lib/krb5_wrap: Move enctype conversion functions into a simple helper file

5 files changed, 109 insertions, 81 deletions

diff --git a/lib/krb5_wrap/enctype_convert.c b/lib/krb5_wrap/enctype_convert.c
new file mode 100644
index 0000000000..446384ef3e
--- /dev/null
+++ b/lib/krb5_wrap/enctype_convert.c
@@ -0,0 +1,104 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   Kerberos utility functions
+
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2012
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "krb5_samba.h"
+#include "librpc/gen_ndr/netlogon.h"
+
+const krb5_enctype *samba_all_enctypes(void)
+{
+	/* TODO: Find a way not to have to use a fixed list */
+	static const krb5_enctype enctypes[] = {
+		KRB5_ENCTYPE_DES_CBC_CRC,
+		KRB5_ENCTYPE_DES_CBC_MD5,
+		KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+		KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+		KRB5_ENCTYPE_ARCFOUR_HMAC_MD5,
+		0
+	};
+	return enctypes;
+};
+
+/* Translate between the IETF encryption type values and the Microsoft
+ * msDS-SupportedEncryptionTypes values */
+uint32_t kerberos_enctype_to_bitmap(krb5_enctype enc_type_enum)
+{
+	switch (enc_type_enum) {
+	case ENCTYPE_DES_CBC_CRC:
+		return ENC_CRC32;
+	case ENCTYPE_DES_CBC_MD5:
+		return ENC_RSA_MD5;
+	case ENCTYPE_ARCFOUR_HMAC_MD5:
+		return ENC_RC4_HMAC_MD5;
+	case ENCTYPE_AES128_CTS_HMAC_SHA1_96:
+		return ENC_HMAC_SHA1_96_AES128;
+	case ENCTYPE_AES256_CTS_HMAC_SHA1_96:
+		return ENC_HMAC_SHA1_96_AES256;
+	default:
+		return 0;
+	}
+}
+
+/* Translate between the Microsoft msDS-SupportedEncryptionTypes values
+ * and the IETF encryption type values */
+krb5_enctype ms_suptype_to_ietf_enctype(uint32_t enctype_bitmap)
+{
+	switch (enctype_bitmap) {
+	case ENC_CRC32:
+		return ENCTYPE_DES_CBC_CRC;
+	case ENC_RSA_MD5:
+		return ENCTYPE_DES_CBC_MD5;
+	case ENC_RC4_HMAC_MD5:
+		return ENCTYPE_ARCFOUR_HMAC;
+	case ENC_HMAC_SHA1_96_AES128:
+		return ENCTYPE_AES128_CTS_HMAC_SHA1_96;
+	case ENC_HMAC_SHA1_96_AES256:
+		return ENCTYPE_AES256_CTS_HMAC_SHA1_96;
+	default:
+		return 0;
+	}
+}
+
+/* Return an array of krb5_enctype values */
+krb5_error_code ms_suptypes_to_ietf_enctypes(TALLOC_CTX *mem_ctx,
+					     uint32_t enctype_bitmap,
+					     krb5_enctype **enctypes)
+{
+	unsigned int i, j = 0;
+	*enctypes = talloc_zero_array(mem_ctx, krb5_enctype,
+					(8 * sizeof(enctype_bitmap)) + 1);
+	if (!*enctypes) {
+		return ENOMEM;
+	}
+	for (i = 0; i < (8 * sizeof(enctype_bitmap)); i++) {
+		uint32_t bit_value = (1 << i) & enctype_bitmap;
+		if (bit_value & enctype_bitmap) {
+			(*enctypes)[j] = ms_suptype_to_ietf_enctype(bit_value);
+			if (!(*enctypes)[j]) {
+				continue;
+			}
+			j++;
+		}
+	}
+	(*enctypes)[j] = 0;
+	return 0;
+}
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 171908aecc..2d237ffa12 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -23,7 +23,6 @@
 #include "includes.h"
 #include "krb5_samba.h"
 #include "lib/util/asn1.h"
-#include "librpc/gen_ndr/netlogon.h"
 
 #ifndef KRB5_AUTHDATA_WIN2K_PAC
 #define KRB5_AUTHDATA_WIN2K_PAC 128
@@ -2333,40 +2332,6 @@ char *smb_get_krb5_error_message(krb5_context context,
 	return ret;
 }
 
-const krb5_enctype *samba_all_enctypes(void)
-{
-	/* TODO: Find a way not to have to use a fixed list */
-	static const krb5_enctype enctypes[] = {
-		KRB5_ENCTYPE_DES_CBC_CRC,
-		KRB5_ENCTYPE_DES_CBC_MD5,
-		KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-		KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-		KRB5_ENCTYPE_ARCFOUR_HMAC_MD5,
-		0
-	};
-	return enctypes;
-};
-
-/* Translate between the IETF encryption type values and the Microsoft
- * msDS-SupportedEncryptionTypes values */
-uint32_t kerberos_enctype_to_bitmap(krb5_enctype enc_type_enum)
-{
-	switch (enc_type_enum) {
-	case ENCTYPE_DES_CBC_CRC:
-		return ENC_CRC32;
-	case ENCTYPE_DES_CBC_MD5:
-		return ENC_RSA_MD5;
-	case ENCTYPE_ARCFOUR_HMAC_MD5:
-		return ENC_RC4_HMAC_MD5;
-	case ENCTYPE_AES128_CTS_HMAC_SHA1_96:
-		return ENC_HMAC_SHA1_96_AES128;
-	case ENCTYPE_AES256_CTS_HMAC_SHA1_96:
-		return ENC_HMAC_SHA1_96_AES256;
-	default:
-		return 0;
-	}
-}
-
 #else /* HAVE_KRB5 */
  /* this saves a few linking headaches */
  int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx,
diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index 87990e1ae8..c823c734cc 100644
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -296,6 +296,10 @@ krb5_boolean smb_krb5_kt_compare(krb5_context context,
 const krb5_enctype *samba_all_enctypes(void);
 
 uint32_t kerberos_enctype_to_bitmap(krb5_enctype enc_type_enum);
+krb5_enctype ms_suptype_to_ietf_enctype(uint32_t enctype_bitmap);
+krb5_error_code ms_suptypes_to_ietf_enctypes(TALLOC_CTX *mem_ctx,
+					     uint32_t enctype_bitmap,
+					     krb5_enctype **enctypes);
 
 #endif /* HAVE_KRB5 */
 
diff --git a/lib/krb5_wrap/wscript_build b/lib/krb5_wrap/wscript_build
index 961a0a44c4..1a65d28b6c 100755
--- a/lib/krb5_wrap/wscript_build
+++ b/lib/krb5_wrap/wscript_build
@@ -5,7 +5,7 @@ if bld.CONFIG_SET('SAMBA4_USES_HEIMDAL'):
     add_deps = ' asn1'
 
 bld.SAMBA_LIBRARY('krb5samba',
-                  source='krb5_samba.c gss_samba.c keytab_util.c',
+                  source='krb5_samba.c gss_samba.c keytab_util.c enctype_convert.c',
                   deps='samba-util asn1util talloc krb5 com_err gssapi' + add_deps,
                   private_library=True
                  )
diff --git a/source4/auth/kerberos/srv_keytab.c b/source4/auth/kerberos/srv_keytab.c
index c3c96163e0..1fc8b4cfed 100644
--- a/source4/auth/kerberos/srv_keytab.c
+++ b/source4/auth/kerberos/srv_keytab.c
@@ -187,51 +187,6 @@ static krb5_error_code salt_principal(TALLOC_CTX *parent_ctx,
 	return ret;
 }
 
-/* Translate between the Microsoft msDS-SupportedEncryptionTypes values
- * and the IETF encryption type values */
-static krb5_enctype ms_suptype_to_ietf_enctype(uint32_t enctype_bitmap)
-{
-	switch (enctype_bitmap) {
-	case ENC_CRC32:
-		return ENCTYPE_DES_CBC_CRC;
-	case ENC_RSA_MD5:
-		return ENCTYPE_DES_CBC_MD5;
-	case ENC_RC4_HMAC_MD5:
-		return ENCTYPE_ARCFOUR_HMAC;
-	case ENC_HMAC_SHA1_96_AES128:
-		return ENCTYPE_AES128_CTS_HMAC_SHA1_96;
-	case ENC_HMAC_SHA1_96_AES256:
-		return ENCTYPE_AES256_CTS_HMAC_SHA1_96;
-	default:
-		return 0;
-	}
-}
-
-/* Return an array of krb5_enctype values */
-static krb5_error_code ms_suptypes_to_ietf_enctypes(TALLOC_CTX *mem_ctx,
-						uint32_t enctype_bitmap,
-						krb5_enctype **enctypes)
-{
-	unsigned int i, j = 0;
-	*enctypes = talloc_zero_array(mem_ctx, krb5_enctype,
-					(8 * sizeof(enctype_bitmap)) + 1);
-	if (!*enctypes) {
-		return ENOMEM;
-	}
-	for (i = 0; i < (8 * sizeof(enctype_bitmap)); i++) {
-		uint32_t bit_value = (1 << i) & enctype_bitmap;
-		if (bit_value & enctype_bitmap) {
-			(*enctypes)[j] = ms_suptype_to_ietf_enctype(bit_value);
-			if (!(*enctypes)[j]) {
-				continue;
-			}
-			j++;
-		}
-	}
-	(*enctypes)[j] = 0;
-	return 0;
-}
-
 static krb5_error_code keytab_add_keys(TALLOC_CTX *parent_ctx,
 				       krb5_principal *principals,
 				       krb5_principal salt_princ,