#include "includes.h"
#include "system/filesys.h"
#include "krb5_samba.h"
-#include "lib/util/asn1.h"
#ifdef HAVE_COM_ERR_H
#include <com_err.h>
#error UNKNOWN_GET_ENCTYPES_FUNCTIONS
#endif
-bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
- DATA_BLOB *edata,
- DATA_BLOB *edata_out)
-{
- DATA_BLOB edata_contents;
- ASN1_DATA *data;
- int edata_type;
-
- if (!edata->length) {
- return false;
- }
-
- data = asn1_init(mem_ctx);
- if (data == NULL) {
- return false;
- }
-
- if (!asn1_load(data, *edata)) goto err;
- if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto err;
- if (!asn1_start_tag(data, ASN1_CONTEXT(1))) goto err;
- if (!asn1_read_Integer(data, &edata_type)) goto err;
-
- if (edata_type != KRB5_PADATA_PW_SALT) {
- DEBUG(0,("edata is not of required type %d but of type %d\n",
- KRB5_PADATA_PW_SALT, edata_type));
- goto err;
- }
-
- if (!asn1_start_tag(data, ASN1_CONTEXT(2))) goto err;
- if (!asn1_read_OctetString(data, talloc_tos(), &edata_contents)) goto err;
- if (!asn1_end_tag(data)) goto err;
- if (!asn1_end_tag(data)) goto err;
- if (!asn1_end_tag(data)) goto err;
- asn1_free(data);
-
- *edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length);
-
- data_blob_free(&edata_contents);
-
- return true;
-
- err:
-
- asn1_free(data);
- return false;
-}
-
/**
* @brief Convert a string principal name to a Kerberos principal.
krb5_error_code code,
TALLOC_CTX *mem_ctx);
-bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
- DATA_BLOB *edata,
- DATA_BLOB *edata_out);
-
-
krb5_error_code kt_copy(krb5_context context,
const char *from,
const char *to);
bld.SAMBA_LIBRARY('krb5samba',
source='krb5_samba.c gss_samba.c keytab_util.c enctype_convert.c',
- deps='samba-util asn1util talloc krb5 com_err gssapi' + add_deps,
+ deps='samba-util talloc krb5 com_err gssapi' + add_deps,
private_library=True
)
#include "libads/cldap.h"
#include "secrets.h"
#include "../lib/tsocket/tsocket.h"
+#include "lib/util/asn1.h"
#ifdef HAVE_KRB5
return 0;
}
+static bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
+ DATA_BLOB *edata,
+ DATA_BLOB *edata_out)
+{
+ DATA_BLOB edata_contents;
+ ASN1_DATA *data;
+ int edata_type;
+
+ if (!edata->length) {
+ return false;
+ }
+
+ data = asn1_init(mem_ctx);
+ if (data == NULL) {
+ return false;
+ }
+
+ if (!asn1_load(data, *edata)) goto err;
+ if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) goto err;
+ if (!asn1_start_tag(data, ASN1_CONTEXT(1))) goto err;
+ if (!asn1_read_Integer(data, &edata_type)) goto err;
+
+ if (edata_type != KRB5_PADATA_PW_SALT) {
+ DEBUG(0,("edata is not of required type %d but of type %d\n",
+ KRB5_PADATA_PW_SALT, edata_type));
+ goto err;
+ }
+
+ if (!asn1_start_tag(data, ASN1_CONTEXT(2))) goto err;
+ if (!asn1_read_OctetString(data, talloc_tos(), &edata_contents)) goto err;
+ if (!asn1_end_tag(data)) goto err;
+ if (!asn1_end_tag(data)) goto err;
+ if (!asn1_end_tag(data)) goto err;
+ asn1_free(data);
+
+ *edata_out = data_blob_talloc(mem_ctx, edata_contents.data, edata_contents.length);
+
+ data_blob_free(&edata_contents);
+
+ return true;
+
+ err:
+
+ asn1_free(data);
+ return false;
+}
+
static bool smb_krb5_get_ntstatus_from_krb5_error(krb5_error *error,
NTSTATUS *nt_status)
{
bld.SAMBA3_SUBSYSTEM('KRBCLIENT',
source='libads/kerberos.c libads/ads_status.c',
- public_deps='krb5samba k5crypto gssapi LIBTSOCKET CLDAP LIBNMB')
+ public_deps='krb5samba asn1util k5crypto gssapi LIBTSOCKET CLDAP LIBNMB')
bld.SAMBA3_SUBSYSTEM('samba3util',
source='''lib/system.c