r19604: This is a massive commit, and I appologise in advance for it's size.
commit6009fb21dbb54a39ce0c73e418ae171259f4f05d
authorAndrew Bartlett <abartlet@samba.org>
Tue, 7 Nov 2006 06:59:56 +0000 (7 06:59 +0000)
committerAndrew Bartlett <abartlet@samba.org>
Tue, 7 Nov 2006 06:59:56 +0000 (7 06:59 +0000)
tree8a5325f12257b3db3ab6d89c56cadcb610fa36a8
parent32f86d2663bfe78596bcbf2a5e5a14063e3846e3
r19604: This is a massive commit, and I appologise in advance for it's size.

This merges Samba4 with lorikeet-heimdal, which itself has been
tracking Heimdal CVS for the past couple of weeks.

This is such a big change because Heimdal reorganised it's internal
structures, with the mechglue merge, and because many of our 'wishes' have been granted:  we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code.  We have adapted to upstream's choice of API in these cases.

In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO
PAC.  This matches windows behavour.  We also have an option to
require the PAC to be present (which allows us to automate the testing
of this code).

This also includes a restructure of how the kerberos dependencies are
handled, due to the fallout of the merge.

Andrew Bartlett
265 files changed:
source/auth/credentials/credentials_krb5.h
source/auth/gensec/gensec_gssapi.c
source/auth/gensec/gensec_krb5.c
source/auth/kerberos/kerberos.c
source/auth/kerberos/kerberos_pac.c
source/auth/kerberos/krb5_init_context.c
source/auth/kerberos/krb5_init_context.h
source/dsdb/samdb/cracknames.c
source/heimdal/kdc/524.c
source/heimdal/kdc/default_config.c
source/heimdal/kdc/digest.c [new file with mode: 0644]
source/heimdal/kdc/headers.h
source/heimdal/kdc/kaserver.c
source/heimdal/kdc/kdc-private.h
source/heimdal/kdc/kdc-protos.h
source/heimdal/kdc/kdc.h
source/heimdal/kdc/kerberos4.c
source/heimdal/kdc/kerberos5.c
source/heimdal/kdc/krb5tgs.c [new file with mode: 0644]
source/heimdal/kdc/misc.c
source/heimdal/kdc/pkinit.c
source/heimdal/kdc/process.c
source/heimdal/lib/asn1/CMS.asn1
source/heimdal/lib/asn1/asn1-common.h
source/heimdal/lib/asn1/der-protos.h [new file with mode: 0644]
source/heimdal/lib/asn1/der.h [copied from source/heimdal/lib/gssapi/context_time.c with 50% similarity]
source/heimdal/lib/asn1/der_cmp.c
source/heimdal/lib/asn1/der_copy.c
source/heimdal/lib/asn1/der_format.c
source/heimdal/lib/asn1/der_free.c
source/heimdal/lib/asn1/der_get.c
source/heimdal/lib/asn1/der_length.c
source/heimdal/lib/asn1/der_locl.h
source/heimdal/lib/asn1/der_put.c
source/heimdal/lib/asn1/digest.asn1 [new file with mode: 0644]
source/heimdal/lib/asn1/gen.c
source/heimdal/lib/asn1/gen_copy.c
source/heimdal/lib/asn1/gen_decode.c
source/heimdal/lib/asn1/gen_free.c
source/heimdal/lib/asn1/gen_length.c
source/heimdal/lib/asn1/gen_locl.h
source/heimdal/lib/asn1/gen_seq.c [new file with mode: 0644]
source/heimdal/lib/asn1/heim_asn1.h
source/heimdal/lib/asn1/k5.asn1
source/heimdal/lib/asn1/lex.c
source/heimdal/lib/asn1/main.c
source/heimdal/lib/asn1/parse.c
source/heimdal/lib/asn1/parse.h
source/heimdal/lib/asn1/pkinit.asn1 [new file with mode: 0644]
source/heimdal/lib/asn1/rfc2459.asn1 [new file with mode: 0644]
source/heimdal/lib/asn1/test.asn1
source/heimdal/lib/asn1/timegm.c [copied from source/heimdal/lib/krb5/asn1_glue.c with 57% similarity]
source/heimdal/lib/com_err/lex.c
source/heimdal/lib/com_err/parse.c
source/heimdal/lib/com_err/parse.h
source/heimdal/lib/des/evp.c
source/heimdal/lib/des/evp.h
source/heimdal/lib/des/hmac.c
source/heimdal/lib/des/rand-unix.c [copied from source/heimdal/lib/asn1/gen_locl.h with 51% similarity]
source/heimdal/lib/des/rand.c [copied from source/heimdal/lib/asn1/der_locl.h with 58% similarity]
source/heimdal/lib/des/ui.c
source/heimdal/lib/gssapi/accept_sec_context.c [deleted file]
source/heimdal/lib/gssapi/arcfour.h [deleted file]
source/heimdal/lib/gssapi/gssapi.h [copied from source/heimdal/lib/krb5/misc.c with 90% similarity]
source/heimdal/lib/gssapi/gssapi/gssapi.h [moved from source/heimdal/lib/gssapi/gssapi.h with 88% similarity]
source/heimdal/lib/gssapi/gssapi/gssapi_krb5.h [new file with mode: 0644]
source/heimdal/lib/gssapi/gssapi/gssapi_spnego.h [copied from source/heimdal/lib/roken/strsep.c with 74% similarity]
source/heimdal/lib/gssapi/gssapi_locl.h [deleted file]
source/heimdal/lib/gssapi/gssapi_mech.h [new file with mode: 0644]
source/heimdal/lib/gssapi/init_sec_context.c [deleted file]
source/heimdal/lib/gssapi/inquire_cred.c [deleted file]
source/heimdal/lib/gssapi/krb5/8003.c [moved from source/heimdal/lib/gssapi/8003.c with 88% similarity]
source/heimdal/lib/gssapi/krb5/accept_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/acquire_cred.c [moved from source/heimdal/lib/gssapi/acquire_cred.c with 63% similarity]
source/heimdal/lib/gssapi/krb5/add_cred.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/add_oid_set_member.c [copied from source/heimdal/lib/gssapi/add_oid_set_member.c with 90% similarity]
source/heimdal/lib/gssapi/krb5/address_to_krb5addr.c [moved from source/heimdal/lib/gssapi/address_to_krb5addr.c with 88% similarity]
source/heimdal/lib/gssapi/krb5/arcfour.c [moved from source/heimdal/lib/gssapi/arcfour.c with 73% similarity]
source/heimdal/lib/gssapi/krb5/canonicalize_name.c [copied from source/heimdal/lib/krb5/misc.c with 81% similarity]
source/heimdal/lib/gssapi/krb5/cfx.c [moved from source/heimdal/lib/gssapi/cfx.c with 74% similarity]
source/heimdal/lib/gssapi/krb5/cfx.h [moved from source/heimdal/lib/gssapi/cfx.h with 64% similarity]
source/heimdal/lib/gssapi/krb5/compare_name.c [copied from source/heimdal/lib/gssapi/release_name.c with 75% similarity]
source/heimdal/lib/gssapi/krb5/compat.c [moved from source/heimdal/lib/gssapi/compat.c with 63% similarity]
source/heimdal/lib/gssapi/krb5/context_time.c [copied from source/heimdal/lib/gssapi/context_time.c with 82% similarity]
source/heimdal/lib/gssapi/krb5/copy_ccache.c [moved from source/heimdal/lib/gssapi/copy_ccache.c with 50% similarity]
source/heimdal/lib/gssapi/krb5/create_emtpy_oid_set.c [copied from source/heimdal/lib/gssapi/create_emtpy_oid_set.c with 93% similarity]
source/heimdal/lib/gssapi/krb5/decapsulate.c [moved from source/heimdal/lib/gssapi/decapsulate.c with 91% similarity]
source/heimdal/lib/gssapi/krb5/delete_sec_context.c [moved from source/heimdal/lib/gssapi/delete_sec_context.c with 61% similarity]
source/heimdal/lib/gssapi/krb5/display_name.c [copied from source/heimdal/lib/gssapi/display_name.c with 89% similarity]
source/heimdal/lib/gssapi/krb5/display_status.c [copied from source/heimdal/lib/gssapi/display_status.c with 88% similarity]
source/heimdal/lib/gssapi/krb5/duplicate_name.c [copied from source/heimdal/lib/gssapi/duplicate_name.c with 85% similarity]
source/heimdal/lib/gssapi/krb5/encapsulate.c [moved from source/heimdal/lib/gssapi/encapsulate.c with 87% similarity]
source/heimdal/lib/gssapi/krb5/export_name.c [moved from source/heimdal/lib/gssapi/display_name.c with 59% similarity]
source/heimdal/lib/gssapi/krb5/export_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/external.c [moved from source/heimdal/lib/gssapi/external.c with 67% similarity]
source/heimdal/lib/gssapi/krb5/get_mic.c [moved from source/heimdal/lib/gssapi/get_mic.c with 76% similarity]
source/heimdal/lib/gssapi/krb5/gsskrb5-private.h [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/gsskrb5_locl.h [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/import_name.c [moved from source/heimdal/lib/gssapi/import_name.c with 84% similarity]
source/heimdal/lib/gssapi/krb5/import_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/indicate_mechs.c [moved from source/heimdal/lib/gssapi/create_emtpy_oid_set.c with 77% similarity]
source/heimdal/lib/gssapi/krb5/init.c [moved from source/heimdal/lib/gssapi/init.c with 62% similarity]
source/heimdal/lib/gssapi/krb5/init_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/inquire_context.c [moved from source/heimdal/lib/gssapi/context_time.c with 51% similarity]
source/heimdal/lib/gssapi/krb5/inquire_cred.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/inquire_cred_by_mech.c [copied from source/heimdal/kdc/misc.c with 57% similarity]
source/heimdal/lib/gssapi/krb5/inquire_cred_by_oid.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/inquire_mechs_for_name.c [copied from source/heimdal/lib/gssapi/duplicate_name.c with 74% similarity]
source/heimdal/lib/gssapi/krb5/inquire_names_for_mech.c [moved from source/heimdal/lib/gssapi/add_oid_set_member.c with 62% similarity]
source/heimdal/lib/gssapi/krb5/inquire_sec_context_by_oid.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/process_context_token.c [copied from source/heimdal/lib/gssapi/duplicate_name.c with 65% similarity]
source/heimdal/lib/gssapi/krb5/release_buffer.c [moved from source/heimdal/lib/gssapi/release_buffer.c with 93% similarity]
source/heimdal/lib/gssapi/krb5/release_cred.c [moved from source/heimdal/lib/gssapi/release_cred.c with 66% similarity]
source/heimdal/lib/gssapi/krb5/release_name.c [copied from source/heimdal/lib/gssapi/release_name.c with 88% similarity]
source/heimdal/lib/gssapi/krb5/release_oid_set.c [moved from source/heimdal/lib/gssapi/release_oid_set.c with 93% similarity]
source/heimdal/lib/gssapi/krb5/sequence.c [moved from source/heimdal/lib/gssapi/sequence.c with 97% similarity]
source/heimdal/lib/gssapi/krb5/set_cred_option.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/set_sec_context_option.c [new file with mode: 0644]
source/heimdal/lib/gssapi/krb5/test_oid_set_member.c [moved from source/heimdal/lib/gssapi/test_oid_set_member.c with 82% similarity]
source/heimdal/lib/gssapi/krb5/unwrap.c [moved from source/heimdal/lib/gssapi/unwrap.c with 85% similarity]
source/heimdal/lib/gssapi/krb5/verify_mic.c [moved from source/heimdal/lib/gssapi/verify_mic.c with 82% similarity]
source/heimdal/lib/gssapi/krb5/wrap.c [moved from source/heimdal/lib/gssapi/wrap.c with 57% similarity]
source/heimdal/lib/gssapi/mech/context.h [copied from source/heimdal/lib/roken/getprogname.c with 58% similarity]
source/heimdal/lib/gssapi/mech/cred.h [copied from source/heimdal/lib/roken/getprogname.c with 58% similarity]
source/heimdal/lib/gssapi/mech/gss_accept_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_acquire_cred.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_add_cred.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_add_oid_set_member.c [copied from source/heimdal/lib/gssapi/ccache_name.c with 66% similarity, mode: 0644]
source/heimdal/lib/gssapi/mech/gss_buffer_set.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_canonicalize_name.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_compare_name.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_context_time.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_create_empty_oid_set.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_decapsulate_token.c [copied from source/heimdal/lib/gssapi/duplicate_name.c with 63% similarity]
source/heimdal/lib/gssapi/mech/gss_delete_sec_context.c [copied from source/heimdal/lib/roken/hostent_find_fqdn.c with 53% similarity]
source/heimdal/lib/gssapi/mech/gss_display_name.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_display_status.c [moved from source/heimdal/lib/gssapi/display_status.c with 55% similarity]
source/heimdal/lib/gssapi/mech/gss_duplicate_name.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_duplicate_oid.c [moved from source/heimdal/lib/gssapi/duplicate_name.c with 70% similarity]
source/heimdal/lib/gssapi/mech/gss_encapsulate_token.c [moved from source/heimdal/lib/gssapi/ccache_name.c with 65% similarity, mode: 0644]
source/heimdal/lib/gssapi/mech/gss_export_name.c [copied from source/heimdal/lib/roken/setprogname.c with 54% similarity]
source/heimdal/lib/gssapi/mech/gss_export_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_get_mic.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_import_name.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_import_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_indicate_mechs.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_init_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_inquire_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_inquire_cred.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_inquire_cred_by_mech.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_inquire_cred_by_oid.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_inquire_mechs_for_name.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_inquire_names_for_mech.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_inquire_sec_context_by_oid.c [copied from source/heimdal/lib/roken/signal.c with 54% similarity]
source/heimdal/lib/gssapi/mech/gss_krb5.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_mech_switch.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_names.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_oid_equal.c [copied from source/heimdal/lib/krb5/misc.c with 81% similarity]
source/heimdal/lib/gssapi/mech/gss_process_context_token.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_release_buffer.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_release_cred.c [copied from source/heimdal/lib/roken/getprogname.c with 56% similarity]
source/heimdal/lib/gssapi/mech/gss_release_name.c [copied from source/heimdal/lib/roken/bswap.c with 54% similarity]
source/heimdal/lib/gssapi/mech/gss_release_oid.c [moved from source/heimdal/lib/gssapi/release_name.c with 77% similarity]
source/heimdal/lib/gssapi/mech/gss_release_oid_set.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_seal.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_set_cred_option.c [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/gss_set_sec_context_option.c [copied from source/heimdal/lib/roken/bswap.c with 56% similarity]
source/heimdal/lib/gssapi/mech/gss_sign.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_test_oid_set_member.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_unseal.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_unwrap.c [copied from source/heimdal/lib/roken/getprogname.c with 58% similarity]
source/heimdal/lib/gssapi/mech/gss_utils.c [copied from source/heimdal/lib/roken/bswap.c with 52% similarity]
source/heimdal/lib/gssapi/mech/gss_verify.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_verify_mic.c [copied from source/heimdal/lib/roken/getprogname.c with 59% similarity]
source/heimdal/lib/gssapi/mech/gss_wrap.c [copied from source/heimdal/lib/roken/getprogname.c with 58% similarity]
source/heimdal/lib/gssapi/mech/gss_wrap_size_limit.c [copied from source/heimdal/lib/roken/getprogname.c with 58% similarity]
source/heimdal/lib/gssapi/mech/gssapi.asn1 [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/mech_locl.h [copied from source/heimdal/lib/asn1/der_locl.h with 79% similarity]
source/heimdal/lib/gssapi/mech/mech_switch.h [copied from source/heimdal/lib/roken/getprogname.c with 58% similarity]
source/heimdal/lib/gssapi/mech/mechqueue.h [new file with mode: 0644]
source/heimdal/lib/gssapi/mech/name.h [copied from source/heimdal/lib/roken/freeaddrinfo.c with 55% similarity]
source/heimdal/lib/gssapi/mech/utils.h [copied from source/heimdal/lib/roken/getprogname.c with 58% similarity]
source/heimdal/lib/gssapi/spnego.asn1 [deleted file]
source/heimdal/lib/gssapi/spnego/accept_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/spnego/compat.c [new file with mode: 0644]
source/heimdal/lib/gssapi/spnego/context_stubs.c [new file with mode: 0644]
source/heimdal/lib/gssapi/spnego/cred_stubs.c [new file with mode: 0644]
source/heimdal/lib/gssapi/spnego/external.c [new file with mode: 0644]
source/heimdal/lib/gssapi/spnego/init_sec_context.c [new file with mode: 0644]
source/heimdal/lib/gssapi/spnego/spnego-private.h [new file with mode: 0644]
source/heimdal/lib/gssapi/spnego/spnego.asn1 [new file with mode: 0644]
source/heimdal/lib/gssapi/spnego/spnego_locl.h [copied from source/heimdal/lib/roken/signal.c with 50% similarity]
source/heimdal/lib/hdb/db.c
source/heimdal/lib/hdb/ext.c
source/heimdal/lib/hdb/hdb-protos.h
source/heimdal/lib/hdb/hdb.asn1
source/heimdal/lib/hdb/hdb.c
source/heimdal/lib/hdb/hdb.h
source/heimdal/lib/hdb/keys.c
source/heimdal/lib/hdb/keytab.c
source/heimdal/lib/krb5/acache.c
source/heimdal/lib/krb5/addr_families.c
source/heimdal/lib/krb5/asn1_glue.c
source/heimdal/lib/krb5/cache.c
source/heimdal/lib/krb5/context.c
source/heimdal/lib/krb5/crypto.c
source/heimdal/lib/krb5/data.c
source/heimdal/lib/krb5/expand_hostname.c
source/heimdal/lib/krb5/get_cred.c
source/heimdal/lib/krb5/get_for_creds.c
source/heimdal/lib/krb5/get_host_realm.c
source/heimdal/lib/krb5/get_in_tkt.c
source/heimdal/lib/krb5/heim_err.c [new file with mode: 0644]
source/heimdal/lib/krb5/heim_threads.h
source/heimdal/lib/krb5/init_creds.c
source/heimdal/lib/krb5/init_creds_pw.c
source/heimdal/lib/krb5/k524_err.c [new file with mode: 0644]
source/heimdal/lib/krb5/krb5-private.h
source/heimdal/lib/krb5/krb5-protos.h
source/heimdal/lib/krb5/krb5.h
source/heimdal/lib/krb5/krb5_err.c [new file with mode: 0644]
source/heimdal/lib/krb5/krb5_locl.h
source/heimdal/lib/krb5/krbhst.c
source/heimdal/lib/krb5/misc.c
source/heimdal/lib/krb5/mit_glue.c
source/heimdal/lib/krb5/pkinit.c
source/heimdal/lib/krb5/principal.c
source/heimdal/lib/krb5/rd_cred.c
source/heimdal/lib/krb5/rd_rep.c
source/heimdal/lib/krb5/rd_req.c
source/heimdal/lib/krb5/send_to_kdc.c
source/heimdal/lib/krb5/set_default_realm.c
source/heimdal/lib/krb5/store.c
source/heimdal/lib/krb5/store_fd.c
source/heimdal/lib/krb5/ticket.c
source/heimdal/lib/roken/bswap.c
source/heimdal/lib/roken/copyhostent.c
source/heimdal/lib/roken/freeaddrinfo.c
source/heimdal/lib/roken/freehostent.c
source/heimdal/lib/roken/gai_strerror.c
source/heimdal/lib/roken/getaddrinfo.c
source/heimdal/lib/roken/getipnodebyaddr.c
source/heimdal/lib/roken/getipnodebyname.c
source/heimdal/lib/roken/getprogname.c
source/heimdal/lib/roken/hex.c
source/heimdal/lib/roken/hostent_find_fqdn.c
source/heimdal/lib/roken/inet_aton.c
source/heimdal/lib/roken/issuid.c
source/heimdal/lib/roken/resolve.c
source/heimdal/lib/roken/roken.h
source/heimdal/lib/roken/setprogname.c
source/heimdal/lib/roken/signal.c
source/heimdal/lib/roken/strsep.c
source/heimdal/lib/roken/strsep_copy.c
source/heimdal_build/asn1_deps.pl
source/heimdal_build/config.mk
source/kdc/hdb-ldb.c
source/kdc/kdc.c
source/kdc/kdc.h
source/kdc/kpasswdd.c
source/kdc/pac-glue.c
source/smbd/process_single.c
source/smbd/process_standard.c
source/static_deps.mk
source/torture/auth/pac.c