summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-01-03 00:52:06 +0100
committerStefan Metzmacher <metze@samba.org>2012-01-18 16:23:22 +0100
commit60e1aa701c18a0871d94f74f565b9abaa41c0de9 (patch)
treed31e0aba4b50c3ddf8044166c0b23c5b5e24d0a0
parentcbd8231e342b1af8194e72fa3bd21fd91691cd1f (diff)
downloadsamba-60e1aa701c18a0871d94f74f565b9abaa41c0de9.tar.gz
samba-60e1aa701c18a0871d94f74f565b9abaa41c0de9.tar.bz2
samba-60e1aa701c18a0871d94f74f565b9abaa41c0de9.zip
s3-build: Rework object lists to allow gse gensec module
This also allows the spnego_parse_krb5_wrap() function to be shared. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r--source3/Makefile.in61
-rw-r--r--source3/utils/ntlm_auth.c39
-rwxr-xr-xsource3/wscript_build13
3 files changed, 40 insertions, 73 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 318067ff02..69f4786695 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -555,9 +555,12 @@ LIBSMB_OBJ0 = \
../lib/util/asn1.o \
../libcli/auth/spnego_parse.o \
../libcli/auth/ntlm_check.o \
+ ../libcli/auth/krb5_wrap.o \
libsmb/ntlmssp.o \
libsmb/ntlmssp_wrap.o \
libsmb/auth_generic.o \
+ libsmb/clikrb5.o \
+ libsmb/clispnego.o \
../auth/gensec/gensec.o \
../auth/gensec/gensec_start.o \
../auth/gensec/gensec_util.o \
@@ -594,7 +597,6 @@ SCHANNEL_OBJ = ../libcli/auth/credentials.o \
$(LIBNDR_SCHANNEL_OBJ)
LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
- libsmb/clikrb5.o ../libcli/auth/krb5_wrap.o libsmb/clispnego.o \
libsmb/reparse_symlink.o \
libsmb/clisymlink.o \
libsmb/clirap.o libsmb/clierror.o libsmb/climessage.o \
@@ -1015,7 +1017,7 @@ NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(PROFILE_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \
- $(LIBNDR_GEN_OBJ0)
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
SWAT_OBJ1 = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \
web/swat.o web/neg_lang.o
@@ -1067,10 +1069,10 @@ SMBPASSWD_OBJ = utils/smbpasswd.o $(PASSWD_UTIL_OBJ) $(PASSCHANGE_OBJ) \
rpc_client/init_lsa.o
PDBEDIT_OBJ = utils/pdbedit.o $(PASSWD_UTIL_OBJ) $(PARAM_OBJ) $(PASSDB_OBJ) \
- $(LIBSAMBA_OBJ) \
+ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+ $(AFS_SETTOKEN_OBJ) \
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) \
$(LIB_NONSMBD_OBJ) $(GROUPDB_OBJ) \
- $(LIBCLI_LDAP_NDR_OBJ) \
- $(DRSUAPI_OBJ) $(LIBNDR_GEN_OBJ0) \
$(POPT_LIB_OBJ) $(SMBLDAP_OBJ)
SMBGET_OBJ = utils/smbget.o $(POPT_LIB_OBJ) $(LIBSMBCLIENT_OBJ1)
@@ -1246,8 +1248,8 @@ NET_OBJ = $(NET_OBJ1) \
$(LIB_EVENTLOG_OBJ)
CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
- $(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) \
- $(LIBNDR_GEN_OBJ0)
+ $(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) \
+ $(AFS_SETTOKEN_OBJ) $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(LIBNMB_OBJ) \
$(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) $(LIBSMB_ERR_OBJ)
@@ -1277,23 +1279,23 @@ SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) $(TLDAP_OBJ) \
$(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(LIBCLI_ECHO_OBJ)
MASKTEST_OBJ = torture/masktest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
- $(LIB_NONSMBD_OBJ) \
- $(LIBNDR_GEN_OBJ0)
+ $(LIB_NONSMBD_OBJ) \
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
MSGTEST_OBJ = torture/msgtest.o $(PARAM_OBJ) $(LIBSMB_ERR_OBJ) \
$(LIB_NONSMBD_OBJ) \
$(LIBNDR_GEN_OBJ0)
LOCKTEST_OBJ = torture/locktest.o $(PARAM_OBJ) $(LOCKING_OBJ) $(KRBCLIENT_OBJ) \
- $(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) \
- $(LIBNDR_GEN_OBJ0) $(FNAME_UTIL_OBJ)
+ $(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) \
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(FNAME_UTIL_OBJ)
NSSTEST_OBJ = ../nsswitch/nsstest.o $(LIBSAMBAUTIL_OBJ)
PDBTEST_OBJ = torture/pdbtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(LIB_NONSMBD_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
$(SMBLDAP_OBJ) $(POPT_LIB_OBJ) \
- $(LIBNDR_GEN_OBJ0)
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
VFSTEST_OBJ = torture/cmd_vfs.o torture/vfstest.o $(SMBD_OBJ_BASE) $(READLINE_OBJ)
@@ -1301,7 +1303,7 @@ LOG2PCAP_OBJ = utils/log2pcaphex.o
LOCKTEST2_OBJ = torture/locktest2.o $(PARAM_OBJ) $(LOCKING_OBJ) $(LIBSMB_OBJ) \
$(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) \
- $(LIBNDR_GEN_OBJ0) $(FNAME_UTIL_OBJ)
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(FNAME_UTIL_OBJ)
SMBCACLS_OBJ = utils/smbcacls.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) \
@@ -1341,8 +1343,8 @@ REPLACETORT_OBJ = @libreplacedir@/test/testsuite.o \
DEBUG2HTML_OBJ = utils/debug2html.o utils/debugparse.o
SMBFILTER_OBJ = utils/smbfilter.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
- $(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) \
- $(LIBNDR_GEN_OBJ0)
+ $(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) \
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
WINBIND_WINS_NSS_OBJ = ../nsswitch/wins.o $(PARAM_OBJ) \
$(LIB_NONSMBD_OBJ) $(LIBSMB_ERR_OBJ) $(LIBNMB_OBJ)
@@ -1350,8 +1352,10 @@ WINBIND_WINS_NSS_OBJ = ../nsswitch/wins.o $(PARAM_OBJ) \
PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \
pam_smbpass/pam_smb_acct.o pam_smbpass/support.o
PAM_SMBPASS_OBJ = $(PAM_SMBPASS_OBJ_0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
- $(SMBLDAP_OBJ) $(LIBSAMBA_OBJ) \
- $(DRSUAPI_OBJ) $(LIBNDR_GEN_OBJ0) \
+ $(SMBLDAP_OBJ) \
+ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+ $(AFS_SETTOKEN_OBJ) \
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) \
$(PAM_ERRORS_OBJ)
IDMAP_RW_OBJ = winbindd/idmap_rw.o
@@ -1494,9 +1498,10 @@ WINBINDD_OBJ = \
rpc_client/init_samr.o \
$(PAM_ERRORS_OBJ)
-WBINFO_OBJ = ../nsswitch/wbinfo.o $(LIBSAMBA_OBJ) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \
+WBINFO_OBJ = ../nsswitch/wbinfo.o $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \
+ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
$(POPT_LIB_OBJ) $(AFS_SETTOKEN_OBJ) \
- lib/winbind_util.o $(WBCOMMON_OBJ)
+ lib/winbind_util.o $(WBCOMMON_OBJ) $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ)
WINBIND_NSS_OBJ = $(WBCOMMON_OBJ) $(LIBREPLACE_OBJ) @WINBIND_NSS_EXTRA_OBJS@
@@ -1527,17 +1532,15 @@ TDBTORTURE_OBJ = @tdbdir@/tools/tdbtorture.o $(LIBREPLACE_OBJ) \
NTLM_AUTH_OBJ1 = utils/ntlm_auth.o utils/ntlm_auth_diagnostics.o
-NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ) \
- libsmb/clikrb5.o ../libcli/auth/krb5_wrap.o libads/kerberos.o \
+NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} \
libsmb/samlogon_cache.o \
$(LIBADS_SERVER_OBJ) \
$(PASSDB_OBJ) $(GROUPDB_OBJ) \
- $(SMBLDAP_OBJ) $(LIBNMB_OBJ) \
$(WBCOMMON_OBJ) \
- $(LIBNBT_OBJ) \
- $(CLDAP_OBJ) \
- $(DRSUAPI_OBJ) \
- $(LIBNDR_GEN_OBJ0) $(LIBNDR_NETLOGON_OBJ) @BUILD_INIPARSER@
+ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+ $(AFS_SETTOKEN_OBJ) \
+ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) \
+ $(POPT_LIB_OBJ) $(SMBLDAP_OBJ) @BUILD_INIPARSER@
VLP_OBJ = printing/tests/vlp.o \
@@ -3144,10 +3147,10 @@ bin/ntlm_auth@EXEEXT@: $(BINARY_PREREQS) $(NTLM_AUTH_OBJ) $(PARAM_OBJ) \
$(POPT_LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \
$(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS) @INIPARSERLIBS@
-bin/pam_smbpass.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_SMBPASS_OBJ) $(LIBCLI_LDAP_NDR_OBJ) $(LIBTALLOC) $(LIBWBCLIENT) $(LIBTDB)
+bin/pam_smbpass.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_SMBPASS_OBJ) $(LIBTALLOC) $(LIBWBCLIENT) $(LIBTDB)
@echo "Linking shared library $@"
- @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) $(LIBCLI_LDAP_NDR_OBJ) -lpam $(DYNEXP) \
- $(LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(ZLIB_LIBS) \
+ @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) -lpam $(DYNEXP) \
+ $(LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(KRB5LIBS) $(ZLIB_LIBS) \
$(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS)
bin/tdbbackup@EXEEXT@: $(BINARY_PREREQS) $(TDBBACKUP_OBJ) $(LIBTALLOC) $(LIBTDB)
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 00c7d4dbba..ff9b60ed0f 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1232,45 +1232,6 @@ static void offer_gss_spnego_mechs(void) {
return;
}
-bool spnego_parse_krb5_wrap(TALLOC_CTX *ctx, DATA_BLOB blob, DATA_BLOB *ticket, uint8 tok_id[2])
-{
- bool ret;
- ASN1_DATA *data;
- int data_remaining;
-
- data = asn1_init(talloc_tos());
- if (data == NULL) {
- return false;
- }
-
- asn1_load(data, blob);
- asn1_start_tag(data, ASN1_APPLICATION(0));
- asn1_check_OID(data, OID_KERBEROS5);
-
- data_remaining = asn1_tag_remaining(data);
-
- if (data_remaining < 3) {
- data->has_error = True;
- } else {
- asn1_read(data, tok_id, 2);
- data_remaining -= 2;
- *ticket = data_blob_talloc(ctx, NULL, data_remaining);
- asn1_read(data, ticket->data, ticket->length);
- }
-
- asn1_end_tag(data);
-
- ret = !data->has_error;
-
- if (data->has_error) {
- data_blob_free(ticket);
- }
-
- asn1_free(data);
-
- return ret;
-}
-
static void manage_gss_spnego_request(struct ntlm_auth_state *state,
char *buf, int length)
{
diff --git a/source3/wscript_build b/source3/wscript_build
index 5a13ccf562..89e312e400 100755
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -147,8 +147,6 @@ LIBSMB_SRC = '''libsmb/clientgen.c libsmb/cliconnect.c libsmb/clifile.c
LIBMSRPC_SRC = '''
rpc_client/cli_pipe.c
- librpc/crypto/gse_krb5.c
- librpc/crypto/gse.c
librpc/crypto/cli_spnego.c
librpc/rpc/rpc_common.c
rpc_client/rpc_transport_np.c
@@ -688,11 +686,16 @@ bld.SAMBA3_LIBRARY('nss_wins',
realname='libnss_wins.so.2',
vnum='2')
+bld.SAMBA3_LIBRARY('gse',
+ source='librpc/crypto/gse_krb5.c librpc/crypto/gse.c',
+ deps='KRB5_WRAP gensec param KRBCLIENT SECRETS3',
+ private_library=True)
+
bld.SAMBA3_LIBRARY('msrpc3',
source='${LIBMSRPC_SRC}',
deps='''ndr ndr-standard
RPC_NDR_EPMAPPER NTLMSSP_COMMON COMMON_SCHANNEL LIBCLI_AUTH
- LIBTSOCKET KRB5_WRAP dcerpc-binding
+ LIBTSOCKET gse dcerpc-binding
libsmb''',
vars=locals(),
private_library=True)
@@ -801,7 +804,7 @@ bld.SAMBA3_LIBRARY('util_cmdline',
bld.SAMBA3_SUBSYSTEM('KRBCLIENT',
source=KRBCLIENT_SRC,
- public_deps='KRB5_WRAP k5crypto LIBTSOCKET CLDAP',
+ public_deps='KRB5_WRAP k5crypto LIBTSOCKET CLDAP LIBNMB',
vars=locals())
bld.SAMBA3_SUBSYSTEM('samba3util',
@@ -1379,7 +1382,7 @@ bld.SAMBA3_BINARY('ntlm_auth' + bld.env.suffix3,
deps='''tdb_compat talloc cap KRB5_WRAP k5crypto wbclient param smbd_shim
samba3core LIBNTLMSSP popt_samba3 asn1util LIBTSOCKET
pdb winbind-client LIBINIPARSER LIBADS_SERVER
- NDR_SAMR NDR_LSA NDR_NETLOGON cli-ldap-common LIBNMB SLCACHE SPNEGO_PARSE KRBCLIENT''',
+ NDR_SAMR NDR_LSA NDR_NETLOGON cli-ldap-common LIBNMB SLCACHE SPNEGO_PARSE KRBCLIENT libsmb''',
vars=locals())
bld.SAMBA3_BINARY('timelimit',