gss_cred_id_t delegated_cred_handle;
- BOOL sasl; /* We have two different mechs in this file: One
+ bool sasl; /* We have two different mechs in this file: One
* for SASL wrapped GSSAPI and another for normal
* GSSAPI */
enum gensec_gssapi_sasl_state sasl_state;
gensec_gssapi_state->gss_exchange_count = 0;
gensec_gssapi_state->max_wrap_buf_size
- = lp_parm_int(NULL, "gensec_gssapi", "max wrap buf size", 65536);
+ = lp_parm_int(global_loadparm, NULL, "gensec_gssapi", "max wrap buf size", 65536);
- gensec_gssapi_state->sasl = False;
+ gensec_gssapi_state->sasl = false;
gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
gensec_security->private_data = gensec_gssapi_state;
gensec_gssapi_state->input_chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
gensec_gssapi_state->want_flags = 0;
- if (lp_parm_bool(NULL, "gensec_gssapi", "mutual", true)) {
+ if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "mutual", true)) {
gensec_gssapi_state->want_flags |= GSS_C_MUTUAL_FLAG;
}
- if (lp_parm_bool(NULL, "gensec_gssapi", "delegation", true)) {
+ if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "delegation", true)) {
gensec_gssapi_state->want_flags |= GSS_C_DELEG_FLAG;
}
- if (lp_parm_bool(NULL, "gensec_gssapi", "replay", true)) {
+ if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "replay", true)) {
gensec_gssapi_state->want_flags |= GSS_C_REPLAY_FLAG;
}
- if (lp_parm_bool(NULL, "gensec_gssapi", "sequence", true)) {
+ if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "sequence", true)) {
gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG;
}
}
/* don't do DNS lookups of any kind, it might/will fail for a netbios name */
- ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(NULL, "krb5", "set_dns_canonicalize", false));
+ ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(global_loadparm, NULL, "krb5", "set_dns_canonicalize", false));
if (ret) {
DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n"));
talloc_free(gensec_gssapi_state);
ret = smb_krb5_init_context(gensec_gssapi_state,
gensec_security->event_ctx,
+ global_loadparm,
&gensec_gssapi_state->smb_krb5_context);
if (ret) {
DEBUG(1,("gensec_krb5_start: krb5_init_context failed (%s)\n",
if (NT_STATUS_IS_OK(nt_status)) {
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
- gensec_gssapi_state->sasl = True;
+ gensec_gssapi_state->sasl = true;
}
return nt_status;
}
DEBUG(3, ("Cannot reach a KDC we require to contact %s\n", principal));
return NT_STATUS_INVALID_PARAMETER; /* Make SPNEGO ignore us, we can't go any further here */
default:
- DEBUG(1, ("Aquiring initiator credentails failed\n"));
+ DEBUG(1, ("Aquiring initiator credentials failed\n"));
return NT_STATUS_UNSUCCESSFUL;
}
if (NT_STATUS_IS_OK(nt_status)) {
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
- gensec_gssapi_state->sasl = True;
+ gensec_gssapi_state->sasl = true;
}
return nt_status;
}
maj_stat = gss_wrap(&min_stat,
gensec_gssapi_state->gssapi_context,
- False,
+ false,
GSS_C_QOP_DEFAULT,
&input_token,
&conf_state,
maj_stat = gss_wrap(&min_stat,
gensec_gssapi_state->gssapi_context,
- False,
+ false,
GSS_C_QOP_DEFAULT,
&input_token,
&conf_state,
}
/* Try to figure out what features we actually got on the connection */
-static BOOL gensec_gssapi_have_feature(struct gensec_security *gensec_security,
+static bool gensec_gssapi_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
struct gensec_gssapi_state *gensec_gssapi_state
if (feature & GENSEC_FEATURE_SESSION_KEY) {
/* Only for GSSAPI/Krb5 */
if (gss_oid_equal(gensec_gssapi_state->gss_oid, gss_mech_krb5)) {
- return True;
+ return true;
}
}
if (feature & GENSEC_FEATURE_DCE_STYLE) {
}
/* We can always do async (rather than strict request/reply) packets. */
if (feature & GENSEC_FEATURE_ASYNC_REPLIES) {
- return True;
+ return true;
}
- return False;
+ return false;
}
/*
talloc_free(mem_ctx);
return nt_status;
}
- } else if (!lp_parm_bool(NULL, "gensec", "require_pac", false)) {
+ } else if (!lp_parm_bool(global_loadparm, NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
nt_status = sam_get_server_info_principal(mem_ctx, principal_string,
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = False,
- .kerberos = True,
+ .enabled = false,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};