diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-07-21 14:27:00 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2011-08-03 18:48:02 +1000 |
commit | 6bcaba6f8ab8bae874c67389e716dd3766309656 (patch) | |
tree | 34d58290bd9dd72d24faf902576b60eea6b47b0c | |
parent | a942401c1f6ee614080cee76c4364afbd729a446 (diff) | |
download | samba-6bcaba6f8ab8bae874c67389e716dd3766309656.tar.gz samba-6bcaba6f8ab8bae874c67389e716dd3766309656.tar.bz2 samba-6bcaba6f8ab8bae874c67389e716dd3766309656.zip |
s3-auth Allow auth modules to provide an initialised GENSEC context
This will allow auth plugins such as auth_samba4 to provide an initialised
GENSEC context to auth subsystem callers.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r-- | source3/auth/auth.c | 11 | ||||
-rw-r--r-- | source3/include/auth.h | 9 |
2 files changed, 18 insertions, 2 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c index a7fe1c624c..df93e0d27a 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -438,7 +438,7 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx, char **text_list) { auth_methods *list = NULL; - auth_methods *t = NULL; + auth_methods *t, *method = NULL; NTSTATUS nt_status; if (!text_list) { @@ -460,7 +460,14 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx, (*auth_context)->auth_method_list = list; - return nt_status; + /* Look for the first module to provide a start_gensec hook, and set that if provided */ + for (method = (*auth_context)->auth_method_list; method; method = method->next) { + if (method->start_gensec) { + (*auth_context)->start_gensec = method->start_gensec; + break; + } + } + return NT_STATUS_OK; } /*************************************************************************** diff --git a/source3/include/auth.h b/source3/include/auth.h index 4f7cb9bb14..3545e27d20 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -21,6 +21,8 @@ #include "../auth/common_auth.h" +struct gensec_security; + struct extra_auth_info { struct dom_sid user_sid; struct dom_sid pgid_sid; @@ -93,6 +95,9 @@ struct auth_context { const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); NTSTATUS (*nt_status_squash)(NTSTATUS nt_status); + + NTSTATUS (*start_gensec)(TALLOC_CTX *mem_ctx, const char *oid_string, + struct gensec_security **gensec_context); }; typedef struct auth_methods @@ -114,6 +119,10 @@ typedef struct auth_methods void **my_private_data, TALLOC_CTX *mem_ctx); + /* Optional method allowing this module to provide a way to get a gensec context */ + NTSTATUS (*start_gensec)(TALLOC_CTX *mem_ctx, const char *oid_string, + struct gensec_security **gensec_context); + /* Used to keep tabs on things like the cli for SMB server authentication */ void *private_data; |