summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-07-21 14:27:00 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-08-03 18:48:02 +1000
commit6bcaba6f8ab8bae874c67389e716dd3766309656 (patch)
tree34d58290bd9dd72d24faf902576b60eea6b47b0c
parenta942401c1f6ee614080cee76c4364afbd729a446 (diff)
downloadsamba-6bcaba6f8ab8bae874c67389e716dd3766309656.tar.gz
samba-6bcaba6f8ab8bae874c67389e716dd3766309656.tar.bz2
samba-6bcaba6f8ab8bae874c67389e716dd3766309656.zip
s3-auth Allow auth modules to provide an initialised GENSEC context
This will allow auth plugins such as auth_samba4 to provide an initialised GENSEC context to auth subsystem callers. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r--source3/auth/auth.c11
-rw-r--r--source3/include/auth.h9
2 files changed, 18 insertions, 2 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index a7fe1c624c..df93e0d27a 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -438,7 +438,7 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx,
char **text_list)
{
auth_methods *list = NULL;
- auth_methods *t = NULL;
+ auth_methods *t, *method = NULL;
NTSTATUS nt_status;
if (!text_list) {
@@ -460,7 +460,14 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx,
(*auth_context)->auth_method_list = list;
- return nt_status;
+ /* Look for the first module to provide a start_gensec hook, and set that if provided */
+ for (method = (*auth_context)->auth_method_list; method; method = method->next) {
+ if (method->start_gensec) {
+ (*auth_context)->start_gensec = method->start_gensec;
+ break;
+ }
+ }
+ return NT_STATUS_OK;
}
/***************************************************************************
diff --git a/source3/include/auth.h b/source3/include/auth.h
index 4f7cb9bb14..3545e27d20 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -21,6 +21,8 @@
#include "../auth/common_auth.h"
+struct gensec_security;
+
struct extra_auth_info {
struct dom_sid user_sid;
struct dom_sid pgid_sid;
@@ -93,6 +95,9 @@ struct auth_context {
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info);
NTSTATUS (*nt_status_squash)(NTSTATUS nt_status);
+
+ NTSTATUS (*start_gensec)(TALLOC_CTX *mem_ctx, const char *oid_string,
+ struct gensec_security **gensec_context);
};
typedef struct auth_methods
@@ -114,6 +119,10 @@ typedef struct auth_methods
void **my_private_data,
TALLOC_CTX *mem_ctx);
+ /* Optional method allowing this module to provide a way to get a gensec context */
+ NTSTATUS (*start_gensec)(TALLOC_CTX *mem_ctx, const char *oid_string,
+ struct gensec_security **gensec_context);
+
/* Used to keep tabs on things like the cli for SMB server authentication */
void *private_data;