gse: Use the smb_gss_oid_equal wrapper.

author Andreas Schneider <asn@samba.org>

Mon, 21 May 2012 16:25:28 +0000 (18:25 +0200)

committer Alexander Bokovoy <ab@samba.org>

Wed, 23 May 2012 14:51:51 +0000 (17:51 +0300)
author Andreas Schneider <asn@samba.org>
Mon, 21 May 2012 16:25:28 +0000 (18:25 +0200)
committer Alexander Bokovoy <ab@samba.org>
Wed, 23 May 2012 14:51:51 +0000 (17:51 +0300)
diff --git a/auth/kerberos/pac_utils.h b/auth/kerberos/pac_utils.h

index 7726f527754a0045a20bbab5d464995f585c28ad..d654bec208b87ffd6237b390419af5bf4ac7b741 100644 (file)
--- a/auth/kerberos/pac_utils.h
+++ b/auth/kerberos/pac_utils.h
@@ -22,7 +22,7 @@
  #define _PAC_UTILS_H
  
  #include "lib/krb5_wrap/krb5_samba.h"
-#include "system/gssapi.h"
+#include "lib/krb5_wrap/gss_samba.h"
  
  struct PAC_SIGNATURE_DATA;
  struct PAC_DATA;
diff --git a/source3/include/smb_krb5.h b/source3/include/smb_krb5.h

index 1f66212321befeaeda9ad0a23df088fc9ac77eec..743b67ff4931ed7082e5d2ca65f9c70c5ca300fa 100644 (file)
--- a/source3/include/smb_krb5.h
+++ b/source3/include/smb_krb5.h
@@ -1 +1,2 @@
  #include "lib/krb5_wrap/krb5_samba.h"
+#include "lib/krb5_wrap/gss_samba.h"
diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c

index fba942bd6407b902ee65ab226139da805987961d..11a545727b74c3f1c7eaf3a96653b09766632b68 100644 (file)
--- a/source3/librpc/crypto/gse.c
+++ b/source3/librpc/crypto/gse.c
@@ -57,24 +57,6 @@ struct gse_context {
         gss_OID ret_mech;
  };
  
-#ifndef HAVE_GSS_OID_EQUAL
-
-static bool gss_oid_equal(const gss_OID o1, const gss_OID o2)
-{
-       if (o1 == o2) {
-               return true;
-       }
-       if ((o1 == NULL && o2 != NULL) || (o1 != NULL && o2 == NULL)) {
-               return false;
-       }
-       if (o1->length != o2->length) {
-               return false;
-       }
-       return memcmp(o1->elements, o2->elements, o1->length) == false;
-}
-
-#endif
-
  /* free non talloc dependent contexts */
  static int gse_context_destructor(void *ptr)
  {
@@ -126,7 +108,8 @@ static int gse_context_destructor(void *ptr)
          * this code to EAP or other GSS mechanisms determines an
          * implementation-dependent way of releasing any dynamically
          * allocated OID */
-       SMB_ASSERT(gss_oid_equal(&gse_ctx->gss_mech, GSS_C_NO_OID) || gss_oid_equal(&gse_ctx->gss_mech, gss_mech_krb5));
+       SMB_ASSERT(smb_gss_oid_equal(&gse_ctx->gss_mech, GSS_C_NO_OID) ||
+                  smb_gss_oid_equal(&gse_ctx->gss_mech, gss_mech_krb5));
  
         return 0;
  }
@@ -994,7 +977,7 @@ static bool gensec_gse_have_feature(struct gensec_security *gensec_security,
         }
         if (feature & GENSEC_FEATURE_SESSION_KEY) {
                 /* Only for GSE/Krb5 */
-               if (gss_oid_equal(gse_ctx->ret_mech, gss_mech_krb5)) {
+               if (smb_gss_oid_equal(gse_ctx->ret_mech, gss_mech_krb5)) {
                         return true;
                 }
         }
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c

index 6d6ea3cf285ed6f5aa27e2ba1be7377dde749195..2b09665a44b1c2f01786a898d0b5324e09e31432 100644 (file)
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -612,7 +612,8 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
                                           gssapi_error_string(out_mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
                         }
                         return NT_STATUS_INVALID_PARAMETER;
-               } else if (gss_oid_equal(gensec_gssapi_state->gss_oid, gss_mech_krb5)) {
+               } else if (smb_gss_oid_equal(gensec_gssapi_state->gss_oid,
+                                            gss_mech_krb5)) {
                         switch (min_stat) {
                         case KRB5KRB_AP_ERR_TKT_NYV:
                                 DEBUG(1, ("Error with ticket to contact %s: possible clock skew between us and the KDC or target server: %s\n",
@@ -1225,7 +1226,8 @@ static bool gensec_gssapi_have_feature(struct gensec_security *gensec_security,
         }
         if (feature & GENSEC_FEATURE_SESSION_KEY) {
                 /* Only for GSSAPI/Krb5 */
-               if (gss_oid_equal(gensec_gssapi_state->gss_oid, gss_mech_krb5)) {
+               if (smb_gss_oid_equal(gensec_gssapi_state->gss_oid,
+                                     gss_mech_krb5)) {
                         return true;
                 }
         }
diff --git a/source4/auth/kerberos/kerberos.h b/source4/auth/kerberos/kerberos.h

index dd28e534138afd19cf959260f9853dfafd242211..0be6d74a8bb9857f1ce939c315ccf4694aa58f16 100644 (file)
--- a/source4/auth/kerberos/kerberos.h
+++ b/source4/auth/kerberos/kerberos.h
@@ -27,6 +27,7 @@
  #include "auth/kerberos/krb5_init_context.h"
  #include "librpc/gen_ndr/krb5pac.h"
  #include "lib/krb5_wrap/krb5_samba.h"
+#include "lib/krb5_wrap/gss_samba.h"
  
  struct auth_user_info_dc;
  struct cli_credentials;
author	Andreas Schneider <asn@samba.org>
	Mon, 21 May 2012 16:25:28 +0000 (18:25 +0200)
committer	Alexander Bokovoy <ab@samba.org>
	Wed, 23 May 2012 14:51:51 +0000 (17:51 +0300)
auth/kerberos/pac_utils.h		patch \| blob \| history
source3/include/smb_krb5.h		patch \| blob \| history
source3/librpc/crypto/gse.c		patch \| blob \| history
source4/auth/gensec/gensec_gssapi.c		patch \| blob \| history
source4/auth/kerberos/kerberos.h		patch \| blob \| history