summaryrefslogtreecommitdiff
path: root/auth/gensec
diff options
context:
space:
mode:
Diffstat (limited to 'auth/gensec')
-rw-r--r--auth/gensec/gensec.h14
-rw-r--r--auth/gensec/gensec_start.c52
-rw-r--r--auth/gensec/spnego.c8
3 files changed, 40 insertions, 34 deletions
diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h
index d0bc451b4e..ac1fadfeef 100644
--- a/auth/gensec/gensec.h
+++ b/auth/gensec/gensec.h
@@ -85,7 +85,7 @@ struct gensec_settings {
/* this allows callers to specify a specific set of ops that
* should be used, rather than those loaded by the plugin
* mechanism */
- struct gensec_security_ops **backends;
+ const struct gensec_security_ops * const *backends;
/* To fill in our own name in the NTLMSSP server */
const char *server_dns_domain;
@@ -179,7 +179,7 @@ const struct gensec_security_ops *gensec_security_by_sasl_name(struct gensec_sec
const struct gensec_security_ops *gensec_security_by_auth_type(
struct gensec_security *gensec_security,
uint32_t auth_type);
-struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gensec_security,
+const struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx);
const struct gensec_security_ops_wrapper *gensec_security_by_oid_list(
struct gensec_security *gensec_security,
@@ -243,11 +243,11 @@ NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
const DATA_BLOB *in,
DATA_BLOB *out);
-struct gensec_security_ops **gensec_security_all(void);
-bool gensec_security_ops_enabled(struct gensec_security_ops *ops, struct gensec_security *security);
-struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
- struct gensec_security_ops **old_gensec_list,
- struct cli_credentials *creds);
+const struct gensec_security_ops * const *gensec_security_all(void);
+bool gensec_security_ops_enabled(const struct gensec_security_ops *ops, struct gensec_security *security);
+const struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
+ const struct gensec_security_ops * const *old_gensec_list,
+ struct cli_credentials *creds);
NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security,
const char *sasl_name);
diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c
index 2874c138b2..3ae64d5683 100644
--- a/auth/gensec/gensec_start.c
+++ b/auth/gensec/gensec_start.c
@@ -33,17 +33,17 @@
#include "lib/util/samba_modules.h"
/* the list of currently registered GENSEC backends */
-static struct gensec_security_ops **generic_security_ops;
+static const struct gensec_security_ops **generic_security_ops;
static int gensec_num_backends;
/* Return all the registered mechs. Don't modify the return pointer,
- * but you may talloc_reference it if convient */
-_PUBLIC_ struct gensec_security_ops **gensec_security_all(void)
+ * but you may talloc_referen it if convient */
+_PUBLIC_ const struct gensec_security_ops * const *gensec_security_all(void)
{
return generic_security_ops;
}
-bool gensec_security_ops_enabled(struct gensec_security_ops *ops, struct gensec_security *security)
+bool gensec_security_ops_enabled(const struct gensec_security_ops *ops, struct gensec_security *security)
{
return lpcfg_parm_bool(security->settings->lp_ctx, NULL, "gensec", ops->name, ops->enabled);
}
@@ -68,11 +68,11 @@ bool gensec_security_ops_enabled(struct gensec_security_ops *ops, struct gensec_
* more compplex.
*/
-_PUBLIC_ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
- struct gensec_security_ops **old_gensec_list,
- struct cli_credentials *creds)
+_PUBLIC_ const struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
+ const struct gensec_security_ops * const *old_gensec_list,
+ struct cli_credentials *creds)
{
- struct gensec_security_ops **new_gensec_list;
+ const struct gensec_security_ops **new_gensec_list;
int i, j, num_mechs_in;
enum credentials_use_kerberos use_kerberos = CRED_AUTO_USE_KERBEROS;
@@ -84,7 +84,9 @@ _PUBLIC_ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_
/* noop */
}
- new_gensec_list = talloc_array(mem_ctx, struct gensec_security_ops *, num_mechs_in + 1);
+ new_gensec_list = talloc_array(mem_ctx,
+ const struct gensec_security_ops *,
+ num_mechs_in + 1);
if (!new_gensec_list) {
return NULL;
}
@@ -136,12 +138,12 @@ _PUBLIC_ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_
return new_gensec_list;
}
-_PUBLIC_ struct gensec_security_ops **gensec_security_mechs(
+_PUBLIC_ const struct gensec_security_ops **gensec_security_mechs(
struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx)
{
struct cli_credentials *creds = NULL;
- struct gensec_security_ops **backends = gensec_security_all();
+ const struct gensec_security_ops * const *backends = gensec_security_all();
if (gensec_security != NULL) {
creds = gensec_get_credentials(gensec_security);
@@ -159,7 +161,7 @@ static const struct gensec_security_ops *gensec_security_by_authtype(struct gens
uint8_t auth_type)
{
int i;
- struct gensec_security_ops **backends;
+ const struct gensec_security_ops **backends;
const struct gensec_security_ops *backend;
TALLOC_CTX *mem_ctx = talloc_new(gensec_security);
if (!mem_ctx) {
@@ -185,7 +187,7 @@ _PUBLIC_ const struct gensec_security_ops *gensec_security_by_oid(
const char *oid_string)
{
int i, j;
- struct gensec_security_ops **backends;
+ const struct gensec_security_ops **backends;
const struct gensec_security_ops *backend;
TALLOC_CTX *mem_ctx = talloc_new(gensec_security);
if (!mem_ctx) {
@@ -218,7 +220,7 @@ _PUBLIC_ const struct gensec_security_ops *gensec_security_by_sasl_name(
const char *sasl_name)
{
int i;
- struct gensec_security_ops **backends;
+ const struct gensec_security_ops **backends;
const struct gensec_security_ops *backend;
TALLOC_CTX *mem_ctx = talloc_new(gensec_security);
if (!mem_ctx) {
@@ -245,7 +247,7 @@ _PUBLIC_ const struct gensec_security_ops *gensec_security_by_auth_type(
uint32_t auth_type)
{
int i;
- struct gensec_security_ops **backends;
+ const struct gensec_security_ops **backends;
const struct gensec_security_ops *backend;
TALLOC_CTX *mem_ctx = talloc_new(gensec_security);
if (!mem_ctx) {
@@ -270,7 +272,7 @@ static const struct gensec_security_ops *gensec_security_by_name(struct gensec_s
const char *name)
{
int i;
- struct gensec_security_ops **backends;
+ const struct gensec_security_ops **backends;
const struct gensec_security_ops *backend;
TALLOC_CTX *mem_ctx = talloc_new(gensec_security);
if (!mem_ctx) {
@@ -306,7 +308,7 @@ static const struct gensec_security_ops **gensec_security_by_sasl_list(
const char **sasl_names)
{
const struct gensec_security_ops **backends_out;
- struct gensec_security_ops **backends;
+ const struct gensec_security_ops **backends;
int i, k, sasl_idx;
int num_backends_out = 0;
@@ -377,7 +379,7 @@ _PUBLIC_ const struct gensec_security_ops_wrapper *gensec_security_by_oid_list(
const char *skip)
{
struct gensec_security_ops_wrapper *backends_out;
- struct gensec_security_ops **backends;
+ const struct gensec_security_ops **backends;
int i, j, k, oid_idx;
int num_backends_out = 0;
@@ -451,7 +453,7 @@ _PUBLIC_ const struct gensec_security_ops_wrapper *gensec_security_by_oid_list(
static const char **gensec_security_oids_from_ops(
struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
- struct gensec_security_ops **ops,
+ const struct gensec_security_ops * const *ops,
const char *skip)
{
int i;
@@ -542,8 +544,10 @@ _PUBLIC_ const char **gensec_security_oids(struct gensec_security *gensec_securi
TALLOC_CTX *mem_ctx,
const char *skip)
{
- struct gensec_security_ops **ops
- = gensec_security_mechs(gensec_security, mem_ctx);
+ const struct gensec_security_ops **ops;
+
+ ops = gensec_security_mechs(gensec_security, mem_ctx);
+
return gensec_security_oids_from_ops(gensec_security, mem_ctx, ops, skip);
}
@@ -876,13 +880,13 @@ _PUBLIC_ NTSTATUS gensec_register(const struct gensec_security_ops *ops)
generic_security_ops = talloc_realloc(talloc_autofree_context(),
generic_security_ops,
- struct gensec_security_ops *,
+ const struct gensec_security_ops *,
gensec_num_backends+2);
if (!generic_security_ops) {
return NT_STATUS_NO_MEMORY;
}
- generic_security_ops[gensec_num_backends] = discard_const_p(struct gensec_security_ops, ops);
+ generic_security_ops[gensec_num_backends] = ops;
gensec_num_backends++;
generic_security_ops[gensec_num_backends] = NULL;
@@ -908,7 +912,7 @@ _PUBLIC_ const struct gensec_critical_sizes *gensec_interface_version(void)
return &critical_sizes;
}
-static int sort_gensec(struct gensec_security_ops **gs1, struct gensec_security_ops **gs2) {
+static int sort_gensec(const struct gensec_security_ops **gs1, const struct gensec_security_ops **gs2) {
return (*gs2)->priority - (*gs1)->priority;
}
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index 0eb6da1160..d90a50cb5e 100644
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -352,9 +352,11 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec
const DATA_BLOB in, DATA_BLOB *out)
{
int i,j;
- struct gensec_security_ops **all_ops
- = gensec_security_mechs(gensec_security, out_mem_ctx);
- for (i=0; all_ops[i]; i++) {
+ const struct gensec_security_ops **all_ops;
+
+ all_ops = gensec_security_mechs(gensec_security, out_mem_ctx);
+
+ for (i=0; all_ops && all_ops[i]; i++) {
bool is_spnego;
NTSTATUS nt_status;