/*
- Copyright (c) 2004 The Regents of the University of Michigan.
+ Copyright (c) 2004-2006 The Regents of the University of Michigan.
All rights reserved.
Redistribution and use in source and binary forms, with or without
#include "config.h"
+#ifndef HAVE_LUCID_CONTEXT_SUPPORT
#ifdef HAVE_HEIMDAL
#include <stdio.h>
#include <syslog.h>
#include <string.h>
#include <errno.h>
-#include <gssapi.h>
#include <krb5.h>
+#include <gssapi.h> /* Must use the heimdal copy! */
+#ifdef HAVE_COM_ERR_H
#include <com_err.h>
+#endif
#include "err_util.h"
#include "gss_oids.h"
#include "write_bytes.h"
-#define MAX_CTX_LEN 4096
-
int write_heimdal_keyblock(char **p, char *end, krb5_keyblock *key)
{
gss_buffer_desc tmp;
if ((ret = krb5_init_context(&context))) {
printerr(0, "ERROR: initializing krb5_context: %s\n",
- error_message(ret));
+ gssd_k5_err_msg(NULL, ret));
goto out_err;
}
if ((ret = krb5_auth_con_getlocalsubkey(context,
ctx->auth_context, &key))){
printerr(0, "ERROR: getting auth_context key: %s\n",
- error_message(ret));
+ gssd_k5_err_msg(context, ret));
goto out_err_free_context;
}
memset(&enc_key, 0, sizeof(enc_key));
- printerr(1, "WARN: write_heimdal_enc_key: "
- "overriding heimdal keytype\n");
- enc_key.keytype = 4 /* XXX XXX XXX XXX key->keytype */;
+ enc_key.keytype = key->keytype;
+ /* XXX current kernel code only handles des-cbc-raw (4) */
+ if (enc_key.keytype != 4) {
+ printerr(1, "WARN: write_heimdal_enc_key: "
+ "overriding heimdal keytype (%d => %d)\n",
+ enc_key.keytype, 4);
+ enc_key.keytype = 4;
+ }
enc_key.keyvalue.length = key->keyvalue.length;
if ((enc_key.keyvalue.data =
calloc(1, enc_key.keyvalue.length)) == NULL) {
printerr(0, "ERROR: allocating memory for enc key: %s\n",
- error_message(ENOMEM));
+ gssd_k5_err_msg(context, ENOMEM));
goto out_err_free_key;
}
skd = (char *) key->keyvalue.data;
if ((ret = krb5_init_context(&context))) {
printerr(0, "ERROR: initializing krb5_context: %s\n",
- error_message(ret));
+ gssd_k5_err_msg(NULL, ret));
goto out_err;
}
if ((ret = krb5_auth_con_getlocalsubkey(context,
ctx->auth_context, &key))){
printerr(0, "ERROR: getting auth_context key: %s\n",
- error_message(ret));
+ gssd_k5_err_msg(context, ret));
goto out_err_free_context;
}
- printerr(1, "WARN: write_heimdal_seq_key: "
- "overriding heimdal keytype\n");
- key->keytype = 4; /* XXX XXX XXX XXX XXX */
+ /* XXX current kernel code only handles des-cbc-raw (4) */
+ if (key->keytype != 4) {
+ printerr(1, "WARN: write_heimdal_seq_key: "
+ "overriding heimdal keytype (%d => %d)\n",
+ key->keytype, 4);
+ key->keytype = 4;
+ }
if (write_heimdal_keyblock(p, end, key)) {
goto out_err_free_key;
*/
int
-serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf)
+serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf, int32_t *endtime)
{
char *p, *end;
/* endtime */
if (WRITE_BYTES(&p, end, ctx->lifetime)) goto out_err;
+ if (endtime)
+ *endtime = ctx->lifetime;
+
/* seq_send */
if (WRITE_BYTES(&p, end, ctx->auth_context->local_seqnumber))
goto out_err;
}
#endif /* HAVE_HEIMDAL */
+#endif /* HAVE_LUCID_CONTEXT_SUPPORT */
projects / nfs-utils.git / blobdiff