1 --- adcli-0.8.1/library/adconn.c.orig 2015-12-16 10:33:30.000000000 +0100
2 +++ adcli-0.8.1/library/adconn.c 2016-01-25 18:35:35.837816534 +0100
6 #include <gssapi/gssapi_krb5.h>
7 -#include <krb5/krb5.h>
10 #include <sasl/sasl.h>
12 @@ -480,10 +480,12 @@ _adcli_kinit_computer_creds (adcli_conn
13 code = krb5_get_init_creds_opt_alloc (k5, &opt);
14 return_val_if_fail (code == 0, code);
18 code = krb5_get_init_creds_opt_set_out_ccache (k5, opt, ccache);
19 return_val_if_fail (code == 0, code);
23 memset (&dummy, 0, sizeof (dummy));
25 @@ -553,10 +555,12 @@ _adcli_kinit_user_creds (adcli_conn *con
26 code = krb5_get_init_creds_opt_alloc (k5, &opt);
27 return_val_if_fail (code == 0, code);
31 code = krb5_get_init_creds_opt_set_out_ccache (k5, opt, ccache);
32 return_val_if_fail (code == 0, code);
36 memset (&dummy, 0, sizeof (dummy));
38 @@ -688,9 +692,9 @@ prep_kerberos_and_kinit (adcli_conn *con
40 if (strcmp (conn->login_keytab_name, "") == 0) {
41 free (conn->login_keytab_name);
42 - conn->login_keytab_name = malloc (MAX_KEYTAB_NAME_LEN);
43 + conn->login_keytab_name = malloc (1100);
44 code = krb5_kt_get_name (conn->k5, conn->keytab,
45 - conn->login_keytab_name, MAX_KEYTAB_NAME_LEN);
46 + conn->login_keytab_name, 1100);
47 conn->login_keytab_name_is_krb5 = 1;
48 return_unexpected_if_fail (code == 0);
50 @@ -1438,7 +1442,7 @@ adcli_conn_set_login_ccache_name (adcli_
52 if (conn->login_ccache_name) {
53 if (conn->login_ccache_name_is_krb5)
54 - krb5_free_string (conn->k5, conn->login_ccache_name);
55 + krb5_xfree (conn->login_ccache_name);
57 free (conn->login_ccache_name);
59 @@ -1474,7 +1478,7 @@ adcli_conn_set_login_keytab_name (adcli_
61 if (conn->login_keytab_name) {
62 if (conn->login_keytab_name_is_krb5)
63 - krb5_free_string (conn->k5, conn->login_keytab_name);
64 + krb5_xfree (conn->login_keytab_name);
66 free (conn->login_keytab_name);
68 --- adcli-0.7.5/library/adconn.h.orig 2013-08-07 10:07:41.000000000 +0200
69 +++ adcli-0.7.5/library/adconn.h 2014-12-22 22:50:24.107575979 +0100
74 -#include <krb5/krb5.h>
79 --- adcli-0.8.1/library/adenroll.c.orig 2015-12-11 11:37:01.000000000 +0100
80 +++ adcli-0.8.1/library/adenroll.c 2016-01-25 17:48:42.724601210 +0100
84 #include <gssapi/gssapi_krb5.h>
85 -#include <krb5/krb5.h>
88 #include <sasl/sasl.h>
90 @@ -855,7 +855,7 @@ set_password_with_user_creds (adcli_enro
91 message ? ": " : "", message ? message : "");
92 res = ADCLI_ERR_CREDENTIALS;
93 #ifdef HAVE_KRB5_CHPW_MESSAGE
94 - krb5_free_string (k5, message);
95 + krb5_xfree (message);
99 @@ -919,7 +919,7 @@ set_password_with_computer_creds (adcli_
100 message ? ": " : "", message ? message : "");
101 res = ADCLI_ERR_CREDENTIALS;
102 #ifdef HAVE_KRB5_CHPW_MESSAGE
103 - krb5_free_string (k5, message);
104 + krb5_xfree (message);
108 @@ -1245,10 +1245,10 @@ ensure_host_keytab (adcli_result res,
111 if (!enroll->keytab_name) {
112 - name = malloc (MAX_KEYTAB_NAME_LEN + 1);
113 + name = malloc (1100 + 1);
114 return_unexpected_if_fail (name != NULL);
116 - code = krb5_kt_get_name (k5, enroll->keytab, name, MAX_KEYTAB_NAME_LEN + 1);
117 + code = krb5_kt_get_name (k5, enroll->keytab, name, 1100 + 1);
118 return_unexpected_if_fail (code == 0);
120 enroll->keytab_name = name;
121 @@ -1274,13 +1274,13 @@ load_keytab_entry (krb5_context k5,
123 /* Skip over any entry without a principal or realm */
124 principal = entry->principal;
125 - if (!principal || !principal->realm.length)
126 + if (!principal || !krb5_realm_length(principal->realm))
129 /* Use the first keytab entry as realm */
130 realm = adcli_conn_get_domain_realm (enroll->conn);
132 - value = _adcli_str_dupn (principal->realm.data, principal->realm.length);
133 + value = _adcli_str_dupn (krb5_realm_data(principal->realm), krb5_realm_length(principal->realm));
134 adcli_conn_set_domain_realm (enroll->conn, value);
135 _adcli_info ("Found realm in keytab: %s", value);
136 realm = adcli_conn_get_domain_realm (enroll->conn);
137 @@ -1289,7 +1289,7 @@ load_keytab_entry (krb5_context k5,
139 /* Only look at entries that match the realm */
140 len = strlen (realm);
141 - if (principal->realm.length != len && strncmp (realm, principal->realm.data, len) != 0)
142 + if (krb5_realm_length(principal->realm) != len && strncmp (realm, krb5_realm_data(principal->realm), len) != 0)
145 code = krb5_unparse_name_flags (k5, principal, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &name);
146 @@ -1396,6 +1396,7 @@ build_principal_salts (adcli_enroll *enr
148 krb5_error_code code;
154 @@ -1403,8 +1404,9 @@ build_principal_salts (adcli_enroll *enr
155 return_val_if_fail (salts != NULL, NULL);
157 /* Build up the salts, first a standard kerberos salt */
158 - code = krb5_principal2salt (k5, principal, &salts[i++]);
159 + code = krb5_get_pw_salt (k5, principal, &salt);
160 return_val_if_fail (code == 0, NULL);
161 + salts[i++] = salt.saltvalue;
163 /* Then a Windows 2003 computer account salt */
164 code = _adcli_krb5_w2k3_salt (k5, principal, enroll->computer_name, &salts[i++]);
165 @@ -2123,7 +2125,7 @@ adcli_enroll_set_keytab_name (adcli_enro
166 if (enroll->keytab_name_is_krb5) {
167 k5 = adcli_conn_get_krb5_context (enroll->conn);
168 return_if_fail (k5 != NULL);
169 - krb5_free_string (k5, enroll->keytab_name);
170 + krb5_xfree (enroll->keytab_name);
172 free (enroll->keytab_name);
174 --- adcli-0.7.5/library/adkrb5.c.orig 2013-04-17 22:57:03.000000000 +0200
175 +++ adcli-0.7.5/library/adkrb5.c 2014-12-23 19:50:58.044401806 +0100
177 #include "adprivate.h"
179 #include <gssapi/gssapi_krb5.h>
180 -#include <krb5/krb5.h>
185 @@ -78,7 +78,7 @@ _adcli_krb5_keytab_clear (krb5_context k
187 /* See if we should remove this entry */
188 if (!match_func (k5, &entry, match_data)) {
189 - krb5_free_keytab_entry_contents (k5, &entry);
190 + krb5_kt_free_entry (k5, &entry);
194 @@ -91,7 +91,7 @@ _adcli_krb5_keytab_clear (krb5_context k
195 return_val_if_fail (code == 0, code);
197 code = krb5_kt_remove_entry (k5, keytab, &entry);
198 - krb5_free_keytab_entry_contents (k5, &entry);
199 + krb5_kt_free_entry (k5, &entry);
203 @@ -138,9 +138,10 @@ _adcli_krb5_keytab_add_entries (krb5_con
206 for (i = 0; enctypes[i] != 0; i++) {
207 + krb5_salt k5salt = { KRB5_PADATA_PW_SALT, *salt };
208 memset (&entry, 0, sizeof(entry));
210 - code = krb5_c_string_to_key (k5, enctypes[i], password, salt, &entry.key);
211 + code = krb5_string_to_key_data_salt (k5, enctypes[i], *password, k5salt, &entry.keyblock);
215 @@ -150,7 +151,7 @@ _adcli_krb5_keytab_add_entries (krb5_con
216 code = krb5_kt_add_entry (k5, keytab, &entry);
218 entry.principal = NULL;
219 - krb5_free_keytab_entry_contents (k5, &entry);
220 + krb5_kt_free_entry (k5, &entry);
224 @@ -225,11 +226,12 @@ _adcli_krb5_w2k3_salt (krb5_context k5,
225 const char *host_netbios,
231 size_t host_length = 0;
237 * The format for the w2k3 computer account salt is:
238 @@ -239,37 +241,37 @@ _adcli_krb5_w2k3_salt (krb5_context k5,
239 realm = krb5_princ_realm (k5, principal);
240 host_length = strlen (host_netbios);
242 - size += realm->length;
243 + size += krb5_realm_length(*realm);
244 size += 4; /* "host" */
247 - size += realm->length;
248 + size += krb5_realm_length(*realm);
250 - salt->data = malloc (size);
251 + salt_data = salt->data = malloc (size);
252 return_val_if_fail (salt->data != NULL, ENOMEM);
254 /* Upper case realm */
255 - for (i = 0; i < realm->length; i++)
256 - salt->data[at + i] = toupper (realm->data[i]);
257 - at += realm->length;
258 + for (i = 0; i < krb5_realm_length(*realm); i++)
259 + salt_data[at + i] = toupper (krb5_realm_data(*realm)[i]);
260 + at += krb5_realm_length(*realm);
262 /* The string "host" */
263 - memcpy (salt->data + at, "host", 4);
264 + memcpy (salt_data + at, "host", 4);
267 /* The netbios name in lower case */
268 for (i = 0; i < host_length; i++)
269 - salt->data[at + i] = tolower (host_netbios[i]);
270 + salt_data[at + i] = tolower (host_netbios[i]);
274 - memcpy (salt->data + at, ".", 1);
275 + memcpy (salt_data + at, ".", 1);
278 /* Lower case realm */
279 - for (i = 0; i < realm->length; i++)
280 - salt->data[at + i] = tolower (realm->data[i]);
281 - at += realm->length;
282 + for (i = 0; i < krb5_realm_length(*realm); i++)
283 + salt_data[at + i] = tolower (krb5_realm_data(*realm)[i]);
284 + at += krb5_realm_length(*realm);
288 --- adcli-0.7.5/library/adldap.c.orig 2013-05-02 12:40:10.000000000 +0200
289 +++ adcli-0.7.5/library/adldap.c 2014-12-23 14:59:45.321801852 +0100
291 #include "adprivate.h"
293 #include <gssapi/gssapi_krb5.h>
294 -#include <krb5/krb5.h>
297 #include <sasl/sasl.h>