diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-10-17 13:46:57 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-10-18 13:13:33 +1100 |
| commit | f88b686167d3cc0c8e2c6d00f12da4b0fccc767d (patch) | |
| tree | debc5387469efbee2b1576d892eaa4c1b4ee2f21 /source4/auth/gensec/gensec_krb5.c | |
| parent | 3f9ab2e8e7437ad2775ecd7b87c20804089b58cb (diff) | |
| download | samba-f88b686167d3cc0c8e2c6d00f12da4b0fccc767d.tar.gz samba-f88b686167d3cc0c8e2c6d00f12da4b0fccc767d.tar.bz2 samba-f88b686167d3cc0c8e2c6d00f12da4b0fccc767d.zip | |
gensec: move event-using code to gensec_update() hooks out of gensec_start*()
This ensures that only gensec_update() will require an event context argument
when the API is refactored.
Andrew Bartlett
Diffstat (limited to 'source4/auth/gensec/gensec_krb5.c')
| -rw-r--r-- | source4/auth/gensec/gensec_krb5.c | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index b3a20e4b63..f17245ccec 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -232,16 +232,9 @@ static NTSTATUS gensec_fake_gssapi_krb5_server_start(struct gensec_security *gen static NTSTATUS gensec_krb5_common_client_start(struct gensec_security *gensec_security, bool gssapi) { + const char *hostname; struct gensec_krb5_state *gensec_krb5_state; - krb5_error_code ret; NTSTATUS nt_status; - struct ccache_container *ccache_container; - const char *hostname; - const char *error_string; - const char *principal; - krb5_data in_data; - struct tevent_context *previous_ev; - hostname = gensec_get_target_hostname(gensec_security); if (!hostname) { DEBUG(1, ("Could not determine hostname for target computer, cannot use kerberos\n")); @@ -276,8 +269,24 @@ static NTSTATUS gensec_krb5_common_client_start(struct gensec_security *gensec_s gensec_krb5_state->ap_req_options |= AP_OPTS_MUTUAL_REQUIRED; } } + return NT_STATUS_OK; +} + +static NTSTATUS gensec_krb5_common_client_creds(struct gensec_security *gensec_security, bool gssapi) +{ + struct gensec_krb5_state *gensec_krb5_state; + krb5_error_code ret; + struct ccache_container *ccache_container; + const char *error_string; + const char *principal; + const char *hostname; + krb5_data in_data; + struct tevent_context *previous_ev; + + gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data; principal = gensec_get_target_principal(gensec_security); + hostname = gensec_get_target_hostname(gensec_security); ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), gensec_security->event_ctx, @@ -425,6 +434,11 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security, { DATA_BLOB unwrapped_out; + nt_status = gensec_krb5_common_client_creds(gensec_security, gensec_krb5_state->gssapi); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + if (gensec_krb5_state->gssapi) { unwrapped_out = data_blob_talloc(out_mem_ctx, gensec_krb5_state->enc_ticket.data, gensec_krb5_state->enc_ticket.length); |