summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-12-26 10:53:56 +1100
committerAndrew Bartlett <abartlet@samba.org>2011-12-28 22:39:19 +1100
commit4b7b26e3c05f0fe38fe6c843df48d665db75c0f6 (patch)
treece44a33eab44ae84e7df4c5a995882ce746730fa
parent1364eb7bd7e7e6035b8a8cf4da46481f3d1460f0 (diff)
downloadsamba-4b7b26e3c05f0fe38fe6c843df48d665db75c0f6.tar.gz
samba-4b7b26e3c05f0fe38fe6c843df48d665db75c0f6.tar.bz2
samba-4b7b26e3c05f0fe38fe6c843df48d665db75c0f6.zip
gensec: Allow an alternate set of modules to be specified
This will allow s3 to specify modules to use as a list, rather than needing to start the individual module with gensec_start_mech_by_ops() Andrew Bartlett
-rw-r--r--auth/gensec/gensec.h5
-rw-r--r--auth/gensec/gensec_start.c7
-rw-r--r--lib/param/loadparm.c2
3 files changed, 12 insertions, 2 deletions
diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h
index acfc54926c..9b2ac19fe1 100644
--- a/auth/gensec/gensec.h
+++ b/auth/gensec/gensec.h
@@ -77,6 +77,11 @@ struct tevent_req;
struct gensec_settings {
struct loadparm_context *lp_ctx;
const char *target_hostname;
+
+ /* this allows callers to specify a specific set of ops that
+ * should be used, rather than those loaded by the plugin
+ * mechanism */
+ struct gensec_security_ops **backends;
};
struct gensec_security_ops {
diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c
index c38b97050f..9576e53ec6 100644
--- a/auth/gensec/gensec_start.c
+++ b/auth/gensec/gensec_start.c
@@ -118,14 +118,19 @@ struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gense
TALLOC_CTX *mem_ctx)
{
struct gensec_security_ops **backends;
- backends = gensec_security_all();
if (!gensec_security) {
+ backends = gensec_security_all();
if (!talloc_reference(mem_ctx, backends)) {
return NULL;
}
return backends;
} else {
struct cli_credentials *creds = gensec_get_credentials(gensec_security);
+ if (gensec_security->settings->backends) {
+ backends = gensec_security->settings->backends;
+ } else {
+ backends = gensec_security_all();
+ }
if (!creds) {
if (!talloc_reference(mem_ctx, backends)) {
return NULL;
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 006fa8a6c1..949c404bf1 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -3727,7 +3727,7 @@ _PUBLIC_ char *lpcfg_tls_dhpfile(TALLOC_CTX *mem_ctx, struct loadparm_context *l
struct gensec_settings *lpcfg_gensec_settings(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
{
- struct gensec_settings *settings = talloc(mem_ctx, struct gensec_settings);
+ struct gensec_settings *settings = talloc_zero(mem_ctx, struct gensec_settings);
if (settings == NULL)
return NULL;
SMB_ASSERT(lp_ctx != NULL);