diff options
| author | Russ Allbery <rra@stanford.edu> | 2010-02-08 19:41:27 -0800 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2010-02-08 19:41:27 -0800 |
| commit | b093893870d56cd460b16645496ec6c30c62a02f (patch) | |
| tree | 9867d49c01ce40ce1ae8d34e5077892ee96788db | |
| parent | 9578292176bef1e1d71cdecd9c2b8d797f6586de (diff) | |
Initial port to Heimdal
Just get the client code to compile with Heimdal. This will need more
work later to use my regular Kerberos portability layer.
| -rw-r--r-- | client/keytab.c | 4 | ||||
| -rw-r--r-- | client/srvtab.c | 13 | ||||
| -rw-r--r-- | configure.ac | 4 |
3 files changed, 21 insertions, 0 deletions
diff --git a/client/keytab.c b/client/keytab.c index 2d31a27..bdd0134 100644 --- a/client/keytab.c +++ b/client/keytab.c @@ -47,7 +47,11 @@ merge_keytab(krb5_context ctx, const char *newfile, const char *file) status = krb5_kt_add_entry(ctx, old, &entry); if (status != 0) die_krb5(ctx, status, "cannot write to keytab %s", file); +#ifdef HAVE_KRB5_KT_FREE_ENTRY + krb5_kt_free_entry(ctx, &entry); +#else krb5_free_keytab_entry_contents(ctx, &entry); +#endif } if (status != KRB5_KT_END) die_krb5(ctx, status, "error reading temporary keytab %s", newfile); diff --git a/client/srvtab.c b/client/srvtab.c index 0cca70d..a01026e 100644 --- a/client/srvtab.c +++ b/client/srvtab.c @@ -58,8 +58,13 @@ write_srvtab(krb5_context ctx, const char *srvtab, const char *principal, ret = krb5_kt_get_entry(ctx, kt, princ, 0, ENCTYPE_DES_CBC_CRC, &entry); if (ret != 0) die_krb5(ctx, ret, "error reading DES key from keytab %s", keytab); +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK + if (entry.keyblock.keyvalue.length != 8) + die("invalid DES key length in keytab"); +#else if (entry.key.length != 8) die("invalid DES key length in keytab"); +#endif krb5_kt_close(ctx, kt); /* Convert the principal to a Kerberos v4 principal. */ @@ -80,9 +85,17 @@ write_srvtab(krb5_context ctx, const char *srvtab, const char *principal, length += strlen(realm); data[length++] = '\0'; data[length++] = '\0'; +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK + memcpy(data + length, entry.keyblock.keyvalue.data, 8); +#else memcpy(data + length, entry.key.contents, 8); +#endif length += 8; +#ifdef HAVE_KRB5_KT_FREE_ENTRY + krb5_kt_free_entry(ctx, &entry); +#else krb5_free_keytab_entry_contents(ctx, &entry); +#endif /* Write out the srvtab file. */ write_file(srvtab, data, length); diff --git a/configure.ac b/configure.ac index bada657..bc55ad0 100644 --- a/configure.ac +++ b/configure.ac @@ -45,6 +45,10 @@ AC_ARG_WITH([wallet-port], RRA_LIB_REMCTL RRA_LIB_KRB5 +RRA_LIB_KRB5_SWITCH +AC_CHECK_FUNCS([krb5_kt_free_entry]) +AC_CHECK_MEMBERS([krb5_keytab_entry.keyblock], , , [#include <krb5.h>]) +RRA_LIB_KRB5_RESTORE RRA_LIB_AFS AS_IF([test x"$rra_afs" = xtrue], [RRA_LIB_KRB4 |