This make it clearer what type of flags these are.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
struct gss_channel_bindings_struct *input_chan_bindings;
gss_name_t server_name;
gss_name_t client_name;
struct gss_channel_bindings_struct *input_chan_bindings;
gss_name_t server_name;
gss_name_t client_name;
- OM_uint32 want_flags, got_flags;
+ OM_uint32 gss_want_flags, gss_got_flags;
gss_OID gss_oid;
struct smb_krb5_context *smb_krb5_context;
gss_OID gss_oid;
struct smb_krb5_context *smb_krb5_context;
gensec_gssapi_state->server_name = GSS_C_NO_NAME;
gensec_gssapi_state->client_name = GSS_C_NO_NAME;
gensec_gssapi_state->server_name = GSS_C_NO_NAME;
gensec_gssapi_state->client_name = GSS_C_NO_NAME;
- gensec_gssapi_state->want_flags = 0;
+ gensec_gssapi_state->gss_want_flags = 0;
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "delegation_by_kdc_policy", true)) {
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "delegation_by_kdc_policy", true)) {
- gensec_gssapi_state->want_flags |= GSS_C_DELEG_POLICY_FLAG;
+ gensec_gssapi_state->gss_want_flags |= GSS_C_DELEG_POLICY_FLAG;
}
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "mutual", true)) {
}
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "mutual", true)) {
- gensec_gssapi_state->want_flags |= GSS_C_MUTUAL_FLAG;
+ gensec_gssapi_state->gss_want_flags |= GSS_C_MUTUAL_FLAG;
}
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "delegation", true)) {
}
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "delegation", true)) {
- gensec_gssapi_state->want_flags |= GSS_C_DELEG_FLAG;
+ gensec_gssapi_state->gss_want_flags |= GSS_C_DELEG_FLAG;
}
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "replay", true)) {
}
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "replay", true)) {
- gensec_gssapi_state->want_flags |= GSS_C_REPLAY_FLAG;
+ gensec_gssapi_state->gss_want_flags |= GSS_C_REPLAY_FLAG;
}
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "sequence", true)) {
}
if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "sequence", true)) {
- gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG;
+ gensec_gssapi_state->gss_want_flags |= GSS_C_SEQUENCE_FLAG;
}
if (gensec_security->want_features & GENSEC_FEATURE_SIGN) {
}
if (gensec_security->want_features & GENSEC_FEATURE_SIGN) {
- gensec_gssapi_state->want_flags |= GSS_C_INTEG_FLAG;
+ gensec_gssapi_state->gss_want_flags |= GSS_C_INTEG_FLAG;
}
if (gensec_security->want_features & GENSEC_FEATURE_SEAL) {
}
if (gensec_security->want_features & GENSEC_FEATURE_SEAL) {
- gensec_gssapi_state->want_flags |= GSS_C_CONF_FLAG;
+ gensec_gssapi_state->gss_want_flags |= GSS_C_CONF_FLAG;
}
if (gensec_security->want_features & GENSEC_FEATURE_DCE_STYLE) {
}
if (gensec_security->want_features & GENSEC_FEATURE_DCE_STYLE) {
- gensec_gssapi_state->want_flags |= GSS_C_DCE_STYLE;
+ gensec_gssapi_state->gss_want_flags |= GSS_C_DCE_STYLE;
- gensec_gssapi_state->got_flags = 0;
+ gensec_gssapi_state->gss_got_flags = 0;
switch (gensec_security->ops->auth_type) {
case DCERPC_AUTH_TYPE_SPNEGO:
switch (gensec_security->ops->auth_type) {
case DCERPC_AUTH_TYPE_SPNEGO:
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
if (cli_credentials_get_impersonate_principal(creds)) {
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
if (cli_credentials_get_impersonate_principal(creds)) {
- gensec_gssapi_state->want_flags &= ~(GSS_C_DELEG_FLAG|GSS_C_DELEG_POLICY_FLAG);
+ gensec_gssapi_state->gss_want_flags &= ~(GSS_C_DELEG_FLAG|GSS_C_DELEG_POLICY_FLAG);
}
gensec_gssapi_state->target_principal = gensec_get_target_principal(gensec_security);
}
gensec_gssapi_state->target_principal = gensec_get_target_principal(gensec_security);
&gensec_gssapi_state->gssapi_context,
gensec_gssapi_state->server_name,
gensec_gssapi_state->gss_oid,
&gensec_gssapi_state->gssapi_context,
gensec_gssapi_state->server_name,
gensec_gssapi_state->gss_oid,
- gensec_gssapi_state->want_flags,
+ gensec_gssapi_state->gss_want_flags,
0,
gensec_gssapi_state->input_chan_bindings,
&input_token,
&gss_oid_p,
&output_token,
0,
gensec_gssapi_state->input_chan_bindings,
&input_token,
&gss_oid_p,
&output_token,
- &gensec_gssapi_state->got_flags, /* ret flags */
+ &gensec_gssapi_state->gss_got_flags, /* ret flags */
NULL);
if (gss_oid_p) {
gensec_gssapi_state->gss_oid = gss_oid_p;
NULL);
if (gss_oid_p) {
gensec_gssapi_state->gss_oid = gss_oid_p;
&gensec_gssapi_state->client_name,
&gss_oid_p,
&output_token,
&gensec_gssapi_state->client_name,
&gss_oid_p,
&output_token,
- &gensec_gssapi_state->got_flags,
+ &gensec_gssapi_state->gss_got_flags,
NULL,
&gensec_gssapi_state->delegated_cred_handle);
if (gss_oid_p) {
NULL,
&gensec_gssapi_state->delegated_cred_handle);
if (gss_oid_p) {
*out = data_blob_talloc(out_mem_ctx, output_token.value, output_token.length);
gss_release_buffer(&min_stat2, &output_token);
*out = data_blob_talloc(out_mem_ctx, output_token.value, output_token.length);
gss_release_buffer(&min_stat2, &output_token);
- if (gensec_gssapi_state->got_flags & GSS_C_DELEG_FLAG) {
+ if (gensec_gssapi_state->gss_got_flags & GSS_C_DELEG_FLAG) {
DEBUG(5, ("gensec_gssapi: credentials were delegated\n"));
} else {
DEBUG(5, ("gensec_gssapi: NO credentials were delegated\n"));
DEBUG(5, ("gensec_gssapi: credentials were delegated\n"));
} else {
DEBUG(5, ("gensec_gssapi: NO credentials were delegated\n"));
if (gensec_gssapi_state->sasl
&& gensec_gssapi_state->sasl_state == STAGE_DONE) {
return ((gensec_gssapi_state->sasl_protection & NEG_SIGN)
if (gensec_gssapi_state->sasl
&& gensec_gssapi_state->sasl_state == STAGE_DONE) {
return ((gensec_gssapi_state->sasl_protection & NEG_SIGN)
- && (gensec_gssapi_state->got_flags & GSS_C_INTEG_FLAG));
+ && (gensec_gssapi_state->gss_got_flags & GSS_C_INTEG_FLAG));
- return gensec_gssapi_state->got_flags & GSS_C_INTEG_FLAG;
+ return gensec_gssapi_state->gss_got_flags & GSS_C_INTEG_FLAG;
}
if (feature & GENSEC_FEATURE_SEAL) {
/* If we are going GSSAPI SASL, then we honour the second negotiation */
if (gensec_gssapi_state->sasl
&& gensec_gssapi_state->sasl_state == STAGE_DONE) {
return ((gensec_gssapi_state->sasl_protection & NEG_SEAL)
}
if (feature & GENSEC_FEATURE_SEAL) {
/* If we are going GSSAPI SASL, then we honour the second negotiation */
if (gensec_gssapi_state->sasl
&& gensec_gssapi_state->sasl_state == STAGE_DONE) {
return ((gensec_gssapi_state->sasl_protection & NEG_SEAL)
- && (gensec_gssapi_state->got_flags & GSS_C_CONF_FLAG));
+ && (gensec_gssapi_state->gss_got_flags & GSS_C_CONF_FLAG));
- return gensec_gssapi_state->got_flags & GSS_C_CONF_FLAG;
+ return gensec_gssapi_state->gss_got_flags & GSS_C_CONF_FLAG;
}
if (feature & GENSEC_FEATURE_SESSION_KEY) {
/* Only for GSSAPI/Krb5 */
}
if (feature & GENSEC_FEATURE_SESSION_KEY) {
/* Only for GSSAPI/Krb5 */
}
}
if (feature & GENSEC_FEATURE_DCE_STYLE) {
}
}
if (feature & GENSEC_FEATURE_DCE_STYLE) {
- return gensec_gssapi_state->got_flags & GSS_C_DCE_STYLE;
+ return gensec_gssapi_state->gss_got_flags & GSS_C_DCE_STYLE;
}
if (feature & GENSEC_FEATURE_NEW_SPNEGO) {
NTSTATUS status;
}
if (feature & GENSEC_FEATURE_NEW_SPNEGO) {
NTSTATUS status;
- if (!(gensec_gssapi_state->got_flags & GSS_C_INTEG_FLAG)) {
+ if (!(gensec_gssapi_state->gss_got_flags & GSS_C_INTEG_FLAG)) {
- if (!(gensec_gssapi_state->got_flags & GSS_C_DELEG_FLAG)) {
+ if (!(gensec_gssapi_state->gss_got_flags & GSS_C_DELEG_FLAG)) {
DEBUG(10, ("gensec_gssapi: NO delegated credentials supplied by client\n"));
} else {
krb5_error_code ret;
DEBUG(10, ("gensec_gssapi: NO delegated credentials supplied by client\n"));
} else {
krb5_error_code ret;
return gensec_gssapi_state->sig_size;
}
return gensec_gssapi_state->sig_size;
}
- if (gensec_gssapi_state->got_flags & GSS_C_CONF_FLAG) {
+ if (gensec_gssapi_state->gss_got_flags & GSS_C_CONF_FLAG) {
gensec_gssapi_state->sig_size = 45;
} else {
gensec_gssapi_state->sig_size = 37;
gensec_gssapi_state->sig_size = 45;
} else {
gensec_gssapi_state->sig_size = 37;
}
if (gensec_gssapi_state->lucid->protocol == 1) {
}
if (gensec_gssapi_state->lucid->protocol == 1) {
- if (gensec_gssapi_state->got_flags & GSS_C_CONF_FLAG) {
+ if (gensec_gssapi_state->gss_got_flags & GSS_C_CONF_FLAG) {
/*
* TODO: windows uses 76 here, but we don't know
* gss_wrap works with aes keys yet
/*
* TODO: windows uses 76 here, but we don't know
* gss_wrap works with aes keys yet
case KEYTYPE_DES:
case KEYTYPE_ARCFOUR:
case KEYTYPE_ARCFOUR_56:
case KEYTYPE_DES:
case KEYTYPE_ARCFOUR:
case KEYTYPE_ARCFOUR_56:
- if (gensec_gssapi_state->got_flags & GSS_C_CONF_FLAG) {
+ if (gensec_gssapi_state->gss_got_flags & GSS_C_CONF_FLAG) {
gensec_gssapi_state->sig_size = 45;
} else {
gensec_gssapi_state->sig_size = 37;
}
break;
case KEYTYPE_DES3:
gensec_gssapi_state->sig_size = 45;
} else {
gensec_gssapi_state->sig_size = 37;
}
break;
case KEYTYPE_DES3:
- if (gensec_gssapi_state->got_flags & GSS_C_CONF_FLAG) {
+ if (gensec_gssapi_state->gss_got_flags & GSS_C_CONF_FLAG) {
gensec_gssapi_state->sig_size = 57;
} else {
gensec_gssapi_state->sig_size = 49;
gensec_gssapi_state->sig_size = 57;
} else {
gensec_gssapi_state->sig_size = 49;