summaryrefslogtreecommitdiff
path: root/source4/auth/gensec
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth/gensec')
-rw-r--r--source4/auth/gensec/cyrus_sasl.c17
-rw-r--r--source4/auth/gensec/gensec.c36
-rw-r--r--source4/auth/gensec/gensec.h3
-rw-r--r--source4/auth/gensec/gensec_gssapi.c61
-rw-r--r--source4/auth/gensec/gensec_krb5.c53
-rw-r--r--source4/auth/gensec/schannel.c22
-rw-r--r--source4/auth/gensec/schannel_sign.c1
-rw-r--r--source4/auth/gensec/schannel_state.c8
-rw-r--r--source4/auth/gensec/socket.c20
-rw-r--r--source4/auth/gensec/spnego.c56
-rw-r--r--source4/auth/gensec/spnego_parse.c30
11 files changed, 159 insertions, 148 deletions
diff --git a/source4/auth/gensec/cyrus_sasl.c b/source4/auth/gensec/cyrus_sasl.c
index db77ed13a7..0bce35e1c5 100644
--- a/source4/auth/gensec/cyrus_sasl.c
+++ b/source4/auth/gensec/cyrus_sasl.c
@@ -248,6 +248,7 @@ static NTSTATUS gensec_sasl_unwrap_packets(struct gensec_security *gensec_securi
return sasl_nt_status(sasl_ret);
}
+
static NTSTATUS gensec_sasl_wrap_packets(struct gensec_security *gensec_security,
TALLOC_CTX *out_mem_ctx,
const DATA_BLOB *in,
@@ -271,7 +272,7 @@ static NTSTATUS gensec_sasl_wrap_packets(struct gensec_security *gensec_security
}
/* Try to figure out what features we actually got on the connection */
-static BOOL gensec_sasl_have_feature(struct gensec_security *gensec_security,
+static bool gensec_sasl_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
struct gensec_sasl_state *gensec_sasl_state = talloc_get_type(gensec_security->private_data,
@@ -279,25 +280,25 @@ static BOOL gensec_sasl_have_feature(struct gensec_security *gensec_security,
sasl_ssf_t ssf;
int sasl_ret = sasl_getprop(gensec_sasl_state->conn, SASL_SSF, &ssf);
if (sasl_ret != SASL_OK) {
- return False;
+ return false;
}
if (feature & GENSEC_FEATURE_SIGN) {
if (ssf == 0) {
- return False;
+ return false;
}
if (ssf >= 1) {
- return True;
+ return true;
}
}
if (feature & GENSEC_FEATURE_SEAL) {
if (ssf <= 1) {
- return False;
+ return false;
}
if (ssf > 1) {
- return True;
+ return true;
}
}
- return False;
+ return false;
}
/* This could in theory work with any SASL mech */
@@ -309,7 +310,7 @@ static const struct gensec_security_ops gensec_sasl_security_ops = {
.wrap_packets = gensec_sasl_wrap_packets,
.unwrap_packets = gensec_sasl_unwrap_packets,
.have_feature = gensec_sasl_have_feature,
- .enabled = True,
+ .enabled = true,
.priority = GENSEC_SASL
};
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index 25366dc246..4821e6a19b 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -27,6 +27,7 @@
#include "librpc/rpc/dcerpc.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "param/param.h"
/* the list of currently registered GENSEC backends */
static struct gensec_security_ops **generic_security_ops;
@@ -46,10 +47,15 @@ struct gensec_security_ops **gensec_security_all(void)
struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
struct gensec_security_ops **old_gensec_list,
- enum credentials_use_kerberos use_kerberos)
+ struct cli_credentials *creds)
{
struct gensec_security_ops **new_gensec_list;
int i, j, num_mechs_in;
+ enum credentials_use_kerberos use_kerberos = CRED_AUTO_USE_KERBEROS;
+
+ if (creds) {
+ use_kerberos = cli_credentials_get_kerberos_state(creds);
+ }
if (use_kerberos == CRED_AUTO_USE_KERBEROS) {
if (!talloc_reference(mem_ctx, old_gensec_list)) {
@@ -79,13 +85,13 @@ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
}
switch (use_kerberos) {
case CRED_DONT_USE_KERBEROS:
- if (old_gensec_list[i]->kerberos == False) {
+ if (old_gensec_list[i]->kerberos == false) {
new_gensec_list[j] = old_gensec_list[i];
j++;
}
break;
case CRED_MUST_USE_KERBEROS:
- if (old_gensec_list[i]->kerberos == True) {
+ if (old_gensec_list[i]->kerberos == true) {
new_gensec_list[j] = old_gensec_list[i];
j++;
}
@@ -111,7 +117,6 @@ struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gense
}
return backends;
} else {
- enum credentials_use_kerberos use_kerberos;
struct cli_credentials *creds = gensec_get_credentials(gensec_security);
if (!creds) {
if (!talloc_reference(mem_ctx, backends)) {
@@ -119,8 +124,7 @@ struct gensec_security_ops **gensec_security_mechs(struct gensec_security *gense
}
return backends;
}
- use_kerberos = cli_credentials_get_kerberos_state(creds);
- return gensec_use_kerberos_mechs(mem_ctx, backends, use_kerberos);
+ return gensec_use_kerberos_mechs(mem_ctx, backends, creds);
}
}
@@ -485,7 +489,7 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
ZERO_STRUCT((*gensec_security)->peer_addr);
ZERO_STRUCT((*gensec_security)->my_addr);
- (*gensec_security)->subcontext = False;
+ (*gensec_security)->subcontext = false;
(*gensec_security)->want_features = 0;
if (ev == NULL) {
@@ -521,7 +525,7 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
(*gensec_security)->ops = NULL;
(*gensec_security)->private_data = NULL;
- (*gensec_security)->subcontext = True;
+ (*gensec_security)->subcontext = true;
(*gensec_security)->event_ctx = parent->event_ctx;
(*gensec_security)->msg_ctx = parent->msg_ctx;
@@ -1026,11 +1030,11 @@ _PUBLIC_ void gensec_want_feature(struct gensec_security *gensec_security,
*
*/
-_PUBLIC_ BOOL gensec_have_feature(struct gensec_security *gensec_security,
+_PUBLIC_ bool gensec_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
if (!gensec_security->ops->have_feature) {
- return False;
+ return false;
}
/* We might 'have' features that we don't 'want', because the
@@ -1104,7 +1108,7 @@ _PUBLIC_ NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_secu
_PUBLIC_ const char *gensec_get_target_hostname(struct gensec_security *gensec_security)
{
/* We allow the target hostname to be overriden for testing purposes */
- const char *target_hostname = lp_parm_string(-1, "gensec", "target_hostname");
+ const char *target_hostname = lp_parm_string(global_loadparm, NULL, "gensec", "target_hostname");
if (target_hostname) {
return target_hostname;
}
@@ -1202,7 +1206,7 @@ const char *gensec_get_target_principal(struct gensec_security *gensec_security)
*/
NTSTATUS gensec_register(const struct gensec_security_ops *ops)
{
- if (!lp_parm_bool(-1, "gensec", ops->name, ops->enabled)) {
+ if (!lp_parm_bool(global_loadparm, NULL, "gensec", ops->name, ops->enabled)) {
DEBUG(2,("gensec subsystem %s is disabled\n", ops->name));
return NT_STATUS_OK;
}
@@ -1222,7 +1226,7 @@ NTSTATUS gensec_register(const struct gensec_security_ops *ops)
return NT_STATUS_NO_MEMORY;
}
- generic_security_ops[gensec_num_backends] = discard_const(ops);
+ generic_security_ops[gensec_num_backends] = discard_const_p(struct gensec_security_ops, ops);
gensec_num_backends++;
generic_security_ops[gensec_num_backends] = NULL;
@@ -1257,15 +1261,15 @@ static int sort_gensec(struct gensec_security_ops **gs1, struct gensec_security_
*/
NTSTATUS gensec_init(void)
{
- static BOOL initialized = False;
+ static bool initialized = false;
init_module_fn static_init[] = STATIC_gensec_MODULES;
init_module_fn *shared_init;
if (initialized) return NT_STATUS_OK;
- initialized = True;
+ initialized = true;
- shared_init = load_samba_modules(NULL, "gensec");
+ shared_init = load_samba_modules(NULL, global_loadparm, "gensec");
run_init_functions(static_init);
run_init_functions(shared_init);
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index 48a2903513..bda740cc86 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -39,8 +39,6 @@ enum gensec_priority {
GENSEC_OTHER = 0
};
-enum credentials_use_kerberos;
-
struct gensec_security;
struct gensec_target {
const char *principal;
@@ -63,6 +61,7 @@ enum gensec_role
};
struct auth_session_info;
+struct cli_credentials;
struct gensec_update_request {
struct gensec_security *gensec_security;
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 3c66a032d5..dceb10e7b6 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -34,6 +34,7 @@
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "auth/gensec/gensec.h"
+#include "param/param.h"
enum gensec_gssapi_sasl_state
{
@@ -64,7 +65,7 @@ struct gensec_gssapi_state {
gss_cred_id_t delegated_cred_handle;
- BOOL sasl; /* We have two different mechs in this file: One
+ bool sasl; /* We have two different mechs in this file: One
* for SASL wrapped GSSAPI and another for normal
* GSSAPI */
enum gensec_gssapi_sasl_state sasl_state;
@@ -154,9 +155,9 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
gensec_gssapi_state->gss_exchange_count = 0;
gensec_gssapi_state->max_wrap_buf_size
- = lp_parm_int(-1, "gensec_gssapi", "max wrap buf size", 65536);
+ = lp_parm_int(global_loadparm, NULL, "gensec_gssapi", "max wrap buf size", 65536);
- gensec_gssapi_state->sasl = False;
+ gensec_gssapi_state->sasl = false;
gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
gensec_security->private_data = gensec_gssapi_state;
@@ -169,16 +170,16 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
gensec_gssapi_state->input_chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
gensec_gssapi_state->want_flags = 0;
- if (lp_parm_bool(-1, "gensec_gssapi", "mutual", True)) {
+ if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "mutual", true)) {
gensec_gssapi_state->want_flags |= GSS_C_MUTUAL_FLAG;
}
- if (lp_parm_bool(-1, "gensec_gssapi", "delegation", True)) {
+ if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "delegation", true)) {
gensec_gssapi_state->want_flags |= GSS_C_DELEG_FLAG;
}
- if (lp_parm_bool(-1, "gensec_gssapi", "replay", True)) {
+ if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "replay", true)) {
gensec_gssapi_state->want_flags |= GSS_C_REPLAY_FLAG;
}
- if (lp_parm_bool(-1, "gensec_gssapi", "sequence", True)) {
+ if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "sequence", true)) {
gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG;
}
@@ -212,10 +213,10 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
talloc_free(gensec_gssapi_state);
return NT_STATUS_INTERNAL_ERROR;
}
- if (lp_realm() && *lp_realm()) {
- char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm());
+ if (lp_realm(global_loadparm) && *lp_realm(global_loadparm)) {
+ char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(global_loadparm));
if (!upper_realm) {
- DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm()));
+ DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(global_loadparm)));
talloc_free(gensec_gssapi_state);
return NT_STATUS_NO_MEMORY;
}
@@ -229,7 +230,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
}
/* don't do DNS lookups of any kind, it might/will fail for a netbios name */
- ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(-1, "krb5", "set_dns_canonicalize", false));
+ ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(global_loadparm, NULL, "krb5", "set_dns_canonicalize", false));
if (ret) {
DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n"));
talloc_free(gensec_gssapi_state);
@@ -290,7 +291,7 @@ static NTSTATUS gensec_gssapi_sasl_server_start(struct gensec_security *gensec_s
if (NT_STATUS_IS_OK(nt_status)) {
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
- gensec_gssapi_state->sasl = True;
+ gensec_gssapi_state->sasl = true;
}
return nt_status;
}
@@ -331,7 +332,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
gensec_gssapi_state->gss_oid = gss_mech_krb5;
principal = gensec_get_target_principal(gensec_security);
- if (principal && lp_client_use_spnego_principal()) {
+ if (principal && lp_client_use_spnego_principal(global_loadparm)) {
name_type = GSS_C_NULL_OID;
} else {
principal = talloc_asprintf(gensec_gssapi_state, "%s@%s",
@@ -385,7 +386,7 @@ static NTSTATUS gensec_gssapi_sasl_client_start(struct gensec_security *gensec_s
if (NT_STATUS_IS_OK(nt_status)) {
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
- gensec_gssapi_state->sasl = True;
+ gensec_gssapi_state->sasl = true;
}
return nt_status;
}
@@ -631,7 +632,7 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
maj_stat = gss_wrap(&min_stat,
gensec_gssapi_state->gssapi_context,
- False,
+ false,
GSS_C_QOP_DEFAULT,
&input_token,
&conf_state,
@@ -696,7 +697,7 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
maj_stat = gss_wrap(&min_stat,
gensec_gssapi_state->gssapi_context,
- False,
+ false,
GSS_C_QOP_DEFAULT,
&input_token,
&conf_state,
@@ -1109,7 +1110,7 @@ static NTSTATUS gensec_gssapi_check_packet(struct gensec_security *gensec_securi
}
/* Try to figure out what features we actually got on the connection */
-static BOOL gensec_gssapi_have_feature(struct gensec_security *gensec_security,
+static bool gensec_gssapi_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
struct gensec_gssapi_state *gensec_gssapi_state
@@ -1135,7 +1136,7 @@ static BOOL gensec_gssapi_have_feature(struct gensec_security *gensec_security,
if (feature & GENSEC_FEATURE_SESSION_KEY) {
/* Only for GSSAPI/Krb5 */
if (gss_oid_equal(gensec_gssapi_state->gss_oid, gss_mech_krb5)) {
- return True;
+ return true;
}
}
if (feature & GENSEC_FEATURE_DCE_STYLE) {
@@ -1143,9 +1144,9 @@ static BOOL gensec_gssapi_have_feature(struct gensec_security *gensec_security,
}
/* We can always do async (rather than strict request/reply) packets. */
if (feature & GENSEC_FEATURE_ASYNC_REPLIES) {
- return True;
+ return true;
}
- return False;
+ return false;
}
/*
@@ -1229,7 +1230,9 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
return NT_STATUS_FOOBAR;
}
- principal_string = talloc_strndup(mem_ctx, name_token.value, name_token.length);
+ principal_string = talloc_strndup(mem_ctx,
+ (const char *)name_token.value,
+ name_token.length);
gss_release_buffer(&min_stat, &name_token);
@@ -1314,7 +1317,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
talloc_free(mem_ctx);
return nt_status;
}
- } else if (!lp_parm_bool(-1, "gensec", "require_pac", False)) {
+ } else if (!lp_parm_bool(global_loadparm, NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
nt_status = sam_get_server_info_principal(mem_ctx, principal_string,
@@ -1356,7 +1359,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
}
cli_credentials_set_event_context(session_info->credentials, gensec_security->event_ctx);
- cli_credentials_set_conf(session_info->credentials);
+ cli_credentials_set_conf(session_info->credentials, global_loadparm);
/* Just so we don't segfault trying to get at a username */
cli_credentials_set_anonymous(session_info->credentials);
@@ -1411,8 +1414,8 @@ static const struct gensec_security_ops gensec_gssapi_spnego_security_ops = {
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = False,
- .kerberos = True,
+ .enabled = false,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};
@@ -1434,8 +1437,8 @@ static const struct gensec_security_ops gensec_gssapi_krb5_security_ops = {
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};
@@ -1453,8 +1456,8 @@ static const struct gensec_security_ops gensec_gssapi_sasl_krb5_security_ops = {
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 87ce571fc0..ca48e85089 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -36,6 +36,7 @@
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "auth/gensec/gensec.h"
+#include "param/param.h"
enum GENSEC_KRB5_STATE {
GENSEC_KRB5_SERVER_START,
@@ -53,7 +54,7 @@ struct gensec_krb5_state {
krb5_data enc_ticket;
krb5_keyblock *keyblock;
krb5_ticket *ticket;
- BOOL gssapi;
+ bool gssapi;
};
static int gensec_krb5_destroy(struct gensec_krb5_state *gensec_krb5_state)
@@ -111,7 +112,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
gensec_krb5_state->keyblock = NULL;
gensec_krb5_state->session_key = data_blob(NULL, 0);
gensec_krb5_state->pac = data_blob(NULL, 0);
- gensec_krb5_state->gssapi = False;
+ gensec_krb5_state->gssapi = false;
talloc_set_destructor(gensec_krb5_state, gensec_krb5_destroy);
@@ -191,7 +192,7 @@ static NTSTATUS gensec_krb5_server_start(struct gensec_security *gensec_security
return nt_status;
}
- gensec_krb5_state = gensec_security->private_data;
+ gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
gensec_krb5_state->state_position = GENSEC_KRB5_SERVER_START;
return NT_STATUS_OK;
@@ -203,8 +204,8 @@ static NTSTATUS gensec_fake_gssapi_krb5_server_start(struct gensec_security *gen
if (NT_STATUS_IS_OK(nt_status)) {
struct gensec_krb5_state *gensec_krb5_state;
- gensec_krb5_state = gensec_security->private_data;
- gensec_krb5_state->gssapi = True;
+ gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
+ gensec_krb5_state->gssapi = true;
}
return nt_status;
}
@@ -240,7 +241,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
return nt_status;
}
- gensec_krb5_state = gensec_security->private_data;
+ gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
gensec_krb5_state->state_position = GENSEC_KRB5_CLIENT_START;
principal = gensec_get_target_principal(gensec_security);
@@ -260,7 +261,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
}
in_data.length = 0;
- if (principal && lp_client_use_spnego_principal()) {
+ if (principal && lp_client_use_spnego_principal(global_loadparm)) {
krb5_principal target_principal;
ret = krb5_parse_name(gensec_krb5_state->smb_krb5_context->krb5_context, principal,
&target_principal);
@@ -327,8 +328,8 @@ static NTSTATUS gensec_fake_gssapi_krb5_client_start(struct gensec_security *gen
if (NT_STATUS_IS_OK(nt_status)) {
struct gensec_krb5_state *gensec_krb5_state;
- gensec_krb5_state = gensec_security->private_data;
- gensec_krb5_state->gssapi = True;
+ gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
+ gensec_krb5_state->gssapi = true;
}
return nt_status;
}
@@ -368,7 +369,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
TALLOC_CTX *out_mem_ctx,
const DATA_BLOB in, DATA_BLOB *out)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_error_code ret = 0;
NTSTATUS nt_status;
@@ -416,7 +417,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
if (ret) {
DEBUG(1,("krb5_rd_rep (mutual authentication) failed (%s)\n",
smb_get_krb5_error_message(gensec_krb5_state->smb_krb5_context->krb5_context, ret, out_mem_ctx)));
- dump_data_pw("Mutual authentication message:\n", inbuf.data, inbuf.length);
+ dump_data_pw("Mutual authentication message:\n", (uint8_t *)inbuf.data, inbuf.length);
nt_status = NT_STATUS_ACCESS_DENIED;
} else {
*out = data_blob(NULL, 0);
@@ -477,7 +478,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
if (ret) {
return NT_STATUS_LOGON_FAILURE;
}
- unwrapped_out.data = outbuf.data;
+ unwrapped_out.data = (uint8_t *)outbuf.data;
unwrapped_out.length = outbuf.length;
gensec_krb5_state->state_position = GENSEC_KRB5_DONE;
/* wrap that up in a nice GSS-API wrapping */
@@ -500,7 +501,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
static NTSTATUS gensec_krb5_session_key(struct gensec_security *gensec_security,
DATA_BLOB *session_key)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_context context = gensec_krb5_state->smb_krb5_context->krb5_context;
krb5_auth_context auth_context = gensec_krb5_state->auth_context;
krb5_keyblock *skey;
@@ -539,7 +540,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
struct auth_session_info **_session_info)
{
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_context context = gensec_krb5_state->smb_krb5_context->krb5_context;
struct auth_serversupplied_info *server_info = NULL;
struct auth_session_info *session_info = NULL;
@@ -581,7 +582,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
KRB5_AUTHDATA_WIN2K_PAC,
&pac_data);
- if (ret && lp_parm_bool(-1, "gensec", "require_pac", False)) {
+ if (ret && lp_parm_bool(global_loadparm, NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC in ticket from %s, failing to allow access: %s \n",
principal_string,
smb_get_krb5_error_message(context,
@@ -666,7 +667,7 @@ static NTSTATUS gensec_krb5_wrap(struct gensec_security *gensec_security,
const DATA_BLOB *in,
DATA_BLOB *out)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_context context = gensec_krb5_state->smb_krb5_context->krb5_context;
krb5_auth_context auth_context = gensec_krb5_state->auth_context;
krb5_error_code ret;
@@ -696,7 +697,7 @@ static NTSTATUS gensec_krb5_unwrap(struct gensec_security *gensec_security,
const DATA_BLOB *in,
DATA_BLOB *out)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
krb5_context context = gensec_krb5_state->smb_krb5_context->krb5_context;
krb5_auth_context auth_context = gensec_krb5_state->auth_context;
krb5_error_code ret;
@@ -722,19 +723,19 @@ static NTSTATUS gensec_krb5_unwrap(struct gensec_security *gensec_security,
return NT_STATUS_OK;
}
-static BOOL gensec_krb5_have_feature(struct gensec_security *gensec_security,
+static bool gensec_krb5_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
- struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+ struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
if (feature & GENSEC_FEATURE_SESSION_KEY) {
- return True;
+ return true;
}
if (!gensec_krb5_state->gssapi &&
(feature & GENSEC_FEATURE_SEAL)) {
- return True;
+ return true;
}
- return False;
+ return false;
}
static const char *gensec_krb5_oids[] = {
@@ -754,8 +755,8 @@ static const struct gensec_security_ops gensec_fake_gssapi_krb5_security_ops = {
.session_key = gensec_krb5_session_key,
.session_info = gensec_krb5_session_info,
.have_feature = gensec_krb5_have_feature,
- .enabled = False,
- .kerberos = True,
+ .enabled = false,
+ .kerberos = true,
.priority = GENSEC_KRB5
};
@@ -769,8 +770,8 @@ static const struct gensec_security_ops gensec_krb5_security_ops = {
.have_feature = gensec_krb5_have_feature,
.wrap = gensec_krb5_wrap,
.unwrap = gensec_krb5_unwrap,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_KRB5
};
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index 5dc5c287ec..4d2c9cfee3 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -44,7 +44,7 @@ static NTSTATUS schannel_session_key(struct gensec_security *gensec_security,
static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
const DATA_BLOB in, DATA_BLOB *out)
{
- struct schannel_state *state = gensec_security->private_data;
+ struct schannel_state *state = (struct schannel_state *)gensec_security->private_data;
NTSTATUS status;
struct schannel_bind bind_schannel;
struct schannel_bind_ack bind_schannel_ack;
@@ -207,8 +207,8 @@ static NTSTATUS schannel_server_start(struct gensec_security *gensec_security)
return status;
}
- state = gensec_security->private_data;
- state->initiator = False;
+ state = (struct schannel_state *)gensec_security->private_data;
+ state->initiator = false;
return NT_STATUS_OK;
}
@@ -223,27 +223,27 @@ static NTSTATUS schannel_client_start(struct gensec_security *gensec_security)
return status;
}
- state = gensec_security->private_data;
- state->initiator = True;
+ state = (struct schannel_state *)gensec_security->private_data;
+ state->initiator = true;
return NT_STATUS_OK;
}
-static BOOL schannel_have_feature(struct gensec_security *gensec_security,
+static bool schannel_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
if (feature & (GENSEC_FEATURE_SIGN |
GENSEC_FEATURE_SEAL)) {
- return True;
+ return true;
}
if (feature & GENSEC_FEATURE_DCE_STYLE) {
- return True;
+ return true;
}
if (feature & GENSEC_FEATURE_ASYNC_REPLIES) {
- return True;
+ return true;
}
- return False;
+ return false;
}
@@ -261,7 +261,7 @@ static const struct gensec_security_ops gensec_schannel_security_ops = {
.session_info = schannel_session_info,
.sig_size = schannel_sig_size,
.have_feature = schannel_have_feature,
- .enabled = True,
+ .enabled = true,
.priority = GENSEC_SCHANNEL
};
diff --git a/source4/auth/gensec/schannel_sign.c b/source4/auth/gensec/schannel_sign.c
index 43de328c9e..1e57beba08 100644
--- a/source4/auth/gensec/schannel_sign.c
+++ b/source4/auth/gensec/schannel_sign.c
@@ -26,6 +26,7 @@
#include "auth/gensec/schannel.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/schannel_proto.h"
#define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 }
#define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 }
diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c
index a911ed9288..808240c4f4 100644
--- a/source4/auth/gensec/schannel_state.c
+++ b/source4/auth/gensec/schannel_state.c
@@ -26,6 +26,7 @@
#include "db_wrap.h"
#include "libcli/auth/libcli_auth.h"
#include "auth/auth.h"
+#include "param/param.h"
/**
connect to the schannel ldb
@@ -34,20 +35,21 @@ struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx)
{
char *path;
struct ldb_context *ldb;
- BOOL existed;
+ bool existed;
const char *init_ldif =
"dn: @ATTRIBUTES\n" \
"computerName: CASE_INSENSITIVE\n" \
"flatname: CASE_INSENSITIVE\n";
- path = smbd_tmp_path(mem_ctx, "schannel.ldb");
+ path = smbd_tmp_path(mem_ctx, global_loadparm, "schannel.ldb");
if (!path) {
return NULL;
}
existed = file_exist(path);
- ldb = ldb_wrap_connect(mem_ctx, path, system_session(mem_ctx),
+ ldb = ldb_wrap_connect(mem_ctx, global_loadparm, path,
+ system_session(mem_ctx),
NULL, LDB_FLG_NOSYNC, NULL);
talloc_free(path);
if (!ldb) {
diff --git a/source4/auth/gensec/socket.c b/source4/auth/gensec/socket.c
index 9bd97109fb..4dc05e8cc4 100644
--- a/source4/auth/gensec/socket.c
+++ b/source4/auth/gensec/socket.c
@@ -34,13 +34,13 @@ struct gensec_socket {
struct packet_context *packet;
DATA_BLOB read_buffer; /* SASL packets are turned into liniarlised data here, for reading */
size_t orig_send_len;
- BOOL eof;
+ bool eof;
NTSTATUS error;
- BOOL interrupted;
+ bool interrupted;
void (*recv_handler)(void *, uint16_t);
void *recv_private;
int in_extra_read;
- BOOL wrap; /* Should we be wrapping on this socket at all? */
+ bool wrap; /* Should we be wrapping on this socket at all? */
};
static NTSTATUS gensec_socket_init_fn(struct socket_context *sock)
@@ -190,7 +190,7 @@ static void gensec_socket_error_handler(void *private, NTSTATUS status)
{
struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
if (NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)) {
- gensec_socket->eof = True;
+ gensec_socket->eof = true;
} else {
gensec_socket->error = status;
}
@@ -331,7 +331,7 @@ static NTSTATUS gensec_socket_unwrap(void *private, DATA_BLOB blob)
static void send_callback(void *private)
{
struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
- gensec_socket->interrupted = False;
+ gensec_socket->interrupted = false;
}
/*
@@ -384,7 +384,7 @@ static NTSTATUS gensec_socket_send(struct socket_context *sock,
return nt_status;
}
- gensec_socket->interrupted = True;
+ gensec_socket->interrupted = true;
gensec_socket->error = NT_STATUS_OK;
nt_status = packet_send_callback(gensec_socket->packet,
@@ -446,17 +446,17 @@ NTSTATUS gensec_socket_init(struct gensec_security *gensec_security,
if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL) &&
!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
- gensec_socket->wrap = False;
+ gensec_socket->wrap = false;
*new_socket = new_sock;
return NT_STATUS_OK;
}
gensec_socket->gensec_security = gensec_security;
- gensec_socket->wrap = True;
- gensec_socket->eof = False;
+ gensec_socket->wrap = true;
+ gensec_socket->eof = false;
gensec_socket->error = NT_STATUS_OK;
- gensec_socket->interrupted = False;
+ gensec_socket->interrupted = false;
gensec_socket->in_extra_read = 0;
gensec_socket->read_buffer = data_blob(NULL, 0);
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index 88521b912c..5c1c15935f 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -41,7 +41,7 @@ struct spnego_state {
enum spnego_message_type expected_packet;
enum spnego_state_position state_position;
struct gensec_security *sub_sec_security;
- BOOL no_response_expected;
+ bool no_response_expected;
const char *neg_oid;
};
@@ -59,7 +59,7 @@ static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_securi
spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
spnego_state->state_position = SPNEGO_CLIENT_START;
spnego_state->sub_sec_security = NULL;
- spnego_state->no_response_expected = False;
+ spnego_state->no_response_expected = false;
gensec_security->private_data = spnego_state;
return NT_STATUS_OK;
@@ -77,7 +77,7 @@ static NTSTATUS gensec_spnego_server_start(struct gensec_security *gensec_securi
spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
spnego_state->state_position = SPNEGO_SERVER_START;
spnego_state->sub_sec_security = NULL;
- spnego_state->no_response_expected = False;
+ spnego_state->no_response_expected = false;
gensec_security->private_data = spnego_state;
return NT_STATUS_OK;
@@ -92,7 +92,7 @@ static NTSTATUS gensec_spnego_unseal_packet(struct gensec_security *gensec_secur
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -112,7 +112,7 @@ static NTSTATUS gensec_spnego_check_packet(struct gensec_security *gensec_securi
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -132,7 +132,7 @@ static NTSTATUS gensec_spnego_seal_packet(struct gensec_security *gensec_securit
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -152,7 +152,7 @@ static NTSTATUS gensec_spnego_sign_packet(struct gensec_security *gensec_securit
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -171,7 +171,7 @@ static NTSTATUS gensec_spnego_wrap(struct gensec_security *gensec_security,
const DATA_BLOB *in,
DATA_BLOB *out)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -188,7 +188,7 @@ static NTSTATUS gensec_spnego_unwrap(struct gensec_security *gensec_security,
const DATA_BLOB *in,
DATA_BLOB *out)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -206,7 +206,7 @@ static NTSTATUS gensec_spnego_wrap_packets(struct gensec_security *gensec_securi
DATA_BLOB *out,
size_t *len_processed)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -222,7 +222,7 @@ static NTSTATUS gensec_spnego_wrap_packets(struct gensec_security *gensec_securi
static NTSTATUS gensec_spnego_packet_full_request(struct gensec_security *gensec_security,
DATA_BLOB blob, size_t *size)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -240,7 +240,7 @@ static NTSTATUS gensec_spnego_unwrap_packets(struct gensec_security *gensec_secu
DATA_BLOB *out,
size_t *len_processed)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -255,7 +255,7 @@ static NTSTATUS gensec_spnego_unwrap_packets(struct gensec_security *gensec_secu
static size_t gensec_spnego_sig_size(struct gensec_security *gensec_security, size_t data_size)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -267,7 +267,7 @@ static size_t gensec_spnego_sig_size(struct gensec_security *gensec_security, si
static size_t gensec_spnego_max_input_size(struct gensec_security *gensec_security)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -279,7 +279,7 @@ static size_t gensec_spnego_max_input_size(struct gensec_security *gensec_securi
static size_t gensec_spnego_max_wrapped_size(struct gensec_security *gensec_security)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (spnego_state->state_position != SPNEGO_DONE
&& spnego_state->state_position != SPNEGO_FALLBACK) {
@@ -292,7 +292,7 @@ static size_t gensec_spnego_max_wrapped_size(struct gensec_security *gensec_secu
static NTSTATUS gensec_spnego_session_key(struct gensec_security *gensec_security,
DATA_BLOB *session_key)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (!spnego_state->sub_sec_security) {
return NT_STATUS_INVALID_PARAMETER;
}
@@ -304,7 +304,7 @@ static NTSTATUS gensec_spnego_session_key(struct gensec_security *gensec_securit
static NTSTATUS gensec_spnego_session_info(struct gensec_security *gensec_security,
struct auth_session_info **session_info)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (!spnego_state->sub_sec_security) {
return NT_STATUS_INVALID_PARAMETER;
}
@@ -329,16 +329,16 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec
struct gensec_security_ops **all_ops
= gensec_security_mechs(gensec_security, out_mem_ctx);
for (i=0; all_ops[i]; i++) {
- BOOL is_spnego;
+ bool is_spnego;
NTSTATUS nt_status;
if (!all_ops[i]->oid) {
continue;
}
- is_spnego = False;
+ is_spnego = false;
for (j=0; all_ops[i]->oid[j]; j++) {
if (strcasecmp(GENSEC_OID_SPNEGO,all_ops[i]->oid[j]) == 0) {
- is_spnego = True;
+ is_spnego = true;
}
}
if (is_spnego) {
@@ -622,7 +622,7 @@ static NTSTATUS gensec_spnego_create_negTokenInit(struct gensec_security *gensec
spnego_state->neg_oid = all_sec[i].oid;
if (NT_STATUS_IS_OK(nt_status)) {
- spnego_state->no_response_expected = True;
+ spnego_state->no_response_expected = true;
}
return NT_STATUS_MORE_PROCESSING_REQUIRED;
@@ -685,7 +685,7 @@ static NTSTATUS gensec_spnego_server_negTokenTarg(struct gensec_security *gensec
static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
const DATA_BLOB in, DATA_BLOB *out)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
DATA_BLOB null_data_blob = data_blob(NULL, 0);
DATA_BLOB unwrapped_out = data_blob(NULL, 0);
struct spnego_data spnego_out;
@@ -820,7 +820,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
spnego_state->state_position = SPNEGO_CLIENT_TARG;
if (NT_STATUS_IS_OK(nt_status)) {
- spnego_state->no_response_expected = True;
+ spnego_state->no_response_expected = true;
}
spnego_free_data(&spnego);
@@ -947,7 +947,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
&unwrapped_out);
if (NT_STATUS_IS_OK(nt_status)) {
- spnego_state->no_response_expected = True;
+ spnego_state->no_response_expected = true;
}
}
@@ -999,12 +999,12 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
return NT_STATUS_INVALID_PARAMETER;
}
-static BOOL gensec_spnego_have_feature(struct gensec_security *gensec_security,
+static bool gensec_spnego_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
- struct spnego_state *spnego_state = gensec_security->private_data;
+ struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (!spnego_state->sub_sec_security) {
- return False;
+ return false;
}
return gensec_have_feature(spnego_state->sub_sec_security,
@@ -1039,7 +1039,7 @@ static const struct gensec_security_ops gensec_spnego_security_ops = {
.session_key = gensec_spnego_session_key,
.session_info = gensec_spnego_session_info,
.have_feature = gensec_spnego_have_feature,
- .enabled = True,
+ .enabled = true,
.priority = GENSEC_SPNEGO
};
diff --git a/source4/auth/gensec/spnego_parse.c b/source4/auth/gensec/spnego_parse.c
index bb674a7aad..37f4f12278 100644
--- a/source4/auth/gensec/spnego_parse.c
+++ b/source4/auth/gensec/spnego_parse.c
@@ -25,7 +25,7 @@
#include "auth/gensec/gensec.h"
#include "libcli/util/asn_1.h"
-static BOOL read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
+static bool read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
struct spnego_negTokenInit *token)
{
ZERO_STRUCTP(token);
@@ -37,7 +37,7 @@ static BOOL read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
int i;
uint8_t context;
if (!asn1_peek_uint8(asn1, &context)) {
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
@@ -79,7 +79,7 @@ static BOOL read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
uint8_t type_peek;
asn1_start_tag(asn1, ASN1_CONTEXT(3));
if (!asn1_peek_uint8(asn1, &type_peek)) {
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
if (type_peek == ASN1_OCTET_STRING) {
@@ -101,7 +101,7 @@ static BOOL read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
break;
}
default:
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
}
@@ -112,7 +112,7 @@ static BOOL read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
return !asn1->has_error;
}
-static BOOL write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit *token)
+static bool write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit *token)
{
asn1_push_tag(asn1, ASN1_CONTEXT(0));
asn1_push_tag(asn1, ASN1_SEQUENCE(0));
@@ -175,7 +175,7 @@ static BOOL write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenIni
return !asn1->has_error;
}
-static BOOL read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
+static bool read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
struct spnego_negTokenTarg *token)
{
ZERO_STRUCTP(token);
@@ -186,7 +186,7 @@ static BOOL read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
while (!asn1->has_error && 0 < asn1_tag_remaining(asn1)) {
uint8_t context;
if (!asn1_peek_uint8(asn1, &context)) {
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
@@ -214,7 +214,7 @@ static BOOL read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
asn1_end_tag(asn1);
break;
default:
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
}
@@ -225,7 +225,7 @@ static BOOL read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
return !asn1->has_error;
}
-static BOOL write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTarg *token)
+static bool write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTarg *token)
{
asn1_push_tag(asn1, ASN1_CONTEXT(1));
asn1_push_tag(asn1, ASN1_SEQUENCE(0));
@@ -282,7 +282,7 @@ ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data
asn1_load(asn1, data);
if (!asn1_peek_uint8(asn1, &context)) {
- asn1->has_error = True;
+ asn1->has_error = true;
} else {
switch (context) {
case ASN1_APPLICATION(0):
@@ -299,7 +299,7 @@ ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data
}
break;
default:
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
}
@@ -330,7 +330,7 @@ ssize_t spnego_write_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct spnego_da
write_negTokenTarg(asn1, &spnego->negTokenTarg);
break;
default:
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
@@ -343,9 +343,9 @@ ssize_t spnego_write_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct spnego_da
return ret;
}
-BOOL spnego_free_data(struct spnego_data *spnego)
+bool spnego_free_data(struct spnego_data *spnego)
{
- BOOL ret = True;
+ bool ret = true;
if (!spnego) goto out;
@@ -366,7 +366,7 @@ BOOL spnego_free_data(struct spnego_data *spnego)
data_blob_free(&spnego->negTokenTarg.mechListMIC);
break;
default:
- ret = False;
+ ret = false;
break;
}
ZERO_STRUCTP(spnego);
generated by cgit (git 2.34.1) at 2025-01-04 23:47:16 +0000