summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2006-12-12 21:47:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:29:12 -0500
commit38a472c994b5c4a02632bf55a044dfc12cf694fd (patch)
treeb76f59d3c0a48a64dbeaaa2bff56e98611895eab
parent6f733591330818fd3f7b79806098548fe7de650e (diff)
downloadsamba-38a472c994b5c4a02632bf55a044dfc12cf694fd.tar.gz
samba-38a472c994b5c4a02632bf55a044dfc12cf694fd.tar.bz2
samba-38a472c994b5c4a02632bf55a044dfc12cf694fd.zip
r20135: attach default gensec features to the cli_credentials structure,
so make it possible to force encryption or signing. metze (This used to be commit a91dc4a02a46370c52f59cbd4dea9580fa6efafa)
-rw-r--r--source4/auth/credentials/credentials.c11
-rw-r--r--source4/auth/credentials/credentials.h3
-rw-r--r--source4/auth/gensec/gensec.c2
3 files changed, 16 insertions, 0 deletions
diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c
index d4db0a0180..2a64a7c50c 100644
--- a/source4/auth/credentials/credentials.c
+++ b/source4/auth/credentials/credentials.c
@@ -63,6 +63,7 @@ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
cred->callback_running = False;
cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS);
+ cli_credentials_set_gensec_features(cred, 0);
return cred;
}
@@ -78,6 +79,16 @@ enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_cred
return creds->use_kerberos;
}
+void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features)
+{
+ creds->gensec_features = gensec_features;
+}
+
+uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds)
+{
+ return creds->gensec_features;
+}
+
/**
* Obtain the username for this credentials context.
diff --git a/source4/auth/credentials/credentials.h b/source4/auth/credentials/credentials.h
index 5e739b4278..e5dd5f66fc 100644
--- a/source4/auth/credentials/credentials.h
+++ b/source4/auth/credentials/credentials.h
@@ -106,6 +106,9 @@ struct cli_credentials {
/* Should we be trying to use kerberos? */
enum credentials_use_kerberos use_kerberos;
+ /* gensec features which should be used for connections */
+ uint32_t gensec_features;
+
/* Number of retries left before bailing out */
int tries;
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index 8c97a871ad..57bc1c6b5a 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -1047,6 +1047,8 @@ _PUBLIC_ BOOL gensec_have_feature(struct gensec_security *gensec_security,
_PUBLIC_ NTSTATUS gensec_set_credentials(struct gensec_security *gensec_security, struct cli_credentials *credentials)
{
gensec_security->credentials = talloc_reference(gensec_security, credentials);
+ NT_STATUS_HAVE_NO_MEMORY(gensec_security->credentials);
+ gensec_want_feature(gensec_security, cli_credentials_get_gensec_features(gensec_security->credentials));
return NT_STATUS_OK;
}