mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
third_party/heimdal: import lorikeet-heimdal-202310092248 (commit cd12cddd8058d9fe627b5b203e471b8d761dcfbb)
NOTE: THIS COMMIT WON’T COMPILE/WORK ON ITS OWN! Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
parent
3280893ae8
commit
204b1f0c12
8
third_party/heimdal/kdc/kdc-plugin.c
vendored
8
third_party/heimdal/kdc/kdc-plugin.c
vendored
@ -147,7 +147,6 @@ struct verify_uc {
|
||||
hdb_entry *krbtgt;
|
||||
EncTicketPart *ticket;
|
||||
krb5_pac pac;
|
||||
krb5_boolean *is_trusted;
|
||||
};
|
||||
|
||||
static krb5_error_code KRB5_LIB_CALL
|
||||
@ -165,8 +164,7 @@ verify(krb5_context context, const void *plug, void *plugctx, void *userctx)
|
||||
uc->client_principal,
|
||||
uc->delegated_proxy,
|
||||
uc->client, uc->server, uc->krbtgt,
|
||||
uc->ticket, uc->pac,
|
||||
uc->is_trusted);
|
||||
uc->ticket, uc->pac);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -178,8 +176,7 @@ _kdc_pac_verify(astgs_request_t r,
|
||||
hdb_entry *server,
|
||||
hdb_entry *krbtgt,
|
||||
EncTicketPart *ticket,
|
||||
krb5_pac pac,
|
||||
krb5_boolean *is_trusted)
|
||||
krb5_pac pac)
|
||||
{
|
||||
struct verify_uc uc;
|
||||
|
||||
@ -194,7 +191,6 @@ _kdc_pac_verify(astgs_request_t r,
|
||||
uc.krbtgt = krbtgt;
|
||||
uc.ticket = ticket,
|
||||
uc.pac = pac;
|
||||
uc.is_trusted = is_trusted;
|
||||
|
||||
return _krb5_plugin_run_f(r->context, &kdc_plugin_data,
|
||||
0, &uc, verify);
|
||||
|
7
third_party/heimdal/kdc/kdc-plugin.h
vendored
7
third_party/heimdal/kdc/kdc-plugin.h
vendored
@ -57,9 +57,7 @@ typedef krb5_error_code
|
||||
|
||||
/*
|
||||
* Verify the PAC KDC signatures by fetching the appropriate TGS key
|
||||
* and calling krb5_pac_verify() with that key. The possibly-NULL
|
||||
* is_trusted may be set by the plugin to indicate that the PAC was
|
||||
* issued by a trusted server, and not, for example, by an RODC.
|
||||
* and calling krb5_pac_verify() with that key.
|
||||
*/
|
||||
|
||||
typedef krb5_error_code
|
||||
@ -71,8 +69,7 @@ typedef krb5_error_code
|
||||
hdb_entry *,/* server */
|
||||
hdb_entry *,/* krbtgt */
|
||||
EncTicketPart *, /* ticket */
|
||||
krb5_pac, /* pac */
|
||||
krb5_boolean *); /* is_trusted */
|
||||
krb5_pac); /* pac */
|
||||
|
||||
/*
|
||||
* Update the KDC PAC buffers. This function may be used after verifying the PAC
|
||||
|
7
third_party/heimdal/kdc/krb5tgs.c
vendored
7
third_party/heimdal/kdc/krb5tgs.c
vendored
@ -96,7 +96,6 @@ _kdc_check_pac(astgs_request_t r,
|
||||
krb5_pac pac = NULL;
|
||||
krb5_error_code ret;
|
||||
krb5_boolean signedticket;
|
||||
krb5_boolean is_trusted = FALSE;
|
||||
|
||||
*kdc_issued = FALSE;
|
||||
*ppac = NULL;
|
||||
@ -126,12 +125,8 @@ _kdc_check_pac(astgs_request_t r,
|
||||
/* Verify the KDC signatures. */
|
||||
ret = _kdc_pac_verify(r,
|
||||
client_principal, delegated_proxy,
|
||||
client, server, krbtgt, tkt, pac, &is_trusted);
|
||||
client, server, krbtgt, tkt, pac);
|
||||
if (ret == 0) {
|
||||
if (is_trusted) {
|
||||
krb5_pac_set_trusted(pac, TRUE);
|
||||
}
|
||||
|
||||
if (pac_canon_name) {
|
||||
ret = _krb5_pac_get_canon_principal(context, pac, pac_canon_name);
|
||||
if (ret && ret != ENOENT) {
|
||||
|
18
third_party/heimdal/kdc/mssfu.c
vendored
18
third_party/heimdal/kdc/mssfu.c
vendored
@ -106,8 +106,12 @@ check_rbcd(krb5_context context,
|
||||
krb5_kdc_configuration *config,
|
||||
HDB *clientdb,
|
||||
krb5_const_principal s4u_principal,
|
||||
krb5_const_principal client_principal,
|
||||
const hdb_entry *client_krbtgt,
|
||||
const hdb_entry *client,
|
||||
const hdb_entry *device_krbtgt,
|
||||
const hdb_entry *device,
|
||||
krb5_const_pac client_pac,
|
||||
krb5_const_pac device_pac,
|
||||
const hdb_entry *target)
|
||||
{
|
||||
krb5_error_code ret = KRB5KDC_ERR_BADOPTION;
|
||||
@ -115,9 +119,13 @@ check_rbcd(krb5_context context,
|
||||
if (clientdb->hdb_check_rbcd) {
|
||||
ret = clientdb->hdb_check_rbcd(context,
|
||||
clientdb,
|
||||
client_krbtgt,
|
||||
client,
|
||||
device_krbtgt,
|
||||
device,
|
||||
s4u_principal,
|
||||
client_principal,
|
||||
client_pac,
|
||||
device_pac,
|
||||
target);
|
||||
if (ret == 0)
|
||||
return 0;
|
||||
@ -520,7 +528,11 @@ _kdc_validate_constrained_delegation(astgs_request_t r)
|
||||
|
||||
if (rbcd_support) {
|
||||
ret = check_rbcd(r->context, r->config, r->clientdb,
|
||||
s4u_client_name, r->client_princ, r->pac, r->server);
|
||||
s4u_client_name,
|
||||
r->krbtgt, r->client,
|
||||
r->armor_server, r->armor_client,
|
||||
r->pac, r->armor_pac,
|
||||
r->server);
|
||||
} else {
|
||||
ret = KRB5KDC_ERR_BADOPTION;
|
||||
}
|
||||
|
118
third_party/heimdal/lib/asn1/gen.c
vendored
118
third_party/heimdal/lib/asn1/gen.c
vendored
@ -937,7 +937,13 @@ getnewbasename(char **newbasename, int typedefp, const char *basename, const cha
|
||||
err(1, "malloc");
|
||||
}
|
||||
|
||||
static void define_type(int, const char *, const char *, Type *, Type *, int, int);
|
||||
typedef enum define_type_options {
|
||||
DEF_TYPE_NONE = 0,
|
||||
DEF_TYPE_PRESERVE = 1,
|
||||
DEF_TYPE_TYPEDEFP = 2,
|
||||
DEF_TYPE_EMIT_NAME = 4
|
||||
} define_type_options;
|
||||
static void define_type(int, const char *, const char *, Type *, Type *, define_type_options);
|
||||
|
||||
/*
|
||||
* Get the SET/SEQUENCE member pair and CLASS field pair defining an open type.
|
||||
@ -1158,7 +1164,7 @@ define_open_type(int level, const char *newbasename, const char *name, const cha
|
||||
|
||||
if (asprintf(&n, "*%s", objects[i]->symbol->gen_name) < 0 || n == NULL)
|
||||
err(1, "malloc");
|
||||
define_type(level + 2, n, newbasename, NULL, of->type, FALSE, FALSE);
|
||||
define_type(level + 2, n, newbasename, NULL, of->type, DEF_TYPE_NONE);
|
||||
fprintf(jsonfile, "%s", (i + 1) < nobjs ? "," : "");
|
||||
free(n);
|
||||
}
|
||||
@ -1178,7 +1184,8 @@ static const char * const tagclassnames[] = {
|
||||
};
|
||||
|
||||
static void
|
||||
define_type(int level, const char *name, const char *basename, Type *pt, Type *t, int typedefp, int preservep)
|
||||
define_type(int level, const char *name, const char *basename,
|
||||
Type *pt, Type *t, define_type_options opts)
|
||||
{
|
||||
const char *label_prefix = NULL;
|
||||
const char *label_prefix_sep = NULL;
|
||||
@ -1188,7 +1195,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
"\"is_type\":true,\"exported\":%s,\"typedef\":%s,",
|
||||
basename, name,
|
||||
t->symbol && is_export(t->symbol->name) ? "true" : "false",
|
||||
typedefp ? "true" : "false");
|
||||
(opts & DEF_TYPE_TYPEDEFP) ? "true" : "false");
|
||||
|
||||
switch (t->type) {
|
||||
case TType:
|
||||
@ -1214,7 +1221,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
|
||||
label_prefix = prefix_enum ? name : (enum_prefix ? enum_prefix : "");
|
||||
label_prefix_sep = prefix_enum ? "_" : "";
|
||||
fprintf (headerfile, "enum %s {\n", typedefp ? name : "");
|
||||
fprintf (headerfile, "enum %s {\n", (opts & DEF_TYPE_TYPEDEFP) ? name : "");
|
||||
fprintf(jsonfile, "\"ttype\":\"INTEGER\",\"ctype\":\"enum\","
|
||||
"\"members\":[\n");
|
||||
HEIM_TAILQ_FOREACH(m, t->members, members) {
|
||||
@ -1298,7 +1305,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
fprintf(jsonfile, "\"ctype\":\"heim_bit_string\"");
|
||||
} else {
|
||||
int64_t pos = 0;
|
||||
getnewbasename(&newbasename, typedefp || level == 0, basename, name);
|
||||
getnewbasename(&newbasename, (opts & DEF_TYPE_TYPEDEFP) || level == 0, basename, name);
|
||||
|
||||
fprintf (headerfile, "struct %s {\n", newbasename);
|
||||
fprintf(jsonfile, "\"ctype\":\"struct %s\",\"members\":[\n", newbasename);
|
||||
@ -1313,7 +1320,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
if (asprintf (&n, "_unused%lld:1", (long long)pos) < 0 ||
|
||||
n == NULL)
|
||||
err(1, "malloc");
|
||||
define_type(level + 1, n, newbasename, NULL, &i, FALSE, FALSE);
|
||||
define_type(level + 1, n, newbasename, NULL, &i, DEF_TYPE_EMIT_NAME);
|
||||
fprintf(jsonfile, ",");
|
||||
free(n);
|
||||
pos++;
|
||||
@ -1322,7 +1329,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
n = NULL;
|
||||
if (asprintf (&n, "%s:1", m->gen_name) < 0 || n == NULL)
|
||||
errx(1, "malloc");
|
||||
define_type(level + 1, n, newbasename, NULL, &i, FALSE, FALSE);
|
||||
define_type(level + 1, n, newbasename, NULL, &i, DEF_TYPE_EMIT_NAME);
|
||||
fprintf(jsonfile, "%s", last_member_p(m));
|
||||
free (n);
|
||||
n = NULL;
|
||||
@ -1341,14 +1348,16 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
if (asprintf (&n, "_unused%lld:1", (long long)pos) < 0 ||
|
||||
n == NULL)
|
||||
errx(1, "malloc");
|
||||
define_type(level + 1, n, newbasename, NULL, &i, FALSE, FALSE);
|
||||
define_type(level + 1, n, newbasename, NULL, &i, DEF_TYPE_EMIT_NAME);
|
||||
fprintf(jsonfile, "%s", (pos + 1) < bitset_size ? "," : "");
|
||||
free(n);
|
||||
pos++;
|
||||
}
|
||||
|
||||
space(level);
|
||||
fprintf (headerfile, "} %s;\n\n", name);
|
||||
fprintf(headerfile, "}%s%s;\n\n",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? " " : "",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? name : "");
|
||||
fprintf(jsonfile, "]");
|
||||
}
|
||||
break;
|
||||
@ -1362,9 +1371,9 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
label_prefix = prefix_enum ? name : (enum_prefix ? enum_prefix : "");
|
||||
label_prefix_sep = prefix_enum ? "_" : "";
|
||||
space(level);
|
||||
fprintf (headerfile, "enum %s {\n", typedefp ? name : "");
|
||||
fprintf (headerfile, "enum %s {\n", (opts & DEF_TYPE_TYPEDEFP) ? name : "");
|
||||
fprintf(jsonfile, "\"ctype\":\"enum %s\",\"extensible\":%s,\"members\":[\n",
|
||||
typedefp ? name : "", have_ellipsis(t) ? "true" : "false");
|
||||
(opts & DEF_TYPE_TYPEDEFP) ? name : "", have_ellipsis(t) ? "true" : "false");
|
||||
HEIM_TAILQ_FOREACH(m, t->members, members) {
|
||||
space(level + 1);
|
||||
if (m->ellipsis) {
|
||||
@ -1379,7 +1388,9 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
}
|
||||
}
|
||||
space(level);
|
||||
fprintf (headerfile, "} %s;\n\n", name);
|
||||
fprintf(headerfile, "}%s%s;\n\n",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? " " : "",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? name : "");
|
||||
fprintf(jsonfile, "]");
|
||||
break;
|
||||
}
|
||||
@ -1390,7 +1401,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
ssize_t more_deco = -1;
|
||||
int decorated = 0;
|
||||
|
||||
getnewbasename(&newbasename, typedefp || level == 0, basename, name);
|
||||
getnewbasename(&newbasename, (opts & DEF_TYPE_TYPEDEFP) || level == 0, basename, name);
|
||||
|
||||
space(level);
|
||||
|
||||
@ -1399,7 +1410,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
"\"ctype\":\"struct %s\"",
|
||||
t->type == TSet ? "SET" : "SEQUENCE",
|
||||
have_ellipsis(t) ? "true" : "false", newbasename);
|
||||
if (t->type == TSequence && preservep) {
|
||||
if (t->type == TSequence && (opts & DEF_TYPE_PRESERVE)) {
|
||||
space(level + 1);
|
||||
fprintf(headerfile, "heim_octet_string _save;\n");
|
||||
fprintf(jsonfile, ",\"preserve\":true");
|
||||
@ -1443,14 +1454,14 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
fprintf(jsonfile, "{\"name\":\"%s\",\"gen_name\":\"%s\","
|
||||
"\"optional\":%s,\"defval\":%s,\"type\":",
|
||||
m->name, m->gen_name, m->optional ? "true" : "false", defvalp);
|
||||
define_type(level + 1, namep, newbasename, t, m->type, FALSE, FALSE);
|
||||
define_type(level + 1, namep, newbasename, t, m->type, DEF_TYPE_EMIT_NAME);
|
||||
fprintf(jsonfile, "}%s", last_member_p(m));
|
||||
free (n);
|
||||
free (defval);
|
||||
} else {
|
||||
fprintf(jsonfile, "{\"name\":\"%s\",\"gen_name\":\"%s\","
|
||||
"\"optional\":false,\"type\":", m->name, m->gen_name);
|
||||
define_type(level + 1, m->gen_name, newbasename, t, m->type, FALSE, FALSE);
|
||||
define_type(level + 1, m->gen_name, newbasename, t, m->type, DEF_TYPE_EMIT_NAME);
|
||||
fprintf(jsonfile, "}%s", last_member_p(m));
|
||||
}
|
||||
}
|
||||
@ -1488,7 +1499,9 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
if (decorated)
|
||||
fprintf(jsonfile, "]");
|
||||
space(level);
|
||||
fprintf (headerfile, "} %s;\n", name);
|
||||
fprintf(headerfile, "}%s%s;\n",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? " " : "",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? name : "");
|
||||
free(deco.field_type);
|
||||
break;
|
||||
}
|
||||
@ -1497,7 +1510,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
Type i;
|
||||
struct range range = { 0, UINT_MAX };
|
||||
|
||||
getnewbasename(&newbasename, typedefp || level == 0, basename, name);
|
||||
getnewbasename(&newbasename, (opts & DEF_TYPE_TYPEDEFP) || level == 0, basename, name);
|
||||
|
||||
memset(&i, 0, sizeof(i));
|
||||
i.type = TInteger;
|
||||
@ -1507,11 +1520,13 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
fprintf (headerfile, "struct %s {\n", newbasename);
|
||||
fprintf(jsonfile, "\"ttype\":\"%s\",\"ctype\":\"struct %s\",\"members\":[",
|
||||
t->type == TSetOf ? "SET OF" : "SEQUENCE OF", newbasename);
|
||||
define_type(level + 1, "len", newbasename, t, &i, FALSE, FALSE);
|
||||
define_type(level + 1, "len", newbasename, t, &i, DEF_TYPE_NONE);
|
||||
fprintf(jsonfile, ",");
|
||||
define_type(level + 1, "*val", newbasename, t, t->subtype, FALSE, FALSE);
|
||||
define_type(level + 1, "*val", newbasename, t, t->subtype, DEF_TYPE_NONE | DEF_TYPE_EMIT_NAME);
|
||||
space(level);
|
||||
fprintf (headerfile, "} %s;\n", name);
|
||||
fprintf(headerfile, "}%s%s;\n",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? " " : "",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? name : "");
|
||||
fprintf(jsonfile, "]");
|
||||
break;
|
||||
}
|
||||
@ -1538,7 +1553,7 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
tagclassnames[t->tag.tagclass], t->tag.tagvalue,
|
||||
t->tag.tagenv == TE_EXPLICIT ? "EXPLICIT" : "IMPLICIT");
|
||||
fprintf(jsonfile, "\"ttype\":\n");
|
||||
define_type(level, name, basename, t, t->subtype, typedefp, preservep);
|
||||
define_type(level, name, basename, t, t->subtype, opts);
|
||||
break;
|
||||
case TChoice: {
|
||||
struct decoration deco;
|
||||
@ -1547,13 +1562,13 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
int first = 1;
|
||||
Member *m;
|
||||
|
||||
getnewbasename(&newbasename, typedefp || level == 0, basename, name);
|
||||
getnewbasename(&newbasename, (opts & DEF_TYPE_TYPEDEFP) || level == 0, basename, name);
|
||||
|
||||
space(level);
|
||||
fprintf (headerfile, "struct %s {\n", newbasename);
|
||||
fprintf(jsonfile, "\"ttype\":\"CHOICE\",\"ctype\":\"struct %s\"",
|
||||
newbasename);
|
||||
if (preservep) {
|
||||
if ((opts & DEF_TYPE_PRESERVE)) {
|
||||
space(level + 1);
|
||||
fprintf(headerfile, "heim_octet_string _save;\n");
|
||||
fprintf(jsonfile, ",\"preserve\":true");
|
||||
@ -1592,11 +1607,11 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
if (asprintf (&n, "*%s", m->gen_name) < 0 || n == NULL)
|
||||
errx(1, "malloc");
|
||||
fprintf(jsonfile, "{\"optional\":");
|
||||
define_type(level + 2, n, newbasename, t, m->type, FALSE, FALSE);
|
||||
define_type(level + 2, n, newbasename, t, m->type, DEF_TYPE_EMIT_NAME);
|
||||
fprintf(jsonfile, "}%s", last_member_p(m));
|
||||
free (n);
|
||||
} else {
|
||||
define_type(level + 2, m->gen_name, newbasename, t, m->type, FALSE, FALSE);
|
||||
define_type(level + 2, m->gen_name, newbasename, t, m->type, DEF_TYPE_EMIT_NAME);
|
||||
fprintf(jsonfile, "%s", last_member_p(m));
|
||||
}
|
||||
}
|
||||
@ -1634,7 +1649,9 @@ define_type(int level, const char *name, const char *basename, Type *pt, Type *t
|
||||
fprintf(jsonfile, "]");
|
||||
|
||||
space(level);
|
||||
fprintf (headerfile, "} %s;\n", name);
|
||||
fprintf(headerfile, "}%s%s;\n",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? " " : "",
|
||||
(opts & DEF_TYPE_EMIT_NAME) ? name : "");
|
||||
break;
|
||||
}
|
||||
case TUTCTime:
|
||||
@ -1699,8 +1716,10 @@ declare_type(const Symbol *s, Type *t, int typedefp)
|
||||
|
||||
switch (t->type) {
|
||||
case TType:
|
||||
define_type(0, s->gen_name, s->gen_name, NULL, s->type, TRUE, TRUE);
|
||||
if (template_flag)
|
||||
define_type(0, s->gen_name, s->gen_name, NULL, s->type,
|
||||
DEF_TYPE_PRESERVE | DEF_TYPE_TYPEDEFP |
|
||||
(s->emitted_declaration ? 0 : DEF_TYPE_EMIT_NAME));
|
||||
if (template_flag && !s->emitted_declaration)
|
||||
generate_template_type_forward(s->gen_name);
|
||||
emitted_declaration(s);
|
||||
return;
|
||||
@ -1721,14 +1740,17 @@ declare_type(const Symbol *s, Type *t, int typedefp)
|
||||
case TVisibleString:
|
||||
case TOID :
|
||||
case TNull:
|
||||
define_type(0, s->gen_name, s->gen_name, NULL, s->type, TRUE, TRUE);
|
||||
if (template_flag)
|
||||
define_type(0, s->gen_name, s->gen_name, NULL, s->type,
|
||||
DEF_TYPE_PRESERVE | DEF_TYPE_TYPEDEFP |
|
||||
(s->emitted_declaration ? 0 : DEF_TYPE_EMIT_NAME));
|
||||
if (template_flag && !s->emitted_declaration)
|
||||
generate_template_type_forward(s->gen_name);
|
||||
emitted_declaration(s);
|
||||
emitted_definition(s);
|
||||
return;
|
||||
case TTag:
|
||||
declare_type(s, t->subtype, FALSE);
|
||||
if (!s->emitted_declaration)
|
||||
declare_type(s, t->subtype, FALSE);
|
||||
emitted_declaration(s);
|
||||
return;
|
||||
default:
|
||||
@ -1903,10 +1925,13 @@ generate_type_header (const Symbol *s)
|
||||
* member fields are not OPTIONAL/DEFAULTed.
|
||||
*/
|
||||
generate_subtypes_header(s);
|
||||
fprintf(headerfile, "/*\n");
|
||||
fprintf(headerfile, "%s ::= ", s->name);
|
||||
define_asn1 (0, s->type);
|
||||
fprintf(headerfile, "\n*/\n\n");
|
||||
if (!s->emitted_asn1) {
|
||||
fprintf(headerfile, "/*\n");
|
||||
fprintf(headerfile, "%s ::= ", s->name);
|
||||
define_asn1 (0, s->type);
|
||||
fprintf(headerfile, "\n*/\n\n");
|
||||
emitted_asn1(s);
|
||||
}
|
||||
|
||||
/*
|
||||
* Emit enums for the outermost tag of this type. These are needed for
|
||||
@ -1963,9 +1988,22 @@ generate_type_header (const Symbol *s)
|
||||
fprintf(symsfile, "ASN1_SYM_TYPE(\"%s\", \"%s\", %s)\n",
|
||||
s->name, s->gen_name, s->gen_name);
|
||||
|
||||
fprintf(headerfile, "typedef ");
|
||||
define_type(0, s->gen_name, s->gen_name, NULL, s->type, TRUE,
|
||||
preserve_type(s->name) ? TRUE : FALSE);
|
||||
if (!s->emitted_declaration) {
|
||||
fprintf(headerfile, "typedef ");
|
||||
define_type(0, s->gen_name, s->gen_name, NULL, s->type,
|
||||
DEF_TYPE_TYPEDEFP | DEF_TYPE_EMIT_NAME |
|
||||
(preserve_type(s->name) ? DEF_TYPE_PRESERVE : 0));
|
||||
} else if (s->type->type == TType) {
|
||||
/* This is a type alias and we've already declared it */
|
||||
} else if (s->type->type == TTag &&
|
||||
s->type->subtype != NULL &&
|
||||
s->type->subtype->symbol != NULL) {
|
||||
/* This is a type alias and we've already declared it */
|
||||
} else {
|
||||
define_type(0, s->gen_name, s->gen_name, NULL, s->type,
|
||||
DEF_TYPE_TYPEDEFP |
|
||||
(preserve_type(s->name) ? DEF_TYPE_PRESERVE : 0));
|
||||
}
|
||||
fprintf(headerfile, "\n");
|
||||
|
||||
emitted_definition(s);
|
||||
|
6
third_party/heimdal/lib/asn1/symbol.c
vendored
6
third_party/heimdal/lib/asn1/symbol.c
vendored
@ -171,3 +171,9 @@ emitted_tag_enums(const Symbol *s)
|
||||
{
|
||||
((Symbol *)(uintptr_t)s)->emitted_tag_enums = 1;
|
||||
}
|
||||
|
||||
void
|
||||
emitted_asn1(const Symbol *s)
|
||||
{
|
||||
((Symbol *)(uintptr_t)s)->emitted_asn1 = 1;
|
||||
}
|
||||
|
2
third_party/heimdal/lib/asn1/symbol.h
vendored
2
third_party/heimdal/lib/asn1/symbol.h
vendored
@ -238,6 +238,7 @@ struct symbol {
|
||||
IOSObject *object;
|
||||
IOSObjectSet *objectset;
|
||||
HEIM_TAILQ_ENTRY(symbol) symlist;
|
||||
unsigned int emitted_asn1:1;
|
||||
unsigned int emitted_declaration:1;
|
||||
unsigned int emitted_definition:1;
|
||||
unsigned int emitted_tag_enums:1;
|
||||
@ -260,6 +261,7 @@ Symbol *getsym(char *name);
|
||||
void output_name (char *);
|
||||
int checkundefined(void);
|
||||
void generate_types(void);
|
||||
void emitted_asn1(const Symbol *);
|
||||
void emitted_declaration(const Symbol *);
|
||||
void emitted_definition(const Symbol *);
|
||||
void emitted_tag_enums(const Symbol *);
|
||||
|
2
third_party/heimdal/lib/hdb/hdb.h
vendored
2
third_party/heimdal/lib/hdb/hdb.h
vendored
@ -289,7 +289,7 @@ typedef struct HDB {
|
||||
/**
|
||||
* Check if resource-based constrained delegation (RBCD) is allowed.
|
||||
*/
|
||||
krb5_error_code (*hdb_check_rbcd)(krb5_context, struct HDB *, krb5_const_principal, krb5_const_principal, krb5_const_pac, const hdb_entry *);
|
||||
krb5_error_code (*hdb_check_rbcd)(krb5_context, struct HDB *, const hdb_entry *, const hdb_entry *, const hdb_entry *, const hdb_entry *, krb5_const_principal, krb5_const_pac, krb5_const_pac, const hdb_entry *);
|
||||
|
||||
/**
|
||||
* Check if this name is an alias for the supplied client for PKINIT userPrinicpalName logins
|
||||
|
6
third_party/heimdal/lib/krb5/pac.c
vendored
6
third_party/heimdal/lib/krb5/pac.c
vendored
@ -1249,7 +1249,7 @@ krb5_pac_verify(krb5_context context,
|
||||
/*
|
||||
* If we are in the KDC, we expect back a full signature in the PAC
|
||||
*
|
||||
* This is set up as a seperate variable to make it easier if a
|
||||
* This is set up as a separate variable to make it easier if a
|
||||
* subsequent patch is added to make this configurable in the
|
||||
* krb5.conf (or forced into the krb5_context via Samba)
|
||||
*/
|
||||
@ -1257,8 +1257,8 @@ krb5_pac_verify(krb5_context context,
|
||||
|
||||
/*
|
||||
* If we are on the KDC, then we trust we are not in a realm with
|
||||
* buggy Windows 2008 or similar era DCs that give our HMAC-MD5
|
||||
* sigatures over AES keys. DES is also already gone.
|
||||
* buggy Windows 2008 or similar era DCs that give out HMAC-MD5
|
||||
* signatures over AES keys. DES is also already gone.
|
||||
*/
|
||||
krb5_boolean strict_cksumtype_match = expect_full_sig;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user