summaryrefslogtreecommitdiff
path: root/source4/auth/gensec
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-09-08 04:37:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:17:55 -0500
commitc062b12fbab7807f7c5ce7eabb664ea30fc3dd93 (patch)
tree1f37a966345b05711e39b96d7f1406fb27b4fa3c /source4/auth/gensec
parent2f6d723e1f0858469794ee92cbe9e4445a7276cf (diff)
downloadsamba-c062b12fbab7807f7c5ce7eabb664ea30fc3dd93.tar.gz
samba-c062b12fbab7807f7c5ce7eabb664ea30fc3dd93.tar.bz2
samba-c062b12fbab7807f7c5ce7eabb664ea30fc3dd93.zip
r18250: Add an ordering of GENSEC modules, so we do preferred modules first.
Andrew Bartlett (This used to be commit 0afb4d1992b3c93557dec1e1cdca467efc299853)
Diffstat (limited to 'source4/auth/gensec')
-rw-r--r--source4/auth/gensec/cyrus_sasl.c3
-rw-r--r--source4/auth/gensec/gensec.h11
-rw-r--r--source4/auth/gensec/gensec_krb5.c6
-rw-r--r--source4/auth/gensec/schannel.c3
-rw-r--r--source4/auth/gensec/spnego.c1
5 files changed, 20 insertions, 4 deletions
diff --git a/source4/auth/gensec/cyrus_sasl.c b/source4/auth/gensec/cyrus_sasl.c
index 2cb078ff36..34037a8087 100644
--- a/source4/auth/gensec/cyrus_sasl.c
+++ b/source4/auth/gensec/cyrus_sasl.c
@@ -308,7 +308,8 @@ static const struct gensec_security_ops gensec_sasl_security_ops = {
.wrap_packets = gensec_sasl_wrap_packets,
.unwrap_packets = gensec_sasl_unwrap_packets,
.have_feature = gensec_sasl_have_feature,
- .enabled = False,
+ .enabled = True,
+ .order = GENSEC_SASL
};
int gensec_sasl_log(void *context,
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index 8156866962..d127ed6734 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -32,6 +32,16 @@
#define GENSEC_OID_KERBEROS5_OLD "1 2 840 48018 1 2 2"
#define GENSEC_OID_KERBEROS5_USER2USER "1 2 840 113554 1 2 2 3"
+enum gensec_order {
+ GENSEC_SPNEGO,
+ GENSEC_GSSAPI,
+ GENSEC_KRB5,
+ GENSEC_SCHANNEL,
+ GENSEC_NTLMSSP,
+ GENSEC_SASL,
+ GENSEC_OTHER
+};
+
struct gensec_security;
struct gensec_target {
const char *principal;
@@ -127,6 +137,7 @@ struct gensec_security_ops {
uint32_t feature);
BOOL enabled;
BOOL kerberos;
+ enum gensec_order order;
};
struct gensec_security_ops_wrapper {
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index a63d7c4b1b..b9a1a0518e 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -729,7 +729,8 @@ static const struct gensec_security_ops gensec_fake_gssapi_krb5_security_ops = {
.session_info = gensec_krb5_session_info,
.have_feature = gensec_krb5_have_feature,
.enabled = False,
- .kerberos = True
+ .kerberos = True,
+ .order = GENSEC_KRB5
};
static const struct gensec_security_ops gensec_krb5_security_ops = {
@@ -743,7 +744,8 @@ static const struct gensec_security_ops gensec_krb5_security_ops = {
.wrap = gensec_krb5_wrap,
.unwrap = gensec_krb5_unwrap,
.enabled = True,
- .kerberos = True
+ .kerberos = True,
+ .order = GENSEC_KRB5
};
NTSTATUS gensec_krb5_init(void)
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index 983b76eafc..f58233c528 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -255,7 +255,8 @@ static const struct gensec_security_ops gensec_schannel_security_ops = {
.session_info = schannel_session_info,
.sig_size = schannel_sig_size,
.have_feature = schannel_have_feature,
- .enabled = True
+ .enabled = True,
+ .order = GENSEC_SCHANNEL
};
NTSTATUS gensec_schannel_init(void)
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index fa15176e77..1cafa83f4b 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -1040,6 +1040,7 @@ static const struct gensec_security_ops gensec_spnego_security_ops = {
.session_info = gensec_spnego_session_info,
.have_feature = gensec_spnego_have_feature,
.enabled = True,
+ .order = GENSEC_SPNEGO
};
NTSTATUS gensec_spnego_init(void)