krb5_wrap: Move unwrap_edata_ntstatus() and make it static
authorAndreas Schneider <asn@samba.org>
Thu, 25 Aug 2016 15:07:01 +0000 (17:07 +0200)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 31 Aug 2016 18:59:17 +0000 (20:59 +0200)
This also removes the asn1util dependency from krb5_wrap and moves it to
libads which is the only user.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
lib/krb5_wrap/krb5_samba.c
lib/krb5_wrap/krb5_samba.h
lib/krb5_wrap/wscript_build
source3/libads/kerberos.c
source3/wscript_build

index 505f144..24d64cc 100644 (file)
@@ -23,7 +23,6 @@
 #include "includes.h"
 #include "system/filesys.h"
 #include "krb5_samba.h"
-#include "lib/util/asn1.h"
 
 #ifdef HAVE_COM_ERR_H
 #include <com_err.h>
@@ -386,53 +385,6 @@ krb5_error_code smb_krb5_get_allowed_etypes(krb5_context context,
 #error UNKNOWN_GET_ENCTYPES_FUNCTIONS
 #endif
 
-bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
-                          DATA_BLOB *edata,
-                          DATA_BLOB *edata_out)
-{
-       DATA_BLOB edata_contents;
-       ASN1_DATA *data;
-       int edata_type;
-
-       if (!edata->length) {
-               return false;
-       }
-
-       data = asn1_init(mem_ctx);
-       if (data == NULL) {
-               return false;
-       }
-
-       if (!asn1_load(data, *edata)) goto err;
-       if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto err;
-       if (!asn1_start_tag(data, ASN1_CONTEXT(1))) goto err;
-       if (!asn1_read_Integer(data, &edata_type)) goto err;
-
-       if (edata_type != KRB5_PADATA_PW_SALT) {
-               DEBUG(0,("edata is not of required type %d but of type %d\n",
-                       KRB5_PADATA_PW_SALT, edata_type));
-               goto err;
-       }
-
-       if (!asn1_start_tag(data, ASN1_CONTEXT(2))) goto err;
-       if (!asn1_read_OctetString(data, talloc_tos(), &edata_contents)) goto err;
-       if (!asn1_end_tag(data)) goto err;
-       if (!asn1_end_tag(data)) goto err;
-       if (!asn1_end_tag(data)) goto err;
-       asn1_free(data);
-
-       *edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length);
-
-       data_blob_free(&edata_contents);
-
-       return true;
-
-  err:
-
-       asn1_free(data);
-       return false;
-}
-
 
 /**
  * @brief Convert a string principal name to a Kerberos principal.
index 404999b..64a04b3 100644 (file)
@@ -321,11 +321,6 @@ char *smb_get_krb5_error_message(krb5_context context,
                                 krb5_error_code code,
                                 TALLOC_CTX *mem_ctx);
 
-bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
-                          DATA_BLOB *edata,
-                          DATA_BLOB *edata_out);
-
-
 krb5_error_code kt_copy(krb5_context context,
                        const char *from,
                        const char *to);
index 1a65d28..6249644 100755 (executable)
@@ -6,6 +6,6 @@ if bld.CONFIG_SET('SAMBA4_USES_HEIMDAL'):
 
 bld.SAMBA_LIBRARY('krb5samba',
                   source='krb5_samba.c gss_samba.c keytab_util.c enctype_convert.c',
-                  deps='samba-util asn1util talloc krb5 com_err gssapi' + add_deps,
+                  deps='samba-util talloc krb5 com_err gssapi' + add_deps,
                   private_library=True
                  )
index 49a85ca..d2e9fa4 100644 (file)
@@ -29,6 +29,7 @@
 #include "libads/cldap.h"
 #include "secrets.h"
 #include "../lib/tsocket/tsocket.h"
+#include "lib/util/asn1.h"
 
 #ifdef HAVE_KRB5
 
@@ -98,6 +99,53 @@ kerb_prompter(krb5_context ctx, void *data,
        return 0;
 }
 
+static bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
+                                 DATA_BLOB *edata,
+                                 DATA_BLOB *edata_out)
+{
+       DATA_BLOB edata_contents;
+       ASN1_DATA *data;
+       int edata_type;
+
+       if (!edata->length) {
+               return false;
+       }
+
+       data = asn1_init(mem_ctx);
+       if (data == NULL) {
+               return false;
+       }
+
+       if (!asn1_load(data, *edata)) goto err;
+       if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto err;
+       if (!asn1_start_tag(data, ASN1_CONTEXT(1))) goto err;
+       if (!asn1_read_Integer(data, &edata_type)) goto err;
+
+       if (edata_type != KRB5_PADATA_PW_SALT) {
+               DEBUG(0,("edata is not of required type %d but of type %d\n",
+                       KRB5_PADATA_PW_SALT, edata_type));
+               goto err;
+       }
+
+       if (!asn1_start_tag(data, ASN1_CONTEXT(2))) goto err;
+       if (!asn1_read_OctetString(data, talloc_tos(), &edata_contents)) goto err;
+       if (!asn1_end_tag(data)) goto err;
+       if (!asn1_end_tag(data)) goto err;
+       if (!asn1_end_tag(data)) goto err;
+       asn1_free(data);
+
+       *edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length);
+
+       data_blob_free(&edata_contents);
+
+       return true;
+
+  err:
+
+       asn1_free(data);
+       return false;
+}
+
  static bool smb_krb5_get_ntstatus_from_krb5_error(krb5_error *error,
                                                   NTSTATUS *nt_status)
 {
index 2d913e8..e25b8d5 100755 (executable)
@@ -246,7 +246,7 @@ bld.SAMBA3_LIBRARY('util_cmdline',
 
 bld.SAMBA3_SUBSYSTEM('KRBCLIENT',
                      source='libads/kerberos.c libads/ads_status.c',
-                     public_deps='krb5samba k5crypto gssapi LIBTSOCKET CLDAP LIBNMB')
+                     public_deps='krb5samba asn1util k5crypto gssapi LIBTSOCKET CLDAP LIBNMB')
 
 bld.SAMBA3_SUBSYSTEM('samba3util',
                    source='''lib/system.c