2025-01-10 01:18:15 +03:00 · 2012-05-21 18:25:28 +02:00 · 2012-05-21 18:25:28 +02:00 · 2b144531f1
commit 2b144531f1
parent 0a6e568344
5 changed files with 10 additions and 23 deletions
--- a/auth/kerberos/pac_utils.h
+++ b/auth/kerberos/pac_utils.h
@ -22,7 +22,7 @@
 #define _PAC_UTILS_H

 #include "lib/krb5_wrap/krb5_samba.h"
-#include "system/gssapi.h"
+#include "lib/krb5_wrap/gss_samba.h"

 struct PAC_SIGNATURE_DATA;
 struct PAC_DATA;
--- a/source3/include/smb_krb5.h
+++ b/source3/include/smb_krb5.h
@ -1 +1,2 @@
 #include "lib/krb5_wrap/krb5_samba.h"
+#include "lib/krb5_wrap/gss_samba.h"
--- a/source3/librpc/crypto/gse.c
+++ b/source3/librpc/crypto/gse.c
@ -57,24 +57,6 @@ struct gse_context {
 	gss_OID ret_mech;
 };

-#ifndef HAVE_GSS_OID_EQUAL
-
-static bool gss_oid_equal(const gss_OID o1, const gss_OID o2)
-{
-	if (o1 == o2) {
-		return true;
-	}
-	if ((o1 == NULL && o2 != NULL) || (o1 != NULL && o2 == NULL)) {
-		return false;
-	}
-	if (o1->length != o2->length) {
-		return false;
-	}
-	return memcmp(o1->elements, o2->elements, o1->length) == false;
-}
-
-#endif
-
 /* free non talloc dependent contexts */
 static int gse_context_destructor(void *ptr)
 {
@ -126,7 +108,8 @@ static int gse_context_destructor(void *ptr)
 	 * this code to EAP or other GSS mechanisms determines an
 	 * implementation-dependent way of releasing any dynamically
 	 * allocated OID */
-	SMB_ASSERT(gss_oid_equal(&gse_ctx->gss_mech, GSS_C_NO_OID) || gss_oid_equal(&gse_ctx->gss_mech, gss_mech_krb5));
+	SMB_ASSERT(smb_gss_oid_equal(&gse_ctx->gss_mech, GSS_C_NO_OID) ||
+		   smb_gss_oid_equal(&gse_ctx->gss_mech, gss_mech_krb5));

 	return 0;
 }
@ -994,7 +977,7 @@ static bool gensec_gse_have_feature(struct gensec_security *gensec_security,
 	}
 	if (feature & GENSEC_FEATURE_SESSION_KEY) {
 		/* Only for GSE/Krb5 */
-		if (gss_oid_equal(gse_ctx->ret_mech, gss_mech_krb5)) {
+		if (smb_gss_oid_equal(gse_ctx->ret_mech, gss_mech_krb5)) {
 			return true;
 		}
 	}
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@ -612,7 +612,8 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
 					  gssapi_error_string(out_mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
 			}
 			return NT_STATUS_INVALID_PARAMETER;
-		} else if (gss_oid_equal(gensec_gssapi_state->gss_oid, gss_mech_krb5)) {
+		} else if (smb_gss_oid_equal(gensec_gssapi_state->gss_oid,
+					     gss_mech_krb5)) {
 			switch (min_stat) {
 			case KRB5KRB_AP_ERR_TKT_NYV:
 				DEBUG(1, ("Error with ticket to contact %s: possible clock skew between us and the KDC or target server: %s\n",
@ -1225,7 +1226,8 @@ static bool gensec_gssapi_have_feature(struct gensec_security *gensec_security,
 	}
 	if (feature & GENSEC_FEATURE_SESSION_KEY) {
 		/* Only for GSSAPI/Krb5 */
-		if (gss_oid_equal(gensec_gssapi_state->gss_oid, gss_mech_krb5)) {
+		if (smb_gss_oid_equal(gensec_gssapi_state->gss_oid,
+				      gss_mech_krb5)) {
 			return true;
 		}
 	}
--- a/source4/auth/kerberos/kerberos.h
+++ b/source4/auth/kerberos/kerberos.h
@ -27,6 +27,7 @@
 #include "auth/kerberos/krb5_init_context.h"
 #include "librpc/gen_ndr/krb5pac.h"
 #include "lib/krb5_wrap/krb5_samba.h"
+#include "lib/krb5_wrap/gss_samba.h"

 struct auth_user_info_dc;
 struct cli_credentials;