krb5_wrap: Move unwrap_edata_ntstatus() and make it static

This also removes the asn1util dependency from krb5_wrap and moves it to
libads which is the only user.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 505f1445786ca57dcd8d6a81d1a7f634c2c41eaa..24d64cce5cf85fdb8c8cd88a275bd2f80150e712 100644 (file)
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -23,7 +23,6 @@
 #include "includes.h"
 #include "system/filesys.h"
 #include "krb5_samba.h"
-#include "lib/util/asn1.h"
 
 #ifdef HAVE_COM_ERR_H
 #include <com_err.h>
@@ -386,53 +385,6 @@ krb5_error_code smb_krb5_get_allowed_etypes(krb5_context context,
 #error UNKNOWN_GET_ENCTYPES_FUNCTIONS
 #endif
 
-bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
-                          DATA_BLOB *edata,
-                          DATA_BLOB *edata_out)
-{
-       DATA_BLOB edata_contents;
-       ASN1_DATA *data;
-       int edata_type;
-
-       if (!edata->length) {
-               return false;
-       }
-
-       data = asn1_init(mem_ctx);
-       if (data == NULL) {
-               return false;
-       }
-
-       if (!asn1_load(data, *edata)) goto err;
-       if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto err;
-       if (!asn1_start_tag(data, ASN1_CONTEXT(1))) goto err;
-       if (!asn1_read_Integer(data, &edata_type)) goto err;
-
-       if (edata_type != KRB5_PADATA_PW_SALT) {
-               DEBUG(0,("edata is not of required type %d but of type %d\n",
-                       KRB5_PADATA_PW_SALT, edata_type));
-               goto err;
-       }
-
-       if (!asn1_start_tag(data, ASN1_CONTEXT(2))) goto err;
-       if (!asn1_read_OctetString(data, talloc_tos(), &edata_contents)) goto err;
-       if (!asn1_end_tag(data)) goto err;
-       if (!asn1_end_tag(data)) goto err;
-       if (!asn1_end_tag(data)) goto err;
-       asn1_free(data);
-
-       *edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length);
-
-       data_blob_free(&edata_contents);
-
-       return true;
-
-  err:
-
-       asn1_free(data);
-       return false;
-}
-
 
 /**
  * @brief Convert a string principal name to a Kerberos principal.

diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index 404999bf1cf1945119ea4f68dfe03502873ab233..64a04b31b55e594fe19db5081a1350995fee3ddd 100644 (file)
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -321,11 +321,6 @@ char *smb_get_krb5_error_message(krb5_context context,
                                 krb5_error_code code,
                                 TALLOC_CTX *mem_ctx);
 
-bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
-                          DATA_BLOB *edata,
-                          DATA_BLOB *edata_out);
-
-
 krb5_error_code kt_copy(krb5_context context,
                        const char *from,
                        const char *to);

diff --git a/lib/krb5_wrap/wscript_build b/lib/krb5_wrap/wscript_build
index 1a65d28b6c0c476964314a5153c2d0ead83830c3..624964452afb406fc7066ee6f2e56f54d1bc7d8d 100755 (executable)
--- a/lib/krb5_wrap/wscript_build
+++ b/lib/krb5_wrap/wscript_build
@@ -6,6 +6,6 @@ if bld.CONFIG_SET('SAMBA4_USES_HEIMDAL'):
 
 bld.SAMBA_LIBRARY('krb5samba',
                   source='krb5_samba.c gss_samba.c keytab_util.c enctype_convert.c',
-                  deps='samba-util asn1util talloc krb5 com_err gssapi' + add_deps,
+                  deps='samba-util talloc krb5 com_err gssapi' + add_deps,
                   private_library=True
                  )

diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 49a85ca9f9076c993a75e5939769d51613a9450a..d2e9fa4fed5d1df5716d7703b01e38c530e4c3c0 100644 (file)
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -29,6 +29,7 @@
 #include "libads/cldap.h"
 #include "secrets.h"
 #include "../lib/tsocket/tsocket.h"
+#include "lib/util/asn1.h"
 
 #ifdef HAVE_KRB5
 
@@ -98,6 +99,53 @@ kerb_prompter(krb5_context ctx, void *data,
        return 0;
 }
 
+static bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
+                                 DATA_BLOB *edata,
+                                 DATA_BLOB *edata_out)
+{
+       DATA_BLOB edata_contents;
+       ASN1_DATA *data;
+       int edata_type;
+
+       if (!edata->length) {
+               return false;
+       }
+
+       data = asn1_init(mem_ctx);
+       if (data == NULL) {
+               return false;
+       }
+
+       if (!asn1_load(data, *edata)) goto err;
+       if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto err;
+       if (!asn1_start_tag(data, ASN1_CONTEXT(1))) goto err;
+       if (!asn1_read_Integer(data, &edata_type)) goto err;
+
+       if (edata_type != KRB5_PADATA_PW_SALT) {
+               DEBUG(0,("edata is not of required type %d but of type %d\n",
+                       KRB5_PADATA_PW_SALT, edata_type));
+               goto err;
+       }
+
+       if (!asn1_start_tag(data, ASN1_CONTEXT(2))) goto err;
+       if (!asn1_read_OctetString(data, talloc_tos(), &edata_contents)) goto err;
+       if (!asn1_end_tag(data)) goto err;
+       if (!asn1_end_tag(data)) goto err;
+       if (!asn1_end_tag(data)) goto err;
+       asn1_free(data);
+
+       *edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length);
+
+       data_blob_free(&edata_contents);
+
+       return true;
+
+  err:
+
+       asn1_free(data);
+       return false;
+}
+
  static bool smb_krb5_get_ntstatus_from_krb5_error(krb5_error *error,
                                                   NTSTATUS *nt_status)
 {

diff --git a/source3/wscript_build b/source3/wscript_build
index 2d913e8df47498b7fa415a664662dadd7cd41195..e25b8d5ef4f01323c72f973468ac55101bffe5db 100755 (executable)
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -246,7 +246,7 @@ bld.SAMBA3_LIBRARY('util_cmdline',
 
 bld.SAMBA3_SUBSYSTEM('KRBCLIENT',
                      source='libads/kerberos.c libads/ads_status.c',
-                     public_deps='krb5samba k5crypto gssapi LIBTSOCKET CLDAP LIBNMB')
+                     public_deps='krb5samba asn1util k5crypto gssapi LIBTSOCKET CLDAP LIBNMB')
 
 bld.SAMBA3_SUBSYSTEM('samba3util',
                    source='''lib/system.c