Makefile, password.c, includes.h: Added KRB4 patches from Johan Hedin <johanh@fusion.kth.se>

nmbd_packets.c: Patch for aliased interfaces from Daniel Haun <dhaun@ecf2.puc.edu>.
Jeremy.
(This used to be commit 60f6302b19)

source3/include/includes.h

@@ -299,9 +299,9 @@ typedef unsigned short mode_t;
 #include <rpcsvc/ypclnt.h>
 #include <termios.h>
 #include <sys/stropts.h>
-#ifndef USE_LIBDES
+#if !defined(USE_LIBDES) && !defined(KRB4_AUTH)
 #include <crypt.h>
-#endif /* USE_LIBDES */
+#endif /* !USE_LIBDES && !KRB4_AUTH */
 extern int gettimeofday (struct timeval *, void *);
 extern int gethostname (char *name, int namelen);
 extern int innetgr (const char *, const char *, const char *, const char *);
@@ -1140,6 +1140,10 @@ union semun {
 #include <krb5.h>
 #endif
 
+#ifdef KRB4_AUTH
+#include <krb.h>
+#endif
+
 #ifdef NO_UTIMBUF
 struct utimbuf {
   time_t actime;

source3/nmbd/nmbd_packets.c

@@ -58,6 +58,21 @@ static int find_subnet_fd_for_address( struct in_addr local_ip )
   return ClientNMB;
 }
 
+/***************************************************************************
+Utility function to find the specific fd to send a mailslot packet out on.
+**************************************************************************/
+
+static int find_subnet_mailslot_fd_for_address( struct in_addr local_ip )
+{
+  struct subnet_record *subrec;
+
+  for( subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec))
+    if(ip_equal(local_ip, subrec->myip))
+      return subrec->dgram_sock;
+
+  return ClientDGRAM;
+}
+
 /***************************************************************************
 Get/Set problematic nb_flags as network byte order 16 bit int.
 **************************************************************************/
@@ -1828,7 +1843,7 @@ BOOL send_mailslot(BOOL unique, char *mailslot,char *buf,int len,
 
   p.ip = dest_ip;
   p.port = DGRAM_PORT;
-  p.fd = ClientDGRAM;
+  p.fd = find_subnet_mailslot_fd_for_address( src_ip );
   p.timestamp = time(NULL);
   p.packet_type = DGRAM_PACKET;
 

source3/smbd/password.c

@@ -670,6 +670,32 @@ static BOOL krb5_auth(char *this_user,char *password)
 }
 #endif /* KRB5_AUTH */
 
+#ifdef KRB4_AUTH
+/*******************************************************************
+check on Kerberos authentication
+********************************************************************/
+static BOOL krb4_auth(char *this_user,char *password)
+{
+  char realm[REALM_SZ];
+  char tkfile[MAXPATHLEN];
+  
+  if (krb_get_lrealm(realm, 1) != KSUCCESS)
+    (void) strncpy(realm, KRB_REALM, sizeof (realm));
+  
+  (void) sprintf(tkfile, "/tmp/samba_tkt_%d", getpid());
+  
+  krb_set_tkt_string(tkfile);
+  if (krb_verify_user(this_user, "", realm,
+                     password, 0,
+                     "rmcd") == KSUCCESS) {
+    unlink(tkfile);
+    return 1;
+  }
+  unlink(tkfile);
+  return 0;
+}
+#endif /* KRB4_AUTH */
+
 #ifdef LINUX_BIGCRYPT
 /****************************************************************************
 an enhanced crypt for Linux to handle password longer than 8 characters
@@ -775,6 +801,10 @@ Hence we make a direct return to avoid a second chance!!!
   if (krb5_auth(this_user,password)) return(True);
 #endif
 
+#ifdef KRB4_AUTH
+  if (krb4_auth(this_user,password)) return(True);
+#endif
+
 #ifdef PWDAUTH
   if (pwdauth(this_user,password) == 0)
     return(True);