svn commit: lorikeet r703 - in trunk/heimdal: .
lha at samba.org
lha at samba.org
Wed Jan 10 15:50:17 GMT 2007
Author: lha
Date: 2007-01-10 15:50:15 +0000 (Wed, 10 Jan 2007)
New Revision: 703
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=703
Log:
Remove deltan that is merged.
Modified:
trunk/heimdal/heimdal-lorikeet.diff
Changeset:
Modified: trunk/heimdal/heimdal-lorikeet.diff
===================================================================
--- trunk/heimdal/heimdal-lorikeet.diff 2007-01-10 02:40:04 UTC (rev 702)
+++ trunk/heimdal/heimdal-lorikeet.diff 2007-01-10 15:50:15 UTC (rev 703)
@@ -107,121 +107,7 @@
goto out;
}
et.flags.pre_authent = 1;
-@@ -1549,7 +1544,9 @@
- if (p != NULL) {
- ret = _krb5_pac_sign(context, p, et.authtime,
- client->entry.principal,
-- &et.key, &skey->key, &data);
-+ &skey->key, /* Server key */
-+ &skey->key, /* FIXME: should be krbtgt key */
-+ &data);
- krb5_pac_free(context, p);
- if (ret) {
- kdc_log(context, config, 0, "PAC signing failed for -- %s",
diff -ur /data/heimdal/kdc/krb5tgs.c ./kdc/krb5tgs.c
---- /data/heimdal/kdc/krb5tgs.c 2007-01-05 11:26:33.000000000 +1100
-+++ ./kdc/krb5tgs.c 2007-01-10 12:05:52.000000000 +1100
-@@ -279,10 +279,12 @@
- static krb5_error_code
- check_PAC(krb5_context context,
- krb5_kdc_configuration *config,
-+ const krb5_principal client_principal,
- hdb_entry_ex *client,
-- const EncryptionKey *ekey,
-+ hdb_entry_ex *server,
-+ const EncryptionKey *server_key,
-+ const EncryptionKey *krbtgt_key,
- EncTicketPart *tkt,
-- const EncryptionKey *sessionkey,
- krb5_data *rspac,
- int *require_signedpath)
- {
-@@ -323,15 +325,15 @@
- return ret;
-
- ret = krb5_pac_verify(context, pac, tkt->authtime,
-- client->entry.principal,
-- &tkt->key,
-- ekey);
-+ client_principal,
-+ krbtgt_key, NULL);
- if (ret) {
- krb5_pac_free(context, pac);
- return ret;
- }
-
-- ret = _kdc_pac_verify(context, client, pac);
-+ ret = _kdc_pac_verify(context, client_principal,
-+ client, server, &pac);
- if (ret) {
- krb5_pac_free(context, pac);
- return ret;
-@@ -339,8 +341,8 @@
- *require_signedpath = 0;
-
- ret = _krb5_pac_sign(context, pac, tkt->authtime,
-- client->entry.principal,
-- sessionkey, ekey, rspac);
-+ client_principal,
-+ server_key, krbtgt_key, rspac);
-
- krb5_pac_free(context, pac);
-
-@@ -1714,8 +1716,9 @@
- goto out;
- }
-
-- ret = check_PAC(context, config, client, &tkey->key,
-- tgt, &sessionkey, &rspac, &require_signedpath);
-+ ret = check_PAC(context, config, client_principal,
-+ client, server, ekey, &tkey->key,
-+ tgt, &rspac, &require_signedpath);
- if (ret) {
- kdc_log(context, config, 0,
- "check_PAC check failed for %s (%s) from %s with %s",
-diff -ur /data/heimdal/kdc/windc.c ./kdc/windc.c
---- /data/heimdal/kdc/windc.c 2007-01-04 22:10:06.000000000 +1100
-+++ ./kdc/windc.c 2007-01-09 19:49:48.000000000 +1100
-@@ -85,14 +85,16 @@
-
- krb5_error_code
- _kdc_pac_verify(krb5_context context,
-+ const krb5_principal client_principal,
- hdb_entry_ex *client,
-- krb5_pac pac)
-+ hdb_entry_ex *server,
-+ krb5_pac *pac)
- {
- if (windcft == NULL) {
- krb5_set_error_string(context, "Can't verify WINDC, no function");
- return EINVAL;
- }
-- return (windcft->pac_verify)(windcctx, context, client, pac);
-+ return (windcft->pac_verify)(windcctx, context, client_principal, client, server, pac);
- }
-
- krb5_error_code
-diff -ur /data/heimdal/kdc/windc_plugin.h ./kdc/windc_plugin.h
---- /data/heimdal/kdc/windc_plugin.h 2007-01-04 22:13:51.000000000 +1100
-+++ ./kdc/windc_plugin.h 2007-01-09 19:49:59.000000000 +1100
-@@ -57,14 +57,15 @@
-
- typedef krb5_error_code
- (*krb5plugin_windc_pac_verify)(void *, krb5_context,
-- struct hdb_entry_ex *, krb5_pac);
-+ const krb5_principal,
-+ struct hdb_entry_ex *, struct hdb_entry_ex *, krb5_pac *);
-
- typedef krb5_error_code
- (*krb5plugin_windc_client_access)(
- void *, krb5_context, struct hdb_entry_ex *, KDC_REQ *);
-
-
--#define KRB5_WINDC_PLUGING_MINOR 1
-+#define KRB5_WINDC_PLUGING_MINOR 2
-
- typedef struct krb5plugin_windc_ftable {
- int minor_version;
diff -ur /data/heimdal/lib/gssapi/mech/gss_mech_switch.c ./lib/gssapi/mech/gss_mech_switch.c
--- /data/heimdal/lib/gssapi/mech/gss_mech_switch.c 2007-01-10 12:31:40.000000000 +1100
+++ ./lib/gssapi/mech/gss_mech_switch.c 2007-01-09 13:46:24.000000000 +1100
@@ -470,15 +356,3 @@
return ret;
}
-diff -ur /data/heimdal/lib/krb5/rd_req.c ./lib/krb5/rd_req.c
---- /data/heimdal/lib/krb5/rd_req.c 2007-01-05 11:26:41.000000000 +1100
-+++ ./lib/krb5/rd_req.c 2007-01-10 11:18:51.000000000 +1100
-@@ -855,7 +855,7 @@
- pac,
- o->ticket->ticket.authtime,
- o->ticket->client,
-- &o->ticket->ticket.key,
-+ o->keyblock,
- NULL);
- krb5_pac_free(context, pac);
- if (ret)
More information about the samba-cvs
mailing list