svn rev #25318: trunk/src/ include/krb5/ kdc/

ghudson@MIT.EDU ghudson at MIT.EDU
Thu Oct 6 16:08:29 EDT 2011 

http://src.mit.edu/fisheye/changelog/krb5/?cs=25318
Commit By: ghudson
Log Message:
Add get_string, free_string kdcpreauth callbacks.

String attributes should be useful to preauth modules without having
to link against libkdb5.  Add a callback to make client string
attributes accessible to modules.


Changed Files:
U   trunk/src/include/krb5/preauth_plugin.h
U   trunk/src/kdc/kdc_preauth.c
Modified: trunk/src/include/krb5/preauth_plugin.h
===================================================================
--- trunk/src/include/krb5/preauth_plugin.h	2011-10-06 19:24:56 UTC (rev 25317)
+++ trunk/src/include/krb5/preauth_plugin.h	2011-10-06 20:08:29 UTC (rev 25318)
@@ -355,6 +355,16 @@
     krb5_keyblock *(*fast_armor)(krb5_context context,
                                  krb5_kdcpreauth_rock rock);
 
+    /* Retrieve a string attribute from the client DB entry, or NULL if no such
+     * attribute is set.  Free the result with the free_string callback. */
+    krb5_error_code (*get_string)(krb5_context context,
+                                  krb5_kdcpreauth_rock rock, const char *key,
+                                  char **value_out);
+
+    /* Free the result of get_string. */
+    void (*free_string)(krb5_context context, krb5_kdcpreauth_rock rock,
+                        char *string);
+
     /* Get a pointer to the client DB entry (returned as a void pointer to
      * avoid a dependency on a libkdb5 type). */
     void *(*client_entry)(krb5_context context, krb5_kdcpreauth_rock rock);

Modified: trunk/src/kdc/kdc_preauth.c
===================================================================
--- trunk/src/kdc/kdc_preauth.c	2011-10-06 19:24:56 UTC (rev 25317)
+++ trunk/src/kdc/kdc_preauth.c	2011-10-06 20:08:29 UTC (rev 25318)
@@ -574,6 +574,19 @@
     return rock->rstate->armor_key;
 }
 
+static krb5_error_code
+get_string(krb5_context context, krb5_kdcpreauth_rock rock, const char *key,
+           char **value_out)
+{
+    return krb5_dbe_get_string(context, rock->client, key, value_out);
+}
+
+static void
+free_string(krb5_context context, krb5_kdcpreauth_rock rock, char *string)
+{
+    krb5_dbe_free_string(context, string);
+}
+
 static void *
 client_entry(krb5_context context, krb5_kdcpreauth_rock rock)
 {
@@ -587,6 +600,8 @@
     free_keys,
     request_body,
     fast_armor,
+    get_string,
+    free_string,
     client_entry
 };

More information about the cvs-krb5 mailing list