DATA_BLOB *data, DATA_BLOB *full_pkt,
DATA_BLOB *auth_token)
{
+ if (gensec_security == NULL) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
switch (auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
status = NT_STATUS_OK;
break;
- case DCERPC_AUTH_TYPE_SPNEGO:
- case DCERPC_AUTH_TYPE_KRB5:
- case DCERPC_AUTH_TYPE_NTLMSSP:
- case DCERPC_AUTH_TYPE_SCHANNEL:
- gensec_security = talloc_get_type_abort(auth->auth_ctx,
- struct gensec_security);
+ default:
+ gensec_security = talloc_get_type(auth->auth_ctx,
+ struct gensec_security);
status = add_generic_auth_footer(gensec_security,
auth->auth_level,
rpc_out);
break;
- default:
- status = NT_STATUS_INVALID_PARAMETER;
- break;
}
return status;
case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
return NT_STATUS_OK;
- case DCERPC_AUTH_TYPE_SPNEGO:
- case DCERPC_AUTH_TYPE_KRB5:
- case DCERPC_AUTH_TYPE_NTLMSSP:
- case DCERPC_AUTH_TYPE_SCHANNEL:
-
+ default:
DEBUG(10, ("GENSEC auth\n"));
- gensec_security = talloc_get_type_abort(auth->auth_ctx,
- struct gensec_security);
+ gensec_security = talloc_get_type(auth->auth_ctx,
+ struct gensec_security);
status = get_generic_auth_footer(gensec_security,
auth->auth_level,
&data, &full_pkt,
return status;
}
break;
- default:
- DEBUG(0, ("process_request_pdu: "
- "unknown auth type %u set.\n",
- (unsigned int)auth->auth_type));
- return NT_STATUS_INVALID_PARAMETER;
}
/* TODO: remove later
NTSTATUS ret = NT_STATUS_OK;
switch (auth->auth_type) {
- case DCERPC_AUTH_TYPE_SCHANNEL:
- case DCERPC_AUTH_TYPE_NTLMSSP:
- case DCERPC_AUTH_TYPE_KRB5:
- case DCERPC_AUTH_TYPE_SPNEGO:
- ret = create_generic_auth_rpc_bind_req(cli, mem_ctx,
- &auth_token,
- &auth->client_hdr_signing);
-
- if (!NT_STATUS_IS_OK(ret) &&
- !NT_STATUS_EQUAL(ret, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- return ret;
- }
+ case DCERPC_AUTH_TYPE_NONE:
break;
case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
18);
break;
- case DCERPC_AUTH_TYPE_NONE:
- break;
-
default:
- /* "Can't" happen. */
- return NT_STATUS_INVALID_INFO_CLASS;
+ ret = create_generic_auth_rpc_bind_req(cli, mem_ctx,
+ &auth_token,
+ &auth->client_hdr_signing);
+
+ if (!NT_STATUS_IS_OK(ret) &&
+ !NT_STATUS_EQUAL(ret, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ return ret;
+ }
+ break;
}
if (auth_token.length != 0) {
tevent_req_done(req);
return;
- case DCERPC_AUTH_TYPE_SCHANNEL:
- case DCERPC_AUTH_TYPE_NTLMSSP:
- case DCERPC_AUTH_TYPE_SPNEGO:
- case DCERPC_AUTH_TYPE_KRB5:
+ default:
/* Paranoid lenght checks */
if (pkt->frag_length < DCERPC_AUTH_TRAILER_LENGTH
+ pkt->auth_length) {
return;
}
break;
-
- default:
- goto err_out;
}
/*
tevent_req_done(req);
return;
- case DCERPC_AUTH_TYPE_SCHANNEL:
- case DCERPC_AUTH_TYPE_NTLMSSP:
- case DCERPC_AUTH_TYPE_KRB5:
- case DCERPC_AUTH_TYPE_SPNEGO:
+ default:
gensec_security = talloc_get_type_abort(pauth->auth_ctx,
struct gensec_security);
&auth_token);
}
break;
-
- default:
- goto err_out;
}
if (!NT_STATUS_IS_OK(status)) {
tevent_req_nterror(req, status);
}
return;
-
-err_out:
- DEBUG(0,("cli_finish_bind_auth: unknown auth type %u\n",
- (unsigned int)state->cli->auth->auth_type));
- tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
}
static NTSTATUS rpc_bind_next_send(struct tevent_req *req,
}
switch (cli->auth->auth_type) {
- case DCERPC_AUTH_TYPE_SPNEGO:
- case DCERPC_AUTH_TYPE_NTLMSSP:
- case DCERPC_AUTH_TYPE_KRB5:
- gensec_security = talloc_get_type_abort(a->auth_ctx,
- struct gensec_security);
- status = gensec_session_key(gensec_security, mem_ctx, &sk);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- make_dup = false;
- break;
case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
case DCERPC_AUTH_TYPE_NONE:
sk = data_blob_const(a->transport_session_key.data,
make_dup = true;
break;
default:
+ gensec_security = talloc_get_type(a->auth_ctx,
+ struct gensec_security);
+ status = gensec_session_key(gensec_security, mem_ctx, &sk);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ make_dup = false;
break;
}