summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2009-11-17 15:36:48 +1100
committerAndrew Bartlett <abartlet@samba.org>2009-11-17 16:21:29 +1100
commitdc351a579dbdffc5505205d3e1d5548f5e62336e (patch)
tree4d8d77db2520d23620ad292b39e9a39532d3aa77
parentb9e262c51261af275db4d0e7e6e2c7318a41bed0 (diff)
downloadsamba-dc351a579dbdffc5505205d3e1d5548f5e62336e.tar.gz
samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.tar.bz2
samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.zip
s4:heimdal: import lorikeet-heimdal-200911170333 (commit b532c294d974cead40a1183c71be644c6ccc2832)
This fixes up connections to Windows 2003, because the previous import had a broken arcfour-hmac-md5 implementation (fixed in Heimdal 316fc6ff8ffb0cbb1ef3689685e9977c37405bc4) Andrew Bartlett
-rw-r--r--source4/heimdal/lib/com_err/error.c1
-rw-r--r--source4/heimdal/lib/gssapi/spnego/accept_sec_context.c2
-rw-r--r--source4/heimdal/lib/gssapi/spnego/compat.c2
-rw-r--r--source4/heimdal/lib/gssapi/spnego/context_stubs.c2
-rw-r--r--source4/heimdal/lib/gssapi/spnego/cred_stubs.c2
-rw-r--r--source4/heimdal/lib/gssapi/spnego/external.c2
-rw-r--r--source4/heimdal/lib/gssapi/spnego/init_sec_context.c2
-rw-r--r--source4/heimdal/lib/krb5/crypto.c1
-rw-r--r--source4/heimdal/lib/krb5/get_cred.c19
9 files changed, 8 insertions, 25 deletions
diff --git a/source4/heimdal/lib/com_err/error.c b/source4/heimdal/lib/com_err/error.c
index d4a42ac5de..854a4b66cb 100644
--- a/source4/heimdal/lib/com_err/error.c
+++ b/source4/heimdal/lib/com_err/error.c
@@ -38,6 +38,7 @@
#include <stdlib.h>
#include <string.h>
#include <com_right.h>
+#include <roken.h>
#ifdef LIBINTL
#include <libintl.h>
diff --git a/source4/heimdal/lib/gssapi/spnego/accept_sec_context.c b/source4/heimdal/lib/gssapi/spnego/accept_sec_context.c
index 247c25611f..ab8a4d1aac 100644
--- a/source4/heimdal/lib/gssapi/spnego/accept_sec_context.c
+++ b/source4/heimdal/lib/gssapi/spnego/accept_sec_context.c
@@ -33,8 +33,6 @@
#include "spnego_locl.h"
-RCSID("$Id$");
-
static OM_uint32
send_reject (OM_uint32 *minor_status,
gss_buffer_t output_token)
diff --git a/source4/heimdal/lib/gssapi/spnego/compat.c b/source4/heimdal/lib/gssapi/spnego/compat.c
index b2f535e58f..673a5df66b 100644
--- a/source4/heimdal/lib/gssapi/spnego/compat.c
+++ b/source4/heimdal/lib/gssapi/spnego/compat.c
@@ -32,8 +32,6 @@
#include "spnego_locl.h"
-RCSID("$Id$");
-
/*
* Apparently Microsoft got the OID wrong, and used
* 1.2.840.48018.1.2.2 instead. We need both this and
diff --git a/source4/heimdal/lib/gssapi/spnego/context_stubs.c b/source4/heimdal/lib/gssapi/spnego/context_stubs.c
index c0d47b9f63..98ab919459 100644
--- a/source4/heimdal/lib/gssapi/spnego/context_stubs.c
+++ b/source4/heimdal/lib/gssapi/spnego/context_stubs.c
@@ -32,8 +32,6 @@
#include "spnego_locl.h"
-RCSID("$Id$");
-
static OM_uint32
spnego_supported_mechs(OM_uint32 *minor_status, gss_OID_set *mechs)
{
diff --git a/source4/heimdal/lib/gssapi/spnego/cred_stubs.c b/source4/heimdal/lib/gssapi/spnego/cred_stubs.c
index b1eb0be6da..f15069362c 100644
--- a/source4/heimdal/lib/gssapi/spnego/cred_stubs.c
+++ b/source4/heimdal/lib/gssapi/spnego/cred_stubs.c
@@ -32,8 +32,6 @@
#include "spnego_locl.h"
-RCSID("$Id$");
-
OM_uint32
_gss_spnego_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle)
{
diff --git a/source4/heimdal/lib/gssapi/spnego/external.c b/source4/heimdal/lib/gssapi/spnego/external.c
index 9d50a61a75..2a6002b8ea 100644
--- a/source4/heimdal/lib/gssapi/spnego/external.c
+++ b/source4/heimdal/lib/gssapi/spnego/external.c
@@ -33,8 +33,6 @@
#include "spnego_locl.h"
#include <gssapi_mech.h>
-RCSID("$Id$");
-
/*
* RFC2478, SPNEGO:
* The security mechanism of the initial
diff --git a/source4/heimdal/lib/gssapi/spnego/init_sec_context.c b/source4/heimdal/lib/gssapi/spnego/init_sec_context.c
index 6afd524a5b..75a925497e 100644
--- a/source4/heimdal/lib/gssapi/spnego/init_sec_context.c
+++ b/source4/heimdal/lib/gssapi/spnego/init_sec_context.c
@@ -33,8 +33,6 @@
#include "spnego_locl.h"
-RCSID("$Id$");
-
/*
* Is target_name an sane target for `mech´.
*/
diff --git a/source4/heimdal/lib/krb5/crypto.c b/source4/heimdal/lib/krb5/crypto.c
index 68233c290d..8cc7b06026 100644
--- a/source4/heimdal/lib/krb5/crypto.c
+++ b/source4/heimdal/lib/krb5/crypto.c
@@ -2386,7 +2386,6 @@ usage2arcfour (krb5_context context, unsigned *usage)
{
switch (*usage) {
case KRB5_KU_AS_REP_ENC_PART : /* 3 */
- case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY : /* 9 */
*usage = 8;
return 0;
case KRB5_KU_USAGE_SEAL : /* 22 */
diff --git a/source4/heimdal/lib/krb5/get_cred.c b/source4/heimdal/lib/krb5/get_cred.c
index 63152bbfa6..7072137338 100644
--- a/source4/heimdal/lib/krb5/get_cred.c
+++ b/source4/heimdal/lib/krb5/get_cred.c
@@ -244,16 +244,12 @@ init_tgs_req (krb5_context context,
if(ret)
goto fail;
- ret = krb5_generate_subkey_extended(context, &krbtgt->session,
- ETYPE_NULL, &key);
+ ret = krb5_auth_con_generatelocalsubkey(context, ac, &krbtgt->session);
if (ret)
goto fail;
- ret = krb5_auth_con_setlocalsubkey(context, ac, key);
- if (ret)
- goto fail;
-
- ret = set_auth_data (context, &t->req_body, &in_creds->authdata, key);
+ ret = set_auth_data (context, &t->req_body, &in_creds->authdata,
+ ac->local_subkey);
if (ret)
goto fail;
@@ -265,12 +261,11 @@ init_tgs_req (krb5_context context,
if(ret)
goto fail;
- *subkey = key;
- key = NULL;
-
+ ret = krb5_auth_con_getlocalsubkey(context, ac, subkey);
+ if (ret)
+ goto fail;
+
fail:
- if (key)
- krb5_free_keyblock (context, key);
if (ac)
krb5_auth_con_free(context, ac);
if (ret) {