r26258: Use loadparm context in client_start function of gensec.

(This used to be commit bad1891cae2c688b17a6a2b932e754f51291035c)
author: Jelmer Vernooij <jelmer@samba.org> 2007-12-03 17:41:37 +0100
committer: Stefan Metzmacher <metze@samba.org> 2007-12-21 05:47:32 +0100
commit: 78416aff6c96a9db9df4f5d4a2907e5afe762748 (patch)
tree: 70e0e6681056602dd6be0c8f0479fc787f784276
parent: 133ee7014caecbe2236fa5bf2292a5f8c71e58ef (diff)
download: samba-78416aff6c96a9db9df4f5d4a2907e5afe762748.tar.gz
samba-78416aff6c96a9db9df4f5d4a2907e5afe762748.tar.bz2
samba-78416aff6c96a9db9df4f5d4a2907e5afe762748.zip
9 files changed, 34 insertions, 28 deletions
diff --git a/source4/auth/gensec/cyrus_sasl.c b/source4/auth/gensec/cyrus_sasl.c
index 0bce35e1c5..7ccdb1edec 100644
--- a/source4/auth/gensec/cyrus_sasl.c
+++ b/source4/auth/gensec/cyrus_sasl.c
@@ -112,7 +112,7 @@ static int gensec_sasl_dispose(struct gensec_sasl_state *gensec_sasl_state)
 	return 0;
 }
 
-static NTSTATUS gensec_sasl_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_sasl_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
 {
 	struct gensec_sasl_state *gensec_sasl_state;
 	const char *service = gensec_get_target_service(gensec_security);
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index b3ac64fdce..27981a7504 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -603,7 +603,7 @@ static NTSTATUS gensec_start_mech(struct gensec_security *gensec_security)
 	switch (gensec_security->gensec_role) {
 	case GENSEC_CLIENT:
 		if (gensec_security->ops->client_start) {
-			status = gensec_security->ops->client_start(gensec_security);
+			status = gensec_security->ops->client_start(gensec_security, global_loadparm);
 			if (!NT_STATUS_IS_OK(status)) {
 				DEBUG(2, ("Failed to start GENSEC client mech %s: %s\n",
 					  gensec_security->ops->name, nt_errstr(status))); 
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index 6263edd687..6b787d25aa 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -75,12 +75,15 @@ struct gensec_update_request {
 	} callback;
 };
 
+struct loadparm_context;
+
 struct gensec_security_ops {
 	const char *name;
 	const char *sasl_name;
 	uint8_t auth_type;  /* 0 if not offered on DCE-RPC */
 	const char **oid;  /* NULL if not offered by SPNEGO */
-	NTSTATUS (*client_start)(struct gensec_security *gensec_security);
+	NTSTATUS (*client_start)(struct gensec_security *gensec_security, 
+				 struct loadparm_context *lp_ctx);
 	NTSTATUS (*server_start)(struct gensec_security *gensec_security);
 	/**
 	   Determine if a packet has the right 'magic' for this mechanism
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index b3e5352410..1d8d5f057a 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -298,7 +298,7 @@ static NTSTATUS gensec_gssapi_sasl_server_start(struct gensec_security *gensec_s
 	return nt_status;
 }
 
-static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
 {
 	struct gensec_gssapi_state *gensec_gssapi_state;
 	struct cli_credentials *creds = gensec_get_credentials(gensec_security);
@@ -324,7 +324,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	nt_status = gensec_gssapi_start(gensec_security, global_loadparm);
+	nt_status = gensec_gssapi_start(gensec_security, lp_ctx);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		return nt_status;
 	}
@@ -334,7 +334,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 	gensec_gssapi_state->gss_oid = gss_mech_krb5;
 
 	principal = gensec_get_target_principal(gensec_security);
-	if (principal && lp_client_use_spnego_principal(global_loadparm)) {
+	if (principal && lp_client_use_spnego_principal(lp_ctx)) {
 		name_type = GSS_C_NULL_OID;
 	} else {
 		principal = talloc_asprintf(gensec_gssapi_state, "%s@%s", 
@@ -380,11 +380,11 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 	return NT_STATUS_OK;
 }
 
-static NTSTATUS gensec_gssapi_sasl_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_gssapi_sasl_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
 {
 	NTSTATUS nt_status;
 	struct gensec_gssapi_state *gensec_gssapi_state;
-	nt_status = gensec_gssapi_client_start(gensec_security);
+	nt_status = gensec_gssapi_client_start(gensec_security, lp_ctx);
 
 	if (NT_STATUS_IS_OK(nt_status)) {
 		gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index eb8c74533b..296f587827 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -210,7 +210,7 @@ static NTSTATUS gensec_fake_gssapi_krb5_server_start(struct gensec_security *gen
 	return nt_status;
 }
 
-static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
 {
 	struct gensec_krb5_state *gensec_krb5_state;
 	krb5_error_code ret;
@@ -322,9 +322,9 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
 	}
 }
 
-static NTSTATUS gensec_fake_gssapi_krb5_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_fake_gssapi_krb5_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
 {
-	NTSTATUS nt_status = gensec_krb5_client_start(gensec_security);
+	NTSTATUS nt_status = gensec_krb5_client_start(gensec_security, lp_ctx);
 
 	if (NT_STATUS_IS_OK(nt_status)) {
 		struct gensec_krb5_state *gensec_krb5_state;
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index 462fb26ba2..7da96560a1 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -218,7 +218,8 @@ static NTSTATUS schannel_server_start(struct gensec_security *gensec_security)
 	return NT_STATUS_OK;
 }
 
-static NTSTATUS schannel_client_start(struct gensec_security *gensec_security) 
+static NTSTATUS schannel_client_start(struct gensec_security *gensec_security, 
+				      struct loadparm_context *lp_ctx) 
 {
 	NTSTATUS status;
 	struct schannel_state *state;
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index ca82980f94..4a7c2e1d49 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -47,11 +47,11 @@ struct spnego_state {
 };
 
 
-static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
 {
 	struct spnego_state *spnego_state;
 
-	spnego_state = talloc(gensec_security, struct spnego_state);		
+	spnego_state = talloc(gensec_security, struct spnego_state);
 	if (!spnego_state) {
 		return NT_STATUS_NO_MEMORY;
 	}
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index e39e2d9407..5efc0a2eb1 100644
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -184,5 +184,6 @@ struct gensec_ntlmssp_state
 	struct auth_serversupplied_info *server_info;
 };
 
+struct loadparm_context;
 struct auth_session_info;
 #include "auth/ntlmssp/proto.h"
diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c
index bff9fc0b8a..49ba6d2409 100644
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -285,7 +285,8 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
 	return NT_STATUS_OK;
 }
 
-NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
+NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security,
+				     struct loadparm_context *lp_ctx)
 {
 	struct gensec_ntlmssp_state *gensec_ntlmssp_state;
 	NTSTATUS nt_status;
@@ -297,17 +298,17 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
 
 	gensec_ntlmssp_state->role = NTLMSSP_CLIENT;
 
-	gensec_ntlmssp_state->domain = lp_workgroup(global_loadparm);
+	gensec_ntlmssp_state->domain = lp_workgroup(lp_ctx);
 
-	gensec_ntlmssp_state->unicode = lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "unicode", true);
+	gensec_ntlmssp_state->unicode = lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "unicode", true);
 
-	gensec_ntlmssp_state->use_nt_response = lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "send_nt_reponse", true);
+	gensec_ntlmssp_state->use_nt_response = lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "send_nt_reponse", true);
 
-	gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(global_loadparm) 
-					      && (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "allow_lm_key", false)
-						  || lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "lm_key", false)));
+	gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(lp_ctx) 
+					      && (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "allow_lm_key", false)
+						  || lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "lm_key", false)));
 
-	gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(global_loadparm);
+	gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(lp_ctx);
 
 	gensec_ntlmssp_state->expected_state = NTLMSSP_INITIAL;
 
@@ -315,27 +316,27 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
 		NTLMSSP_NEGOTIATE_NTLM |
 		NTLMSSP_REQUEST_TARGET;
 
-	if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "128bit", true)) {
+	if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "128bit", true)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;		
 	}
 
-	if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "56bit", false)) {
+	if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "56bit", false)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;		
 	}
 
-	if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "lm_key", false)) {
+	if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "lm_key", false)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY;
 	}
 
-	if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "keyexchange", true)) {
+	if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "keyexchange", true)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;		
 	}
 
-	if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "alwayssign", true)) {
+	if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "alwayssign", true)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;		
 	}
 
-	if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "ntlm2", true)) {
+	if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "ntlm2", true)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;		
 	} else {
 		/* apparently we can't do ntlmv2 if we don't do ntlm2 */
author	Jelmer Vernooij <jelmer@samba.org>	2007-12-03 17:41:37 +0100
committer	Stefan Metzmacher <metze@samba.org>	2007-12-21 05:47:32 +0100
commit	78416aff6c96a9db9df4f5d4a2907e5afe762748 (patch)
tree	70e0e6681056602dd6be0c8f0479fc787f784276
parent	133ee7014caecbe2236fa5bf2292a5f8c71e58ef (diff)
download	samba-78416aff6c96a9db9df4f5d4a2907e5afe762748.tar.gz samba-78416aff6c96a9db9df4f5d4a2907e5afe762748.tar.bz2 samba-78416aff6c96a9db9df4f5d4a2907e5afe762748.zip