diff options
| author | Jim McDonough <jmcd@samba.org> | 2003-02-19 01:16:40 +0000 |
|---|---|---|
| committer | Jim McDonough <jmcd@samba.org> | 2003-02-19 01:16:40 +0000 |
| commit | adfefcdcb6e9d8ea0458a11b6f684a5cf231c3ba (patch) | |
| tree | d9afd403aac46465eac080932df856dfa675099d /source3/libsmb | |
| parent | e354fd27cb05f9d6259ca480831e325d17cfefea (diff) | |
| download | samba-adfefcdcb6e9d8ea0458a11b6f684a5cf231c3ba.tar.gz samba-adfefcdcb6e9d8ea0458a11b6f684a5cf231c3ba.tar.bz2 samba-adfefcdcb6e9d8ea0458a11b6f684a5cf231c3ba.zip | |
Try to get heimdal working with HEAD.
- Provide generic functions for
- get valid encryption types
- free encryption types
- Add encryption type parm to generic function create_kerberos_key_from_string()
- Try to merge the two versions (between HEAD and SAMBA_3_0) of kerberos_verify.c
I think this should work for both MIT and heimdal, in HEAD. If all goes smooth,
I'll move it over to 3.0 soon...
(This used to be commit 45e409fc8da9f26cf888e13d004392660d7c55d4)
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/clikrb5.c | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index e380d80bcc..c13f663381 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -74,7 +74,8 @@ int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_data *password, - krb5_keyblock *key) + krb5_keyblock *key, + krb5_enctype enctype) { int ret; krb5_data salt; @@ -85,14 +86,15 @@ DEBUG(1,("krb5_principal2salt failed (%s)\n", error_message(ret))); return ret; } - krb5_use_enctype(context, &eblock, ENCTYPE_DES_CBC_MD5); + krb5_use_enctype(context, &eblock, enctype); return krb5_string_to_key(context, &eblock, key, password, &salt); } #elif defined(HAVE_KRB5_GET_PW_SALT) && defined(HAVE_KRB5_STRING_TO_KEY_SALT) int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_data *password, - krb5_keyblock *key) + krb5_keyblock *key, + krb5_enctype enctype) { int ret; krb5_salt salt; @@ -102,13 +104,41 @@ DEBUG(1,("krb5_get_pw_salt failed (%s)\n", error_message(ret))); return ret; } - return krb5_string_to_key_salt(context, ENCTYPE_DES_CBC_MD5, password->data, + return krb5_string_to_key_salt(context, enctype, password->data, salt, key); } #else __ERROR_XX_UNKNOWN_CREATE_KEY_FUNCTIONS #endif +#if defined(HAVE_KRB5_GET_PERMITTED_ENCTYPES) +krb5_error_code get_kerberos_allowed_etypes(krb5_context context, + krb5_enctype **enctypes) +{ + return krb5_get_permitted_enctypes(context, enctypes); +} +#elif defined(HAVE_KRB5_GET_DEFAULT_IN_TKT_ETYPES) +krb5_error_code get_kerberos_allowed_etypes(krb5_context context, + krb5_enctype **enctypes) +{ + return krb5_get_default_in_tkt_etypes(context, enctypes); +} +#else + __ERROR_XX_UNKNOWN_GET_ENCTYPES_FUNCTIONS +#endif + +#if defined(HAVE_KRB5_FREE_KTYPES) +void free_kerberos_etypes(krb5_context context, krb5_enctype *enctypes) +{ + return krb5_free_ktypes(context, enctypes); +} +#else +void free_kerberos_etypes(krb5_context context, krb5_enctype *enctypes) +{ + return free(enctypes); +} +#endif + #if defined(HAVE_KRB5_AUTH_CON_SETKEY) && !defined(HAVE_KRB5_AUTH_CON_SETUSERUSERKEY) krb5_error_code krb5_auth_con_setuseruserkey(krb5_context context, krb5_auth_context auth_context, |