]>
Commit | Line | Data |
---|---|---|
53d3e038 JB |
1 | --- adcli-0.8.1/library/adconn.c.orig 2015-12-16 10:33:30.000000000 +0100 |
2 | +++ adcli-0.8.1/library/adconn.c 2016-01-25 18:35:35.837816534 +0100 | |
52cfd9ec JB |
3 | @@ -28,7 +28,7 @@ |
4 | #include "addisco.h" | |
5 | ||
6 | #include <gssapi/gssapi_krb5.h> | |
7 | -#include <krb5/krb5.h> | |
8 | +#include <krb5.h> | |
9 | #include <ldap.h> | |
10 | #include <sasl/sasl.h> | |
11 | ||
53d3e038 | 12 | @@ -480,10 +480,12 @@ _adcli_kinit_computer_creds (adcli_conn |
52cfd9ec JB |
13 | code = krb5_get_init_creds_opt_alloc (k5, &opt); |
14 | return_val_if_fail (code == 0, code); | |
15 | ||
16 | +#ifdef MIT_KRB | |
17 | if (ccache) { | |
18 | code = krb5_get_init_creds_opt_set_out_ccache (k5, opt, ccache); | |
19 | return_val_if_fail (code == 0, code); | |
20 | } | |
21 | +#endif | |
22 | ||
23 | memset (&dummy, 0, sizeof (dummy)); | |
24 | if (!creds) | |
53d3e038 | 25 | @@ -553,10 +555,12 @@ _adcli_kinit_user_creds (adcli_conn *con |
52cfd9ec JB |
26 | code = krb5_get_init_creds_opt_alloc (k5, &opt); |
27 | return_val_if_fail (code == 0, code); | |
28 | ||
29 | +#ifdef MIT_KRB | |
30 | if (ccache) { | |
31 | code = krb5_get_init_creds_opt_set_out_ccache (k5, opt, ccache); | |
32 | return_val_if_fail (code == 0, code); | |
33 | } | |
34 | +#endif | |
35 | ||
36 | memset (&dummy, 0, sizeof (dummy)); | |
37 | if (!creds) | |
53d3e038 JB |
38 | @@ -688,9 +692,9 @@ prep_kerberos_and_kinit (adcli_conn *con |
39 | ||
40 | if (strcmp (conn->login_keytab_name, "") == 0) { | |
41 | free (conn->login_keytab_name); | |
42 | - conn->login_keytab_name = malloc (MAX_KEYTAB_NAME_LEN); | |
43 | + conn->login_keytab_name = malloc (1100); | |
44 | code = krb5_kt_get_name (conn->k5, conn->keytab, | |
45 | - conn->login_keytab_name, MAX_KEYTAB_NAME_LEN); | |
46 | + conn->login_keytab_name, 1100); | |
47 | conn->login_keytab_name_is_krb5 = 1; | |
48 | return_unexpected_if_fail (code == 0); | |
49 | } | |
50 | @@ -1438,7 +1442,7 @@ adcli_conn_set_login_ccache_name (adcli_ | |
52cfd9ec JB |
51 | |
52 | if (conn->login_ccache_name) { | |
53 | if (conn->login_ccache_name_is_krb5) | |
54 | - krb5_free_string (conn->k5, conn->login_ccache_name); | |
55 | + krb5_xfree (conn->login_ccache_name); | |
56 | else | |
57 | free (conn->login_ccache_name); | |
58 | } | |
53d3e038 JB |
59 | @@ -1474,7 +1478,7 @@ adcli_conn_set_login_keytab_name (adcli_ |
60 | ||
61 | if (conn->login_keytab_name) { | |
62 | if (conn->login_keytab_name_is_krb5) | |
63 | - krb5_free_string (conn->k5, conn->login_keytab_name); | |
64 | + krb5_xfree (conn->login_keytab_name); | |
65 | else | |
66 | free (conn->login_keytab_name); | |
67 | } | |
52cfd9ec JB |
68 | --- adcli-0.7.5/library/adconn.h.orig 2013-08-07 10:07:41.000000000 +0200 |
69 | +++ adcli-0.7.5/library/adconn.h 2014-12-22 22:50:24.107575979 +0100 | |
70 | @@ -26,7 +26,7 @@ | |
71 | ||
72 | #include "adutil.h" | |
73 | ||
74 | -#include <krb5/krb5.h> | |
75 | +#include <krb5.h> | |
76 | #include <ldap.h> | |
77 | ||
78 | typedef enum { | |
53d3e038 JB |
79 | --- adcli-0.8.1/library/adenroll.c.orig 2015-12-11 11:37:01.000000000 +0100 |
80 | +++ adcli-0.8.1/library/adenroll.c 2016-01-25 17:48:42.724601210 +0100 | |
52cfd9ec JB |
81 | @@ -28,7 +28,7 @@ |
82 | #include "seq.h" | |
83 | ||
84 | #include <gssapi/gssapi_krb5.h> | |
85 | -#include <krb5/krb5.h> | |
86 | +#include <krb5.h> | |
87 | #include <ldap.h> | |
88 | #include <sasl/sasl.h> | |
89 | ||
53d3e038 | 90 | @@ -855,7 +855,7 @@ set_password_with_user_creds (adcli_enro |
52cfd9ec JB |
91 | message ? ": " : "", message ? message : ""); |
92 | res = ADCLI_ERR_CREDENTIALS; | |
93 | #ifdef HAVE_KRB5_CHPW_MESSAGE | |
94 | - krb5_free_string (k5, message); | |
95 | + krb5_xfree (message); | |
96 | #else | |
97 | free (message); | |
98 | #endif | |
53d3e038 | 99 | @@ -919,7 +919,7 @@ set_password_with_computer_creds (adcli_ |
52cfd9ec JB |
100 | message ? ": " : "", message ? message : ""); |
101 | res = ADCLI_ERR_CREDENTIALS; | |
102 | #ifdef HAVE_KRB5_CHPW_MESSAGE | |
103 | - krb5_free_string (k5, message); | |
104 | + krb5_xfree (message); | |
105 | #else | |
106 | free (message); | |
107 | #endif | |
53d3e038 JB |
108 | @@ -1245,10 +1245,10 @@ ensure_host_keytab (adcli_result res, |
109 | return res; | |
52cfd9ec | 110 | |
53d3e038 | 111 | if (!enroll->keytab_name) { |
52cfd9ec JB |
112 | - name = malloc (MAX_KEYTAB_NAME_LEN + 1); |
113 | + name = malloc (1100 + 1); | |
114 | return_unexpected_if_fail (name != NULL); | |
115 | ||
116 | - code = krb5_kt_get_name (k5, enroll->keytab, name, MAX_KEYTAB_NAME_LEN + 1); | |
117 | + code = krb5_kt_get_name (k5, enroll->keytab, name, 1100 + 1); | |
118 | return_unexpected_if_fail (code == 0); | |
119 | ||
120 | enroll->keytab_name = name; | |
53d3e038 JB |
121 | @@ -1274,13 +1274,13 @@ load_keytab_entry (krb5_context k5, |
122 | ||
123 | /* Skip over any entry without a principal or realm */ | |
124 | principal = entry->principal; | |
125 | - if (!principal || !principal->realm.length) | |
126 | + if (!principal || !krb5_realm_length(principal->realm)) | |
127 | return TRUE; | |
128 | ||
129 | /* Use the first keytab entry as realm */ | |
130 | realm = adcli_conn_get_domain_realm (enroll->conn); | |
131 | if (!realm) { | |
132 | - value = _adcli_str_dupn (principal->realm.data, principal->realm.length); | |
133 | + value = _adcli_str_dupn (krb5_realm_data(principal->realm), krb5_realm_length(principal->realm)); | |
134 | adcli_conn_set_domain_realm (enroll->conn, value); | |
135 | _adcli_info ("Found realm in keytab: %s", value); | |
136 | realm = adcli_conn_get_domain_realm (enroll->conn); | |
137 | @@ -1289,7 +1289,7 @@ load_keytab_entry (krb5_context k5, | |
138 | ||
139 | /* Only look at entries that match the realm */ | |
140 | len = strlen (realm); | |
141 | - if (principal->realm.length != len && strncmp (realm, principal->realm.data, len) != 0) | |
142 | + if (krb5_realm_length(principal->realm) != len && strncmp (realm, krb5_realm_data(principal->realm), len) != 0) | |
143 | return TRUE; | |
144 | ||
145 | code = krb5_unparse_name_flags (k5, principal, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &name); | |
146 | @@ -1396,6 +1396,7 @@ build_principal_salts (adcli_enroll *enr | |
52cfd9ec JB |
147 | { |
148 | krb5_error_code code; | |
149 | krb5_data *salts; | |
150 | + krb5_salt salt; | |
151 | const int count = 3; | |
152 | int i = 0; | |
153 | ||
53d3e038 | 154 | @@ -1403,8 +1404,9 @@ build_principal_salts (adcli_enroll *enr |
52cfd9ec JB |
155 | return_val_if_fail (salts != NULL, NULL); |
156 | ||
157 | /* Build up the salts, first a standard kerberos salt */ | |
158 | - code = krb5_principal2salt (k5, principal, &salts[i++]); | |
159 | + code = krb5_get_pw_salt (k5, principal, &salt); | |
160 | return_val_if_fail (code == 0, NULL); | |
161 | + salts[i++] = salt.saltvalue; | |
162 | ||
163 | /* Then a Windows 2003 computer account salt */ | |
164 | code = _adcli_krb5_w2k3_salt (k5, principal, enroll->computer_name, &salts[i++]); | |
53d3e038 | 165 | @@ -2123,7 +2125,7 @@ adcli_enroll_set_keytab_name (adcli_enro |
52cfd9ec JB |
166 | if (enroll->keytab_name_is_krb5) { |
167 | k5 = adcli_conn_get_krb5_context (enroll->conn); | |
168 | return_if_fail (k5 != NULL); | |
169 | - krb5_free_string (k5, enroll->keytab_name); | |
170 | + krb5_xfree (enroll->keytab_name); | |
171 | } else { | |
172 | free (enroll->keytab_name); | |
173 | } | |
174 | --- adcli-0.7.5/library/adkrb5.c.orig 2013-04-17 22:57:03.000000000 +0200 | |
175 | +++ adcli-0.7.5/library/adkrb5.c 2014-12-23 19:50:58.044401806 +0100 | |
176 | @@ -27,7 +27,7 @@ | |
177 | #include "adprivate.h" | |
178 | ||
179 | #include <gssapi/gssapi_krb5.h> | |
180 | -#include <krb5/krb5.h> | |
181 | +#include <krb5.h> | |
182 | ||
183 | #include <assert.h> | |
184 | #include <ctype.h> | |
185 | @@ -78,7 +78,7 @@ _adcli_krb5_keytab_clear (krb5_context k | |
186 | ||
187 | /* See if we should remove this entry */ | |
188 | if (!match_func (k5, &entry, match_data)) { | |
189 | - krb5_free_keytab_entry_contents (k5, &entry); | |
190 | + krb5_kt_free_entry (k5, &entry); | |
191 | continue; | |
192 | } | |
193 | ||
194 | @@ -91,7 +91,7 @@ _adcli_krb5_keytab_clear (krb5_context k | |
195 | return_val_if_fail (code == 0, code); | |
196 | ||
197 | code = krb5_kt_remove_entry (k5, keytab, &entry); | |
198 | - krb5_free_keytab_entry_contents (k5, &entry); | |
199 | + krb5_kt_free_entry (k5, &entry); | |
200 | ||
201 | if (code != 0) | |
202 | return code; | |
203 | @@ -138,9 +138,10 @@ _adcli_krb5_keytab_add_entries (krb5_con | |
204 | int i; | |
205 | ||
206 | for (i = 0; enctypes[i] != 0; i++) { | |
207 | + krb5_salt k5salt = { KRB5_PADATA_PW_SALT, *salt }; | |
208 | memset (&entry, 0, sizeof(entry)); | |
209 | ||
210 | - code = krb5_c_string_to_key (k5, enctypes[i], password, salt, &entry.key); | |
211 | + code = krb5_string_to_key_data_salt (k5, enctypes[i], *password, k5salt, &entry.keyblock); | |
212 | if (code != 0) | |
213 | return code; | |
214 | ||
215 | @@ -150,7 +151,7 @@ _adcli_krb5_keytab_add_entries (krb5_con | |
216 | code = krb5_kt_add_entry (k5, keytab, &entry); | |
217 | ||
218 | entry.principal = NULL; | |
219 | - krb5_free_keytab_entry_contents (k5, &entry); | |
220 | + krb5_kt_free_entry (k5, &entry); | |
221 | ||
222 | if (code != 0) | |
223 | return code; | |
224 | @@ -225,11 +226,12 @@ _adcli_krb5_w2k3_salt (krb5_context k5, | |
225 | const char *host_netbios, | |
226 | krb5_data *salt) | |
227 | { | |
228 | - krb5_data *realm; | |
229 | + krb5_realm *realm; | |
230 | size_t size = 0; | |
231 | size_t host_length = 0; | |
232 | size_t at = 0; | |
233 | int i; | |
234 | + char *salt_data; | |
235 | ||
236 | /* | |
237 | * The format for the w2k3 computer account salt is: | |
238 | @@ -239,37 +241,37 @@ _adcli_krb5_w2k3_salt (krb5_context k5, | |
239 | realm = krb5_princ_realm (k5, principal); | |
240 | host_length = strlen (host_netbios); | |
241 | ||
242 | - size += realm->length; | |
243 | + size += krb5_realm_length(*realm); | |
244 | size += 4; /* "host" */ | |
245 | size += host_length; | |
246 | size += 1; /* "." */ | |
247 | - size += realm->length; | |
248 | + size += krb5_realm_length(*realm); | |
249 | ||
250 | - salt->data = malloc (size); | |
251 | + salt_data = salt->data = malloc (size); | |
252 | return_val_if_fail (salt->data != NULL, ENOMEM); | |
253 | ||
254 | /* Upper case realm */ | |
255 | - for (i = 0; i < realm->length; i++) | |
256 | - salt->data[at + i] = toupper (realm->data[i]); | |
257 | - at += realm->length; | |
258 | + for (i = 0; i < krb5_realm_length(*realm); i++) | |
259 | + salt_data[at + i] = toupper (krb5_realm_data(*realm)[i]); | |
260 | + at += krb5_realm_length(*realm); | |
261 | ||
262 | /* The string "host" */ | |
263 | - memcpy (salt->data + at, "host", 4); | |
264 | + memcpy (salt_data + at, "host", 4); | |
265 | at += 4; | |
266 | ||
267 | /* The netbios name in lower case */ | |
268 | for (i = 0; i < host_length; i++) | |
269 | - salt->data[at + i] = tolower (host_netbios[i]); | |
270 | + salt_data[at + i] = tolower (host_netbios[i]); | |
271 | at += host_length; | |
272 | ||
273 | /* The dot */ | |
274 | - memcpy (salt->data + at, ".", 1); | |
275 | + memcpy (salt_data + at, ".", 1); | |
276 | at += 1; | |
277 | ||
278 | /* Lower case realm */ | |
279 | - for (i = 0; i < realm->length; i++) | |
280 | - salt->data[at + i] = tolower (realm->data[i]); | |
281 | - at += realm->length; | |
282 | + for (i = 0; i < krb5_realm_length(*realm); i++) | |
283 | + salt_data[at + i] = tolower (krb5_realm_data(*realm)[i]); | |
284 | + at += krb5_realm_length(*realm); | |
285 | ||
286 | assert (at == size); | |
287 | salt->length = size; | |
288 | --- adcli-0.7.5/library/adldap.c.orig 2013-05-02 12:40:10.000000000 +0200 | |
289 | +++ adcli-0.7.5/library/adldap.c 2014-12-23 14:59:45.321801852 +0100 | |
290 | @@ -27,7 +27,7 @@ | |
291 | #include "adprivate.h" | |
292 | ||
293 | #include <gssapi/gssapi_krb5.h> | |
294 | -#include <krb5/krb5.h> | |
295 | +#include <krb5.h> | |
296 | #include <ldap.h> | |
297 | #include <sasl/sasl.h> | |
298 |