diff options
Diffstat (limited to 'source4/auth')
-rw-r--r-- | source4/auth/auth.c | 6 | ||||
-rw-r--r-- | source4/auth/auth_util.c | 5 | ||||
-rw-r--r-- | source4/auth/gensec/gensec.c | 4 | ||||
-rw-r--r-- | source4/auth/gensec/gensec_gssapi.c | 14 | ||||
-rw-r--r-- | source4/auth/gensec/gensec_krb5.c | 2 | ||||
-rw-r--r-- | source4/auth/gensec/schannel_sign.c | 1 | ||||
-rw-r--r-- | source4/auth/kerberos/krb5_init_context.c | 6 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_client.c | 20 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_server.c | 12 |
9 files changed, 36 insertions, 34 deletions
diff --git a/source4/auth/auth.c b/source4/auth/auth.c index 8cd46cd6fe..ba1e6fd0e5 100644 --- a/source4/auth/auth.c +++ b/source4/auth/auth.c @@ -419,13 +419,13 @@ NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **auth_methods = NULL; switch (lp_server_role()) { case ROLE_STANDALONE: - auth_methods = lp_parm_string_list(-1, "auth methods", "standalone", NULL); + auth_methods = lp_parm_string_list(NULL, "auth methods", "standalone", NULL); break; case ROLE_DOMAIN_MEMBER: - auth_methods = lp_parm_string_list(-1, "auth methods", "member server", NULL); + auth_methods = lp_parm_string_list(NULL, "auth methods", "member server", NULL); break; case ROLE_DOMAIN_CONTROLLER: - auth_methods = lp_parm_string_list(-1, "auth methods", "domain controller", NULL); + auth_methods = lp_parm_string_list(NULL, "auth methods", "domain controller", NULL); break; } return auth_context_create_methods(mem_ctx, auth_methods, ev, msg, auth_ctx); diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index 8398bbfaf4..6597c79b84 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -623,8 +623,9 @@ static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx, _PUBLIC_ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, struct auth_session_info **_session_info) { - return _auth_system_session_info(parent_ctx, lp_parm_bool(-1,"system","anonymous", False), - _session_info); + return _auth_system_session_info(parent_ctx, + lp_parm_bool(NULL, "system", "anonymous", false), + _session_info); } /* diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c index a974cd5138..052eed1363 100644 --- a/source4/auth/gensec/gensec.c +++ b/source4/auth/gensec/gensec.c @@ -1105,7 +1105,7 @@ _PUBLIC_ NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_secu _PUBLIC_ const char *gensec_get_target_hostname(struct gensec_security *gensec_security) { /* We allow the target hostname to be overriden for testing purposes */ - const char *target_hostname = lp_parm_string(-1, "gensec", "target_hostname"); + const char *target_hostname = lp_parm_string(NULL, "gensec", "target_hostname"); if (target_hostname) { return target_hostname; } @@ -1203,7 +1203,7 @@ const char *gensec_get_target_principal(struct gensec_security *gensec_security) */ NTSTATUS gensec_register(const struct gensec_security_ops *ops) { - if (!lp_parm_bool(-1, "gensec", ops->name, ops->enabled)) { + if (!lp_parm_bool(NULL, "gensec", ops->name, ops->enabled)) { DEBUG(2,("gensec subsystem %s is disabled\n", ops->name)); return NT_STATUS_OK; } diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index a3351f75a8..8a7e8090eb 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -155,7 +155,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security) gensec_gssapi_state->gss_exchange_count = 0; gensec_gssapi_state->max_wrap_buf_size - = lp_parm_int(-1, "gensec_gssapi", "max wrap buf size", 65536); + = lp_parm_int(NULL, "gensec_gssapi", "max wrap buf size", 65536); gensec_gssapi_state->sasl = False; gensec_gssapi_state->sasl_state = STAGE_GSS_NEG; @@ -170,16 +170,16 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security) gensec_gssapi_state->input_chan_bindings = GSS_C_NO_CHANNEL_BINDINGS; gensec_gssapi_state->want_flags = 0; - if (lp_parm_bool(-1, "gensec_gssapi", "mutual", True)) { + if (lp_parm_bool(NULL, "gensec_gssapi", "mutual", true)) { gensec_gssapi_state->want_flags |= GSS_C_MUTUAL_FLAG; } - if (lp_parm_bool(-1, "gensec_gssapi", "delegation", True)) { + if (lp_parm_bool(NULL, "gensec_gssapi", "delegation", true)) { gensec_gssapi_state->want_flags |= GSS_C_DELEG_FLAG; } - if (lp_parm_bool(-1, "gensec_gssapi", "replay", True)) { + if (lp_parm_bool(NULL, "gensec_gssapi", "replay", true)) { gensec_gssapi_state->want_flags |= GSS_C_REPLAY_FLAG; } - if (lp_parm_bool(-1, "gensec_gssapi", "sequence", True)) { + if (lp_parm_bool(NULL, "gensec_gssapi", "sequence", true)) { gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG; } @@ -230,7 +230,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security) } /* don't do DNS lookups of any kind, it might/will fail for a netbios name */ - ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(-1, "krb5", "set_dns_canonicalize", false)); + ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(NULL, "krb5", "set_dns_canonicalize", false)); if (ret) { DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n")); talloc_free(gensec_gssapi_state); @@ -1317,7 +1317,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi talloc_free(mem_ctx); return nt_status; } - } else if (!lp_parm_bool(-1, "gensec", "require_pac", False)) { + } else if (!lp_parm_bool(NULL, "gensec", "require_pac", false)) { DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n", gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid))); nt_status = sam_get_server_info_principal(mem_ctx, principal_string, diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index 973de0c10b..c0348441ed 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -582,7 +582,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security KRB5_AUTHDATA_WIN2K_PAC, &pac_data); - if (ret && lp_parm_bool(-1, "gensec", "require_pac", False)) { + if (ret && lp_parm_bool(NULL, "gensec", "require_pac", false)) { DEBUG(1, ("Unable to find PAC in ticket from %s, failing to allow access: %s \n", principal_string, smb_get_krb5_error_message(context, diff --git a/source4/auth/gensec/schannel_sign.c b/source4/auth/gensec/schannel_sign.c index 43de328c9e..1e57beba08 100644 --- a/source4/auth/gensec/schannel_sign.c +++ b/source4/auth/gensec/schannel_sign.c @@ -26,6 +26,7 @@ #include "auth/gensec/schannel.h" #include "auth/credentials/credentials.h" #include "auth/gensec/gensec.h" +#include "auth/gensec/schannel_proto.h" #define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 } #define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 } diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c index 000e715305..06a80e44e4 100644 --- a/source4/auth/kerberos/krb5_init_context.c +++ b/source4/auth/kerberos/krb5_init_context.c @@ -250,12 +250,12 @@ krb5_error_code smb_krb5_send_and_recv_func(krb5_context context, status = NT_STATUS_INVALID_PARAMETER; switch (hi->proto) { case KRB5_KRBHST_UDP: - if (lp_parm_bool(-1, "krb5", "udp", True)) { + if (lp_parm_bool(NULL, "krb5", "udp", true)) { status = socket_create(name, SOCKET_TYPE_DGRAM, &smb_krb5->sock, 0); } break; case KRB5_KRBHST_TCP: - if (lp_parm_bool(-1, "krb5", "tcp", True)) { + if (lp_parm_bool(NULL, "krb5", "tcp", true)) { status = socket_create(name, SOCKET_TYPE_STREAM, &smb_krb5->sock, 0); } break; @@ -473,7 +473,7 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, /* Set options in kerberos */ krb5_set_dns_canonicalize_hostname((*smb_krb5_context)->krb5_context, - lp_parm_bool(-1, "krb5", "set_dns_canonicalize", false)); + lp_parm_bool(NULL, "krb5", "set_dns_canonicalize", false)); return 0; } diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c index a98918a54b..d2f28a394c 100644 --- a/source4/auth/ntlmssp/ntlmssp_client.c +++ b/source4/auth/ntlmssp/ntlmssp_client.c @@ -299,13 +299,13 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->get_domain = lp_workgroup; - gensec_ntlmssp_state->unicode = lp_parm_bool(-1, "ntlmssp_client", "unicode", True); + gensec_ntlmssp_state->unicode = lp_parm_bool(NULL, "ntlmssp_client", "unicode", true); - gensec_ntlmssp_state->use_nt_response = lp_parm_bool(-1, "ntlmssp_client", "send_nt_reponse", True); + gensec_ntlmssp_state->use_nt_response = lp_parm_bool(NULL, "ntlmssp_client", "send_nt_reponse", true); gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth() - && (lp_parm_bool(-1, "ntlmssp_client", "allow_lm_key", False) - || lp_parm_bool(-1, "ntlmssp_client", "lm_key", False))); + && (lp_parm_bool(NULL, "ntlmssp_client", "allow_lm_key", false) + || lp_parm_bool(NULL, "ntlmssp_client", "lm_key", false))); gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(); @@ -315,27 +315,27 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_REQUEST_TARGET; - if (lp_parm_bool(-1, "ntlmssp_client", "128bit", True)) { + if (lp_parm_bool(NULL, "ntlmssp_client", "128bit", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128; } - if (lp_parm_bool(-1, "ntlmssp_client", "56bit", False)) { + if (lp_parm_bool(NULL, "ntlmssp_client", "56bit", false)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56; } - if (lp_parm_bool(-1, "ntlmssp_client", "lm_key", False)) { + if (lp_parm_bool(NULL, "ntlmssp_client", "lm_key", false)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY; } - if (lp_parm_bool(-1, "ntlmssp_client", "keyexchange", True)) { + if (lp_parm_bool(NULL, "ntlmssp_client", "keyexchange", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH; } - if (lp_parm_bool(-1, "ntlmssp_client", "alwayssign", True)) { + if (lp_parm_bool(NULL, "ntlmssp_client", "alwayssign", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; } - if (lp_parm_bool(-1, "ntlmssp_client", "ntlm2", True)) { + if (lp_parm_bool(NULL, "ntlmssp_client", "ntlm2", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2; } else { /* apparently we can't do ntlmv2 if we don't do ntlm2 */ diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 8b6920c978..954c9ea2ac 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -751,7 +751,7 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE; gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth() - && lp_parm_bool(-1, "ntlmssp_server", "allow_lm_key", False)); + && lp_parm_bool(NULL, "ntlmssp_server", "allow_lm_key", false)); gensec_ntlmssp_state->server_multiple_authentications = False; @@ -762,23 +762,23 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->nt_resp = data_blob(NULL, 0); gensec_ntlmssp_state->encrypted_session_key = data_blob(NULL, 0); - if (lp_parm_bool(-1, "ntlmssp_server", "128bit", True)) { + if (lp_parm_bool(NULL, "ntlmssp_server", "128bit", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128; } - if (lp_parm_bool(-1, "ntlmssp_server", "56bit", True)) { + if (lp_parm_bool(NULL, "ntlmssp_server", "56bit", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56; } - if (lp_parm_bool(-1, "ntlmssp_server", "keyexchange", True)) { + if (lp_parm_bool(NULL, "ntlmssp_server", "keyexchange", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH; } - if (lp_parm_bool(-1, "ntlmssp_server", "alwayssign", True)) { + if (lp_parm_bool(NULL, "ntlmssp_server", "alwayssign", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; } - if (lp_parm_bool(-1, "ntlmssp_server", "ntlm2", True)) { + if (lp_parm_bool(NULL, "ntlmssp_server", "ntlm2", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2; } |