Remove auth/ntlm as a dependency of GENSEC by means of function pointers.

When starting GENSEC on the server, the auth subsystem context must be
passed in, which now includes function pointers to the key elements.

This should (when the other dependencies are fixed up) allow GENSEC to
exist as a client or server library without bundling in too much of
our server code.

Andrew Bartlett

1 files changed, 7 insertions, 9 deletions

diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index f3f843b920..9abc6115e6 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -140,11 +140,13 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
 	if (!conn->gensec) {
 		conn->session_info = NULL;
 
-		status = gensec_server_start(conn,
-					     conn->connection->event.ctx,
-					     lp_gensec_settings(conn, conn->lp_ctx),
-					     conn->connection->msg_ctx,
-					     &conn->gensec);
+		status = samba_server_gensec_start(conn,
+						   conn->connection->event.ctx,
+						   conn->connection->msg_ctx,
+						   conn->lp_ctx,
+						   conn->server_credentials,
+						   "ldap",
+						   &conn->gensec);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
 			result = LDAP_OPERATIONS_ERROR;
@@ -152,10 +154,6 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
 						 nt_errstr(status));
 		} else {
 		
-			gensec_set_target_service(conn->gensec, "ldap");
-			
-			gensec_set_credentials(conn->gensec, conn->server_credentials);
-			
 			gensec_want_feature(conn->gensec, GENSEC_FEATURE_SIGN);
 			gensec_want_feature(conn->gensec, GENSEC_FEATURE_SEAL);
 			gensec_want_feature(conn->gensec, GENSEC_FEATURE_ASYNC_REPLIES);