From e012ad9d8b7cea3a86841fe92b80627a6d07d459 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 2 Jan 2012 13:06:29 +1100 Subject: s3-librpc Call GSSAPI via the auth_generic layer and gensec This simplifies a lot of code, as we know we are always dealing with a struct gensec_security, and allows the gensec module being used to implement GSSAPI to be swapped when required for AD-server operation. Andrew Bartlett Signed-off-by: Stefan Metzmacher --- source3/auth/auth_generic.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/auth/auth_generic.c') diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c index e73c27b5eb..b2b862ee1c 100644 --- a/source3/auth/auth_generic.c +++ b/source3/auth/auth_generic.c @@ -29,6 +29,7 @@ #ifdef HAVE_KRB5 #include "libcli/auth/krb5_wrap.h" #endif +#include "librpc/crypto/gse.h" static NTSTATUS auth3_generate_session_info_pac(struct auth4_context *auth_ctx, TALLOC_CTX *mem_ctx, @@ -196,7 +197,7 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - gensec_settings->backends = talloc_zero_array(gensec_settings, struct gensec_security_ops *, 2); + gensec_settings->backends = talloc_zero_array(gensec_settings, struct gensec_security_ops *, 3); if (gensec_settings->backends == NULL) { TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; @@ -204,6 +205,10 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, gensec_settings->backends[0] = &gensec_ntlmssp3_server_ops; +#if defined(HAVE_KRB5) && defined(HAVE_GSS_WRAP_IOV) + gensec_settings->backends[1] = &gensec_gse_krb5_security_ops; +#endif + nt_status = gensec_server_start(tmp_ctx, gensec_settings, auth4_context, &gensec_security); -- cgit