svn rev #22527: trunk/src/ kadmin/cli/ kadmin/dbutil/ kadmin/server/ kadmin/testing/util/ ...
ghudson@MIT.EDU
ghudson at MIT.EDU
Mon Aug 17 15:40:49 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22527
Commit By: ghudson
Log Message:
ticket: 6547
subject: Modify kadm5 initializers to accept krb5 contexts
Add krb5_context parameters to all kadm5 initialization functions.
This allows extended error information to be retrieved by the caller
when an error is returned.
Changed Files:
U trunk/src/kadmin/cli/kadmin.c
U trunk/src/kadmin/dbutil/kadm5_create.c
U trunk/src/kadmin/server/ovsec_kadmd.c
U trunk/src/kadmin/testing/util/tcl_kadm5.c
U trunk/src/lib/kadm5/admin.h
U trunk/src/lib/kadm5/clnt/client_init.c
U trunk/src/lib/kadm5/srv/server_init.c
U trunk/src/lib/kadm5/unit-test/destroy-test.c
U trunk/src/lib/kadm5/unit-test/handle-test.c
U trunk/src/lib/kadm5/unit-test/init-test.c
U trunk/src/lib/kadm5/unit-test/iter-test.c
U trunk/src/lib/kadm5/unit-test/randkey-test.c
U trunk/src/lib/kadm5/unit-test/setkey-test.c
U trunk/src/slave/kpropd.c
Modified: trunk/src/kadmin/cli/kadmin.c
===================================================================
--- trunk/src/kadmin/cli/kadmin.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/kadmin/cli/kadmin.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -479,7 +479,7 @@
if (ccache_name) {
printf("Authenticating as principal %s with existing credentials.\n",
princstr);
- retval = kadm5_init_with_creds(princstr, cc,
+ retval = kadm5_init_with_creds(context, princstr, cc,
svcname,
¶ms,
KADM5_STRUCT_VERSION,
@@ -493,7 +493,7 @@
else
printf("Authenticating as principal %s with default keytab.\n",
princstr);
- retval = kadm5_init_with_skey(princstr, keytab_name,
+ retval = kadm5_init_with_skey(context, princstr, keytab_name,
svcname,
¶ms,
KADM5_STRUCT_VERSION,
@@ -503,7 +503,7 @@
} else {
printf("Authenticating as principal %s with password.\n",
princstr);
- retval = kadm5_init_with_password(princstr, password,
+ retval = kadm5_init_with_password(context, princstr, password,
svcname,
¶ms,
KADM5_STRUCT_VERSION,
Modified: trunk/src/kadmin/dbutil/kadm5_create.c
===================================================================
--- trunk/src/kadmin/dbutil/kadm5_create.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/kadmin/dbutil/kadm5_create.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -106,7 +106,7 @@
retval = krb5_klog_init(context, "admin_server", progname, 0);
if (retval)
return retval;
- if ((retval = kadm5_init(progname, NULL, NULL, params,
+ if ((retval = kadm5_init(context, progname, NULL, NULL, params,
KADM5_STRUCT_VERSION,
KADM5_API_VERSION_2,
db5util_db_args,
Modified: trunk/src/kadmin/server/ovsec_kadmd.c
===================================================================
--- trunk/src/kadmin/server/ovsec_kadmd.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/kadmin/server/ovsec_kadmd.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -303,7 +303,7 @@
krb5_klog_init(context, "admin_server", whoami, 1);
- if((ret = kadm5_init("kadmind", NULL,
+ if((ret = kadm5_init(context, "kadmind", NULL,
NULL, ¶ms,
KADM5_STRUCT_VERSION,
KADM5_API_VERSION_2,
Modified: trunk/src/kadmin/testing/util/tcl_kadm5.c
===================================================================
--- trunk/src/kadmin/testing/util/tcl_kadm5.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/kadmin/testing/util/tcl_kadm5.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -1600,13 +1600,13 @@
}
}
- ret = kadm5_init_with_creds(client_name, cc, service_name,
+ ret = kadm5_init_with_creds(context, client_name, cc, service_name,
¶ms, struct_version,
api_version, NULL, &server_handle);
(void) krb5_cc_close(context, cc);
} else
- ret = kadm5_init(client_name, pass, service_name, ¶ms,
+ ret = kadm5_init(context, client_name, pass, service_name, ¶ms,
struct_version, api_version, NULL, &server_handle);
if (ret != KADM5_OK) {
Modified: trunk/src/lib/kadm5/admin.h
===================================================================
--- trunk/src/lib/kadm5/admin.h 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/admin.h 2009-08-17 19:40:48 UTC (rev 22527)
@@ -314,14 +314,22 @@
krb5_error_code kadm5_get_admin_service_name(krb5_context, char *,
char *, size_t);
-kadm5_ret_t kadm5_init(char *client_name, char *pass,
- char *service_name,
+/*
+ * For all initialization functions, the caller must first initialize
+ * a context with kadm5_init_krb5_context which will survive as long
+ * as the resulting handle. The caller should free the context with
+ * krb5_free_context.
+ */
+
+kadm5_ret_t kadm5_init(krb5_context context, char *client_name,
+ char *pass, char *service_name,
kadm5_config_params *params,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
-kadm5_ret_t kadm5_init_with_password(char *client_name,
+kadm5_ret_t kadm5_init_with_password(krb5_context context,
+ char *client_name,
char *pass,
char *service_name,
kadm5_config_params *params,
@@ -329,7 +337,8 @@
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
-kadm5_ret_t kadm5_init_with_skey(char *client_name,
+kadm5_ret_t kadm5_init_with_skey(krb5_context context,
+ char *client_name,
char *keytab,
char *service_name,
kadm5_config_params *params,
@@ -337,7 +346,8 @@
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
-kadm5_ret_t kadm5_init_with_creds(char *client_name,
+kadm5_ret_t kadm5_init_with_creds(krb5_context context,
+ char *client_name,
krb5_ccache cc,
char *service_name,
kadm5_config_params *params,
Modified: trunk/src/lib/kadm5/clnt/client_init.c
===================================================================
--- trunk/src/lib/kadm5/clnt/client_init.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/clnt/client_init.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -60,7 +60,8 @@
enum init_type { INIT_PASS, INIT_SKEY, INIT_CREDS };
-static kadm5_ret_t _kadm5_init_any(char *client_name,
+static kadm5_ret_t _kadm5_init_any(krb5_context context,
+ char *client_name,
enum init_type init_type,
char *pass,
krb5_ccache ccache_in,
@@ -97,7 +98,8 @@
gss_cred_id_t gss_client_creds,
gss_name_t gss_target);
-kadm5_ret_t kadm5_init_with_creds(char *client_name,
+kadm5_ret_t kadm5_init_with_creds(krb5_context context,
+ char *client_name,
krb5_ccache ccache,
char *service_name,
kadm5_config_params *params,
@@ -106,27 +108,27 @@
char **db_args,
void **server_handle)
{
- return _kadm5_init_any(client_name, INIT_CREDS, NULL, ccache,
+ return _kadm5_init_any(context, client_name, INIT_CREDS, NULL, ccache,
service_name, params,
struct_version, api_version, db_args,
server_handle);
}
-kadm5_ret_t kadm5_init_with_password(char *client_name, char *pass,
- char *service_name,
+kadm5_ret_t kadm5_init_with_password(krb5_context context, char *client_name,
+ char *pass, char *service_name,
kadm5_config_params *params,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle)
{
- return _kadm5_init_any(client_name, INIT_PASS, pass, NULL,
+ return _kadm5_init_any(context, client_name, INIT_PASS, pass, NULL,
service_name, params, struct_version,
api_version, db_args, server_handle);
}
-kadm5_ret_t kadm5_init(char *client_name, char *pass,
+kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
char *service_name,
kadm5_config_params *params,
krb5_ui_4 struct_version,
@@ -134,25 +136,25 @@
char **db_args,
void **server_handle)
{
- return _kadm5_init_any(client_name, INIT_PASS, pass, NULL,
+ return _kadm5_init_any(context, client_name, INIT_PASS, pass, NULL,
service_name, params, struct_version,
api_version, db_args, server_handle);
}
-kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
- char *service_name,
+kadm5_ret_t kadm5_init_with_skey(krb5_context context, char *client_name,
+ char *keytab, char *service_name,
kadm5_config_params *params,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle)
{
- return _kadm5_init_any(client_name, INIT_SKEY, keytab, NULL,
+ return _kadm5_init_any(context, client_name, INIT_SKEY, keytab, NULL,
service_name, params, struct_version,
api_version, db_args, server_handle);
}
-static kadm5_ret_t _kadm5_init_any(char *client_name,
+static kadm5_ret_t _kadm5_init_any(krb5_context context, char *client_name,
enum init_type init_type,
char *pass,
krb5_ccache ccache_in,
@@ -207,7 +209,7 @@
handle->lhandle->struct_version = KADM5_STRUCT_VERSION;
handle->lhandle->lhandle = handle->lhandle;
- krb5_init_context(&handle->context);
+ handle->context = context;
if(client_name == NULL) {
free(handle);
@@ -258,7 +260,6 @@
if ((code = kadm5_get_config_params(handle->context, 0,
params_in, &handle->params))) {
- krb5_free_context(handle->context);
free(handle);
return(code);
}
@@ -268,7 +269,6 @@
KADM5_CONFIG_KADMIND_PORT)
if ((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) {
- krb5_free_context(handle->context);
free(handle);
return KADM5_MISSING_KRB5_CONF_PARAMS;
}
@@ -792,7 +792,6 @@
free (handle->lhandle);
kadm5_free_config_params(handle->context, &handle->params);
- krb5_free_context(handle->context);
handle->magic_number = 0;
free(handle);
Modified: trunk/src/lib/kadm5/srv/server_init.c
===================================================================
--- trunk/src/lib/kadm5/srv/server_init.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/srv/server_init.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -90,20 +90,21 @@
}
}
-kadm5_ret_t kadm5_init_with_password(char *client_name, char *pass,
- char *service_name,
+kadm5_ret_t kadm5_init_with_password(krb5_context context, char *client_name,
+ char *pass, char *service_name,
kadm5_config_params *params,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle)
{
- return kadm5_init(client_name, pass, service_name, params,
+ return kadm5_init(context, client_name, pass, service_name, params,
struct_version, api_version, db_args,
server_handle);
}
-kadm5_ret_t kadm5_init_with_creds(char *client_name,
+kadm5_ret_t kadm5_init_with_creds(krb5_context context,
+ char *client_name,
krb5_ccache ccache,
char *service_name,
kadm5_config_params *params,
@@ -120,14 +121,14 @@
if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
params->mkey_from_kbd)
return KADM5_BAD_SERVER_PARAMS;
- return kadm5_init(client_name, NULL, service_name, params,
+ return kadm5_init(context, client_name, NULL, service_name, params,
struct_version, api_version, db_args,
server_handle);
}
-kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
- char *service_name,
+kadm5_ret_t kadm5_init_with_skey(krb5_context context, char *client_name,
+ char *keytab, char *service_name,
kadm5_config_params *params,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
@@ -142,12 +143,12 @@
if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
params->mkey_from_kbd)
return KADM5_BAD_SERVER_PARAMS;
- return kadm5_init(client_name, NULL, service_name, params,
+ return kadm5_init(context, client_name, NULL, service_name, params,
struct_version, api_version, db_args,
server_handle);
}
-kadm5_ret_t kadm5_init(char *client_name, char *pass,
+kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
char *service_name,
kadm5_config_params *params_in,
krb5_ui_4 struct_version,
@@ -175,12 +176,7 @@
return ret;
}
- ret = (int) krb5int_init_context_kdc(&(handle->context));
- if (ret) {
- free_db_args(handle);
- free(handle);
- return(ret);
- }
+ handle->context = context;
initialize_ovk_error_table();
/* initialize_adb_error_table(); */
@@ -208,7 +204,6 @@
expect to see admin_server being set sometimes. */
#define ILLEGAL_PARAMS (KADM5_CONFIG_ADMIN_SERVER)
if (params_in && (params_in->mask & ILLEGAL_PARAMS)) {
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return KADM5_BAD_SERVER_PARAMS;
@@ -218,7 +213,6 @@
ret = kadm5_get_config_params(handle->context, 1, params_in,
&handle->params);
if (ret) {
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return(ret);
@@ -236,7 +230,6 @@
KADM5_CONFIG_IPROP_PORT)
if ((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) {
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return KADM5_MISSING_CONF_PARAMS;
@@ -244,7 +237,6 @@
if ((handle->params.mask & KADM5_CONFIG_IPROP_ENABLED) == KADM5_CONFIG_IPROP_ENABLED
&& handle->params.iprop_enabled) {
if ((handle->params.mask & IPROP_REQUIRED_PARAMS) != IPROP_REQUIRED_PARAMS) {
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return KADM5_MISSING_CONF_PARAMS;
@@ -253,7 +245,6 @@
ret = krb5_set_default_realm(handle->context, handle->params.realm);
if (ret) {
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return ret;
@@ -262,7 +253,6 @@
ret = krb5_db_open(handle->context, db_args,
KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN);
if (ret) {
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return(ret);
@@ -271,7 +261,6 @@
if ((ret = krb5_parse_name(handle->context, client_name,
&handle->current_caller))) {
krb5_db_fini(handle->context);
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return ret;
@@ -279,7 +268,6 @@
if (! (handle->lhandle = malloc(sizeof(*handle)))) {
krb5_db_fini(handle->context);
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return ENOMEM;
@@ -302,7 +290,6 @@
&& handle->params.mkey_from_kbd);
if (ret) {
krb5_db_fini(handle->context);
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return ret;
@@ -311,7 +298,6 @@
ret = kdb_init_hist(handle, handle->params.realm);
if (ret) {
krb5_db_fini(handle->context);
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return ret;
@@ -321,7 +307,6 @@
if (ret) {
krb5_db_fini(handle->context);
krb5_free_principal(handle->context, handle->current_caller);
- krb5_free_context(handle->context);
free_db_args(handle);
free(handle);
return ret;
@@ -344,7 +329,6 @@
krb5_db_fini(handle->context);
krb5_free_principal(handle->context, handle->current_caller);
kadm5_free_config_params(handle->context, &handle->params);
- krb5_free_context(handle->context);
handle->magic_number = 0;
free(handle->lhandle);
free_db_args(handle);
Modified: trunk/src/lib/kadm5/unit-test/destroy-test.c
===================================================================
--- trunk/src/lib/kadm5/unit-test/destroy-test.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/unit-test/destroy-test.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -18,9 +18,15 @@
int x;
void *server_handle;
kadm5_server_handle_t handle;
+ krb5_context context;
+ ret = kadm5_init_krb5_context(&context);
+ if (ret != 0) {
+ com_err("test", ret, "context init");
+ exit(2);
+ }
for(x = 0; x < TEST_NUM; x++) {
- ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
+ ret = kadm5_init(context, "admin", "admin", KADM5_ADMIN_SERVICE, 0,
KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
&server_handle);
if(ret != KADM5_OK) {
Modified: trunk/src/lib/kadm5/unit-test/handle-test.c
===================================================================
--- trunk/src/lib/kadm5/unit-test/handle-test.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/unit-test/handle-test.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -24,7 +24,7 @@
kadm5_init_krb5_context(&context);
- ret = kadm5_init("admin/none", "admin", KADM5_ADMIN_SERVICE, NULL,
+ ret = kadm5_init(context, "admin/none", "admin", KADM5_ADMIN_SERVICE, NULL,
KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
&server_handle);
if(ret != KADM5_OK) {
Modified: trunk/src/lib/kadm5/unit-test/init-test.c
===================================================================
--- trunk/src/lib/kadm5/unit-test/init-test.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/unit-test/init-test.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -10,10 +10,16 @@
kadm5_ret_t ret;
void *server_handle;
kadm5_config_params params;
+ krb5_context context;
memset(¶ms, 0, sizeof(params));
params.mask |= KADM5_CONFIG_NO_AUTH;
- ret = kadm5_init("admin", "admin", NULL, ¶ms,
+ ret = kadm5_init_krb5_context(&context);
+ if (ret != 0) {
+ com_err("init-test", ret, "while initializing krb5 context");
+ exit(1);
+ }
+ ret = kadm5_init(context, "admin", "admin", NULL, ¶ms,
KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
&server_handle);
if (ret == KADM5_RPC_ERROR)
Modified: trunk/src/lib/kadm5/unit-test/iter-test.c
===================================================================
--- trunk/src/lib/kadm5/unit-test/iter-test.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/unit-test/iter-test.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -8,13 +8,19 @@
void *server_handle;
char **names;
int count, princ, i;
+ krb5_context context;
if (argc != 3) {
fprintf(stderr, "Usage: %s [-princ|-pol] exp\n", argv[0]);
exit(1);
}
princ = (strcmp(argv[1], "-princ") == 0);
-
+
+ ret = kadm5_init_krb5_context(&context);
+ if (ret != KADM5_OK) {
+ com_err("iter-test", ret, "while initializing context");
+ exit(1);
+ }
ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
&server_handle);
Modified: trunk/src/lib/kadm5/unit-test/randkey-test.c
===================================================================
--- trunk/src/lib/kadm5/unit-test/randkey-test.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/unit-test/randkey-test.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -22,7 +22,7 @@
kadm5_init_krb5_context(&context);
krb5_parse_name(context, "testuser", &tprinc);
- ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, NULL,
+ ret = kadm5_init(context, "admin", "admin", KADM5_ADMIN_SERVICE, NULL,
KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
&server_handle);
if(ret != KADM5_OK) {
Modified: trunk/src/lib/kadm5/unit-test/setkey-test.c
===================================================================
--- trunk/src/lib/kadm5/unit-test/setkey-test.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/lib/kadm5/unit-test/setkey-test.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -118,7 +118,7 @@
exit(1);
}
- ret = kadm5_init(authprinc, NULL, KADM5_ADMIN_SERVICE, NULL,
+ ret = kadm5_init(context, authprinc, NULL, KADM5_ADMIN_SERVICE, NULL,
KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
&handle);
if (ret) {
Modified: trunk/src/slave/kpropd.c
===================================================================
--- trunk/src/slave/kpropd.c 2009-08-17 16:26:23 UTC (rev 22526)
+++ trunk/src/slave/kpropd.c 2009-08-17 19:40:48 UTC (rev 22527)
@@ -696,7 +696,8 @@
/*
* Authentication, initialize rpcsec_gss handle etc.
*/
- retval = kadm5_init_with_skey(iprop_svc_princstr, srvtab,
+ retval = kadm5_init_with_skey(kpropd_context, iprop_svc_princstr,
+ srvtab,
master_svc_princstr,
¶ms,
KADM5_STRUCT_VERSION,
@@ -1021,7 +1022,7 @@
(void) memset(¶ms, 0, sizeof (params));
- retval = krb5_init_context(&kpropd_context);
+ retval = kadm5_init_krb5_context(&kpropd_context);
if (retval) {
com_err(argv[0], retval, "while initializing krb5");
exit(1);
More information about the cvs-krb5
mailing list