diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-11-09 00:33:43 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:25:24 -0500 |
commit | ed77e4e57beee0c9c8b0c4c75626c41ebfc5b0c4 (patch) | |
tree | 5511351e20b0ac0c7489a2ac1f5f2b9973a6baec /source4/heimdal/lib/krb5 | |
parent | a779d288a84bc64393f64798006a06432f3a6197 (diff) | |
download | samba-ed77e4e57beee0c9c8b0c4c75626c41ebfc5b0c4.tar.gz samba-ed77e4e57beee0c9c8b0c4c75626c41ebfc5b0c4.tar.bz2 samba-ed77e4e57beee0c9c8b0c4c75626c41ebfc5b0c4.zip |
r19644: Merge up to current lorikeet-heimdal, incling adding
gsskrb5_set_default_realm(), which should fix mimir's issues.
Andrew Bartlett
(This used to be commit 8117e76d2adee163925a29df872015ff5021a1d3)
Diffstat (limited to 'source4/heimdal/lib/krb5')
-rw-r--r-- | source4/heimdal/lib/krb5/context.c | 6 | ||||
-rw-r--r-- | source4/heimdal/lib/krb5/get_for_creds.c | 88 | ||||
-rw-r--r-- | source4/heimdal/lib/krb5/mk_req.c | 2 | ||||
-rw-r--r-- | source4/heimdal/lib/krb5/store_mem.c | 33 |
4 files changed, 81 insertions, 48 deletions
diff --git a/source4/heimdal/lib/krb5/context.c b/source4/heimdal/lib/krb5/context.c index a25bb80786..f3b0fad347 100644 --- a/source4/heimdal/lib/krb5/context.c +++ b/source4/heimdal/lib/krb5/context.c @@ -34,7 +34,7 @@ #include "krb5_locl.h" #include <com_err.h> -RCSID("$Id: context.c,v 1.110 2006/11/04 03:27:47 lha Exp $"); +RCSID("$Id: context.c,v 1.111 2006/11/08 02:55:46 lha Exp $"); #define INIT_FIELD(C, T, E, D, F) \ (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \ @@ -707,13 +707,13 @@ krb5_get_kdc_sec_offset (krb5_context context, int32_t *sec, int32_t *usec) } time_t KRB5_LIB_FUNCTION -krb5_get_time_wrap (krb5_context context) +krb5_get_max_time_skew (krb5_context context) { return context->max_skew; } void KRB5_LIB_FUNCTION -krb5_set_time_wrap (krb5_context context, time_t t) +krb5_set_max_time_skew (krb5_context context, time_t t) { context->max_skew = t; } diff --git a/source4/heimdal/lib/krb5/get_for_creds.c b/source4/heimdal/lib/krb5/get_for_creds.c index 661d05663b..6eebf1fa80 100644 --- a/source4/heimdal/lib/krb5/get_for_creds.c +++ b/source4/heimdal/lib/krb5/get_for_creds.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -162,8 +162,7 @@ krb5_get_forwarded_creds (krb5_context context, { krb5_error_code ret; krb5_creds *out_creds; - krb5_addresses *paddrs = NULL; - krb5_addresses addrs; + krb5_addresses addrs, *paddrs; KRB_CRED cred; KrbCredInfo *krb_cred_info; EncKrbCredPart enc_krb_cred_part; @@ -172,53 +171,58 @@ krb5_get_forwarded_creds (krb5_context context, size_t buf_size; krb5_kdc_flags kdc_flags; krb5_crypto crypto; + struct addrinfo *ai; int save_errno; krb5_creds *ticket; char *realm; - krb5_boolean noaddr_ever; - - addrs.len = 0; - addrs.val = NULL; realm = in_creds->client->realm; - krb5_appdefault_boolean(context, NULL, realm, "no-addresses-ever", - TRUE, &noaddr_ever); - if (!noaddr_ever) { - struct addrinfo *ai; - paddrs = &addrs; - - /* - * If tickets are address-less, forward address-less tickets. - */ - - ret = _krb5_get_krbtgt (context, - ccache, - realm, - &ticket); - if(ret == 0) { - if (ticket->addresses.len == 0) - paddrs = NULL; - krb5_free_creds (context, ticket); - } - - if (paddrs != NULL) { - - ret = getaddrinfo (hostname, NULL, NULL, &ai); - if (ret) { - save_errno = errno; - krb5_set_error_string(context, "resolving %s: %s", - hostname, gai_strerror(ret)); - return krb5_eai_to_heim_errno(ret, save_errno); - } - - ret = add_addrs (context, &addrs, ai); - freeaddrinfo (ai); - if (ret) - return ret; - } + addrs.len = 0; + addrs.val = NULL; + paddrs = &addrs; + + { + krb5_boolean noaddr; + krb5_appdefault_boolean(context, NULL, realm, + "no-addresses", KRB5_ADDRESSLESS_DEFAULT, + &noaddr); + if (noaddr) + paddrs = NULL; } + + /* + * If tickets are address-less, forward address-less tickets. + */ + + if (paddrs) { + ret = _krb5_get_krbtgt (context, + ccache, + realm, + &ticket); + if(ret == 0) { + if (ticket->addresses.len == 0) + paddrs = NULL; + krb5_free_creds (context, ticket); + } + } + + if (paddrs != NULL) { + ret = getaddrinfo (hostname, NULL, NULL, &ai); + if (ret) { + save_errno = errno; + krb5_set_error_string(context, "resolving %s: %s", + hostname, gai_strerror(ret)); + return krb5_eai_to_heim_errno(ret, save_errno); + } + + ret = add_addrs (context, &addrs, ai); + freeaddrinfo (ai); + if (ret) + return ret; + } + kdc_flags.b = int2KDCOptions(flags); ret = krb5_get_kdc_cred (context, diff --git a/source4/heimdal/lib/krb5/mk_req.c b/source4/heimdal/lib/krb5/mk_req.c index 44e5d9c222..adc077e13f 100644 --- a/source4/heimdal/lib/krb5/mk_req.c +++ b/source4/heimdal/lib/krb5/mk_req.c @@ -64,9 +64,7 @@ krb5_mk_req_exact(krb5_context context, if (auth_context && *auth_context && (*auth_context)->keytype) this_cred.session.keytype = (*auth_context)->keytype; - /* This is the network contact with the KDC */ ret = krb5_get_credentials (context, 0, ccache, &this_cred, &cred); - krb5_free_cred_contents(context, &this_cred); if (ret) return ret; diff --git a/source4/heimdal/lib/krb5/store_mem.c b/source4/heimdal/lib/krb5/store_mem.c index decf74adce..d2b6d18252 100644 --- a/source4/heimdal/lib/krb5/store_mem.c +++ b/source4/heimdal/lib/krb5/store_mem.c @@ -34,7 +34,7 @@ #include "krb5_locl.h" #include "store-int.h" -RCSID("$Id: store_mem.c,v 1.12 2004/05/25 21:44:17 lha Exp $"); +RCSID("$Id: store_mem.c,v 1.13 2006/11/07 23:02:53 lha Exp $"); typedef struct mem_storage{ unsigned char *base; @@ -64,6 +64,12 @@ mem_store(krb5_storage *sp, const void *data, size_t size) return size; } +static ssize_t +mem_no_store(krb5_storage *sp, const void *data, size_t size) +{ + return -1; +} + static off_t mem_seek(krb5_storage *sp, off_t offset, int whence) { @@ -117,3 +123,28 @@ krb5_storage_from_data(krb5_data *data) { return krb5_storage_from_mem(data->data, data->length); } + +krb5_storage * KRB5_LIB_FUNCTION +krb5_storage_from_readonly_mem(const void *buf, size_t len) +{ + krb5_storage *sp = malloc(sizeof(krb5_storage)); + mem_storage *s; + if(sp == NULL) + return NULL; + s = malloc(sizeof(*s)); + if(s == NULL) { + free(sp); + return NULL; + } + sp->data = s; + sp->flags = 0; + sp->eof_code = HEIM_ERR_EOF; + s->base = rk_UNCONST(buf); + s->size = len; + s->ptr = rk_UNCONST(buf); + sp->fetch = mem_fetch; + sp->store = mem_no_store; + sp->seek = mem_seek; + sp->free = NULL; + return sp; +} |