diff options
-rw-r--r-- | source3/libaddns/dns.h | 41 | ||||
-rw-r--r-- | source3/libaddns/dnsgss.c | 16 | ||||
-rw-r--r-- | source3/libaddns/dnssign.c | 8 | ||||
-rw-r--r-- | source3/libaddns/dnsupdate.c | 7 |
4 files changed, 51 insertions, 21 deletions
diff --git a/source3/libaddns/dns.h b/source3/libaddns/dns.h index ec61dff23b..75bf5f7319 100644 --- a/source3/libaddns/dns.h +++ b/source3/libaddns/dns.h @@ -40,8 +40,15 @@ #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> +#include <stdarg.h> + +#ifdef HAVE_UUID_UUID_H #include <uuid/uuid.h> +#endif + +#ifdef HAVE_KRB5_H #include <krb5.h> +#endif #if HAVE_GSSAPI_H #include <gssapi.h> @@ -51,6 +58,10 @@ #include <gssapi/gssapi_generic.h> #endif +#if defined(HAVE_GSSAPI_H) || defined(HAVE_GSSAPI_GSSAPI_H) || defined(HAVE_GSSAPI_GSSAPI_GENERIC_H) +#define HAVE_GSSAPI_SUPPORT 1 +#endif + #include <talloc.h> #define TALLOC(ctx, size) talloc_named_const(ctx, size, __location__) @@ -238,7 +249,6 @@ TXT 16 text strings #define DNS_REFUSED 5 typedef long HANDLE; -typedef gss_ctx_id_t CtxtHandle, *PCtxtHandle; #ifndef _BOOL typedef int BOOL; @@ -485,37 +495,48 @@ void DNSFreeSendBufferContext( HANDLE hSendBuffer ); int32 DNSGetSendBufferContextSize( HANDLE hSendBuffer ); uint8 *DNSGetSendBufferContextBuffer( HANDLE hSendBuffer ); -/* from linux/dnsgss.c */ -int32 DNSVerifyResponseMessage_GSSSuccess( PCtxtHandle pGSSContext, DNS_RR_RECORD * pClientTKeyRecord, DNS_RESPONSE * pDNSResponse ); -int32 DNSVerifyResponseMessage_GSSContinue( PCtxtHandle pGSSContext, DNS_RR_RECORD * pClientTKeyRecord, DNS_RESPONSE * pDNSResponse, uint8 ** ppServerKeyData, int16 * pwServerKeyDataSize ); +/* from dnsgss.c */ + +#ifdef HAVE_GSSAPI_SUPPORT + +int32 DNSVerifyResponseMessage_GSSSuccess( gss_ctx_id_t * pGSSContext, DNS_RR_RECORD * pClientTKeyRecord, DNS_RESPONSE * pDNSResponse ); +int32 DNSVerifyResponseMessage_GSSContinue( gss_ctx_id_t * pGSSContext, DNS_RR_RECORD * pClientTKeyRecord, DNS_RESPONSE * pDNSResponse, uint8 ** ppServerKeyData, int16 * pwServerKeyDataSize ); int32 DNSResponseGetRCode( DNS_RESPONSE * pDNSResponse, int16 * pwRCode ); int32 DNSResponseGetTSIGRecord( DNS_RESPONSE * pDNSResponse, DNS_RR_RECORD ** ppTSIGRecord ); int32 DNSCompareTKeyRecord( DNS_RR_RECORD * pClientTKeyRecord, DNS_RR_RECORD * pTKeyRecord ); int32 DNSBuildTKeyQueryRequest( char *szKeyName, uint8 * pKeyData, int32 dwKeyLen, DNS_REQUEST ** ppDNSRequest ); int32 DNSResponseGetTKeyRecord( DNS_RESPONSE * pDNSResponse, DNS_RR_RECORD ** ppTKeyRecord ); int32 DNSGetTKeyData( DNS_RR_RECORD * pTKeyRecord, uint8 ** ppKeyData, int16 * pwKeyDataSize ); -int32 DNSNegotiateSecureContext( HANDLE hDNSServer, char *szDomain, char *szServerName, char *szKeyName, PCtxtHandle pGSSContext ); +int32 DNSNegotiateSecureContext( HANDLE hDNSServer, char *szDomain, char *szServerName, char *szKeyName, gss_ctx_id_t * pGSSContext ); void display_status( const char *msg, OM_uint32 maj_stat, OM_uint32 min_stat ); int32 DNSNegotiateContextAndSecureUpdate( HANDLE hDNSServer, char *szServiceName, char *szDomainName, char *szHost, int32 dwIPAddress ); -/* from linux/dnsupdate.c */ +#endif /* HAVE_GSSAPI_SUPPORT */ + +/* from dnsupdate.c */ int32 DNSSendUpdate( HANDLE hDNSServer, char *szDomainName, char *szHost, struct in_addr *iplist, int num_addrs, DNS_UPDATE_RESPONSE ** ppDNSUpdateResponse ); -int32 DNSSendSecureUpdate( HANDLE hDNSServer, PCtxtHandle pGSSContext, char *pszKeyName, char *szDomainName, char *szHost, int32 dwIP, DNS_UPDATE_RESPONSE ** ppDNSUpdateResponse ); -int32 DNSUpdateGenerateSignature( PCtxtHandle pGSSContext, DNS_UPDATE_REQUEST * pDNSUpdateRequest, char *pszKeyName ); int32 DNSBuildSignatureBuffer( int32 dwMaxSignatureSize, uint8 ** ppSignature ); int32 DNSBuildMessageBuffer( DNS_UPDATE_REQUEST * pDNSUpdateRequest, char *szKeyName, int32 * pdwTimeSigned, int16 * pwFudge, uint8 ** ppMessageBuffer, int32 * pdwMessageSize ); int32 DNSClose( HANDLE hDNSUpdate ); +#ifdef HAVE_GSSAPI_SUPPORT +int32 DNSSendSecureUpdate( HANDLE hDNSServer, gss_ctx_id_t * pGSSContext, char *pszKeyName, char *szDomainName, char *szHost, int32 dwIP, DNS_UPDATE_RESPONSE ** ppDNSUpdateResponse ); +int32 DNSUpdateGenerateSignature( gss_ctx_id_t * pGSSContext, DNS_UPDATE_REQUEST * pDNSUpdateRequest, char *pszKeyName ); +#endif /* HAVE_GSSAPI_SUPPORT */ + /* from dnsupresp.c */ int32 DNSUpdateReceiveUpdateResponse( HANDLE hDNSHandle, DNS_UPDATE_RESPONSE ** ppDNSResponse ); /* from dnssign.c */ -int32 DNSGenerateHash( CtxtHandle * gss_context, uint8 * pRequestBuffer, uint8 ** ppMAC, int32 * pdwMacLen ); +#ifdef HAVE_GSSAPI_SUPPORT +int32 DNSGenerateHash( gss_ctx_id_t * gss_context, uint8 * pRequestBuffer, uint8 ** ppMAC, int32 * pdwMacLen ); int32 BuildHashInputBuffer( DNS_REQUEST * pDNSRequest, int32 dwLength, uint8 ** ppHashInputBuffer, int32 * pdwHashInputBufferLen ); -int32 DNSStdValidateAndGetTSIGRecord( CtxtHandle * gss_context, DNS_RESPONSE * pDNSResponse, DNS_RR_RECORD ** ppDNSTSIGRecord ); +int32 DNSStdValidateAndGetTSIGRecord( gss_ctx_id_t * gss_context, DNS_RESPONSE * pDNSResponse, DNS_RR_RECORD ** ppDNSTSIGRecord ); +#endif /* HAVE_GSSAPI_SUPPORT */ + #endif /* _DNS_H */ diff --git a/source3/libaddns/dnsgss.c b/source3/libaddns/dnsgss.c index d710604b01..b4c1500661 100644 --- a/source3/libaddns/dnsgss.c +++ b/source3/libaddns/dnsgss.c @@ -28,6 +28,8 @@ #include <ctype.h> +#ifdef HAVE_GSSAPI_SUPPORT + /********************************************************************* *********************************************************************/ @@ -89,7 +91,7 @@ int32 DNSBuildTKeyQueryRequest( char *szKeyName, /********************************************************************* *********************************************************************/ -int32 DNSVerifyResponseMessage_GSSSuccess( PCtxtHandle pGSSContext, +int32 DNSVerifyResponseMessage_GSSSuccess( gss_ctx_id_t * pGSSContext, DNS_RR_RECORD * pClientTKeyRecord, DNS_RESPONSE * pDNSResponse ) { @@ -133,7 +135,7 @@ int32 DNSVerifyResponseMessage_GSSSuccess( PCtxtHandle pGSSContext, /********************************************************************* *********************************************************************/ -int32 DNSVerifyResponseMessage_GSSContinue( PCtxtHandle pGSSContext, +int32 DNSVerifyResponseMessage_GSSContinue( gss_ctx_id_t * pGSSContext, DNS_RR_RECORD * pClientTKeyRecord, DNS_RESPONSE * pDNSResponse, uint8 ** ppServerKeyData, @@ -283,8 +285,8 @@ int32 DNSNegotiateContextAndSecureUpdate( HANDLE hDNSServer, { int32 dwError = 0; char *pszKeyName = NULL; - CtxtHandle ContextHandle = 0; - CtxtHandle *pContextHandle = &ContextHandle; + gss_ctx_id_t ContextHandle = 0; + gss_ctx_id_t *pContextHandle = &ContextHandle; dwError = DNSGenerateKeyName( &pszKeyName ); BAIL_ON_ERROR( dwError ); @@ -344,7 +346,7 @@ int32 DNSGetTKeyData( DNS_RR_RECORD * pTKeyRecord, int32 DNSNegotiateSecureContext( HANDLE hDNSServer, char *szDomain, char *szServerName, - char *szKeyName, PCtxtHandle pGSSContext ) + char *szKeyName, gss_ctx_id_t * pGSSContext ) { int32 dwError = 0; int32 dwMajorStatus = 0; @@ -413,7 +415,7 @@ int32 DNSNegotiateSecureContext( HANDLE hDNSServer, BAIL_ON_SEC_ERROR( dwMajorStatus ); printf( "After gss_import_name %d\n", dwMajorStatus ); - memset( pGSSContext, 0, sizeof( CtxtHandle ) ); + memset( pGSSContext, 0, sizeof( gss_ctx_id_t ) ); *pGSSContext = GSS_C_NO_CONTEXT; do { @@ -548,3 +550,5 @@ void display_status( const char *msg, OM_uint32 maj_stat, OM_uint32 min_stat ) display_status_1( msg, maj_stat, GSS_C_GSS_CODE ); display_status_1( msg, min_stat, GSS_C_MECH_CODE ); } + +#endif /* HAVE_GSSAPI_SUPPORT */ diff --git a/source3/libaddns/dnssign.c b/source3/libaddns/dnssign.c index b7989c6b1d..3a30e0df7e 100644 --- a/source3/libaddns/dnssign.c +++ b/source3/libaddns/dnssign.c @@ -27,10 +27,12 @@ #include "dns.h" +#ifdef HAVE_GSSAPI_SUPPORT + /********************************************************************* *********************************************************************/ -int32 DNSStdValidateAndGetTSIGRecord( CtxtHandle * gss_context, +int32 DNSStdValidateAndGetTSIGRecord( gss_ctx_id_t * gss_context, DNS_RESPONSE * pDNSResponse, DNS_RR_RECORD ** ppDNSTSIGRecord ) { @@ -42,7 +44,7 @@ int32 DNSStdValidateAndGetTSIGRecord( CtxtHandle * gss_context, /********************************************************************* *********************************************************************/ -int32 DNSUpdateValidateAndGetTSIGRecord( CtxtHandle * gss_context, +int32 DNSUpdateValidateAndGetTSIGRecord( gss_ctx_id_t * gss_context, DNS_UPDATE_RESPONSE * pDNSUpdateResponse, DNS_RR_RECORD ** ppDNSTSIGRecord ) { @@ -50,3 +52,5 @@ int32 DNSUpdateValidateAndGetTSIGRecord( CtxtHandle * gss_context, return dwError; } + +#endif diff --git a/source3/libaddns/dnsupdate.c b/source3/libaddns/dnsupdate.c index 8cf497a653..02c69feac8 100644 --- a/source3/libaddns/dnsupdate.c +++ b/source3/libaddns/dnsupdate.c @@ -337,9 +337,9 @@ int32 DNSSendUpdate( HANDLE hDNSServer, char *szDomainName, char *szHost, /******************************************************************** ********************************************************************/ - +#ifdef HAVE_GSSAPI_SUPPORT int32 DNSSendSecureUpdate( HANDLE hDNSServer, - PCtxtHandle pGSSContext, + gss_ctx_id_t * pGSSContext, char *pszKeyName, char *szDomainName, char *szHost, @@ -425,7 +425,7 @@ int32 DNSSendSecureUpdate( HANDLE hDNSServer, /********************************************************************* *********************************************************************/ -int32 DNSUpdateGenerateSignature( PCtxtHandle pGSSContext, +int32 DNSUpdateGenerateSignature( gss_ctx_id_t * pGSSContext, DNS_UPDATE_REQUEST * pDNSUpdateRequest, char *pszKeyName ) { @@ -492,6 +492,7 @@ int32 DNSUpdateGenerateSignature( PCtxtHandle pGSSContext, return dwError; } +#endif /* HAVE_GSSAPI_SUPPORT */ /********************************************************************* *********************************************************************/ |