Author: gd Date: 2007-09-13 16:11:46 +0000 (Thu, 13 Sep 2007) New Revision: 25134
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=25134 Log: Fix Bug #4968 and make dns updates work with heimdal as well (again, gss_import_name() needs to follow the same logic as in the LDAP sasl wrapping (see -r25133). Tested with MIT 1.2.7, 1.3.6, 1.4.3, 1.5.1, 1.6.1 and Heimdal 0.7.2, 1.0, 1.0.1. Guenther Modified: branches/SAMBA_3_2/source/libaddns/dnsgss.c branches/SAMBA_3_2_0/source/libaddns/dnsgss.c Changeset: Modified: branches/SAMBA_3_2/source/libaddns/dnsgss.c =================================================================== --- branches/SAMBA_3_2/source/libaddns/dnsgss.c 2007-09-13 15:59:46 UTC (rev 25133) +++ branches/SAMBA_3_2/source/libaddns/dnsgss.c 2007-09-13 16:11:46 UTC (rev 25134) @@ -219,11 +219,8 @@ gss_name_t targ_name; - krb5_principal host_principal; - krb5_context krb_ctx = NULL; - gss_OID_desc nt_host_oid_desc = - { 10, (char *)"\052\206\110\206\367\022\001\002\002\002" }; + {10, (char *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"}; TALLOC_CTX *mem_ctx; @@ -247,23 +244,13 @@ goto error; } - krb5_init_context( &krb_ctx ); - krb5_parse_name( krb_ctx, targetname, &host_principal ); + input_name.value = targetname; + input_name.length = strlen(targetname); - /* don't free the principal until after you call - gss_release_name() or else you'll get a segv - as the krb5_copy_principal() does a structure - copy and not a deep copy. --jerry*/ - - input_name.value = &host_principal; - input_name.length = sizeof( host_principal ); - major = gss_import_name( &minor, &input_name, &nt_host_oid_desc, &targ_name ); if (major) { - krb5_free_principal( krb_ctx, host_principal ); - krb5_free_context( krb_ctx ); err = ERROR_DNS_GSS_ERROR; goto error; } @@ -273,11 +260,6 @@ gss_release_name( &minor, &targ_name ); - /* now we can free the principal */ - - krb5_free_principal( krb_ctx, host_principal ); - krb5_free_context( krb_ctx ); - error: TALLOC_FREE(mem_ctx); Modified: branches/SAMBA_3_2_0/source/libaddns/dnsgss.c =================================================================== --- branches/SAMBA_3_2_0/source/libaddns/dnsgss.c 2007-09-13 15:59:46 UTC (rev 25133) +++ branches/SAMBA_3_2_0/source/libaddns/dnsgss.c 2007-09-13 16:11:46 UTC (rev 25134) @@ -219,11 +219,8 @@ gss_name_t targ_name; - krb5_principal host_principal; - krb5_context krb_ctx = NULL; - gss_OID_desc nt_host_oid_desc = - { 10, (char *)"\052\206\110\206\367\022\001\002\002\002" }; + {10, (char *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"}; TALLOC_CTX *mem_ctx; @@ -247,23 +244,13 @@ goto error; } - krb5_init_context( &krb_ctx ); - krb5_parse_name( krb_ctx, targetname, &host_principal ); + input_name.value = targetname; + input_name.length = strlen(targetname); - /* don't free the principal until after you call - gss_release_name() or else you'll get a segv - as the krb5_copy_principal() does a structure - copy and not a deep copy. --jerry*/ - - input_name.value = &host_principal; - input_name.length = sizeof( host_principal ); - major = gss_import_name( &minor, &input_name, &nt_host_oid_desc, &targ_name ); if (major) { - krb5_free_principal( krb_ctx, host_principal ); - krb5_free_context( krb_ctx ); err = ERROR_DNS_GSS_ERROR; goto error; } @@ -273,11 +260,6 @@ gss_release_name( &minor, &targ_name ); - /* now we can free the principal */ - - krb5_free_principal( krb_ctx, host_principal ); - krb5_free_context( krb_ctx ); - error: TALLOC_FREE(mem_ctx);
