diff options
author | Jim McDonough <jmcd@samba.org> | 2003-02-19 15:48:12 +0000 |
---|---|---|
committer | Jim McDonough <jmcd@samba.org> | 2003-02-19 15:48:12 +0000 |
commit | 83a11f7f0e4331602acefcb3324be6f35f1fef0e (patch) | |
tree | 3141eed2807387c2def2056267919bf4b436243c /source3/libsmb | |
parent | 4560329abbdbdc9dea75f32422ba9b08bcfee726 (diff) | |
download | samba-83a11f7f0e4331602acefcb3324be6f35f1fef0e.tar.gz samba-83a11f7f0e4331602acefcb3324be6f35f1fef0e.tar.bz2 samba-83a11f7f0e4331602acefcb3324be6f35f1fef0e.zip |
Sync with HEAD for verifying kerberos tickets.
(This used to be commit 77e1178a888f0d380a5ef94911a8f07bf04a7ba3)
Diffstat (limited to 'source3/libsmb')
-rw-r--r-- | source3/libsmb/clikrb5.c | 37 |
1 files changed, 33 insertions, 4 deletions
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index e380d80bcc..96e737166c 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -74,7 +74,8 @@ int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_data *password, - krb5_keyblock *key) + krb5_keyblock *key, + krb5_enctype enctype) { int ret; krb5_data salt; @@ -85,14 +86,15 @@ DEBUG(1,("krb5_principal2salt failed (%s)\n", error_message(ret))); return ret; } - krb5_use_enctype(context, &eblock, ENCTYPE_DES_CBC_MD5); + krb5_use_enctype(context, &eblock, enctype); return krb5_string_to_key(context, &eblock, key, password, &salt); } #elif defined(HAVE_KRB5_GET_PW_SALT) && defined(HAVE_KRB5_STRING_TO_KEY_SALT) int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_data *password, - krb5_keyblock *key) + krb5_keyblock *key, + krb5_enctype enctype) { int ret; krb5_salt salt; @@ -102,13 +104,40 @@ DEBUG(1,("krb5_get_pw_salt failed (%s)\n", error_message(ret))); return ret; } - return krb5_string_to_key_salt(context, ENCTYPE_DES_CBC_MD5, password->data, + return krb5_string_to_key_salt(context, enctype, password->data, salt, key); } #else __ERROR_XX_UNKNOWN_CREATE_KEY_FUNCTIONS #endif +#if defined(HAVE_KRB5_GET_PERMITTED_ENCTYPES) +krb5_error_code get_kerberos_allowed_etypes(krb5_context context, + krb5_enctype **enctypes) +{ + return krb5_get_permitted_enctypes(context, enctypes); +} +#elif defined(HAVE_KRB5_GET_DEFAULT_IN_TKT_ETYPES) +krb5_error_code get_kerberos_allowed_etypes(krb5_context context, + krb5_enctype **enctypes) +{ + return krb5_get_default_in_tkt_etypes(context, enctypes); +} +#else + __ERROR_XX_UNKNOWN_GET_ENCTYPES_FUNCTIONS +#endif + + void free_kerberos_etypes(krb5_context context, + krb5_enctype *enctypes) +{ +#if defined(HAVE_KRB5_FREE_KTYPES) + return krb5_free_ktypes(context, enctypes); +#else + SAFE_FREE(enctypes); + return; +#endif +} + #if defined(HAVE_KRB5_AUTH_CON_SETKEY) && !defined(HAVE_KRB5_AUTH_CON_SETUSERUSERKEY) krb5_error_code krb5_auth_con_setuseruserkey(krb5_context context, krb5_auth_context auth_context, |