Best reviewed with: `git show --word-diff`
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Rowland Penny <rpenny@samba.org>
15 files changed:
*
* IF adding a new field please update the minor version number AUTH_MINOR
*
*
* IF adding a new field please update the minor version number AUTH_MINOR
*
- * To process the resulting log lines from the commend line use jq to
+ * To process the resulting log lines from the command line use jq to
* parse the json.
*
* grep "^ {" log file |
* parse the json.
*
* grep "^ {" log file |
*
* IF adding a new field please update the minor version number AUTHZ_MINOR
*
*
* IF adding a new field please update the minor version number AUTHZ_MINOR
*
- * To process the resulting log lines from the commend line use jq to
+ * To process the resulting log lines from the command line use jq to
* parse the json.
*
* grep "^ {" log_file |\
* parse the json.
*
* grep "^ {" log_file |\
#define AUTH_SESSION_INFO_DEFAULT_GROUPS 0x01 /* Add the user to the default world and network groups */
#define AUTH_SESSION_INFO_AUTHENTICATED 0x02 /* Add the user to the 'authenticated users' group */
#define AUTH_SESSION_INFO_DEFAULT_GROUPS 0x01 /* Add the user to the default world and network groups */
#define AUTH_SESSION_INFO_AUTHENTICATED 0x02 /* Add the user to the 'authenticated users' group */
-#define AUTH_SESSION_INFO_SIMPLE_PRIVILEGES 0x04 /* Use a trivial map between users and privilages, rather than a DB */
+#define AUTH_SESSION_INFO_SIMPLE_PRIVILEGES 0x04 /* Use a trivial map between users and privileges, rather than a DB */
#define AUTH_SESSION_INFO_UNIX_TOKEN 0x08 /* The returned token must have the unix_token and unix_info elements provided */
#define AUTH_SESSION_INFO_NTLM 0x10 /* The returned token must have authenticated-with-NTLM flag set */
#define AUTH_SESSION_INFO_UNIX_TOKEN 0x08 /* The returned token must have the unix_token and unix_info elements provided */
#define AUTH_SESSION_INFO_NTLM 0x10 /* The returned token must have authenticated-with-NTLM flag set */
*
* @param[in] obtained A pointer to store the obtained information.
*
*
* @param[in] obtained A pointer to store the obtained information.
*
- * return The user name or NULL if an error occured.
+ * return The user name or NULL if an error occurred.
*/
_PUBLIC_ const char *
cli_credentials_get_username_and_obtained(struct cli_credentials *cred,
*/
_PUBLIC_ const char *
cli_credentials_get_username_and_obtained(struct cli_credentials *cred,
* Obtain the BIND DN for this credentials context.
* @param cred credentials context
* @retval The username set on this context.
* Obtain the BIND DN for this credentials context.
* @param cred credentials context
* @retval The username set on this context.
- * @note Return value will be NULL if not specified explictly
+ * @note Return value will be NULL if not specified explicitly
*/
_PUBLIC_ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
{
*/
_PUBLIC_ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
{
*
* @param[in] obtained A pointer to store the obtained information.
*
*
* @param[in] obtained A pointer to store the obtained information.
*
- * return The user name or NULL if an error occured.
+ * return The user name or NULL if an error occurred.
*/
_PUBLIC_ const char *
cli_credentials_get_password_and_obtained(struct cli_credentials *cred,
*/
_PUBLIC_ const char *
cli_credentials_get_password_and_obtained(struct cli_credentials *cred,
- * Return NETLOGON secure chanel type
+ * Return NETLOGON secure channel type
*/
_PUBLIC_ time_t cli_credentials_get_password_last_changed_time(struct cli_credentials *cred)
*/
_PUBLIC_ time_t cli_credentials_get_password_last_changed_time(struct cli_credentials *cred)
- * Return NETLOGON secure chanel type
+ * Return NETLOGON secure channel type
*/
_PUBLIC_ enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred)
*/
_PUBLIC_ enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred)
/* Should we get a forwardable ticket? */
enum credentials_krb_forwardable krb_forwardable;
/* Should we get a forwardable ticket? */
enum credentials_krb_forwardable krb_forwardable;
- /* Forced SASL mechansim */
+ /* Forced SASL mechanism */
char *forced_sasl_mech;
/* gensec features which should be used for connections */
char *forced_sasl_mech;
/* gensec features which should be used for connections */
ccache out of it. This routine can be generalised in future for
the case where we deal with GSSAPI mechs other than krb5.
ccache out of it. This routine can be generalised in future for
the case where we deal with GSSAPI mechs other than krb5.
- On sucess, the caller must not free gssapi_cred, as it now belongs
+ On success, the caller must not free gssapi_cred, as it now belongs
to the credentials system.
*/
to the credentials system.
*/
- * Start a GENSEC sub-mechanism with a specified mechansim structure, used in SPNEGO
+ * Start a GENSEC sub-mechanism with a specified mechanism structure, used in SPNEGO
- * Check if the packet is one for the KRB5 mechansim
+ * Check if the packet is one for the KRB5 mechanism
*
* NOTE: This is a helper that can be employed by multiple mechanisms, do
* not make assumptions about the private_data
*
* NOTE: This is a helper that can be employed by multiple mechanisms, do
* not make assumptions about the private_data
- * Reduce the attack surface by ensuring schannel is not availble when
+ * Reduce the attack surface by ensuring schannel is not available when
* we are not a DC
*/
static NTSTATUS schannel_server_start(struct gensec_security *gensec_security)
* we are not a DC
*/
static NTSTATUS schannel_server_start(struct gensec_security *gensec_security)
struct spnego_neg_ops {
const char *name;
/*
struct spnego_neg_ops {
const char *name;
/*
- * The start hook does the initial processing on the incoming paket and
+ * The start hook does the initial processing on the incoming packet and
* may starts the first possible subcontext. It indicates that
* gensec_update() is required on the subcontext by returning
* NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in
* may starts the first possible subcontext. It indicates that
* gensec_update() is required on the subcontext by returning
* NT_STATUS_MORE_PROCESSING_REQUIRED and return something useful in
OM_uint32 gss_maj, gss_min;
#ifdef HAVE_GSS_GET_NAME_ATTRIBUTE
/*
OM_uint32 gss_maj, gss_min;
#ifdef HAVE_GSS_GET_NAME_ATTRIBUTE
/*
- * gss_get_name_attribute() in MIT krb5 1.10.0 can return unintialized pac_display_buffer
+ * gss_get_name_attribute() in MIT krb5 1.10.0 can return uninitialized pac_display_buffer
* and later gss_release_buffer() will crash on attempting to release it.
*
* So always initialize the buffer descriptors.
* and later gss_release_buffer() will crash on attempting to release it.
*
* So always initialize the buffer descriptors.
memset(srv_sig_wipe->signature.data,
'\0', srv_sig_wipe->signature.length);
memset(srv_sig_wipe->signature.data,
'\0', srv_sig_wipe->signature.length);
- /* and reencode, back into the same place it came from */
+ /* and re-encode, back into the same place it came from */
ndr_err = ndr_push_struct_blob(
kdc_sig_blob, pac_data_raw, kdc_sig_wipe,
(ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA);
ndr_err = ndr_push_struct_blob(
kdc_sig_blob, pac_data_raw, kdc_sig_wipe,
(ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA);
bool use_ntlmv2;
bool use_ccache;
bool resume_ccache;
bool use_ntlmv2;
bool use_ccache;
bool resume_ccache;
- bool use_nt_response; /* Set to 'False' to debug what happens when the NT response is omited */
+ bool use_nt_response; /* Set to 'False' to debug what happens when the NT response is omitted */
bool allow_lm_response;/* The LM_RESPONSE code is not very secure... */
bool allow_lm_key; /* The LM_KEY code is not very secure... */
bool allow_lm_response;/* The LM_RESPONSE code is not very secure... */
bool allow_lm_key; /* The LM_KEY code is not very secure... */
if (!(flags & CLI_CRED_LANMAN_AUTH)) {
/* LM Key is still possible, just silly, so we do not
if (!(flags & CLI_CRED_LANMAN_AUTH)) {
/* LM Key is still possible, just silly, so we do not
- * allow it. Fortunetly all LM crypto is off by
+ * allow it. Fortunately all LM crypto is off by
* default and we require command line options to end
* up here */
ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
* default and we require command line options to end
* up here */
ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
}
/* The flags we send back are not just the negotiated flags,
}
/* The flags we send back are not just the negotiated flags,
- * they are also 'what is in this packet'. Therfore, we
+ * they are also 'what is in this packet'. Therefore, we
* operate on 'chal_flags' from here on
*/
* operate on 'chal_flags' from here on
*/
/*
* Key weakening not performed on the master key for NTLM2
/*
* Key weakening not performed on the master key for NTLM2
- * and does not occour for NTLM1. Therefore we only need
+ * and does not occur for NTLM1. Therefore we only need
* to do this for the LM_KEY.
*/
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) {
* to do this for the LM_KEY.
*/
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) {
git.samba.org / gd / samba-autobuild / .git / commitdiff