2025-03-30 06:50:24 +03:00 · 2011-04-20 17:39:50 +10:00 · 2011-04-20 17:39:50 +10:00 · e04bab4a19
commit e04bab4a19
parent e81ea8a291
6 changed files with 54 additions and 48 deletions
--- a/lib/replace/system/kerberos.h
+++ b/lib/replace/system/kerberos.h
@ -37,5 +37,15 @@
 #include <com_err.h>
 #endif

+#if HAVE_GSSAPI_GSSAPI_H
+#include <gssapi/gssapi.h>
+#elif HAVE_GSSAPI_GSSAPI_GENERIC_H
+#include <gssapi/gssapi_generic.h>
+#elif HAVE_GSSAPI_H
+#include <gssapi.h>
+#endif
+
+#include <gssapi/gssapi_krb5.h>
+
 #endif
 #endif
--- a/libcli/auth/krb5_wrap.c
+++ b/libcli/auth/krb5_wrap.c
@ -5,6 +5,7 @@
   Copyright (C) Luke Howard 2002-2003
   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2011
   Copyright (C) Guenther Deschner 2005-2009
+   Copyright (C) Simo Sorce 2010.

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@ -307,6 +308,44 @@ krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
 	return ret;
 }

+char *gssapi_error_string(TALLOC_CTX *mem_ctx, 
+			  OM_uint32 maj_stat, OM_uint32 min_stat, 
+			  const gss_OID mech)
+{
+	OM_uint32 disp_min_stat, disp_maj_stat;
+	gss_buffer_desc maj_error_message;
+	gss_buffer_desc min_error_message;
+	char *maj_error_string, *min_error_string;
+	OM_uint32 msg_ctx = 0;
+
+	char *ret;
+
+	maj_error_message.value = NULL;
+	min_error_message.value = NULL;
+	maj_error_message.length = 0;
+	min_error_message.length = 0;
+	
+	disp_maj_stat = gss_display_status(&disp_min_stat, maj_stat, GSS_C_GSS_CODE,
+			   mech, &msg_ctx, &maj_error_message);
+	disp_maj_stat = gss_display_status(&disp_min_stat, min_stat, GSS_C_MECH_CODE,
+			   mech, &msg_ctx, &min_error_message);
+	
+	maj_error_string = talloc_strndup(mem_ctx, (char *)maj_error_message.value, maj_error_message.length);
+
+	min_error_string = talloc_strndup(mem_ctx, (char *)min_error_message.value, min_error_message.length);
+
+	ret = talloc_asprintf(mem_ctx, "%s: %s", maj_error_string, min_error_string);
+
+	talloc_free(maj_error_string);
+	talloc_free(min_error_string);
+
+	gss_release_buffer(&disp_min_stat, &maj_error_message);
+	gss_release_buffer(&disp_min_stat, &min_error_message);
+
+	return ret;
+}
+
+
 char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx)
 {
 	char *ret;
--- a/libcli/auth/krb5_wrap.h
+++ b/libcli/auth/krb5_wrap.h
@ -31,7 +31,6 @@ int create_kerberos_key_from_string_direct(krb5_context context,
 					   krb5_enctype enctype);
 void kerberos_free_data_contents(krb5_context context, krb5_data *pdata);
 krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry);
-char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx);

 krb5_error_code smb_krb5_parse_name(krb5_context context,
 				const char *name, /* in unix charset */
@ -54,6 +53,10 @@ krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
 					 krb5_checksum *cksum,
 					 uint8_t *data,
 					  size_t length);
+char *gssapi_error_string(TALLOC_CTX *mem_ctx, 
+			  OM_uint32 maj_stat, OM_uint32 min_stat, 
+			  const gss_OID mech);
+char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx);

 krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
 				   DATA_BLOB pac_data,
--- a/libcli/auth/wscript_build
+++ b/libcli/auth/wscript_build
@ -41,4 +41,4 @@ bld.SAMBA_SUBSYSTEM('SPNEGO_PARSE',

 bld.SAMBA_SUBSYSTEM('KRB5_WRAP',
                    source='krb5_wrap.c kerberos_pac.c',
-                    deps='krb5 ndr-krb5pac com_err')
+                    deps='gssapi krb5 ndr-krb5pac com_err')
--- a/source3/include/smb_krb5.h
+++ b/source3/include/smb_krb5.h
@ -14,14 +14,6 @@

 #include "libcli/auth/krb5_wrap.h"

-#if HAVE_GSSAPI_GSSAPI_H
-#include <gssapi/gssapi.h>
-#elif HAVE_GSSAPI_GSSAPI_GENERIC_H
-#include <gssapi/gssapi_generic.h>
-#elif HAVE_GSSAPI_H
-#include <gssapi.h>
-#endif
-
 #ifndef KRB5_ADDR_NETBIOS
 #define KRB5_ADDR_NETBIOS 0x14
 #endif
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@ -47,44 +47,6 @@ _PUBLIC_ NTSTATUS gensec_gssapi_init(void);
 static size_t gensec_gssapi_max_input_size(struct gensec_security *gensec_security);
 static size_t gensec_gssapi_max_wrapped_size(struct gensec_security *gensec_security);

-static char *gssapi_error_string(TALLOC_CTX *mem_ctx, 
-				 OM_uint32 maj_stat, OM_uint32 min_stat, 
-				 const gss_OID mech)
-{
-	OM_uint32 disp_min_stat, disp_maj_stat;
-	gss_buffer_desc maj_error_message;
-	gss_buffer_desc min_error_message;
-	char *maj_error_string, *min_error_string;
-	OM_uint32 msg_ctx = 0;
-
-	char *ret;
-
-	maj_error_message.value = NULL;
-	min_error_message.value = NULL;
-	maj_error_message.length = 0;
-	min_error_message.length = 0;
-	
-	disp_maj_stat = gss_display_status(&disp_min_stat, maj_stat, GSS_C_GSS_CODE,
-			   mech, &msg_ctx, &maj_error_message);
-	disp_maj_stat = gss_display_status(&disp_min_stat, min_stat, GSS_C_MECH_CODE,
-			   mech, &msg_ctx, &min_error_message);
-	
-	maj_error_string = talloc_strndup(mem_ctx, (char *)maj_error_message.value, maj_error_message.length);
-
-	min_error_string = talloc_strndup(mem_ctx, (char *)min_error_message.value, min_error_message.length);
-
-	ret = talloc_asprintf(mem_ctx, "%s: %s", maj_error_string, min_error_string);
-
-	talloc_free(maj_error_string);
-	talloc_free(min_error_string);
-
-	gss_release_buffer(&disp_min_stat, &maj_error_message);
-	gss_release_buffer(&disp_min_stat, &min_error_message);
-
-	return ret;
-}
-
-
 static int gensec_gssapi_destructor(struct gensec_gssapi_state *gensec_gssapi_state)
 {
 	OM_uint32 maj_stat, min_stat;