summaryrefslogtreecommitdiff
path: root/source4/librpc
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2008-11-02 02:05:48 +0100
committerJelmer Vernooij <jelmer@samba.org>2008-11-02 02:05:48 +0100
commitb034c519f53cffbac21c3db79ee24cdd8f1ce4a2 (patch)
treed27a5e0010bdaf1f9f47174cb244b90f3feb96a6 /source4/librpc
parent9265cb02d00843f43ba07d28093f959adf0738fe (diff)
downloadsamba-b034c519f53cffbac21c3db79ee24cdd8f1ce4a2.tar.gz
samba-b034c519f53cffbac21c3db79ee24cdd8f1ce4a2.tar.bz2
samba-b034c519f53cffbac21c3db79ee24cdd8f1ce4a2.zip
Add gensec_settings structure. This wraps loadparm_context for now, but
should in the future only contain some settings required for gensec.
Diffstat (limited to 'source4/librpc')
-rw-r--r--source4/librpc/rpc/dcerpc.h3
-rw-r--r--source4/librpc/rpc/dcerpc_auth.c8
-rw-r--r--source4/librpc/rpc/dcerpc_schannel.c3
-rw-r--r--source4/librpc/rpc/dcerpc_util.c15
4 files changed, 19 insertions, 10 deletions
diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h
index 2f0a34d88d..dfbe6ee7a6 100644
--- a/source4/librpc/rpc/dcerpc.h
+++ b/source4/librpc/rpc/dcerpc.h
@@ -40,6 +40,7 @@ enum dcerpc_transport_t {
this defines a generic security context for signed/sealed dcerpc pipes.
*/
struct dcerpc_connection;
+struct gensec_settings;
struct dcerpc_security {
struct dcerpc_auth *auth_info;
struct gensec_security *generic_state;
@@ -322,7 +323,7 @@ NTSTATUS dcerpc_alter_context(struct dcerpc_pipe *p,
NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p,
const struct ndr_interface_table *table,
struct cli_credentials *credentials,
- struct loadparm_context *lp_ctx,
+ struct gensec_settings *gensec_settings,
uint8_t auth_type, uint8_t auth_level,
const char *service);
struct composite_context* dcerpc_pipe_connect_send(TALLOC_CTX *parent_ctx,
diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c
index 2eced55967..7c9d04eeb4 100644
--- a/source4/librpc/rpc/dcerpc_auth.c
+++ b/source4/librpc/rpc/dcerpc_auth.c
@@ -222,7 +222,7 @@ struct composite_context *dcerpc_bind_auth_send(TALLOC_CTX *mem_ctx,
struct dcerpc_pipe *p,
const struct ndr_interface_table *table,
struct cli_credentials *credentials,
- struct loadparm_context *lp_ctx,
+ struct gensec_settings *gensec_settings,
uint8_t auth_type, uint8_t auth_level,
const char *service)
{
@@ -251,7 +251,7 @@ struct composite_context *dcerpc_bind_auth_send(TALLOC_CTX *mem_ctx,
c->status = gensec_client_start(p, &sec->generic_state,
p->conn->event_ctx,
- lp_ctx);
+ gensec_settings);
if (!NT_STATUS_IS_OK(c->status)) {
DEBUG(1, ("Failed to start GENSEC client mode: %s\n",
nt_errstr(c->status)));
@@ -387,12 +387,12 @@ NTSTATUS dcerpc_bind_auth_recv(struct composite_context *creq)
_PUBLIC_ NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p,
const struct ndr_interface_table *table,
struct cli_credentials *credentials,
- struct loadparm_context *lp_ctx,
+ struct gensec_settings *gensec_settings,
uint8_t auth_type, uint8_t auth_level,
const char *service)
{
struct composite_context *creq;
- creq = dcerpc_bind_auth_send(p, p, table, credentials, lp_ctx,
+ creq = dcerpc_bind_auth_send(p, p, table, credentials, gensec_settings,
auth_type, auth_level, service);
return dcerpc_bind_auth_recv(creq);
}
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index 13bbc3d51f..e3add82bf2 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -29,6 +29,7 @@
#include "librpc/gen_ndr/ndr_netlogon_c.h"
#include "auth/credentials/credentials.h"
#include "librpc/rpc/dcerpc_proto.h"
+#include "param/param.h"
struct schannel_key_state {
struct dcerpc_pipe *pipe;
@@ -319,7 +320,7 @@ static void continue_schannel_key(struct composite_context *ctx)
/* send bind auth request with received creds */
auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, s->credentials,
- s->lp_ctx,
+ lp_gensec_settings(c, s->lp_ctx),
DCERPC_AUTH_TYPE_SCHANNEL, s->auth_level,
NULL);
if (composite_nomem(auth_req, c)) return;
diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index ca6a785834..1847b20ee7 100644
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -421,7 +421,8 @@ static void continue_ntlmssp_connection(struct composite_context *ctx)
/* initiate a authenticated bind */
auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
- s->credentials, s->lp_ctx,
+ s->credentials,
+ lp_gensec_settings(c, s->lp_ctx),
DCERPC_AUTH_TYPE_NTLMSSP,
dcerpc_auth_level(s->pipe->conn),
s->table->authservices->names[0]);
@@ -453,7 +454,9 @@ static void continue_spnego_after_wrong_pass(struct composite_context *ctx)
/* initiate a authenticated bind */
auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
- s->credentials, s->lp_ctx, DCERPC_AUTH_TYPE_SPNEGO,
+ s->credentials,
+ lp_gensec_settings(c, s->lp_ctx),
+ DCERPC_AUTH_TYPE_SPNEGO,
dcerpc_auth_level(s->pipe->conn),
s->table->authservices->names[0]);
composite_continue(c, auth_req, continue_auth, c);
@@ -572,7 +575,9 @@ struct composite_context *dcerpc_pipe_auth_send(struct dcerpc_pipe *p,
} else {
/* try SPNEGO with fallback to NTLMSSP */
auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
- s->credentials, s->lp_ctx, DCERPC_AUTH_TYPE_SPNEGO,
+ s->credentials,
+ lp_gensec_settings(c, s->lp_ctx),
+ DCERPC_AUTH_TYPE_SPNEGO,
dcerpc_auth_level(conn),
s->table->authservices->names[0]);
composite_continue(c, auth_req, continue_auth_auto, c);
@@ -580,7 +585,9 @@ struct composite_context *dcerpc_pipe_auth_send(struct dcerpc_pipe *p,
}
auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
- s->credentials, s->lp_ctx, auth_type,
+ s->credentials,
+ lp_gensec_settings(c, s->lp_ctx),
+ auth_type,
dcerpc_auth_level(conn),
s->table->authservices->names[0]);
composite_continue(c, auth_req, continue_auth, c);