diff options
author | Greg Hudson <ghudson@mit.edu> | 2014-09-29 11:19:08 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2015-06-15 12:47:08 -0400 |
commit | b9820f5b3bfe1347565a39b6f8dce97828e8a2a3 (patch) | |
tree | 8d1f7f0787bfbaae6316fbfae708fb4a34ca7166 | |
parent | 4325964a5d472422cb0a1600676787d7bcfde5d2 (diff) | |
download | krb5-b9820f5b3bfe1347565a39b6f8dce97828e8a2a3.zip krb5-b9820f5b3bfe1347565a39b6f8dce97828e8a2a3.tar.gz krb5-b9820f5b3bfe1347565a39b6f8dce97828e8a2a3.tar.bz2 |
Update test KDC authdata module to new interface
Remove plugins/authdata/greet, which was a v0 KDC module. Modify
plugins/authdata/greet_server to use the new interface. Within
greet_auth.c, remove the unused function greet_kdc_verify. Build the
greet_client and greet_server modules by default, but do not install
them.
-rw-r--r-- | src/Makefile.in | 3 | ||||
-rw-r--r-- | src/configure.in | 1 | ||||
-rw-r--r-- | src/plugins/authdata/greet/Makefile.in | 23 | ||||
-rw-r--r-- | src/plugins/authdata/greet/deps | 6 | ||||
-rw-r--r-- | src/plugins/authdata/greet/greet.exports | 1 | ||||
-rw-r--r-- | src/plugins/authdata/greet/greet_auth.c | 99 | ||||
-rw-r--r-- | src/plugins/authdata/greet_client/Makefile.in | 3 | ||||
-rw-r--r-- | src/plugins/authdata/greet_server/Makefile.in | 3 | ||||
-rw-r--r-- | src/plugins/authdata/greet_server/greet_auth.c | 78 | ||||
-rw-r--r-- | src/plugins/authdata/greet_server/greet_server.exports | 2 |
10 files changed, 21 insertions, 198 deletions
diff --git a/src/Makefile.in b/src/Makefile.in index 65951c5..3c81b22 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -6,7 +6,6 @@ mydir=. # plugins/locate/python # plugins/preauth/wpse # plugins/preauth/cksum_body -# plugins/authdata/greet SUBDIRS=util include lib \ @sam2_plugin@ \ plugins/audit \ @@ -16,6 +15,8 @@ SUBDIRS=util include lib \ plugins/hostrealm/test \ plugins/localauth/test \ plugins/pwqual/test \ + plugins/authdata/greet_server \ + plugins/authdata/greet_client \ plugins/kdb/db2 \ @ldap_plugin_dir@ \ plugins/kdb/test \ diff --git a/src/configure.in b/src/configure.in index f1ba570..13a9b58 100644 --- a/src/configure.in +++ b/src/configure.in @@ -1451,7 +1451,6 @@ dnl ccapi ccapi/lib ccapi/lib/unix ccapi/server ccapi/server/unix ccapi/test plugins/preauth/otp plugins/preauth/securid_sam2 plugins/preauth/wpse - plugins/authdata/greet plugins/authdata/greet_client plugins/authdata/greet_server plugins/tls/k5tls diff --git a/src/plugins/authdata/greet/Makefile.in b/src/plugins/authdata/greet/Makefile.in deleted file mode 100644 index f204e2f..0000000 --- a/src/plugins/authdata/greet/Makefile.in +++ /dev/null @@ -1,23 +0,0 @@ -mydir=plugins$(S)authdata$(S)greet -BUILDTOP=$(REL)..$(S)..$(S).. -MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR) - -LIBBASE=greet -LIBMAJOR=0 -LIBMINOR=0 -#RELDIR=../plugins/preauth/wpse -# Depends on nothing -SHLIB_EXPDEPS = -SHLIB_EXPLIBS= - -STLIBOBJS= greet_auth.o - -SRCS= greet_auth.c - -all-unix:: all-libs -install-unix:: install-libs -clean-unix:: clean-libs clean-libobjs - -@libnover_frag@ -@libobj_frag@ - diff --git a/src/plugins/authdata/greet/deps b/src/plugins/authdata/greet/deps deleted file mode 100644 index ea4b503..0000000 --- a/src/plugins/authdata/greet/deps +++ /dev/null @@ -1,6 +0,0 @@ -# -# Generated makefile dependencies follow. -# -greet_auth.so greet_auth.po $(OUTPRE)greet_auth.$(OBJEXT): \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5/authdata_plugin.h \ - greet_auth.c diff --git a/src/plugins/authdata/greet/greet.exports b/src/plugins/authdata/greet/greet.exports deleted file mode 100644 index 1189eff..0000000 --- a/src/plugins/authdata/greet/greet.exports +++ /dev/null @@ -1 +0,0 @@ -authdata_server_0 diff --git a/src/plugins/authdata/greet/greet_auth.c b/src/plugins/authdata/greet/greet_auth.c deleted file mode 100644 index beac135..0000000 --- a/src/plugins/authdata/greet/greet_auth.c +++ /dev/null @@ -1,99 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* plugins/authdata/greet/greet_auth.c */ -/* - * Copyright 2008 by the Massachusetts Institute of Technology. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* - * - * Sample authorization data plugin - */ - -#include <string.h> -#include <errno.h> -#include <krb5/authdata_plugin.h> - -typedef struct krb5_db_entry krb5_db_entry; - -static krb5_error_code -greet_init(krb5_context ctx, void **blob) -{ - *blob = "hello"; - return 0; -} - -static void -greet_fini(krb5_context ctx, void *blob) -{ -} - -static krb5_error_code -greet_authdata(krb5_context ctx, krb5_db_entry *client, - krb5_data *req_pkt, - krb5_kdc_req *request, - krb5_enc_tkt_part * enc_tkt_reply) -{ -#define GREET_SIZE (20) - - char *p; - krb5_authdata *a; - size_t count; - krb5_authdata **new_ad; - - p = calloc(1, GREET_SIZE); - a = calloc(1, sizeof(*a)); - - if (p == NULL || a == NULL) { - free(p); - free(a); - return ENOMEM; - } - strncpy(p, "hello there", GREET_SIZE-1); - a->magic = KV5M_AUTHDATA; - a->ad_type = -42; - a->length = GREET_SIZE; - a->contents = (unsigned char *)p; - if (enc_tkt_reply->authorization_data == 0) { - count = 0; - } else { - for (count = 0; enc_tkt_reply->authorization_data[count] != 0; count++) - ; - } - new_ad = realloc(enc_tkt_reply->authorization_data, - (count+2) * sizeof(krb5_authdata *)); - if (new_ad == NULL) { - free(p); - free(a); - return ENOMEM; - } - enc_tkt_reply->authorization_data = new_ad; - new_ad[count] = a; - new_ad[count+1] = NULL; - return 0; -} - -krb5plugin_authdata_ftable_v0 authdata_server_0 = { - "greet", - greet_init, - greet_fini, - greet_authdata, -}; diff --git a/src/plugins/authdata/greet_client/Makefile.in b/src/plugins/authdata/greet_client/Makefile.in index 7f7277b..e1af8cc 100644 --- a/src/plugins/authdata/greet_client/Makefile.in +++ b/src/plugins/authdata/greet_client/Makefile.in @@ -1,6 +1,5 @@ mydir=plugins$(S)authdata$(S)greet_client BUILDTOP=$(REL)..$(S)..$(S).. -MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR) LIBBASE=greet_client LIBMAJOR=0 @@ -13,7 +12,7 @@ STLIBOBJS= greet.o SRCS= greet.c all-unix:: all-libs -install-unix:: install-libs +install-unix:: clean-unix:: clean-libs clean-libobjs @libnover_frag@ diff --git a/src/plugins/authdata/greet_server/Makefile.in b/src/plugins/authdata/greet_server/Makefile.in index 598ee1f..a013076 100644 --- a/src/plugins/authdata/greet_server/Makefile.in +++ b/src/plugins/authdata/greet_server/Makefile.in @@ -1,6 +1,5 @@ mydir=plugins$(S)authdata$(S)greet_server BUILDTOP=$(REL)..$(S)..$(S).. -MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR) LIBBASE=greet_server LIBMAJOR=1 @@ -14,7 +13,7 @@ STLIBOBJS= greet_auth.o SRCS= greet_auth.c all-unix:: all-libs -install-unix:: install-libs +install-unix:: clean-unix:: clean-libs clean-libobjs @libnover_frag@ diff --git a/src/plugins/authdata/greet_server/greet_auth.c b/src/plugins/authdata/greet_server/greet_auth.c index 9d8444b..1f1e9de 100644 --- a/src/plugins/authdata/greet_server/greet_auth.c +++ b/src/plugins/authdata/greet_server/greet_auth.c @@ -29,19 +29,7 @@ */ #include <k5-int.h> -#include <krb5/authdata_plugin.h> -#include <kdb.h> - -static krb5_error_code -greet_init(krb5_context ctx, void **blob) -{ - return 0; -} - -static void -greet_fini(krb5_context ctx, void *blob) -{ -} +#include <krb5/kdcauthdata_plugin.h> static krb5_error_code greet_hello(krb5_context context, krb5_data **ret) { @@ -54,49 +42,6 @@ static krb5_error_code greet_hello(krb5_context context, krb5_data **ret) } static krb5_error_code -greet_kdc_verify(krb5_context context, - krb5_enc_tkt_part *enc_tkt_request, - krb5_data **greeting) -{ - krb5_error_code code; - krb5_authdata **tgt_authdata = NULL; - krb5_authdata **kdc_issued = NULL; - krb5_authdata **greet = NULL; - - code = krb5_find_authdata(context, enc_tkt_request->authorization_data, - NULL, KRB5_AUTHDATA_KDC_ISSUED, &tgt_authdata); - if (code != 0 || tgt_authdata == NULL) - return 0; - - code = krb5_verify_authdata_kdc_issued(context, - enc_tkt_request->session, - tgt_authdata[0], - NULL, - &kdc_issued); - if (code != 0) { - krb5_free_authdata(context, tgt_authdata); - return code; - } - - code = krb5_find_authdata(context, kdc_issued, NULL, -42, &greet); - if (code == 0) { - krb5_data tmp; - - tmp.data = (char *)greet[0]->contents; - tmp.length = greet[0]->length; - - code = krb5_copy_data(context, &tmp, greeting); - } else - code = 0; - - krb5_free_authdata(context, tgt_authdata); - krb5_free_authdata(context, kdc_issued); - krb5_free_authdata(context, greet); - - return code; -} - -static krb5_error_code greet_kdc_sign(krb5_context context, krb5_enc_tkt_part *enc_tkt_reply, krb5_const_principal tgs, @@ -149,6 +94,7 @@ greet_kdc_sign(krb5_context context, static krb5_error_code greet_authdata(krb5_context context, + krb5_kdcauthdata_moddata moddata, unsigned int flags, krb5_db_entry *client, krb5_db_entry *server, @@ -179,9 +125,17 @@ greet_authdata(krb5_context context, return code; } -krb5plugin_authdata_server_ftable_v2 authdata_server_2 = { - "greet", - greet_init, - greet_fini, - greet_authdata, -}; +krb5_error_code +kdcauthdata_greet_initvt(krb5_context context, int maj_ver, int min_ver, + krb5_plugin_vtable vtable); + +krb5_error_code +kdcauthdata_greet_initvt(krb5_context context, int maj_ver, int min_ver, + krb5_plugin_vtable vtable) +{ + krb5_kdcauthdata_vtable vt = (krb5_kdcauthdata_vtable)vtable; + + vt->name = "greet"; + vt->handle = greet_authdata; + return 0; +} diff --git a/src/plugins/authdata/greet_server/greet_server.exports b/src/plugins/authdata/greet_server/greet_server.exports index ed34a7f..bddbef1 100644 --- a/src/plugins/authdata/greet_server/greet_server.exports +++ b/src/plugins/authdata/greet_server/greet_server.exports @@ -1 +1 @@ -authdata_server_2 +kdcauthdata_greet_initvt |