s3:gse: Implement gensec_gse_security_by_oid()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c
index 19530625bdecb047adbfd1abf46728e0c43aeda2..a5cfd69c5067e54710e1b0d5e595c546c00c940e 100644 (file)
--- a/source3/auth/auth_generic.c
+++ b/source3/auth/auth_generic.c
@@ -488,7 +488,8 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx,
 
                /* These need to be in priority order, krb5 before NTLMSSP */
 #if defined(HAVE_KRB5)
-               backends[idx++] = &gensec_gse_krb5_security_ops;
+               backends[idx++] = gensec_gse_security_by_oid(
+                       GENSEC_OID_KERBEROS5);
 #endif
 
                backends[idx++] = gensec_security_by_oid(NULL, GENSEC_OID_NTLMSSP);

diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c
index 6673b2ff75206b55a02b484aa83d2d64d1810ad4..426f1b3b015f525c59a28970e74664417d0a3ba5 100644 (file)
--- a/source3/libads/authdata.c
+++ b/source3/libads/authdata.c
@@ -272,7 +272,7 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx,
 
        gensec_init();
 
-       backends[idx++] = &gensec_gse_krb5_security_ops;
+       backends[idx++] = gensec_gse_security_by_oid(GENSEC_OID_KERBEROS5);
 
        status = gensec_server_start(tmp_ctx, gensec_settings,
                                        auth_context, &gensec_server_context);

diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c
index 2432143c2498f818646d17d64043154a07a0edb7..d52e3d84249e0f1f9d2fe5ea647fbc44cf13b6ed 100644 (file)
--- a/source3/librpc/crypto/gse.c
+++ b/source3/librpc/crypto/gse.c
@@ -1479,7 +1479,7 @@ static const char *gensec_gse_krb5_oids[] = {
        NULL
 };
 
-const struct gensec_security_ops gensec_gse_krb5_security_ops = {
+static const struct gensec_security_ops gensec_gse_krb5_security_ops = {
        .name           = "gse_krb5",
        .auth_type      = DCERPC_AUTH_TYPE_KRB5,
        .oid            = gensec_gse_krb5_oids,
@@ -1507,4 +1507,16 @@ const struct gensec_security_ops gensec_gse_krb5_security_ops = {
        .priority       = GENSEC_GSSAPI
 };
 
+const struct gensec_security_ops *gensec_gse_security_by_oid(
+       const char *oid_string)
+{
+       int cmp;
+
+       cmp = strcmp(oid_string, GENSEC_OID_KERBEROS5);
+       if (cmp == 0) {
+               return &gensec_gse_krb5_security_ops;
+       }
+
+       return NULL;
+}
 #endif /* HAVE_KRB5 */

diff --git a/source3/librpc/crypto/gse.h b/source3/librpc/crypto/gse.h
index 8618573b4aa986f4d126f2729280e864ad5b723d..1ce8446c55c9448ce20a7550a1a0bf5e02982441 100644 (file)
--- a/source3/librpc/crypto/gse.h
+++ b/source3/librpc/crypto/gse.h
@@ -21,6 +21,7 @@
 
 struct gse_context;
 
-extern const struct gensec_security_ops gensec_gse_krb5_security_ops;
+const struct gensec_security_ops *gensec_gse_security_by_oid(
+       const char *oid_string);
 
 #endif /* _GSE_H_ */

diff --git a/source3/libsmb/auth_generic.c b/source3/libsmb/auth_generic.c
index b4f283f388a84a6c6e5d78911f8df1f156d0125b..f1f70a4f30dc83bc28e7436d50d861764202a96b 100644 (file)
--- a/source3/libsmb/auth_generic.c
+++ b/source3/libsmb/auth_generic.c
@@ -98,7 +98,7 @@ NTSTATUS auth_generic_client_prepare(TALLOC_CTX *mem_ctx, struct auth_generic_st
 
        /* These need to be in priority order, krb5 before NTLMSSP */
 #if defined(HAVE_KRB5)
-       backends[idx++] = &gensec_gse_krb5_security_ops;
+       backends[idx++] = gensec_gse_security_by_oid(GENSEC_OID_KERBEROS5);
 #endif
 
        backends[idx++] = gensec_security_by_oid(NULL, GENSEC_OID_NTLMSSP);

diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 946754d26d269c46cb5ce172412b2ff74e7be3f2..a9e21298f25409de29995fb3283e006371345069 100644 (file)
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1208,7 +1208,7 @@ static NTSTATUS ntlm_auth_prepare_gensec_client(TALLOC_CTX *mem_ctx,
 
        /* These need to be in priority order, krb5 before NTLMSSP */
 #if defined(HAVE_KRB5)
-       backends[idx++] = &gensec_gse_krb5_security_ops;
+       backends[idx++] = gensec_gse_security_by_oid(GENSEC_OID_KERBEROS5);
 #endif
 
        backends[idx++] = gensec_security_by_oid(NULL, GENSEC_OID_NTLMSSP);
@@ -1336,7 +1336,7 @@ static NTSTATUS ntlm_auth_prepare_gensec_server(TALLOC_CTX *mem_ctx,
 
        /* These need to be in priority order, krb5 before NTLMSSP */
 #if defined(HAVE_KRB5)
-       backends[idx++] = &gensec_gse_krb5_security_ops;
+       backends[idx++] = gensec_gse_security_by_oid(GENSEC_OID_KERBEROS5);
 #endif
 
        backends[idx++] = gensec_security_by_oid(NULL, GENSEC_OID_NTLMSSP);