diff options
author | Stefan Metzmacher <metze@samba.org> | 2011-12-24 01:14:26 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-12 13:15:08 +0100 |
commit | 6eea2c33c797065f7b189d32648d2cfde5d2e3b9 (patch) | |
tree | 9e4e714d6a7a1c65b714891ea1a2c192a435288e /auth/gensec | |
parent | 17986097a39bf2479f244abf40acafa84dfbcd1d (diff) | |
download | samba-6eea2c33c797065f7b189d32648d2cfde5d2e3b9.tar.gz |
auth/gensec: add gensec_*max_update_size()
This is only a hint for the backend, which may want to fragment
update tokens.
metze
Diffstat (limited to 'auth/gensec')
-rw-r--r-- | auth/gensec/gensec.c | 15 | ||||
-rw-r--r-- | auth/gensec/gensec.h | 4 | ||||
-rw-r--r-- | auth/gensec/gensec_start.c | 3 |
3 files changed, 22 insertions, 0 deletions
diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c index ec104a7f75b..d1dcc75eafc 100644 --- a/auth/gensec/gensec.c +++ b/auth/gensec/gensec.c @@ -185,6 +185,21 @@ _PUBLIC_ NTSTATUS gensec_session_info(struct gensec_security *gensec_security, return gensec_security->ops->session_info(gensec_security, mem_ctx, session_info); } +void gensec_set_max_update_size(struct gensec_security *gensec_security, + uint32_t max_update_size) +{ + gensec_security->max_update_size = max_update_size; +} + +size_t gensec_max_update_size(struct gensec_security *gensec_security) +{ + if (gensec_security->max_update_size == 0) { + return UINT32_MAX; + } + + return gensec_security->max_update_size; +} + /** * Next state function for the GENSEC state machine * diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h index a1ae634bf88..9982718b0a0 100644 --- a/auth/gensec/gensec.h +++ b/auth/gensec/gensec.h @@ -167,6 +167,7 @@ struct gensec_security { enum gensec_role gensec_role; bool subcontext; uint32_t want_features; + uint32_t max_update_size; uint8_t dcerpc_auth_level; struct tsocket_address *local_addr, *remote_addr; struct gensec_settings *settings; @@ -223,6 +224,9 @@ NTSTATUS gensec_start_mech_by_ops(struct gensec_security *gensec_security, const struct gensec_security_ops *ops); NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_security, const char **sasl_names); +void gensec_set_max_update_size(struct gensec_security *gensec_security, + uint32_t max_update_size); +size_t gensec_max_update_size(struct gensec_security *gensec_security); NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, struct tevent_context *ev, const DATA_BLOB in, DATA_BLOB *out); diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c index 9576e53ec68..b09a76b3450 100644 --- a/auth/gensec/gensec_start.c +++ b/auth/gensec/gensec_start.c @@ -518,6 +518,8 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, (*gensec_security) = talloc_zero(mem_ctx, struct gensec_security); NT_STATUS_HAVE_NO_MEMORY(*gensec_security); + (*gensec_security)->max_update_size = UINT32_MAX; + SMB_ASSERT(settings->lp_ctx != NULL); (*gensec_security)->settings = talloc_reference(*gensec_security, settings); @@ -550,6 +552,7 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx, (*gensec_security)->subcontext = true; (*gensec_security)->want_features = parent->want_features; + (*gensec_security)->max_update_size = parent->max_update_size; (*gensec_security)->dcerpc_auth_level = parent->dcerpc_auth_level; (*gensec_security)->auth_context = talloc_reference(*gensec_security, parent->auth_context); (*gensec_security)->settings = talloc_reference(*gensec_security, parent->settings); |