diff options
author | Andrew Bartlett <abartlet@samba.org> | 2009-11-17 15:36:48 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2009-11-17 16:21:29 +1100 |
commit | dc351a579dbdffc5505205d3e1d5548f5e62336e (patch) | |
tree | 4d8d77db2520d23620ad292b39e9a39532d3aa77 | |
parent | b9e262c51261af275db4d0e7e6e2c7318a41bed0 (diff) | |
download | samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.tar.gz samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.tar.bz2 samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.zip |
s4:heimdal: import lorikeet-heimdal-200911170333 (commit b532c294d974cead40a1183c71be644c6ccc2832)
This fixes up connections to Windows 2003, because the previous import
had a broken arcfour-hmac-md5 implementation (fixed in Heimdal
316fc6ff8ffb0cbb1ef3689685e9977c37405bc4)
Andrew Bartlett
-rw-r--r-- | source4/heimdal/lib/com_err/error.c | 1 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/spnego/accept_sec_context.c | 2 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/spnego/compat.c | 2 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/spnego/context_stubs.c | 2 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/spnego/cred_stubs.c | 2 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/spnego/external.c | 2 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/spnego/init_sec_context.c | 2 | ||||
-rw-r--r-- | source4/heimdal/lib/krb5/crypto.c | 1 | ||||
-rw-r--r-- | source4/heimdal/lib/krb5/get_cred.c | 19 |
9 files changed, 8 insertions, 25 deletions
diff --git a/source4/heimdal/lib/com_err/error.c b/source4/heimdal/lib/com_err/error.c index d4a42ac5de..854a4b66cb 100644 --- a/source4/heimdal/lib/com_err/error.c +++ b/source4/heimdal/lib/com_err/error.c @@ -38,6 +38,7 @@ #include <stdlib.h> #include <string.h> #include <com_right.h> +#include <roken.h> #ifdef LIBINTL #include <libintl.h> diff --git a/source4/heimdal/lib/gssapi/spnego/accept_sec_context.c b/source4/heimdal/lib/gssapi/spnego/accept_sec_context.c index 247c25611f..ab8a4d1aac 100644 --- a/source4/heimdal/lib/gssapi/spnego/accept_sec_context.c +++ b/source4/heimdal/lib/gssapi/spnego/accept_sec_context.c @@ -33,8 +33,6 @@ #include "spnego_locl.h" -RCSID("$Id$"); - static OM_uint32 send_reject (OM_uint32 *minor_status, gss_buffer_t output_token) diff --git a/source4/heimdal/lib/gssapi/spnego/compat.c b/source4/heimdal/lib/gssapi/spnego/compat.c index b2f535e58f..673a5df66b 100644 --- a/source4/heimdal/lib/gssapi/spnego/compat.c +++ b/source4/heimdal/lib/gssapi/spnego/compat.c @@ -32,8 +32,6 @@ #include "spnego_locl.h" -RCSID("$Id$"); - /* * Apparently Microsoft got the OID wrong, and used * 1.2.840.48018.1.2.2 instead. We need both this and diff --git a/source4/heimdal/lib/gssapi/spnego/context_stubs.c b/source4/heimdal/lib/gssapi/spnego/context_stubs.c index c0d47b9f63..98ab919459 100644 --- a/source4/heimdal/lib/gssapi/spnego/context_stubs.c +++ b/source4/heimdal/lib/gssapi/spnego/context_stubs.c @@ -32,8 +32,6 @@ #include "spnego_locl.h" -RCSID("$Id$"); - static OM_uint32 spnego_supported_mechs(OM_uint32 *minor_status, gss_OID_set *mechs) { diff --git a/source4/heimdal/lib/gssapi/spnego/cred_stubs.c b/source4/heimdal/lib/gssapi/spnego/cred_stubs.c index b1eb0be6da..f15069362c 100644 --- a/source4/heimdal/lib/gssapi/spnego/cred_stubs.c +++ b/source4/heimdal/lib/gssapi/spnego/cred_stubs.c @@ -32,8 +32,6 @@ #include "spnego_locl.h" -RCSID("$Id$"); - OM_uint32 _gss_spnego_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle) { diff --git a/source4/heimdal/lib/gssapi/spnego/external.c b/source4/heimdal/lib/gssapi/spnego/external.c index 9d50a61a75..2a6002b8ea 100644 --- a/source4/heimdal/lib/gssapi/spnego/external.c +++ b/source4/heimdal/lib/gssapi/spnego/external.c @@ -33,8 +33,6 @@ #include "spnego_locl.h" #include <gssapi_mech.h> -RCSID("$Id$"); - /* * RFC2478, SPNEGO: * The security mechanism of the initial diff --git a/source4/heimdal/lib/gssapi/spnego/init_sec_context.c b/source4/heimdal/lib/gssapi/spnego/init_sec_context.c index 6afd524a5b..75a925497e 100644 --- a/source4/heimdal/lib/gssapi/spnego/init_sec_context.c +++ b/source4/heimdal/lib/gssapi/spnego/init_sec_context.c @@ -33,8 +33,6 @@ #include "spnego_locl.h" -RCSID("$Id$"); - /* * Is target_name an sane target for `mech´. */ diff --git a/source4/heimdal/lib/krb5/crypto.c b/source4/heimdal/lib/krb5/crypto.c index 68233c290d..8cc7b06026 100644 --- a/source4/heimdal/lib/krb5/crypto.c +++ b/source4/heimdal/lib/krb5/crypto.c @@ -2386,7 +2386,6 @@ usage2arcfour (krb5_context context, unsigned *usage) { switch (*usage) { case KRB5_KU_AS_REP_ENC_PART : /* 3 */ - case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY : /* 9 */ *usage = 8; return 0; case KRB5_KU_USAGE_SEAL : /* 22 */ diff --git a/source4/heimdal/lib/krb5/get_cred.c b/source4/heimdal/lib/krb5/get_cred.c index 63152bbfa6..7072137338 100644 --- a/source4/heimdal/lib/krb5/get_cred.c +++ b/source4/heimdal/lib/krb5/get_cred.c @@ -244,16 +244,12 @@ init_tgs_req (krb5_context context, if(ret) goto fail; - ret = krb5_generate_subkey_extended(context, &krbtgt->session, - ETYPE_NULL, &key); + ret = krb5_auth_con_generatelocalsubkey(context, ac, &krbtgt->session); if (ret) goto fail; - ret = krb5_auth_con_setlocalsubkey(context, ac, key); - if (ret) - goto fail; - - ret = set_auth_data (context, &t->req_body, &in_creds->authdata, key); + ret = set_auth_data (context, &t->req_body, &in_creds->authdata, + ac->local_subkey); if (ret) goto fail; @@ -265,12 +261,11 @@ init_tgs_req (krb5_context context, if(ret) goto fail; - *subkey = key; - key = NULL; - + ret = krb5_auth_con_getlocalsubkey(context, ac, subkey); + if (ret) + goto fail; + fail: - if (key) - krb5_free_keyblock (context, key); if (ac) krb5_auth_con_free(context, ac); if (ret) { |