summaryrefslogtreecommitdiff
path: root/libcli
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-02-17 13:36:35 +1100
committerAndrew Bartlett <abartlet@samba.org>2012-02-17 17:36:38 +1100
commit674278d5b0d68e96d68f7beab2289a502efa6bc4 (patch)
tree2e34f2f291f6dc00cc284554eb74c665adbe8f4b /libcli
parenta315350341d7090402fe8fe2991d18fa530d2398 (diff)
downloadsamba-674278d5b0d68e96d68f7beab2289a502efa6bc4.tar.gz
samba-674278d5b0d68e96d68f7beab2289a502efa6bc4.tar.bz2
samba-674278d5b0d68e96d68f7beab2289a502efa6bc4.zip
auth/kerberos: Move gse_get_session_key() to common code and use in gensec_gssapi
Thie ensures that both code bases use the same logic to determine the use of NEW_SPNEGO. Andrew Bartlett
Diffstat (limited to 'libcli')
-rw-r--r--libcli/auth/krb5_wrap.h17
1 files changed, 17 insertions, 0 deletions
diff --git a/libcli/auth/krb5_wrap.h b/libcli/auth/krb5_wrap.h
index 814c427a56..01ea6acd07 100644
--- a/libcli/auth/krb5_wrap.h
+++ b/libcli/auth/krb5_wrap.h
@@ -24,6 +24,18 @@
struct PAC_SIGNATURE_DATA;
struct PAC_DATA;
+#ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE /* Heimdal */
+#define KRB5_KEY_TYPE(k) ((k)->keytype)
+#define KRB5_KEY_LENGTH(k) ((k)->keyvalue.length)
+#define KRB5_KEY_DATA(k) ((k)->keyvalue.data)
+#define KRB5_KEY_DATA_CAST void
+#else /* MIT */
+#define KRB5_KEY_TYPE(k) ((k)->enctype)
+#define KRB5_KEY_LENGTH(k) ((k)->length)
+#define KRB5_KEY_DATA(k) ((k)->contents)
+#define KRB5_KEY_DATA_CAST krb5_octet
+#endif /* HAVE_KRB5_KEYBLOCK_KEYVALUE */
+
int create_kerberos_key_from_string_direct(krb5_context context,
krb5_principal host_princ,
krb5_data *password,
@@ -76,6 +88,11 @@ NTSTATUS gssapi_obtain_pac_blob(TALLOC_CTX *mem_ctx,
gss_ctx_id_t gssapi_context,
gss_name_t gss_client_name,
DATA_BLOB *pac_data);
+NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx,
+ gss_ctx_id_t gssapi_context,
+ DATA_BLOB *session_key,
+ uint32_t *keytype);
+
DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *ticket, const uint8_t tok_id[2]);
bool gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, DATA_BLOB *ticket, uint8_t tok_id[2]);