return NULL;
}
-
-static int gensec_channel_bindings_destructor(struct gensec_channel_bindings *cb)
-{
- data_blob_clear_free(&cb->initiator_address);
- data_blob_clear_free(&cb->acceptor_address);
- data_blob_clear_free(&cb->application_data);
- *cb = (struct gensec_channel_bindings) { .initiator_addrtype = 0, };
- return 0;
-}
-
-_PUBLIC_ NTSTATUS gensec_set_channel_bindings(struct gensec_security *gensec_security,
- uint32_t initiator_addrtype,
- const DATA_BLOB *initiator_address,
- uint32_t acceptor_addrtype,
- const DATA_BLOB *acceptor_address,
- const DATA_BLOB *application_data)
-{
- struct gensec_channel_bindings *cb = NULL;
-
- if (gensec_security->subcontext) {
- return NT_STATUS_INTERNAL_ERROR;
- }
-
- if (gensec_security->channel_bindings != NULL) {
- return NT_STATUS_ALREADY_REGISTERED;
- }
-
- cb = talloc_zero(gensec_security, struct gensec_channel_bindings);
- if (cb == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
- talloc_set_destructor(cb, gensec_channel_bindings_destructor);
-
- cb->initiator_addrtype = initiator_addrtype;
- if (initiator_address != NULL) {
- cb->initiator_address = data_blob_dup_talloc(cb,
- *initiator_address);
- if (cb->initiator_address.length != initiator_address->length) {
- TALLOC_FREE(cb);
- return NT_STATUS_NO_MEMORY;
- }
- }
- cb->acceptor_addrtype = acceptor_addrtype;
- if (acceptor_address != NULL) {
- cb->acceptor_address = data_blob_dup_talloc(cb,
- *acceptor_address);
- if (cb->acceptor_address.length != acceptor_address->length) {
- TALLOC_FREE(cb);
- return NT_STATUS_NO_MEMORY;
- }
- }
- if (application_data != NULL) {
- cb->application_data = data_blob_dup_talloc(cb,
- *application_data);
- if (cb->application_data.length != application_data->length) {
- TALLOC_FREE(cb);
- return NT_STATUS_NO_MEMORY;
- }
- }
-
- gensec_security->channel_bindings = cb;
- return NT_STATUS_OK;
-}
NTSTATUS gensec_set_target_principal(struct gensec_security *gensec_security, const char *principal);
const char *gensec_get_target_principal(struct gensec_security *gensec_security);
-NTSTATUS gensec_set_channel_bindings(struct gensec_security *gensec_security,
- uint32_t initiator_addrtype,
- const DATA_BLOB *initiator_address,
- uint32_t acceptor_addrtype,
- const DATA_BLOB *acceptor_address,
- const DATA_BLOB *application_data);
-
NTSTATUS gensec_generate_session_info_pac(TALLOC_CTX *mem_ctx,
struct gensec_security *gensec_security,
struct smb_krb5_context *smb_krb5_context,
const char *oid;
};
-/*
- * typedef struct gss_channel_bindings_struct {
- * OM_uint32 initiator_addrtype;
- * gss_buffer_desc initiator_address;
- * OM_uint32 acceptor_addrtype;
- * gss_buffer_desc acceptor_address;
- * gss_buffer_desc application_data;
- * } *gss_channel_bindings_t;
- */
-struct gensec_channel_bindings {
- uint32_t initiator_addrtype;
- DATA_BLOB initiator_address;
- uint32_t acceptor_addrtype;
- DATA_BLOB acceptor_address;
- DATA_BLOB application_data;
-};
-
struct gensec_security {
const struct gensec_security_ops *ops;
void *private_data;
uint32_t max_update_size;
uint8_t dcerpc_auth_level;
struct tsocket_address *local_addr, *remote_addr;
- struct gensec_channel_bindings *channel_bindings;
struct gensec_settings *settings;
/* When we are a server, this may be filled in to provide an
(*gensec_security)->auth_context = talloc_reference(*gensec_security, parent->auth_context);
(*gensec_security)->settings = talloc_reference(*gensec_security, parent->settings);
(*gensec_security)->auth_context = talloc_reference(*gensec_security, parent->auth_context);
- (*gensec_security)->channel_bindings = talloc_reference(*gensec_security, parent->channel_bindings);
talloc_set_destructor((*gensec_security), gensec_security_destructor);
return NT_STATUS_OK;