diff options
author | Greg Hudson <ghudson@mit.edu> | 2019-06-01 13:37:14 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2019-06-04 02:17:50 -0400 |
commit | dcb853ac32779b173f39e19c0f24b0087de85771 (patch) | |
tree | 5cc271b72ccfce9304f6a604147412aacd042d4c /src/include | |
parent | 0e68760cb8dce4ea25fd73d6eab95bce103b6443 (diff) | |
download | krb5-dcb853ac32779b173f39e19c0f24b0087de85771.zip krb5-dcb853ac32779b173f39e19c0f24b0087de85771.tar.gz krb5-dcb853ac32779b173f39e19c0f24b0087de85771.tar.bz2 |
Simplify and modernize replay cache interface
Remove all of the replay cache methods except for resolve, close, and
store. Rename the dispatch functions to use a k5_ prefix to indicate
that they are not part of the libkrb5 API. Remove the unused code for
registering replay cache types at runtime.
Remove the krb5_donot_replay structure, as the only concrete replay
cache type just needs the authenticator checksum. Identify the
checksum part of the authenticator ciphertext at the dispatch layer.
Handle container allocation at the dispatch layer so that each replay
cache type only needs to work with its data pointer. Remember the
full name at the dispatch layer to implement a get_name operation.
Consolidate what remains of rcfns.c and rc_conv.c into rc_base.c.
Use k5_rc_default() in preference to krb5_get_server_rcache() since
they now do the same thing. Remove the sim_client code to create a
replay cache, as the per-message functions use a memory reply cache
now.
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/k5-int.h | 60 |
1 files changed, 7 insertions, 53 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index a2faa9d..7833d99 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -1960,32 +1960,16 @@ typedef struct _krb5int_access { krb5_error_code KRB5_CALLCONV krb5int_accessor(krb5int_access*, krb5_int32); -typedef struct _krb5_donot_replay { - krb5_magic magic; - krb5_ui_4 hash; - char *server; /* null-terminated */ - char *client; /* null-terminated */ - char *msghash; /* null-terminated */ - krb5_data tag; - krb5_int32 cusec; - krb5_timestamp ctime; -} krb5_donot_replay; - krb5_error_code KRB5_CALLCONV krb5int_cc_user_set_default_name(krb5_context context, const char *name); -krb5_error_code krb5_rc_default(krb5_context, krb5_rcache *); -krb5_error_code krb5_rc_resolve_type(krb5_context, krb5_rcache *, - const char *); -krb5_error_code krb5_rc_resolve_full(krb5_context, krb5_rcache *, - const char *); -char *krb5_rc_get_type(krb5_context, krb5_rcache); -char *krb5_rc_default_type(krb5_context); -char *krb5_rc_default_name(krb5_context); -krb5_error_code krb5_auth_to_rep(krb5_context, krb5_tkt_authent *, - krb5_donot_replay *); -krb5_error_code krb5_rc_hash_message(krb5_context context, - const krb5_data *message, char **out); +krb5_error_code k5_rc_default(krb5_context context, krb5_rcache *rc_out); +krb5_error_code k5_rc_resolve(krb5_context context, const char *name, + krb5_rcache *rc_out); +void k5_rc_close(krb5_context context, krb5_rcache rc); +krb5_error_code k5_rc_store(krb5_context context, krb5_rcache rc, + const krb5_enc_data *authenticator); +const char *k5_rc_get_name(krb5_context context, krb5_rcache rc); /* Set *tag_out to the integrity tag of *enc. (Does not allocate memory; * returned buffer is a subrange of *ctext.) */ @@ -1993,36 +1977,6 @@ krb5_error_code k5_rc_tag_from_ciphertext(krb5_context context, const krb5_enc_data *enc, krb5_data *tag_out); -krb5_error_code KRB5_CALLCONV -krb5_rc_initialize(krb5_context, krb5_rcache, krb5_deltat); - -krb5_error_code KRB5_CALLCONV -krb5_rc_recover_or_initialize(krb5_context, krb5_rcache,krb5_deltat); - -krb5_error_code KRB5_CALLCONV -krb5_rc_recover(krb5_context, krb5_rcache); - -krb5_error_code KRB5_CALLCONV -krb5_rc_destroy(krb5_context, krb5_rcache); - -krb5_error_code KRB5_CALLCONV -krb5_rc_close(krb5_context, krb5_rcache); - -krb5_error_code KRB5_CALLCONV -krb5_rc_store(krb5_context, krb5_rcache, krb5_donot_replay *); - -krb5_error_code KRB5_CALLCONV -krb5_rc_expunge(krb5_context, krb5_rcache); - -krb5_error_code KRB5_CALLCONV -krb5_rc_get_lifespan(krb5_context, krb5_rcache,krb5_deltat *); - -char *KRB5_CALLCONV -krb5_rc_get_name(krb5_context, krb5_rcache); - -krb5_error_code KRB5_CALLCONV -krb5_rc_resolve(krb5_context, krb5_rcache, char *); - /* * This structure was exposed and used in macros in krb5 1.2, so do not * change its ABI. |