lib/krb5_wrap: add smb_krb5_principal_set_realm().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index d5c0b37d282f346fa3deac39d90d729bfa03412a..8d91e1c074ff7f451f15e755fc6ec3aae7c59eeb 100644 (file)
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -2313,6 +2313,50 @@ char *smb_krb5_principal_get_realm(krb5_context context,
 #endif
 }
 
+/*
+ * smb_krb5_principal_set_realm
+ *
+ * @brief Get realm of a principal
+ *
+ * @param[in] context          The krb5_context
+ * @param[in] principal                The principal
+ * @param[in] realm            The realm
+ * @return                     0 on success, a krb5_error_code on error.
+ *
+ */
+
+krb5_error_code smb_krb5_principal_set_realm(krb5_context context,
+                                            krb5_principal principal,
+                                            const char *realm)
+{
+#ifdef HAVE_KRB5_PRINCIPAL_SET_REALM /* Heimdal */
+       return krb5_principal_set_realm(context, principal, realm);
+#elif defined(krb5_princ_realm) && defined(krb5_princ_set_realm) /* MIT */
+       krb5_error_code ret;
+       krb5_data data;
+       krb5_data *old_data;
+
+       old_data = krb5_princ_realm(context, principal);
+
+       data.magic = 0;
+       data.length = strlen(realm);
+       data.data = malloc(data.length);
+       if (data.data == NULL) {
+               return ENOMEM;
+       }
+
+       /* free realm before setting */
+       free(old_data->data);
+
+       krb5_princ_set_realm(context, principal, &data);
+
+       return ret;
+#else
+#error UNKNOWN_PRINC_SET_REALM_FUNCTION
+#endif
+}
+
+
 /************************************************************************
  Routine to get the default realm from the kerberos credentials cache.
  Caller must free if the return value is not NULL.

diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index 36b60feebe9d35494bf89d7c6af14ec6e2222fcc..03246fd028830e3fdb10569f68888bc3ad2038c3 100644 (file)
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -254,6 +254,10 @@ krb5_error_code smb_krb5_make_pac_checksum(TALLOC_CTX *mem_ctx,
 char *smb_krb5_principal_get_realm(krb5_context context,
                                   krb5_const_principal principal);
 
+krb5_error_code smb_krb5_principal_set_realm(krb5_context context,
+                                            krb5_principal principal,
+                                            const char *realm);
+
 char *kerberos_get_principal_from_service_hostname(TALLOC_CTX *mem_ctx,
                                                   const char *service,
                                                   const char *remote_name,

diff --git a/source4/heimdal_build/wscript_configure b/source4/heimdal_build/wscript_configure
index 5caef5c8c123fc0240dc1e822205751c221fa2b9..297422f6116c3ee1bca532571ffd39b7b53039a5 100755 (executable)
--- a/source4/heimdal_build/wscript_configure
+++ b/source4/heimdal_build/wscript_configure
@@ -164,6 +164,7 @@ conf.define('HAVE_GSSAPI_GSSAPI_SPNEGO_H', 1)
 conf.define('HAVE_FLAGS_IN_KRB5_CREDS', 1)
 conf.define('HAVE_KRB5_CONFIG_GET_BOOL_DEFAULT', 1)
 conf.define('HAVE_KRB5_DATA_COPY', 1)
+conf.define('HAVE_KRB5_PRINCIPAL_SET_REALM', 1)
 
 heimdal_includedirs = []
 heimdal_libdirs = []

diff --git a/wscript_configure_system_mitkrb5 b/wscript_configure_system_mitkrb5
index 3cef223a560171603edaeed11e3bd03cc5724fdc..3293b3c7b4c88a1d702fefb91ac9f1b392b2079a 100644 (file)
--- a/wscript_configure_system_mitkrb5
+++ b/wscript_configure_system_mitkrb5
@@ -108,7 +108,7 @@ conf.CHECK_FUNCS('''
        krb5_free_checksum_contents krb5_c_make_checksum krb5_create_checksum
        krb5_config_get_bool_default krb5_get_profile
        krb5_data_copy
-       krb5_keyblock_init
+       krb5_keyblock_init krb5_principal_set_realm
        ''',
      lib='krb5 k5crypto')
 conf.CHECK_DECLS('''krb5_get_credentials_for_user