auth:gensec: Add gensec_security_sasl_names()

Pair-Programmed-With: Andreas Schneider <asn@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h
index d424067d02c8fb25e08fdf36a3413d17aeb41ce0..fe26fff171a22f2d490bd06caeb55b84a5caee00 100644 (file)
--- a/auth/gensec/gensec.h
+++ b/auth/gensec/gensec.h
@@ -308,6 +308,8 @@ const struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx
 
 NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security,
                                        const char *sasl_name);
+const char **gensec_security_sasl_names(struct gensec_security *gensec_security,
+                                       TALLOC_CTX *mem_ctx);
 
 int gensec_setting_int(struct gensec_settings *settings, const char *mechanism, const char *name, int default_value);
 bool gensec_setting_bool(struct gensec_settings *settings, const char *mechanism, const char *name, bool default_value);

diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c
index d34ef2d5e39ff0c6d210ea0a7abb905dd6389fcc..2b88b08ffdff4b18dd9da2a2666c7b7c12724e67 100644 (file)
--- a/auth/gensec/gensec_start.c
+++ b/auth/gensec/gensec_start.c
@@ -301,6 +301,93 @@ const struct gensec_security_ops *gensec_security_by_name(struct gensec_security
        return NULL;
 }
 
+static const char **gensec_security_sasl_names_from_ops(
+       struct gensec_security *gensec_security,
+       TALLOC_CTX *mem_ctx,
+       const struct gensec_security_ops * const *ops)
+{
+       const char **sasl_names = NULL;
+       size_t i, sasl_names_count = 0;
+
+       if (ops == NULL) {
+               return NULL;
+       }
+
+       sasl_names = talloc_array(mem_ctx, const char *, 1);
+       if (sasl_names == NULL) {
+               return NULL;
+       }
+
+       for (i = 0; ops[i] != NULL; i++) {
+               enum gensec_role role = GENSEC_SERVER;
+               const char **tmp = NULL;
+
+               if (ops[i]->sasl_name == NULL) {
+                       continue;
+               }
+
+               if (gensec_security != NULL) {
+                       if (!gensec_security_ops_enabled(ops[i],
+                                                        gensec_security)) {
+                               continue;
+                       }
+
+                       role = gensec_security->gensec_role;
+               }
+
+               switch (role) {
+               case GENSEC_CLIENT:
+                       if (ops[i]->client_start == NULL) {
+                               continue;
+                       }
+                       break;
+               case GENSEC_SERVER:
+                       if (ops[i]->server_start == NULL) {
+                               continue;
+                       }
+                       break;
+               }
+
+               tmp = talloc_realloc(mem_ctx,
+                                    sasl_names,
+                                    const char *,
+                                    sasl_names_count + 2);
+               if (tmp == NULL) {
+                       TALLOC_FREE(sasl_names);
+                       return NULL;
+               }
+               sasl_names = tmp;
+
+               sasl_names[sasl_names_count] = ops[i]->sasl_name;
+               sasl_names_count++;
+       }
+       sasl_names[sasl_names_count] = NULL;
+
+       return sasl_names;
+}
+
+/**
+ * @brief Get the sasl names from the gensec security context.
+ *
+ * @param[in]  gensec_security The gensec security context.
+ *
+ * @param[in]  mem_ctx The memory context to allocate memory on.
+ *
+ * @return An allocated array with sasl names, NULL on error.
+ */
+_PUBLIC_
+const char **gensec_security_sasl_names(struct gensec_security *gensec_security,
+                                       TALLOC_CTX *mem_ctx)
+{
+       const struct gensec_security_ops **ops = NULL;
+
+       ops = gensec_security_mechs(gensec_security, mem_ctx);
+
+       return gensec_security_sasl_names_from_ops(gensec_security,
+                                                  mem_ctx,
+                                                  ops);
+}
+
 /**
  * Return a unique list of security subsystems from those specified in
  * the list of SASL names.