Wrap krb5_cc_copy_creds and krb5_cc_copy_cache
authorAlexander Bokovoy <ab@samba.org>
Sun, 24 Jul 2016 12:47:33 +0000 (15:47 +0300)
committerGünther Deschner <gd@samba.org>
Mon, 25 Jul 2016 19:27:57 +0000 (21:27 +0200)
Heimdal and MIT Kerberos have different API to copy credentials from a
ccache. Wrap it via lib/krb5_wrap/.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Jul 25 21:27:58 CEST 2016 on sn-devel-144

auth/credentials/credentials_krb5.c
lib/krb5_wrap/krb5_samba.c
lib/krb5_wrap/krb5_samba.h
source4/heimdal_build/wscript_configure
wscript_configure_system_mitkrb5

index 0bd6595..82b6de9 100644 (file)
@@ -763,8 +763,8 @@ static int cli_credentials_shallow_ccache(struct cli_credentials *cred)
 
        TALLOC_FREE(ccache_name);
 
-       ret = krb5_cc_copy_cache(ccc->smb_krb5_context->krb5_context,
-                                old_ccc->ccache, ccc->ccache);
+       ret = smb_krb5_cc_copy_creds(ccc->smb_krb5_context->krb5_context,
+                                    old_ccc->ccache, ccc->ccache);
        if (ret != 0) {
                TALLOC_FREE(ccc);
                return ret;
index 8064f17..2943b33 100644 (file)
@@ -3039,6 +3039,18 @@ krb5_error_code krb5_warnx(krb5_context context, const char *fmt, ...)
 }
 #endif
 
+krb5_error_code smb_krb5_cc_copy_creds(krb5_context context,
+                                      krb5_ccache incc, krb5_ccache outcc)
+{
+#ifdef HAVE_KRB5_CC_COPY_CACHE /* Heimdal */
+       return krb5_cc_copy_cache(context, incc, outcc);
+#elif defined(HAVE_KRB5_CC_COPY_CREDS)
+       return krb5_cc_copy_creds(context, incc, outcc);
+#else
+#error UNKNOWN_KRB5_CC_COPY_CACHE_OR_CREDS_FUNCTION
+#endif
+}
+
 #else /* HAVE_KRB5 */
  /* this saves a few linking headaches */
  int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx,
index f988858..2d31619 100644 (file)
@@ -396,6 +396,9 @@ int smb_krb5_principal_get_type(krb5_context context,
 krb5_error_code krb5_warnx(krb5_context context, const char *fmt, ...);
 #endif
 
+krb5_error_code smb_krb5_cc_copy_creds(krb5_context context,
+                                      krb5_ccache incc, krb5_ccache outcc);
+
 #endif /* HAVE_KRB5 */
 
 int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx,
index 79b461c..67ac34b 100755 (executable)
@@ -104,6 +104,7 @@ conf.define('HAVE_INITIALIZE_KRB5_ERROR_TABLE', 1)
 conf.define('HAVE_KRB5_ADDRESSES', 1)
 conf.define('HAVE_KRB5_AUTH_CON_SETKEY', 1)
 conf.define('HAVE_KRB5_CC_GET_LIFETIME', 1)
+conf.define('HAVE_KRB5_CC_COPY_CACHE', 1)
 conf.define('HAVE_KRB5_CREATE_CHECKSUM', 1)
 conf.define('HAVE_KRB5_CRYPTO', 1)
 conf.define('HAVE_KRB5_CRYPTO_DESTROY', 1)
index 0d47ccb..57a729d 100644 (file)
@@ -118,6 +118,7 @@ conf.CHECK_FUNCS('''
        krb5_get_init_creds_keyblock krb5_get_init_creds_keytab
        krb5_make_principal krb5_build_principal_alloc_va
        krb5_cc_get_lifetime krb5_cc_retrieve_cred
+       krb5_cc_copy_creds
        krb5_free_checksum_contents krb5_c_make_checksum krb5_create_checksum
        krb5_config_get_bool_default krb5_get_profile
        krb5_data_copy