summaryrefslogtreecommitdiffstats
path: root/source4/libcli/auth
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2004-12-05 16:29:27 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:06:22 -0500
commitf99c93ec57691a393b4ae5ba57176b98f33efc17 (patch)
treeae13cf51ef8046682b457db7587bb5804022918c /source4/libcli/auth
parent1424dccb92f2ed4002ed703e4e8c9aa453d04e01 (diff)
downloadsamba-f99c93ec57691a393b4ae5ba57176b98f33efc17.tar.gz
samba-f99c93ec57691a393b4ae5ba57176b98f33efc17.tar.xz
samba-f99c93ec57691a393b4ae5ba57176b98f33efc17.zip
r4070: move some defines from asn_1.h to the places they belong to
metze (This used to be commit ab2c2f27e1c61516e885f02bf26350f97209057a)
Diffstat (limited to 'source4/libcli/auth')
-rw-r--r--source4/libcli/auth/gensec.h5
-rw-r--r--source4/libcli/auth/gensec_krb5.c5
-rw-r--r--source4/libcli/auth/gensec_ntlmssp.c3
-rw-r--r--source4/libcli/auth/gssapi_parse.c7
-rw-r--r--source4/libcli/auth/kerberos.h7
-rw-r--r--source4/libcli/auth/spnego.c9
-rw-r--r--source4/libcli/auth/spnego_parse.c4
7 files changed, 26 insertions, 14 deletions
diff --git a/source4/libcli/auth/gensec.h b/source4/libcli/auth/gensec.h
index 23d9861cb7..f8b7e292e8 100644
--- a/source4/libcli/auth/gensec.h
+++ b/source4/libcli/auth/gensec.h
@@ -21,6 +21,11 @@
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#define GENSEC_OID_NTLMSSP "1 3 6 1 4 1 311 2 2 10"
+#define GENSEC_OID_SPNEGO "1 3 6 1 5 5 2"
+#define GENSEC_OID_KERBEROS5 "1 2 840 113554 1 2 2"
+#define GENSEC_OID_KERBEROS5_OLD "1 2 840 48018 1 2 2"
+#define GENSEC_OID_KERBEROS5_USER2USER "1 2 840 113554 1 2 2 3"
struct gensec_security;
struct gensec_user {
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c
index 0f1bf8e700..c47d4f26b6 100644
--- a/source4/libcli/auth/gensec_krb5.c
+++ b/source4/libcli/auth/gensec_krb5.c
@@ -29,7 +29,6 @@
#include "libcli/auth/kerberos.h"
#include "librpc/gen_ndr/ndr_krb5pac.h"
#include "auth/auth.h"
-#include "asn_1.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
@@ -754,7 +753,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
static const struct gensec_security_ops gensec_krb5_security_ops = {
.name = "krb5",
.auth_type = DCERPC_AUTH_TYPE_KRB5,
- .oid = OID_KERBEROS5,
+ .oid = GENSEC_OID_KERBEROS5,
.client_start = gensec_krb5_client_start,
.server_start = gensec_krb5_server_start,
.update = gensec_krb5_update,
@@ -766,7 +765,7 @@ static const struct gensec_security_ops gensec_krb5_security_ops = {
static const struct gensec_security_ops gensec_ms_krb5_security_ops = {
.name = "ms_krb5",
.auth_type = DCERPC_AUTH_TYPE_KRB5,
- .oid = OID_KERBEROS5_OLD,
+ .oid = GENSEC_OID_KERBEROS5_OLD,
.client_start = gensec_krb5_client_start,
.server_start = gensec_krb5_server_start,
.update = gensec_krb5_update,
diff --git a/source4/libcli/auth/gensec_ntlmssp.c b/source4/libcli/auth/gensec_ntlmssp.c
index 5e55082c6f..147e2359f4 100644
--- a/source4/libcli/auth/gensec_ntlmssp.c
+++ b/source4/libcli/auth/gensec_ntlmssp.c
@@ -23,7 +23,6 @@
#include "includes.h"
#include "auth/auth.h"
-#include "asn_1.h"
struct gensec_ntlmssp_state {
struct auth_context *auth_context;
@@ -401,7 +400,7 @@ static const struct gensec_security_ops gensec_ntlmssp_security_ops = {
.name = "ntlmssp",
.sasl_name = "NTLM",
.auth_type = DCERPC_AUTH_TYPE_NTLMSSP,
- .oid = OID_NTLMSSP,
+ .oid = GENSEC_OID_NTLMSSP,
.client_start = gensec_ntlmssp_client_start,
.server_start = gensec_ntlmssp_server_start,
.update = gensec_ntlmssp_update,
diff --git a/source4/libcli/auth/gssapi_parse.c b/source4/libcli/auth/gssapi_parse.c
index 529799955d..63bca6d5aa 100644
--- a/source4/libcli/auth/gssapi_parse.c
+++ b/source4/libcli/auth/gssapi_parse.c
@@ -24,6 +24,9 @@
#include "includes.h"
#include "asn_1.h"
+#include "system/kerberos.h"
+#include "libcli/auth/kerberos.h"
+#include "libcli/auth/gensec.h"
/*
generate a krb5 GSS-API wrapper packet given a ticket
@@ -36,7 +39,7 @@ DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *tick
ZERO_STRUCT(data);
asn1_push_tag(&data, ASN1_APPLICATION(0));
- asn1_write_OID(&data, OID_KERBEROS5);
+ asn1_write_OID(&data, GENSEC_OID_KERBEROS5);
asn1_write(&data, tok_id, 2);
asn1_write(&data, ticket->data, ticket->length);
@@ -64,7 +67,7 @@ BOOL gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, D
asn1_load(&data, *blob);
asn1_start_tag(&data, ASN1_APPLICATION(0));
- asn1_check_OID(&data, OID_KERBEROS5);
+ asn1_check_OID(&data, GENSEC_OID_KERBEROS5);
data_remaining = asn1_tag_remaining(&data);
diff --git a/source4/libcli/auth/kerberos.h b/source4/libcli/auth/kerberos.h
index 9d6a5e81ae..3ab71f7875 100644
--- a/source4/libcli/auth/kerberos.h
+++ b/source4/libcli/auth/kerberos.h
@@ -21,6 +21,13 @@
#if defined(HAVE_KRB5)
+/* not really ASN.1, but RFC 1964 */
+#define TOK_ID_KRB_AP_REQ "\x01\x00"
+#define TOK_ID_KRB_AP_REP "\x02\x00"
+#define TOK_ID_KRB_ERROR "\x03\x00"
+#define TOK_ID_GSS_GETMIC "\x01\x01"
+#define TOK_ID_GSS_WRAP "\x02\x01"
+
#ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE
#define KRB5_KEY_TYPE(k) ((k)->keytype)
#define KRB5_KEY_LENGTH(k) ((k)->keyvalue.length)
diff --git a/source4/libcli/auth/spnego.c b/source4/libcli/auth/spnego.c
index 3af1bc1e81..a13afbb186 100644
--- a/source4/libcli/auth/spnego.c
+++ b/source4/libcli/auth/spnego.c
@@ -24,7 +24,6 @@
#include "includes.h"
#include "auth/auth.h"
-#include "asn_1.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
@@ -218,7 +217,7 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec
if (!all_ops[i]->oid) {
continue;
}
- if (strcasecmp(OID_SPNEGO,all_ops[i]->oid) == 0) {
+ if (strcasecmp(GENSEC_OID_SPNEGO,all_ops[i]->oid) == 0) {
continue;
}
@@ -311,7 +310,7 @@ static NTSTATUS gensec_spnego_client_negTokenInit(struct gensec_security *gensec
const char **mechTypes = NULL;
DATA_BLOB unwrapped_out = data_blob(NULL,0);
- mechTypes = gensec_security_oids(out_mem_ctx, OID_SPNEGO);
+ mechTypes = gensec_security_oids(out_mem_ctx, GENSEC_OID_SPNEGO);
if (!mechTypes) {
DEBUG(1, ("no GENSEC OID backends available\n"));
@@ -467,7 +466,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
return nt_status;
} else {
- const char **mechlist = gensec_security_oids(out_mem_ctx, OID_SPNEGO);
+ const char **mechlist = gensec_security_oids(out_mem_ctx, GENSEC_OID_SPNEGO);
const char *mechListMIC;
mechListMIC = talloc_asprintf(out_mem_ctx,"%s$@%s",
@@ -712,7 +711,7 @@ static const struct gensec_security_ops gensec_spnego_security_ops = {
.name = "spnego",
.sasl_name = "GSS-SPNEGO",
.auth_type = DCERPC_AUTH_TYPE_SPNEGO,
- .oid = OID_SPNEGO,
+ .oid = GENSEC_OID_SPNEGO,
.client_start = gensec_spnego_client_start,
.server_start = gensec_spnego_server_start,
.update = gensec_spnego_update,
diff --git a/source4/libcli/auth/spnego_parse.c b/source4/libcli/auth/spnego_parse.c
index 2cf38728a9..32e98a4235 100644
--- a/source4/libcli/auth/spnego_parse.c
+++ b/source4/libcli/auth/spnego_parse.c
@@ -288,7 +288,7 @@ ssize_t spnego_read_data(DATA_BLOB data, struct spnego_data *token)
switch (context) {
case ASN1_APPLICATION(0):
asn1_start_tag(&asn1, ASN1_APPLICATION(0));
- asn1_check_OID(&asn1, OID_SPNEGO);
+ asn1_check_OID(&asn1, GENSEC_OID_SPNEGO);
if (read_negTokenInit(&asn1, &token->negTokenInit)) {
token->type = SPNEGO_NEG_TOKEN_INIT;
}
@@ -321,7 +321,7 @@ ssize_t spnego_write_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct spnego_da
switch (spnego->type) {
case SPNEGO_NEG_TOKEN_INIT:
asn1_push_tag(&asn1, ASN1_APPLICATION(0));
- asn1_write_OID(&asn1, OID_SPNEGO);
+ asn1_write_OID(&asn1, GENSEC_OID_SPNEGO);
write_negTokenInit(&asn1, &spnego->negTokenInit);
asn1_pop_tag(&asn1);
break;