r18257: Order the GENSEC modules, with unknown modules last.

Andrew Bartlett
(This used to be commit 8ae880b5019ab275fe0eca48120ab9e0fcca6293)

diff --git a/source4/auth/gensec/cyrus_sasl.c b/source4/auth/gensec/cyrus_sasl.c
index 661e12f45582c190b35d7b6bcee9acc8b1f73d0a..0ced2ebe936342bb85fd1cebff30aff0efbec42f 100644 (file)
--- a/source4/auth/gensec/cyrus_sasl.c
+++ b/source4/auth/gensec/cyrus_sasl.c
@@ -309,7 +309,7 @@ static const struct gensec_security_ops gensec_sasl_security_ops = {
        .unwrap_packets   = gensec_sasl_unwrap_packets,
        .have_feature     = gensec_sasl_have_feature,
        .enabled          = False,
-       .order            = GENSEC_SASL
+       .priority         = GENSEC_SASL
 };
 
 int gensec_sasl_log(void *context, 

diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index 904680febc45d1dd7adef5c4ba192df7c5ab2fe4..dcbda70c6874a3b94dbe15225c0cc3fcba32eafd 100644 (file)
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -1246,7 +1246,7 @@ const struct gensec_critical_sizes *gensec_interface_version(void)
 }
 
 static int sort_gensec(struct gensec_security_ops **gs1, struct gensec_security_ops **gs2) {
-       return (*gs2)->order - (*gs1)->order;
+       return (*gs2)->priority - (*gs1)->priority;
 }
 
 /*

diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index d127ed6734d5f62ecf23d4354981780ede5ef052..97d9577d83e390107912892e55f3058d19badaba 100644 (file)
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -32,14 +32,14 @@
 #define GENSEC_OID_KERBEROS5_OLD "1 2 840 48018 1 2 2"
 #define GENSEC_OID_KERBEROS5_USER2USER "1 2 840 113554 1 2 2 3"
 
-enum gensec_order {
-       GENSEC_SPNEGO,
-       GENSEC_GSSAPI,
-       GENSEC_KRB5,
-       GENSEC_SCHANNEL,
-       GENSEC_NTLMSSP,
-       GENSEC_SASL,
-       GENSEC_OTHER
+enum gensec_priority {
+       GENSEC_SPNEGO = 90,
+       GENSEC_GSSAPI = 80,
+       GENSEC_KRB5 = 70,
+       GENSEC_SCHANNEL = 60,
+       GENSEC_NTLMSSP = 50,
+       GENSEC_SASL = 20,
+       GENSEC_OTHER = 0
 };
 
 struct gensec_security;
@@ -137,7 +137,7 @@ struct gensec_security_ops {
                                    uint32_t feature); 
        BOOL enabled;
        BOOL kerberos;
-       enum gensec_order order;
+       enum gensec_priority priority;
 };
        
 struct gensec_security_ops_wrapper {

diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index f241a646cc54e91d9c592700386da8e564b01951..3bf14505f5c9047c44424f6b5dbe560971148959 100644 (file)
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -1361,7 +1361,8 @@ static const struct gensec_security_ops gensec_gssapi_krb5_security_ops = {
        .unwrap         = gensec_gssapi_unwrap,
        .have_feature   = gensec_gssapi_have_feature,
        .enabled        = True,
-       .kerberos       = True
+       .kerberos       = True,
+       .priority       = GENSEC_GSSAPI
 };
 
 /* As a server, this could in theory accept any GSSAPI mech */
@@ -1379,7 +1380,8 @@ static const struct gensec_security_ops gensec_gssapi_sasl_krb5_security_ops = {
        .unwrap           = gensec_gssapi_unwrap,
        .have_feature     = gensec_gssapi_have_feature,
        .enabled          = True,
-       .kerberos         = True
+       .kerberos         = True,
+       .priority         = GENSEC_GSSAPI
 };
 
 NTSTATUS gensec_gssapi_init(void)

diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index b9a1a0518e65d8177c59384dfb5ad12f8bfc1dcd..3695454c76c247201b8b7268317845f0dbc7b82c 100644 (file)
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -730,7 +730,7 @@ static const struct gensec_security_ops gensec_fake_gssapi_krb5_security_ops = {
        .have_feature   = gensec_krb5_have_feature,
        .enabled        = False,
        .kerberos       = True,
-       .order          = GENSEC_KRB5
+       .priority       = GENSEC_KRB5
 };
 
 static const struct gensec_security_ops gensec_krb5_security_ops = {
@@ -745,7 +745,7 @@ static const struct gensec_security_ops gensec_krb5_security_ops = {
        .unwrap         = gensec_krb5_unwrap,
        .enabled        = True,
        .kerberos       = True,
-       .order          = GENSEC_KRB5
+       .priority       = GENSEC_KRB5
 };
 
 NTSTATUS gensec_krb5_init(void)

diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index f58233c528121a053631535c446906c6ac66954e..9bcb30754852bf443cdd1d3e25bcbc9590763ef5 100644 (file)
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -256,7 +256,7 @@ static const struct gensec_security_ops gensec_schannel_security_ops = {
        .sig_size       = schannel_sig_size,
        .have_feature   = schannel_have_feature,
        .enabled        = True,
-       .order          = GENSEC_SCHANNEL
+       .priority       = GENSEC_SCHANNEL
 };
 
 NTSTATUS gensec_schannel_init(void)

diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index 1cafa83f4bb17b65bce147e62bdd56a7396babec..f989455a729d178bda50a0adc960908fcb3827ae 100644 (file)
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -1040,7 +1040,7 @@ static const struct gensec_security_ops gensec_spnego_security_ops = {
        .session_info     = gensec_spnego_session_info,
        .have_feature     = gensec_spnego_have_feature,
        .enabled          = True,
-       .order            = GENSEC_SPNEGO
+       .priority         = GENSEC_SPNEGO
 };
 
 NTSTATUS gensec_spnego_init(void)