r15481: Update heimdal/ to match current lorikeet-heimdal.

This includes many useful upstream changes, many of which should
reduce warnings in our compile.

It also includes a change to the HDB interface, which removes the need
for Samba4/lorikeet-heimdal to deviate from upstream for hdb_fetch().
The new flags replace the old entry type enum.

(This required the rework in hdb-ldb.c included in this commit)

Andrew Bartlett
(This used to be commit ef5604b87744c89e66e4d845f45b23563754ec05)

8 files changed, 77 insertions, 50 deletions

diff --git a/source4/heimdal/lib/hdb/ext.c b/source4/heimdal/lib/hdb/ext.c
index 850b23fb04..a8995e4138 100644
--- a/source4/heimdal/lib/hdb/ext.c
+++ b/source4/heimdal/lib/hdb/ext.c
@@ -34,7 +34,7 @@
 #include "hdb_locl.h"
 #include <der.h>
 
-RCSID("$Id: ext.c,v 1.1 2005/08/11 20:49:31 lha Exp $");
+RCSID("$Id: ext.c,v 1.2 2006/04/25 10:20:22 lha Exp $");
 
 krb5_error_code
 hdb_entry_check_mandatory(krb5_context context, const hdb_entry *ent)
@@ -168,10 +168,10 @@ hdb_replace_extension(krb5_context context,
 
     ret = copy_HDB_extension(ext,
 			     &entry->extensions->val[entry->extensions->len]);
-    if (ret == 0) {
+    if (ret == 0)
 	entry->extensions->len++;
+    else
 	krb5_set_error_string(context, "hdb: failed to copy new extension");
-    }
 
     return ret;
 }
diff --git a/source4/heimdal/lib/hdb/hdb-private.h b/source4/heimdal/lib/hdb/hdb-private.h
index e602f01373..5147d8b90b 100644
--- a/source4/heimdal/lib/hdb/hdb-private.h
+++ b/source4/heimdal/lib/hdb/hdb-private.h
@@ -8,14 +8,13 @@ krb5_error_code
 _hdb_fetch (
 	krb5_context /*context*/,
 	HDB */*db*/,
-	unsigned /*flags*/,
 	krb5_const_principal /*principal*/,
-	enum hdb_ent_type /*ent_type*/,
+	unsigned /*flags*/,
 	hdb_entry_ex */*entry*/);
 
 hdb_master_key
 _hdb_find_master_key (
-	u_int32_t */*mkvno*/,
+	uint32_t */*mkvno*/,
 	hdb_master_key /*mkey*/);
 
 int
@@ -43,7 +42,7 @@ krb5_error_code
 _hdb_remove (
 	krb5_context /*context*/,
 	HDB */*db*/,
-	hdb_entry_ex */*entry*/);
+	krb5_const_principal /*principal*/);
 
 krb5_error_code
 _hdb_store (
diff --git a/source4/heimdal/lib/hdb/hdb.c b/source4/heimdal/lib/hdb/hdb.c
index b89937f82f..5d2ce8f3bb 100644
--- a/source4/heimdal/lib/hdb/hdb.c
+++ b/source4/heimdal/lib/hdb/hdb.c
@@ -33,7 +33,7 @@
 
 #include "hdb_locl.h"
 
-RCSID("$Id: hdb.c,v 1.60 2005/12/12 12:35:36 lha Exp $");
+RCSID("$Id: hdb.c,v 1.61 2006/04/24 20:57:58 lha Exp $");
 
 #ifdef HAVE_DLFCN_H
 #include <dlfcn.h>
diff --git a/source4/heimdal/lib/hdb/hdb.h b/source4/heimdal/lib/hdb/hdb.h
index 463cbf71f2..d14eea7ddc 100644
--- a/source4/heimdal/lib/hdb/hdb.h
+++ b/source4/heimdal/lib/hdb/hdb.h
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: hdb.h,v 1.36 2005/12/12 12:35:36 lha Exp $ */
+/* $Id: hdb.h,v 1.38 2006/04/28 07:37:11 lha Exp $ */
 
 #ifndef __HDB_H__
 #define __HDB_H__
@@ -44,14 +44,16 @@
 enum hdb_lockop{ HDB_RLOCK, HDB_WLOCK };
 
 /* flags for various functions */
-#define HDB_F_DECRYPT		1 /* decrypt keys */
-#define HDB_F_REPLACE		2 /* replace entry */
+#define HDB_F_DECRYPT		1	/* decrypt keys */
+#define HDB_F_REPLACE		2	/* replace entry */
+#define HDB_F_GET_CLIENT	4	/* fetch client */
+#define HDB_F_GET_SERVER	8	/* fetch server */
+#define HDB_F_GET_KRBTGT	16	/* fetch krbtgt */
+#define HDB_F_GET_ANY		28	/* fetch any of client,server,krbtgt */
 
 /* key usage for master key */
 #define HDB_KU_MKEY	0x484442
 
-enum hdb_ent_type{ HDB_ENT_TYPE_CLIENT, HDB_ENT_TYPE_SERVER, HDB_ENT_TYPE_ANY };
-
 typedef struct hdb_master_key_data *hdb_master_key;
 
 typedef struct hdb_entry_ex {
@@ -87,30 +89,60 @@ typedef struct HDB{
     hdb_master_key hdb_master_key;
     void *hdb_openp;
 
-    krb5_error_code (*hdb_open)(krb5_context, struct HDB*, int, mode_t);
-    krb5_error_code (*hdb_close)(krb5_context, struct HDB*);
-    void	    (*hdb_free)(krb5_context,struct HDB*,hdb_entry_ex*);
-    krb5_error_code (*hdb_fetch)(krb5_context,struct HDB*,unsigned hdb_flags, 
-				 krb5_const_principal principal,
-				 enum hdb_ent_type ent_type, hdb_entry_ex*);
-    krb5_error_code (*hdb_store)(krb5_context,struct HDB*,
-				 unsigned,hdb_entry_ex*);
-    krb5_error_code (*hdb_remove)(krb5_context, struct HDB*, hdb_entry_ex*);
-    krb5_error_code (*hdb_firstkey)(krb5_context, struct HDB*,
-				    unsigned, hdb_entry_ex*);
-    krb5_error_code (*hdb_nextkey)(krb5_context, struct HDB*,
-				   unsigned, hdb_entry_ex*);
-    krb5_error_code (*hdb_lock)(krb5_context, struct HDB*, int operation);
-    krb5_error_code (*hdb_unlock)(krb5_context, struct HDB*);
-    krb5_error_code (*hdb_rename)(krb5_context, struct HDB*, const char*);
-    krb5_error_code (*hdb__get)(krb5_context,struct HDB*,krb5_data,krb5_data*);
-    krb5_error_code (*hdb__put)(krb5_context, struct HDB*, int, 
-				krb5_data, krb5_data);
-    krb5_error_code (*hdb__del)(krb5_context, struct HDB*, krb5_data);
-    krb5_error_code (*hdb_destroy)(krb5_context, struct HDB*);
+    krb5_error_code (*hdb_open)(krb5_context,
+				struct HDB*,
+				int,
+				mode_t);
+    krb5_error_code (*hdb_close)(krb5_context, 
+				 struct HDB*);
+    void	    (*hdb_free)(krb5_context,
+				struct HDB*,
+				hdb_entry_ex*);
+    krb5_error_code (*hdb_fetch)(krb5_context,
+				 struct HDB*,
+				 krb5_const_principal,
+				 unsigned,
+				 hdb_entry_ex*);
+    krb5_error_code (*hdb_store)(krb5_context,
+				 struct HDB*,
+				 unsigned,
+				 hdb_entry_ex*);
+    krb5_error_code (*hdb_remove)(krb5_context,
+				  struct HDB*,
+				  krb5_const_principal);
+    krb5_error_code (*hdb_firstkey)(krb5_context,
+				    struct HDB*,
+				    unsigned,
+				    hdb_entry_ex*);
+    krb5_error_code (*hdb_nextkey)(krb5_context,
+				   struct HDB*,
+				   unsigned,
+				   hdb_entry_ex*);
+    krb5_error_code (*hdb_lock)(krb5_context,
+				struct HDB*,
+				int operation);
+    krb5_error_code (*hdb_unlock)(krb5_context,
+				  struct HDB*);
+    krb5_error_code (*hdb_rename)(krb5_context,
+				  struct HDB*,
+				  const char*);
+    krb5_error_code (*hdb__get)(krb5_context,
+				struct HDB*,
+				krb5_data,
+				krb5_data*);
+    krb5_error_code (*hdb__put)(krb5_context,
+				struct HDB*,
+				int, 
+				krb5_data,
+				krb5_data);
+    krb5_error_code (*hdb__del)(krb5_context, 
+				struct HDB*,
+				krb5_data);
+    krb5_error_code (*hdb_destroy)(krb5_context,
+				   struct HDB*);
 }HDB;
 
-#define HDB_INTERFACE_VERSION	3
+#define HDB_INTERFACE_VERSION	4
 
 struct hdb_so_method {
     int version;
diff --git a/source4/heimdal/lib/hdb/keys.c b/source4/heimdal/lib/hdb/keys.c
index 0ca3846f9d..d7c2f2c89b 100644
--- a/source4/heimdal/lib/hdb/keys.c
+++ b/source4/heimdal/lib/hdb/keys.c
@@ -33,7 +33,7 @@
 
 #include "hdb_locl.h"
 
-RCSID("$Id: keys.c,v 1.4 2006/04/02 00:45:48 lha Exp $");
+RCSID("$Id: keys.c,v 1.5 2006/04/25 08:09:38 lha Exp $");
 
 /*
  * free all the memory used by (len, keys)
@@ -112,23 +112,19 @@ parse_key_set(krb5_context context, const char *key,
 	    if(strcmp(buf[i], "des") == 0) {
 		enctypes = all_etypes;
 		num_enctypes = 3;
-		continue;
 	    } else if(strcmp(buf[i], "des3") == 0) {
 		e = ETYPE_DES3_CBC_SHA1;
 		enctypes = &e;
 		num_enctypes = 1;
-		continue;
 	    } else {
 		ret = krb5_string_to_enctype(context, buf[i], &e);
 		if (ret == 0) {
 		    enctypes = &e;
 		    num_enctypes = 1;
-		    continue;
-		}
+		} else
+		    return ret;
 	    }
-	}
-
-	if(salt->salttype == 0) {
+	} else if(salt->salttype == 0) {
 	    /* interpret string as a salt specifier, if no etype
 	       is set, this sets default values */
 	    /* XXX should perhaps use string_to_salttype, but that
@@ -152,7 +148,7 @@ parse_key_set(krb5_context context, const char *key,
 	       v4 compat, and a cell name for afs compat */
 	    salt->saltvalue.data = strdup(buf[i]);
 	    if (salt->saltvalue.data == NULL) {
-		krb5_set_error_string(context, "malloc out of memory");
+		krb5_set_error_string(context, "out of memory");
 		return ENOMEM;
 	    }
 	    salt->saltvalue.length = strlen(buf[i]);
@@ -297,7 +293,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal,
 	ret = parse_key_set(context, p,
 			    &enctypes, &num_enctypes, &salt, principal);
 	if (ret) {
-	    krb5_warnx(context, "bad value for default_keys `%s'", *kp);
+	    krb5_warn(context, ret, "bad value for default_keys `%s'", *kp);
 	    ret = 0;
 	    continue;
 	}
diff --git a/source4/heimdal/lib/hdb/keytab.c b/source4/heimdal/lib/hdb/keytab.c
index 12979eaecf..b4fa5f84c9 100644
--- a/source4/heimdal/lib/hdb/keytab.c
+++ b/source4/heimdal/lib/hdb/keytab.c
@@ -35,7 +35,7 @@
 
 /* keytab backend for HDB databases */
 
-RCSID("$Id: keytab.c,v 1.10 2006/04/02 20:20:45 lha Exp $");
+RCSID("$Id: keytab.c,v 1.11 2006/04/27 11:01:30 lha Exp $");
 
 struct hdb_data {
     char *dbname;
@@ -218,8 +218,8 @@ hdb_get_entry(krb5_context context,
 	(*db->hdb_destroy)(context, db);
 	return ret;
     }
+    ret = (*db->hdb_fetch)(context, db, principal, HDB_F_DECRYPT, &ent);
 
-    ret = (*db->hdb_fetch)(context, db, HDB_F_DECRYPT, principal, HDB_ENT_TYPE_SERVER, &ent);
 
     /* Shutdown the hdb on error */
     if(ret == HDB_ERR_NOENTRY) {
diff --git a/source4/heimdal/lib/hdb/mkey.c b/source4/heimdal/lib/hdb/mkey.c
index f12f73e809..40569b29ad 100644
--- a/source4/heimdal/lib/hdb/mkey.c
+++ b/source4/heimdal/lib/hdb/mkey.c
@@ -36,7 +36,7 @@
 #define O_BINARY 0
 #endif
 
-RCSID("$Id: mkey.c,v 1.21 2005/08/19 13:07:03 lha Exp $");
+RCSID("$Id: mkey.c,v 1.22 2006/05/05 10:27:59 lha Exp $");
 
 struct hdb_master_key_data {
     krb5_keytab_entry keytab;
@@ -355,7 +355,7 @@ hdb_write_master_key(krb5_context context, const char *filename,
 }
 
 hdb_master_key
-_hdb_find_master_key(u_int32_t *mkvno, hdb_master_key mkey)
+_hdb_find_master_key(uint32_t *mkvno, hdb_master_key mkey)
 {
     hdb_master_key ret = NULL;
     while(mkey) {
diff --git a/source4/heimdal/lib/hdb/ndbm.c b/source4/heimdal/lib/hdb/ndbm.c
index f4c2497abc..6c72ea78c5 100644
--- a/source4/heimdal/lib/hdb/ndbm.c
+++ b/source4/heimdal/lib/hdb/ndbm.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *