s3-kerberos: remove smb_krb5_get_tkt_from_creds().

[nivanova/samba-autobuild/.git] / source3 / libads / sasl.c

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index dec8756a860de13378f17e3ab7622d2cda83b6d6..9b4d8bd2d444589ab56686c2544125ed78f3300a 100644 (file)
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -18,6 +18,7 @@
 */
 
 #include "includes.h"
+#include "../libcli/auth/spnego.h"
 
 #ifdef HAVE_LDAP
 
@@ -268,7 +269,7 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
 #ifdef HAVE_GSSAPI
 static ADS_STATUS ads_sasl_gssapi_wrap(ADS_STRUCT *ads, uint8 *buf, uint32 len)
 {
-       gss_ctx_id_t context_handle = ads->ldap.wrap_private_data;
+       gss_ctx_id_t context_handle = (gss_ctx_id_t)ads->ldap.wrap_private_data;
        ADS_STATUS status;
        int gss_rc;
        uint32 minor_status;
@@ -309,7 +310,7 @@ static ADS_STATUS ads_sasl_gssapi_wrap(ADS_STRUCT *ads, uint8 *buf, uint32 len)
 
 static ADS_STATUS ads_sasl_gssapi_unwrap(ADS_STRUCT *ads)
 {
-       gss_ctx_id_t context_handle = ads->ldap.wrap_private_data;
+       gss_ctx_id_t context_handle = (gss_ctx_id_t)ads->ldap.wrap_private_data;
        ADS_STATUS status;
        int gss_rc;
        uint32 minor_status;
@@ -329,7 +330,7 @@ static ADS_STATUS ads_sasl_gssapi_unwrap(ADS_STRUCT *ads)
                return ADS_ERROR_NT(NT_STATUS_ACCESS_DENIED);
        }
 
-       if (wrapped.length < wrapped.length) {
+       if (wrapped.length < unwrapped.length) {
                return ADS_ERROR_NT(NT_STATUS_INTERNAL_ERROR);
        }
 
@@ -347,7 +348,7 @@ static ADS_STATUS ads_sasl_gssapi_unwrap(ADS_STRUCT *ads)
 
 static void ads_sasl_gssapi_disconnect(ADS_STRUCT *ads)
 {
-       gss_ctx_id_t context_handle = ads->ldap.wrap_private_data;
+       gss_ctx_id_t context_handle = (gss_ctx_id_t)ads->ldap.wrap_private_data;
        uint32 minor_status;
 
        gss_delete_sec_context(&minor_status, &context_handle, GSS_C_NO_BUFFER);
@@ -369,7 +370,7 @@ static const struct ads_saslwrap_ops ads_sasl_gssapi_ops = {
 static ADS_STATUS ads_sasl_spnego_gsskrb5_bind(ADS_STRUCT *ads, const gss_name_t serv_name)
 {
        ADS_STATUS status;
-       BOOL ok;
+       bool ok;
        uint32 minor_status;
        int gss_rc, rc;
        gss_OID_desc krb5_mech_type =
@@ -597,6 +598,8 @@ static ADS_STATUS ads_sasl_spnego_gsskrb5_bind(ADS_STRUCT *ads, const gss_name_t
                context_handle = GSS_C_NO_CONTEXT;
        }
 
+       status = ADS_SUCCESS;
+
 failed:
        if (context_handle != GSS_C_NO_CONTEXT)
                gss_delete_sec_context(&minor_status, &context_handle, GSS_C_NO_BUFFER);
@@ -746,7 +749,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
        char *given_principal = NULL;
        char *OIDs[ASN1_MAX_OIDS];
 #ifdef HAVE_KRB5
-       BOOL got_kerberos_mechanism = False;
+       bool got_kerberos_mechanism = False;
 #endif
 
        rc = ldap_sasl_bind_s(ads->ldap.ld, NULL, "GSS-SPNEGO", NULL, NULL, NULL, &scred);
@@ -782,7 +785,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
                        got_kerberos_mechanism = True;
                }
 #endif
-               free(OIDs[i]);
+               talloc_free(OIDs[i]);
        }
        DEBUG(3,("ads_sasl_spnego_bind: got server principal name = %s\n", given_principal));
 
@@ -793,7 +796,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
                struct ads_service_principal p;
 
                status = ads_generate_service_principal(ads, given_principal, &p);
-               SAFE_FREE(given_principal);
+               TALLOC_FREE(given_principal);
                if (!ADS_ERR_OK(status)) {
                        return status;
                }
@@ -828,7 +831,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
        } else
 #endif
        {
-               SAFE_FREE(given_principal);
+               TALLOC_FREE(given_principal);
        }
 
        /* lets do NTLMSSP ... this has the big advantage that we don't need