Whamcloud - gitweb
git://git.whamcloud.com
/
fs
/
lustre-release.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
LU-4307 kerberos: compile errors with gss/kerberos support
[fs/lustre-release.git]
/
lustre
/
utils
/
gss
/
context_lucid.c
diff --git
a/lustre/utils/gss/context_lucid.c
b/lustre/utils/gss/context_lucid.c
index
c1f669f
..
e95d11e
100644
(file)
--- a/
lustre/utils/gss/context_lucid.c
+++ b/
lustre/utils/gss/context_lucid.c
@@
-85,7
+85,7
@@
prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
{
char *p, *end;
static int constant_zero = 0;
- unsigned char fakeseed[16];
+ unsigned char fakeseed[16]
= { 0 }
;
uint32_t word_send_seq;
gss_krb5_lucid_key_t enc_key;
int i;
@@
-204,11
+204,10
@@
enum seal_alg {
* We don't have "legal" access to these MIT-only
* structures located in libk5crypto
*/
-extern void krb5int_enc_arcfour;
-extern void krb5int_enc_des3;
-extern void krb5int_enc_aes128;
-extern void krb5int_enc_aes256;
-extern int krb5_derive_key();
+extern void *krb5int_enc_arcfour;
+extern void *krb5int_enc_des3;
+extern void *krb5int_enc_aes128;
+extern void *krb5int_enc_aes256;
static void
key_lucid_to_krb5(const gss_krb5_lucid_key_t *lin, krb5_keyblock *kout)
@@
-257,8
+256,13
@@
derive_key_lucid(const gss_krb5_lucid_key_t *in, gss_krb5_lucid_key_t *out,
int keylength;
void *enc;
krb5_keyblock kin, kout; /* must send krb5_keyblock, not lucid! */
-#if
def HAVE_HEIMDAL
+#if
defined(HAVE_HEIMDAL) || HAVE_KRB5INT_DERIVE_KEY
krb5_context kcontext;
+#endif
+#if HAVE_KRB5INT_DERIVE_KEY
+ krb5_key key_in, key_out;
+#endif
+#ifdef HAVE_HEIMDAL
krb5_keyblock *outkey;
#endif
@@
-316,12
+320,35
@@
derive_key_lucid(const gss_krb5_lucid_key_t *in, gss_krb5_lucid_key_t *out,
((char *)(datain.data))[4] = (char) extra;
#ifdef HAVE_KRB5
+#if HAVE_KRB5INT_DERIVE_KEY
+ code = krb5_init_context(&kcontext);
+ if (code) {
+ free(out->data);
+ out->data = NULL;
+ goto out;
+ }
+ code = krb5_k_create_key(kcontext, &kin, &key_in);
+ if (code) {
+ free(out->data);
+ out->data = NULL;
+ goto out;
+ }
+ code = krb5_k_create_key(kcontext, &kout, &key_out);
+ if (code) {
+ free(out->data);
+ out->data = NULL;
+ goto out;
+ }
+ code = krb5int_derive_key(enc, key_in, &key_out, &datain,
+ DERIVE_RFC3961);
+#else /* !HAVE_KRB5INT_DERIVE_KEY */
code = krb5_derive_key(enc, &kin, &kout, &datain);
-#else
+#endif /* HAVE_KRB5INT_DERIVE_KEY */
+#else /* !defined(HAVE_KRB5) */
if ((code = krb5_init_context(&kcontext))) {
}
code = krb5_derive_key(kcontext, &kin, in->type, constant_data, K5CLENGTH, &outkey);
-#endif
+#endif
/* defined(HAVE_KRB5) */
if (code) {
free(out->data);
out->data = NULL;
@@
-329,14
+356,17
@@
derive_key_lucid(const gss_krb5_lucid_key_t *in, gss_krb5_lucid_key_t *out,
}
#ifdef HAVE_KRB5
key_krb5_to_lucid(&kout, out);
-#else
+#if HAVE_KRB5INT_DERIVE_KEY
+ krb5_free_context(kcontext);
+#endif /* HAVE_KRB5INT_DERIVE_KEY */
+#else /* !defined(HAVE_KRB5) */
key_krb5_to_lucid(outkey, out);
krb5_free_keyblock(kcontext, outkey);
krb5_free_context(kcontext);
-#endif
+#endif
/* defined(HAVE_KRB5) */
out:
- if (code)
+ if (code)
printerr(0, "ERROR: %s: returning error %d (%s)\n",
__FUNCTION__, code, error_message(code));
return (code);