auth/gensec: add gensec_*max_update_size()
authorStefan Metzmacher <metze@samba.org>
Sat, 24 Dec 2011 00:14:26 +0000 (01:14 +0100)
committerStefan Metzmacher <metze@samba.org>
Thu, 12 Jan 2012 12:15:08 +0000 (13:15 +0100)
This is only a hint for the backend, which may want to fragment
update tokens.

metze

auth/gensec/gensec.c
auth/gensec/gensec.h
auth/gensec/gensec_start.c

index ec104a7..d1dcc75 100644 (file)
@@ -185,6 +185,21 @@ _PUBLIC_ NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
        return gensec_security->ops->session_info(gensec_security, mem_ctx, session_info);
 }
 
+void gensec_set_max_update_size(struct gensec_security *gensec_security,
+                               uint32_t max_update_size)
+{
+       gensec_security->max_update_size = max_update_size;
+}
+
+size_t gensec_max_update_size(struct gensec_security *gensec_security)
+{
+       if (gensec_security->max_update_size == 0) {
+               return UINT32_MAX;
+       }
+
+       return gensec_security->max_update_size;
+}
+
 /**
  * Next state function for the GENSEC state machine
  *
index a1ae634..9982718 100644 (file)
@@ -167,6 +167,7 @@ struct gensec_security {
        enum gensec_role gensec_role;
        bool subcontext;
        uint32_t want_features;
+       uint32_t max_update_size;
        uint8_t dcerpc_auth_level;
        struct tsocket_address *local_addr, *remote_addr;
        struct gensec_settings *settings;
@@ -223,6 +224,9 @@ NTSTATUS gensec_start_mech_by_ops(struct gensec_security *gensec_security,
                                  const struct gensec_security_ops *ops);
 NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_security,
                                                 const char **sasl_names);
+void gensec_set_max_update_size(struct gensec_security *gensec_security,
+                               uint32_t max_update_size);
+size_t gensec_max_update_size(struct gensec_security *gensec_security);
 NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
                       struct tevent_context *ev,
                       const DATA_BLOB in, DATA_BLOB *out);
index 9576e53..b09a76b 100644 (file)
@@ -518,6 +518,8 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
        (*gensec_security) = talloc_zero(mem_ctx, struct gensec_security);
        NT_STATUS_HAVE_NO_MEMORY(*gensec_security);
 
+       (*gensec_security)->max_update_size = UINT32_MAX;
+
        SMB_ASSERT(settings->lp_ctx != NULL);
        (*gensec_security)->settings = talloc_reference(*gensec_security, settings);
 
@@ -550,6 +552,7 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
 
        (*gensec_security)->subcontext = true;
        (*gensec_security)->want_features = parent->want_features;
+       (*gensec_security)->max_update_size = parent->max_update_size;
        (*gensec_security)->dcerpc_auth_level = parent->dcerpc_auth_level;
        (*gensec_security)->auth_context = talloc_reference(*gensec_security, parent->auth_context);
        (*gensec_security)->settings = talloc_reference(*gensec_security, parent->settings);