Ok, I know it's a language thing and it shouldn't matter.... but a kerberos

name is a "principal", not a principle. English majors will complain :-).
Jeremy.
(This used to be commit b668d7d656cdd066820fb8044f24bcd4fda29524)

source3/bin/.cvsignore

@@ -7,6 +7,7 @@ make_smbcodepage
 make_unicodemap
 masktest
 msgtest
+net
 nmbd
 nmblookup
 pdbedit

source3/libsmb/cliconnect.c

@@ -383,14 +383,14 @@ static DATA_BLOB cli_session_setup_blob(struct cli_state *cli, DATA_BLOB blob)
 /****************************************************************************
 do a spnego/kerberos encrypted session setup
 ****************************************************************************/
-static BOOL cli_session_setup_kerberos(struct cli_state *cli, char *principle, char *workgroup)
+static BOOL cli_session_setup_kerberos(struct cli_state *cli, char *principal, char *workgroup)
 {
 	DATA_BLOB blob2, negTokenTarg;
 
 	d_printf("Doing kerberos session setup\n");
 
 	/* generate the encapsulated kerberos5 ticket */
-	negTokenTarg = spnego_gen_negTokenTarg(cli, principle);
+	negTokenTarg = spnego_gen_negTokenTarg(cli, principal);
 
 	if (!negTokenTarg.data) return False;
 
@@ -505,7 +505,7 @@ do a spnego encrypted session setup
 static BOOL cli_session_setup_spnego(struct cli_state *cli, char *user, 
 				     char *pass, char *workgroup)
 {
-	char *principle;
+	char *principal;
 	char *OIDs[ASN1_MAX_OIDS];
 	uint8 guid[16];
 	int i;
@@ -525,7 +525,7 @@ static BOOL cli_session_setup_spnego(struct cli_state *cli, char *user,
 
 	/* the server sent us the first part of the SPNEGO exchange in the negprot 
 	   reply */
-	if (!spnego_parse_negTokenInit(cli->secblob, guid, OIDs, &principle)) {
+	if (!spnego_parse_negTokenInit(cli->secblob, guid, OIDs, &principal)) {
 		return False;
 	}
 
@@ -538,17 +538,17 @@ static BOOL cli_session_setup_spnego(struct cli_state *cli, char *user,
 		}
 		free(OIDs[i]);
 	}
-	DEBUG(3,("got principle=%s\n", principle));
+	DEBUG(3,("got principal=%s\n", principal));
 
 	fstrcpy(cli->user_name, user);
 
 #if HAVE_KRB5
 	if (got_kerberos_mechanism && cli->use_kerberos) {
-		return cli_session_setup_kerberos(cli, principle, workgroup);
+		return cli_session_setup_kerberos(cli, principal, workgroup);
 	}
 #endif
 
-	free(principle);
+	free(principal);
 
 ntlmssp:
 

source3/libsmb/clikrb5.c

@@ -28,7 +28,7 @@
 static krb5_error_code krb5_mk_req2(krb5_context context, 
 				    krb5_auth_context *auth_context, 
 				    const krb5_flags ap_req_options,
-				    const char *principle,
+				    const char *principal,
 				    krb5_ccache ccache, 
 				    krb5_data *outbuf)
 {
@@ -38,9 +38,9 @@ static krb5_error_code krb5_mk_req2(krb5_context context,
 	krb5_creds 		  creds;
 	krb5_data in_data;
 	
-	retval = krb5_parse_name(context, principle, &server);
+	retval = krb5_parse_name(context, principal, &server);
 	if (retval) {
-		DEBUG(1,("Failed to parse principle %s\n", principle));
+		DEBUG(1,("Failed to parse principal %s\n", principal));
 		return retval;
 	}
 	
@@ -87,7 +87,7 @@ cleanup_princ:
 /*
   get a kerberos5 ticket for the given service 
 */
-DATA_BLOB krb5_get_ticket(char *principle)
+DATA_BLOB krb5_get_ticket(char *principal)
 {
 	krb5_error_code retval;
 	krb5_data packet;
@@ -112,7 +112,7 @@ DATA_BLOB krb5_get_ticket(char *principle)
 	if ((retval = krb5_mk_req2(context, 
 				   &auth_context, 
 				   0, 
-				   principle,
+				   principal,
 				   ccdef, &packet))) {
 		goto failed;
 	}
@@ -131,7 +131,7 @@ failed:
 
 #else /* HAVE_KRB5 */
  /* this saves a few linking headaches */
- DATA_BLOB krb5_get_ticket(char *principle)
+ DATA_BLOB krb5_get_ticket(char *principal)
  {
 	 DEBUG(0,("NO KERBEROS SUPPORT\n"));
 	 return data_blob(NULL, 0);

source3/libsmb/clispnego.c

@@ -23,11 +23,11 @@
 
 /*
   generate a negTokenInit packet given a GUID, a list of supported
-  OIDs (the mechanisms) and a principle name string 
+  OIDs (the mechanisms) and a principal name string 
 */
 DATA_BLOB spnego_gen_negTokenInit(uint8 guid[16], 
 				  const char *OIDs[], 
-				  const char *principle)
+				  const char *principal)
 {
 	int i;
 	ASN1_DATA data;
@@ -52,7 +52,7 @@ DATA_BLOB spnego_gen_negTokenInit(uint8 guid[16],
 	asn1_push_tag(&data, ASN1_CONTEXT(3));
 	asn1_push_tag(&data, ASN1_SEQUENCE(0));
 	asn1_push_tag(&data, ASN1_CONTEXT(0));
-	asn1_write_GeneralString(&data,principle);
+	asn1_write_GeneralString(&data,principal);
 	asn1_pop_tag(&data);
 	asn1_pop_tag(&data);
 	asn1_pop_tag(&data);
@@ -76,12 +76,12 @@ DATA_BLOB spnego_gen_negTokenInit(uint8 guid[16],
 
 /*
   parse a negTokenInit packet giving a GUID, a list of supported
-  OIDs (the mechanisms) and a principle name string 
+  OIDs (the mechanisms) and a principal name string 
 */
 BOOL spnego_parse_negTokenInit(DATA_BLOB blob,
 			       uint8 guid[16], 
 			       char *OIDs[ASN1_MAX_OIDS], 
-			       char **principle)
+			       char **principal)
 {
 	int i;
 	BOOL ret;
@@ -109,7 +109,7 @@ BOOL spnego_parse_negTokenInit(DATA_BLOB blob,
 	asn1_start_tag(&data, ASN1_CONTEXT(3));
 	asn1_start_tag(&data, ASN1_SEQUENCE(0));
 	asn1_start_tag(&data, ASN1_CONTEXT(0));
-	asn1_read_GeneralString(&data,principle);
+	asn1_read_GeneralString(&data,principal);
 	asn1_end_tag(&data);
 	asn1_end_tag(&data);
 	asn1_end_tag(&data);
@@ -269,13 +269,13 @@ BOOL spnego_parse_krb5_wrap(DATA_BLOB blob, DATA_BLOB *ticket)
    generate a SPNEGO negTokenTarg packet, ready for a EXTENDED_SECURITY
    kerberos session setup 
 */
-DATA_BLOB spnego_gen_negTokenTarg(struct cli_state *cli, char *principle)
+DATA_BLOB spnego_gen_negTokenTarg(struct cli_state *cli, char *principal)
 {
 	DATA_BLOB tkt, tkt_wrapped, targ;
 	const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_NTLMSSP, NULL};
 
 	/* get a kerberos ticket for the service */
-	tkt = krb5_get_ticket(principle);
+	tkt = krb5_get_ticket(principal);
 
 	/* wrap that up in a nice GSS-API wrapping */
 	tkt_wrapped = spnego_gen_krb5_wrap(tkt);

source3/smbd/negprot.c

@@ -166,7 +166,7 @@ static int negprot_spnego(char *p, uint8 cryptkey[8])
 	const char *OIDs[] = {OID_NTLMSSP,
 			      OID_KERBEROS5,
 			      NULL};
-	char *principle;
+	char *principal;
 	int len;
 
 	memset(guid, 0, 16);
@@ -175,9 +175,9 @@ static int negprot_spnego(char *p, uint8 cryptkey[8])
 
 	/* win2000 uses host$@REALM, which we will probably use eventually,
 	   but for now this works */
-	asprintf(&principle, "HOST/%s@%s", guid, lp_realm());
-	blob = spnego_gen_negTokenInit(guid, OIDs, principle);
-	free(principle);
+	asprintf(&principal, "HOST/%s@%s", guid, lp_realm());
+	blob = spnego_gen_negTokenInit(guid, OIDs, principal);
+	free(principal);
 
 	memcpy(p, blob.data, blob.length);
 	len = blob.length;

source3/smbd/sesssetup.c

@@ -41,7 +41,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 	int ret;
 	char *realm, *client, *p;
 	fstring hostname;
-	char *principle;
+	char *principal;
 	extern pstring global_myname;
 	const struct passwd *pw;
 	char *user;
@@ -58,7 +58,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 
 	fstrcpy(hostname, global_myname);
 	strlower(hostname);
-	asprintf(&principle, "HOST/%s@%s", hostname, realm);
+	asprintf(&principal, "HOST/%s@%s", hostname, realm);
 	
 	ret = krb5_init_context(&context);
 	if (ret) {
@@ -66,14 +66,14 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
 
-	ret = krb5_parse_name(context, principle, &server);
+	ret = krb5_parse_name(context, principal, &server);
 	if (ret) {
 		DEBUG(1,("krb5_parse_name(%s) failed (%s)\n", 
-			 principle, error_message(ret)));
+			 principal, error_message(ret)));
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
 
-	free(principle);
+	free(principal);
 
 	packet.length = ticket.length;
 	packet.data = (krb5_pointer)ticket.data;
@@ -96,7 +96,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 
 	p = strchr_m(client, '@');
 	if (!p) {
-		DEBUG(3,("Doesn't look like a valid principle\n"));
+		DEBUG(3,("Doesn't look like a valid principal\n"));
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}