Remove checks and replace with krb5_c_string_to_key().
Signed-off-by: Andreas Schneider <asn@samba.org>
#include "libcli/auth/krb5_wrap.h"
#include "librpc/gen_ndr/krb5pac.h"
-#if defined(HAVE_KRB5_PRINCIPAL2SALT) && defined(HAVE_KRB5_USE_ENCTYPE) && defined(HAVE_KRB5_ENCRYPT_BLOCK)
+#if defined(HAVE_KRB5_PRINCIPAL2SALT) && defined(HAVE_KRB5_C_STRING_TO_KEY)
+/* MIT */
int create_kerberos_key_from_string_direct(krb5_context context,
krb5_principal host_princ,
krb5_data *password,
{
int ret = 0;
krb5_data salt;
- krb5_encrypt_block eblock;
ret = krb5_principal2salt(context, host_princ, &salt);
if (ret) {
DEBUG(1,("krb5_principal2salt failed (%s)\n", error_message(ret)));
return ret;
}
- krb5_use_enctype(context, &eblock, enctype);
- ret = krb5_string_to_key(context, &eblock, key, password, &salt);
+ ret = krb5_c_string_to_key(context, enctype, password, &salt, key);
SAFE_FREE(salt.data);
return ret;
}
#elif defined(HAVE_KRB5_GET_PW_SALT) && defined(HAVE_KRB5_STRING_TO_KEY_SALT)
+/* Heimdal */
int create_kerberos_key_from_string_direct(krb5_context context,
krb5_principal host_princ,
krb5_data *password,
AC_CHECK_FUNC_EXT(krb5_set_default_tgs_enctypes, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_set_default_tgs_ktypes, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_principal2salt, $KRB5_LIBS)
- AC_CHECK_FUNC_EXT(krb5_use_enctype, $KRB5_LIBS)
- AC_CHECK_FUNC_EXT(krb5_string_to_key, $KRB5_LIBS)
+ AC_CHECK_FUNC_EXT(krb5_c_string_to_key, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_get_pw_salt, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_string_to_key_salt, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_auth_con_setkey, $KRB5_LIBS)
[Whether the type krb5_crypto exists])
fi
- AC_CACHE_CHECK([for krb5_encrypt_block type],
- samba_cv_HAVE_KRB5_ENCRYPT_BLOCK,[
- AC_TRY_COMPILE([#include <krb5.h>],
- [krb5_encrypt_block block;],
- samba_cv_HAVE_KRB5_ENCRYPT_BLOCK=yes,
- samba_cv_HAVE_KRB5_ENCRYPT_BLOCK=no)])
-
- if test x"$samba_cv_HAVE_KRB5_ENCRYPT_BLOCK" = x"yes"; then
- AC_DEFINE(HAVE_KRB5_ENCRYPT_BLOCK,1,
- [Whether the type krb5_encrypt_block exists])
- fi
-
AC_CACHE_CHECK([for addrtype in krb5_address],
samba_cv_HAVE_ADDRTYPE_IN_KRB5_ADDRESS,[
AC_TRY_COMPILE([#include <krb5.h>],
use_ads=no
fi
- if test x"$ac_cv_func_ext_krb5_string_to_key" != x"yes"
+ if test x"$ac_cv_func_ext_krb5_c_string_to_key" != x"yes"
then
- AC_MSG_WARN(krb5_string_to_key not found in -lkrb5)
+ AC_MSG_WARN(krb5_c_string_to_key not found in -lkrb5)
use_ads=no
fi
conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
conf.CHECK_FUNCS('''
krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
-krb5_set_default_tgs_ktypes krb5_principal2salt krb5_use_enctype
-krb5_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey
+krb5_set_default_tgs_ktypes krb5_principal2salt
+krb5_c_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey
krb5_auth_con_setuseruserkey krb5_get_permitted_enctypes
krb5_get_default_in_tkt_etypes krb5_free_data_contents
krb5_principal_get_comp_string krb5_free_unparsed_name
if not conf.CONFIG_SET('HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM'):
Logs.warn("krb5_principal_compare_any_realm not found in -lkrb5")
use_ads=False
- if not conf.CONFIG_SET('HAVE_KRB5_STRING_TO_KEY'):
- Logs.warn("krb5_string_to_key not found in -lkrb5")
+ if not conf.CONFIG_SET('HAVE_KRB5_C_STRING_TO_KEY') and \
+ not conf.CONFIG_SET('HAVE_KRB5_STRING_TO_KEY_SALT'):
+ Logs.warn("krb5_c_string_to_key not found in -lkrb5")
use_ads=False
if not conf.CONFIG_SET('HAVE_KRB5_PRINCIPAL2SALT') and \
not conf.CONFIG_SET('HAVE_KRB5_GET_PW_SALT'):