The branch, master has been updated
via 8a882b6... Remove gen_negTokenTarg(), as it's not actually creating
a TokenTarg frame, but a TokenInit one. Move to using spnego_gen_negTokenInit()
instead.
from 6687449... Fixes pointed out by <[email protected]>. Free
memory if not being returned to caller. Remove unneeded asn1_tag_remaining()
calls.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8a882b645c7913a12776065d239cd97d0628108c
Author: Jeremy Allison <[email protected]>
Date: Tue Jul 20 11:04:19 2010 -0700
Remove gen_negTokenTarg(), as it's not actually creating a TokenTarg frame,
but a TokenInit one.
Move to using spnego_gen_negTokenInit() instead.
Jeremy
-----------------------------------------------------------------------
Summary of changes:
source3/libads/sasl.c | 2 +-
source3/libsmb/clifsinfo.c | 2 +-
source3/libsmb/clispnego.c | 48 +-------------------------------------------
3 files changed, 3 insertions(+), 49 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index b314eb9..277231b 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -508,7 +508,7 @@ static ADS_STATUS ads_sasl_spnego_gsskrb5_bind(ADS_STRUCT
*ads, const gss_name_t
/* and wrap that in a shiny SPNEGO wrapper */
unwrapped = data_blob_const(output_token.value, output_token.length);
- wrapped = gen_negTokenTarg(spnego_mechs, unwrapped);
+ wrapped = spnego_gen_negTokenInit(spnego_mechs, &unwrapped, NULL);
gss_release_buffer(&minor_status, &output_token);
if (unwrapped.length > wrapped.length) {
status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c
index 2274df4..3c8e544 100644
--- a/source3/libsmb/clifsinfo.c
+++ b/source3/libsmb/clifsinfo.c
@@ -801,7 +801,7 @@ static NTSTATUS make_cli_gss_blob(struct
smb_trans_enc_state *es,
blob_out = data_blob(tok_out.value, tok_out.length);
/* Wrap in an SPNEGO wrapper */
- *p_blob_out = gen_negTokenTarg(krb_mechs, blob_out);
+ *p_blob_out = spnego_gen_negTokenInit(krb_mechs, &blob_out, NULL);
fail:
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 891f080..99d5b88 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -214,52 +214,6 @@ bool spnego_parse_negTokenInit(DATA_BLOB blob,
}
/*
- generate a negTokenTarg packet given a list of OIDs and a security blob
-*/
-DATA_BLOB gen_negTokenTarg(const char *OIDs[], DATA_BLOB blob)
-{
- int i;
- ASN1_DATA *data;
- DATA_BLOB ret;
-
- data = asn1_init(talloc_tos());
- if (data == NULL) {
- return data_blob_null;
- }
-
- asn1_push_tag(data, ASN1_APPLICATION(0));
- asn1_write_OID(data,OID_SPNEGO);
- asn1_push_tag(data, ASN1_CONTEXT(0));
- asn1_push_tag(data, ASN1_SEQUENCE(0));
-
- asn1_push_tag(data, ASN1_CONTEXT(0));
- asn1_push_tag(data, ASN1_SEQUENCE(0));
- for (i=0; OIDs[i]; i++) {
- asn1_write_OID(data,OIDs[i]);
- }
- asn1_pop_tag(data);
- asn1_pop_tag(data);
-
- asn1_push_tag(data, ASN1_CONTEXT(2));
- asn1_write_OctetString(data,blob.data,blob.length);
- asn1_pop_tag(data);
-
- asn1_pop_tag(data);
- asn1_pop_tag(data);
-
- asn1_pop_tag(data);
-
- if (data->has_error) {
- DEBUG(1,("Failed to build negTokenTarg at offset %d\n",
(int)data->ofs));
- }
-
- ret = data_blob(data->data, data->length);
- asn1_free(data);
-
- return ret;
-}
-
-/*
generate a krb5 GSS-API wrapper packet given a ticket
*/
DATA_BLOB spnego_gen_krb5_wrap(const DATA_BLOB ticket, const uint8 tok_id[2])
@@ -357,7 +311,7 @@ int spnego_gen_negTokenTarg(const char *principal, int
time_offset,
tkt_wrapped = spnego_gen_krb5_wrap(tkt, TOK_ID_KRB_AP_REQ);
/* and wrap that in a shiny SPNEGO wrapper */
- *targ = gen_negTokenTarg(krb_mechs, tkt_wrapped);
+ *targ = spnego_gen_negTokenInit(krb_mechs, &tkt_wrapped, NULL);
data_blob_free(&tkt_wrapped);
data_blob_free(&tkt);
--
Samba Shared Repository
