summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-01-12 16:12:02 +0100
committerStefan Metzmacher <metze@samba.org>2012-01-31 20:17:09 +0100
commitab364e987433bb5d5f7dd08e8ef74a32c0aa592a (patch)
tree1b6ade27840cbf1001866b912d1509b53dc5011b /source3/auth
parent2b1d7ac0603ce8fe5a76efa45c3f17f1680e5e66 (diff)
downloadsamba-ab364e987433bb5d5f7dd08e8ef74a32c0aa592a.tar.gz
samba-ab364e987433bb5d5f7dd08e8ef74a32c0aa592a.tar.bz2
samba-ab364e987433bb5d5f7dd08e8ef74a32c0aa592a.zip
s3:auth/auth_generic: make use of gensec_spnego in the server
metze
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_generic.c13
1 files changed, 9 insertions, 4 deletions
diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c
index 38968a790a..ca5a2afd47 100644
--- a/source3/auth/auth_generic.c
+++ b/source3/auth/auth_generic.c
@@ -181,7 +181,7 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx,
} else {
struct gensec_settings *gensec_settings;
struct loadparm_context *lp_ctx;
-
+ size_t idx = 0;
struct cli_credentials *server_credentials;
struct auth4_context *auth4_context = talloc_zero(tmp_ctx, struct auth4_context);
if (auth4_context == NULL) {
@@ -205,18 +205,23 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- gensec_settings->backends = talloc_zero_array(gensec_settings, struct gensec_security_ops *, 3);
+ gensec_settings->backends = talloc_zero_array(gensec_settings,
+ struct gensec_security_ops *, 4);
if (gensec_settings->backends == NULL) {
TALLOC_FREE(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
- gensec_settings->backends[0] = &gensec_ntlmssp3_server_ops;
+ gensec_settings->backends[idx++] = &gensec_ntlmssp3_server_ops;
#if defined(HAVE_KRB5) && defined(HAVE_GSS_WRAP_IOV)
- gensec_settings->backends[1] = &gensec_gse_krb5_security_ops;
+ gensec_settings->backends[idx++] = &gensec_gse_krb5_security_ops;
#endif
+ gensec_init();
+ gensec_settings->backends[idx++] = gensec_security_by_oid(NULL,
+ GENSEC_OID_SPNEGO);
+
/*
* This is anonymous for now, because we just use it
* to set the kerberos state at the moment