summaryrefslogtreecommitdiff
path: root/auth/gensec/gensec.c
AgeCommit message (Collapse)AuthorFilesLines
2012-01-13auth/gensec: make sure functions from gensec.c are in gensec.hStefan Metzmacher1-5/+5
metze
2012-01-12auth/gensec: add gensec_*max_update_size()Stefan Metzmacher1-0/+15
This is only a hint for the backend, which may want to fragment update tokens. metze
2011-10-24auth/gensec: fix missleading commentStefan Metzmacher1-1/+1
We don't talloc_reference for tsocket_addresses. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Oct 24 15:29:47 CEST 2011 on sn-devel-104
2011-10-18gensec: move event context from gensec_*_init() to gensec_update()Andrew Bartlett1-3/+4
This avoids keeping the event context around on a the gensec_security context structure long term. In the Samba3 server, the event context we either supply is a NULL pointer as no server-side modules currently use the event context. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18gensec: Refuse to seal if we did not negotiate to signAndrew Bartlett1-0/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18gensec: Assert that we have not been subject to a downgrade attack in ↵Andrew Bartlett1-1/+45
DCE/RPC clients Because of the calling convention, this is the best place to assert that we have not been subject to a downgrade attack on the negotiated features. (In DCE/RPC, this isn't a negotiation, the client simply specifies the level of protection that is required). Andrew Bartlett (some formatting fixes) Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-08-03gensec: clarify memory ownership for gensec_session_info() and ↵Andrew Bartlett1-4/+6
gensec_session_key() This is slightly less efficient, because we no longer keep a cache on the gensec structures, but much clearer in terms of memory ownership. Both gensec_session_info() and gensec_session_key() now take a mem_ctx and put the result only on that context. Some duplication of memory in the callers (who were rightly uncertain about who was the rightful owner of the returned memory) has been removed to compensate for the internal copy. Andrew Bartlett
2011-08-03gensec: Remove mem_ctx from calls that do not return memoryAndrew Bartlett1-4/+2
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03gensec: split GENSEC into mechanism-dependent and runtime functionsAndrew Bartlett1-0/+518
The startup and runtime functions that have no dependencies are moved into the top level. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>