summaryrefslogtreecommitdiff
path: root/source4/auth/gensec/gensec.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth/gensec/gensec.c')
-rw-r--r--source4/auth/gensec/gensec.c36
1 files changed, 20 insertions, 16 deletions
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index 25366dc246..4821e6a19b 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -27,6 +27,7 @@
#include "librpc/rpc/dcerpc.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "param/param.h"
/* the list of currently registered GENSEC backends */
static struct gensec_security_ops **generic_security_ops;
@@ -46,10 +47,15 @@ struct gensec_security_ops **gensec_security_all(void)
struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
struct gensec_security_ops **old_gensec_list,
- enum credentials_use_kerberos use_kerberos)
+ struct cli_credentials *creds)
{
struct gensec_security_ops **new_gensec_list;
int i, j, num_mechs_in;
+ enum credentials_use_kerberos use_kerberos = CRED_AUTO_USE_KERBEROS;
+
+ if (creds) {
+ use_kerberos = cli_credentials_get_kerberos_state(creds);
+ }
if (use_kerberos == CRED_AUTO_USE_KERBEROS) {
if (!talloc_reference(mem_ctx, old_gensec_list)) {
@@ -79,13 +85,13 @@ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
}
switch (use_kerberos) {
case CRED_DONT_USE_KERBEROS:
- if (old_gensec_list[i]->kerberos == False) {
+ if (old_gensec_list[i]->kerberos == false) {
new_gensec_list[j] = old_gensec_list[i];
j++;
}
break;
case CRED_MUST_USE_KERBEROS:
- if (old_gensec_list[i]->kerberos == True) {
+ if (old_gensec_list[i]->kerberos == true) {
new_gensec_list[j] = old_gensec_list[i];
j++;
}
@@ -111,7 +117,6 @@ struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gense
}
return backends;
} else {
- enum credentials_use_kerberos use_kerberos;
struct cli_credentials *creds = gensec_get_credentials(gensec_security);
if (!creds) {
if (!talloc_reference(mem_ctx, backends)) {
@@ -119,8 +124,7 @@ struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gense
}
return backends;
}
- use_kerberos = cli_credentials_get_kerberos_state(creds);
- return gensec_use_kerberos_mechs(mem_ctx, backends, use_kerberos);
+ return gensec_use_kerberos_mechs(mem_ctx, backends, creds);
}
}
@@ -485,7 +489,7 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
ZERO_STRUCT((*gensec_security)->peer_addr);
ZERO_STRUCT((*gensec_security)->my_addr);
- (*gensec_security)->subcontext = False;
+ (*gensec_security)->subcontext = false;
(*gensec_security)->want_features = 0;
if (ev == NULL) {
@@ -521,7 +525,7 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
(*gensec_security)->ops = NULL;
(*gensec_security)->private_data = NULL;
- (*gensec_security)->subcontext = True;
+ (*gensec_security)->subcontext = true;
(*gensec_security)->event_ctx = parent->event_ctx;
(*gensec_security)->msg_ctx = parent->msg_ctx;
@@ -1026,11 +1030,11 @@ _PUBLIC_ void gensec_want_feature(struct gensec_security *gensec_security,
*
*/
-_PUBLIC_ BOOL gensec_have_feature(struct gensec_security *gensec_security,
+_PUBLIC_ bool gensec_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
if (!gensec_security->ops->have_feature) {
- return False;
+ return false;
}
/* We might 'have' features that we don't 'want', because the
@@ -1104,7 +1108,7 @@ _PUBLIC_ NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_secu
_PUBLIC_ const char *gensec_get_target_hostname(struct gensec_security *gensec_security)
{
/* We allow the target hostname to be overriden for testing purposes */
- const char *target_hostname = lp_parm_string(-1, "gensec", "target_hostname");
+ const char *target_hostname = lp_parm_string(global_loadparm, NULL, "gensec", "target_hostname");
if (target_hostname) {
return target_hostname;
}
@@ -1202,7 +1206,7 @@ const char *gensec_get_target_principal(struct gensec_security *gensec_security)
*/
NTSTATUS gensec_register(const struct gensec_security_ops *ops)
{
- if (!lp_parm_bool(-1, "gensec", ops->name, ops->enabled)) {
+ if (!lp_parm_bool(global_loadparm, NULL, "gensec", ops->name, ops->enabled)) {
DEBUG(2,("gensec subsystem %s is disabled\n", ops->name));
return NT_STATUS_OK;
}
@@ -1222,7 +1226,7 @@ NTSTATUS gensec_register(const struct gensec_security_ops *ops)
return NT_STATUS_NO_MEMORY;
}
- generic_security_ops[gensec_num_backends] = discard_const(ops);
+ generic_security_ops[gensec_num_backends] = discard_const_p(struct gensec_security_ops, ops);
gensec_num_backends++;
generic_security_ops[gensec_num_backends] = NULL;
@@ -1257,15 +1261,15 @@ static int sort_gensec(struct gensec_security_ops **gs1, struct gensec_security_
*/
NTSTATUS gensec_init(void)
{
- static BOOL initialized = False;
+ static bool initialized = false;
init_module_fn static_init[] = STATIC_gensec_MODULES;
init_module_fn *shared_init;
if (initialized) return NT_STATUS_OK;
- initialized = True;
+ initialized = true;
- shared_init = load_samba_modules(NULL, "gensec");
+ shared_init = load_samba_modules(NULL, global_loadparm, "gensec");
run_init_functions(static_init);
run_init_functions(shared_init);
generated by cgit (git 2.34.1) at 2025-01-02 15:36:26 +0000