summaryrefslogtreecommitdiff
path: root/source4/auth/gensec
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth/gensec')
-rw-r--r--source4/auth/gensec/gensec.c4
-rw-r--r--source4/auth/gensec/gensec_gssapi.c14
-rw-r--r--source4/auth/gensec/gensec_krb5.c2
-rw-r--r--source4/auth/gensec/schannel_sign.c1
4 files changed, 11 insertions, 10 deletions
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index a974cd5138..052eed1363 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -1105,7 +1105,7 @@ _PUBLIC_ NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_secu
_PUBLIC_ const char *gensec_get_target_hostname(struct gensec_security *gensec_security)
{
/* We allow the target hostname to be overriden for testing purposes */
- const char *target_hostname = lp_parm_string(-1, "gensec", "target_hostname");
+ const char *target_hostname = lp_parm_string(NULL, "gensec", "target_hostname");
if (target_hostname) {
return target_hostname;
}
@@ -1203,7 +1203,7 @@ const char *gensec_get_target_principal(struct gensec_security *gensec_security)
*/
NTSTATUS gensec_register(const struct gensec_security_ops *ops)
{
- if (!lp_parm_bool(-1, "gensec", ops->name, ops->enabled)) {
+ if (!lp_parm_bool(NULL, "gensec", ops->name, ops->enabled)) {
DEBUG(2,("gensec subsystem %s is disabled\n", ops->name));
return NT_STATUS_OK;
}
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index a3351f75a8..8a7e8090eb 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -155,7 +155,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
gensec_gssapi_state->gss_exchange_count = 0;
gensec_gssapi_state->max_wrap_buf_size
- = lp_parm_int(-1, "gensec_gssapi", "max wrap buf size", 65536);
+ = lp_parm_int(NULL, "gensec_gssapi", "max wrap buf size", 65536);
gensec_gssapi_state->sasl = False;
gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
@@ -170,16 +170,16 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
gensec_gssapi_state->input_chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
gensec_gssapi_state->want_flags = 0;
- if (lp_parm_bool(-1, "gensec_gssapi", "mutual", True)) {
+ if (lp_parm_bool(NULL, "gensec_gssapi", "mutual", true)) {
gensec_gssapi_state->want_flags |= GSS_C_MUTUAL_FLAG;
}
- if (lp_parm_bool(-1, "gensec_gssapi", "delegation", True)) {
+ if (lp_parm_bool(NULL, "gensec_gssapi", "delegation", true)) {
gensec_gssapi_state->want_flags |= GSS_C_DELEG_FLAG;
}
- if (lp_parm_bool(-1, "gensec_gssapi", "replay", True)) {
+ if (lp_parm_bool(NULL, "gensec_gssapi", "replay", true)) {
gensec_gssapi_state->want_flags |= GSS_C_REPLAY_FLAG;
}
- if (lp_parm_bool(-1, "gensec_gssapi", "sequence", True)) {
+ if (lp_parm_bool(NULL, "gensec_gssapi", "sequence", true)) {
gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG;
}
@@ -230,7 +230,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
}
/* don't do DNS lookups of any kind, it might/will fail for a netbios name */
- ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(-1, "krb5", "set_dns_canonicalize", false));
+ ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(NULL, "krb5", "set_dns_canonicalize", false));
if (ret) {
DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n"));
talloc_free(gensec_gssapi_state);
@@ -1317,7 +1317,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
talloc_free(mem_ctx);
return nt_status;
}
- } else if (!lp_parm_bool(-1, "gensec", "require_pac", False)) {
+ } else if (!lp_parm_bool(NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
nt_status = sam_get_server_info_principal(mem_ctx, principal_string,
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 973de0c10b..c0348441ed 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -582,7 +582,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
KRB5_AUTHDATA_WIN2K_PAC,
&pac_data);
- if (ret && lp_parm_bool(-1, "gensec", "require_pac", False)) {
+ if (ret && lp_parm_bool(NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC in ticket from %s, failing to allow access: %s \n",
principal_string,
smb_get_krb5_error_message(context,
diff --git a/source4/auth/gensec/schannel_sign.c b/source4/auth/gensec/schannel_sign.c
index 43de328c9e..1e57beba08 100644
--- a/source4/auth/gensec/schannel_sign.c
+++ b/source4/auth/gensec/schannel_sign.c
@@ -26,6 +26,7 @@
#include "auth/gensec/schannel.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/schannel_proto.h"
#define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 }
#define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 }