HAVE_KRB5 already implies that GSSAPI is present as well.
Andrew Bartlett
-#ifdef HAVE_GSSAPI_SUPPORT
void display_status( const char *msg, OM_uint32 maj_stat, OM_uint32 min_stat );
DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm,
void display_status( const char *msg, OM_uint32 maj_stat, OM_uint32 min_stat );
DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm,
const char *algorithmname,
time_t time_signed, uint16 fudge);
const char *algorithmname,
time_t time_signed, uint16 fudge);
-#endif /* HAVE_GSSAPI_SUPPORT */
#ifdef HAVE_KRB5
case ENUM_ADS_ERROR_KRB5:
return error_message(status.err.rc);
#ifdef HAVE_KRB5
case ENUM_ADS_ERROR_KRB5:
return error_message(status.err.rc);
-#endif
-#ifdef HAVE_GSSAPI
case ENUM_ADS_ERROR_GSS:
{
char *ret;
case ENUM_ADS_ERROR_GSS:
{
char *ret;
NTSTATUS gss_err_to_ntstatus(uint32 maj, uint32 min)
{
ADS_STATUS adss = ADS_ERROR_GSS(maj, min);
NTSTATUS gss_err_to_ntstatus(uint32 maj, uint32 min)
{
ADS_STATUS adss = ADS_ERROR_GSS(maj, min);
static ADS_STATUS ads_sasl_gssapi_wrap(ADS_STRUCT *ads, uint8 *buf, uint32 len)
{
gss_ctx_id_t context_handle = (gss_ctx_id_t)ads->ldap.wrap_private_data;
static ADS_STATUS ads_sasl_gssapi_wrap(ADS_STRUCT *ads, uint8 *buf, uint32 len)
{
gss_ctx_id_t context_handle = (gss_ctx_id_t)ads->ldap.wrap_private_data;
-#endif /* HAVE_GSSAPI */
#ifdef HAVE_KRB5
struct ads_service_principal {
char *string;
#ifdef HAVE_KRB5
struct ads_service_principal {
char *string;
gss_name_t name;
#endif
};
gss_name_t name;
#endif
};
if (p->name) {
uint32 minor_status;
gss_release_name(&minor_status, &p->name);
if (p->name) {
uint32 minor_status;
gss_release_name(&minor_status, &p->name);
struct ads_service_principal *p)
{
ADS_STATUS status;
struct ads_service_principal *p)
{
ADS_STATUS status;
gss_buffer_desc input_name;
/* GSS_KRB5_NT_PRINCIPAL_NAME */
gss_OID_desc nt_principal =
gss_buffer_desc input_name;
/* GSS_KRB5_NT_PRINCIPAL_NAME */
gss_OID_desc nt_principal =
input_name.value = p->string;
input_name.length = strlen(p->string);
input_name.value = p->string;
input_name.length = strlen(p->string);
static ADS_STATUS ads_sasl_spnego_krb5_bind(ADS_STRUCT *ads,
struct ads_service_principal *p)
{
static ADS_STATUS ads_sasl_spnego_krb5_bind(ADS_STRUCT *ads,
struct ads_service_principal *p)
{
/*
* we only use the gsskrb5 based implementation
* when sasl sign or seal is requested.
/*
* we only use the gsskrb5 based implementation
* when sasl sign or seal is requested.
#define MAX_GSS_PASSES 3
/* this performs a SASL/gssapi bind
#define MAX_GSS_PASSES 3
/* this performs a SASL/gssapi bind
-#endif /* HAVE_GSSAPI */
/* mapping between SASL mechanisms and functions */
static struct {
/* mapping between SASL mechanisms and functions */
static struct {
ADS_STATUS (*fn)(ADS_STRUCT *);
} sasl_mechanisms[] = {
{"GSS-SPNEGO", ads_sasl_spnego_bind},
ADS_STATUS (*fn)(ADS_STRUCT *);
} sasl_mechanisms[] = {
{"GSS-SPNEGO", ads_sasl_spnego_bind},
{"GSSAPI", ads_sasl_gssapi_bind}, /* doesn't work with .NET RC1. No idea why */
#endif
{NULL, NULL}
{"GSSAPI", ads_sasl_gssapi_bind}, /* doesn't work with .NET RC1. No idea why */
#endif
{NULL, NULL}