r5227: removed SuSE spec file @ Lars' request and updated read to point to package download areas

(This used to be commit 51211daa4d8dec96c0ba740f702b486e241e8621)

1 files changed, 0 insertions, 247 deletions

diff --git a/packaging/SuSE/samba-mutual-auth.diff b/packaging/SuSE/samba-mutual-auth.diff
deleted file mode 100644
index 865f91682a..0000000000
--- a/packaging/SuSE/samba-mutual-auth.diff
+++ /dev/null
@@ -1,247 +0,0 @@
---- source/configure.in	22 Feb 2003 12:19:18 -0000	1.409
-+++ source/configure.in	24 Feb 2003 06:04:25 -0000
-@@ -627,6 +627,15 @@
- fi
- 
- ############################################
-+# support for using Kerberos keytab instead of secrets database
-+
-+AC_ARG_ENABLE(keytab, 
-+[  --enable-keytab         Turn on support for Kerberos keytabs in lieu of secrets DB (default=no)],
-+    [if eval "test x$enable_keytab = xyes"; then
-+	AC_DEFINE(USE_KEYTAB,1,[Use Kerberos keytab])
-+    fi])
-+
-+############################################
- # we need dlopen/dlclose/dlsym/dlerror for PAM, the password database plugins and the plugin loading code
- AC_SEARCH_LIBS(dlopen, [dl])
- # dlopen/dlclose/dlsym/dlerror will be checked again later and defines will be set then
---- source/passdb/secrets.c	1 Feb 2003 04:39:15 -0000	1.54
-+++ source/passdb/secrets.c	24 Feb 2003 06:04:26 -0000
-@@ -221,6 +221,72 @@
- 	return True;
- }
- 
-+#ifdef USE_KEYTAB
-+/************************************************************************
-+ Read local secret from the keytab
-+************************************************************************/
-+
-+static BOOL secrets_fetch_keytab_password(uint8 ret_pwd[16], time_t *pass_last_set_time)
-+{
-+	char spn[MAXHOSTNAMELEN + 2], *p;
-+	krb5_context context;
-+	krb5_error_code ret;
-+	krb5_principal princ;
-+	krb5_keyblock *key;
-+
-+	ret = krb5_init_context(&context);
-+	if (ret) {
-+		DEBUG(1, ("secrets_fetch_keytab_password: failed to initialize Kerberos context\n"));
-+		return False;
-+	}
-+
-+	spn[sizeof(spn) - 1] = '\0';
-+	if (gethostname(spn, sizeof(spn) - 2) < 0) {
-+		DEBUG(1, ("secrets_fetch_keytab_password: could not determine local hostname\n"));
-+		krb5_free_context(context);
-+		return False;
-+	}
-+
-+	for (p = spn; *p && *p != '.'; p++)
-+		*p = toupper(*p);
-+	*p++ = '$';
-+	*p = '\0';
-+
-+	ret = krb5_parse_name(context, spn, &princ);
-+	if (ret) {
-+		DEBUG(1, ("secrets_fetch_keytab_password: failed to parse name %s\n", spn));
-+		krb5_free_context(context);
-+		return False;
-+	}
-+
-+#ifdef ENCTYPE_ARCFOUR_HMAC
-+	ret = krb5_kt_read_service_key(context, NULL, princ, 0, ENCTYPE_ARCFOUR_HMAC, &key);
-+#elif defined(HAVE_ENCTYPE_ARCFOUR_HMAC_MD5)
-+	ret = krb5_kt_read_service_key(context, NULL, princ, 0, ENCTYPE_ARCFOUR_HMAC_MD5, &key);
-+#else
-+#error ENCTYPE_ARCFOUR_HMAC or ENCTYPE_ARCFOUR_HMAC_MD5 required for keytab secret storage
-+#endif 
-+	if (ret) {
-+		DEBUG(1, ("secrets_fetch_keytab_password: failed to read secret for %s\n", spn));
-+		krb5_free_context(context);
-+		return False;
-+	}
-+	if (key->keyvalue.length != 16) {
-+		DEBUG(1, ("secrets_fetch_keytab_password: key is incorrect length\n"));
-+		krb5_free_context(context);
-+		return False;
-+	}
-+
-+	memcpy(ret_pwd, key->keyvalue.data, key->keyvalue.length);
-+	time(pass_last_set_time); /* XXX */
-+
-+	krb5_free_keyblock(context, key);
-+	krb5_free_context(context);
-+
-+	return True;
-+}
-+#endif /* USE_KEYTAB */
-+
- /************************************************************************
-  Routine to get the trust account password for a domain.
-  The user of this function must have locked the trust password file using
-@@ -243,6 +309,12 @@
- 		pass_last_set_time = 0;
- 		return True;
- 	}
-+
-+#ifdef USE_KEYTAB
-+	if (is_myworkgroup(domain)) {
-+		return secrets_fetch_keytab_password(ret_pwd, pass_last_set_time);
-+	}
-+#endif /* USE_KEYTAB */
- 
- 	if (!(pass = secrets_fetch(trust_keystr(domain), &size))) {
- 		DEBUG(5, ("secrets_fetch failed!\n"));
- 
---- source/libsmb/clikrb5.c	2003-07-02 00:32:55.000000000 +0200
-+++ source/libsmb/clikrb5.c	2003-07-02 00:37:22.000000000 +0200
-@@ -316,11 +316,13 @@
- 	krb5_enctype enc_types[] = {
- #ifdef ENCTYPE_ARCFOUR_HMAC
- 		ENCTYPE_ARCFOUR_HMAC,
-+#elif defined(HAVE_ENCTYPE_ARCFOUR_HMAC_MD5)
-+		ENCTYPE_ARCFOUR_HMAC_MD5,
- #endif 
- 		ENCTYPE_DES_CBC_MD5, 
- 		ENCTYPE_DES_CBC_CRC, 
- 		ENCTYPE_NULL};
--	
-+	
- 	retval = krb5_init_context(&context);
- 	if (retval) {
- 		DEBUG(1,("krb5_init_context failed (%s)\n", 
-@@ -367,24 +369,26 @@
- 
-  BOOL get_krb5_smb_session_key(krb5_context context, krb5_auth_context auth_context, uint8 session_key[16])
-  {
--#ifdef ENCTYPE_ARCFOUR_HMAC
- 	krb5_keyblock *skey;
--#endif
- 	BOOL ret = False;
- 
- 	memset(session_key, 0, 16);
- 
--#ifdef ENCTYPE_ARCFOUR_HMAC
-+#if defined(ENCTYPE_ARCFOUR_HMAC) || defined(HAVE_ENCTYPE_ARCFOUR_HMAC_MD5)
- 	if (krb5_auth_con_getremotesubkey(context, auth_context, &skey) == 0 && skey != NULL) {
- 		if (KRB5_KEY_TYPE(skey) ==
-+# ifdef ENCTYPE_ARCFOUR_HMAC
- 		    ENCTYPE_ARCFOUR_HMAC
-+# else
-+		    ENCTYPE_ARCFOUR_HMAC_MD5
-+# endif /* ENCTYPE_ARCFOUR_HMAC */
- 		    && KRB5_KEY_LENGTH(skey) == 16) {
- 			memcpy(session_key, KRB5_KEY_DATA(skey), KRB5_KEY_LENGTH(skey));
- 			ret = True;
- 		}
- 		krb5_free_keyblock(context, skey);
- 	}
--#endif /* ENCTYPE_ARCFOUR_HMAC */
-+#endif /* ENCTYPE_ARCFOUR_HMAC || HAVE_ENCTYPE_ARCFOUR_HMAC_MD5 */
- 
- 	return ret;
-  }
-@@ -395,5 +399,12 @@
- 	 DEBUG(0,("NO KERBEROS SUPPORT\n"));
- 	 return data_blob(NULL, 0);
-  }
-+BOOL krb5_get_smb_session_key(krb5_context context, krb5_auth_context ac, uint8 session_key[16])
-+ {
-+	DEBUG(0,("NO KERBEROS SUPPORT\n"));
-+	memset(session_key, 0, 16);
-+	return False;
-+ }
-+ //#endif
- 
- #endif
---- source/libads/kerberos_verify.c	2003-06-28 23:40:55.000000000 +0200
-+++ source/libads/kerberos_verify.c	2003-07-02 00:50:13.000000000 +0200
-@@ -38,7 +38,9 @@
- 	krb5_keytab keytab = NULL;
- 	krb5_data packet;
- 	krb5_ticket *tkt = NULL;
--	int ret, i;
-+	int ret;
-+#ifndef USE_KEYTAB
-+	int i;
- 	krb5_keyblock * key;
- 	krb5_principal host_princ;
- 	char *host_princ_s;
-@@ -46,8 +48,10 @@
- 	char *password_s;
- 	krb5_data password;
- 	krb5_enctype *enctypes = NULL;
-+#endif /* USE_KEYTAB */
- 	BOOL auth_ok = False;
- 
-+#ifndef USE_KEYTAB
- 	if (!secrets_init()) {
- 		DEBUG(1,("secrets_init failed\n"));
- 		return NT_STATUS_LOGON_FAILURE;
-@@ -61,6 +65,7 @@
- 
- 	password.data = password_s;
- 	password.length = strlen(password_s);
-+#endif /* USE_KEYTAB */
- 
- 	ret = krb5_init_context(&context);
- 	if (ret) {
-@@ -82,7 +87,16 @@
- 		DEBUG(1,("krb5_auth_con_init failed (%s)\n", error_message(ret)));
- 		return NT_STATUS_LOGON_FAILURE;
- 	}
-+#ifdef USE_KEYTAB
-+	packet.length = ticket->length;
-+	packet.data = (krb5_pointer)ticket->data;
- 
-+	if (!(ret = krb5_rd_req(context, &auth_context, &packet, 
-+				NULL, keytab, NULL, &tkt))) {
-+		auth_ok = True;
-+	}
-+
-+#else
- 	fstrcpy(myname, global_myname());
- 	strlower(myname);
- 	asprintf(&host_princ_s, "HOST/%s@%s", myname, lp_realm());
-@@ -121,6 +135,9 @@
- 		}
- 	}
- 
-+	SAFE_FREE(key);
-+#endif /* USE_KEYTAB */
-+
- 	if (!auth_ok) {
- 		DEBUG(3,("krb5_rd_req with auth failed (%s)\n", 
- 			 error_message(ret)));
---- source/Makefile.in	2003-07-01 23:35:49.000000000 +0200
-+++ source/Makefile.in	2003-07-02 01:20:09.000000000 +0200
-@@ -806,7 +806,7 @@
- 
- bin/pdbedit@EXEEXT@: $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy
- 	@echo Linking $@
--	@$(CC) $(FLAGS) -o $@ $(IDMAP_LIBS) $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS)
-+	@$(CC) $(FLAGS) -o $@ $(IDMAP_LIBS) $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDBLIBS) $(KRB5LIBS)
- 
- bin/samtest@EXEEXT@: $(SAMTEST_OBJ) @BUILD_POPT@ bin/.dummy
- 	@echo Linking $@
-@@ -1062,7 +1062,7 @@
- 
- bin/wbinfo@EXEEXT@: $(WBINFO_OBJ) @BUILD_POPT@ bin/.dummy
- 	@echo Linking $@
--	@$(LINK) -o $@ $(WBINFO_OBJ) $(LIBS) @POPTLIBS@
-+	@$(LINK) -o $@ $(WBINFO_OBJ) $(LIBS) @POPTLIBS@ $(KRB5LIBS)
- 
- bin/ntlm_auth@EXEEXT@: $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
- 		$(UBIQX_OBJ) @BUILD_POPT@ bin/.dummy