diff options
| author | Simo Sorce <simo@redhat.com> | 2014-08-08 09:47:19 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2014-08-08 10:11:05 -0400 |
| commit | 83a16a65b5c1bb8435505fe7f3b0cc805048821c (patch) | |
| tree | de24440ea5cb48cbd2bfac97722a37257495de64 /src/gss_ntlmssp.c | |
| parent | 77b7dd9436db7f1b3a2f2110a58e90341de420c9 (diff) | |
| download | gss-ntlmssp-winbind.tar.gz gss-ntlmssp-winbind.tar.xz gss-ntlmssp-winbind.zip | |
Improve role managementwinbind
A server can be standalone or domain member, improve role management
so we can autodetct which role we should assume as a server.
Diffstat (limited to 'src/gss_ntlmssp.c')
| -rw-r--r-- | src/gss_ntlmssp.c | 37 |
1 files changed, 33 insertions, 4 deletions
diff --git a/src/gss_ntlmssp.c b/src/gss_ntlmssp.c index e4a6336..666508b 100644 --- a/src/gss_ntlmssp.c +++ b/src/gss_ntlmssp.c @@ -28,8 +28,7 @@ const gss_OID_desc gssntlm_oid = { .elements = discard_const(GSS_NTLMSSP_OID_STRING) }; -uint8_t gssntlm_required_security(int security_level, - enum gssntlm_role role) +uint8_t gssntlm_required_security(int security_level, struct gssntlm_ctx *ctx) { uint8_t resp; @@ -51,10 +50,10 @@ uint8_t gssntlm_required_security(int security_level, break; case 4: resp |= SEC_NTLM_OK | SEC_EXT_SEC_OK; - if (role == GSSNTLM_DOMAIN_CONTROLLER) resp &= ~SEC_DC_LM_OK; + if (ctx->role == GSSNTLM_DOMAIN_CONTROLLER) resp &= ~SEC_DC_LM_OK; break; case 5: - if (role == GSSNTLM_DOMAIN_CONTROLLER) resp = SEC_DC_V2_OK; + if (ctx->role == GSSNTLM_DOMAIN_CONTROLLER) resp = SEC_DC_V2_OK; resp |= SEC_V2_ONLY | SEC_EXT_SEC_OK; break; default: @@ -65,6 +64,36 @@ uint8_t gssntlm_required_security(int security_level, return resp; } +void gssntlm_set_role(struct gssntlm_ctx *ctx, + int desired, char *nb_domain_name) +{ + if (desired == GSSNTLM_CLIENT) { + ctx->role = GSSNTLM_CLIENT; + } else if (nb_domain_name && *nb_domain_name) { + ctx->role = GSSNTLM_DOMAIN_SERVER; + } else { + ctx->role = GSSNTLM_SERVER; + } +} + +bool gssntlm_role_is_client(struct gssntlm_ctx *ctx) +{ + return (ctx->role == GSSNTLM_CLIENT); +} + +bool gssntlm_role_is_server(struct gssntlm_ctx *ctx) +{ + switch (ctx->role) { + case GSSNTLM_SERVER: + case GSSNTLM_DOMAIN_SERVER: + case GSSNTLM_DOMAIN_CONTROLLER: + return true; + default: + break; + } + return false; +} + bool gssntlm_sec_lm_ok(struct gssntlm_ctx *ctx) { switch (ctx->role) { |