The Samba-Bugzilla – Attachment 7807 Details for
Bug 9111
Fix compilation with newer MIT kerberos which hides internal symbols.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
v3-6-test patch
0001-s3-libsmb-Remove-obsolete-smb_krb5_locate_kdc.patch (text/plain), 7.86 KB, created by
Andreas Schneider
on 2012-08-22 12:31:49 UTC
(
hide
)
Description:
v3-6-test patch
Filename:
MIME Type:
Creator:
Andreas Schneider
Created:
2012-08-22 12:31:49 UTC
Size:
7.86 KB
patch
obsolete
>From 21a1241e3bc2ad9788428ca01cd2a46fe2f423ee Mon Sep 17 00:00:00 2001 >From: Andreas Schneider <asn@samba.org> >Date: Wed, 30 Nov 2011 17:58:30 +0100 >Subject: [PATCH] s3-libsmb: Remove obsolete smb_krb5_locate_kdc. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Signed-off-by: Günther Deschner <gd@samba.org> >Signed-off-by: Andreas Schneider <asn@samba.org> >--- > source3/configure.in | 1 - > source3/include/krb5_protos.h | 4 -- > source3/libsmb/clikrb5.c | 89 ------------------------------------------- > source3/utils/net_lookup.c | 42 +++++++++++--------- > source3/wscript | 2 +- > 5 files changed, 24 insertions(+), 114 deletions(-) > >diff --git a/source3/configure.in b/source3/configure.in >index 373396a..33bbef5 100644 >--- a/source3/configure.in >+++ b/source3/configure.in >@@ -3862,7 +3862,6 @@ if test x"$with_ads_support" != x"no"; then > AC_CHECK_FUNC_EXT(krb5_string_to_key_salt, $KRB5_LIBS) > AC_CHECK_FUNC_EXT(krb5_auth_con_setkey, $KRB5_LIBS) > AC_CHECK_FUNC_EXT(krb5_auth_con_setuseruserkey, $KRB5_LIBS) >- AC_CHECK_FUNC_EXT(krb5_locate_kdc, $KRB5_LIBS) > AC_CHECK_FUNC_EXT(krb5_get_permitted_enctypes, $KRB5_LIBS) > AC_CHECK_FUNC_EXT(krb5_get_default_in_tkt_etypes, $KRB5_LIBS) > AC_CHECK_FUNC_EXT(krb5_free_data_contents, $KRB5_LIBS) >diff --git a/source3/include/krb5_protos.h b/source3/include/krb5_protos.h >index 7b53389..55e353d 100644 >--- a/source3/include/krb5_protos.h >+++ b/source3/include/krb5_protos.h >@@ -71,10 +71,6 @@ bool setup_kaddr( krb5_address *pkaddr, struct sockaddr_storage *paddr); > int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_data *password, krb5_keyblock *key, krb5_enctype enctype, bool no_salt); > bool get_auth_data_from_tkt(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, krb5_ticket *tkt); > krb5_const_principal get_principal_from_tkt(krb5_ticket *tkt); >-krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters); >-#if defined(HAVE_KRB5_LOCATE_KDC) >-krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters); >-#endif > krb5_error_code get_kerberos_allowed_etypes(krb5_context context, krb5_enctype **enctypes); > bool get_krb5_smb_session_key(TALLOC_CTX *mem_ctx, > krb5_context context, >diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c >index b0743e4..7958205 100644 >--- a/source3/libsmb/clikrb5.c >+++ b/source3/libsmb/clikrb5.c >@@ -488,95 +488,6 @@ bool unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ > #endif > } > >-#if !defined(HAVE_KRB5_LOCATE_KDC) >- >-/* krb5_locate_kdc is an internal MIT symbol. MIT are not yet willing to commit >- * to a public interface for this functionality, so we have to be able to live >- * without it if the MIT libraries are hiding their internal symbols. >- */ >- >-#if defined(KRB5_KRBHST_INIT) >-/* Heimdal */ >- krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters) >-{ >- krb5_krbhst_handle hnd; >- krb5_krbhst_info *hinfo; >- krb5_error_code rc; >- int num_kdcs, i; >- struct sockaddr *sa; >- struct addrinfo *ai; >- >- *addr_pp = NULL; >- *naddrs = 0; >- >- rc = krb5_krbhst_init(ctx, realm->data, KRB5_KRBHST_KDC, &hnd); >- if (rc) { >- DEBUG(0, ("smb_krb5_locate_kdc: krb5_krbhst_init failed (%s)\n", error_message(rc))); >- return rc; >- } >- >- for ( num_kdcs = 0; (rc = krb5_krbhst_next(ctx, hnd, &hinfo) == 0); num_kdcs++) >- ; >- >- krb5_krbhst_reset(ctx, hnd); >- >- if (!num_kdcs) { >- DEBUG(0, ("smb_krb5_locate_kdc: zero kdcs found !\n")); >- krb5_krbhst_free(ctx, hnd); >- return -1; >- } >- >- sa = SMB_MALLOC_ARRAY( struct sockaddr, num_kdcs ); >- if (!sa) { >- DEBUG(0, ("smb_krb5_locate_kdc: malloc failed\n")); >- krb5_krbhst_free(ctx, hnd); >- naddrs = 0; >- return -1; >- } >- >- memset(sa, '\0', sizeof(struct sockaddr) * num_kdcs ); >- >- for (i = 0; i < num_kdcs && (rc = krb5_krbhst_next(ctx, hnd, &hinfo) == 0); i++) { >- >-#if defined(HAVE_KRB5_KRBHST_GET_ADDRINFO) >- rc = krb5_krbhst_get_addrinfo(ctx, hinfo, &ai); >- if (rc) { >- DEBUG(0,("krb5_krbhst_get_addrinfo failed: %s\n", error_message(rc))); >- continue; >- } >-#endif >- if (hinfo->ai && hinfo->ai->ai_family == AF_INET) >- memcpy(&sa[i], hinfo->ai->ai_addr, sizeof(struct sockaddr)); >- } >- >- krb5_krbhst_free(ctx, hnd); >- >- *naddrs = num_kdcs; >- *addr_pp = sa; >- return 0; >-} >- >-#else /* ! defined(KRB5_KRBHST_INIT) */ >- >- krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, >- struct sockaddr **addr_pp, int *naddrs, int get_masters) >-{ >- DEBUG(0, ("unable to explicitly locate the KDC on this platform\n")); >- return KRB5_KDC_UNREACH; >-} >- >-#endif /* KRB5_KRBHST_INIT */ >- >-#else /* ! HAVE_KRB5_LOCATE_KDC */ >- >- krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, >- struct sockaddr **addr_pp, int *naddrs, int get_masters) >-{ >- return krb5_locate_kdc(ctx, realm, addr_pp, naddrs, get_masters); >-} >- >-#endif /* HAVE_KRB5_LOCATE_KDC */ >- > #if !defined(HAVE_KRB5_FREE_UNPARSED_NAME) > void krb5_free_unparsed_name(krb5_context context, char *val) > { >diff --git a/source3/utils/net_lookup.c b/source3/utils/net_lookup.c >index 06aedbd..7150254 100644 >--- a/source3/utils/net_lookup.c >+++ b/source3/utils/net_lookup.c >@@ -276,10 +276,11 @@ static int net_lookup_kdc(struct net_context *c, int argc, const char **argv) > #ifdef HAVE_KRB5 > krb5_error_code rc; > krb5_context ctx; >- struct sockaddr_in *addrs; >- int num_kdcs,i; >- krb5_data realm; >- char **realms; >+ struct ip_service *kdcs; >+ const char *realm; >+ int num_kdcs = 0; >+ int i; >+ NTSTATUS status; > > initialize_krb5_error_table(); > rc = krb5_init_context(&ctx); >@@ -289,34 +290,37 @@ static int net_lookup_kdc(struct net_context *c, int argc, const char **argv) > return -1; > } > >- if (argc>0) { >- realm.data = CONST_DISCARD(char *, argv[0]); >- realm.length = strlen(argv[0]); >+ if (argc > 0) { >+ realm = argv[0]; > } else if (lp_realm() && *lp_realm()) { >- realm.data = lp_realm(); >- realm.length = strlen((const char *)realm.data); >+ realm = lp_realm(); > } else { >+ char **realms; >+ > rc = krb5_get_host_realm(ctx, NULL, &realms); > if (rc) { > DEBUG(1,("krb5_gethost_realm failed (%s)\n", > error_message(rc))); > return -1; > } >- realm.data = (char *) *realms; >- realm.length = strlen((const char *)realm.data); >+ realm = (const char *) *realms; > } > >- rc = smb_krb5_locate_kdc(ctx, &realm, (struct sockaddr **)(void *)&addrs, &num_kdcs, 0); >- if (rc) { >- DEBUG(1, ("smb_krb5_locate_kdc failed (%s)\n", error_message(rc))); >+ status = get_kdc_list(realm, NULL, &kdcs, &num_kdcs); >+ if (!NT_STATUS_IS_OK(status)) { >+ DEBUG(1,("get_kdc_list failed (%s)\n", nt_errstr(status))); > return -1; > } >- for (i=0;i<num_kdcs;i++) >- if (addrs[i].sin_family == AF_INET) >- d_printf("%s:%hd\n", inet_ntoa(addrs[i].sin_addr), >- ntohs(addrs[i].sin_port)); >- return 0; > >+ for (i = 0; i < num_kdcs; i++) { >+ char addr[INET6_ADDRSTRLEN]; >+ >+ print_sockaddr(addr, sizeof(addr), &kdcs[i].ss); >+ >+ d_printf("%s:%hd\n", addr, kdcs[i].port); >+ } >+ >+ return 0; > #endif > DEBUG(1, ("No kerberos support\n")); > return -1; >diff --git a/source3/wscript b/source3/wscript >index 0d32561..1ea3559 100644 >--- a/source3/wscript >+++ b/source3/wscript >@@ -639,7 +639,7 @@ msg.msg_acctrightslen = sizeof(fd); > krb5_set_real_time krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes > krb5_set_default_tgs_ktypes krb5_principal2salt krb5_use_enctype > krb5_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey >-krb5_auth_con_setuseruserkey krb5_locate_kdc krb5_get_permitted_enctypes >+krb5_auth_con_setuseruserkey krb5_get_permitted_enctypes > krb5_get_default_in_tkt_etypes krb5_free_data_contents > krb5_principal_get_comp_string krb5_free_unparsed_name > krb5_free_keytab_entry_contents krb5_kt_free_entry krb5_krbhst_init >-- >1.7.11.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
jra
:
review+
gd
:
review+
Actions:
View
Attachments on
bug 9111
: 7807