diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-11-09 00:33:43 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:25:24 -0500 |
commit | ed77e4e57beee0c9c8b0c4c75626c41ebfc5b0c4 (patch) | |
tree | 5511351e20b0ac0c7489a2ac1f5f2b9973a6baec /source4/heimdal/lib/gssapi/mech/gss_krb5.c | |
parent | a779d288a84bc64393f64798006a06432f3a6197 (diff) | |
download | samba-ed77e4e57beee0c9c8b0c4c75626c41ebfc5b0c4.tar.gz samba-ed77e4e57beee0c9c8b0c4c75626c41ebfc5b0c4.tar.bz2 samba-ed77e4e57beee0c9c8b0c4c75626c41ebfc5b0c4.zip |
r19644: Merge up to current lorikeet-heimdal, incling adding
gsskrb5_set_default_realm(), which should fix mimir's issues.
Andrew Bartlett
(This used to be commit 8117e76d2adee163925a29df872015ff5021a1d3)
Diffstat (limited to 'source4/heimdal/lib/gssapi/mech/gss_krb5.c')
-rw-r--r-- | source4/heimdal/lib/gssapi/mech/gss_krb5.c | 79 |
1 files changed, 63 insertions, 16 deletions
diff --git a/source4/heimdal/lib/gssapi/mech/gss_krb5.c b/source4/heimdal/lib/gssapi/mech/gss_krb5.c index fd66fb04f5..34cdbeb3c1 100644 --- a/source4/heimdal/lib/gssapi/mech/gss_krb5.c +++ b/source4/heimdal/lib/gssapi/mech/gss_krb5.c @@ -27,11 +27,11 @@ */ #include "mech_locl.h" -RCSID("$Id: gss_krb5.c,v 1.16 2006/11/07 14:41:35 lha Exp $"); +RCSID("$Id: gss_krb5.c,v 1.20 2006/11/08 23:11:03 lha Exp $"); #include <krb5.h> #include <roken.h> -#include "krb5/gsskrb5_locl.h" + OM_uint32 gss_krb5_copy_ccache(OM_uint32 *minor_status, @@ -416,6 +416,24 @@ gss_krb5_free_lucid_sec_context(OM_uint32 *minor_status, void *c) return GSS_S_COMPLETE; } +/* + * + */ + +OM_uint32 +gss_krb5_set_allowable_enctypes(OM_uint32 *minor_status, + gss_cred_id_t cred, + OM_uint32 num_enctypes, + krb5_enctype *enctypes) +{ + *minor_status = 0; + return GSS_S_COMPLETE; +} + +/* + * + */ + OM_uint32 gsskrb5_set_send_to_kdc(struct gsskrb5_send_to_kdc *c) { @@ -443,6 +461,10 @@ gsskrb5_set_send_to_kdc(struct gsskrb5_send_to_kdc *c) return (GSS_S_COMPLETE); } +/* + * + */ + OM_uint32 gsskrb5_extract_authtime_from_sec_context(OM_uint32 *minor_status, gss_ctx_id_t context_handle, @@ -450,11 +472,8 @@ gsskrb5_extract_authtime_from_sec_context(OM_uint32 *minor_status, { gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET; OM_uint32 maj_stat; - krb5_error_code ret; - OM_uint32 time32; if (context_handle == GSS_C_NO_CONTEXT) { - _gsskrb5_set_status("no context handle"); *minor_status = EINVAL; return GSS_S_FAILURE; } @@ -468,14 +487,12 @@ gsskrb5_extract_authtime_from_sec_context(OM_uint32 *minor_status, return maj_stat; if (data_set == GSS_C_NO_BUFFER_SET) { - _gsskrb5_set_status("no buffers returned"); gss_release_buffer_set(minor_status, &data_set); *minor_status = EINVAL; return GSS_S_FAILURE; } if (data_set->count != 1) { - _gsskrb5_set_status("%d != 1 buffers returned", data_set->count); gss_release_buffer_set(minor_status, &data_set); *minor_status = EINVAL; return GSS_S_FAILURE; @@ -483,26 +500,26 @@ gsskrb5_extract_authtime_from_sec_context(OM_uint32 *minor_status, if (data_set->elements[0].length != 4) { gss_release_buffer_set(minor_status, &data_set); - _gsskrb5_set_status("Error extracting authtime from security context: only got %d < 4 bytes", - data_set->elements[0].length); *minor_status = EINVAL; return GSS_S_FAILURE; } - ret = _gsskrb5_decode_om_uint32(data_set->elements[0].value, &time32); - if (ret) { - gss_release_buffer_set(minor_status, &data_set); - *minor_status = ret; - return GSS_S_FAILURE; + { + unsigned char *buf = data_set->elements[0].value; + *authtime = (buf[3] <<24) | (buf[2] << 16) | + (buf[1] << 8) | (buf[0] << 0); } - *authtime = time32; gss_release_buffer_set(minor_status, &data_set); - + *minor_status = 0; return GSS_S_COMPLETE; } +/* + * + */ + OM_uint32 gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status, gss_ctx_id_t context_handle, @@ -598,6 +615,10 @@ gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status, return GSS_S_COMPLETE; } +/* + * + */ + static OM_uint32 gsskrb5_extract_key(OM_uint32 *minor_status, gss_ctx_id_t context_handle, @@ -668,6 +689,10 @@ out: return GSS_S_COMPLETE; } +/* + * + */ + OM_uint32 gsskrb5_extract_service_keyblock(OM_uint32 *minor_status, gss_ctx_id_t context_handle, @@ -700,3 +725,25 @@ gsskrb5_get_subkey(OM_uint32 *minor_status, GSS_KRB5_GET_SUBKEY_X, keyblock); } + +OM_uint32 +gsskrb5_set_default_realm(const char *realm) +{ + struct _gss_mech_switch *m; + gss_buffer_desc buffer; + OM_uint32 junk; + + _gss_load_mech(); + + buffer.value = rk_UNCONST(realm); + buffer.length = strlen(realm); + + SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_set_sec_context_option == NULL) + continue; + m->gm_mech.gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_SET_DEFAULT_REALM_X, &buffer); + } + + return (GSS_S_COMPLETE); +} |