git.samba.org / ddiss / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1364eb7)
gensec: Allow an alternate set of modules to be specified
authorAndrew Bartlett <abartlet@samba.org>
Sun, 25 Dec 2011 23:53:56 +0000 (10:53 +1100)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 28 Dec 2011 11:39:19 +0000 (22:39 +1100)
This will allow s3 to specify modules to use as a list, rather than
needing to start the individual module with gensec_start_mech_by_ops()

Andrew Bartlett

auth/gensec/gensec.h patch | blob | history
auth/gensec/gensec_start.c patch | blob | history
lib/param/loadparm.c patch | blob | history

diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h
index acfc54926c42fce70620f4ecd61d46203bf7d972..9b2ac19fe1157f9237b14fe8205134b5a7f7ae99 100644 (file)
--- a/auth/gensec/gensec.h
+++ b/auth/gensec/gensec.h
@@ -77,6 +77,11 @@ struct tevent_req;
 struct gensec_settings {
        struct loadparm_context *lp_ctx;
        const char *target_hostname;
+
+       /* this allows callers to specify a specific set of ops that
+        * should be used, rather than those loaded by the plugin
+        * mechanism */
+       struct gensec_security_ops **backends;
 };
 
 struct gensec_security_ops {
diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c
index c38b97050f29c1abfe725d16e70fc1c9dd40cf4d..9576e53ec685b727eeebb5892c8ce9c43c8f97d6 100644 (file)
--- a/auth/gensec/gensec_start.c
+++ b/auth/gensec/gensec_start.c
@@ -118,14 +118,19 @@ struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gense
                                                   TALLOC_CTX *mem_ctx)
 {
        struct gensec_security_ops **backends;
-       backends = gensec_security_all();
        if (!gensec_security) {
+               backends = gensec_security_all();
                if (!talloc_reference(mem_ctx, backends)) {
                        return NULL;
                }
                return backends;
        } else {
                struct cli_credentials *creds = gensec_get_credentials(gensec_security);
+               if (gensec_security->settings->backends) {
+                       backends = gensec_security->settings->backends;
+               } else {
+                       backends = gensec_security_all();
+               }
                if (!creds) {
                        if (!talloc_reference(mem_ctx, backends)) {
                                return NULL;
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 006fa8a6c1516b0354dab34135a440901bcecf31..949c404bf17fed73e9aabc63e9a6aead471df87c 100644 (file)
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -3727,7 +3727,7 @@ _PUBLIC_ char *lpcfg_tls_dhpfile(TALLOC_CTX *mem_ctx, struct loadparm_context *l
 
 struct gensec_settings *lpcfg_gensec_settings(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
 {
-       struct gensec_settings *settings = talloc(mem_ctx, struct gensec_settings);
+       struct gensec_settings *settings = talloc_zero(mem_ctx, struct gensec_settings);
        if (settings == NULL)
                return NULL;
        SMB_ASSERT(lp_ctx != NULL);
ddiss' public Samba repository