diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2006-09-05 09:42:54 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:17:11 -0500 |
| commit | c3b54cf75b6aaa5448afbd4e3fd68b31d69e35fd (patch) | |
| tree | b724aae49a75a89b469ab4392b4295713a97eddc /source4/auth/gensec/gensec.c | |
| parent | 8e9c4e83fa02642d6c8671e9fe0108f417c9268f (diff) | |
| download | samba-c3b54cf75b6aaa5448afbd4e3fd68b31d69e35fd.tar.gz samba-c3b54cf75b6aaa5448afbd4e3fd68b31d69e35fd.tar.bz2 samba-c3b54cf75b6aaa5448afbd4e3fd68b31d69e35fd.zip | |
r18068: This splits the handling of multiple SASL packets between the GENSEC
backend (if it chooses to implement it), or the GENSEC socket code.
This is to allow us to handle DIGEST-MD5 across to cyrus-sasl.
Andrew Bartlett
(This used to be commit 0a098006b431f4aa48632a27ca08e9adca8d9609)
Diffstat (limited to 'source4/auth/gensec/gensec.c')
| -rw-r--r-- | source4/auth/gensec/gensec.c | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c index 7825949bdc..839b538eeb 100644 --- a/source4/auth/gensec/gensec.c +++ b/source4/auth/gensec/gensec.c @@ -4,7 +4,7 @@ Generic Authentication Interface Copyright (C) Andrew Tridgell 2003 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005 + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2006 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -51,7 +51,9 @@ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx, int i, j, num_mechs_in; if (use_kerberos == CRED_AUTO_USE_KERBEROS) { - talloc_reference(mem_ctx, old_gensec_list); + if (!talloc_reference(mem_ctx, old_gensec_list)) { + return NULL; + } return old_gensec_list; } @@ -103,13 +105,17 @@ struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gense struct gensec_security_ops **backends; backends = gensec_security_all(); if (!gensec_security) { - talloc_reference(mem_ctx, backends); + if (!talloc_reference(mem_ctx, backends)) { + return NULL; + } return backends; } else { enum credentials_use_kerberos use_kerberos; struct cli_credentials *creds = gensec_get_credentials(gensec_security); if (!creds) { - talloc_reference(mem_ctx, backends); + if (!talloc_reference(mem_ctx, backends)) { + return NULL; + } return backends; } use_kerberos = cli_credentials_get_kerberos_state(creds); @@ -840,25 +846,25 @@ size_t gensec_sig_size(struct gensec_security *gensec_security, size_t data_size return gensec_security->ops->sig_size(gensec_security, data_size); } -size_t gensec_max_input_size(struct gensec_security *gensec_security) +size_t gensec_max_wrapped_size(struct gensec_security *gensec_security) { - if (!gensec_security->ops->max_input_size) { - return (1 << 17) - gensec_sig_size(gensec_security, 1 << 17); + if (!gensec_security->ops->max_wrapped_size) { + return (1 << 17); } - return gensec_security->ops->max_input_size(gensec_security); + return gensec_security->ops->max_wrapped_size(gensec_security); } -size_t gensec_max_wrapped_size(struct gensec_security *gensec_security) +size_t gensec_max_input_size(struct gensec_security *gensec_security) { - if (!gensec_security->ops->max_wrapped_size) { - return (1 << 17); + if (!gensec_security->ops->max_input_size) { + return (1 << 17) - gensec_sig_size(gensec_security, 1 << 17); } - return gensec_security->ops->max_wrapped_size(gensec_security); + return gensec_security->ops->max_input_size(gensec_security); } -_PUBLIC_ NTSTATUS gensec_wrap(struct gensec_security *gensec_security, +NTSTATUS gensec_wrap(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, const DATA_BLOB *in, DATA_BLOB *out) @@ -869,7 +875,7 @@ _PUBLIC_ NTSTATUS gensec_wrap(struct gensec_security *gensec_security, return gensec_security->ops->wrap(gensec_security, mem_ctx, in, out); } -_PUBLIC_ NTSTATUS gensec_unwrap(struct gensec_security *gensec_security, +NTSTATUS gensec_unwrap(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, const DATA_BLOB *in, DATA_BLOB *out) |