diff options
author | Stefan Metzmacher <metze@samba.org> | 2012-01-12 16:12:02 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-31 20:17:09 +0100 |
commit | ab364e987433bb5d5f7dd08e8ef74a32c0aa592a (patch) | |
tree | 1b6ade27840cbf1001866b912d1509b53dc5011b | |
parent | 2b1d7ac0603ce8fe5a76efa45c3f17f1680e5e66 (diff) | |
download | samba-ab364e987433bb5d5f7dd08e8ef74a32c0aa592a.tar.gz samba-ab364e987433bb5d5f7dd08e8ef74a32c0aa592a.tar.bz2 samba-ab364e987433bb5d5f7dd08e8ef74a32c0aa592a.zip |
s3:auth/auth_generic: make use of gensec_spnego in the server
metze
-rw-r--r-- | source3/auth/auth_generic.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c index 38968a790a..ca5a2afd47 100644 --- a/source3/auth/auth_generic.c +++ b/source3/auth/auth_generic.c @@ -181,7 +181,7 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, } else { struct gensec_settings *gensec_settings; struct loadparm_context *lp_ctx; - + size_t idx = 0; struct cli_credentials *server_credentials; struct auth4_context *auth4_context = talloc_zero(tmp_ctx, struct auth4_context); if (auth4_context == NULL) { @@ -205,18 +205,23 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - gensec_settings->backends = talloc_zero_array(gensec_settings, struct gensec_security_ops *, 3); + gensec_settings->backends = talloc_zero_array(gensec_settings, + struct gensec_security_ops *, 4); if (gensec_settings->backends == NULL) { TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - gensec_settings->backends[0] = &gensec_ntlmssp3_server_ops; + gensec_settings->backends[idx++] = &gensec_ntlmssp3_server_ops; #if defined(HAVE_KRB5) && defined(HAVE_GSS_WRAP_IOV) - gensec_settings->backends[1] = &gensec_gse_krb5_security_ops; + gensec_settings->backends[idx++] = &gensec_gse_krb5_security_ops; #endif + gensec_init(); + gensec_settings->backends[idx++] = gensec_security_by_oid(NULL, + GENSEC_OID_SPNEGO); + /* * This is anonymous for now, because we just use it * to set the kerberos state at the moment |