From 6bcaba6f8ab8bae874c67389e716dd3766309656 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 21 Jul 2011 14:27:00 +1000 Subject: s3-auth Allow auth modules to provide an initialised GENSEC context This will allow auth plugins such as auth_samba4 to provide an initialised GENSEC context to auth subsystem callers. Andrew Bartlett Signed-off-by: Andrew Tridgell --- source3/auth/auth.c | 11 +++++++++-- source3/include/auth.h | 9 +++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/source3/auth/auth.c b/source3/auth/auth.c index a7fe1c624c..df93e0d27a 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -438,7 +438,7 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx, char **text_list) { auth_methods *list = NULL; - auth_methods *t = NULL; + auth_methods *t, *method = NULL; NTSTATUS nt_status; if (!text_list) { @@ -460,7 +460,14 @@ static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx, (*auth_context)->auth_method_list = list; - return nt_status; + /* Look for the first module to provide a start_gensec hook, and set that if provided */ + for (method = (*auth_context)->auth_method_list; method; method = method->next) { + if (method->start_gensec) { + (*auth_context)->start_gensec = method->start_gensec; + break; + } + } + return NT_STATUS_OK; } /*************************************************************************** diff --git a/source3/include/auth.h b/source3/include/auth.h index 4f7cb9bb14..3545e27d20 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -21,6 +21,8 @@ #include "../auth/common_auth.h" +struct gensec_security; + struct extra_auth_info { struct dom_sid user_sid; struct dom_sid pgid_sid; @@ -93,6 +95,9 @@ struct auth_context { const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); NTSTATUS (*nt_status_squash)(NTSTATUS nt_status); + + NTSTATUS (*start_gensec)(TALLOC_CTX *mem_ctx, const char *oid_string, + struct gensec_security **gensec_context); }; typedef struct auth_methods @@ -114,6 +119,10 @@ typedef struct auth_methods void **my_private_data, TALLOC_CTX *mem_ctx); + /* Optional method allowing this module to provide a way to get a gensec context */ + NTSTATUS (*start_gensec)(TALLOC_CTX *mem_ctx, const char *oid_string, + struct gensec_security **gensec_context); + /* Used to keep tabs on things like the cli for SMB server authentication */ void *private_data; -- cgit