}
#endif /* HAVE_PAM_VSYSLOG */
-static BOOL _pam_log_is_silent(int ctrl)
+static bool _pam_log_is_silent(int ctrl)
{
return on(ctrl, WINBIND_SILENT);
}
va_end(args);
}
-static BOOL _pam_log_is_debug_enabled(int ctrl)
+static bool _pam_log_is_debug_enabled(int ctrl)
{
if (ctrl == -1) {
- return False;
+ return false;
}
if (_pam_log_is_silent(ctrl)) {
- return False;
+ return false;
}
if (!(ctrl & WINBIND_DEBUG_ARG)) {
- return False;
+ return false;
}
- return True;
+ return true;
}
-static BOOL _pam_log_is_debug_state_enabled(int ctrl)
+static bool _pam_log_is_debug_state_enabled(int ctrl)
{
if (!(ctrl & WINBIND_DEBUG_STATE)) {
- return False;
+ return false;
}
return _pam_log_is_debug_enabled(ctrl);
goto config_from_pam;
}
- if (iniparser_getboolean(d, "global:debug", False)) {
+ if (iniparser_getboolean(d, "global:debug", false)) {
ctrl |= WINBIND_DEBUG_ARG;
}
- if (iniparser_getboolean(d, "global:debug_state", False)) {
+ if (iniparser_getboolean(d, "global:debug_state", false)) {
ctrl |= WINBIND_DEBUG_STATE;
}
- if (iniparser_getboolean(d, "global:cached_login", False)) {
+ if (iniparser_getboolean(d, "global:cached_login", false)) {
ctrl |= WINBIND_CACHED_LOGIN;
}
- if (iniparser_getboolean(d, "global:krb5_auth", False)) {
+ if (iniparser_getboolean(d, "global:krb5_auth", false)) {
ctrl |= WINBIND_KRB5_AUTH;
}
- if (iniparser_getboolean(d, "global:silent", False)) {
+ if (iniparser_getboolean(d, "global:silent", false)) {
ctrl |= WINBIND_SILENT;
}
ctrl |= WINBIND_REQUIRED_MEMBERSHIP;
}
- if (iniparser_getboolean(d, "global:try_first_pass", False)) {
+ if (iniparser_getboolean(d, "global:try_first_pass", false)) {
ctrl |= WINBIND_TRY_FIRST_PASS_ARG;
}
}
pmsg[0] = &msg[0];
- msg[0].msg = CONST_DISCARD(char *, text);
+ msg[0].msg = discard_const_p(char, text);
msg[0].msg_style = type;
resp = NULL;
* @param already_expired pointer to a boolean to indicate if the password is
* already expired.
*
- * @return boolean Returns True if message has been sent, False if not.
+ * @return boolean Returns true if message has been sent, false if not.
*/
-static BOOL _pam_send_password_expiry_message(pam_handle_t *pamh,
+static bool _pam_send_password_expiry_message(pam_handle_t *pamh,
int ctrl,
time_t next_change,
time_t now,
int warn_pwd_expire,
- BOOL *already_expired)
+ bool *already_expired)
{
int days = 0;
struct tm tm_now, tm_next_change;
if (already_expired) {
- *already_expired = False;
+ *already_expired = false;
}
if (next_change <= now) {
PAM_WB_REMARK_DIRECT(pamh, ctrl, "NT_STATUS_PASSWORD_EXPIRED");
if (already_expired) {
- *already_expired = True;
+ *already_expired = true;
}
- return True;
+ return true;
}
if ((next_change < 0) ||
(next_change > now + warn_pwd_expire * SECONDS_PER_DAY)) {
- return False;
+ return false;
}
if ((localtime_r(&now, &tm_now) == NULL) ||
(localtime_r(&next_change, &tm_next_change) == NULL)) {
- return False;
+ return false;
}
days = (tm_next_change.tm_yday+tm_next_change.tm_year*365) - (tm_now.tm_yday+tm_now.tm_year*365);
if (days == 0) {
_make_remark(pamh, ctrl, PAM_TEXT_INFO, "Your password expires today");
- return True;
+ return true;
}
if (days > 0 && days < warn_pwd_expire) {
_make_remark_format(pamh, ctrl, PAM_TEXT_INFO, "Your password will expire in %d %s",
days, (days > 1) ? "days":"day");
- return True;
+ return true;
}
- return False;
+ return false;
}
/**
int flags,
const struct winbindd_response *response,
int warn_pwd_expire,
- BOOL *already_expired)
+ bool *already_expired)
{
time_t now = time(NULL);
time_t next_change = 0;
if (already_expired) {
- *already_expired = False;
+ *already_expired = false;
}
/* accounts with ACB_PWNOEXP set never receive a warning */
#define IS_SID_STRING(name) (strncmp("S-", name, 2) == 0)
-static BOOL safe_append_string(char *dest,
+static bool safe_append_string(char *dest,
const char *src,
int dest_buffer_size)
/**
* @param src Source string buffer.
* @param dest_buffer_size Size of dest buffer in bytes.
*
- * @return False if dest buffer is not big enough (no bytes copied), True on success.
+ * @return false if dest buffer is not big enough (no bytes copied), true on success.
*/
{
int dest_length = strlen(dest);
int src_length = strlen(src);
if ( dest_length + src_length + 1 > dest_buffer_size ) {
- return False;
+ return false;
}
memcpy(dest + dest_length, src, src_length + 1);
- return True;
+ return true;
}
-static BOOL winbind_name_to_sid_string(pam_handle_t *pamh,
+static bool winbind_name_to_sid_string(pam_handle_t *pamh,
int ctrl,
const char *user,
const char *name,
* @param sid_list_buffer Where to append the string sid.
* @param sid_list_buffer Size of sid_list_buffer (in bytes).
*
- * @return False on failure, True on success.
+ * @return false on failure, true on success.
*/
{
const char* sid_string;
if (pam_winbind_request_log(pamh, ctrl, WINBINDD_LOOKUPNAME, &sid_request, &sid_response, user)) {
_pam_log(pamh, ctrl, LOG_INFO, "could not lookup name: %s\n", name);
- return False;
+ return false;
}
sid_string = sid_response.data.sid.sid;
}
if (!safe_append_string(sid_list_buffer, sid_string, sid_list_buffer_size)) {
- return False;
+ return false;
}
- return True;
+ return true;
}
-static BOOL winbind_name_list_to_sid_string_list(pam_handle_t *pamh,
+static bool winbind_name_list_to_sid_string_list(pam_handle_t *pamh,
int ctrl,
const char *user,
const char *name_list,
* @param sid_list_buffer Where to put the list of string sids.
* @param sid_list_buffer Size of sid_list_buffer (in bytes).
*
- * @return False on failure, True on success.
+ * @return false on failure, true on success.
*/
{
- BOOL result = False;
+ bool result = false;
char *current_name = NULL;
const char *search_location;
const char *comma;
goto out;
}
- result = True;
+ result = true;
out:
SAFE_FREE(current_name);
* @return void.
*/
-static void _pam_warn_logon_type(pam_handle_t *pamh, int ctrl, const char *username, uint32 info3_user_flgs)
+static void _pam_warn_logon_type(pam_handle_t *pamh, int ctrl, const char *username, uint32_t info3_user_flgs)
{
/* inform about logon type */
if (PAM_WB_GRACE_LOGON(info3_user_flgs)) {
* @return void.
*/
-static void _pam_warn_krb5_failure(pam_handle_t *pamh, int ctrl, const char *username, uint32 info3_user_flgs)
+static void _pam_warn_krb5_failure(pam_handle_t *pamh, int ctrl, const char *username, uint32_t info3_user_flgs)
{
if (PAM_WB_KRB5_CLOCK_SKEW(info3_user_flgs)) {
_make_remark(pamh, ctrl, PAM_ERROR_MSG,
struct winbindd_request request;
struct winbindd_response response;
int ret;
- BOOL already_expired = False;
+ bool already_expired = false;
ZERO_STRUCT(request);
ZERO_STRUCT(response);
warn_pwd_expire,
&already_expired);
- if (already_expired == True) {
+ if (already_expired == true) {
_pam_log_debug(pamh, ctrl, LOG_DEBUG, "Password has expired "
"(Password was last set: %lld, the policy says "
"it should expire here %lld (now it's: %lu))\n",
if (comment != NULL && off(ctrl, WINBIND_SILENT)) {
pmsg[0] = &msg[0];
msg[0].msg_style = PAM_TEXT_INFO;
- msg[0].msg = CONST_DISCARD(char *, comment);
+ msg[0].msg = discard_const_p(char, comment);
i = 1;
} else {
i = 0;
pmsg[i] = &msg[i];
msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[i++].msg = CONST_DISCARD(char *, prompt1);
+ msg[i++].msg = discard_const_p(char, prompt1);
replies = 1;
if (prompt2 != NULL) {
pmsg[i] = &msg[i];
msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- msg[i++].msg = CONST_DISCARD(char *, prompt2);
+ msg[i++].msg = discard_const_p(char, prompt2);
++replies;
}
/* so call the conversation expecting i responses */
retval = PAM_SUCCESS;
- if (!asprintf(&new_authtok_required_during_auth, "%d", True)) {
+ if (!asprintf(&new_authtok_required_during_auth, "%d", true)) {
retval = PAM_BUF_ERR;
goto out;
}
* @param ctrl PAM winbind options.
* @param user The username
*
- * @return boolean Returns True if required, False if not.
+ * @return boolean Returns true if required, false if not.
*/
-static BOOL _pam_require_krb5_auth_after_chauthtok(pam_handle_t *pamh, int ctrl, const char *user)
+static bool _pam_require_krb5_auth_after_chauthtok(pam_handle_t *pamh, int ctrl, const char *user)
{
/* Make sure that we only do this if
struct passwd *pwd = NULL;
if (!(ctrl & WINBIND_KRB5_AUTH)) {
- return False;
+ return false;
}
_pam_get_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD_DURING_AUTH, &new_authtok_reqd_during_auth);
pam_set_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD_DURING_AUTH, NULL, NULL);
if (new_authtok_reqd_during_auth) {
- return True;
+ return true;
}
pwd = getpwnam(user);
if (!pwd) {
- return False;
+ return false;
}
if (getuid() == pwd->pw_uid) {
- return True;
+ return true;
}
- return False;
+ return false;
}
#endif
#if defined(HAVE_KRB5) && defined(HAVE_KRB5_LOCATE_PLUGIN_H)
-BOOL winbind_env_set(void);
#include <krb5/locate_plugin.h>
}
-static int ask_winbind(const char *realm, char **dcname)
+static bool ask_winbind(const char *realm, char **dcname)
{
NSS_STATUS status;
struct winbindd_request request;
fprintf(stderr,"[%5u]: smb_krb5_locator_lookup: failed with: %s\n",
(unsigned int)getpid(), nss_err_str(status));
#endif
- return False;
+ return false;
}
*dcname = strdup(response.data.dc_name);
if (!*dcname) {
- return False;
+ return false;
}
- return True;
+ return true;
}
/**
#include "winbind_client.h"
-BOOL winbind_env_set( void );
-BOOL winbind_off( void );
-BOOL winbind_on( void );
-
/* Global variables. These are effectively the client state information */
int winbindd_fd = -1; /* fd for winbindd socket */
return result1 + result2;
}
-BOOL winbind_env_set( void )
+bool winbind_env_set(void)
{
char *env;
if ((env=getenv(WINBINDD_DONT_ENV)) != NULL) {
if(strcmp(env, "1") == 0) {
- return True;
+ return true;
}
}
- return False;
+ return false;
}
/*
enable them
************************************************************************/
-/* Use putenv() instead of setenv() in these functions as not all
- environments have the latter. */
-
-BOOL winbind_off( void )
+bool winbind_off(void)
{
- static char *s = CONST_DISCARD(char *, WINBINDD_DONT_ENV "=1");
-
- return putenv(s) != -1;
+ return setenv(WINBINDD_DONT_ENV, "1", 1) != -1;
}
-BOOL winbind_on( void )
+bool winbind_on(void)
{
- static char *s = CONST_DISCARD(char *, WINBINDD_DONT_ENV "=0");
-
- return putenv(s) != -1;
+ return setenv(WINBINDD_DONT_ENV, "0", 1) != -1;
}
/*************************************************************************
void close_sock(void);
void free_response(struct winbindd_response *response);
const char *nss_err_str(NSS_STATUS ret);
+bool winbind_env_set(void);
+bool winbind_off(void);
+bool winbind_on(void);
typedef char fstring[FSTRING_LEN];
#endif
-#ifndef _UPPER_BOOL
-#define _UPPER_BOOL
-#define False (0)
-#define True (1)
-#define Auto (2)
-typedef int BOOL;
-#endif
-
-#if !defined(uint32)
-#if (SIZEOF_INT == 4)
-#define uint32 unsigned int
-#elif (SIZEOF_LONG == 4)
-#define uint32 unsigned long
-#elif (SIZEOF_SHORT == 4)
-#define uint32 unsigned short
-#endif
-#endif
-
-#if !defined(uint16)
-#if (SIZEOF_SHORT == 4)
-#define uint16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16;
-#else /* SIZEOF_SHORT != 4 */
-#define uint16 unsigned short
-#endif /* SIZEOF_SHORT != 4 */
-#endif
-
-#ifndef uint8
-#define uint8 unsigned char
-#endif
-
-/*
- * check for 8 byte long long
- */
-
-#if !defined(uint64)
-#if (SIZEOF_LONG == 8)
-#define uint64 unsigned long
-#elif (SIZEOF_LONG_LONG == 8)
-#define uint64 unsigned long long
-#endif /* don't lie. If we don't have it, then don't use it */
-#endif
-
-#if !defined(int64)
-#if (SIZEOF_LONG == 8)
-#define int64 long
-#elif (SIZEOF_LONG_LONG == 8)
-#define int64 long long
-#endif /* don't lie. If we don't have it, then don't use it */
-#endif
-
/* Some systems (SCO) treat UNIX domain sockets as FIFOs */
#ifndef S_IFSOCK
lib/util_str.c as I really don't want to have to link in any other
objects if I can possibly avoid it. */
-static BOOL next_token(char **ptr,char *buff,const char *sep, size_t bufsize)
+static bool next_token(char **ptr,char *buff,const char *sep, size_t bufsize)
{
char *s;
- BOOL quoted;
+ bool quoted;
size_t len=1;
- if (!ptr) return(False);
+ if (!ptr) return false;
s = *ptr;
while (*s && strchr(sep,*s)) s++;
/* nothing left? */
- if (! *s) return(False);
+ if (! *s) return false;
/* copy over the token */
- for (quoted = False; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
+ for (quoted = false; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) {
if (*s == '\"') {
quoted = !quoted;
} else {
*ptr = (*s) ? s+1 : s;
*buff = 0;
- return(True);
+ return true;
}
/* Out of memory - try again */
if (ret == NSS_STATUS_TRYAGAIN) {
- called_again = True;
+ called_again = true;
*errnop = errno = ERANGE;
goto done;
}
*errnop = errno = 0;
- called_again = False;
+ called_again = false;
ndx_pw_cache++;
/* If we've finished with this lot of results free cache */
&buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
- keep_response = False;
+ keep_response = false;
*errnop = errno = 0;
}
&buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
- keep_response = False;
+ keep_response = false;
*errnop = errno = 0;
}
/* Out of memory - try again */
if (ret == NSS_STATUS_TRYAGAIN) {
- called_again = True;
+ called_again = true;
*errnop = errno = ERANGE;
goto done;
}
*errnop = 0;
- called_again = False;
+ called_again = false;
ndx_gr_cache++;
/* If we've finished with this lot of results free cache */
&buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
&buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
- keep_response = False;
+ keep_response = false;
*errnop = 0;
}
&buffer, &buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
&buflen);
if (ret == NSS_STATUS_TRYAGAIN) {
- keep_response = True;
+ keep_response = true;
*errnop = errno = ERANGE;
goto done;
}
- keep_response = False;
+ keep_response = false;
*errnop = 0;
}
products. You do not need to give any attribution.
*/
-
-#ifndef CONST_DISCARD
-#define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr)))
-#endif
-
-#ifndef CONST_ADD
-#define CONST_ADD(type, ptr) ((type) ((const void *) (ptr)))
-#endif
-
#ifndef SAFE_FREE
#define SAFE_FREE(x) do { if(x) {free(x); x=NULL;} } while(0)
#endif
between /lib/libnss_winbind.so.2 and /li64/libnss_winbind.so.2.
The easiest way to do this is to always use 8byte values for time_t. */
-#if defined(int64)
-# define SMB_TIME_T int64
-#else
-# define SMB_TIME_T time_t
-#endif
+#define SMB_TIME_T int64_t
/* Socket commands */
fstring gr_name;
fstring gr_passwd;
gid_t gr_gid;
- uint32 num_gr_mem;
- uint32 gr_mem_ofs; /* offset to group membership */
+ uint32_t num_gr_mem;
+ uint32_t gr_mem_ofs; /* offset to group membership */
} WINBINDD_GR;
/* PAM specific request flags */
******************************************************************************/
struct winbindd_request {
- uint32 length;
+ uint32_t length;
enum winbindd_cmd cmd; /* Winbindd command to execute */
enum winbindd_cmd original_cmd; /* Original Winbindd command
issued to parent process */
pid_t pid; /* pid of calling process */
- uint32 wb_flags; /* generic flags */
- uint32 flags; /* flags relevant *only* to a given request */
+ uint32_t wb_flags; /* generic flags */
+ uint32_t flags; /* flags relevant *only* to a given request */
fstring domain_name; /* name of domain for which the request applies */
union {
uid_t uid;
} auth; /* pam_winbind auth module */
struct {
- unsigned char chal[8];
- uint32 logon_parameters;
+ uint8_t chal[8];
+ uint32_t logon_parameters;
fstring user;
fstring domain;
fstring lm_resp;
- uint32 lm_resp_len;
+ uint32_t lm_resp_len;
fstring nt_resp;
- uint32 nt_resp_len;
+ uint32_t nt_resp_len;
fstring workstation;
fstring require_membership_of_sid;
} auth_crap;
struct {
fstring user;
fstring domain;
- unsigned char new_nt_pswd[516];
- uint16 new_nt_pswd_len;
- unsigned char old_nt_hash_enc[16];
- uint16 old_nt_hash_enc_len;
- unsigned char new_lm_pswd[516];
- uint16 new_lm_pswd_len;
- unsigned char old_lm_hash_enc[16];
- uint16 old_lm_hash_enc_len;
+ uint8_t new_nt_pswd[516];
+ uint16_t new_nt_pswd_len;
+ uint8_t old_nt_hash_enc[16];
+ uint16_t old_nt_hash_enc_len;
+ uint8_t new_lm_pswd[516];
+ uint16_t new_lm_pswd_len;
+ uint8_t old_lm_hash_enc[16];
+ uint16_t old_lm_hash_enc_len;
} chng_pswd_auth_crap;/* pam_winbind passwd module */
struct {
fstring user;
fstring dom_name; /* lookupname */
fstring name;
} name;
- uint32 num_entries; /* getpwent, getgrent */
+ uint32_t num_entries; /* getpwent, getgrent */
struct {
fstring username;
fstring groupname;
} acct_mgt;
struct {
- BOOL is_primary;
+ bool is_primary;
fstring dcname;
} init_conn;
struct {
} dual_sid2id;
struct {
fstring sid;
- uint32 type;
- uint32 id;
+ uint32_t type;
+ uint32_t id;
} dual_idmapset;
- BOOL list_all_domains;
+ bool list_all_domains;
struct {
uid_t uid;
produce an actual challenge response. It merely
succeeds if there are cached credentials available
that could be used. */
- uint32 initial_blob_len; /* blobs in extra_data */
- uint32 challenge_blob_len;
+ uint32_t initial_blob_len; /* blobs in extra_data */
+ uint32_t challenge_blob_len;
} ccache_ntlm_auth;
/* padding -- needed to fix alignment between 32bit and 64bit libs.
SMB_TIME_T padding;
char *data;
} extra_data;
- uint32 extra_len;
+ uint32_t extra_len;
char null_term;
};
/* Header information */
- uint32 length; /* Length of response */
+ uint32_t length; /* Length of response */
enum winbindd_result result; /* Result code */
/* Fixed length return data */
struct winbindd_gr gr;
- uint32 num_entries; /* getpwent, getgrent */
+ uint32_t num_entries; /* getpwent, getgrent */
struct winbindd_sid {
fstring sid; /* lookupname, [ug]id_to_sid */
int type;
fstring dc_name;
struct auth_reply {
- uint32 nt_status;
+ uint32_t nt_status;
fstring nt_status_string;
fstring error_string;
int pam_error;
char user_session_key[16];
char first_8_lm_hash[8];
fstring krb5ccname;
- uint32 reject_reason;
- uint32 padding;
+ uint32_t reject_reason;
+ uint32_t padding;
struct policy_settings {
- uint32 min_length_password;
- uint32 password_history;
- uint32 password_properties;
- uint32 padding;
+ uint32_t min_length_password;
+ uint32_t password_history;
+ uint32_t password_properties;
+ uint32_t padding;
SMB_TIME_T expire;
SMB_TIME_T min_passwordage;
} policy;
SMB_TIME_T pass_last_set_time;
SMB_TIME_T pass_can_change_time;
SMB_TIME_T pass_must_change_time;
- uint32 logon_count;
- uint32 bad_pw_count;
- uint32 user_rid;
- uint32 group_rid;
- uint32 num_groups;
- uint32 user_flgs;
- uint32 acct_flags;
- uint32 num_other_sids;
+ uint32_t logon_count;
+ uint32_t bad_pw_count;
+ uint32_t user_rid;
+ uint32_t group_rid;
+ uint32_t num_groups;
+ uint32_t user_flgs;
+ uint32_t acct_flags;
+ uint32_t num_other_sids;
fstring dom_sid;
fstring user_name;
fstring full_name;
fstring name;
fstring alt_name;
fstring sid;
- BOOL native_mode;
- BOOL active_directory;
- BOOL primary;
- uint32 sequence_number;
+ bool native_mode;
+ bool active_directory;
+ bool primary;
+ uint32_t sequence_number;
} domain_info;
struct {
fstring acct_name;
fstring full_name;
fstring homedir;
fstring shell;
- uint32 primary_gid;
- uint32 group_rid;
+ uint32_t primary_gid;
+ uint32_t group_rid;
} user_info;
struct {
- uint32 auth_blob_len; /* blob in extra_data */
+ uint32_t auth_blob_len; /* blob in extra_data */
} ccache_ntlm_auth;
} data;
uid_t uid;
int ref_count;
size_t len;
- unsigned char *nt_hash; /* Base pointer for the following 2 */
- unsigned char *lm_hash;
+ uint8_t *nt_hash; /* Base pointer for the following 2 */
+ uint8_t *lm_hash;
char *pass;
};
git.samba.org / tprouty / samba.git / commitdiff