mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
s3-auth Allow auth modules to provide an initialised GENSEC context
This will allow auth plugins such as auth_samba4 to provide an initialised GENSEC context to auth subsystem callers. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
This commit is contained in:
parent
a942401c1f
commit
6bcaba6f8a
@ -438,7 +438,7 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx,
|
||||
char **text_list)
|
||||
{
|
||||
auth_methods *list = NULL;
|
||||
auth_methods *t = NULL;
|
||||
auth_methods *t, *method = NULL;
|
||||
NTSTATUS nt_status;
|
||||
|
||||
if (!text_list) {
|
||||
@ -460,7 +460,14 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx,
|
||||
|
||||
(*auth_context)->auth_method_list = list;
|
||||
|
||||
return nt_status;
|
||||
/* Look for the first module to provide a start_gensec hook, and set that if provided */
|
||||
for (method = (*auth_context)->auth_method_list; method; method = method->next) {
|
||||
if (method->start_gensec) {
|
||||
(*auth_context)->start_gensec = method->start_gensec;
|
||||
break;
|
||||
}
|
||||
}
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
/***************************************************************************
|
||||
|
@ -21,6 +21,8 @@
|
||||
|
||||
#include "../auth/common_auth.h"
|
||||
|
||||
struct gensec_security;
|
||||
|
||||
struct extra_auth_info {
|
||||
struct dom_sid user_sid;
|
||||
struct dom_sid pgid_sid;
|
||||
@ -93,6 +95,9 @@ struct auth_context {
|
||||
const struct auth_usersupplied_info *user_info,
|
||||
struct auth_serversupplied_info **server_info);
|
||||
NTSTATUS (*nt_status_squash)(NTSTATUS nt_status);
|
||||
|
||||
NTSTATUS (*start_gensec)(TALLOC_CTX *mem_ctx, const char *oid_string,
|
||||
struct gensec_security **gensec_context);
|
||||
};
|
||||
|
||||
typedef struct auth_methods
|
||||
@ -114,6 +119,10 @@ typedef struct auth_methods
|
||||
void **my_private_data,
|
||||
TALLOC_CTX *mem_ctx);
|
||||
|
||||
/* Optional method allowing this module to provide a way to get a gensec context */
|
||||
NTSTATUS (*start_gensec)(TALLOC_CTX *mem_ctx, const char *oid_string,
|
||||
struct gensec_security **gensec_context);
|
||||
|
||||
/* Used to keep tabs on things like the cli for SMB server authentication */
|
||||
void *private_data;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user