r17171: Add a gensec function to determine the maximum negotiated buffer size,

and the maximum amount of user data that may be fitted into that.

This is used in the new SASL code, to correctly honour SASL buffer sizes.

Andrew Bartlett
(This used to be commit cbbe99d9c1f0262e67a495fb098cacc09fd78e05)

1 files changed, 18 insertions, 0 deletions

diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index 2d347b65b1..13ee95bad3 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -815,6 +815,24 @@ size_t gensec_sig_size(struct gensec_security *gensec_security, size_t data_size
 	return gensec_security->ops->sig_size(gensec_security, data_size);
 }
 
+size_t gensec_max_input_size(struct gensec_security *gensec_security) 
+{
+	if (!gensec_security->ops->max_input_size) {
+		return (1 << 17) - gensec_sig_size(gensec_security, 1 << 17);
+	}
+	
+	return gensec_security->ops->max_input_size(gensec_security);
+}
+
+size_t gensec_max_wrapped_size(struct gensec_security *gensec_security) 
+{
+	if (!gensec_security->ops->max_wrapped_size) {
+		return (1 << 17);
+	}
+	
+	return gensec_security->ops->max_wrapped_size(gensec_security);
+}
+
 _PUBLIC_ NTSTATUS gensec_wrap(struct gensec_security *gensec_security, 
 		     TALLOC_CTX *mem_ctx, 
 		     const DATA_BLOB *in,