sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

s3-build: Rework object lists to allow gse gensec module

Browse Source 
This also allows the spnego_parse_krb5_wrap() function to be shared.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Andrew Bartlett 2012-01-03 00:52:06 +01:00 committed by Stefan Metzmacher
parent cbd8231e34
commit 60e1aa701c
3 changed files with 40 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
source3/Makefile.in
View File

@ -555,9 +555,12 @@ LIBSMB_OBJ0 = \
../lib/util/asn1.o \
../libcli/auth/spnego_parse.o \
../libcli/auth/ntlm_check.o \
../libcli/auth/krb5_wrap.o \
libsmb/ntlmssp.o \
libsmb/ntlmssp_wrap.o \
libsmb/auth_generic.o \
libsmb/clikrb5.o \
libsmb/clispnego.o \
../auth/gensec/gensec.o \
../auth/gensec/gensec_start.o \
../auth/gensec/gensec_util.o \
@ -594,7 +597,6 @@ SCHANNEL_OBJ = ../libcli/auth/credentials.o \
$(LIBNDR_SCHANNEL_OBJ)
LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
libsmb/clikrb5.o ../libcli/auth/krb5_wrap.o libsmb/clispnego.o \
libsmb/reparse_symlink.o \
libsmb/clisymlink.o \
libsmb/clirap.o libsmb/clierror.o libsmb/climessage.o \
@ -1015,7 +1017,7 @@ NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(PROFILE_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \
$(LIBNDR_GEN_OBJ0)
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
SWAT_OBJ1 = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \
web/swat.o web/neg_lang.o
@ -1067,10 +1069,10 @@ SMBPASSWD_OBJ = utils/smbpasswd.o $(PASSWD_UTIL_OBJ) $(PASSCHANGE_OBJ) \
rpc_client/init_lsa.o
PDBEDIT_OBJ = utils/pdbedit.o $(PASSWD_UTIL_OBJ) $(PARAM_OBJ) $(PASSDB_OBJ) \
$(LIBSAMBA_OBJ) \
$(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(AFS_SETTOKEN_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) \
$(LIB_NONSMBD_OBJ) $(GROUPDB_OBJ) \
$(LIBCLI_LDAP_NDR_OBJ) \
$(DRSUAPI_OBJ) $(LIBNDR_GEN_OBJ0) \
$(POPT_LIB_OBJ) $(SMBLDAP_OBJ)
SMBGET_OBJ = utils/smbget.o $(POPT_LIB_OBJ) $(LIBSMBCLIENT_OBJ1)
@ -1246,8 +1248,8 @@ NET_OBJ = $(NET_OBJ1) \
$(LIB_EVENTLOG_OBJ)
CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) \
$(LIBNDR_GEN_OBJ0)
$(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) \
$(AFS_SETTOKEN_OBJ) $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(LIBNMB_OBJ) \
$(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) $(LIBSMB_ERR_OBJ)
@ -1277,23 +1279,23 @@ SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) $(TLDAP_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(LIBCLI_ECHO_OBJ)
MASKTEST_OBJ = torture/masktest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(LIB_NONSMBD_OBJ) \
$(LIBNDR_GEN_OBJ0)
$(LIB_NONSMBD_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
MSGTEST_OBJ = torture/msgtest.o $(PARAM_OBJ) $(LIBSMB_ERR_OBJ) \
$(LIB_NONSMBD_OBJ) \
$(LIBNDR_GEN_OBJ0)
LOCKTEST_OBJ = torture/locktest.o $(PARAM_OBJ) $(LOCKING_OBJ) $(KRBCLIENT_OBJ) \
$(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) \
$(LIBNDR_GEN_OBJ0) $(FNAME_UTIL_OBJ)
$(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(FNAME_UTIL_OBJ)
NSSTEST_OBJ = ../nsswitch/nsstest.o $(LIBSAMBAUTIL_OBJ)
PDBTEST_OBJ = torture/pdbtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(LIB_NONSMBD_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
$(SMBLDAP_OBJ) $(POPT_LIB_OBJ) \
$(LIBNDR_GEN_OBJ0)
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
VFSTEST_OBJ = torture/cmd_vfs.o torture/vfstest.o $(SMBD_OBJ_BASE) $(READLINE_OBJ)
@ -1301,7 +1303,7 @@ LOG2PCAP_OBJ = utils/log2pcaphex.o
LOCKTEST2_OBJ = torture/locktest2.o $(PARAM_OBJ) $(LOCKING_OBJ) $(LIBSMB_OBJ) \
$(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) \
$(LIBNDR_GEN_OBJ0) $(FNAME_UTIL_OBJ)
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(FNAME_UTIL_OBJ)
SMBCACLS_OBJ = utils/smbcacls.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) \
@ -1341,8 +1343,8 @@ REPLACETORT_OBJ = @libreplacedir@/test/testsuite.o \
DEBUG2HTML_OBJ = utils/debug2html.o utils/debugparse.o
SMBFILTER_OBJ = utils/smbfilter.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) \
$(LIBNDR_GEN_OBJ0)
$(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
WINBIND_WINS_NSS_OBJ = ../nsswitch/wins.o $(PARAM_OBJ) \
$(LIB_NONSMBD_OBJ) $(LIBSMB_ERR_OBJ) $(LIBNMB_OBJ)
@ -1350,8 +1352,10 @@ WINBIND_WINS_NSS_OBJ = ../nsswitch/wins.o $(PARAM_OBJ) \
PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \
pam_smbpass/pam_smb_acct.o pam_smbpass/support.o
PAM_SMBPASS_OBJ = $(PAM_SMBPASS_OBJ_0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
$(SMBLDAP_OBJ) $(LIBSAMBA_OBJ) \
$(DRSUAPI_OBJ) $(LIBNDR_GEN_OBJ0) \
$(SMBLDAP_OBJ) \
$(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(AFS_SETTOKEN_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) \
$(PAM_ERRORS_OBJ)
IDMAP_RW_OBJ = winbindd/idmap_rw.o
@ -1494,9 +1498,10 @@ WINBINDD_OBJ = \
rpc_client/init_samr.o \
$(PAM_ERRORS_OBJ)
WBINFO_OBJ = ../nsswitch/wbinfo.o $(LIBSAMBA_OBJ) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \
WBINFO_OBJ = ../nsswitch/wbinfo.o $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \
$(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(POPT_LIB_OBJ) $(AFS_SETTOKEN_OBJ) \
lib/winbind_util.o $(WBCOMMON_OBJ)
lib/winbind_util.o $(WBCOMMON_OBJ) $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
WINBIND_NSS_OBJ = $(WBCOMMON_OBJ) $(LIBREPLACE_OBJ) @WINBIND_NSS_EXTRA_OBJS@
@ -1527,17 +1532,15 @@ TDBTORTURE_OBJ = @tdbdir@/tools/tdbtorture.o $(LIBREPLACE_OBJ) \
NTLM_AUTH_OBJ1 = utils/ntlm_auth.o utils/ntlm_auth_diagnostics.o
NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ) \
libsmb/clikrb5.o ../libcli/auth/krb5_wrap.o libads/kerberos.o \
NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} \
libsmb/samlogon_cache.o \
$(LIBADS_SERVER_OBJ) \
$(PASSDB_OBJ) $(GROUPDB_OBJ) \
$(SMBLDAP_OBJ) $(LIBNMB_OBJ) \
$(WBCOMMON_OBJ) \
$(LIBNBT_OBJ) \
$(CLDAP_OBJ) \
$(DRSUAPI_OBJ) \
$(LIBNDR_GEN_OBJ0) $(LIBNDR_NETLOGON_OBJ) @BUILD_INIPARSER@
$(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(AFS_SETTOKEN_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) \
$(POPT_LIB_OBJ) $(SMBLDAP_OBJ) @BUILD_INIPARSER@
VLP_OBJ = printing/tests/vlp.o \
@ -3144,10 +3147,10 @@ bin/ntlm_auth@EXEEXT@: $(BINARY_PREREQS) $(NTLM_AUTH_OBJ) $(PARAM_OBJ) \
$(POPT_LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \
$(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS) @INIPARSERLIBS@
bin/pam_smbpass.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_SMBPASS_OBJ) $(LIBCLI_LDAP_NDR_OBJ) $(LIBTALLOC) $(LIBWBCLIENT) $(LIBTDB)
bin/pam_smbpass.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_SMBPASS_OBJ) $(LIBTALLOC) $(LIBWBCLIENT) $(LIBTDB)
@echo "Linking shared library $@"
@$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) $(LIBCLI_LDAP_NDR_OBJ) -lpam $(DYNEXP) \
$(LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(ZLIB_LIBS) \
@$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) -lpam $(DYNEXP) \
$(LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(KRB5LIBS) $(ZLIB_LIBS) \
$(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS)
bin/tdbbackup@EXEEXT@: $(BINARY_PREREQS) $(TDBBACKUP_OBJ) $(LIBTALLOC) $(LIBTDB)

39
source3/utils/ntlm_auth.c
View File

@ -1232,45 +1232,6 @@ static void offer_gss_spnego_mechs(void) {
return;
}
bool spnego_parse_krb5_wrap(TALLOC_CTX *ctx, DATA_BLOB blob, DATA_BLOB *ticket, uint8 tok_id[2])
{
bool ret;
ASN1_DATA *data;
int data_remaining;
data = asn1_init(talloc_tos());
if (data == NULL) {
return false;
}
asn1_load(data, blob);
asn1_start_tag(data, ASN1_APPLICATION(0));
asn1_check_OID(data, OID_KERBEROS5);
data_remaining = asn1_tag_remaining(data);
if (data_remaining < 3) {
data->has_error = True;
} else {
asn1_read(data, tok_id, 2);
data_remaining -= 2;
*ticket = data_blob_talloc(ctx, NULL, data_remaining);
asn1_read(data, ticket->data, ticket->length);
}
asn1_end_tag(data);
ret = !data->has_error;
if (data->has_error) {
data_blob_free(ticket);
}
asn1_free(data);
return ret;
}
static void manage_gss_spnego_request(struct ntlm_auth_state *state,
char *buf, int length)
{

13
source3/wscript_build
View File

@ -147,8 +147,6 @@ LIBSMB_SRC = '''libsmb/clientgen.c libsmb/cliconnect.c libsmb/clifile.c
LIBMSRPC_SRC = '''
rpc_client/cli_pipe.c
librpc/crypto/gse_krb5.c
librpc/crypto/gse.c
librpc/crypto/cli_spnego.c
librpc/rpc/rpc_common.c
rpc_client/rpc_transport_np.c
@ -688,11 +686,16 @@ bld.SAMBA3_LIBRARY('nss_wins',
realname='libnss_wins.so.2',
vnum='2')
bld.SAMBA3_LIBRARY('gse',
source='librpc/crypto/gse_krb5.c librpc/crypto/gse.c',
deps='KRB5_WRAP gensec param KRBCLIENT SECRETS3',
private_library=True)
bld.SAMBA3_LIBRARY('msrpc3',
source='${LIBMSRPC_SRC}',
deps='''ndr ndr-standard
RPC_NDR_EPMAPPER NTLMSSP_COMMON COMMON_SCHANNEL LIBCLI_AUTH
LIBTSOCKET KRB5_WRAP dcerpc-binding
LIBTSOCKET gse dcerpc-binding
libsmb''',
vars=locals(),
private_library=True)
@ -801,7 +804,7 @@ bld.SAMBA3_LIBRARY('util_cmdline',
bld.SAMBA3_SUBSYSTEM('KRBCLIENT',
source=KRBCLIENT_SRC,
public_deps='KRB5_WRAP k5crypto LIBTSOCKET CLDAP',
public_deps='KRB5_WRAP k5crypto LIBTSOCKET CLDAP LIBNMB',
vars=locals())
bld.SAMBA3_SUBSYSTEM('samba3util',
@ -1379,7 +1382,7 @@ bld.SAMBA3_BINARY('ntlm_auth' + bld.env.suffix3,
deps='''tdb_compat talloc cap KRB5_WRAP k5crypto wbclient param smbd_shim
samba3core LIBNTLMSSP popt_samba3 asn1util LIBTSOCKET
pdb winbind-client LIBINIPARSER LIBADS_SERVER
NDR_SAMR NDR_LSA NDR_NETLOGON cli-ldap-common LIBNMB SLCACHE SPNEGO_PARSE KRBCLIENT''',
NDR_SAMR NDR_LSA NDR_NETLOGON cli-ldap-common LIBNMB SLCACHE SPNEGO_PARSE KRBCLIENT libsmb''',
vars=locals())
bld.SAMBA3_BINARY('timelimit',