diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-12-26 11:39:29 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-05 17:17:28 +0100 |
commit | c579b735d6e5ba5345ae8e26477ab13c2646c84a (patch) | |
tree | 9472b81008fdb27d5582d7426c0cd32b156478a3 /source3 | |
parent | 7b4f2fad544137db3399e0daa04dd154ba10357d (diff) | |
download | samba-c579b735d6e5ba5345ae8e26477ab13c2646c84a.tar.gz samba-c579b735d6e5ba5345ae8e26477ab13c2646c84a.tar.bz2 samba-c579b735d6e5ba5345ae8e26477ab13c2646c84a.zip |
s3-auth supply s3 ntlmssp module via gensec_settings
This will allow the supply of multiple modules in future
without duplicating the module selection logic.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source3')
-rw-r--r-- | source3/auth/auth_generic.c | 35 |
1 files changed, 11 insertions, 24 deletions
diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c index 47723d57bb..9b65f24e73 100644 --- a/source3/auth/auth_generic.c +++ b/source3/auth/auth_generic.c @@ -79,6 +79,14 @@ NTSTATUS auth_generic_prepare(const struct tsocket_address *remote_address, return NT_STATUS_NO_MEMORY; } + gensec_settings->backends = talloc_zero_array(gensec_settings, struct gensec_security_ops *, 2); + if (gensec_settings->backends == NULL) { + TALLOC_FREE(ans); + return NT_STATUS_NO_MEMORY; + } + + gensec_settings->backends[0] = &gensec_ntlmssp3_server_ops; + nt_status = gensec_server_start(ans, gensec_settings, NULL, &ans->gensec_security); @@ -115,8 +123,7 @@ NTSTATUS auth_generic_start(struct auth_generic_state *auth_ntlmssp_state, const return NT_STATUS_NOT_IMPLEMENTED; } - status = gensec_start_mech_by_ops(auth_ntlmssp_state->gensec_security, - &gensec_ntlmssp3_server_ops); + status = gensec_start_mech_by_oid(auth_ntlmssp_state->gensec_security, oid); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -153,28 +160,8 @@ NTSTATUS auth_generic_authtype_start(struct auth_generic_state *auth_ntlmssp_sta return NT_STATUS_NOT_IMPLEMENTED; } - gensec_want_feature(auth_ntlmssp_state->gensec_security, - GENSEC_FEATURE_DCE_STYLE); - gensec_want_feature(auth_ntlmssp_state->gensec_security, - GENSEC_FEATURE_ASYNC_REPLIES); - if (auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) { - gensec_want_feature(auth_ntlmssp_state->gensec_security, - GENSEC_FEATURE_SIGN); - } else if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - gensec_want_feature(auth_ntlmssp_state->gensec_security, - GENSEC_FEATURE_SIGN); - gensec_want_feature(auth_ntlmssp_state->gensec_security, - GENSEC_FEATURE_SEAL); - } else if (auth_level == DCERPC_AUTH_LEVEL_CONNECT) { - /* Default features */ - } else { - DEBUG(2,("auth_level %d not supported in DCE/RPC authentication\n", - auth_level)); - return NT_STATUS_INVALID_PARAMETER; - } - - status = gensec_start_mech_by_ops(auth_ntlmssp_state->gensec_security, - &gensec_ntlmssp3_server_ops); + status = gensec_start_mech_by_authtype(auth_ntlmssp_state->gensec_security, + auth_type, auth_level); if (!NT_STATUS_IS_OK(status)) { return status; } |