#include "librpc/rpc/dcerpc.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
#include "param/param.h"
/* the list of currently registered GENSEC backends */
/* Return all the registered mechs. Don't modify the return pointer,
* but you may talloc_reference it if convient */
-struct gensec_security_ops **gensec_security_all(void)
+_PUBLIC_ struct gensec_security_ops **gensec_security_all(void)
{
return generic_security_ops;
}
* gensec_security_all(), or from cli_credentials_gensec_list() (ie,
* an existing list we have trimmed down) */
-struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
+_PUBLIC_ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
struct gensec_security_ops **old_gensec_list,
struct cli_credentials *creds)
{
struct messaging_context *msg,
struct gensec_security **gensec_security)
{
+ if (ev == NULL) {
+ DEBUG(0, ("No event context available!\n"));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
(*gensec_security) = talloc(mem_ctx, struct gensec_security);
NT_STATUS_HAVE_NO_MEMORY(*gensec_security);
(*gensec_security)->subcontext = false;
(*gensec_security)->want_features = 0;
-
- if (ev == NULL) {
- ev = event_context_init(*gensec_security);
- if (ev == NULL) {
- talloc_free(*gensec_security);
- return NT_STATUS_NO_MEMORY;
- }
- }
(*gensec_security)->event_ctx = ev;
(*gensec_security)->msg_ctx = msg;
struct loadparm_context *lp_ctx)
{
NTSTATUS status;
- struct event_context *new_ev = NULL;
-
- if (ev == NULL) {
- new_ev = event_context_init(mem_ctx);
- NT_STATUS_HAVE_NO_MEMORY(new_ev);
- ev = new_ev;
- }
status = gensec_start(mem_ctx, ev, lp_ctx, NULL, gensec_security);
if (!NT_STATUS_IS_OK(status)) {
- talloc_free(new_ev);
return status;
}
- talloc_steal((*gensec_security), new_ev);
(*gensec_security)->gensec_role = GENSEC_CLIENT;
return status;
@param gensec_security Returned GENSEC context pointer.
@note The mem_ctx is only a parent and may be NULL.
*/
-NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
+_PUBLIC_ NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
struct event_context *ev,
struct loadparm_context *lp_ctx,
struct messaging_context *msg,
* @param auth_level DCERPC auth level
*/
-NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
uint8_t auth_type, uint8_t auth_level)
{
gensec_security->ops = gensec_security_by_authtype(gensec_security, auth_type);
return gensec_start_mech(gensec_security);
}
-const char *gensec_get_name_by_authtype(uint8_t authtype)
+_PUBLIC_ const char *gensec_get_name_by_authtype(uint8_t authtype)
{
const struct gensec_security_ops *ops;
ops = gensec_security_by_authtype(NULL, authtype);
}
-const char *gensec_get_name_by_oid(const char *oid_string)
+_PUBLIC_ const char *gensec_get_name_by_oid(const char *oid_string)
{
const struct gensec_security_ops *ops;
ops = gensec_security_by_oid(NULL, oid_string);
* well-known #define to hook it in.
*/
-NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
const char *mech_oid)
{
gensec_security->ops = gensec_security_by_oid(gensec_security, mech_oid);
*
*/
-NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security,
const char *sasl_name)
{
gensec_security->ops = gensec_security_by_sasl_name(gensec_security, sasl_name);
*
*/
-NTSTATUS gensec_start_mech_by_name(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_start_mech_by_name(struct gensec_security *gensec_security,
const char *name)
{
gensec_security->ops = gensec_security_by_name(gensec_security, name);
/*
wrappers for the gensec function pointers
*/
-NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
sig);
}
-NTSTATUS gensec_check_packet(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_check_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
return gensec_security->ops->check_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
}
-NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
return gensec_security->ops->seal_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
}
-NTSTATUS gensec_sign_packet(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_sign_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
return gensec_security->ops->sign_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
}
-size_t gensec_sig_size(struct gensec_security *gensec_security, size_t data_size)
+_PUBLIC_ size_t gensec_sig_size(struct gensec_security *gensec_security, size_t data_size)
{
if (!gensec_security->ops->sig_size) {
return 0;
return gensec_security->ops->max_input_size(gensec_security);
}
-NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const DATA_BLOB *in,
DATA_BLOB *out)
return gensec_security->ops->wrap(gensec_security, mem_ctx, in, out);
}
-NTSTATUS gensec_unwrap(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_unwrap(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const DATA_BLOB *in,
DATA_BLOB *out)
return gensec_security->ops->unwrap(gensec_security, mem_ctx, in, out);
}
-NTSTATUS gensec_session_key(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_session_key(struct gensec_security *gensec_security,
DATA_BLOB *session_key)
{
if (!gensec_security->ops->session_key) {
*
*/
-NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
struct auth_session_info **session_info)
{
if (!gensec_security->ops->session_info) {
*
*/
-struct cli_credentials *gensec_get_credentials(struct gensec_security *gensec_security)
+_PUBLIC_ struct cli_credentials *gensec_get_credentials(struct gensec_security *gensec_security)
{
if (!gensec_security) {
return NULL;
* cryptographic tokens, to avoid certain attacks.
*/
-NTSTATUS gensec_set_my_addr(struct gensec_security *gensec_security, struct socket_address *my_addr)
+_PUBLIC_ NTSTATUS gensec_set_my_addr(struct gensec_security *gensec_security, struct socket_address *my_addr)
{
gensec_security->my_addr = my_addr;
if (my_addr && !talloc_reference(gensec_security, my_addr)) {
return NT_STATUS_OK;
}
-NTSTATUS gensec_set_peer_addr(struct gensec_security *gensec_security, struct socket_address *peer_addr)
+_PUBLIC_ NTSTATUS gensec_set_peer_addr(struct gensec_security *gensec_security, struct socket_address *peer_addr)
{
gensec_security->peer_addr = peer_addr;
if (peer_addr && !talloc_reference(gensec_security, peer_addr)) {
return NULL;
}
-struct socket_address *gensec_get_peer_addr(struct gensec_security *gensec_security)
+_PUBLIC_ struct socket_address *gensec_get_peer_addr(struct gensec_security *gensec_security)
{
if (gensec_security->peer_addr) {
return gensec_security->peer_addr;
/*
initialise the GENSEC subsystem
*/
-NTSTATUS gensec_init(struct loadparm_context *lp_ctx)
+_PUBLIC_ NTSTATUS gensec_init(struct loadparm_context *lp_ctx)
{
static bool initialized = false;
+ extern NTSTATUS gensec_sasl_init(void);
+ extern NTSTATUS gensec_krb5_init(void);
+ extern NTSTATUS gensec_schannel_init(void);
+ extern NTSTATUS gensec_spnego_init(void);
+ extern NTSTATUS gensec_gssapi_init(void);
+ extern NTSTATUS gensec_ntlmssp_init(void);
init_module_fn static_init[] = { STATIC_gensec_MODULES };
init_module_fn *shared_init;