svn commit: lorikeet r474 - in trunk/heimdal/lib: gssapi krb5
abartlet at samba.org
abartlet at samba.org
Wed Sep 21 11:23:04 GMT 2005
Author: abartlet
Date: 2005-09-21 11:23:03 +0000 (Wed, 21 Sep 2005)
New Revision: 474
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=474
Log:
Merge fdns option, default realm use and Samba-specific ugly hack for
krb5_init_context takeover in GSSAPI from Samba4.
Andrew Bartlett
Modified:
trunk/heimdal/lib/gssapi/init.c
trunk/heimdal/lib/krb5/context.c
trunk/heimdal/lib/krb5/expand_hostname.c
trunk/heimdal/lib/krb5/get_host_realm.c
trunk/heimdal/lib/krb5/krb5.h
Changeset:
Modified: trunk/heimdal/lib/gssapi/init.c
===================================================================
--- trunk/heimdal/lib/gssapi/init.c 2005-09-21 11:21:50 UTC (rev 473)
+++ trunk/heimdal/lib/gssapi/init.c 2005-09-21 11:23:03 UTC (rev 474)
@@ -35,6 +35,10 @@
RCSID("$Id: init.c,v 1.7 2003/07/22 19:50:11 lha Exp $");
+#ifdef _SAMBA_BUILD_
+#include "auth/kerberos/krb5_init_context.h"
+#endif
+
static HEIMDAL_MUTEX gssapi_krb5_context_mutex = HEIMDAL_MUTEX_INITIALIZER;
static int created_key;
static HEIMDAL_thread_key gssapi_context_key;
@@ -89,11 +93,35 @@
gssapi_krb5_init (void)
{
krb5_error_code ret = 0;
+#ifdef _SAMBA_BUILD_
+ static struct smb_krb5_context *smb_krb5_context;
HEIMDAL_MUTEX_lock(&gssapi_krb5_context_mutex);
- if(gssapi_krb5_context == NULL)
+ if(smb_krb5_context == NULL) {
+ ret = smb_krb5_init_context(NULL, &smb_krb5_context);
+ }
+ if (ret == 0 && !created_key) {
+ HEIMDAL_key_create(&gssapi_context_key,
+ gssapi_destroy_thread_context,
+ ret);
+ if (ret) {
+ smb_krb5_free_context(smb_krb5_context);
+ smb_krb5_context = NULL;
+ } else
+ created_key = 1;
+ }
+ if (ret == 0) {
+ gssapi_krb5_context = smb_krb5_context->krb5_context;
+ }
+
+ HEIMDAL_MUTEX_unlock(&gssapi_krb5_context_mutex);
+#else
+ HEIMDAL_MUTEX_lock(&gssapi_krb5_context_mutex);
+
+ if(gssapi_krb5_context == NULL) {
ret = krb5_init_context (&gssapi_krb5_context);
+ }
if (ret == 0 && !created_key) {
HEIMDAL_key_create(&gssapi_context_key,
gssapi_destroy_thread_context,
@@ -106,6 +134,6 @@
}
HEIMDAL_MUTEX_unlock(&gssapi_krb5_context_mutex);
-
+#endif
return ret;
}
Modified: trunk/heimdal/lib/krb5/context.c
===================================================================
--- trunk/heimdal/lib/krb5/context.c 2005-09-21 11:21:50 UTC (rev 473)
+++ trunk/heimdal/lib/krb5/context.c 2005-09-21 11:23:03 UTC (rev 474)
@@ -182,6 +182,7 @@
INIT_FIELD(context, bool, srv_lookup, context->srv_lookup, "dns_lookup_kdc");
INIT_FIELD(context, int, large_msg_size, 6000, "large_message_size");
context->default_cc_name = NULL;
+ INIT_FIELD(context, bool, fdns, TRUE, "fdns");
return 0;
}
Modified: trunk/heimdal/lib/krb5/expand_hostname.c
===================================================================
--- trunk/heimdal/lib/krb5/expand_hostname.c 2005-09-21 11:21:50 UTC (rev 473)
+++ trunk/heimdal/lib/krb5/expand_hostname.c 2005-09-21 11:23:03 UTC (rev 474)
@@ -65,6 +65,10 @@
memset (&hints, 0, sizeof(hints));
hints.ai_flags = AI_CANONNAME;
+ if (!context->fdns) {
+ return copy_hostname (context, orig_hostname, new_hostname);
+ }
+
error = getaddrinfo (orig_hostname, NULL, &hints, &ai);
if (error)
return copy_hostname (context, orig_hostname, new_hostname);
@@ -124,6 +128,11 @@
int error;
krb5_error_code ret = 0;
+ if (!context->fdns) {
+ return vanilla_hostname (context, orig_hostname, new_hostname,
+ realms);
+ }
+
memset (&hints, 0, sizeof(hints));
hints.ai_flags = AI_CANONNAME;
Modified: trunk/heimdal/lib/krb5/get_host_realm.c
===================================================================
--- trunk/heimdal/lib/krb5/get_host_realm.c 2005-09-21 11:21:50 UTC (rev 473)
+++ trunk/heimdal/lib/krb5/get_host_realm.c 2005-09-21 11:23:03 UTC (rev 474)
@@ -187,27 +187,40 @@
return 0;
}
}
+
+ *realms = malloc(2 * sizeof(krb5_realm));
+ if (*realms == NULL) {
+ krb5_set_error_string(context, "malloc: out of memory");
+ return ENOMEM;
+ }
+
+ (*realms)[1] = NULL;
+
p = strchr(host, '.');
if(p != NULL) {
p++;
- *realms = malloc(2 * sizeof(krb5_realm));
- if (*realms == NULL) {
+ (*realms)[0] = strdup(p);
+ if((*realms)[0] == NULL) {
+ free(*realms);
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
-
- (*realms)[0] = strdup(p);
- if((*realms)[0] == NULL) {
+ strupr((*realms)[0]);
+ } else {
+ krb5_error_code ret;
+ ret = krb5_get_default_realm(context, &(*realms)[0]);
+ if(ret) {
free(*realms);
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
- strupr((*realms)[0]);
- (*realms)[1] = NULL;
- return 0;
+ if((*realms)[0] == NULL) {
+ free(*realms);
+ krb5_set_error_string(context, "unable to find realm of host %s", host);
+ return KRB5_ERR_HOST_REALM_UNKNOWN;
+ }
}
- krb5_set_error_string(context, "unable to find realm of host %s", host);
- return KRB5_ERR_HOST_REALM_UNKNOWN;
+ return 0;
}
/*
Modified: trunk/heimdal/lib/krb5/krb5.h
===================================================================
--- trunk/heimdal/lib/krb5/krb5.h 2005-09-21 11:21:50 UTC (rev 473)
+++ trunk/heimdal/lib/krb5/krb5.h 2005-09-21 11:23:03 UTC (rev 474)
@@ -443,6 +443,7 @@
int pkinit_flags;
void *mutex; /* protects error_string/error_buf */
int large_msg_size;
+ krb5_boolean fdns; /* Lookup hostnames to find full name, or send as-is */
} krb5_context_data;
enum {
More information about the samba-cvs
mailing list