mirror of
https://github.com/samba-team/samba.git
synced 2025-01-10 01:18:15 +03:00
krb5_wrap: Move unwrap_edata_ntstatus() and make it static
This also removes the asn1util dependency from krb5_wrap and moves it to libads which is the only user. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andreas Schneider
Andrew Bartlett
parent
3a4eaa00b6
commit
381ebd4af5
@ -23,7 +23,6 @@
|
||||
#include "includes.h"
|
||||
#include "system/filesys.h"
|
||||
#include "krb5_samba.h"
|
||||
#include "lib/util/asn1.h"
|
||||
|
||||
#ifdef HAVE_COM_ERR_H
|
||||
#include <com_err.h>
|
||||
@ -386,53 +385,6 @@ krb5_error_code smb_krb5_get_allowed_etypes(krb5_context context,
|
||||
#error UNKNOWN_GET_ENCTYPES_FUNCTIONS
|
||||
#endif
|
||||
|
||||
bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
|
||||
DATA_BLOB *edata,
|
||||
DATA_BLOB *edata_out)
|
||||
{
|
||||
DATA_BLOB edata_contents;
|
||||
ASN1_DATA *data;
|
||||
int edata_type;
|
||||
|
||||
if (!edata->length) {
|
||||
return false;
|
||||
}
|
||||
|
||||
data = asn1_init(mem_ctx);
|
||||
if (data == NULL) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!asn1_load(data, *edata)) goto err;
|
||||
if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto err;
|
||||
if (!asn1_start_tag(data, ASN1_CONTEXT(1))) goto err;
|
||||
if (!asn1_read_Integer(data, &edata_type)) goto err;
|
||||
|
||||
if (edata_type != KRB5_PADATA_PW_SALT) {
|
||||
DEBUG(0,("edata is not of required type %d but of type %d\n",
|
||||
KRB5_PADATA_PW_SALT, edata_type));
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!asn1_start_tag(data, ASN1_CONTEXT(2))) goto err;
|
||||
if (!asn1_read_OctetString(data, talloc_tos(), &edata_contents)) goto err;
|
||||
if (!asn1_end_tag(data)) goto err;
|
||||
if (!asn1_end_tag(data)) goto err;
|
||||
if (!asn1_end_tag(data)) goto err;
|
||||
asn1_free(data);
|
||||
|
||||
*edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length);
|
||||
|
||||
data_blob_free(&edata_contents);
|
||||
|
||||
return true;
|
||||
|
||||
err:
|
||||
|
||||
asn1_free(data);
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @brief Convert a string principal name to a Kerberos principal.
|
||||
|
||||
@ -321,11 +321,6 @@ char *smb_get_krb5_error_message(krb5_context context,
|
||||
krb5_error_code code,
|
||||
TALLOC_CTX *mem_ctx);
|
||||
|
||||
bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
|
||||
DATA_BLOB *edata,
|
||||
DATA_BLOB *edata_out);
|
||||
|
||||
|
||||
krb5_error_code kt_copy(krb5_context context,
|
||||
const char *from,
|
||||
const char *to);
|
||||
|
||||
@ -6,6 +6,6 @@ if bld.CONFIG_SET('SAMBA4_USES_HEIMDAL'):
|
||||
|
||||
bld.SAMBA_LIBRARY('krb5samba',
|
||||
source='krb5_samba.c gss_samba.c keytab_util.c enctype_convert.c',
|
||||
deps='samba-util asn1util talloc krb5 com_err gssapi' + add_deps,
|
||||
deps='samba-util talloc krb5 com_err gssapi' + add_deps,
|
||||
private_library=True
|
||||
)
|
||||
|
||||
@ -29,6 +29,7 @@
|
||||
#include "libads/cldap.h"
|
||||
#include "secrets.h"
|
||||
#include "../lib/tsocket/tsocket.h"
|
||||
#include "lib/util/asn1.h"
|
||||
|
||||
#ifdef HAVE_KRB5
|
||||
|
||||
@ -98,6 +99,53 @@ kerb_prompter(krb5_context ctx, void *data,
|
||||
return 0;
|
||||
}
|
||||
|
||||
static bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
|
||||
DATA_BLOB *edata,
|
||||
DATA_BLOB *edata_out)
|
||||
{
|
||||
DATA_BLOB edata_contents;
|
||||
ASN1_DATA *data;
|
||||
int edata_type;
|
||||
|
||||
if (!edata->length) {
|
||||
return false;
|
||||
}
|
||||
|
||||
data = asn1_init(mem_ctx);
|
||||
if (data == NULL) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!asn1_load(data, *edata)) goto err;
|
||||
if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto err;
|
||||
if (!asn1_start_tag(data, ASN1_CONTEXT(1))) goto err;
|
||||
if (!asn1_read_Integer(data, &edata_type)) goto err;
|
||||
|
||||
if (edata_type != KRB5_PADATA_PW_SALT) {
|
||||
DEBUG(0,("edata is not of required type %d but of type %d\n",
|
||||
KRB5_PADATA_PW_SALT, edata_type));
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!asn1_start_tag(data, ASN1_CONTEXT(2))) goto err;
|
||||
if (!asn1_read_OctetString(data, talloc_tos(), &edata_contents)) goto err;
|
||||
if (!asn1_end_tag(data)) goto err;
|
||||
if (!asn1_end_tag(data)) goto err;
|
||||
if (!asn1_end_tag(data)) goto err;
|
||||
asn1_free(data);
|
||||
|
||||
*edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length);
|
||||
|
||||
data_blob_free(&edata_contents);
|
||||
|
||||
return true;
|
||||
|
||||
err:
|
||||
|
||||
asn1_free(data);
|
||||
return false;
|
||||
}
|
||||
|
||||
static bool smb_krb5_get_ntstatus_from_krb5_error(krb5_error *error,
|
||||
NTSTATUS *nt_status)
|
||||
{
|
||||
|
||||
@ -246,7 +246,7 @@ bld.SAMBA3_LIBRARY('util_cmdline',
|
||||
|
||||
bld.SAMBA3_SUBSYSTEM('KRBCLIENT',
|
||||
source='libads/kerberos.c libads/ads_status.c',
|
||||
public_deps='krb5samba k5crypto gssapi LIBTSOCKET CLDAP LIBNMB')
|
||||
public_deps='krb5samba asn1util k5crypto gssapi LIBTSOCKET CLDAP LIBNMB')
|
||||
|
||||
bld.SAMBA3_SUBSYSTEM('samba3util',
|
||||
source='''lib/system.c
|
||||
|
||||
Loading…
Reference in New Issue
Block a user