[packages/adcli.git] / adcli-heimdal.patch

--- adcli-0.8.1/library/adconn.c.orig	2015-12-16 10:33:30.000000000 +0100
+++ adcli-0.8.1/library/adconn.c	2016-01-25 18:35:35.837816534 +0100
@@ -28,7 +28,7 @@
 #include "addisco.h"
 
 #include <gssapi/gssapi_krb5.h>
-#include <krb5/krb5.h>
+#include <krb5.h>
 #include <ldap.h>
 #include <sasl/sasl.h>
 
@@ -480,10 +480,12 @@ _adcli_kinit_computer_creds (adcli_conn
 	code = krb5_get_init_creds_opt_alloc (k5, &opt);
 	return_val_if_fail (code == 0, code);
 
+#ifdef MIT_KRB
 	if (ccache) {
 		code = krb5_get_init_creds_opt_set_out_ccache (k5, opt, ccache);
 		return_val_if_fail (code == 0, code);
 	}
+#endif
 
 	memset (&dummy, 0, sizeof (dummy));
 	if (!creds)
@@ -553,10 +555,12 @@ _adcli_kinit_user_creds (adcli_conn *con
 	code = krb5_get_init_creds_opt_alloc (k5, &opt);
 	return_val_if_fail (code == 0, code);
 
+#ifdef MIT_KRB
 	if (ccache) {
 		code = krb5_get_init_creds_opt_set_out_ccache (k5, opt, ccache);
 		return_val_if_fail (code == 0, code);
 	}
+#endif
 
 	memset (&dummy, 0, sizeof (dummy));
 	if (!creds)
@@ -688,9 +692,9 @@ prep_kerberos_and_kinit (adcli_conn *con
 
 			if (strcmp (conn->login_keytab_name, "") == 0) {
 				free (conn->login_keytab_name);
-				conn->login_keytab_name = malloc (MAX_KEYTAB_NAME_LEN);
+				conn->login_keytab_name = malloc (1100);
 				code = krb5_kt_get_name (conn->k5, conn->keytab,
-				                         conn->login_keytab_name, MAX_KEYTAB_NAME_LEN);
+				                         conn->login_keytab_name, 1100);
 				conn->login_keytab_name_is_krb5 = 1;
 				return_unexpected_if_fail (code == 0);
 			}
@@ -1438,7 +1442,7 @@ adcli_conn_set_login_ccache_name (adcli_
 
 	if (conn->login_ccache_name) {
 		if (conn->login_ccache_name_is_krb5)
-			krb5_free_string (conn->k5, conn->login_ccache_name);
+			krb5_xfree (conn->login_ccache_name);
 		else
 			free (conn->login_ccache_name);
 	}
@@ -1474,7 +1478,7 @@ adcli_conn_set_login_keytab_name (adcli_
 
 	if (conn->login_keytab_name) {
 		if (conn->login_keytab_name_is_krb5)
-			krb5_free_string (conn->k5, conn->login_keytab_name);
+			krb5_xfree (conn->login_keytab_name);
 		else
 			free (conn->login_keytab_name);
 	}
--- adcli-0.7.5/library/adconn.h.orig	2013-08-07 10:07:41.000000000 +0200
+++ adcli-0.7.5/library/adconn.h	2014-12-22 22:50:24.107575979 +0100
@@ -26,7 +26,7 @@
 
 #include "adutil.h"
 
-#include <krb5/krb5.h>
+#include <krb5.h>
 #include <ldap.h>
 
 typedef enum {
--- adcli-0.8.1/library/adenroll.c.orig	2015-12-11 11:37:01.000000000 +0100
+++ adcli-0.8.1/library/adenroll.c	2016-01-25 17:48:42.724601210 +0100
@@ -28,7 +28,7 @@
 #include "seq.h"
 
 #include <gssapi/gssapi_krb5.h>
-#include <krb5/krb5.h>
+#include <krb5.h>
 #include <ldap.h>
 #include <sasl/sasl.h>
 
@@ -855,7 +855,7 @@ set_password_with_user_creds (adcli_enro
 		            message ? ": " : "", message ? message : "");
 		res = ADCLI_ERR_CREDENTIALS;
 #ifdef HAVE_KRB5_CHPW_MESSAGE
-		krb5_free_string (k5, message);
+		krb5_xfree (message);
 #else
 		free (message);
 #endif
@@ -919,7 +919,7 @@ set_password_with_computer_creds (adcli_
 		            message ? ": " : "", message ? message : "");
 		res = ADCLI_ERR_CREDENTIALS;
 #ifdef HAVE_KRB5_CHPW_MESSAGE
-		krb5_free_string (k5, message);
+		krb5_xfree (message);
 #else
 		free (message);
 #endif
@@ -1245,10 +1245,10 @@ ensure_host_keytab (adcli_result res,
 		return res;
 
 	if (!enroll->keytab_name) {
-		name = malloc (MAX_KEYTAB_NAME_LEN + 1);
+		name = malloc (1100 + 1);
 		return_unexpected_if_fail (name != NULL);
 
-		code = krb5_kt_get_name (k5, enroll->keytab, name, MAX_KEYTAB_NAME_LEN + 1);
+		code = krb5_kt_get_name (k5, enroll->keytab, name, 1100 + 1);
 		return_unexpected_if_fail (code == 0);
 
 		enroll->keytab_name = name;
@@ -1274,13 +1274,13 @@ load_keytab_entry (krb5_context k5,
 
 	/* Skip over any entry without a principal or realm */
 	principal = entry->principal;
-	if (!principal || !principal->realm.length)
+	if (!principal || !krb5_realm_length(principal->realm))
 		return TRUE;
 
 	/* Use the first keytab entry as realm */
 	realm = adcli_conn_get_domain_realm (enroll->conn);
 	if (!realm) {
-		value = _adcli_str_dupn (principal->realm.data, principal->realm.length);
+		value = _adcli_str_dupn (krb5_realm_data(principal->realm), krb5_realm_length(principal->realm));
 		adcli_conn_set_domain_realm (enroll->conn, value);
 		_adcli_info ("Found realm in keytab: %s", value);
 		realm = adcli_conn_get_domain_realm (enroll->conn);
@@ -1289,7 +1289,7 @@ load_keytab_entry (krb5_context k5,
 
 	/* Only look at entries that match the realm */
 	len = strlen (realm);
-	if (principal->realm.length != len && strncmp (realm, principal->realm.data, len) != 0)
+	if (krb5_realm_length(principal->realm) != len && strncmp (realm, krb5_realm_data(principal->realm), len) != 0)
 		return TRUE;
 
 	code = krb5_unparse_name_flags (k5, principal, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &name);
@@ -1396,6 +1396,7 @@ build_principal_salts (adcli_enroll *enr
 {
 	krb5_error_code code;
 	krb5_data *salts;
+	krb5_salt salt;
 	const int count = 3;
 	int i = 0;
 
@@ -1403,8 +1404,9 @@ build_principal_salts (adcli_enroll *enr
 	return_val_if_fail (salts != NULL, NULL);
 
 	/* Build up the salts, first a standard kerberos salt */
-	code = krb5_principal2salt (k5, principal, &salts[i++]);
+	code = krb5_get_pw_salt (k5, principal, &salt);
 	return_val_if_fail (code == 0, NULL);
+	salts[i++] = salt.saltvalue;
 
 	/* Then a Windows 2003 computer account salt */
 	code = _adcli_krb5_w2k3_salt (k5, principal, enroll->computer_name, &salts[i++]);
@@ -2123,7 +2125,7 @@ adcli_enroll_set_keytab_name (adcli_enro
 		if (enroll->keytab_name_is_krb5) {
 			k5 = adcli_conn_get_krb5_context (enroll->conn);
 			return_if_fail (k5 != NULL);
-			krb5_free_string (k5, enroll->keytab_name);
+			krb5_xfree (enroll->keytab_name);
 		} else {
 			free (enroll->keytab_name);
 		}
--- adcli-0.7.5/library/adkrb5.c.orig	2013-04-17 22:57:03.000000000 +0200
+++ adcli-0.7.5/library/adkrb5.c	2014-12-23 19:50:58.044401806 +0100
@@ -27,7 +27,7 @@
 #include "adprivate.h"
 
 #include <gssapi/gssapi_krb5.h>
-#include <krb5/krb5.h>
+#include <krb5.h>
 
 #include <assert.h>
 #include <ctype.h>
@@ -78,7 +78,7 @@ _adcli_krb5_keytab_clear (krb5_context k
 
 		/* See if we should remove this entry */
 		if (!match_func (k5, &entry, match_data)) {
-			krb5_free_keytab_entry_contents (k5, &entry);
+			krb5_kt_free_entry (k5, &entry);
 			continue;
 		}
 
@@ -91,7 +91,7 @@ _adcli_krb5_keytab_clear (krb5_context k
 		return_val_if_fail (code == 0, code);
 
 		code = krb5_kt_remove_entry (k5, keytab, &entry);
-		krb5_free_keytab_entry_contents (k5, &entry);
+		krb5_kt_free_entry (k5, &entry);
 
 		if (code != 0)
 			return code;
@@ -138,9 +138,10 @@ _adcli_krb5_keytab_add_entries (krb5_con
 	int i;
 
 	for (i = 0; enctypes[i] != 0; i++) {
+		krb5_salt k5salt = { KRB5_PADATA_PW_SALT, *salt };
 		memset (&entry, 0, sizeof(entry));
 
-		code = krb5_c_string_to_key (k5, enctypes[i], password, salt, &entry.key);
+		code = krb5_string_to_key_data_salt (k5, enctypes[i], *password, k5salt, &entry.keyblock);
 		if (code != 0)
 			return code;
 
@@ -150,7 +151,7 @@ _adcli_krb5_keytab_add_entries (krb5_con
 		code = krb5_kt_add_entry (k5, keytab, &entry);
 
 		entry.principal = NULL;
-		krb5_free_keytab_entry_contents (k5, &entry);
+		krb5_kt_free_entry (k5, &entry);
 
 		if (code != 0)
 			return code;
@@ -225,11 +226,12 @@ _adcli_krb5_w2k3_salt (krb5_context k5,
                        const char *host_netbios,
                        krb5_data *salt)
 {
-	krb5_data *realm;
+	krb5_realm *realm;
 	size_t size = 0;
 	size_t host_length = 0;
 	size_t at = 0;
 	int i;
+	char *salt_data;
 
 	/*
 	 * The format for the w2k3 computer account salt is:
@@ -239,37 +241,37 @@ _adcli_krb5_w2k3_salt (krb5_context k5,
 	realm = krb5_princ_realm (k5, principal);
 	host_length = strlen (host_netbios);
 
-	size += realm->length;
+	size += krb5_realm_length(*realm);
 	size += 4; /* "host" */
 	size += host_length;
 	size += 1; /* "." */
-	size += realm->length;
+	size += krb5_realm_length(*realm);
 
-	salt->data = malloc (size);
+	salt_data = salt->data = malloc (size);
 	return_val_if_fail (salt->data != NULL, ENOMEM);
 
 	/* Upper case realm */
-	for (i = 0; i < realm->length; i++)
-		salt->data[at + i] = toupper (realm->data[i]);
-	at += realm->length;
+	for (i = 0; i < krb5_realm_length(*realm); i++)
+		salt_data[at + i] = toupper (krb5_realm_data(*realm)[i]);
+	at += krb5_realm_length(*realm);
 
 	/* The string "host" */
-	memcpy (salt->data + at, "host", 4);
+	memcpy (salt_data + at, "host", 4);
 	at += 4;
 
 	/* The netbios name in lower case */
 	for (i = 0; i < host_length; i++)
-		salt->data[at + i] = tolower (host_netbios[i]);
+		salt_data[at + i] = tolower (host_netbios[i]);
 	at += host_length;
 
 	/* The dot */
-	memcpy (salt->data + at, ".", 1);
+	memcpy (salt_data + at, ".", 1);
 	at += 1;
 
 	/* Lower case realm */
-	for (i = 0; i < realm->length; i++)
-		salt->data[at + i] = tolower (realm->data[i]);
-	at += realm->length;
+	for (i = 0; i < krb5_realm_length(*realm); i++)
+		salt_data[at + i] = tolower (krb5_realm_data(*realm)[i]);
+	at += krb5_realm_length(*realm);
 
 	assert (at == size);
 	salt->length = size;
--- adcli-0.7.5/library/adldap.c.orig	2013-05-02 12:40:10.000000000 +0200
+++ adcli-0.7.5/library/adldap.c	2014-12-23 14:59:45.321801852 +0100
@@ -27,7 +27,7 @@
 #include "adprivate.h"
 
 #include <gssapi/gssapi_krb5.h>
-#include <krb5/krb5.h>
+#include <krb5.h>
 #include <ldap.h>
 #include <sasl/sasl.h>
Commit	Line	Data
53d3e038 JB	1	--- adcli-0.8.1/library/adconn.c.orig 2015-12-16 10:33:30.000000000 +0100
53d3e038 JB	2	+++ adcli-0.8.1/library/adconn.c 2016-01-25 18:35:35.837816534 +0100
52cfd9ec JB	3	@@ -28,7 +28,7 @@
	4	#include "addisco.h"
	5
	6	#include <gssapi/gssapi_krb5.h>
	7	-#include <krb5/krb5.h>
	8	+#include <krb5.h>
	9	#include <ldap.h>
	10	#include <sasl/sasl.h>
	11
53d3e038	12	@@ -480,10 +480,12 @@ _adcli_kinit_computer_creds (adcli_conn
52cfd9ec JB	13	code = krb5_get_init_creds_opt_alloc (k5, &opt);
	14	return_val_if_fail (code == 0, code);
	15
	16	+#ifdef MIT_KRB
	17	if (ccache) {
	18	code = krb5_get_init_creds_opt_set_out_ccache (k5, opt, ccache);
	19	return_val_if_fail (code == 0, code);
	20	}
	21	+#endif
	22
	23	memset (&dummy, 0, sizeof (dummy));
	24	if (!creds)
53d3e038	25	@@ -553,10 +555,12 @@ _adcli_kinit_user_creds (adcli_conn *con
52cfd9ec JB	26	code = krb5_get_init_creds_opt_alloc (k5, &opt);
	27	return_val_if_fail (code == 0, code);
	28
	29	+#ifdef MIT_KRB
	30	if (ccache) {
	31	code = krb5_get_init_creds_opt_set_out_ccache (k5, opt, ccache);
	32	return_val_if_fail (code == 0, code);
	33	}
	34	+#endif
	35
	36	memset (&dummy, 0, sizeof (dummy));
	37	if (!creds)
53d3e038 JB	38	@@ -688,9 +692,9 @@ prep_kerberos_and_kinit (adcli_conn *con
	39
	40	if (strcmp (conn->login_keytab_name, "") == 0) {
	41	free (conn->login_keytab_name);
	42	- conn->login_keytab_name = malloc (MAX_KEYTAB_NAME_LEN);
	43	+ conn->login_keytab_name = malloc (1100);
	44	code = krb5_kt_get_name (conn->k5, conn->keytab,
	45	- conn->login_keytab_name, MAX_KEYTAB_NAME_LEN);
	46	+ conn->login_keytab_name, 1100);
	47	conn->login_keytab_name_is_krb5 = 1;
	48	return_unexpected_if_fail (code == 0);
	49	}
	50	@@ -1438,7 +1442,7 @@ adcli_conn_set_login_ccache_name (adcli_
52cfd9ec JB	51
	52	if (conn->login_ccache_name) {
	53	if (conn->login_ccache_name_is_krb5)
	54	- krb5_free_string (conn->k5, conn->login_ccache_name);
	55	+ krb5_xfree (conn->login_ccache_name);
	56	else
	57	free (conn->login_ccache_name);
	58	}
53d3e038 JB	59	@@ -1474,7 +1478,7 @@ adcli_conn_set_login_keytab_name (adcli_
	60
	61	if (conn->login_keytab_name) {
	62	if (conn->login_keytab_name_is_krb5)
	63	- krb5_free_string (conn->k5, conn->login_keytab_name);
	64	+ krb5_xfree (conn->login_keytab_name);
	65	else
	66	free (conn->login_keytab_name);
	67	}
52cfd9ec JB	68	--- adcli-0.7.5/library/adconn.h.orig 2013-08-07 10:07:41.000000000 +0200
	69	+++ adcli-0.7.5/library/adconn.h 2014-12-22 22:50:24.107575979 +0100
	70	@@ -26,7 +26,7 @@
	71
	72	#include "adutil.h"
	73
	74	-#include <krb5/krb5.h>
	75	+#include <krb5.h>
	76	#include <ldap.h>
	77
	78	typedef enum {
53d3e038 JB	79	--- adcli-0.8.1/library/adenroll.c.orig 2015-12-11 11:37:01.000000000 +0100
53d3e038 JB	80	+++ adcli-0.8.1/library/adenroll.c 2016-01-25 17:48:42.724601210 +0100
52cfd9ec JB	81	@@ -28,7 +28,7 @@
	82	#include "seq.h"
	83
	84	#include <gssapi/gssapi_krb5.h>
	85	-#include <krb5/krb5.h>
	86	+#include <krb5.h>
	87	#include <ldap.h>
	88	#include <sasl/sasl.h>
	89
53d3e038	90	@@ -855,7 +855,7 @@ set_password_with_user_creds (adcli_enro
52cfd9ec JB	91	message ? ": " : "", message ? message : "");
	92	res = ADCLI_ERR_CREDENTIALS;
	93	#ifdef HAVE_KRB5_CHPW_MESSAGE
	94	- krb5_free_string (k5, message);
	95	+ krb5_xfree (message);
	96	#else
	97	free (message);
	98	#endif
53d3e038	99	@@ -919,7 +919,7 @@ set_password_with_computer_creds (adcli_
52cfd9ec JB	100	message ? ": " : "", message ? message : "");
	101	res = ADCLI_ERR_CREDENTIALS;
	102	#ifdef HAVE_KRB5_CHPW_MESSAGE
	103	- krb5_free_string (k5, message);
	104	+ krb5_xfree (message);
	105	#else
	106	free (message);
	107	#endif
53d3e038 JB	108	@@ -1245,10 +1245,10 @@ ensure_host_keytab (adcli_result res,
53d3e038 JB	109	return res;
52cfd9ec	110
53d3e038	111	if (!enroll->keytab_name) {
52cfd9ec JB	112	- name = malloc (MAX_KEYTAB_NAME_LEN + 1);
	113	+ name = malloc (1100 + 1);
	114	return_unexpected_if_fail (name != NULL);
	115
	116	- code = krb5_kt_get_name (k5, enroll->keytab, name, MAX_KEYTAB_NAME_LEN + 1);
	117	+ code = krb5_kt_get_name (k5, enroll->keytab, name, 1100 + 1);
	118	return_unexpected_if_fail (code == 0);
	119
	120	enroll->keytab_name = name;
53d3e038 JB	121	@@ -1274,13 +1274,13 @@ load_keytab_entry (krb5_context k5,
	122
	123	/* Skip over any entry without a principal or realm */
	124	principal = entry->principal;
	125	- if (!principal \|\| !principal->realm.length)
	126	+ if (!principal \|\| !krb5_realm_length(principal->realm))
	127	return TRUE;
	128
	129	/* Use the first keytab entry as realm */
	130	realm = adcli_conn_get_domain_realm (enroll->conn);
	131	if (!realm) {
	132	- value = _adcli_str_dupn (principal->realm.data, principal->realm.length);
	133	+ value = _adcli_str_dupn (krb5_realm_data(principal->realm), krb5_realm_length(principal->realm));
	134	adcli_conn_set_domain_realm (enroll->conn, value);
	135	_adcli_info ("Found realm in keytab: %s", value);
	136	realm = adcli_conn_get_domain_realm (enroll->conn);
	137	@@ -1289,7 +1289,7 @@ load_keytab_entry (krb5_context k5,
	138
	139	/* Only look at entries that match the realm */
	140	len = strlen (realm);
	141	- if (principal->realm.length != len && strncmp (realm, principal->realm.data, len) != 0)
	142	+ if (krb5_realm_length(principal->realm) != len && strncmp (realm, krb5_realm_data(principal->realm), len) != 0)
	143	return TRUE;
	144
	145	code = krb5_unparse_name_flags (k5, principal, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &name);
	146	@@ -1396,6 +1396,7 @@ build_principal_salts (adcli_enroll *enr
52cfd9ec JB	147	{
	148	krb5_error_code code;
	149	krb5_data *salts;
	150	+ krb5_salt salt;
	151	const int count = 3;
	152	int i = 0;
	153
53d3e038	154	@@ -1403,8 +1404,9 @@ build_principal_salts (adcli_enroll *enr
52cfd9ec JB	155	return_val_if_fail (salts != NULL, NULL);
	156
	157	/* Build up the salts, first a standard kerberos salt */
	158	- code = krb5_principal2salt (k5, principal, &salts[i++]);
	159	+ code = krb5_get_pw_salt (k5, principal, &salt);
	160	return_val_if_fail (code == 0, NULL);
	161	+ salts[i++] = salt.saltvalue;
	162
	163	/* Then a Windows 2003 computer account salt */
	164	code = _adcli_krb5_w2k3_salt (k5, principal, enroll->computer_name, &salts[i++]);
53d3e038	165	@@ -2123,7 +2125,7 @@ adcli_enroll_set_keytab_name (adcli_enro
52cfd9ec JB	166	if (enroll->keytab_name_is_krb5) {
	167	k5 = adcli_conn_get_krb5_context (enroll->conn);
	168	return_if_fail (k5 != NULL);
	169	- krb5_free_string (k5, enroll->keytab_name);
	170	+ krb5_xfree (enroll->keytab_name);
	171	} else {
	172	free (enroll->keytab_name);
	173	}
	174	--- adcli-0.7.5/library/adkrb5.c.orig 2013-04-17 22:57:03.000000000 +0200
	175	+++ adcli-0.7.5/library/adkrb5.c 2014-12-23 19:50:58.044401806 +0100
	176	@@ -27,7 +27,7 @@
	177	#include "adprivate.h"
	178
	179	#include <gssapi/gssapi_krb5.h>
	180	-#include <krb5/krb5.h>
	181	+#include <krb5.h>
	182
	183	#include <assert.h>
	184	#include <ctype.h>
	185	@@ -78,7 +78,7 @@ _adcli_krb5_keytab_clear (krb5_context k
	186
	187	/* See if we should remove this entry */
	188	if (!match_func (k5, &entry, match_data)) {
	189	- krb5_free_keytab_entry_contents (k5, &entry);
	190	+ krb5_kt_free_entry (k5, &entry);
	191	continue;
	192	}
	193
	194	@@ -91,7 +91,7 @@ _adcli_krb5_keytab_clear (krb5_context k
	195	return_val_if_fail (code == 0, code);
	196
	197	code = krb5_kt_remove_entry (k5, keytab, &entry);
	198	- krb5_free_keytab_entry_contents (k5, &entry);
	199	+ krb5_kt_free_entry (k5, &entry);
	200
	201	if (code != 0)
	202	return code;
	203	@@ -138,9 +138,10 @@ _adcli_krb5_keytab_add_entries (krb5_con
	204	int i;
	205
	206	for (i = 0; enctypes[i] != 0; i++) {
	207	+ krb5_salt k5salt = { KRB5_PADATA_PW_SALT, *salt };
	208	memset (&entry, 0, sizeof(entry));
	209
	210	- code = krb5_c_string_to_key (k5, enctypes[i], password, salt, &entry.key);
	211	+ code = krb5_string_to_key_data_salt (k5, enctypes[i], *password, k5salt, &entry.keyblock);
	212	if (code != 0)
	213	return code;
	214
	215	@@ -150,7 +151,7 @@ _adcli_krb5_keytab_add_entries (krb5_con
	216	code = krb5_kt_add_entry (k5, keytab, &entry);
	217
	218	entry.principal = NULL;
	219	- krb5_free_keytab_entry_contents (k5, &entry);
	220	+ krb5_kt_free_entry (k5, &entry);
	221
	222	if (code != 0)
	223	return code;
	224	@@ -225,11 +226,12 @@ _adcli_krb5_w2k3_salt (krb5_context k5,
	225	const char *host_netbios,
	226	krb5_data *salt)
	227	{
	228	- krb5_data *realm;
	229	+ krb5_realm *realm;
230	size_t size = 0;
231	size_t host_length = 0;
232	size_t at = 0;
233	int i;
234	+ char *salt_data;
235
236	/*
237	* The format for the w2k3 computer account salt is:
238	@@ -239,37 +241,37 @@ _adcli_krb5_w2k3_salt (krb5_context k5,
239	realm = krb5_princ_realm (k5, principal);
240	host_length = strlen (host_netbios);
241
242	- size += realm->length;
243	+ size += krb5_realm_length(*realm);
244	size += 4; /* "host" */
245	size += host_length;
246	size += 1; /* "." */
247	- size += realm->length;
248	+ size += krb5_realm_length(*realm);
249
250	- salt->data = malloc (size);
251	+ salt_data = salt->data = malloc (size);
252	return_val_if_fail (salt->data != NULL, ENOMEM);
253
254	/* Upper case realm */
255	- for (i = 0; i < realm->length; i++)
256	- salt->data[at + i] = toupper (realm->data[i]);
257	- at += realm->length;
258	+ for (i = 0; i < krb5_realm_length(*realm); i++)
259	+ salt_data[at + i] = toupper (krb5_realm_data(*realm)[i]);
260	+ at += krb5_realm_length(*realm);
261
262	/* The string "host" */
263	- memcpy (salt->data + at, "host", 4);
264	+ memcpy (salt_data + at, "host", 4);
265	at += 4;
266
267	/* The netbios name in lower case */
268	for (i = 0; i < host_length; i++)
269	- salt->data[at + i] = tolower (host_netbios[i]);
270	+ salt_data[at + i] = tolower (host_netbios[i]);
271	at += host_length;
272
273	/* The dot */
274	- memcpy (salt->data + at, ".", 1);
275	+ memcpy (salt_data + at, ".", 1);
276	at += 1;
277
278	/* Lower case realm */
279	- for (i = 0; i < realm->length; i++)
280	- salt->data[at + i] = tolower (realm->data[i]);
281	- at += realm->length;
282	+ for (i = 0; i < krb5_realm_length(*realm); i++)
283	+ salt_data[at + i] = tolower (krb5_realm_data(*realm)[i]);
284	+ at += krb5_realm_length(*realm);
285
286	assert (at == size);
287	salt->length = size;
288	--- adcli-0.7.5/library/adldap.c.orig 2013-05-02 12:40:10.000000000 +0200
289	+++ adcli-0.7.5/library/adldap.c 2014-12-23 14:59:45.321801852 +0100
290	@@ -27,7 +27,7 @@
291	#include "adprivate.h"
292
293	#include <gssapi/gssapi_krb5.h>
294	-#include <krb5/krb5.h>
295	+#include <krb5.h>
296	#include <ldap.h>
297	#include <sasl/sasl.h>
298