r26258: Use loadparm context in client_start function of gensec.

author Jelmer Vernooij <jelmer@samba.org>

Mon, 3 Dec 2007 16:41:37 +0000 (17:41 +0100)

committer Stefan Metzmacher <metze@samba.org>

Fri, 21 Dec 2007 04:47:32 +0000 (05:47 +0100)
author Jelmer Vernooij <jelmer@samba.org>
Mon, 3 Dec 2007 16:41:37 +0000 (17:41 +0100)
committer Stefan Metzmacher <metze@samba.org>
Fri, 21 Dec 2007 04:47:32 +0000 (05:47 +0100)
diff --git a/source4/auth/gensec/cyrus_sasl.c b/source4/auth/gensec/cyrus_sasl.c

index 0bce35e1c58eb4eefa4fdbf9c55ac71d59a37fa0..7ccdb1edecedafa0ceda54cf92c50412d49e3b05 100644 (file)
--- a/source4/auth/gensec/cyrus_sasl.c
+++ b/source4/auth/gensec/cyrus_sasl.c
@@ -112,7 +112,7 @@ static int gensec_sasl_dispose(struct gensec_sasl_state *gensec_sasl_state)
         return 0;
  }
  
-static NTSTATUS gensec_sasl_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_sasl_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
  {
         struct gensec_sasl_state *gensec_sasl_state;
         const char *service = gensec_get_target_service(gensec_security);
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c

index b3ac64fdce20f83da28bf244584a1e45d766d269..27981a7504cbd094e04f6db22bd03b76bb780b78 100644 (file)
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -603,7 +603,7 @@ static NTSTATUS gensec_start_mech(struct gensec_security *gensec_security)
         switch (gensec_security->gensec_role) {
         case GENSEC_CLIENT:
                 if (gensec_security->ops->client_start) {
-                       status = gensec_security->ops->client_start(gensec_security);
+                       status = gensec_security->ops->client_start(gensec_security, global_loadparm);
                         if (!NT_STATUS_IS_OK(status)) {
                                 DEBUG(2, ("Failed to start GENSEC client mech %s: %s\n",
                                           gensec_security->ops->name, nt_errstr(status))); 
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h

index 6263edd687d02acb8daed65f08e4f823befafa77..6b787d25aa825077f88b6e9c16cad1ab8e009df1 100644 (file)
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -75,12 +75,15 @@ struct gensec_update_request {
         } callback;
  };
  
+struct loadparm_context;
+
  struct gensec_security_ops {
         const char *name;
         const char *sasl_name;
         uint8_t auth_type;  /* 0 if not offered on DCE-RPC */
         const char **oid;  /* NULL if not offered by SPNEGO */
-       NTSTATUS (*client_start)(struct gensec_security *gensec_security);
+       NTSTATUS (*client_start)(struct gensec_security *gensec_security, 
+                                struct loadparm_context *lp_ctx);
         NTSTATUS (*server_start)(struct gensec_security *gensec_security);
         /**
            Determine if a packet has the right 'magic' for this mechanism
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c

index b3e5352410c9cd43aebe90fe30835c4cad5ca098..1d8d5f057a3052200c509290f073055d28bceeb9 100644 (file)
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -298,7 +298,7 @@ static NTSTATUS gensec_gssapi_sasl_server_start(struct gensec_security *gensec_s
         return nt_status;
  }
  
-static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
  {
         struct gensec_gssapi_state *gensec_gssapi_state;
         struct cli_credentials *creds = gensec_get_credentials(gensec_security);
@@ -324,7 +324,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
                 return NT_STATUS_INVALID_PARAMETER;
         }
  
-       nt_status = gensec_gssapi_start(gensec_security, global_loadparm);
+       nt_status = gensec_gssapi_start(gensec_security, lp_ctx);
         if (!NT_STATUS_IS_OK(nt_status)) {
                 return nt_status;
         }
@@ -334,7 +334,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
         gensec_gssapi_state->gss_oid = gss_mech_krb5;
  
         principal = gensec_get_target_principal(gensec_security);
-       if (principal && lp_client_use_spnego_principal(global_loadparm)) {
+       if (principal && lp_client_use_spnego_principal(lp_ctx)) {
                 name_type = GSS_C_NULL_OID;
         } else {
                 principal = talloc_asprintf(gensec_gssapi_state, "%s@%s", 
@@ -380,11 +380,11 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
         return NT_STATUS_OK;
  }
  
-static NTSTATUS gensec_gssapi_sasl_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_gssapi_sasl_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
  {
         NTSTATUS nt_status;
         struct gensec_gssapi_state *gensec_gssapi_state;
-       nt_status = gensec_gssapi_client_start(gensec_security);
+       nt_status = gensec_gssapi_client_start(gensec_security, lp_ctx);
  
         if (NT_STATUS_IS_OK(nt_status)) {
                 gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c

index eb8c74533b09ecb797501f943d26ccd8f822f1d7..296f5878277c5b7c598a4be228ed15d530c09c39 100644 (file)
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -210,7 +210,7 @@ static NTSTATUS gensec_fake_gssapi_krb5_server_start(struct gensec_security *gen
         return nt_status;
  }
  
-static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
  {
         struct gensec_krb5_state *gensec_krb5_state;
         krb5_error_code ret;
@@ -322,9 +322,9 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
         }
  }
  
-static NTSTATUS gensec_fake_gssapi_krb5_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_fake_gssapi_krb5_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
  {
-       NTSTATUS nt_status = gensec_krb5_client_start(gensec_security);
+       NTSTATUS nt_status = gensec_krb5_client_start(gensec_security, lp_ctx);
  
         if (NT_STATUS_IS_OK(nt_status)) {
                 struct gensec_krb5_state *gensec_krb5_state;
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c

index 462fb26ba2355b90d5402c3c573699af9ee89385..7da96560a17d77869bf17f5dd40447caf38fcdad 100644 (file)
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -218,7 +218,8 @@ static NTSTATUS schannel_server_start(struct gensec_security *gensec_security)
         return NT_STATUS_OK;
  }
  
-static NTSTATUS schannel_client_start(struct gensec_security *gensec_security) 
+static NTSTATUS schannel_client_start(struct gensec_security *gensec_security, 
+                                     struct loadparm_context *lp_ctx) 
  {
         NTSTATUS status;
         struct schannel_state *state;
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c

index ca82980f941ff8e3047163d9264342033d82663f..4a7c2e1d491f312b75b1931b16ec0bab912affb9 100644 (file)
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -47,11 +47,11 @@ struct spnego_state {
  };
  
  
-static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security)
+static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security, struct loadparm_context *lp_ctx)
  {
         struct spnego_state *spnego_state;
  
-       spnego_state = talloc(gensec_security, struct spnego_state);            
+       spnego_state = talloc(gensec_security, struct spnego_state);
         if (!spnego_state) {
                 return NT_STATUS_NO_MEMORY;
         }
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h

index e39e2d9407a3e70d38fb2044e25fb3f58160819f..5efc0a2eb17736b8877669105d0be294f0cebf88 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -184,5 +184,6 @@ struct gensec_ntlmssp_state
         struct auth_serversupplied_info *server_info;
  };
  
+struct loadparm_context;
  struct auth_session_info;
  #include "auth/ntlmssp/proto.h"
diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c

index bff9fc0b8a7e62627a1ff72bb368be6b676e16e7..49ba6d2409dab05e1eb941673358d08afa4f45f9 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -285,7 +285,8 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
         return NT_STATUS_OK;
  }
  
-NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
+NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security,
+                                    struct loadparm_context *lp_ctx)
  {
         struct gensec_ntlmssp_state *gensec_ntlmssp_state;
         NTSTATUS nt_status;
@@ -297,17 +298,17 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
  
         gensec_ntlmssp_state->role = NTLMSSP_CLIENT;
  
-       gensec_ntlmssp_state->domain = lp_workgroup(global_loadparm);
+       gensec_ntlmssp_state->domain = lp_workgroup(lp_ctx);
  
-       gensec_ntlmssp_state->unicode = lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "unicode", true);
+       gensec_ntlmssp_state->unicode = lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "unicode", true);
  
-       gensec_ntlmssp_state->use_nt_response = lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "send_nt_reponse", true);
+       gensec_ntlmssp_state->use_nt_response = lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "send_nt_reponse", true);
  
-       gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(global_loadparm) 
-                                             && (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "allow_lm_key", false)
-                                                 || lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "lm_key", false)));
+       gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(lp_ctx) 
+                                             && (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "allow_lm_key", false)
+                                                 || lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "lm_key", false)));
  
-       gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(global_loadparm);
+       gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(lp_ctx);
  
         gensec_ntlmssp_state->expected_state = NTLMSSP_INITIAL;
  
@@ -315,27 +316,27 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
                 NTLMSSP_NEGOTIATE_NTLM |
                 NTLMSSP_REQUEST_TARGET;
  
-       if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "128bit", true)) {
+       if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "128bit", true)) {
                 gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;               
         }
  
-       if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "56bit", false)) {
+       if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "56bit", false)) {
                 gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;                
         }
  
-       if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "lm_key", false)) {
+       if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "lm_key", false)) {
                 gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY;
         }
  
-       if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "keyexchange", true)) {
+       if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "keyexchange", true)) {
                 gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;          
         }
  
-       if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "alwayssign", true)) {
+       if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "alwayssign", true)) {
                 gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;               
         }
  
-       if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "ntlm2", true)) {
+       if (lp_parm_bool(lp_ctx, NULL, "ntlmssp_client", "ntlm2", true)) {
                 gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;             
         } else {
                 /* apparently we can't do ntlmv2 if we don't do ntlm2 */
author	Jelmer Vernooij <jelmer@samba.org>
	Mon, 3 Dec 2007 16:41:37 +0000 (17:41 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 21 Dec 2007 04:47:32 +0000 (05:47 +0100)
source4/auth/gensec/cyrus_sasl.c		patch \| blob \| history
source4/auth/gensec/gensec.c		patch \| blob \| history
source4/auth/gensec/gensec.h		patch \| blob \| history
source4/auth/gensec/gensec_gssapi.c		patch \| blob \| history
source4/auth/gensec/gensec_krb5.c		patch \| blob \| history
source4/auth/gensec/schannel.c		patch \| blob \| history
source4/auth/gensec/spnego.c		patch \| blob \| history
source4/auth/ntlmssp/ntlmssp.h		patch \| blob \| history
source4/auth/ntlmssp/ntlmssp_client.c		patch \| blob \| history