#include "smb_krb5.h"
#include "gse_krb5.h"
-#include <gssapi/gssapi.h>
-#include <gssapi/gssapi_krb5.h>
-#ifdef HAVE_GSSAPI_GSSAPI_EXT_H
-#include <gssapi/gssapi_ext.h>
-#endif
-
#ifndef GSS_KRB5_INQ_SSPI_SESSION_KEY_OID
#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH 11
#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05"
OM_uint32 gss_maj, gss_min;
krb5_error_code ret;
NTSTATUS status;
- const char *ktname;
- gss_OID_set_desc mech_set;
status = gse_context_init(mem_ctx, do_sign, do_seal,
NULL, add_gss_c_flags, &gse_ctx);
* This call sets the default keytab for the whole server, not
* just for this context. Need to find a way that does not alter
* the state of the whole server ... */
+ {
+ const char *ktname;
+ gss_OID_set_desc mech_set;
- ret = smb_krb5_keytab_name(gse_ctx, gse_ctx->k5ctx,
+ ret = smb_krb5_keytab_name(gse_ctx, gse_ctx->k5ctx,
gse_ctx->keytab, &ktname);
- if (ret) {
- status = NT_STATUS_INTERNAL_ERROR;
- goto done;
- }
+ if (ret) {
+ status = NT_STATUS_INTERNAL_ERROR;
+ goto done;
+ }
- ret = gsskrb5_register_acceptor_identity(ktname);
- if (ret) {
- status = NT_STATUS_INTERNAL_ERROR;
- goto done;
- }
+ ret = gsskrb5_register_acceptor_identity(ktname);
+ if (ret) {
+ status = NT_STATUS_INTERNAL_ERROR;
+ goto done;
+ }
- mech_set.count = 1;
- mech_set.elements = &gse_ctx->gss_mech;
-
- gss_maj = gss_acquire_cred(&gss_min,
+ mech_set.count = 1;
+ mech_set.elements = &gse_ctx->gss_mech;
+
+ gss_maj = gss_acquire_cred(&gss_min,
GSS_C_NO_NAME,
GSS_C_INDEFINITE,
&mech_set,
&gse_ctx->creds,
NULL, NULL);
- if (gss_maj) {
- DEBUG(0, ("gss_acquire_creds failed with [%s]\n",
- gse_errstr(gse_ctx, gss_maj, gss_min)));
- status = NT_STATUS_INTERNAL_ERROR;
- goto done;
+ if (gss_maj) {
+ DEBUG(0, ("gss_acquire_creds failed with [%s]\n",
+ gse_errstr(gse_ctx, gss_maj, gss_min)));
+ status = NT_STATUS_INTERNAL_ERROR;
+ goto done;
+ }
}
#endif
status = NT_STATUS_OK;
if (gss_maj) {
goto done;
}
+ errstr = talloc_strndup(mem_ctx,
+ (char *)msg_maj.value,
+ msg_maj.length);
+ if (!errstr) {
+ goto done;
+ }
gss_maj = gss_display_status(&gss_min, min, GSS_C_MECH_CODE,
(gss_OID)discard_const(gss_mech_krb5),
&msg_ctx, &msg_min);
goto done;
}
- errstr = talloc_strndup(mem_ctx,
- (char *)msg_maj.value,
- msg_maj.length);
- if (!errstr) {
- goto done;
- }
errstr = talloc_strdup_append_buffer(errstr, ": ");
if (!errstr) {
goto done;