krb5_wrap: provide CKSUMTYPE_HMAC_SHA1_96_AES_*

MIT only defined this as CKSUMTYPE_HMAC_SHA1_96_AES128,
while Heimdal has CKSUMTYPE_HMAC_SHA1_96_AES_128.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit bb64c550ae19b08ad4e6d8d26f68c2474cb251e6)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12471
Patches for CVE-2016-2126 break build with MIT Kerberos

Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Tue Dec 20 15:58:07 CET 2016 on sn-devel-144

diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index cef9144a17e8bd3049932ba0bd3efdc45b0f9f07..20ef6a3ca53fac612a8ff14192c87cd4492bca01 100644 (file)
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -74,6 +74,17 @@
 #define CKSUMTYPE_HMAC_MD5 CKSUMTYPE_HMAC_MD5_ARCFOUR
 #endif
 
+/*
+ * CKSUMTYPE_HMAC_SHA1_96_AES_* in Heimdal
+ * CKSUMTYPE_HMAC_SHA1_96_AES* in MIT
+ */
+#if defined(CKSUMTYPE_HMAC_SHA1_96_AES128) && !defined(CKSUMTYPE_HMAC_SHA1_96_AES_128)
+#define CKSUMTYPE_HMAC_SHA1_96_AES_128 CKSUMTYPE_HMAC_SHA1_96_AES128
+#endif
+#if defined(CKSUMTYPE_HMAC_SHA1_96_AES256) && !defined(CKSUMTYPE_HMAC_SHA1_96_AES_256)
+#define CKSUMTYPE_HMAC_SHA1_96_AES_256 CKSUMTYPE_HMAC_SHA1_96_AES256
+#endif
+
 typedef struct {
 #if defined(HAVE_MAGIC_IN_KRB5_ADDRESS) && defined(HAVE_ADDRTYPE_IN_KRB5_ADDRESS) /* MIT */
        krb5_address **addrs;