Using KfM's credentials cache with Krb5 1.3 on OS X 10.2.6
chas williams
chas at cmf.nrl.navy.mil
Wed Jul 23 18:14:19 EDT 2003
In message <Pine.GSO.4.56.0307231649520.900 at flanders.mynet.net>,Steven Michaud writes:
>Are Cyrus SASL's dlopen.c and the OpenDarwin dlcompat project similar
>to the code that you wrote?
no idea. i used the NS*() interface directly. its not very
complicated.
>I'm not sure I want to take on the burden of writing and maintaining a
>library that (in effect) exports the CCAPI from present and future
>versions of KfM. I don't imagine you're too thrilled about that,
>either :-)
since the ccapi should be relatively fixed and NS*() api should be
fixed as well (since the apple framework nonsense uses it) i dont
think it would need much in the way of maintenance. here's the
important bit of the glue. there's some other changes necessary
i will post those later after i make sure they will apply
against a stock krb5 distribution.
#include <sys/types.h>
#include <sys/stat.h>
#include <stdlib.h>
#include <sys/param.h>
#include <mach-o/dyld.h>
static void *
__loadKerberos(void) {
static const void *image = NULL;
if (NULL == image) {
const char *framework = "/System/Library/Frameworks/Kerberos.framework/Kerberos";
struct stat statbuf;
const char *suffix = getenv("DYLD_IMAGE_SUFFIX");
char path[MAXPATHLEN];
strcpy(path, framework);
if (suffix) strcat(path, suffix);
if (0 <= stat(path, &statbuf))
image = NSAddImage(path, NSADDIMAGE_OPTION_NONE);
else
image = NSAddImage(framework, NSADDIMAGE_OPTION_NONE);
}
return (void *)image;
}
cc_int32 _cc_initialize (
cc_context_t* outContext,
cc_int32 inVersion,
cc_int32* outSupportedVersion,
char const** outVendor)
{
static cc_int32 (*dyfunc)(
cc_context_t* outContext,
cc_int32 inVersion,
cc_int32* outSupportedVersion,
char const** outVendor) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_initialize", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(outContext, inVersion, outSupportedVersion, outVendor) : CC_NOT_SUPP;
}
#define cc_initialize _cc_initialize
cc_int32 _cc_shutdown (
apiCB** ioContext)
{
static cc_int32 (*dyfunc)(
apiCB** ioContext) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_shutdown", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(ioContext) : CC_NOT_SUPP;
}
#define cc_shutdown _cc_shutdown
cc_int32 _cc_get_change_time (
apiCB* inContext,
cc_time_t* outTime)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
cc_time_t* outTime) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_get_change_time", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, outTime) : CC_NOT_SUPP;
}
#define cc_get_change_time _cc_get_change_time
cc_int32 _cc_open (
apiCB* inContext,
const char* inName,
cc_int32 inVersion,
cc_uint32 inFlags,
ccache_p** outCCache)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
const char* inName,
cc_int32 inVersion,
cc_uint32 inFlags,
ccache_p** outCCache) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_open", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, inName, inVersion, inFlags, outCCache) : CC_NOT_SUPP;
}
#define cc_open _cc_open
cc_int32 _cc_create (
apiCB* inContext,
const char* inName,
const char* inPrincipal,
cc_int32 inVersion,
cc_uint32 inFlags,
ccache_p** outCCache)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
const char* inName,
const char* inPrincipal,
cc_int32 inVersion,
cc_uint32 inFlags,
ccache_p** outCCache) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_create", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, inName, inPrincipal, inVersion, inFlags, outCCache) : CC_NOT_SUPP;
}
#define cc_create _cc_create
cc_int32 _cc_close (
apiCB* inContext,
ccache_p** ioCCache)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
ccache_p** ioCCache) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_close", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, ioCCache) : CC_NOT_SUPP;
}
#define cc_close _cc_close
cc_int32 _cc_destroy (
apiCB* inContext,
ccache_p** ioCCache)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
ccache_p** ioCCache) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_destroy", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, ioCCache) : CC_NOT_SUPP;
}
#define cc_destroy _cc_destroy
cc_int32 _cc_get_principal (
apiCB* inContext,
ccache_p* inCCache,
char** outPrincipal)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
ccache_p* inCCache,
char** outPrincipal) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_get_principal", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, inCCache, outPrincipal) : CC_NOT_SUPP;
}
#define cc_get_principal _cc_get_principal
cc_int32 _cc_store (
apiCB* inContext,
ccache_p* inCCache,
cred_union inCredentials)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
ccache_p* inCCache,
cred_union inCredentials) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_store", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, inCCache, inCredentials) : CC_NOT_SUPP;
}
#define cc_store _cc_store
cc_int32 _cc_remove_cred (
apiCB* inContext,
ccache_p* inCCache,
cred_union inCredentials)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
ccache_p* inCCache,
cred_union inCredentials) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_remove_cred", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, inCCache, inCredentials) : CC_NOT_SUPP;
}
#define cc_remove_cred _cc_remove_cred
cc_int32 _cc_seq_fetch_creds_begin (
apiCB* inContext,
const ccache_p* inCCache,
ccache_cit** outIterator)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
const ccache_p* inCCache,
ccache_cit** outIterator) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_seq_fetch_creds_begin", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, inCCache, outIterator) : CC_NOT_SUPP;
}
#define cc_seq_fetch_creds_begin _cc_seq_fetch_creds_begin
cc_int32 _cc_seq_fetch_creds_next (
apiCB* inContext,
cred_union** outCreds,
ccache_cit* inIterator)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
cred_union** outCreds,
ccache_cit* inIterator) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_seq_fetch_creds_next", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, outCreds, inIterator) : CC_NOT_SUPP;
}
#define cc_seq_fetch_creds_next _cc_seq_fetch_creds_next
cc_int32 _cc_seq_fetch_creds_end (
apiCB* inContext,
ccache_cit** ioIterator)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
ccache_cit** ioIterator) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_seq_fetch_creds_end", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, ioIterator) : CC_NOT_SUPP;
}
#define cc_seq_fetch_creds_end _cc_seq_fetch_creds_end
cc_int32 _cc_free_principal (
apiCB* inContext,
char** ioPrincipal)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
char** ioPrincipal) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_free_principal", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, ioPrincipal) : CC_NOT_SUPP;
}
#define cc_free_principal _cc_free_principal
cc_int32 _cc_free_creds (
apiCB* inContext,
cred_union** creds)
{
static cc_int32 (*dyfunc)(
apiCB* inContext,
cred_union** creds) = NULL;
if (!dyfunc) {
void *image = __loadKerberos();
if (image) dyfunc = NSAddressOfSymbol(NSLookupSymbolInImage(image, "_cc_free_creds", NSLOOKUPSYMBOLINIMAGE_OPTION_BIND));
}
return dyfunc ? dyfunc(inContext, creds) : CC_NOT_SUPP;
}
#define cc_free_creds _cc_free_creds
More information about the krbdev
mailing list