krb5 commit: Update test KDC authdata module to new interface
Greg Hudson
ghudson at mit.edu
Mon Jun 15 12:56:01 EDT 2015
https://github.com/krb5/krb5/commit/b9820f5b3bfe1347565a39b6f8dce97828e8a2a3
commit b9820f5b3bfe1347565a39b6f8dce97828e8a2a3
Author: Greg Hudson <ghudson at mit.edu>
Date: Mon Sep 29 11:19:08 2014 -0400
Update test KDC authdata module to new interface
Remove plugins/authdata/greet, which was a v0 KDC module. Modify
plugins/authdata/greet_server to use the new interface. Within
greet_auth.c, remove the unused function greet_kdc_verify. Build the
greet_client and greet_server modules by default, but do not install
them.
src/Makefile.in | 3 +-
src/configure.in | 1 -
src/plugins/authdata/greet/Makefile.in | 23 -----
src/plugins/authdata/greet/deps | 6 -
src/plugins/authdata/greet/greet.exports | 1 -
src/plugins/authdata/greet/greet_auth.c | 99 --------------------
src/plugins/authdata/greet_client/Makefile.in | 3 +-
src/plugins/authdata/greet_server/Makefile.in | 3 +-
src/plugins/authdata/greet_server/greet_auth.c | 78 +++------------
.../authdata/greet_server/greet_server.exports | 2 +-
10 files changed, 21 insertions(+), 198 deletions(-)
diff --git a/src/Makefile.in b/src/Makefile.in
index 65951c5..3c81b22 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -6,7 +6,6 @@ mydir=.
# plugins/locate/python
# plugins/preauth/wpse
# plugins/preauth/cksum_body
-# plugins/authdata/greet
SUBDIRS=util include lib \
@sam2_plugin@ \
plugins/audit \
@@ -16,6 +15,8 @@ SUBDIRS=util include lib \
plugins/hostrealm/test \
plugins/localauth/test \
plugins/pwqual/test \
+ plugins/authdata/greet_server \
+ plugins/authdata/greet_client \
plugins/kdb/db2 \
@ldap_plugin_dir@ \
plugins/kdb/test \
diff --git a/src/configure.in b/src/configure.in
index f1ba570..13a9b58 100644
--- a/src/configure.in
+++ b/src/configure.in
@@ -1451,7 +1451,6 @@ dnl ccapi ccapi/lib ccapi/lib/unix ccapi/server ccapi/server/unix ccapi/test
plugins/preauth/otp
plugins/preauth/securid_sam2
plugins/preauth/wpse
- plugins/authdata/greet
plugins/authdata/greet_client
plugins/authdata/greet_server
plugins/tls/k5tls
diff --git a/src/plugins/authdata/greet/Makefile.in b/src/plugins/authdata/greet/Makefile.in
deleted file mode 100644
index f204e2f..0000000
--- a/src/plugins/authdata/greet/Makefile.in
+++ /dev/null
@@ -1,23 +0,0 @@
-mydir=plugins$(S)authdata$(S)greet
-BUILDTOP=$(REL)..$(S)..$(S)..
-MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR)
-
-LIBBASE=greet
-LIBMAJOR=0
-LIBMINOR=0
-#RELDIR=../plugins/preauth/wpse
-# Depends on nothing
-SHLIB_EXPDEPS =
-SHLIB_EXPLIBS=
-
-STLIBOBJS= greet_auth.o
-
-SRCS= greet_auth.c
-
-all-unix:: all-libs
-install-unix:: install-libs
-clean-unix:: clean-libs clean-libobjs
-
- at libnover_frag@
- at libobj_frag@
-
diff --git a/src/plugins/authdata/greet/deps b/src/plugins/authdata/greet/deps
deleted file mode 100644
index ea4b503..0000000
--- a/src/plugins/authdata/greet/deps
+++ /dev/null
@@ -1,6 +0,0 @@
-#
-# Generated makefile dependencies follow.
-#
-greet_auth.so greet_auth.po $(OUTPRE)greet_auth.$(OBJEXT): \
- $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5/authdata_plugin.h \
- greet_auth.c
diff --git a/src/plugins/authdata/greet/greet.exports b/src/plugins/authdata/greet/greet.exports
deleted file mode 100644
index 1189eff..0000000
--- a/src/plugins/authdata/greet/greet.exports
+++ /dev/null
@@ -1 +0,0 @@
-authdata_server_0
diff --git a/src/plugins/authdata/greet/greet_auth.c b/src/plugins/authdata/greet/greet_auth.c
deleted file mode 100644
index beac135..0000000
--- a/src/plugins/authdata/greet/greet_auth.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* plugins/authdata/greet/greet_auth.c */
-/*
- * Copyright 2008 by the Massachusetts Institute of Technology.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- *
- * Sample authorization data plugin
- */
-
-#include <string.h>
-#include <errno.h>
-#include <krb5/authdata_plugin.h>
-
-typedef struct krb5_db_entry krb5_db_entry;
-
-static krb5_error_code
-greet_init(krb5_context ctx, void **blob)
-{
- *blob = "hello";
- return 0;
-}
-
-static void
-greet_fini(krb5_context ctx, void *blob)
-{
-}
-
-static krb5_error_code
-greet_authdata(krb5_context ctx, krb5_db_entry *client,
- krb5_data *req_pkt,
- krb5_kdc_req *request,
- krb5_enc_tkt_part * enc_tkt_reply)
-{
-#define GREET_SIZE (20)
-
- char *p;
- krb5_authdata *a;
- size_t count;
- krb5_authdata **new_ad;
-
- p = calloc(1, GREET_SIZE);
- a = calloc(1, sizeof(*a));
-
- if (p == NULL || a == NULL) {
- free(p);
- free(a);
- return ENOMEM;
- }
- strncpy(p, "hello there", GREET_SIZE-1);
- a->magic = KV5M_AUTHDATA;
- a->ad_type = -42;
- a->length = GREET_SIZE;
- a->contents = (unsigned char *)p;
- if (enc_tkt_reply->authorization_data == 0) {
- count = 0;
- } else {
- for (count = 0; enc_tkt_reply->authorization_data[count] != 0; count++)
- ;
- }
- new_ad = realloc(enc_tkt_reply->authorization_data,
- (count+2) * sizeof(krb5_authdata *));
- if (new_ad == NULL) {
- free(p);
- free(a);
- return ENOMEM;
- }
- enc_tkt_reply->authorization_data = new_ad;
- new_ad[count] = a;
- new_ad[count+1] = NULL;
- return 0;
-}
-
-krb5plugin_authdata_ftable_v0 authdata_server_0 = {
- "greet",
- greet_init,
- greet_fini,
- greet_authdata,
-};
diff --git a/src/plugins/authdata/greet_client/Makefile.in b/src/plugins/authdata/greet_client/Makefile.in
index 7f7277b..e1af8cc 100644
--- a/src/plugins/authdata/greet_client/Makefile.in
+++ b/src/plugins/authdata/greet_client/Makefile.in
@@ -1,6 +1,5 @@
mydir=plugins$(S)authdata$(S)greet_client
BUILDTOP=$(REL)..$(S)..$(S)..
-MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR)
LIBBASE=greet_client
LIBMAJOR=0
@@ -13,7 +12,7 @@ STLIBOBJS= greet.o
SRCS= greet.c
all-unix:: all-libs
-install-unix:: install-libs
+install-unix::
clean-unix:: clean-libs clean-libobjs
@libnover_frag@
diff --git a/src/plugins/authdata/greet_server/Makefile.in b/src/plugins/authdata/greet_server/Makefile.in
index 598ee1f..a013076 100644
--- a/src/plugins/authdata/greet_server/Makefile.in
+++ b/src/plugins/authdata/greet_server/Makefile.in
@@ -1,6 +1,5 @@
mydir=plugins$(S)authdata$(S)greet_server
BUILDTOP=$(REL)..$(S)..$(S)..
-MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR)
LIBBASE=greet_server
LIBMAJOR=1
@@ -14,7 +13,7 @@ STLIBOBJS= greet_auth.o
SRCS= greet_auth.c
all-unix:: all-libs
-install-unix:: install-libs
+install-unix::
clean-unix:: clean-libs clean-libobjs
@libnover_frag@
diff --git a/src/plugins/authdata/greet_server/greet_auth.c b/src/plugins/authdata/greet_server/greet_auth.c
index 9d8444b..1f1e9de 100644
--- a/src/plugins/authdata/greet_server/greet_auth.c
+++ b/src/plugins/authdata/greet_server/greet_auth.c
@@ -29,19 +29,7 @@
*/
#include <k5-int.h>
-#include <krb5/authdata_plugin.h>
-#include <kdb.h>
-
-static krb5_error_code
-greet_init(krb5_context ctx, void **blob)
-{
- return 0;
-}
-
-static void
-greet_fini(krb5_context ctx, void *blob)
-{
-}
+#include <krb5/kdcauthdata_plugin.h>
static krb5_error_code greet_hello(krb5_context context, krb5_data **ret)
{
@@ -54,49 +42,6 @@ static krb5_error_code greet_hello(krb5_context context, krb5_data **ret)
}
static krb5_error_code
-greet_kdc_verify(krb5_context context,
- krb5_enc_tkt_part *enc_tkt_request,
- krb5_data **greeting)
-{
- krb5_error_code code;
- krb5_authdata **tgt_authdata = NULL;
- krb5_authdata **kdc_issued = NULL;
- krb5_authdata **greet = NULL;
-
- code = krb5_find_authdata(context, enc_tkt_request->authorization_data,
- NULL, KRB5_AUTHDATA_KDC_ISSUED, &tgt_authdata);
- if (code != 0 || tgt_authdata == NULL)
- return 0;
-
- code = krb5_verify_authdata_kdc_issued(context,
- enc_tkt_request->session,
- tgt_authdata[0],
- NULL,
- &kdc_issued);
- if (code != 0) {
- krb5_free_authdata(context, tgt_authdata);
- return code;
- }
-
- code = krb5_find_authdata(context, kdc_issued, NULL, -42, &greet);
- if (code == 0) {
- krb5_data tmp;
-
- tmp.data = (char *)greet[0]->contents;
- tmp.length = greet[0]->length;
-
- code = krb5_copy_data(context, &tmp, greeting);
- } else
- code = 0;
-
- krb5_free_authdata(context, tgt_authdata);
- krb5_free_authdata(context, kdc_issued);
- krb5_free_authdata(context, greet);
-
- return code;
-}
-
-static krb5_error_code
greet_kdc_sign(krb5_context context,
krb5_enc_tkt_part *enc_tkt_reply,
krb5_const_principal tgs,
@@ -149,6 +94,7 @@ greet_kdc_sign(krb5_context context,
static krb5_error_code
greet_authdata(krb5_context context,
+ krb5_kdcauthdata_moddata moddata,
unsigned int flags,
krb5_db_entry *client,
krb5_db_entry *server,
@@ -179,9 +125,17 @@ greet_authdata(krb5_context context,
return code;
}
-krb5plugin_authdata_server_ftable_v2 authdata_server_2 = {
- "greet",
- greet_init,
- greet_fini,
- greet_authdata,
-};
+krb5_error_code
+kdcauthdata_greet_initvt(krb5_context context, int maj_ver, int min_ver,
+ krb5_plugin_vtable vtable);
+
+krb5_error_code
+kdcauthdata_greet_initvt(krb5_context context, int maj_ver, int min_ver,
+ krb5_plugin_vtable vtable)
+{
+ krb5_kdcauthdata_vtable vt = (krb5_kdcauthdata_vtable)vtable;
+
+ vt->name = "greet";
+ vt->handle = greet_authdata;
+ return 0;
+}
diff --git a/src/plugins/authdata/greet_server/greet_server.exports b/src/plugins/authdata/greet_server/greet_server.exports
index ed34a7f..bddbef1 100644
--- a/src/plugins/authdata/greet_server/greet_server.exports
+++ b/src/plugins/authdata/greet_server/greet_server.exports
@@ -1 +1 @@
-authdata_server_2
+kdcauthdata_greet_initvt
More information about the cvs-krb5
mailing list