summaryrefslogtreecommitdiff
path: root/source4/auth/gensec/gensec_krb5.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth/gensec/gensec_krb5.c')
-rw-r--r--source4/auth/gensec/gensec_krb5.c53
1 files changed, 27 insertions, 26 deletions
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 87ce571fc0..ca48e85089 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -36,6 +36,7 @@
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "auth/gensec/gensec.h"
+#include "param/param.h"
enum GENSEC_KRB5_STATE {
GENSEC_KRB5_SERVER_START,
@@ -53,7 +54,7 @@ struct gensec_krb5_state {
krb5_data enc_ticket;
krb5_keyblock *keyblock;
krb5_ticket *ticket;
- BOOL gssapi;
+ bool gssapi;
};
static int gensec_krb5_destroy(struct gensec_krb5_state *gensec_krb5_state)
@@ -111,7 +112,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
gensec_krb5_state->keyblock = NULL;
gensec_krb5_state->session_key = data_blob(NULL, 0);
gensec_krb5_state->pac = data_blob(NULL, 0);
- gensec_krb5_state->gssapi = False;
+ gensec_krb5_state->gssapi = false;
talloc_set_destructor(gensec_krb5_state, gensec_krb5_destroy);
@@ -191,7 +192,7 @@ static NTSTATUS gensec_krb5_server_start(struct gensec_security *gensec_security
return nt_status;
}
- gensec_krb5_state = gensec_security->private_data;
+ gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
gensec_krb5_state->state_position = GENSEC_KRB5_SERVER_START;
return NT_STATUS_OK;
@@ -203,8 +204,8 @@ static NTSTATUS gensec_fake_gssapi_krb5_server_start(struct gensec_security *gen
if (NT_STATUS_IS_OK(nt_status)) {
struct gensec_krb5_state *gensec_krb5_state;
- gensec_krb5_state = gensec_security->private_data;
- gensec_krb5_state->gssapi = True;
+ gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
+ gensec_krb5_state->gssapi = true;
}
return nt_status;
}
@@ -240,7 +241,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
return nt_status;
}
- gensec_krb5_state = gensec_security->private_data;
+ gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
gensec_krb5_state->state_position = GENSEC_KRB5_CLIENT_START;
principal = gensec_get_target_principal(gensec_security);
@@ -260,7 +261,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
}
in_data.length = 0;
- if (principal && lp_client_use_spnego_principal()) {
+ if (principal && lp_client_use_spnego_principal(global_loadparm)) {
krb5_principal target_principal;
ret = krb5_parse_name(gensec_krb5_state->smb_krb5_context->krb5_context, principal,
&target_principal);
@@ -327,8 +328,8 @@ static NTSTATUS gensec_fake_gssapi_krb5_client_start(struct gensec_security *gen
if (NT_STATUS_IS_OK(nt_status)) {
struct gensec_krb5_state *gensec_krb5_state;
- gensec_krb5_state = gensec_security->private_data;
- gensec_krb5_state->gssapi = True;
+ gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
+ gensec_krb5_state->gssapi = true;
}
return nt_status;
}
@@ -368,7 +369,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
TALLOC_CTX *out_mem_ctx,
const DATA_BLOB in, DATA_BLOB *out)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_error_code ret = 0;
NTSTATUS nt_status;
@@ -416,7 +417,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
if (ret) {
DEBUG(1,("krb5_rd_rep (mutual authentication) failed (%s)\n",
smb_get_krb5_error_message(gensec_krb5_state->smb_krb5_context->krb5_context, ret, out_mem_ctx)));
- dump_data_pw("Mutual authentication message:\n", inbuf.data, inbuf.length);
+ dump_data_pw("Mutual authentication message:\n", (uint8_t *)inbuf.data, inbuf.length);
nt_status = NT_STATUS_ACCESS_DENIED;
} else {
*out = data_blob(NULL, 0);
@@ -477,7 +478,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
if (ret) {
return NT_STATUS_LOGON_FAILURE;
}
- unwrapped_out.data = outbuf.data;
+ unwrapped_out.data = (uint8_t *)outbuf.data;
unwrapped_out.length = outbuf.length;
gensec_krb5_state->state_position = GENSEC_KRB5_DONE;
/* wrap that up in a nice GSS-API wrapping */
@@ -500,7 +501,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
static NTSTATUS gensec_krb5_session_key(struct gensec_security *gensec_security,
DATA_BLOB *session_key)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_context context = gensec_krb5_state->smb_krb5_context->krb5_context;
krb5_auth_context auth_context = gensec_krb5_state->auth_context;
krb5_keyblock *skey;
@@ -539,7 +540,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
struct auth_session_info **_session_info)
{
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_context context = gensec_krb5_state->smb_krb5_context->krb5_context;
struct auth_serversupplied_info *server_info = NULL;
struct auth_session_info *session_info = NULL;
@@ -581,7 +582,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
KRB5_AUTHDATA_WIN2K_PAC,
&pac_data);
- if (ret && lp_parm_bool(-1, "gensec", "require_pac", False)) {
+ if (ret && lp_parm_bool(global_loadparm, NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC in ticket from %s, failing to allow access: %s \n",
principal_string,
smb_get_krb5_error_message(context,
@@ -666,7 +667,7 @@ static NTSTATUS gensec_krb5_wrap(struct gensec_security *gensec_security,
const DATA_BLOB *in,
DATA_BLOB *out)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_context context = gensec_krb5_state->smb_krb5_context->krb5_context;
krb5_auth_context auth_context = gensec_krb5_state->auth_context;
krb5_error_code ret;
@@ -696,7 +697,7 @@ static NTSTATUS gensec_krb5_unwrap(struct gensec_security *gensec_security,
const DATA_BLOB *in,
DATA_BLOB *out)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_context context = gensec_krb5_state->smb_krb5_context->krb5_context;
krb5_auth_context auth_context = gensec_krb5_state->auth_context;
krb5_error_code ret;
@@ -722,19 +723,19 @@ static NTSTATUS gensec_krb5_unwrap(struct gensec_security *gensec_security,
return NT_STATUS_OK;
}
-static BOOL gensec_krb5_have_feature(struct gensec_security *gensec_security,
+static bool gensec_krb5_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
if (feature & GENSEC_FEATURE_SESSION_KEY) {
- return True;
+ return true;
}
if (!gensec_krb5_state->gssapi &&
(feature & GENSEC_FEATURE_SEAL)) {
- return True;
+ return true;
}
- return False;
+ return false;
}
static const char *gensec_krb5_oids[] = {
@@ -754,8 +755,8 @@ static const struct gensec_security_ops gensec_fake_gssapi_krb5_security_ops = {
.session_key = gensec_krb5_session_key,
.session_info = gensec_krb5_session_info,
.have_feature = gensec_krb5_have_feature,
- .enabled = False,
- .kerberos = True,
+ .enabled = false,
+ .kerberos = true,
.priority = GENSEC_KRB5
};
@@ -769,8 +770,8 @@ static const struct gensec_security_ops gensec_krb5_security_ops = {
.have_feature = gensec_krb5_have_feature,
.wrap = gensec_krb5_wrap,
.unwrap = gensec_krb5_unwrap,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_KRB5
};
generated by cgit (git 2.34.1) at 2025-01-17 22:06:36 +0000