The branch, v3-6-test has been updated
       via  bc593e2 s3-libsmb: Remove obsolete smb_krb5_locate_kdc.
      from  a9fc50f s3: Fix #9037, BSD has -lmd instead of -lmd5

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -----------------------------------------------------------------
commit bc593e2ddfb33d88d2b58a0e721d448bbd30426c
Author: Andreas Schneider <a...@samba.org>
Date:   Wed Nov 30 17:58:30 2011 +0100

    s3-libsmb: Remove obsolete smb_krb5_locate_kdc.
    
    Signed-off-by: Günther Deschner <g...@samba.org>
    Signed-off-by: Andreas Schneider <a...@samba.org>
    
    Fix bug #9111 - Fix compilation with newer MIT kerberos which hides internal
    symbols.

-----------------------------------------------------------------------

Summary of changes:
 source3/configure.in          |    1 -
 source3/include/krb5_protos.h |    4 --
 source3/libsmb/clikrb5.c      |   89 -----------------------------------------
 source3/utils/net_lookup.c    |   42 +++++++++++---------
 source3/wscript               |    2 +-
 5 files changed, 24 insertions(+), 114 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/configure.in b/source3/configure.in
index 11cb33d..aae2be0 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -3871,7 +3871,6 @@ if test x"$with_ads_support" != x"no"; then
   AC_CHECK_FUNC_EXT(krb5_string_to_key_salt, $KRB5_LIBS)
   AC_CHECK_FUNC_EXT(krb5_auth_con_setkey, $KRB5_LIBS)
   AC_CHECK_FUNC_EXT(krb5_auth_con_setuseruserkey, $KRB5_LIBS)
-  AC_CHECK_FUNC_EXT(krb5_locate_kdc, $KRB5_LIBS)
   AC_CHECK_FUNC_EXT(krb5_get_permitted_enctypes, $KRB5_LIBS)
   AC_CHECK_FUNC_EXT(krb5_get_default_in_tkt_etypes, $KRB5_LIBS)
   AC_CHECK_FUNC_EXT(krb5_free_data_contents, $KRB5_LIBS)
diff --git a/source3/include/krb5_protos.h b/source3/include/krb5_protos.h
index 7b53389..55e353d 100644
--- a/source3/include/krb5_protos.h
+++ b/source3/include/krb5_protos.h
@@ -71,10 +71,6 @@ bool setup_kaddr( krb5_address *pkaddr, struct 
sockaddr_storage *paddr);
 int create_kerberos_key_from_string(krb5_context context, krb5_principal 
host_princ, krb5_data *password, krb5_keyblock *key, krb5_enctype enctype, bool 
no_salt);
 bool get_auth_data_from_tkt(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, 
krb5_ticket *tkt);
 krb5_const_principal get_principal_from_tkt(krb5_ticket *tkt);
-krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, 
struct sockaddr **addr_pp, int *naddrs, int get_masters);
-#if defined(HAVE_KRB5_LOCATE_KDC)
-krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, 
struct sockaddr **addr_pp, int *naddrs, int get_masters);
-#endif
 krb5_error_code get_kerberos_allowed_etypes(krb5_context context, krb5_enctype 
**enctypes);
 bool get_krb5_smb_session_key(TALLOC_CTX *mem_ctx,
                              krb5_context context,
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c
index b0743e4..7958205 100644
--- a/source3/libsmb/clikrb5.c
+++ b/source3/libsmb/clikrb5.c
@@ -488,95 +488,6 @@ bool unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, 
DATA_BLOB *unwrapped_
 #endif
 }
 
-#if !defined(HAVE_KRB5_LOCATE_KDC)
-
-/* krb5_locate_kdc is an internal MIT symbol. MIT are not yet willing to commit
- * to a public interface for this functionality, so we have to be able to live
- * without it if the MIT libraries are hiding their internal symbols.
- */
-
-#if defined(KRB5_KRBHST_INIT)
-/* Heimdal */
- krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, 
struct sockaddr **addr_pp, int *naddrs, int get_masters)
-{
-       krb5_krbhst_handle hnd;
-       krb5_krbhst_info *hinfo;
-       krb5_error_code rc;
-       int num_kdcs, i;
-       struct sockaddr *sa;
-       struct addrinfo *ai;
-
-       *addr_pp = NULL;
-       *naddrs = 0;
-
-       rc = krb5_krbhst_init(ctx, realm->data, KRB5_KRBHST_KDC, &hnd);
-       if (rc) {
-               DEBUG(0, ("smb_krb5_locate_kdc: krb5_krbhst_init failed 
(%s)\n", error_message(rc)));
-               return rc;
-       }
-
-       for ( num_kdcs = 0; (rc = krb5_krbhst_next(ctx, hnd, &hinfo) == 0); 
num_kdcs++)
-               ;
-
-       krb5_krbhst_reset(ctx, hnd);
-
-       if (!num_kdcs) {
-               DEBUG(0, ("smb_krb5_locate_kdc: zero kdcs found !\n"));
-               krb5_krbhst_free(ctx, hnd);
-               return -1;
-       }
-
-       sa = SMB_MALLOC_ARRAY( struct sockaddr, num_kdcs );
-       if (!sa) {
-               DEBUG(0, ("smb_krb5_locate_kdc: malloc failed\n"));
-               krb5_krbhst_free(ctx, hnd);
-               naddrs = 0;
-               return -1;
-       }
-
-       memset(sa, '\0', sizeof(struct sockaddr) * num_kdcs );
-
-       for (i = 0; i < num_kdcs && (rc = krb5_krbhst_next(ctx, hnd, &hinfo) == 
0); i++) {
-
-#if defined(HAVE_KRB5_KRBHST_GET_ADDRINFO)
-               rc = krb5_krbhst_get_addrinfo(ctx, hinfo, &ai);
-               if (rc) {
-                       DEBUG(0,("krb5_krbhst_get_addrinfo failed: %s\n", 
error_message(rc)));
-                       continue;
-               }
-#endif
-               if (hinfo->ai && hinfo->ai->ai_family == AF_INET) 
-                       memcpy(&sa[i], hinfo->ai->ai_addr, sizeof(struct 
sockaddr));
-       }
-
-       krb5_krbhst_free(ctx, hnd);
-
-       *naddrs = num_kdcs;
-       *addr_pp = sa;
-       return 0;
-}
-
-#else /* ! defined(KRB5_KRBHST_INIT) */
-
- krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm,
-               struct sockaddr **addr_pp, int *naddrs, int get_masters)
-{
-       DEBUG(0, ("unable to explicitly locate the KDC on this platform\n"));
-       return KRB5_KDC_UNREACH;
-}
-
-#endif /* KRB5_KRBHST_INIT */
-
-#else /* ! HAVE_KRB5_LOCATE_KDC */
-
- krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm,
-               struct sockaddr **addr_pp, int *naddrs, int get_masters)
-{
-       return krb5_locate_kdc(ctx, realm, addr_pp, naddrs, get_masters);
-}
-
-#endif /* HAVE_KRB5_LOCATE_KDC */
-
 #if !defined(HAVE_KRB5_FREE_UNPARSED_NAME)
  void krb5_free_unparsed_name(krb5_context context, char *val)
 {
diff --git a/source3/utils/net_lookup.c b/source3/utils/net_lookup.c
index 06aedbd..7150254 100644
--- a/source3/utils/net_lookup.c
+++ b/source3/utils/net_lookup.c
@@ -276,10 +276,11 @@ static int net_lookup_kdc(struct net_context *c, int 
argc, const char **argv)
 #ifdef HAVE_KRB5
        krb5_error_code rc;
        krb5_context ctx;
-       struct sockaddr_in *addrs;
-       int num_kdcs,i;
-       krb5_data realm;
-       char **realms;
+       struct ip_service *kdcs;
+       const char *realm;
+       int num_kdcs = 0;
+       int i;
+       NTSTATUS status;
 
        initialize_krb5_error_table();
        rc = krb5_init_context(&ctx);
@@ -289,34 +290,37 @@ static int net_lookup_kdc(struct net_context *c, int 
argc, const char **argv)
                return -1;
        }
 
-       if (argc>0) {
-                realm.data = CONST_DISCARD(char *, argv[0]);
-               realm.length = strlen(argv[0]);
+       if (argc > 0) {
+                realm = argv[0];
        } else if (lp_realm() && *lp_realm()) {
-               realm.data = lp_realm();
-               realm.length = strlen((const char *)realm.data);
+               realm = lp_realm();
        } else {
+               char **realms;
+
                rc = krb5_get_host_realm(ctx, NULL, &realms);
                if (rc) {
                        DEBUG(1,("krb5_gethost_realm failed (%s)\n",
                                 error_message(rc)));
                        return -1;
                }
-               realm.data = (char *) *realms;
-               realm.length = strlen((const char *)realm.data);
+               realm = (const char *) *realms;
        }
 
-       rc = smb_krb5_locate_kdc(ctx, &realm, (struct sockaddr **)(void 
*)&addrs, &num_kdcs, 0);
-       if (rc) {
-               DEBUG(1, ("smb_krb5_locate_kdc failed (%s)\n", 
error_message(rc)));
+       status = get_kdc_list(realm, NULL, &kdcs, &num_kdcs);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(1,("get_kdc_list failed (%s)\n", nt_errstr(status)));
                return -1;
        }
-       for (i=0;i<num_kdcs;i++)
-               if (addrs[i].sin_family == AF_INET)
-                       d_printf("%s:%hd\n", inet_ntoa(addrs[i].sin_addr),
-                                ntohs(addrs[i].sin_port));
-       return 0;
 
+       for (i = 0; i < num_kdcs; i++) {
+               char addr[INET6_ADDRSTRLEN];
+
+               print_sockaddr(addr, sizeof(addr), &kdcs[i].ss);
+
+               d_printf("%s:%hd\n", addr, kdcs[i].port);
+       }
+
+       return 0;
 #endif
        DEBUG(1, ("No kerberos support\n"));
        return -1;
diff --git a/source3/wscript b/source3/wscript
index 0d32561..1ea3559 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -639,7 +639,7 @@ msg.msg_acctrightslen = sizeof(fd);
 krb5_set_real_time krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
 krb5_set_default_tgs_ktypes krb5_principal2salt krb5_use_enctype
 krb5_string_to_key krb5_get_pw_salt krb5_string_to_key_salt 
krb5_auth_con_setkey
-krb5_auth_con_setuseruserkey krb5_locate_kdc krb5_get_permitted_enctypes
+krb5_auth_con_setuseruserkey krb5_get_permitted_enctypes
 krb5_get_default_in_tkt_etypes krb5_free_data_contents
 krb5_principal_get_comp_string krb5_free_unparsed_name
 krb5_free_keytab_entry_contents krb5_kt_free_entry krb5_krbhst_init


-- 
Samba Shared Repository

Reply via email to