From 8c38bb75b74ef7a4f40a5490102c77ab7d5fa0ac Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 16 Jul 2003 19:17:33 +0000 Subject: Add krb5_princ_component to Heimdal. Remove cli_ from mark packet signed. Jeremy. (This used to be commit dd46f8b22d6e8411081a1279e1cd32929e40370b) --- source3/configure.in | 15 +++++++++++++++ source3/libsmb/clikrb5.c | 13 +++++++++++++ source3/libsmb/smb_signing.c | 10 +++++----- 3 files changed, 33 insertions(+), 5 deletions(-) diff --git a/source3/configure.in b/source3/configure.in index fd7ee9fc30d..3469de2b592 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -2295,6 +2295,21 @@ if test x"$with_ads_support" = x"yes"; then AC_CHECK_LIB(krb5, krb5_free_ktypes, [AC_DEFINE(HAVE_KRB5_FREE_KTYPES,1, [Whether krb5_free_ktypes is available])]) + AC_CHECK_LIB(krb5, krb5_principal_get_comp_string, + [AC_DEFINE(HAVE_KRB5_PRINCIPAL_GET_COMP_STRING,1, + [Whether krb5_principal_get_comp_string is available])]) + AC_CACHE_CHECK([for the krb5_princ_component macro], + samba_cv_HAVE_KRB5_PRINC_COMPONENT,[ + AC_TRY_LINK([#include ], + [const krb5_data *pkdata; krb5_context context; krb5_principal principal; pkdata = krb5_princ_component(context, principal, 0);], + samba_cv_HAVE_KRB5_PRINC_COMPONENT=yes, + samba_cv_HAVE_KRB5_PRINC_COMPONENT=no)]) + + if test x"$samba_cv_HAVE_KRB5_PRINC_COMPONENT" = x"yes"; then + AC_DEFINE(HAVE_KRB5_PRINC_COMPONENT,1, + [Whether krb5_princ_component is available]) + fi + AC_CACHE_CHECK([for addrtype in krb5_address], samba_cv_HAVE_ADDRTYPE_IN_KRB5_ADDRESS,[ diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index fd5dd91325a..ba8ba11368a 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -388,6 +388,19 @@ failed: return ret; } + + +#if defined(HAVE_KRB5_PRINCIPAL_GET_COMP_STRING) && !defined(HAVE_KRB5_PRINC_COMPONENT) + const krb5_data *krb5_princ_component(krb5_context context, krb5_principal principal, int i ) +{ + static krb5_data kdata; + + kdata.data = krb5_principal_get_comp_string(context, principal, i); + kdata.length = strlen(kdata.data); + return &kdata; +} +#endif + #else /* HAVE_KRB5 */ /* this saves a few linking headaches */ DATA_BLOB cli_krb5_get_ticket(const char *principal, time_t time_offset) diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c index df17362f083..f4ee6c00e04 100644 --- a/source3/libsmb/smb_signing.c +++ b/source3/libsmb/smb_signing.c @@ -106,12 +106,12 @@ static BOOL cli_set_smb_signing_real_common(struct cli_state *cli) return True; } -static void cli_mark_packet_signed(struct cli_state *cli) +static void mark_packet_signed(char *outbuf) { uint16 flags2; - flags2 = SVAL(cli->outbuf,smb_flg2); + flags2 = SVAL(outbuf,smb_flg2); flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES; - SSVAL(cli->outbuf,smb_flg2, flags2); + SSVAL(outbuf,smb_flg2, flags2); } static BOOL cli_signing_good(struct cli_state *cli, BOOL good) @@ -194,7 +194,7 @@ static void cli_simple_sign_outgoing_message(struct cli_state *cli) struct smb_basic_signing_context *data = cli->sign_info.signing_context; /* mark the packet as signed - BEFORE we sign it...*/ - cli_mark_packet_signed(cli); + mark_packet_signed(cli->outbuf); simple_packet_signature(data, cli->outbuf, data->send_seq_num, calc_md5_mac); @@ -365,7 +365,7 @@ BOOL cli_null_set_signing(struct cli_state *cli) static void cli_temp_sign_outgoing_message(struct cli_state *cli) { /* mark the packet as signed - BEFORE we sign it...*/ - cli_mark_packet_signed(cli); + mark_packet_signed(cli->outbuf); /* I wonder what BSRSPYL stands for - but this is what MS actually sends! */ -- cgit