sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-07 12:23:51 +03:00
Code Activity

r26258: Use loadparm context in client_start function of gensec.

Browse Source
This commit is contained in:
Jelmer Vernooij
2007-12-03 17:41:37 +01:00
committed by Stefan Metzmacher
parent 2f69329288
commit bad1891cae
9 changed files with 34 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
source/auth/gensec/cyrus_sasl.c
View File

@@ -112,7 +112,7 @@ static int gensec_sasl_dispose(struct gensec_sasl_state *gensec_sasl_state)
return 0; return 0;
} }
static NTSTATUS gensec_sasl_client_start(struct gensec_security *gensec_security) static NTSTATUS gensec_sasl_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
{ {
struct gensec_sasl_state *gensec_sasl_state; struct gensec_sasl_state *gensec_sasl_state;
const char *service = gensec_get_target_service(gensec_security); const char *service = gensec_get_target_service(gensec_security);

2
source/auth/gensec/gensec.c
View File

@@ -603,7 +603,7 @@ static NTSTATUS gensec_start_mech(struct gensec_security *gensec_security)
switch (gensec_security->gensec_role) { switch (gensec_security->gensec_role) {
case GENSEC_CLIENT: case GENSEC_CLIENT:
if (gensec_security->ops->client_start) { if (gensec_security->ops->client_start) {
status = gensec_security->ops->client_start(gensec_security); status = gensec_security->ops->client_start(gensec_security, global_loadparm);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
DEBUG(2, ("Failed to start GENSEC client mech %s: %s\n", DEBUG(2, ("Failed to start GENSEC client mech %s: %s\n",
gensec_security->ops->name, nt_errstr(status))); gensec_security->ops->name, nt_errstr(status)));

5
source/auth/gensec/gensec.h
View File

@@ -75,12 +75,15 @@ struct gensec_update_request {
} callback; } callback;
}; };
struct loadparm_context;
struct gensec_security_ops { struct gensec_security_ops {
const char *name; const char *name;
const char *sasl_name; const char *sasl_name;
uint8_t auth_type; /* 0 if not offered on DCE-RPC */ uint8_t auth_type; /* 0 if not offered on DCE-RPC */
const char **oid; /* NULL if not offered by SPNEGO */ const char **oid; /* NULL if not offered by SPNEGO */
NTSTATUS (*client_start)(struct gensec_security *gensec_security); NTSTATUS (*client_start)(struct gensec_security *gensec_security,
struct loadparm_context *lp_ctx);
NTSTATUS (*server_start)(struct gensec_security *gensec_security); NTSTATUS (*server_start)(struct gensec_security *gensec_security);
/** /**
Determine if a packet has the right 'magic' for this mechanism Determine if a packet has the right 'magic' for this mechanism

10
source/auth/gensec/gensec_gssapi.c
View File

@@ -298,7 +298,7 @@ static NTSTATUS gensec_gssapi_sasl_server_start(struct gensec_security *gensec_s
return nt_status; return nt_status;
} }
static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_security) static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
{ {
struct gensec_gssapi_state *gensec_gssapi_state; struct gensec_gssapi_state *gensec_gssapi_state;
struct cli_credentials *creds = gensec_get_credentials(gensec_security); struct cli_credentials *creds = gensec_get_credentials(gensec_security);
@@ -324,7 +324,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
return NT_STATUS_INVALID_PARAMETER; return NT_STATUS_INVALID_PARAMETER;
} }
nt_status = gensec_gssapi_start(gensec_security, global_loadparm); nt_status = gensec_gssapi_start(gensec_security, lp_ctx);
if (!NT_STATUS_IS_OK(nt_status)) { if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status; return nt_status;
} }
@@ -334,7 +334,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
gensec_gssapi_state->gss_oid = gss_mech_krb5; gensec_gssapi_state->gss_oid = gss_mech_krb5;
principal = gensec_get_target_principal(gensec_security); principal = gensec_get_target_principal(gensec_security);
if (principal && lp_client_use_spnego_principal(global_loadparm)) { if (principal && lp_client_use_spnego_principal(lp_ctx)) {
name_type = GSS_C_NULL_OID; name_type = GSS_C_NULL_OID;
} else { } else {
principal = talloc_asprintf(gensec_gssapi_state, "%s@%s", principal = talloc_asprintf(gensec_gssapi_state, "%s@%s",
@@ -380,11 +380,11 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
return NT_STATUS_OK; return NT_STATUS_OK;
} }
static NTSTATUS gensec_gssapi_sasl_client_start(struct gensec_security *gensec_security) static NTSTATUS gensec_gssapi_sasl_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
{ {
NTSTATUS nt_status; NTSTATUS nt_status;
struct gensec_gssapi_state *gensec_gssapi_state; struct gensec_gssapi_state *gensec_gssapi_state;
nt_status = gensec_gssapi_client_start(gensec_security); nt_status = gensec_gssapi_client_start(gensec_security, lp_ctx);
if (NT_STATUS_IS_OK(nt_status)) { if (NT_STATUS_IS_OK(nt_status)) {
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state); gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);

6
source/auth/gensec/gensec_krb5.c
View File

@@ -210,7 +210,7 @@ static NTSTATUS gensec_fake_gssapi_krb5_server_start(struct gensec_security *gen
return nt_status; return nt_status;
} }
static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security) static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
{ {
struct gensec_krb5_state *gensec_krb5_state; struct gensec_krb5_state *gensec_krb5_state;
krb5_error_code ret; krb5_error_code ret;
@@ -322,9 +322,9 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
} }
} }
static NTSTATUS gensec_fake_gssapi_krb5_client_start(struct gensec_security *gensec_security) static NTSTATUS gensec_fake_gssapi_krb5_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
{ {
NTSTATUS nt_status = gensec_krb5_client_start(gensec_security); NTSTATUS nt_status = gensec_krb5_client_start(gensec_security, lp_ctx);
if (NT_STATUS_IS_OK(nt_status)) { if (NT_STATUS_IS_OK(nt_status)) {
struct gensec_krb5_state *gensec_krb5_state; struct gensec_krb5_state *gensec_krb5_state;

3
source/auth/gensec/schannel.c
View File

@@ -218,7 +218,8 @@ static NTSTATUS schannel_server_start(struct gensec_security *gensec_security)
return NT_STATUS_OK; return NT_STATUS_OK;
} }
static NTSTATUS schannel_client_start(struct gensec_security *gensec_security) static NTSTATUS schannel_client_start(struct gensec_security *gensec_security,
struct loadparm_context *lp_ctx)
{ {
NTSTATUS status; NTSTATUS status;
struct schannel_state *state; struct schannel_state *state;

2
source/auth/gensec/spnego.c
View File

@@ -47,7 +47,7 @@ struct spnego_state {
}; };
static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security) static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
{ {
struct spnego_state *spnego_state; struct spnego_state *spnego_state;

1
source/auth/ntlmssp/ntlmssp.h
View File

@@ -184,5 +184,6 @@ struct gensec_ntlmssp_state
struct auth_serversupplied_info *server_info; struct auth_serversupplied_info *server_info;
}; };
struct loadparm_context;
struct auth_session_info; struct auth_session_info;
#include "auth/ntlmssp/proto.h" #include "auth/ntlmssp/proto.h"

29
source/auth/ntlmssp/ntlmssp_client.c
View File

@@ -285,7 +285,8 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
return NT_STATUS_OK; return NT_STATUS_OK;
} }
NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security,
struct loadparm_context *lp_ctx)
{ {
struct gensec_ntlmssp_state *gensec_ntlmssp_state; struct gensec_ntlmssp_state *gensec_ntlmssp_state;
NTSTATUS nt_status; NTSTATUS nt_status;
@@ -297,17 +298,17 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
gensec_ntlmssp_state->role = NTLMSSP_CLIENT; gensec_ntlmssp_state->role = NTLMSSP_CLIENT;
gensec_ntlmssp_state->domain = lp_workgroup(global_loadparm); gensec_ntlmssp_state->domain = lp_workgroup(lp_ctx);
gensec_ntlmssp_state->unicode = lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "unicode", true); gensec_ntlmssp_state->unicode = lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "unicode", true);
gensec_ntlmssp_state->use_nt_response = lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "send_nt_reponse", true); gensec_ntlmssp_state->use_nt_response = lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "send_nt_reponse", true);
gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(global_loadparm) gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(lp_ctx)
&& (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "allow_lm_key", false) && (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "allow_lm_key", false)
|| lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "lm_key", false))); || lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "lm_key", false)));
gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(global_loadparm); gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(lp_ctx);
gensec_ntlmssp_state->expected_state = NTLMSSP_INITIAL; gensec_ntlmssp_state->expected_state = NTLMSSP_INITIAL;
@@ -315,27 +316,27 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_REQUEST_TARGET; NTLMSSP_REQUEST_TARGET;
if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "128bit", true)) { if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "128bit", true)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128; gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;
} }
if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "56bit", false)) { if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "56bit", false)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56; gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;
} }
if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "lm_key", false)) { if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "lm_key", false)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY; gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY;
} }
if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "keyexchange", true)) { if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "keyexchange", true)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH; gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;
} }
if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "alwayssign", true)) { if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "alwayssign", true)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
} }
if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "ntlm2", true)) { if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "ntlm2", true)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2; gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
} else { } else {
/* apparently we can't do ntlmv2 if we don't do ntlm2 */ /* apparently we can't do ntlmv2 if we don't do ntlm2 */