diff options
author | Jeremy Allison <jra@samba.org> | 2007-03-22 01:14:55 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:18:49 -0500 |
commit | 23149b3bb8257eeb1aeb15f165099bf3447ee05b (patch) | |
tree | 9cd22fb17797e835b355d23e2dd58d4a08643803 | |
parent | 5a025d845a73c4ce5ebc0496b1257bb89ef401e6 (diff) | |
download | samba-23149b3bb8257eeb1aeb15f165099bf3447ee05b.tar.gz samba-23149b3bb8257eeb1aeb15f165099bf3447ee05b.tar.bz2 samba-23149b3bb8257eeb1aeb15f165099bf3447ee05b.zip |
r21925: Start to code up the gss acquire creds calls.
Jeremy.
(This used to be commit 4a7fbc88520e8f5dfe53a7c5da68040271149da3)
-rw-r--r-- | source3/smbd/seal.c | 38 |
1 files changed, 32 insertions, 6 deletions
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c index 9fa35601f8..e3c8b4f029 100644 --- a/source3/smbd/seal.c +++ b/source3/smbd/seal.c @@ -98,8 +98,14 @@ static void srv_free_encryption_context(struct smb_srv_trans_enc_ctx **pp_ec) } if (ec->es) { - if (ec->es->smb_enc_type == SMB_TRANS_ENC_NTLM) { - destroy_auth_ntlmssp(ec); + switch (ec->es->smb_enc_type) { + case SMB_TRANS_ENC_NTLM: + destroy_auth_ntlmssp(ec); + break; +#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) + case SMB_TRANS_ENC_GSS: + break; +#endif } common_free_encryption_state(&ec->es); } @@ -128,12 +134,25 @@ static struct smb_srv_trans_enc_ctx *make_srv_encryption_context(enum smb_trans_ } ZERO_STRUCTP(ec->es); ec->es->smb_enc_type = smb_enc_type; - if (smb_enc_type == SMB_TRANS_ENC_NTLM) { - NTSTATUS status = make_auth_ntlmssp(ec); - if (!NT_STATUS_IS_OK(status)) { + switch (smb_enc_type) { + case SMB_TRANS_ENC_NTLM: + { + NTSTATUS status = make_auth_ntlmssp(ec); + if (!NT_STATUS_IS_OK(status)) { + srv_free_encryption_context(&ec); + return NULL; + } + } + break; + +#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) + case SMB_TRANS_ENC_GSS: + /* Acquire our credentials by calling gss_acquire_cred here. */ + break; +#endif + default: srv_free_encryption_context(&ec); return NULL; - } } return ec; } @@ -183,6 +202,13 @@ NTSTATUS srv_encrypt_buffer(char *buffer, char **buf_out) #if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) static NTSTATUS srv_enc_spnego_gss_negotiate(unsigned char **ppdata, size_t *p_data_size, DATA_BLOB secblob) { + if (!partial_srv_trans_enc_ctx) { + partial_srv_trans_enc_ctx = make_srv_encryption_context(SMB_TRANS_ENC_GSS); + if (!partial_srv_trans_enc_ctx) { + return NT_STATUS_NO_MEMORY; + } + } + return NT_STATUS_NOT_SUPPORTED; } #endif |