From 6eea2c33c797065f7b189d32648d2cfde5d2e3b9 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 24 Dec 2011 01:14:26 +0100
Subject: [PATCH] auth/gensec: add gensec_*max_update_size()

This is only a hint for the backend, which may want to fragment
update tokens.

metze
---
 auth/gensec/gensec.c       | 15 +++++++++++++++
 auth/gensec/gensec.h       |  4 ++++
 auth/gensec/gensec_start.c |  3 +++
 3 files changed, 22 insertions(+)

diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c
index ec104a7f75b..d1dcc75eafc 100644
--- a/auth/gensec/gensec.c
+++ b/auth/gensec/gensec.c
@@ -185,6 +185,21 @@ _PUBLIC_ NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
 	return gensec_security->ops->session_info(gensec_security, mem_ctx, session_info);
 }
 
+void gensec_set_max_update_size(struct gensec_security *gensec_security,
+				uint32_t max_update_size)
+{
+	gensec_security->max_update_size = max_update_size;
+}
+
+size_t gensec_max_update_size(struct gensec_security *gensec_security)
+{
+	if (gensec_security->max_update_size == 0) {
+		return UINT32_MAX;
+	}
+
+	return gensec_security->max_update_size;
+}
+
 /**
  * Next state function for the GENSEC state machine
  *
diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h
index a1ae634bf88..9982718b0a0 100644
--- a/auth/gensec/gensec.h
+++ b/auth/gensec/gensec.h
@@ -167,6 +167,7 @@ struct gensec_security {
 	enum gensec_role gensec_role;
 	bool subcontext;
 	uint32_t want_features;
+	uint32_t max_update_size;
 	uint8_t dcerpc_auth_level;
 	struct tsocket_address *local_addr, *remote_addr;
 	struct gensec_settings *settings;
@@ -223,6 +224,9 @@ NTSTATUS gensec_start_mech_by_ops(struct gensec_security *gensec_security,
 				  const struct gensec_security_ops *ops);
 NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_security,
 						 const char **sasl_names);
+void gensec_set_max_update_size(struct gensec_security *gensec_security,
+				uint32_t max_update_size);
+size_t gensec_max_update_size(struct gensec_security *gensec_security);
 NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
 		       struct tevent_context *ev,
 		       const DATA_BLOB in, DATA_BLOB *out);
diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c
index 9576e53ec68..b09a76b3450 100644
--- a/auth/gensec/gensec_start.c
+++ b/auth/gensec/gensec_start.c
@@ -518,6 +518,8 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
 	(*gensec_security) = talloc_zero(mem_ctx, struct gensec_security);
 	NT_STATUS_HAVE_NO_MEMORY(*gensec_security);
 
+	(*gensec_security)->max_update_size = UINT32_MAX;
+
 	SMB_ASSERT(settings->lp_ctx != NULL);
 	(*gensec_security)->settings = talloc_reference(*gensec_security, settings);
 
@@ -550,6 +552,7 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
 
 	(*gensec_security)->subcontext = true;
 	(*gensec_security)->want_features = parent->want_features;
+	(*gensec_security)->max_update_size = parent->max_update_size;
 	(*gensec_security)->dcerpc_auth_level = parent->dcerpc_auth_level;
 	(*gensec_security)->auth_context = talloc_reference(*gensec_security, parent->auth_context);
 	(*gensec_security)->settings = talloc_reference(*gensec_security, parent->settings);
-- 
2.34.1