svn commit: lorikeet r703 - in trunk/heimdal: .

Wed Jan 10 15:50:17 GMT 2007

Author: lha
Date: 2007-01-10 15:50:15 +0000 (Wed, 10 Jan 2007)
New Revision: 703

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=703

Log:
Remove deltan that is merged.

Modified:
   trunk/heimdal/heimdal-lorikeet.diff


Changeset:
Modified: trunk/heimdal/heimdal-lorikeet.diff
===================================================================

--- trunk/heimdal/heimdal-lorikeet.diff	2007-01-10 02:40:04 UTC (rev 702)
+++ trunk/heimdal/heimdal-lorikeet.diff	2007-01-10 15:50:15 UTC (rev 703)
@@ -107,121 +107,7 @@
  		goto out;
  	    }
  	    et.flags.pre_authent = 1;
-@@ -1549,7 +1544,9 @@
- 	if (p != NULL) {
- 	    ret = _krb5_pac_sign(context, p, et.authtime,
- 				 client->entry.principal,
--				 &et.key, &skey->key, &data);
-+				 &skey->key, /* Server key */ 
-+				 &skey->key, /* FIXME: should be krbtgt key */
-+				 &data);
- 	    krb5_pac_free(context, p);
- 	    if (ret) {
- 		kdc_log(context, config, 0, "PAC signing failed for -- %s", 
 diff -ur /data/heimdal/kdc/krb5tgs.c ./kdc/krb5tgs.c
---- /data/heimdal/kdc/krb5tgs.c	2007-01-05 11:26:33.000000000 +1100
-+++ ./kdc/krb5tgs.c	2007-01-10 12:05:52.000000000 +1100
-@@ -279,10 +279,12 @@
- static krb5_error_code
- check_PAC(krb5_context context,
- 	  krb5_kdc_configuration *config,
-+	  const krb5_principal client_principal,
- 	  hdb_entry_ex *client,
--	  const EncryptionKey *ekey,
-+	  hdb_entry_ex *server,
-+	  const EncryptionKey *server_key,
-+	  const EncryptionKey *krbtgt_key,
- 	  EncTicketPart *tkt,
--	  const EncryptionKey *sessionkey,
- 	  krb5_data *rspac,
- 	  int *require_signedpath)
- {
-@@ -323,15 +325,15 @@
- 		    return ret;
- 
- 		ret = krb5_pac_verify(context, pac, tkt->authtime, 
--				      client->entry.principal,
--				      &tkt->key,
--				      ekey);
-+				      client_principal,
-+				      krbtgt_key, NULL);
- 		if (ret) {
- 		    krb5_pac_free(context, pac);
- 		    return ret;
- 		}
- 
--		ret = _kdc_pac_verify(context, client, pac);
-+		ret = _kdc_pac_verify(context, client_principal, 
-+				      client, server, &pac);
- 		if (ret) {
- 		    krb5_pac_free(context, pac);
- 		    return ret;
-@@ -339,8 +341,8 @@
- 		*require_signedpath = 0;
- 
- 		ret = _krb5_pac_sign(context, pac, tkt->authtime,
--				     client->entry.principal,
--				     sessionkey, ekey, rspac);
-+				     client_principal,
-+				     server_key, krbtgt_key, rspac);
- 
- 		krb5_pac_free(context, pac);
- 
-@@ -1714,8 +1716,9 @@
- 	    goto out;
- 	}
- 
--	ret = check_PAC(context, config, client, &tkey->key, 
--			tgt, &sessionkey, &rspac, &require_signedpath);
-+	ret = check_PAC(context, config, client_principal, 
-+			client, server, ekey, &tkey->key, 
-+			tgt, &rspac, &require_signedpath);
- 	if (ret) {
- 	    kdc_log(context, config, 0,
- 		    "check_PAC check failed for %s (%s) from %s with %s",
-diff -ur /data/heimdal/kdc/windc.c ./kdc/windc.c
---- /data/heimdal/kdc/windc.c	2007-01-04 22:10:06.000000000 +1100
-+++ ./kdc/windc.c	2007-01-09 19:49:48.000000000 +1100
-@@ -85,14 +85,16 @@
- 
- krb5_error_code 
- _kdc_pac_verify(krb5_context context, 
-+		const krb5_principal client_principal,
- 		hdb_entry_ex *client,
--		krb5_pac pac)
-+		hdb_entry_ex *server,
-+		krb5_pac *pac)
- {
-     if (windcft == NULL) {
- 	krb5_set_error_string(context, "Can't verify WINDC, no function");
- 	return EINVAL;
-     }
--    return (windcft->pac_verify)(windcctx, context, client, pac);
-+    return (windcft->pac_verify)(windcctx, context, client_principal, client, server, pac);
- }
- 
- krb5_error_code
-diff -ur /data/heimdal/kdc/windc_plugin.h ./kdc/windc_plugin.h
---- /data/heimdal/kdc/windc_plugin.h	2007-01-04 22:13:51.000000000 +1100
-+++ ./kdc/windc_plugin.h	2007-01-09 19:49:59.000000000 +1100
-@@ -57,14 +57,15 @@
- 
- typedef krb5_error_code 
- (*krb5plugin_windc_pac_verify)(void *, krb5_context,
--			       struct hdb_entry_ex *, krb5_pac);
-+			       const krb5_principal,
-+			       struct hdb_entry_ex *,  struct hdb_entry_ex *, krb5_pac *);
- 
- typedef krb5_error_code 
- (*krb5plugin_windc_client_access)(
-     void *, krb5_context, struct hdb_entry_ex *, KDC_REQ *);
- 
- 
--#define KRB5_WINDC_PLUGING_MINOR		1
-+#define KRB5_WINDC_PLUGING_MINOR		2
- 
- typedef struct krb5plugin_windc_ftable {
-     int			minor_version;
 diff -ur /data/heimdal/lib/gssapi/mech/gss_mech_switch.c ./lib/gssapi/mech/gss_mech_switch.c
 --- /data/heimdal/lib/gssapi/mech/gss_mech_switch.c	2007-01-10 12:31:40.000000000 +1100
 +++ ./lib/gssapi/mech/gss_mech_switch.c	2007-01-09 13:46:24.000000000 +1100
@@ -470,15 +356,3 @@
      return ret;
  }
  
-diff -ur /data/heimdal/lib/krb5/rd_req.c ./lib/krb5/rd_req.c
---- /data/heimdal/lib/krb5/rd_req.c	2007-01-05 11:26:41.000000000 +1100
-+++ ./lib/krb5/rd_req.c	2007-01-10 11:18:51.000000000 +1100
-@@ -855,7 +855,7 @@
- 				  pac, 
- 				  o->ticket->ticket.authtime,
- 				  o->ticket->client, 
--				  &o->ticket->ticket.key, 
-+				  o->keyblock, 
- 				  NULL);
- 	    krb5_pac_free(context, pac);
- 	    if (ret)

