summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-03-22 01:14:55 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:18:49 -0500
commit23149b3bb8257eeb1aeb15f165099bf3447ee05b (patch)
tree9cd22fb17797e835b355d23e2dd58d4a08643803
parent5a025d845a73c4ce5ebc0496b1257bb89ef401e6 (diff)
downloadsamba-23149b3bb8257eeb1aeb15f165099bf3447ee05b.tar.gz
samba-23149b3bb8257eeb1aeb15f165099bf3447ee05b.tar.bz2
samba-23149b3bb8257eeb1aeb15f165099bf3447ee05b.zip
r21925: Start to code up the gss acquire creds calls.
Jeremy. (This used to be commit 4a7fbc88520e8f5dfe53a7c5da68040271149da3)
-rw-r--r--source3/smbd/seal.c38
1 files changed, 32 insertions, 6 deletions
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c
index 9fa35601f8..e3c8b4f029 100644
--- a/source3/smbd/seal.c
+++ b/source3/smbd/seal.c
@@ -98,8 +98,14 @@ static void srv_free_encryption_context(struct smb_srv_trans_enc_ctx **pp_ec)
}
if (ec->es) {
- if (ec->es->smb_enc_type == SMB_TRANS_ENC_NTLM) {
- destroy_auth_ntlmssp(ec);
+ switch (ec->es->smb_enc_type) {
+ case SMB_TRANS_ENC_NTLM:
+ destroy_auth_ntlmssp(ec);
+ break;
+#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
+ case SMB_TRANS_ENC_GSS:
+ break;
+#endif
}
common_free_encryption_state(&ec->es);
}
@@ -128,12 +134,25 @@ static struct smb_srv_trans_enc_ctx *make_srv_encryption_context(enum smb_trans_
}
ZERO_STRUCTP(ec->es);
ec->es->smb_enc_type = smb_enc_type;
- if (smb_enc_type == SMB_TRANS_ENC_NTLM) {
- NTSTATUS status = make_auth_ntlmssp(ec);
- if (!NT_STATUS_IS_OK(status)) {
+ switch (smb_enc_type) {
+ case SMB_TRANS_ENC_NTLM:
+ {
+ NTSTATUS status = make_auth_ntlmssp(ec);
+ if (!NT_STATUS_IS_OK(status)) {
+ srv_free_encryption_context(&ec);
+ return NULL;
+ }
+ }
+ break;
+
+#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
+ case SMB_TRANS_ENC_GSS:
+ /* Acquire our credentials by calling gss_acquire_cred here. */
+ break;
+#endif
+ default:
srv_free_encryption_context(&ec);
return NULL;
- }
}
return ec;
}
@@ -183,6 +202,13 @@ NTSTATUS srv_encrypt_buffer(char *buffer, char **buf_out)
#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
static NTSTATUS srv_enc_spnego_gss_negotiate(unsigned char **ppdata, size_t *p_data_size, DATA_BLOB secblob)
{
+ if (!partial_srv_trans_enc_ctx) {
+ partial_srv_trans_enc_ctx = make_srv_encryption_context(SMB_TRANS_ENC_GSS);
+ if (!partial_srv_trans_enc_ctx) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+
return NT_STATUS_NOT_SUPPORTED;
}
#endif