diff options
| author | Andreas Schneider <asn@samba.org> | 2020-08-20 09:40:41 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2020-11-03 15:25:37 +0000 |
| commit | 1298280a22ef7494fb85a6a5953bae15d22fa204 (patch) | |
| tree | 2913bf9b7dc8f1151faa063ea01e4b1c1b4b65a0 /source4 | |
| parent | 7d846cd178d653600c71ee4bd6a491a9e48a56da (diff) | |
| download | samba-1298280a22ef7494fb85a6a5953bae15d22fa204.tar.gz | |
auth:creds: Rename CRED_USE_KERBEROS values
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/auth/gensec/gensec_gssapi.c | 2 | ||||
| -rw-r--r-- | source4/auth/session.c | 2 | ||||
| -rw-r--r-- | source4/lib/cmdline/popt_credentials.c | 4 | ||||
| -rw-r--r-- | source4/torture/ldap/session_expiry.c | 2 | ||||
| -rw-r--r-- | source4/torture/raw/session.c | 4 | ||||
| -rw-r--r-- | source4/torture/rpc/schannel.c | 4 | ||||
| -rw-r--r-- | source4/torture/smb2/session.c | 12 |
7 files changed, 15 insertions, 15 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index 1b0852795fd..2a261a1664f 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -1557,7 +1557,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi } /* This credential handle isn't useful for password authentication, so ensure nobody tries to do that */ - cli_credentials_set_kerberos_state(session_info->credentials, CRED_MUST_USE_KERBEROS); + cli_credentials_set_kerberos_state(session_info->credentials, CRED_USE_KERBEROS_REQUIRED); /* It has been taken from this place... */ gensec_gssapi_state->delegated_cred_handle = GSS_C_NO_CREDENTIAL; diff --git a/source4/auth/session.c b/source4/auth/session.c index c5fc226a7d7..8e44dcd24f1 100644 --- a/source4/auth/session.c +++ b/source4/auth/session.c @@ -295,7 +295,7 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx, /* This credential handle isn't useful for password * authentication, so ensure nobody tries to do that */ cli_credentials_set_kerberos_state(creds, - CRED_MUST_USE_KERBEROS); + CRED_USE_KERBEROS_REQUIRED); } #endif diff --git a/source4/lib/cmdline/popt_credentials.c b/source4/lib/cmdline/popt_credentials.c index 5dd61f6339c..7d8963da99e 100644 --- a/source4/lib/cmdline/popt_credentials.c +++ b/source4/lib/cmdline/popt_credentials.c @@ -120,8 +120,8 @@ static void popt_common_credentials_callback(poptContext con, cli_credentials_set_kerberos_state( popt_get_cmdline_credentials(), use_kerberos - ? CRED_MUST_USE_KERBEROS - : CRED_DONT_USE_KERBEROS); + ? CRED_USE_KERBEROS_REQUIRED + : CRED_USE_KERBEROS_DISABLED); break; } diff --git a/source4/torture/ldap/session_expiry.c b/source4/torture/ldap/session_expiry.c index 35dda439b17..e5e38450745 100644 --- a/source4/torture/ldap/session_expiry.c +++ b/source4/torture/ldap/session_expiry.c @@ -55,7 +55,7 @@ bool torture_ldap_session_expiry(struct torture_context *torture) torture, url!=NULL, ret, fail, "talloc_asprintf failed"); cli_credentials_set_kerberos_state( - credentials, CRED_MUST_USE_KERBEROS); + credentials, CRED_USE_KERBEROS_REQUIRED); ok = lpcfg_set_option( torture->lp_ctx, "gensec_gssapi:requested_life_time=4"); diff --git a/source4/torture/raw/session.c b/source4/torture/raw/session.c index 0c460ae3069..e246d25e9fb 100644 --- a/source4/torture/raw/session.c +++ b/source4/torture/raw/session.c @@ -245,12 +245,12 @@ static bool test_session_expire1(struct torture_context *tctx) use_kerberos = cli_credentials_get_kerberos_state( popt_get_cmdline_credentials()); - if (use_kerberos != CRED_MUST_USE_KERBEROS) { + if (use_kerberos != CRED_USE_KERBEROS_REQUIRED) { torture_warning(tctx, "smb2.session.expire1 requires -k yes!"); torture_skip(tctx, "smb2.session.expire1 requires -k yes!"); } - torture_assert_int_equal(tctx, use_kerberos, CRED_MUST_USE_KERBEROS, + torture_assert_int_equal(tctx, use_kerberos, CRED_USE_KERBEROS_REQUIRED, "please use -k yes"); lpcfg_set_option(tctx->lp_ctx, "gensec_gssapi:requested_life_time=4"); diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c index fff0b1aacbd..a5755041040 100644 --- a/source4/torture/rpc/schannel.c +++ b/source4/torture/rpc/schannel.c @@ -965,8 +965,8 @@ bool torture_rpc_schannel_bench1(struct torture_context *torture) torture_assert(torture, s->join_ctx2 != NULL, "Failed to join domain with acct_flags=ACB_WSTRUST"); - cli_credentials_set_kerberos_state(s->wks_creds1, CRED_DONT_USE_KERBEROS); - cli_credentials_set_kerberos_state(s->wks_creds2, CRED_DONT_USE_KERBEROS); + cli_credentials_set_kerberos_state(s->wks_creds1, CRED_USE_KERBEROS_DISABLED); + cli_credentials_set_kerberos_state(s->wks_creds2, CRED_USE_KERBEROS_DISABLED); for (i=0; i < s->nprocs; i++) { struct cli_credentials *wks = s->wks_creds1; diff --git a/source4/torture/smb2/session.c b/source4/torture/smb2/session.c index 07c6faebb15..701dfc10a07 100644 --- a/source4/torture/smb2/session.c +++ b/source4/torture/smb2/session.c @@ -956,7 +956,7 @@ bool test_session_reauth6(struct torture_context *tctx, struct smb2_tree *tree) krb_state = cli_credentials_get_kerberos_state( popt_get_cmdline_credentials()); - if (krb_state == CRED_MUST_USE_KERBEROS) { + if (krb_state == CRED_USE_KERBEROS_REQUIRED) { torture_skip(tctx, "Can't test failing session setup with kerberos."); } @@ -1064,12 +1064,12 @@ static bool test_session_expire1i(struct torture_context *tctx, size_t i; use_kerberos = cli_credentials_get_kerberos_state(credentials); - if (use_kerberos != CRED_MUST_USE_KERBEROS) { + if (use_kerberos != CRED_USE_KERBEROS_REQUIRED) { torture_warning(tctx, "smb2.session.expire1 requires -k yes!"); torture_skip(tctx, "smb2.session.expire1 requires -k yes!"); } - torture_assert_int_equal(tctx, use_kerberos, CRED_MUST_USE_KERBEROS, + torture_assert_int_equal(tctx, use_kerberos, CRED_USE_KERBEROS_REQUIRED, "please use -k yes"); cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED); @@ -1250,12 +1250,12 @@ static bool test_session_expire2i(struct torture_context *tctx, struct smb2_notify ntf2; use_kerberos = cli_credentials_get_kerberos_state(credentials); - if (use_kerberos != CRED_MUST_USE_KERBEROS) { + if (use_kerberos != CRED_USE_KERBEROS_REQUIRED) { torture_warning(tctx, "smb2.session.expire2 requires -k yes!"); torture_skip(tctx, "smb2.session.expire2 requires -k yes!"); } - torture_assert_int_equal(tctx, use_kerberos, CRED_MUST_USE_KERBEROS, + torture_assert_int_equal(tctx, use_kerberos, CRED_USE_KERBEROS_REQUIRED, "please use -k yes"); cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED); @@ -1612,7 +1612,7 @@ static bool test_session_expire_disconnect(struct torture_context *tctx) bool connected; use_kerberos = cli_credentials_get_kerberos_state(credentials); - if (use_kerberos != CRED_MUST_USE_KERBEROS) { + if (use_kerberos != CRED_USE_KERBEROS_REQUIRED) { torture_warning(tctx, "smb2.session.expire1 requires -k yes!"); torture_skip(tctx, "smb2.session.expire1 requires -k yes!"); } |