
index f75dd8417b5b92410180b581f6e8f12003644c26..42429a1662a78fcd1ffc2e8ba55eefb49cc8b545 100644 (file)
--- a/source3/librpc/rpc/dcerpc.h
+++ b/source3/librpc/rpc/dcerpc.h
@@ -33,6 +33,7 @@
 #define SMB_RPC_INTERFACE_VERSION 1
 
 struct NL_AUTH_MESSAGE;
+struct gensec_security;
 
 /* auth state for all bind types. */
 
@@ -43,7 +44,7 @@ struct pipe_auth_data {
        bool hdr_signing;
        bool verified_bitmask1;
 
-       void *auth_ctx;
+       struct gensec_security *auth_ctx;
 
        /* Only the client code uses this for now */
        DATA_BLOB transport_session_key;

diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c
index 62358d5ec5c66de259fb39b4cbb1887d13756cb9..a9b24c8ec4d39bce686de2baa17383fb1d1c1c07 100644 (file)
--- a/source3/librpc/rpc/dcerpc_helpers.c
+++ b/source3/librpc/rpc/dcerpc_helpers.c
@@ -276,8 +276,7 @@ NTSTATUS dcerpc_guess_sizes(struct pipe_auth_data *auth,
        case DCERPC_AUTH_TYPE_NTLMSSP:
        case DCERPC_AUTH_TYPE_KRB5:
        case DCERPC_AUTH_TYPE_SCHANNEL:
-               gensec_security = talloc_get_type_abort(auth->auth_ctx,
-                                                       struct gensec_security);
+               gensec_security = auth->auth_ctx;
                *auth_len = gensec_sig_size(gensec_security, max_len);
                break;
        default:
@@ -469,8 +468,7 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth,
                status = NT_STATUS_OK;
                break;
        default:
-               gensec_security = talloc_get_type(auth->auth_ctx,
-                                                 struct gensec_security);
+               gensec_security = auth->auth_ctx;
                status = add_generic_auth_footer(gensec_security,
                                                 auth->auth_level,
                                                 rpc_out);
@@ -567,8 +565,7 @@ NTSTATUS dcerpc_check_auth(struct pipe_auth_data *auth,
        default:
                DEBUG(10, ("GENSEC auth\n"));
 
-               gensec_security = talloc_get_type(auth->auth_ctx,
-                                                 struct gensec_security);
+               gensec_security = auth->auth_ctx;
                status = get_generic_auth_footer(gensec_security,
                                                 auth->auth_level,
                                                 &data, &full_pkt,

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index d3a075f28d3fe10763edaf12f96848fdd947f249..dc07495bfe9669ea51a25a9ce560a665b05b3743 100644 (file)
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1007,8 +1007,7 @@ static NTSTATUS create_generic_auth_rpc_bind_req(struct rpc_pipe_client *cli,
        DATA_BLOB null_blob = data_blob_null;
        NTSTATUS status;
 
-       gensec_security = talloc_get_type_abort(cli->auth->auth_ctx,
-                                       struct gensec_security);
+       gensec_security = cli->auth->auth_ctx;
 
        DEBUG(5, ("create_generic_auth_rpc_bind_req: generate first token\n"));
        status = gensec_update(gensec_security, mem_ctx, null_blob, auth_token);
@@ -1860,8 +1859,7 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
                return;
 
        default:
-               gensec_security = talloc_get_type_abort(pauth->auth_ctx,
-                                               struct gensec_security);
+               gensec_security = pauth->auth_ctx;
 
                if (pkt->pfc_flags & DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN) {
                        if (pauth->client_hdr_signing) {
@@ -3185,8 +3183,7 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx,
                make_dup = true;
                break;
        default:
-               gensec_security = talloc_get_type(a->auth_ctx,
-                                                 struct gensec_security);
+               gensec_security = a->auth_ctx;
                status = gensec_session_key(gensec_security, mem_ctx, &sk);
                if (!NT_STATUS_IS_OK(status)) {
                        return status;

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 948abf31426abf67e21b19096b3a0f305266bb74..fecbae2362c64b60bec87f5fcd3d77e2ec765e49 100644 (file)
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -553,11 +553,7 @@ static NTSTATUS pipe_auth_verify_final(struct pipes_struct *p)
                return NT_STATUS_OK;
        }
 
-       gensec_security = talloc_get_type(p->auth.auth_ctx,
-                                         struct gensec_security);
-       if (gensec_security == NULL) {
-               return NT_STATUS_INTERNAL_ERROR;
-       }
+       gensec_security = p->auth.auth_ctx;
 
        ok = pipe_auth_generic_verify_final(p, gensec_security,
                                            p->auth.auth_level,
@@ -898,8 +894,7 @@ bool api_pipe_bind_auth3(struct pipes_struct *p, struct ncacn_packet *pkt)
                goto err;
        }
 
-       gensec_security = talloc_get_type(p->auth.auth_ctx,
-                                         struct gensec_security);
+       gensec_security = p->auth.auth_ctx;
 
        status = auth_generic_server_step(gensec_security,
                                          pkt, &auth_info.credentials,
@@ -1025,8 +1020,7 @@ static bool api_pipe_alter_context(struct pipes_struct *p,
                        goto err_exit;
                }
 
-               gensec_security = talloc_get_type(p->auth.auth_ctx,
-                                                 struct gensec_security);
+               gensec_security = p->auth.auth_ctx;
                status = auth_generic_server_step(gensec_security,
                                                  pkt,
                                                  &auth_info.credentials,