root/source4/auth/kerberos/clikrb5.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. create_kerberos_key_from_string
  2. create_kerberos_key_from_string
  3. kerberos_free_data_contents
  4. smb_krb5_kt_free_entry
  5. smb_get_krb5_error_message

   1 /* 
   2    Unix SMB/CIFS implementation.
   3    simple kerberos5 routines for active directory
   4    Copyright (C) Andrew Tridgell 2001
   5    Copyright (C) Luke Howard 2002-2003
   6    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
   7   
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12    
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17    
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21 
  22 #include "includes.h"
  23 #include "system/network.h"
  24 #include "system/kerberos.h"
  25 #include "system/time.h"
  26 #include "auth/kerberos/kerberos.h"
  27 
  28 #ifdef HAVE_KRB5
  29 
  30 #if defined(HAVE_KRB5_PRINCIPAL2SALT) && defined(HAVE_KRB5_USE_ENCTYPE) && defined(HAVE_KRB5_STRING_TO_KEY) && defined(HAVE_KRB5_ENCRYPT_BLOCK)
  31  int create_kerberos_key_from_string(krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
  32                                         krb5_principal host_princ,
  33                                         krb5_data *password,
  34                                         krb5_keyblock *key,
  35                                         krb5_enctype enctype)
  36 {
  37         int ret;
  38         krb5_data salt;
  39         krb5_encrypt_block eblock;
  40 
  41         ret = krb5_principal2salt(context, host_princ, &salt);
  42         if (ret) {
  43                 DEBUG(1,("krb5_principal2salt failed (%s)\n", error_message(ret)));
  44                 return ret;
  45         }
  46         krb5_use_enctype(context, &eblock, enctype);
  47         ret = krb5_string_to_key(context, &eblock, key, password, &salt);
  48         SAFE_FREE(salt.data);
  49         return ret;
  50 }
  51 #elif defined(HAVE_KRB5_GET_PW_SALT) && defined(HAVE_KRB5_STRING_TO_KEY_SALT)
  52  int create_kerberos_key_from_string(krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
  53                                         krb5_principal host_princ,
  54                                         krb5_data *password,
  55                                         krb5_keyblock *key,
  56                                         krb5_enctype enctype)
  57 {
  58         int ret;
  59         krb5_salt salt;
  60 
  61         ret = krb5_get_pw_salt(context, host_princ, &salt);
  62         if (ret) {
  63                 DEBUG(1,("krb5_get_pw_salt failed (%s)\n", error_message(ret)));
  64                 return ret;
  65         }
  66         ret = krb5_string_to_key_salt(context, enctype, password->data,
  67                                       salt, key);
  68         krb5_free_salt(context, salt);
  69         return ret;
  70 }
  71 #else
  72 #error UNKNOWN_CREATE_KEY_FUNCTIONS
  73 #endif
  74 
  75  void kerberos_free_data_contents(krb5_context context, krb5_data *pdata)
     /* [<][>][^][v][top][bottom][index][help] */
  76 {
  77 #if defined(HAVE_KRB5_FREE_DATA_CONTENTS)
  78         if (pdata->data) {
  79                 krb5_free_data_contents(context, pdata);
  80         }
  81 #else
  82         SAFE_FREE(pdata->data);
  83 #endif
  84 }
  85 
  86  krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry)
     /* [<][>][^][v][top][bottom][index][help] */
  87 {
  88 #if defined(HAVE_KRB5_KT_FREE_ENTRY)
  89         return krb5_kt_free_entry(context, kt_entry);
  90 #elif defined(HAVE_KRB5_FREE_KEYTAB_ENTRY_CONTENTS)
  91         return krb5_free_keytab_entry_contents(context, kt_entry);
  92 #else
  93 #error UNKNOWN_KT_FREE_FUNCTION
  94 #endif
  95 }
  96 
  97  char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx) 
     /* [<][>][^][v][top][bottom][index][help] */
  98 {
  99         char *ret;
 100         
 101 #if defined(HAVE_KRB5_GET_ERROR_STRING) && defined(HAVE_KRB5_FREE_ERROR_STRING)         
 102         char *context_error = krb5_get_error_string(context);
 103         if (context_error) {
 104                 ret = talloc_asprintf(mem_ctx, "%s: %s", error_message(code), context_error);
 105                 krb5_free_error_string(context, context_error);
 106                 return ret;
 107         }
 108 #endif
 109         ret = talloc_strdup(mem_ctx, error_message(code));
 110         return ret;
 111 }
 112 
 113 #endif

/* [<][>][^][v][top][bottom][index][help] */