struct gensec_settings;
struct tevent_context;
struct tevent_req;
+struct smb_krb5_context;
struct gensec_settings {
struct loadparm_context *lp_ctx;
const char *target_hostname;
+
+ /* this allows callers to specify a specific set of ops that
+ * should be used, rather than those loaded by the plugin
+ * mechanism */
+ struct gensec_security_ops **backends;
};
struct gensec_security_ops {
NTSTATUS (*magic)(struct gensec_security *gensec_security,
const DATA_BLOB *first_packet);
NTSTATUS (*update)(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
+ struct tevent_context *ev,
const DATA_BLOB in, DATA_BLOB *out);
NTSTATUS (*seal_packet)(struct gensec_security *gensec_security, TALLOC_CTX *sig_mem_ctx,
uint8_t *data, size_t length,
size_t (*sig_size)(struct gensec_security *gensec_security, size_t data_size);
size_t (*max_input_size)(struct gensec_security *gensec_security);
size_t (*max_wrapped_size)(struct gensec_security *gensec_security);
- NTSTATUS (*check_packet)(struct gensec_security *gensec_security, TALLOC_CTX *sig_mem_ctx,
+ NTSTATUS (*check_packet)(struct gensec_security *gensec_security,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig);
- NTSTATUS (*unseal_packet)(struct gensec_security *gensec_security, TALLOC_CTX *sig_mem_ctx,
+ NTSTATUS (*unseal_packet)(struct gensec_security *gensec_security,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig);
size_t *len_processed);
NTSTATUS (*packet_full_request)(struct gensec_security *gensec_security,
DATA_BLOB blob, size_t *size);
- NTSTATUS (*session_key)(struct gensec_security *gensec_security, DATA_BLOB *session_key);
- NTSTATUS (*session_info)(struct gensec_security *gensec_security,
+ NTSTATUS (*session_key)(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key);
+ NTSTATUS (*session_info)(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx,
struct auth_session_info **session_info);
void (*want_feature)(struct gensec_security *gensec_security,
uint32_t feature);
enum gensec_role gensec_role;
bool subcontext;
uint32_t want_features;
- struct tevent_context *event_ctx;
+ uint8_t dcerpc_auth_level;
struct tsocket_address *local_addr, *remote_addr;
struct gensec_settings *settings;
struct gensec_security **gensec_security);
NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx,
struct gensec_security **gensec_security,
- struct tevent_context *ev,
struct gensec_settings *settings);
NTSTATUS gensec_start_mech_by_ops(struct gensec_security *gensec_security,
const struct gensec_security_ops *ops);
NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_security,
const char **sasl_names);
NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
+ struct tevent_context *ev,
const DATA_BLOB in, DATA_BLOB *out);
struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_security, const char *hostname);
const char *gensec_get_target_hostname(struct gensec_security *gensec_security);
NTSTATUS gensec_session_key(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
DATA_BLOB *session_key);
NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
const char *mech_oid);
NTSTATUS gensec_init(void);
size_t gensec_max_input_size(struct gensec_security *gensec_security);
NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig);
NTSTATUS gensec_check_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig);
uint8_t auth_type, uint8_t auth_level);
const char *gensec_get_name_by_authtype(struct gensec_security *gensec_security, uint8_t authtype);
NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
struct gensec_settings *settings,
struct auth4_context *auth_context,
struct gensec_security **gensec_security);
NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
struct auth_session_info **session_info);
NTSTATUS gensec_set_local_address(struct gensec_security *gensec_security,
NTSTATUS gensec_set_target_principal(struct gensec_security *gensec_security, const char *principal);
+NTSTATUS gensec_generate_session_info(TALLOC_CTX *mem_ctx,
+ struct gensec_security *gensec_security,
+ struct auth_user_info_dc *user_info_dc,
+ struct auth_session_info **session_info);
+
+NTSTATUS gensec_generate_session_info_pac(TALLOC_CTX *mem_ctx,
+ struct gensec_security *gensec_security,
+ struct smb_krb5_context *smb_krb5_context,
+ DATA_BLOB *pac_blob,
+ const char *principal_string,
+ const struct tsocket_address *remote_address,
+ struct auth_session_info **session_info);
+
+
#endif /* __GENSEC_H__ */