svn rev #25352: trunk/src/ include/krb5/ lib/krb5/krb/
ghudson@MIT.EDU
ghudson at MIT.EDU
Sat Oct 15 12:26:27 EDT 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25352
Commit By: ghudson
Log Message:
Rename PAC type constants to avoid conflicts.
Since the PAC type constants are now exposed in krb5.h, give them a
KRB5_ prefix so they don't conflict with similar PAC type constants
in other packages, like Samba.
Changed Files:
U trunk/src/include/krb5/krb5.hin
U trunk/src/lib/krb5/krb/pac.c
U trunk/src/lib/krb5/krb/pac_sign.c
Modified: trunk/src/include/krb5/krb5.hin
===================================================================
--- trunk/src/include/krb5/krb5.hin 2011-10-15 16:06:03 UTC (rev 25351)
+++ trunk/src/include/krb5/krb5.hin 2011-10-15 16:26:27 UTC (rev 25352)
@@ -7355,13 +7355,13 @@
*/
/* Microsoft defined types of data */
-#define PAC_LOGON_INFO 1 /**< Logon information */
-#define PAC_CREDENTIALS_INFO 2 /**< Credentials information */
-#define PAC_SERVER_CHECKSUM 6 /**< Server checksum */
-#define PAC_PRIVSVR_CHECKSUM 7 /**< KDC checksum */
-#define PAC_CLIENT_INFO 10 /**< Client name and ticket information */
-#define PAC_DELEGATION_INFO 11 /**< Constrained delegation information */
-#define PAC_UPN_DNS_INFO 12 /**< User principal name and DNS information */
+#define KRB5_PAC_LOGON_INFO 1 /**< Logon information */
+#define KRB5_PAC_CREDENTIALS_INFO 2 /**< Credentials information */
+#define KRB5_PAC_SERVER_CHECKSUM 6 /**< Server checksum */
+#define KRB5_PAC_PRIVSVR_CHECKSUM 7 /**< KDC checksum */
+#define KRB5_PAC_CLIENT_INFO 10 /**< Client name and ticket info */
+#define KRB5_PAC_DELEGATION_INFO 11 /**< Constrained delegation info */
+#define KRB5_PAC_UPN_DNS_INFO 12 /**< User principal name and DNS info */
struct krb5_pac_data;
/** PAC data structure to convey authorization information */
Modified: trunk/src/lib/krb5/krb/pac.c
===================================================================
--- trunk/src/lib/krb5/krb/pac.c 2011-10-15 16:06:03 UTC (rev 25351)
+++ trunk/src/lib/krb5/krb/pac.c 2011-10-15 16:26:27 UTC (rev 25352)
@@ -425,7 +425,8 @@
krb5_int64 pac_nt_authtime;
krb5_principal pac_principal;
- ret = k5_pac_locate_buffer(context, pac, PAC_CLIENT_INFO, &client_info);
+ ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_CLIENT_INFO,
+ &client_info);
if (ret != 0)
return ret;
@@ -481,7 +482,8 @@
PAC_INFO_BUFFER *buffer = NULL;
size_t i;
- assert(type == PAC_SERVER_CHECKSUM || type == PAC_PRIVSVR_CHECKSUM);
+ assert(type == KRB5_PAC_SERVER_CHECKSUM ||
+ type == KRB5_PAC_PRIVSVR_CHECKSUM);
assert(data->length >= pac->data.length);
for (i = 0; i < pac->pac->cBuffers; i++) {
@@ -520,8 +522,8 @@
krb5_boolean valid;
krb5_octet *p;
- ret = k5_pac_locate_buffer(context, pac,
- PAC_SERVER_CHECKSUM, &checksum_data);
+ ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM,
+ &checksum_data);
if (ret != 0)
return ret;
@@ -543,15 +545,15 @@
memcpy(pac_data.data, pac->data.data, pac->data.length);
/* Zero out both checksum buffers */
- ret = k5_pac_zero_signature(context, pac,
- PAC_SERVER_CHECKSUM, &pac_data);
+ ret = k5_pac_zero_signature(context, pac, KRB5_PAC_SERVER_CHECKSUM,
+ &pac_data);
if (ret != 0) {
free(pac_data.data);
return ret;
}
- ret = k5_pac_zero_signature(context, pac,
- PAC_PRIVSVR_CHECKSUM, &pac_data);
+ ret = k5_pac_zero_signature(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM,
+ &pac_data);
if (ret != 0) {
free(pac_data.data);
return ret;
@@ -584,16 +586,16 @@
krb5_boolean valid;
krb5_octet *p;
- ret = k5_pac_locate_buffer(context, pac,
- PAC_PRIVSVR_CHECKSUM, &privsvr_checksum);
+ ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM,
+ &privsvr_checksum);
if (ret != 0)
return ret;
if (privsvr_checksum.length < PAC_SIGNATURE_DATA_LENGTH)
return KRB5_BAD_MSIZE;
- ret = k5_pac_locate_buffer(context, pac,
- PAC_SERVER_CHECKSUM, &server_checksum);
+ ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM,
+ &server_checksum);
if (ret != 0)
return ret;
@@ -832,14 +834,29 @@
krb5_ui_4 type;
krb5_data attribute;
} mspac_attribute_types[] = {
- { (krb5_ui_4)-1, { KV5M_DATA, STRLENOF("urn:mspac:"), "urn:mspac:" } },
- { PAC_LOGON_INFO, { KV5M_DATA, STRLENOF("urn:mspac:logon-info"), "urn:mspac:logon-info" } },
- { PAC_CREDENTIALS_INFO, { KV5M_DATA, STRLENOF("urn:mspac:credentials-info"), "urn:mspac:credentials-info" } },
- { PAC_SERVER_CHECKSUM, { KV5M_DATA, STRLENOF("urn:mspac:server-checksum"), "urn:mspac:server-checksum" } },
- { PAC_PRIVSVR_CHECKSUM, { KV5M_DATA, STRLENOF("urn:mspac:privsvr-checksum"), "urn:mspac:privsvr-checksum" } },
- { PAC_CLIENT_INFO, { KV5M_DATA, STRLENOF("urn:mspac:client-info"), "urn:mspac:client-info" } },
- { PAC_DELEGATION_INFO, { KV5M_DATA, STRLENOF("urn:mspac:delegation-info"), "urn:mspac:delegation-info" } },
- { PAC_UPN_DNS_INFO, { KV5M_DATA, STRLENOF("urn:mspac:upn-dns-info"), "urn:mspac:upn-dns-info" } },
+ { (krb5_ui_4)-1, { KV5M_DATA, STRLENOF("urn:mspac:"),
+ "urn:mspac:" } },
+ { KRB5_PAC_LOGON_INFO, { KV5M_DATA,
+ STRLENOF("urn:mspac:logon-info"),
+ "urn:mspac:logon-info" } },
+ { KRB5_PAC_CREDENTIALS_INFO, { KV5M_DATA,
+ STRLENOF("urn:mspac:credentials-info"),
+ "urn:mspac:credentials-info" } },
+ { KRB5_PAC_SERVER_CHECKSUM, { KV5M_DATA,
+ STRLENOF("urn:mspac:server-checksum"),
+ "urn:mspac:server-checksum" } },
+ { KRB5_PAC_PRIVSVR_CHECKSUM, { KV5M_DATA,
+ STRLENOF("urn:mspac:privsvr-checksum"),
+ "urn:mspac:privsvr-checksum" } },
+ { KRB5_PAC_CLIENT_INFO, { KV5M_DATA,
+ STRLENOF("urn:mspac:client-info"),
+ "urn:mspac:client-info" } },
+ { KRB5_PAC_DELEGATION_INFO, { KV5M_DATA,
+ STRLENOF("urn:mspac:delegation-info"),
+ "urn:mspac:delegation-info" } },
+ { KRB5_PAC_UPN_DNS_INFO, { KV5M_DATA,
+ STRLENOF("urn:mspac:upn-dns-info"),
+ "urn:mspac:upn-dns-info" } },
};
#define MSPAC_ATTRIBUTE_COUNT (sizeof(mspac_attribute_types)/sizeof(mspac_attribute_types[0]))
Modified: trunk/src/lib/krb5/krb/pac_sign.c
===================================================================
--- trunk/src/lib/krb5/krb/pac_sign.c 2011-10-15 16:06:03 UTC (rev 25351)
+++ trunk/src/lib/krb5/krb/pac_sign.c 2011-10-15 16:26:27 UTC (rev 25352)
@@ -43,8 +43,8 @@
krb5_ui_8 nt_authtime;
/* If we already have a CLIENT_INFO buffer, then just validate it */
- if (k5_pac_locate_buffer(context, pac,
- PAC_CLIENT_INFO, &client_info) == 0) {
+ if (k5_pac_locate_buffer(context, pac, KRB5_PAC_CLIENT_INFO,
+ &client_info) == 0) {
return k5_pac_validate_client(context, pac, authtime, principal);
}
@@ -63,7 +63,7 @@
client_info.length = PAC_CLIENT_INFO_LENGTH + princ_name_ucs2_len;
client_info.data = NULL;
- ret = k5_pac_add_buffer(context, pac, PAC_CLIENT_INFO,
+ ret = k5_pac_add_buffer(context, pac, KRB5_PAC_CLIENT_INFO,
&client_info, TRUE, &client_info);
if (ret != 0)
goto cleanup;
@@ -199,12 +199,12 @@
}
/* Create zeroed buffers for both checksums */
- ret = k5_insert_checksum(context, pac, PAC_SERVER_CHECKSUM,
+ ret = k5_insert_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM,
server_key, &server_cksumtype);
if (ret != 0)
return ret;
- ret = k5_insert_checksum(context, pac, PAC_PRIVSVR_CHECKSUM,
+ ret = k5_insert_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM,
privsvr_key, &privsvr_cksumtype);
if (ret != 0)
return ret;
@@ -215,8 +215,8 @@
return ret;
/* Generate the server checksum over the entire PAC */
- ret = k5_pac_locate_buffer(context, pac,
- PAC_SERVER_CHECKSUM, &server_cksum);
+ ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM,
+ &server_cksum);
if (ret != 0)
return ret;
@@ -236,8 +236,8 @@
return ret;
/* Generate the privsvr checksum over the server checksum buffer */
- ret = k5_pac_locate_buffer(context, pac,
- PAC_PRIVSVR_CHECKSUM, &privsvr_cksum);
+ ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM,
+ &privsvr_cksum);
if (ret != 0)
return ret;
More information about the cvs-krb5
mailing list