/***************************************************************************
Set a fixed challenge
***************************************************************************/
-BOOL auth_challenge_may_be_modified(struct auth_context *auth_ctx)
+bool auth_challenge_may_be_modified(struct auth_context *auth_ctx)
{
return auth_ctx->challenge.may_be_modified;
}
NT_STATUS_HAVE_NO_MEMORY(auth_ctx->challenge.data.data);
auth_ctx->challenge.set_by = "random";
- auth_ctx->challenge.may_be_modified = True;
+ auth_ctx->challenge.may_be_modified = true;
}
DEBUG(10,("auth_get_challenge: challenge set by %s\n",
}
struct auth_check_password_sync_state {
- BOOL finished;
+ bool finished;
NTSTATUS status;
struct auth_serversupplied_info *server_info;
};
struct auth_check_password_sync_state *s = talloc_get_type(private_data,
struct auth_check_password_sync_state);
- s->finished = True;
+ s->finished = true;
s->status = auth_check_password_recv(req, s, &s->server_info);
}
ctx = talloc(mem_ctx, struct auth_context);
NT_STATUS_HAVE_NO_MEMORY(ctx);
ctx->challenge.set_by = NULL;
- ctx->challenge.may_be_modified = False;
+ ctx->challenge.may_be_modified = false;
ctx->challenge.data = data_blob(NULL, 0);
ctx->methods = NULL;
ctx->event_ctx = ev;
NTSTATUS auth_init(void)
{
- static BOOL initialized = False;
+ static bool initialized = false;
init_module_fn static_init[] = STATIC_auth_MODULES;
init_module_fn *shared_init;
if (initialized) return NT_STATUS_OK;
- initialized = True;
+ initialized = true;
shared_init = load_samba_modules(NULL, global_loadparm, "auth");
server_info->acct_flags = ACB_NORMAL;
- server_info->authenticated = False;
+ server_info->authenticated = false;
*_server_info = server_info;
return NT_STATUS_NO_MEMORY;
}
- user_info->mapped_state = True;
+ user_info->mapped_state = true;
user_info->client.account_name = nt4_username;
user_info->mapped.account_name = nt4_username;
user_info->client.domain_name = nt4_domain;
server_info = talloc(mem_ctx, struct auth_serversupplied_info);
NT_STATUS_HAVE_NO_MEMORY(server_info);
- server_info->authenticated = True;
+ server_info->authenticated = true;
server_info->account_name = talloc_steal(server_info, pwd->pw_name);
NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
}
talloc_reference(*user_info_mapped, user_info);
**user_info_mapped = *user_info;
- (*user_info_mapped)->mapped_state = True;
+ (*user_info_mapped)->mapped_state = true;
(*user_info_mapped)->mapped.domain_name = talloc_strdup(*user_info_mapped, domain);
(*user_info_mapped)->mapped.account_name = talloc_strdup(*user_info_mapped, account_name);
talloc_free(account_name);
server_info->bad_password_count = base->bad_password_count;
server_info->acct_flags = base->acct_flags;
- server_info->authenticated = True;
+ server_info->authenticated = true;
/* ensure we are never given NULL session keys */
server_info->acct_flags = ACB_NORMAL;
- server_info->authenticated = False;
+ server_info->authenticated = false;
*_server_info = server_info;
server_info->acct_flags = ACB_NORMAL;
- server_info->authenticated = True;
+ server_info->authenticated = true;
*_server_info = server_info;
}
static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx,
- BOOL anonymous_credentials,
+ bool anonymous_credentials,
struct auth_session_info **_session_info)
{
NTSTATUS nt_status;
{
NTSTATUS nt_status;
struct auth_session_info *session_info = NULL;
- nt_status = _auth_system_session_info(mem_ctx, False, &session_info);
+ nt_status = _auth_system_session_info(mem_ctx, false, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
return NULL;
}
}
cred->netlogon_creds = NULL;
- cred->machine_account_pending = False;
+ cred->machine_account_pending = false;
cred->workstation_obtained = CRED_UNINITIALISED;
cred->username_obtained = CRED_UNINITIALISED;
cred->password_obtained = CRED_UNINITIALISED;
cred->old_password = NULL;
cred->smb_krb5_context = NULL;
cred->salt_principal = NULL;
- cred->machine_account = False;
+ cred->machine_account = false;
cred->bind_dn = NULL;
cred->tries = 3;
- cred->callback_running = False;
+ cred->callback_running = false;
cred->ev = NULL;
cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS);
if (cred->username_obtained == CRED_CALLBACK &&
!cred->callback_running) {
- cred->callback_running = True;
+ cred->callback_running = true;
cred->username = cred->username_cb(cred);
- cred->callback_running = False;
+ cred->callback_running = false;
cred->username_obtained = CRED_SPECIFIED;
cli_credentials_invalidate_ccache(cred, cred->username_obtained);
}
return cred->username;
}
-BOOL cli_credentials_set_username(struct cli_credentials *cred,
+bool cli_credentials_set_username(struct cli_credentials *cred,
const char *val, enum credentials_obtained obtained)
{
if (obtained >= cred->username_obtained) {
cred->username = talloc_strdup(cred, val);
cred->username_obtained = obtained;
cli_credentials_invalidate_ccache(cred, cred->username_obtained);
- return True;
+ return true;
}
- return False;
+ return false;
}
-BOOL cli_credentials_set_username_callback(struct cli_credentials *cred,
+bool cli_credentials_set_username_callback(struct cli_credentials *cred,
const char *(*username_cb) (struct cli_credentials *))
{
if (cred->username_obtained < CRED_CALLBACK) {
cred->username_cb = username_cb;
cred->username_obtained = CRED_CALLBACK;
- return True;
+ return true;
}
- return False;
+ return false;
}
-BOOL cli_credentials_set_bind_dn(struct cli_credentials *cred,
+bool cli_credentials_set_bind_dn(struct cli_credentials *cred,
const char *bind_dn)
{
cred->bind_dn = talloc_strdup(cred, bind_dn);
- return True;
+ return true;
}
/**
if (cred->principal_obtained == CRED_CALLBACK &&
!cred->callback_running) {
- cred->callback_running = True;
+ cred->callback_running = true;
cred->principal = cred->principal_cb(cred);
- cred->callback_running = False;
+ cred->callback_running = false;
cred->principal_obtained = CRED_SPECIFIED;
cli_credentials_invalidate_ccache(cred, cred->principal_obtained);
}
return talloc_reference(mem_ctx, cred->principal);
}
-BOOL cli_credentials_set_principal(struct cli_credentials *cred,
+bool cli_credentials_set_principal(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
cred->principal = talloc_strdup(cred, val);
cred->principal_obtained = obtained;
cli_credentials_invalidate_ccache(cred, cred->principal_obtained);
- return True;
+ return true;
}
- return False;
+ return false;
}
/* Set a callback to get the principal. This could be a popup dialog,
* a terminal prompt or similar. */
-BOOL cli_credentials_set_principal_callback(struct cli_credentials *cred,
+bool cli_credentials_set_principal_callback(struct cli_credentials *cred,
const char *(*principal_cb) (struct cli_credentials *))
{
if (cred->principal_obtained < CRED_CALLBACK) {
cred->principal_cb = principal_cb;
cred->principal_obtained = CRED_CALLBACK;
- return True;
+ return true;
}
- return False;
+ return false;
}
/* Some of our tools are 'anonymous by default'. This is a single
* function to determine if authentication has been explicitly
* requested */
-BOOL cli_credentials_authentication_requested(struct cli_credentials *cred)
+bool cli_credentials_authentication_requested(struct cli_credentials *cred)
{
if (cred->bind_dn) {
- return True;
+ return true;
}
if (cli_credentials_is_anonymous(cred)){
- return False;
+ return false;
}
if (cred->principal_obtained >= CRED_SPECIFIED) {
- return True;
+ return true;
}
if (cred->username_obtained >= CRED_SPECIFIED) {
- return True;
+ return true;
}
if (cli_credentials_get_kerberos_state(cred) == CRED_MUST_USE_KERBEROS) {
- return True;
+ return true;
}
- return False;
+ return false;
}
/**
if (cred->password_obtained == CRED_CALLBACK &&
!cred->callback_running) {
- cred->callback_running = True;
+ cred->callback_running = true;
cred->password = cred->password_cb(cred);
- cred->callback_running = False;
+ cred->callback_running = false;
cred->password_obtained = CRED_CALLBACK_RESULT;
cli_credentials_invalidate_ccache(cred, cred->password_obtained);
}
/* Set a password on the credentials context, including an indication
* of 'how' the password was obtained */
-BOOL cli_credentials_set_password(struct cli_credentials *cred,
+bool cli_credentials_set_password(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
cli_credentials_invalidate_ccache(cred, cred->password_obtained);
cred->nt_hash = NULL;
- return True;
+ return true;
}
- return False;
+ return false;
}
-BOOL cli_credentials_set_password_callback(struct cli_credentials *cred,
+bool cli_credentials_set_password_callback(struct cli_credentials *cred,
const char *(*password_cb) (struct cli_credentials *))
{
if (cred->password_obtained < CRED_CALLBACK) {
cred->password_cb = password_cb;
cred->password_obtained = CRED_CALLBACK;
cli_credentials_invalidate_ccache(cred, cred->password_obtained);
- return True;
+ return true;
}
- return False;
+ return false;
}
/**
return cred->old_password;
}
-BOOL cli_credentials_set_old_password(struct cli_credentials *cred,
+bool cli_credentials_set_old_password(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
cred->old_password = talloc_strdup(cred, val);
- return True;
+ return true;
}
/**
}
}
-BOOL cli_credentials_set_nt_hash(struct cli_credentials *cred,
+bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
const struct samr_Password *nt_hash,
enum credentials_obtained obtained)
{
} else {
cred->nt_hash = NULL;
}
- return True;
+ return true;
}
- return False;
+ return false;
}
/**
if (cred->domain_obtained == CRED_CALLBACK &&
!cred->callback_running) {
- cred->callback_running = True;
+ cred->callback_running = true;
cred->domain = cred->domain_cb(cred);
- cred->callback_running = False;
+ cred->callback_running = false;
cred->domain_obtained = CRED_SPECIFIED;
cli_credentials_invalidate_ccache(cred, cred->domain_obtained);
}
}
-BOOL cli_credentials_set_domain(struct cli_credentials *cred,
+bool cli_credentials_set_domain(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
cred->domain = strupper_talloc(cred, val);
cred->domain_obtained = obtained;
cli_credentials_invalidate_ccache(cred, cred->domain_obtained);
- return True;
+ return true;
}
- return False;
+ return false;
}
-BOOL cli_credentials_set_domain_callback(struct cli_credentials *cred,
+bool cli_credentials_set_domain_callback(struct cli_credentials *cred,
const char *(*domain_cb) (struct cli_credentials *))
{
if (cred->domain_obtained < CRED_CALLBACK) {
cred->domain_cb = domain_cb;
cred->domain_obtained = CRED_CALLBACK;
- return True;
+ return true;
}
- return False;
+ return false;
}
/**
if (cred->realm_obtained == CRED_CALLBACK &&
!cred->callback_running) {
- cred->callback_running = True;
+ cred->callback_running = true;
cred->realm = cred->realm_cb(cred);
- cred->callback_running = False;
+ cred->callback_running = false;
cred->realm_obtained = CRED_SPECIFIED;
cli_credentials_invalidate_ccache(cred, cred->realm_obtained);
}
* Set the realm for this credentials context, and force it to
* uppercase for the sainity of our local kerberos libraries
*/
-BOOL cli_credentials_set_realm(struct cli_credentials *cred,
+bool cli_credentials_set_realm(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
cred->realm = strupper_talloc(cred, val);
cred->realm_obtained = obtained;
cli_credentials_invalidate_ccache(cred, cred->realm_obtained);
- return True;
+ return true;
}
- return False;
+ return false;
}
-BOOL cli_credentials_set_realm_callback(struct cli_credentials *cred,
+bool cli_credentials_set_realm_callback(struct cli_credentials *cred,
const char *(*realm_cb) (struct cli_credentials *))
{
if (cred->realm_obtained < CRED_CALLBACK) {
cred->realm_cb = realm_cb;
cred->realm_obtained = CRED_CALLBACK;
- return True;
+ return true;
}
- return False;
+ return false;
}
/**
{
if (cred->workstation_obtained == CRED_CALLBACK &&
!cred->callback_running) {
- cred->callback_running = True;
+ cred->callback_running = true;
cred->workstation = cred->workstation_cb(cred);
- cred->callback_running = False;
+ cred->callback_running = false;
cred->workstation_obtained = CRED_SPECIFIED;
}
return cred->workstation;
}
-BOOL cli_credentials_set_workstation(struct cli_credentials *cred,
+bool cli_credentials_set_workstation(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
if (obtained >= cred->workstation_obtained) {
cred->workstation = talloc_strdup(cred, val);
cred->workstation_obtained = obtained;
- return True;
+ return true;
}
- return False;
+ return false;
}
-BOOL cli_credentials_set_workstation_callback(struct cli_credentials *cred,
+bool cli_credentials_set_workstation_callback(struct cli_credentials *cred,
const char *(*workstation_cb) (struct cli_credentials *))
{
if (cred->workstation_obtained < CRED_CALLBACK) {
cred->workstation_cb = workstation_cb;
cred->workstation_obtained = CRED_CALLBACK;
- return True;
+ return true;
}
- return False;
+ return false;
}
/**
/**
* Describe a credentials context as anonymous or authenticated
- * @retval True if anonymous, False if a username is specified
+ * @retval true if anonymous, false if a username is specified
*/
-BOOL cli_credentials_is_anonymous(struct cli_credentials *cred)
+bool cli_credentials_is_anonymous(struct cli_credentials *cred)
{
const char *username;
* here - anonymous is "", not NULL, which is 'never specified,
* never guessed', ie programmer bug */
if (!username[0]) {
- return True;
+ return true;
}
- return False;
+ return false;
}
/**
*
* @retval whether the credentials struct is finished
*/
-BOOL cli_credentials_wrong_password(struct cli_credentials *cred)
+bool cli_credentials_wrong_password(struct cli_credentials *cred)
{
if (cred->password_obtained != CRED_CALLBACK_RESULT) {
- return False;
+ return false;
}
cred->password_obtained = CRED_CALLBACK;
* @param obtained This enum describes how 'specified' this password is
*/
-BOOL cli_credentials_parse_password_fd(struct cli_credentials *credentials,
+bool cli_credentials_parse_password_fd(struct cli_credentials *credentials,
int fd, enum credentials_obtained obtained)
{
char *p;
break;
} else {
fprintf(stderr, "Error reading password from file descriptor %d: %s\n", fd, "empty password\n");
- return False;
+ return false;
}
default:
fprintf(stderr, "Error reading password from file descriptor %d: %s\n",
fd, strerror(errno));
- return False;
+ return false;
}
}
cli_credentials_set_password(credentials, pass, obtained);
- return True;
+ return true;
}
/**
* @param obtained This enum describes how 'specified' this password is
*/
-BOOL cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained)
+bool cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained)
{
int fd = open(file, O_RDONLY, 0);
- BOOL ret;
+ bool ret;
if (fd < 0) {
fprintf(stderr, "Error opening password file %s: %s\n",
file, strerror(errno));
- return False;
+ return false;
}
ret = cli_credentials_parse_password_fd(credentials, fd, obtained);
* @param obtained This enum describes how 'specified' this password is
*/
-BOOL cli_credentials_parse_file(struct cli_credentials *cred, const char *file, enum credentials_obtained obtained)
+bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file, enum credentials_obtained obtained)
{
uint16_t len = 0;
char *ptr, *val, *param;
{
/* fail if we can't open the credentials file */
d_printf("ERROR: Unable to open credentials file!\n");
- return False;
+ return false;
}
for (i = 0; i < numlines; i++) {
talloc_free(lines);
- return True;
+ return true;
}
const char *keytab;
/* ok, we are going to get it now, don't recurse back here */
- cred->machine_account_pending = False;
+ cred->machine_account_pending = false;
/* some other parts of the system will key off this */
- cred->machine_account = True;
+ cred->machine_account = true;
mem_ctx = talloc_named(cred, 0, "cli_credentials fetch machine password");
/* Bleh, nasty recursion issues: We are setting a machine
* account here, so we don't want the 'pending' flag around
* any more */
- cred->machine_account_pending = False;
+ cred->machine_account_pending = false;
filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER,
cli_credentials_get_domain(cred));
return cli_credentials_set_secrets(cred, NULL, SECRETS_PRIMARY_DOMAIN_DN,
/* Bleh, nasty recursion issues: We are setting a machine
* account here, so we don't want the 'pending' flag around
* any more */
- cred->machine_account_pending = False;
+ cred->machine_account_pending = false;
filter = talloc_asprintf(cred, SECRETS_KRBTGT_SEARCH,
cli_credentials_get_realm(cred),
cli_credentials_get_domain(cred));
/* Bleh, nasty recursion issues: We are setting a machine
* account here, so we don't want the 'pending' flag around
* any more */
- cred->machine_account_pending = False;
+ cred->machine_account_pending = false;
filter = talloc_asprintf(cred, SECRETS_PRINCIPAL_SEARCH,
cli_credentials_get_realm(cred),
cli_credentials_get_domain(cred),
*/
void cli_credentials_set_machine_account_pending(struct cli_credentials *cred)
{
- cred->machine_account_pending = True;
+ cred->machine_account_pending = true;
}
}
switch (use_kerberos) {
case CRED_DONT_USE_KERBEROS:
- if (old_gensec_list[i]->kerberos == False) {
+ if (old_gensec_list[i]->kerberos == false) {
new_gensec_list[j] = old_gensec_list[i];
j++;
}
break;
case CRED_MUST_USE_KERBEROS:
- if (old_gensec_list[i]->kerberos == True) {
+ if (old_gensec_list[i]->kerberos == true) {
new_gensec_list[j] = old_gensec_list[i];
j++;
}
ZERO_STRUCT((*gensec_security)->peer_addr);
ZERO_STRUCT((*gensec_security)->my_addr);
- (*gensec_security)->subcontext = False;
+ (*gensec_security)->subcontext = false;
(*gensec_security)->want_features = 0;
if (ev == NULL) {
(*gensec_security)->ops = NULL;
(*gensec_security)->private_data = NULL;
- (*gensec_security)->subcontext = True;
+ (*gensec_security)->subcontext = true;
(*gensec_security)->event_ctx = parent->event_ctx;
(*gensec_security)->msg_ctx = parent->msg_ctx;
*
*/
-_PUBLIC_ BOOL gensec_have_feature(struct gensec_security *gensec_security,
+_PUBLIC_ bool gensec_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
if (!gensec_security->ops->have_feature) {
- return False;
+ return false;
}
/* We might 'have' features that we don't 'want', because the
*/
NTSTATUS gensec_init(void)
{
- static BOOL initialized = False;
+ static bool initialized = false;
init_module_fn static_init[] = STATIC_gensec_MODULES;
init_module_fn *shared_init;
if (initialized) return NT_STATUS_OK;
- initialized = True;
+ initialized = true;
shared_init = load_samba_modules(NULL, global_loadparm, "gensec");
gss_cred_id_t delegated_cred_handle;
- BOOL sasl; /* We have two different mechs in this file: One
+ bool sasl; /* We have two different mechs in this file: One
* for SASL wrapped GSSAPI and another for normal
* GSSAPI */
enum gensec_gssapi_sasl_state sasl_state;
gensec_gssapi_state->max_wrap_buf_size
= lp_parm_int(global_loadparm, NULL, "gensec_gssapi", "max wrap buf size", 65536);
- gensec_gssapi_state->sasl = False;
+ gensec_gssapi_state->sasl = false;
gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
gensec_security->private_data = gensec_gssapi_state;
if (NT_STATUS_IS_OK(nt_status)) {
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
- gensec_gssapi_state->sasl = True;
+ gensec_gssapi_state->sasl = true;
}
return nt_status;
}
if (NT_STATUS_IS_OK(nt_status)) {
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
- gensec_gssapi_state->sasl = True;
+ gensec_gssapi_state->sasl = true;
}
return nt_status;
}
maj_stat = gss_wrap(&min_stat,
gensec_gssapi_state->gssapi_context,
- False,
+ false,
GSS_C_QOP_DEFAULT,
&input_token,
&conf_state,
maj_stat = gss_wrap(&min_stat,
gensec_gssapi_state->gssapi_context,
- False,
+ false,
GSS_C_QOP_DEFAULT,
&input_token,
&conf_state,
}
/* Try to figure out what features we actually got on the connection */
-static BOOL gensec_gssapi_have_feature(struct gensec_security *gensec_security,
+static bool gensec_gssapi_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
struct gensec_gssapi_state *gensec_gssapi_state
if (feature & GENSEC_FEATURE_SESSION_KEY) {
/* Only for GSSAPI/Krb5 */
if (gss_oid_equal(gensec_gssapi_state->gss_oid, gss_mech_krb5)) {
- return True;
+ return true;
}
}
if (feature & GENSEC_FEATURE_DCE_STYLE) {
}
/* We can always do async (rather than strict request/reply) packets. */
if (feature & GENSEC_FEATURE_ASYNC_REPLIES) {
- return True;
+ return true;
}
- return False;
+ return false;
}
/*
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = False,
- .kerberos = True,
+ .enabled = false,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};
.wrap = gensec_gssapi_wrap,
.unwrap = gensec_gssapi_unwrap,
.have_feature = gensec_gssapi_have_feature,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_GSSAPI
};
krb5_data enc_ticket;
krb5_keyblock *keyblock;
krb5_ticket *ticket;
- BOOL gssapi;
+ bool gssapi;
};
static int gensec_krb5_destroy(struct gensec_krb5_state *gensec_krb5_state)
gensec_krb5_state->keyblock = NULL;
gensec_krb5_state->session_key = data_blob(NULL, 0);
gensec_krb5_state->pac = data_blob(NULL, 0);
- gensec_krb5_state->gssapi = False;
+ gensec_krb5_state->gssapi = false;
talloc_set_destructor(gensec_krb5_state, gensec_krb5_destroy);
if (NT_STATUS_IS_OK(nt_status)) {
struct gensec_krb5_state *gensec_krb5_state;
gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
- gensec_krb5_state->gssapi = True;
+ gensec_krb5_state->gssapi = true;
}
return nt_status;
}
if (NT_STATUS_IS_OK(nt_status)) {
struct gensec_krb5_state *gensec_krb5_state;
gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
- gensec_krb5_state->gssapi = True;
+ gensec_krb5_state->gssapi = true;
}
return nt_status;
}
return NT_STATUS_OK;
}
-static BOOL gensec_krb5_have_feature(struct gensec_security *gensec_security,
+static bool gensec_krb5_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
struct gensec_krb5_state *gensec_krb5_state = (struct gensec_krb5_state *)gensec_security->private_data;
if (feature & GENSEC_FEATURE_SESSION_KEY) {
- return True;
+ return true;
}
if (!gensec_krb5_state->gssapi &&
(feature & GENSEC_FEATURE_SEAL)) {
- return True;
+ return true;
}
- return False;
+ return false;
}
static const char *gensec_krb5_oids[] = {
.session_key = gensec_krb5_session_key,
.session_info = gensec_krb5_session_info,
.have_feature = gensec_krb5_have_feature,
- .enabled = False,
- .kerberos = True,
+ .enabled = false,
+ .kerberos = true,
.priority = GENSEC_KRB5
};
.have_feature = gensec_krb5_have_feature,
.wrap = gensec_krb5_wrap,
.unwrap = gensec_krb5_unwrap,
- .enabled = True,
- .kerberos = True,
+ .enabled = true,
+ .kerberos = true,
.priority = GENSEC_KRB5
};
}
state = (struct schannel_state *)gensec_security->private_data;
- state->initiator = False;
+ state->initiator = false;
return NT_STATUS_OK;
}
}
state = (struct schannel_state *)gensec_security->private_data;
- state->initiator = True;
+ state->initiator = true;
return NT_STATUS_OK;
}
-static BOOL schannel_have_feature(struct gensec_security *gensec_security,
+static bool schannel_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
if (feature & (GENSEC_FEATURE_SIGN |
GENSEC_FEATURE_SEAL)) {
- return True;
+ return true;
}
if (feature & GENSEC_FEATURE_DCE_STYLE) {
- return True;
+ return true;
}
if (feature & GENSEC_FEATURE_ASYNC_REPLIES) {
- return True;
+ return true;
}
- return False;
+ return false;
}
.session_info = schannel_session_info,
.sig_size = schannel_sig_size,
.have_feature = schannel_have_feature,
- .enabled = True,
+ .enabled = true,
.priority = GENSEC_SCHANNEL
};
{
char *path;
struct ldb_context *ldb;
- BOOL existed;
+ bool existed;
const char *init_ldif =
"dn: @ATTRIBUTES\n" \
"computerName: CASE_INSENSITIVE\n" \
struct packet_context *packet;
DATA_BLOB read_buffer; /* SASL packets are turned into liniarlised data here, for reading */
size_t orig_send_len;
- BOOL eof;
+ bool eof;
NTSTATUS error;
- BOOL interrupted;
+ bool interrupted;
void (*recv_handler)(void *, uint16_t);
void *recv_private;
int in_extra_read;
- BOOL wrap; /* Should we be wrapping on this socket at all? */
+ bool wrap; /* Should we be wrapping on this socket at all? */
};
static NTSTATUS gensec_socket_init_fn(struct socket_context *sock)
{
struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
if (NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)) {
- gensec_socket->eof = True;
+ gensec_socket->eof = true;
} else {
gensec_socket->error = status;
}
static void send_callback(void *private)
{
struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
- gensec_socket->interrupted = False;
+ gensec_socket->interrupted = false;
}
/*
return nt_status;
}
- gensec_socket->interrupted = True;
+ gensec_socket->interrupted = true;
gensec_socket->error = NT_STATUS_OK;
nt_status = packet_send_callback(gensec_socket->packet,
if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL) &&
!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
- gensec_socket->wrap = False;
+ gensec_socket->wrap = false;
*new_socket = new_sock;
return NT_STATUS_OK;
}
gensec_socket->gensec_security = gensec_security;
- gensec_socket->wrap = True;
- gensec_socket->eof = False;
+ gensec_socket->wrap = true;
+ gensec_socket->eof = false;
gensec_socket->error = NT_STATUS_OK;
- gensec_socket->interrupted = False;
+ gensec_socket->interrupted = false;
gensec_socket->in_extra_read = 0;
gensec_socket->read_buffer = data_blob(NULL, 0);
enum spnego_message_type expected_packet;
enum spnego_state_position state_position;
struct gensec_security *sub_sec_security;
- BOOL no_response_expected;
+ bool no_response_expected;
const char *neg_oid;
};
spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
spnego_state->state_position = SPNEGO_CLIENT_START;
spnego_state->sub_sec_security = NULL;
- spnego_state->no_response_expected = False;
+ spnego_state->no_response_expected = false;
gensec_security->private_data = spnego_state;
return NT_STATUS_OK;
spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
spnego_state->state_position = SPNEGO_SERVER_START;
spnego_state->sub_sec_security = NULL;
- spnego_state->no_response_expected = False;
+ spnego_state->no_response_expected = false;
gensec_security->private_data = spnego_state;
return NT_STATUS_OK;
struct gensec_security_ops **all_ops
= gensec_security_mechs(gensec_security, out_mem_ctx);
for (i=0; all_ops[i]; i++) {
- BOOL is_spnego;
+ bool is_spnego;
NTSTATUS nt_status;
if (!all_ops[i]->oid) {
continue;
}
- is_spnego = False;
+ is_spnego = false;
for (j=0; all_ops[i]->oid[j]; j++) {
if (strcasecmp(GENSEC_OID_SPNEGO,all_ops[i]->oid[j]) == 0) {
- is_spnego = True;
+ is_spnego = true;
}
}
if (is_spnego) {
spnego_state->neg_oid = all_sec[i].oid;
if (NT_STATUS_IS_OK(nt_status)) {
- spnego_state->no_response_expected = True;
+ spnego_state->no_response_expected = true;
}
return NT_STATUS_MORE_PROCESSING_REQUIRED;
spnego_state->state_position = SPNEGO_CLIENT_TARG;
if (NT_STATUS_IS_OK(nt_status)) {
- spnego_state->no_response_expected = True;
+ spnego_state->no_response_expected = true;
}
spnego_free_data(&spnego);
&unwrapped_out);
if (NT_STATUS_IS_OK(nt_status)) {
- spnego_state->no_response_expected = True;
+ spnego_state->no_response_expected = true;
}
}
return NT_STATUS_INVALID_PARAMETER;
}
-static BOOL gensec_spnego_have_feature(struct gensec_security *gensec_security,
+static bool gensec_spnego_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
struct spnego_state *spnego_state = (struct spnego_state *)gensec_security->private_data;
if (!spnego_state->sub_sec_security) {
- return False;
+ return false;
}
return gensec_have_feature(spnego_state->sub_sec_security,
.session_key = gensec_spnego_session_key,
.session_info = gensec_spnego_session_info,
.have_feature = gensec_spnego_have_feature,
- .enabled = True,
+ .enabled = true,
.priority = GENSEC_SPNEGO
};
#include "auth/gensec/gensec.h"
#include "libcli/util/asn_1.h"
-static BOOL read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
+static bool read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
struct spnego_negTokenInit *token)
{
ZERO_STRUCTP(token);
int i;
uint8_t context;
if (!asn1_peek_uint8(asn1, &context)) {
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
uint8_t type_peek;
asn1_start_tag(asn1, ASN1_CONTEXT(3));
if (!asn1_peek_uint8(asn1, &type_peek)) {
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
if (type_peek == ASN1_OCTET_STRING) {
break;
}
default:
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
}
return !asn1->has_error;
}
-static BOOL write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit *token)
+static bool write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit *token)
{
asn1_push_tag(asn1, ASN1_CONTEXT(0));
asn1_push_tag(asn1, ASN1_SEQUENCE(0));
return !asn1->has_error;
}
-static BOOL read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
+static bool read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
struct spnego_negTokenTarg *token)
{
ZERO_STRUCTP(token);
while (!asn1->has_error && 0 < asn1_tag_remaining(asn1)) {
uint8_t context;
if (!asn1_peek_uint8(asn1, &context)) {
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
asn1_end_tag(asn1);
break;
default:
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
}
return !asn1->has_error;
}
-static BOOL write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTarg *token)
+static bool write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTarg *token)
{
asn1_push_tag(asn1, ASN1_CONTEXT(1));
asn1_push_tag(asn1, ASN1_SEQUENCE(0));
asn1_load(asn1, data);
if (!asn1_peek_uint8(asn1, &context)) {
- asn1->has_error = True;
+ asn1->has_error = true;
} else {
switch (context) {
case ASN1_APPLICATION(0):
}
break;
default:
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
}
write_negTokenTarg(asn1, &spnego->negTokenTarg);
break;
default:
- asn1->has_error = True;
+ asn1->has_error = true;
break;
}
return ret;
}
-BOOL spnego_free_data(struct spnego_data *spnego)
+bool spnego_free_data(struct spnego_data *spnego)
{
- BOOL ret = True;
+ bool ret = true;
if (!spnego) goto out;
data_blob_free(&spnego->negTokenTarg.mechListMIC);
break;
default:
- ret = False;
+ ret = false;
break;
}
ZERO_STRUCTP(spnego);
/*
parse a krb5 GSS-API wrapper packet giving a ticket
*/
-BOOL gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, DATA_BLOB *ticket, uint8_t tok_id[2])
+bool gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, DATA_BLOB *ticket, uint8_t tok_id[2])
{
- BOOL ret;
+ bool ret;
struct asn1_data *data = asn1_init(mem_ctx);
int data_remaining;
if (!data) {
- return False;
+ return false;
}
asn1_load(data, *blob);
data_remaining = asn1_tag_remaining(data);
if (data_remaining < 3) {
- data->has_error = True;
+ data->has_error = true;
} else {
asn1_read(data, tok_id, 2);
data_remaining -= 2;
/*
check a GSS-API wrapper packet givin an expected OID
*/
-BOOL gensec_gssapi_check_oid(const DATA_BLOB *blob, const char *oid)
+bool gensec_gssapi_check_oid(const DATA_BLOB *blob, const char *oid)
{
- BOOL ret;
+ bool ret;
struct asn1_data *data = asn1_init(NULL);
- if (!data) return False;
+ if (!data) return false;
asn1_load(data, *blob);
asn1_start_tag(data, ASN1_APPLICATION(0));
struct smb_krb5_context *smb_krb5_context,
const char **enctype_strings,
krb5_keytab keytab,
- BOOL add_old)
+ bool add_old)
{
krb5_error_code ret;
const char *password_s;
static krb5_error_code remove_old_entries(TALLOC_CTX *parent_ctx,
struct cli_credentials *machine_account,
struct smb_krb5_context *smb_krb5_context,
- krb5_keytab keytab, BOOL *found_previous)
+ krb5_keytab keytab, bool *found_previous)
{
krb5_error_code ret, ret2;
krb5_kt_cursor cursor;
return ENOMEM;
}
- *found_previous = False;
+ *found_previous = false;
princ_string = cli_credentials_get_principal(machine_account, mem_ctx);
/* Get the principal we will store the new keytab entries under */
}
} else {
- *found_previous = True;
+ *found_previous = true;
}
/* Free the entry, we don't need it any more */
struct keytab_container *keytab_container)
{
krb5_error_code ret;
- BOOL found_previous;
+ bool found_previous;
TALLOC_CTX *mem_ctx = talloc_new(parent_ctx);
if (!mem_ctx) {
return ENOMEM;
ret = create_keytab(mem_ctx, machine_account, smb_krb5_context,
enctype_strings,
keytab_container->keytab,
- found_previous ? False : True);
+ found_previous ? false : true);
talloc_free(mem_ctx);
return ret;
}
Core of smb password checking routine.
****************************************************************************/
-static BOOL smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx,
+static bool smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx,
const DATA_BLOB *nt_response,
const uint8_t *part_passwd,
const DATA_BLOB *sec_blob,
if (part_passwd == NULL) {
DEBUG(10,("No password set - DISALLOWING access\n"));
/* No password set - always false ! */
- return False;
+ return false;
}
if (sec_blob->length != 8) {
DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%lu)\n",
(unsigned long)sec_blob->length));
- return False;
+ return false;
}
if (nt_response->length != 24) {
DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect password length (%lu)\n",
(unsigned long)nt_response->length));
- return False;
+ return false;
}
SMBOWFencrypt(part_passwd, sec_blob->data, p24);
*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
SMBsesskeygen_ntv1(part_passwd, user_sess_key->data);
}
- return True;
+ return true;
}
- return False;
+ return false;
}
/****************************************************************************
Note: The same code works with both NTLMv2 and LMv2.
****************************************************************************/
-static BOOL smb_pwd_check_ntlmv2(TALLOC_CTX *mem_ctx,
+static bool smb_pwd_check_ntlmv2(TALLOC_CTX *mem_ctx,
const DATA_BLOB *ntv2_response,
const uint8_t *part_passwd,
const DATA_BLOB *sec_blob,
const char *user, const char *domain,
- BOOL upper_case_domain, /* should the domain be transformed into upper case? */
+ bool upper_case_domain, /* should the domain be transformed into upper case? */
DATA_BLOB *user_sess_key)
{
/* Finish the encryption of part_passwd. */
if (part_passwd == NULL) {
DEBUG(10,("No password set - DISALLOWING access\n"));
- /* No password set - always False */
- return False;
+ /* No password set - always false */
+ return false;
}
if (sec_blob->length != 8) {
DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect challenge size (%lu)\n",
(unsigned long)sec_blob->length));
- return False;
+ return false;
}
if (ntv2_response->length < 24) {
for LMv2, let alone NTLMv2. */
DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect password length (%lu)\n",
(unsigned long)ntv2_response->length));
- return False;
+ return false;
}
client_key_data = data_blob_talloc(mem_ctx, ntv2_response->data+16, ntv2_response->length-16);
*/
if (!ntv2_owf_gen(part_passwd, user, domain, upper_case_domain, kr)) {
- return False;
+ return false;
}
SMBOWFencrypt_ntv2(kr, sec_blob, &client_key_data, value_from_encryption);
*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key->data);
}
- return True;
+ return true;
}
- return False;
+ return false;
}
/****************************************************************************
Note: The same code works with both NTLMv2 and LMv2.
****************************************************************************/
-static BOOL smb_sess_key_ntlmv2(TALLOC_CTX *mem_ctx,
+static bool smb_sess_key_ntlmv2(TALLOC_CTX *mem_ctx,
const DATA_BLOB *ntv2_response,
const uint8_t *part_passwd,
const DATA_BLOB *sec_blob,
const char *user, const char *domain,
- BOOL upper_case_domain, /* should the domain be transformed into upper case? */
+ bool upper_case_domain, /* should the domain be transformed into upper case? */
DATA_BLOB *user_sess_key)
{
/* Finish the encryption of part_passwd. */
if (part_passwd == NULL) {
DEBUG(10,("No password set - DISALLOWING access\n"));
- /* No password set - always False */
- return False;
+ /* No password set - always false */
+ return false;
}
if (sec_blob->length != 8) {
DEBUG(0, ("smb_sess_key_ntlmv2: incorrect challenge size (%lu)\n",
(unsigned long)sec_blob->length));
- return False;
+ return false;
}
if (ntv2_response->length < 24) {
for LMv2, let alone NTLMv2. */
DEBUG(0, ("smb_sess_key_ntlmv2: incorrect password length (%lu)\n",
(unsigned long)ntv2_response->length));
- return False;
+ return false;
}
client_key_data = data_blob_talloc(mem_ctx, ntv2_response->data+16, ntv2_response->length-16);
if (!ntv2_owf_gen(part_passwd, user, domain, upper_case_domain, kr)) {
- return False;
+ return false;
}
SMBOWFencrypt_ntv2(kr, sec_blob, &client_key_data, value_from_encryption);
*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key->data);
- return True;
+ return true;
}
/**
struct samr_Password client_nt;
struct samr_Password client_lm;
char *unix_pw = NULL;
- BOOL lm_ok;
+ bool lm_ok;
DEBUG(4,("ntlm_password_check: checking plaintext passwords for user %s\n",
username));
lm_response->data, lm_response->length,
(void **)&unix_pw) != -1)) {
if (E_deshash(unix_pw, client_lm.hash)) {
- lm_ok = True;
+ lm_ok = true;
} else {
- lm_ok = False;
+ lm_ok = false;
}
} else {
- lm_ok = False;
+ lm_ok = false;
}
return hash_password_check(mem_ctx,
lm_ok ? &client_lm : NULL,
stored_nt->hash, challenge,
client_username,
client_domain,
- False,
+ false,
user_sess_key)) {
*lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
stored_nt->hash, challenge,
client_username,
client_domain,
- True,
+ true,
user_sess_key)) {
*lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
stored_nt->hash, challenge,
client_username,
"",
- False,
+ false,
user_sess_key)) {
*lm_sess_key = *user_sess_key;
if (user_sess_key->length) {
stored_nt->hash, challenge,
client_username,
client_domain,
- False,
+ false,
&tmp_sess_key)) {
if (nt_response->length > 24) {
/* If NTLMv2 authentication has preceeded us
stored_nt->hash, challenge,
client_username,
client_domain,
- False,
+ false,
user_sess_key);
} else {
/* Otherwise, use the LMv2 session key */
stored_nt->hash, challenge,
client_username,
client_domain,
- True,
+ true,
&tmp_sess_key)) {
if (nt_response->length > 24) {
/* If NTLMv2 authentication has preceeded us
stored_nt->hash, challenge,
client_username,
client_domain,
- True,
+ true,
user_sess_key);
} else {
/* Otherwise, use the LMv2 session key */
stored_nt->hash, challenge,
client_username,
"",
- False,
+ false,
&tmp_sess_key)) {
if (nt_response->length > 24) {
/* If NTLMv2 authentication has preceeded us
stored_nt->hash, challenge,
client_username,
"",
- False,
+ false,
user_sess_key);
} else {
/* Otherwise, use the LMv2 session key */
}
void ntlmssp_handle_neg_flags(struct gensec_ntlmssp_state *gensec_ntlmssp_state,
- uint32_t neg_flags, BOOL allow_lm)
+ uint32_t neg_flags, bool allow_lm)
{
if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_OEM;
- gensec_ntlmssp_state->unicode = True;
+ gensec_ntlmssp_state->unicode = true;
} else {
gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_UNICODE;
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_OEM;
- gensec_ntlmssp_state->unicode = False;
+ gensec_ntlmssp_state->unicode = false;
}
if ((neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) && allow_lm && !gensec_ntlmssp_state->use_ntlmv2) {
return weakened_key;
}
-static BOOL gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
+static bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
uint32_t feature)
{
struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
if (feature & GENSEC_FEATURE_SIGN) {
if (!gensec_ntlmssp_state->session_key.length) {
- return False;
+ return false;
}
if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN) {
- return True;
+ return true;
}
}
if (feature & GENSEC_FEATURE_SEAL) {
if (!gensec_ntlmssp_state->session_key.length) {
- return False;
+ return false;
}
if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL) {
- return True;
+ return true;
}
}
if (feature & GENSEC_FEATURE_SESSION_KEY) {
if (gensec_ntlmssp_state->session_key.length) {
- return True;
+ return true;
}
}
if (feature & GENSEC_FEATURE_DCE_STYLE) {
- return True;
+ return true;
}
if (feature & GENSEC_FEATURE_ASYNC_REPLIES) {
if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
- return True;
+ return true;
}
}
- return False;
+ return false;
}
NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security)
.session_key = gensec_ntlmssp_session_key,
.session_info = gensec_ntlmssp_session_info,
.have_feature = gensec_ntlmssp_have_feature,
- .enabled = True,
+ .enabled = true,
.priority = GENSEC_NTLMSSP
};
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
} else {
/* apparently we can't do ntlmv2 if we don't do ntlm2 */
- gensec_ntlmssp_state->use_ntlmv2 = False;
+ gensec_ntlmssp_state->use_ntlmv2 = false;
}
if (gensec_security->want_features & GENSEC_FEATURE_SESSION_KEY) {
d = word (4 bytes)
C = constant ascii string
*/
-BOOL msrpc_gen(TALLOC_CTX *mem_ctx, DATA_BLOB *blob,
+bool msrpc_gen(TALLOC_CTX *mem_ctx, DATA_BLOB *blob,
const char *format, ...)
{
int i;
head_size += 8;
n = push_ucs2_talloc(pointers, (void **)&pointers[i].data, s);
if (n == -1) {
- return False;
+ return false;
}
pointers[i].length = n;
pointers[i].length -= 2;
head_size += 8;
n = push_ascii_talloc(pointers, (char **)&pointers[i].data, s);
if (n == -1) {
- return False;
+ return false;
}
pointers[i].length = n;
pointers[i].length -= 1;
s = va_arg(ap, char *);
n = push_ucs2_talloc(pointers, (void **)&pointers[i].data, s);
if (n == -1) {
- return False;
+ return false;
}
pointers[i].length = n;
pointers[i].length -= 2;
talloc_free(pointers);
- return True;
+ return true;
}
/* a helpful macro to avoid running over the end of our blob */
#define NEED_DATA(amount) \
if ((head_ofs + amount) > blob->length) { \
- return False; \
+ return false; \
}
/*
C = constant ascii string
*/
-BOOL msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
+bool msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
const char *format, ...)
{
int i;
} else {
/* make sure its in the right format - be strict */
if ((len1 != len2) || (ptr + len1 < ptr) || (ptr + len1 < len1) || (ptr + len1 > blob->length)) {
- return False;
+ return false;
}
if (len1 & 1) {
/* if odd length and unicode */
- return False;
+ return false;
}
if (blob->data + ptr < (uint8_t *)ptr || blob->data + ptr < blob->data)
- return False;
+ return false;
if (0 < len1) {
pull_string(p, blob->data + ptr, sizeof(p),
len1, STR_UNICODE|STR_NOALIGN);
(*ps) = talloc_strdup(mem_ctx, p);
if (!(*ps)) {
- return False;
+ return false;
}
} else {
(*ps) = "";
*ps = "";
} else {
if ((len1 != len2) || (ptr + len1 < ptr) || (ptr + len1 < len1) || (ptr + len1 > blob->length)) {
- return False;
+ return false;
}
if (blob->data + ptr < (uint8_t *)ptr || blob->data + ptr < blob->data)
- return False;
+ return false;
if (0 < len1) {
pull_string(p, blob->data + ptr, sizeof(p),
len1, STR_ASCII|STR_NOALIGN);
(*ps) = talloc_strdup(mem_ctx, p);
if (!(*ps)) {
- return False;
+ return false;
}
} else {
(*ps) = "";
} else {
/* make sure its in the right format - be strict */
if ((len1 != len2) || (ptr + len1 < ptr) || (ptr + len1 < len1) || (ptr + len1 > blob->length)) {
- return False;
+ return false;
}
if (blob->data + ptr < (uint8_t *)ptr || blob->data + ptr < blob->data)
- return False;
+ return false;
*b = data_blob_talloc(mem_ctx, blob->data + ptr, len1);
}
/* make sure its in the right format - be strict */
NEED_DATA(len1);
if (blob->data + head_ofs < (uint8_t *)head_ofs || blob->data + head_ofs < blob->data)
- return False;
+ return false;
*b = data_blob_talloc(mem_ctx, blob->data + head_ofs, len1);
head_ofs += len1;
s = va_arg(ap, char *);
if (blob->data + head_ofs < (uint8_t *)head_ofs || blob->data + head_ofs < blob->data)
- return False;
+ return false;
head_ofs += pull_string(p, blob->data+head_ofs, sizeof(p),
blob->length - head_ofs,
STR_ASCII|STR_TERMINATE);
if (strcmp(s, p) != 0) {
- return False;
+ return false;
}
break;
}
}
va_end(ap);
- return True;
+ return true;
}
SMB_ASSERT(gensec_ntlmssp_state->internal_chal.data
&& gensec_ntlmssp_state->internal_chal.length == 8);
- gensec_ntlmssp_state->doing_ntlm2 = True;
+ gensec_ntlmssp_state->doing_ntlm2 = true;
memcpy(gensec_ntlmssp_state->crypt.ntlm2.session_nonce, gensec_ntlmssp_state->internal_chal.data, 8);
memcpy(&gensec_ntlmssp_state->crypt.ntlm2.session_nonce[8], gensec_ntlmssp_state->lm_resp.data, 8);
*
* @return If the effective challenge used by the auth subsystem may be modified
*/
-static BOOL auth_ntlmssp_may_set_challenge(const struct gensec_ntlmssp_state *gensec_ntlmssp_state)
+static bool auth_ntlmssp_may_set_challenge(const struct gensec_ntlmssp_state *gensec_ntlmssp_state)
{
return auth_challenge_may_be_modified(gensec_ntlmssp_state->auth_context);
}
user_info->logon_parameters = MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT | MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT;
user_info->flags = 0;
- user_info->mapped_state = False;
+ user_info->mapped_state = false;
user_info->client.account_name = gensec_ntlmssp_state->user;
user_info->client.domain_name = gensec_ntlmssp_state->domain;
user_info->workstation_name = gensec_ntlmssp_state->workstation;
gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth(global_loadparm)
&& lp_parm_bool(global_loadparm, NULL, "ntlmssp_server", "allow_lm_key", false));
- gensec_ntlmssp_state->server_multiple_authentications = False;
+ gensec_ntlmssp_state->server_multiple_authentications = false;
gensec_ntlmssp_state->neg_flags =
NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_UNKNOWN_02000000;
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
enum ntlmssp_direction direction,
- DATA_BLOB *sig, BOOL encrypt_sig)
+ DATA_BLOB *sig, bool encrypt_sig)
{
if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
return ntlmssp_make_packet_signature(gensec_ntlmssp_state, sig_mem_ctx,
data, length,
whole_pdu, pdu_length,
- NTLMSSP_SEND, sig, True);
+ NTLMSSP_SEND, sig, true);
}
/**
nt_status = ntlmssp_make_packet_signature(gensec_ntlmssp_state, sig_mem_ctx,
data, length,
whole_pdu, pdu_length,
- NTLMSSP_RECEIVE, &local_sig, True);
+ NTLMSSP_RECEIVE, &local_sig, true);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("NTLMSSP packet check failed with %s\n", nt_errstr(nt_status)));
nt_status = ntlmssp_make_packet_signature(gensec_ntlmssp_state, sig_mem_ctx,
data, length,
whole_pdu, pdu_length,
- NTLMSSP_SEND, sig, False);
+ NTLMSSP_SEND, sig, false);
arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state, data, length);
if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state, sig->data+4, 8);
bitmask.
****************************************************************************/
-static BOOL logon_hours_ok(struct ldb_message *msg, const char *name_for_logs)
+static bool logon_hours_ok(struct ldb_message *msg, const char *name_for_logs)
{
/* In logon hours first bit is Sunday from 12AM to 1AM */
const struct ldb_val *hours;
hours = ldb_msg_find_ldb_val(msg, "logonHours");
if (!hours) {
DEBUG(5,("logon_hours_ok: No hours restrictions for user %s\n", name_for_logs));
- return True;
+ return true;
}
if (hours->length != 168/8) {
DEBUG(5,("logon_hours_ok: malformed logon hours restrictions for user %s\n", name_for_logs));
- return True;
+ return true;
}
lasttime = time(NULL);
if (!utctime) {
DEBUG(1, ("logon_hours_ok: failed to get gmtime. Failing logon for user %s\n",
name_for_logs));
- return False;
+ return false;
}
/* find the corresponding byte and bit */
DEBUG(1, ("logon_hours_ok: Account for user %s not allowed to "
"logon at this time (%s).\n",
name_for_logs, asct ));
- return False;
+ return false;
}
asct = asctime(utctime);
DEBUG(5,("logon_hours_ok: user %s allowed to logon at this time (%s)\n",
name_for_logs, asct ? asct : "UNKNOWN TIME" ));
- return True;
+ return true;
}
/****************************************************************************
/* Test workstation. Workstation list is comma separated. */
if (logon_workstation && workstation_list && *workstation_list) {
- BOOL invalid_ws = True;
+ bool invalid_ws = true;
int i;
const char **workstations = str_list_make(mem_ctx, workstation_list, ",");
workstations[i], logon_workstation));
if (strequal(workstations[i], logon_workstation)) {
- invalid_ws = False;
+ invalid_ws = false;
break;
}
}
server_info->user_session_key = user_sess_key;
server_info->lm_session_key = lm_sess_key;
- server_info->authenticated = True;
+ server_info->authenticated = true;
*_server_info = server_info;
git.samba.org / kai / samba.git / commitdiff