r19604: This is a massive commit, and I appologise in advance for it's size.

This merges Samba4 with lorikeet-heimdal, which itself has been
tracking Heimdal CVS for the past couple of weeks.

This is such a big change because Heimdal reorganised it's internal
structures, with the mechglue merge, and because many of our 'wishes' have been granted:  we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code.  We have adapted to upstream's choice of API in these cases.

In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO
PAC.  This matches windows behavour.  We also have an option to
require the PAC to be present (which allows us to automate the testing
of this code).

This also includes a restructure of how the kerberos dependencies are
handled, due to the fallout of the merge.

Andrew Bartlett
(This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)

1 files changed, 25 insertions, 4 deletions

diff --git a/source4/heimdal/lib/krb5/krb5-private.h b/source4/heimdal/lib/krb5/krb5-private.h
index 9ba288e22b..968b6079b7 100644
--- a/source4/heimdal/lib/krb5/krb5-private.h
+++ b/source4/heimdal/lib/krb5/krb5-private.h
@@ -17,7 +17,7 @@ _krb5_aes_cts_encrypt (
 	const unsigned char */*in*/,
 	unsigned char */*out*/,
 	size_t /*len*/,
-	const void */*aes_key*/,
+	const AES_KEY */*key*/,
 	unsigned char */*ivec*/,
 	const int /*encryptp*/);
 
@@ -46,6 +46,12 @@ _krb5_dh_group_ok (
 	struct krb5_dh_moduli **/*moduli*/,
 	char **/*name*/);
 
+krb5_error_code KRB5_LIB_FUNCTION
+_krb5_enctype_to_oid (
+	krb5_context /*context*/,
+	krb5_enctype /*etype*/,
+	heim_oid */*oid*/);
+
 krb5_error_code
 _krb5_expand_default_cc_name (
 	krb5_context /*context*/,
@@ -101,8 +107,17 @@ _krb5_get_init_creds_opt_copy (
 	krb5_get_init_creds_opt **/*out*/);
 
 void KRB5_LIB_FUNCTION
+_krb5_get_init_creds_opt_free_krb5_error (krb5_get_init_creds_opt */*opt*/);
+
+void KRB5_LIB_FUNCTION
 _krb5_get_init_creds_opt_free_pkinit (krb5_get_init_creds_opt */*opt*/);
 
+void KRB5_LIB_FUNCTION
+_krb5_get_init_creds_opt_set_krb5_error (
+	krb5_context /*context*/,
+	krb5_get_init_creds_opt */*opt*/,
+	const KRB_ERROR */*error*/);
+
 krb5_ssize_t KRB5_LIB_FUNCTION
 _krb5_get_int (
 	void */*buffer*/,
@@ -312,8 +327,8 @@ _krb5_pk_load_id (
 	struct krb5_pk_identity **/*ret_id*/,
 	const char */*user_id*/,
 	const char */*anchor_id*/,
-	char * const */*chain*/,
-	char * const */*revoke*/,
+	char * const */*chain_list*/,
+	char * const */*revoke_list*/,
 	krb5_prompter_fct /*prompter*/,
 	void */*prompter_data*/,
 	char */*password*/);
@@ -372,7 +387,7 @@ _krb5_principal2principalname (
 
 krb5_error_code KRB5_LIB_FUNCTION
 _krb5_principalname2krb5_principal (
-	krb5_context /* context */,
+	krb5_context /*context*/,
 	krb5_principal */*principal*/,
 	const PrincipalName /*from*/,
 	const Realm /*realm*/);
@@ -383,6 +398,12 @@ _krb5_put_int (
 	unsigned long /*value*/,
 	size_t /*size*/);
 
+krb5_error_code KRB5_LIB_FUNCTION
+_krb5_s4u2self_to_checksumdata (
+	krb5_context /*context*/,
+	const PA_S4U2Self */*self*/,
+	krb5_data */*data*/);
+
 int
 _krb5_send_and_recv_tcp (
 	int /*fd*/,