r1198: Merge the Samba 3.0 ntlm_auth, including the kerberos and SPENGO parts.

I have moved the SPNEGO and Kerberos code into libcli/auth, and intend
to refactor them into the same format as NTLMSSP.

Andrew Bartlett
(This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)

2 files changed, 10 insertions, 37 deletions

diff --git a/source4/include/ads.h b/source4/include/ads.h
index 36f898b2b0..27a2e41c52 100644
--- a/source4/include/ads.h
+++ b/source4/include/ads.h
@@ -1,34 +1,33 @@
-/* 
+/*
    Unix SMB/CIFS implementation.
    header for ads (active directory) library routines
    basically this is a wrapper around ldap
 
    Copyright (C) Andrew Tridgell 2001-2003
-   
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
-
-#ifndef _ADS_H
-#define _ADS_H
-
+ 
 typedef struct {
 	void *ld; /* the active ldap structure */
 	struct in_addr ldap_ip; /* the ip of the active connection, if any */
 	time_t last_attempt; /* last attempt to reconnect */
 	int ldap_port;
 	
+	int is_mine;	/* do I own this structure's memory? */
+	
 	/* info needed to find the server */
 	struct {
 		char *realm;
@@ -46,6 +45,7 @@ typedef struct {
 		char *kdc_server;
 		uint_t flags;
 		int time_offset;
+		time_t expire;
 	} auth;
 
 	/* info derived from the servers config */
@@ -226,9 +226,6 @@ typedef void **ADS_MODLIST;
 #define ADS_AUTH_SIMPLE_BIND      0x08
 #define ADS_AUTH_ALLOW_NTLMSSP    0x10
 
-/***************************************
- Some krb5 compat stuff
-***************************************/
 /* Kerberos environment variable names */
 #define KRB5_ENV_CCNAME "KRB5CCNAME"
 
@@ -243,29 +240,3 @@ typedef void **ADS_MODLIST;
 #ifndef HAVE_AP_OPTS_USE_SUBKEY
 #define AP_OPTS_USE_SUBKEY 0
 #endif
-#if defined(HAVE_KRB5)
-
-#ifndef HAVE_KRB5_SET_REAL_TIME
-krb5_error_code krb5_set_real_time(krb5_context context, int32_t seconds, int32_t microseconds);
-#endif
-
-#ifndef HAVE_KRB5_SET_DEFAULT_TGS_KTYPES
-krb5_error_code krb5_set_default_tgs_ktypes(krb5_context ctx, const krb5_enctype *enc);
-#endif
-
-#if defined(HAVE_KRB5_AUTH_CON_SETKEY) && !defined(HAVE_KRB5_AUTH_CON_SETUSERUSERKEY)
-krb5_error_code krb5_auth_con_setuseruserkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *keyblock);
-#endif
-
-/* Samba wrapper function for krb5 functionality. */
-void setup_kaddr( krb5_address *pkaddr, struct sockaddr *paddr);
-int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_data *password, krb5_keyblock *key, krb5_enctype enctype);
-void get_auth_data_from_tkt(DATA_BLOB *auth_data, krb5_ticket *tkt);
-krb5_const_principal get_principal_from_tkt(krb5_ticket *tkt);
-krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters);
-krb5_error_code get_kerberos_allowed_etypes(krb5_context context, krb5_enctype **enctypes);
-void free_kerberos_etypes(krb5_context context, krb5_enctype *enctypes);
-BOOL get_krb5_smb_session_key(krb5_context context, krb5_auth_context auth_context, DATA_BLOB *session_key, BOOL remote);
-#endif /* HAVE_KRB5 */
-
-#endif /* _ADS_H */
diff --git a/source4/include/includes.h b/source4/include/includes.h
index b3cd402e9f..25725bdf4a 100644
--- a/source4/include/includes.h
+++ b/source4/include/includes.h
@@ -649,9 +649,11 @@ extern int errno;
 #include "md5.h"
 #include "hmacmd5.h"
 
+#include "libcli/auth/spnego.h"
 #include "libcli/auth/ntlmssp.h"
 #include "libcli/auth/credentials.h"
 #include "libcli/auth/schannel.h"
+#include "libcli/auth/kerberos.h"
 
 #include "auth/auth.h"