sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-09 08:58:35 +03:00
Code

s3-auth supply s3 ntlmssp module via gensec_settings

Browse Source 
This will allow the supply of multiple modules in future
without duplicating the module selection logic.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Andrew Bartlett 2011-12-26 11:39:29 +11:00 committed by Stefan Metzmacher
parent 7b4f2fad54
commit c579b735d6
1 changed files with 11 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
source3/auth/auth_generic.c
View File

@ -79,6 +79,14 @@ NTSTATUS auth_generic_prepare(const struct tsocket_address *remote_address,
return NT_STATUS_NO_MEMORY;
}
gensec_settings->backends = talloc_zero_array(gensec_settings, struct gensec_security_ops *, 2);
if (gensec_settings->backends == NULL) {
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
gensec_settings->backends[0] = &gensec_ntlmssp3_server_ops;
nt_status = gensec_server_start(ans, gensec_settings,
NULL, &ans->gensec_security);
@ -115,8 +123,7 @@ NTSTATUS auth_generic_start(struct auth_generic_state *auth_ntlmssp_state, const
return NT_STATUS_NOT_IMPLEMENTED;
}
status = gensec_start_mech_by_ops(auth_ntlmssp_state->gensec_security,
&gensec_ntlmssp3_server_ops);
status = gensec_start_mech_by_oid(auth_ntlmssp_state->gensec_security, oid);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@ -153,28 +160,8 @@ NTSTATUS auth_generic_authtype_start(struct auth_generic_state *auth_ntlmssp_sta
return NT_STATUS_NOT_IMPLEMENTED;
}
gensec_want_feature(auth_ntlmssp_state->gensec_security,
GENSEC_FEATURE_DCE_STYLE);
gensec_want_feature(auth_ntlmssp_state->gensec_security,
GENSEC_FEATURE_ASYNC_REPLIES);
if (auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) {
gensec_want_feature(auth_ntlmssp_state->gensec_security,
GENSEC_FEATURE_SIGN);
} else if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
gensec_want_feature(auth_ntlmssp_state->gensec_security,
GENSEC_FEATURE_SIGN);
gensec_want_feature(auth_ntlmssp_state->gensec_security,
GENSEC_FEATURE_SEAL);
} else if (auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
/* Default features */
} else {
DEBUG(2,("auth_level %d not supported in DCE/RPC authentication\n",
auth_level));
return NT_STATUS_INVALID_PARAMETER;
}
status = gensec_start_mech_by_ops(auth_ntlmssp_state->gensec_security,
&gensec_ntlmssp3_server_ops);
status = gensec_start_mech_by_authtype(auth_ntlmssp_state->gensec_security,
auth_type, auth_level);
if (!NT_STATUS_IS_OK(status)) {
return status;
}