summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2009-09-26 20:55:18 +0200
committerJelmer Vernooij <jelmer@samba.org>2009-09-26 20:55:18 +0200
commit6a79ad7664ec3cbfa98638e15de6ba24983a84b1 (patch)
tree74372f08d64fb3fa3511803931140b66bd6a4570
parent52a17e5c32fdeb585e6217da705b254b5cf13986 (diff)
downloadsamba-6a79ad7664ec3cbfa98638e15de6ba24983a84b1.tar.gz
samba-6a79ad7664ec3cbfa98638e15de6ba24983a84b1.tar.bz2
samba-6a79ad7664ec3cbfa98638e15de6ba24983a84b1.zip
gensec: Avoid exposing lp_ctx on the API level.
-rw-r--r--source4/auth/gensec/gensec.c22
-rw-r--r--source4/auth/gensec/gensec.h2
-rw-r--r--source4/auth/gensec/spnego.c2
-rw-r--r--source4/ldap_server/ldap_backend.c2
4 files changed, 13 insertions, 15 deletions
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index 1addf937d0..5df9128d0a 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -40,10 +40,9 @@ _PUBLIC_ struct gensec_security_ops **gensec_security_all(void)
return generic_security_ops;
}
-bool gensec_security_ops_enabled(struct gensec_security_ops *ops,
- struct loadparm_context *lp_ctx)
+bool gensec_security_ops_enabled(struct gensec_security_ops *ops, struct gensec_security *security)
{
- return lp_parm_bool(lp_ctx, NULL, "gensec", ops->name, ops->enabled);
+ return lp_parm_bool(security->settings->lp_ctx, NULL, "gensec", ops->name, ops->enabled);
}
/* Sometimes we want to force only kerberos, sometimes we want to
@@ -147,9 +146,8 @@ static const struct gensec_security_ops *gensec_security_by_authtype(struct gens
}
backends = gensec_security_mechs(gensec_security, mem_ctx);
for (i=0; backends && backends[i]; i++) {
- if (!gensec_security_ops_enabled(backends[i],
- gensec_security->settings->lp_ctx))
- continue;
+ if (!gensec_security_ops_enabled(backends[i], gensec_security))
+ continue;
if (backends[i]->auth_type == auth_type) {
backend = backends[i];
talloc_free(mem_ctx);
@@ -175,7 +173,7 @@ const struct gensec_security_ops *gensec_security_by_oid(struct gensec_security
for (i=0; backends && backends[i]; i++) {
if (gensec_security != NULL &&
!gensec_security_ops_enabled(backends[i],
- gensec_security->settings->lp_ctx))
+ gensec_security))
continue;
if (backends[i]->oid) {
for (j=0; backends[i]->oid[j]; j++) {
@@ -205,7 +203,7 @@ const struct gensec_security_ops *gensec_security_by_sasl_name(struct gensec_sec
}
backends = gensec_security_mechs(gensec_security, mem_ctx);
for (i=0; backends && backends[i]; i++) {
- if (!gensec_security_ops_enabled(backends[i], gensec_security->settings->lp_ctx))
+ if (!gensec_security_ops_enabled(backends[i], gensec_security))
continue;
if (backends[i]->sasl_name
&& (strcmp(backends[i]->sasl_name, sasl_name) == 0)) {
@@ -232,7 +230,7 @@ static const struct gensec_security_ops *gensec_security_by_name(struct gensec_s
backends = gensec_security_mechs(gensec_security, mem_ctx);
for (i=0; backends && backends[i]; i++) {
if (gensec_security != NULL &&
- !gensec_security_ops_enabled(backends[i], gensec_security->settings->lp_ctx))
+ !gensec_security_ops_enabled(backends[i], gensec_security))
continue;
if (backends[i]->name
&& (strcmp(backends[i]->name, name) == 0)) {
@@ -278,7 +276,7 @@ const struct gensec_security_ops **gensec_security_by_sasl_list(struct gensec_se
* then looking in the supplied list */
for (i=0; backends && backends[i]; i++) {
if (gensec_security != NULL &&
- !gensec_security_ops_enabled(backends[i], gensec_security->settings->lp_ctx))
+ !gensec_security_ops_enabled(backends[i], gensec_security))
continue;
for (sasl_idx = 0; sasl_names[sasl_idx]; sasl_idx++) {
if (!backends[i]->sasl_name ||
@@ -349,7 +347,7 @@ const struct gensec_security_ops_wrapper *gensec_security_by_oid_list(struct gen
* then looking in the supplied list */
for (i=0; backends && backends[i]; i++) {
if (gensec_security != NULL &&
- !gensec_security_ops_enabled(backends[i], gensec_security->settings->lp_ctx))
+ !gensec_security_ops_enabled(backends[i], gensec_security))
continue;
if (!backends[i]->oid) {
continue;
@@ -418,7 +416,7 @@ const char **gensec_security_oids_from_ops(struct gensec_security *gensec_securi
for (i=0; ops && ops[i]; i++) {
if (gensec_security != NULL &&
- !gensec_security_ops_enabled(ops[i], gensec_security->settings->lp_ctx)) {
+ !gensec_security_ops_enabled(ops[i], gensec_security)) {
continue;
}
if (!ops[i]->oid) {
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index 3b27e0f733..8c1716e074 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -304,7 +304,7 @@ NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
DATA_BLOB *out);
struct gensec_security_ops **gensec_security_all(void);
-bool gensec_security_ops_enabled(struct gensec_security_ops *ops, struct loadparm_context *lp_ctx);
+bool gensec_security_ops_enabled(struct gensec_security_ops *ops, struct gensec_security *security);
struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
struct gensec_security_ops **old_gensec_list,
struct cli_credentials *creds);
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index 977d52ec10..a715085d06 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -338,7 +338,7 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec
NTSTATUS nt_status;
if (gensec_security != NULL &&
- !gensec_security_ops_enabled(all_ops[i], gensec_security->settings->lp_ctx))
+ !gensec_security_ops_enabled(all_ops[i], gensec_security))
continue;
if (!all_ops[i]->oid) {
diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
index a318e265b7..383c5bc4bf 100644
--- a/source4/ldap_server/ldap_backend.c
+++ b/source4/ldap_server/ldap_backend.c
@@ -195,7 +195,7 @@ NTSTATUS ldapsrv_backend_Init(struct ldapsrv_connection *conn)
= gensec_use_kerberos_mechs(conn, backends, conn->server_credentials);
int i, j = 0;
for (i = 0; ops && ops[i]; i++) {
- if (!gensec_security_ops_enabled(ops[i], conn->lp_ctx))
+ if (!lp_parm_bool(conn->lp_ctx, NULL, "gensec", ops[i]->name, ops[i]->enabled))
continue;
if (ops[i]->sasl_name && ops[i]->server_start) {