sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-08 04:58:40 +03:00
Code

r1236: Heimdal fixes from Guenther Deschner <gd@sernet.de>, more to come before

Browse Source 
it compiles with Heimdal.
Jeremy.
(This used to be commit dd07278b892770ac51750b87a4ab902d4de3a960)
This commit is contained in:
Jeremy Allison 2004-06-24 05:56:44 +00:00 committed by Gerald (Jerry) Carter
parent 087868c499
commit 2b76b28932
5 changed files with 34 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
source3/configure.in
View File

@ -2737,6 +2737,8 @@ if test x"$with_ads_support" != x"no"; then
AC_CHECK_FUNC_EXT(krb5_free_data_contents, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_principal_get_comp_string, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_free_unparsed_name, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_free_keytab_entry_contents, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_kt_free_entry, $KRB5_LIBS)
LIBS="$LIBS $KRB5_LIBS"

21
source3/libads/kerberos_keytab.c
View File

@ -48,6 +48,9 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc)
char *principal = NULL;
char *princ_s = NULL;
char *password_s = NULL;
#ifndef MAX_KEYTAB_NAME_LEN
#define MAX_KEYTAB_NAME_LEN 1100
#endif
char keytab_name[MAX_KEYTAB_NAME_LEN]; /* This MAX_NAME_LEN is a constant defined in krb5.h */
fstring my_fqdn;
int i;
@ -163,7 +166,7 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc)
error_message(ret)));
goto out;
}
ret = krb5_free_keytab_entry_contents(context, &kt_entry);
ret = smb_krb5_kt_free_entry(context, &kt_entry);
ZERO_STRUCT(kt_entry);
if (ret) {
DEBUG(1,("ads_keytab_add_entry: krb5_kt_remove_entry failed (%s)\n",
@ -174,10 +177,10 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc)
}
/* Not a match, just free this entry and continue. */
ret = krb5_free_keytab_entry_contents(context, &kt_entry);
ret = smb_krb5_kt_free_entry(context, &kt_entry);
ZERO_STRUCT(kt_entry);
if (ret) {
DEBUG(1,("ads_keytab_add_entry: krb5_free_keytab_entry_contents failed (%s)\n", error_message(ret)));
DEBUG(1,("ads_keytab_add_entry: smb_krb5_kt_free_entry failed (%s)\n", error_message(ret)));
goto out;
}
}
@ -253,7 +256,7 @@ out:
krb5_keytab_entry zero_kt_entry;
ZERO_STRUCT(zero_kt_entry);
if (memcmp(&zero_kt_entry, &kt_entry, sizeof(krb5_keytab_entry))) {
krb5_free_keytab_entry_contents(context, &kt_entry);
smb_krb5_kt_free_entry(context, &kt_entry);
}
}
if (princ) {
@ -343,7 +346,7 @@ int ads_keytab_flush(ADS_STRUCT *ads)
DEBUG(1,("ads_keytab_flush: krb5_kt_start_seq failed (%s)\n",error_message(ret)));
goto out;
}
ret = krb5_free_keytab_entry_contents(context, &kt_entry);
ret = smb_krb5_kt_free_entry(context, &kt_entry);
ZERO_STRUCT(kt_entry);
if (ret) {
DEBUG(1,("ads_keytab_flush: krb5_kt_remove_entry failed (%s)\n",error_message(ret)));
@ -367,7 +370,7 @@ out:
krb5_keytab_entry zero_kt_entry;
ZERO_STRUCT(zero_kt_entry);
if (memcmp(&zero_kt_entry, &kt_entry, sizeof(krb5_keytab_entry))) {
krb5_free_keytab_entry_contents(context, &kt_entry);
smb_krb5_kt_free_entry(context, &kt_entry);
}
}
if (cursor && keytab) {
@ -434,7 +437,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
ret = krb5_kt_start_seq_get(context, keytab, &cursor);
if (ret != KRB5_KT_END && ret != ENOENT ) {
while ((ret = krb5_kt_next_entry(context, keytab, &kt_entry, &cursor)) == 0) {
krb5_free_keytab_entry_contents(context, &kt_entry);
smb_krb5_kt_free_entry(context, &kt_entry);
ZERO_STRUCT(kt_entry);
found++;
}
@ -496,7 +499,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
krb5_free_unparsed_name(context, ktprinc);
}
}
krb5_free_keytab_entry_contents(context, &kt_entry);
smb_krb5_kt_free_entry(context, &kt_entry);
ZERO_STRUCT(kt_entry);
}
for (i = 0; oldEntries[i]; i++) {
@ -515,7 +518,7 @@ done:
krb5_keytab_entry zero_kt_entry;
ZERO_STRUCT(zero_kt_entry);
if (memcmp(&zero_kt_entry, &kt_entry, sizeof(krb5_keytab_entry))) {
krb5_free_keytab_entry_contents(context, &kt_entry);
smb_krb5_kt_free_entry(context, &kt_entry);
}
}
if (cursor && keytab) {

8
source3/libads/kerberos_verify.c
View File

@ -64,7 +64,11 @@ static BOOL ads_keytab_verify_ticket(krb5_context context, krb5_auth_context aut
}
/* Look for a CIFS ticket */
if (!StrnCaseCmp(princ_name, "cifs/", 5)) {
#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK
krb5_auth_con_setuseruserkey(context, auth_context, &kt_entry.keyblock);
#else
krb5_auth_con_setuseruserkey(context, auth_context, &kt_entry.key);
#endif
p_packet->length = ticket->length;
p_packet->data = (krb5_pointer)ticket->data;
@ -73,7 +77,11 @@ static BOOL ads_keytab_verify_ticket(krb5_context context, krb5_auth_context aut
krb5_free_unparsed_name(context, princ_name);
princ_name = NULL;
DEBUG(10,("ads_keytab_verify_ticket: enc type [%u] decrypted message !\n",
#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK
(unsigned int) kt_entry.keyblock.keytype));
#else
(unsigned int) kt_entry.key.enctype));
#endif
auth_ok = True;
break;
}

11
source3/libsmb/clikrb5.c
View File

@ -473,6 +473,17 @@ failed:
}
#endif
krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry)
{
#if defined(HAVE_KRB5_KT_FREE_ENTRY)
return krb5_kt_free_entry(context, kt_entry);
#elif defined(HAVE_KRB5_FREE_KEYTAB_ENTRY_CONTENTS)
return krb5_free_keytab_entry_contents(context, kt_entry);
#else
#error UNKNOWN_KT_FREE_FUNCTION
#endif
}
#else /* HAVE_KRB5 */
/* this saves a few linking headaches */
int cli_krb5_get_ticket(const char *principal, time_t time_offset,

2
source3/script/mkproto.awk
View File

@ -132,7 +132,7 @@ END {
gotstart = 1;
}
if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE/ ) {
if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code/ ) {
gotstart = 1;
}