Modify kadm5 initializers to accept krb5 contexts

Add krb5_context parameters to all kadm5 initialization functions. This allows extended error information to be retrieved by the caller when an error is returned. ticket: 6547 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22527 dc483132-0cff-0310-8789-dd5450dbe970
author: Greg Hudson <ghudson@mit.edu> 2009-08-17 19:40:48 +0000
committer: Greg Hudson <ghudson@mit.edu> 2009-08-17 19:40:48 +0000
commit: 1b8c72b7ef064eabb37d726e831b4618cb37d2c7 (patch)
tree: 1df8b26a5af064e93ad262ce57801ebff42c80a8 /src/lib/kadm5
parent: f75549596ed93c658805f3df40ca4d9853b28213 (diff)
download: krb5-1b8c72b7ef064eabb37d726e831b4618cb37d2c7.zip
krb5-1b8c72b7ef064eabb37d726e831b4618cb37d2c7.tar.gz
krb5-1b8c72b7ef064eabb37d726e831b4618cb37d2c7.tar.bz2
9 files changed, 65 insertions, 54 deletions
diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h
index 33e2728..9c98a06 100644
--- a/src/lib/kadm5/admin.h
+++ b/src/lib/kadm5/admin.h
@@ -314,14 +314,22 @@ krb5_error_code kadm5_free_realm_params(krb5_context kcontext,
 krb5_error_code kadm5_get_admin_service_name(krb5_context, char *,
 					     char *, size_t);
 
-kadm5_ret_t    kadm5_init(char *client_name, char *pass,
-			  char *service_name,
+/*
+ * For all initialization functions, the caller must first initialize
+ * a context with kadm5_init_krb5_context which will survive as long
+ * as the resulting handle.  The caller should free the context with
+ * krb5_free_context.
+ */
+
+kadm5_ret_t    kadm5_init(krb5_context context, char *client_name,
+			  char *pass, char *service_name,
 			  kadm5_config_params *params,
 			  krb5_ui_4 struct_version,
 			  krb5_ui_4 api_version,
 			  char **db_args,
 			  void **server_handle);
-kadm5_ret_t    kadm5_init_with_password(char *client_name,
+kadm5_ret_t    kadm5_init_with_password(krb5_context context,
+					char *client_name,
 					char *pass, 
 					char *service_name,
 					kadm5_config_params *params,
@@ -329,7 +337,8 @@ kadm5_ret_t    kadm5_init_with_password(char *client_name,
 					krb5_ui_4 api_version,
 					char **db_args,
 					void **server_handle);
-kadm5_ret_t    kadm5_init_with_skey(char *client_name,
+kadm5_ret_t    kadm5_init_with_skey(krb5_context context,
+				    char *client_name,
 				    char *keytab,
 				    char *service_name,
 				    kadm5_config_params *params,
@@ -337,7 +346,8 @@ kadm5_ret_t    kadm5_init_with_skey(char *client_name,
 				    krb5_ui_4 api_version,
 				    char **db_args,
 				    void **server_handle);
-kadm5_ret_t    kadm5_init_with_creds(char *client_name,
+kadm5_ret_t    kadm5_init_with_creds(krb5_context context,
+				     char *client_name,
 				     krb5_ccache cc,
 				     char *service_name,
 				     kadm5_config_params *params,
diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c
index 4ebd1b7..cc48a8c 100644
--- a/src/lib/kadm5/clnt/client_init.c
+++ b/src/lib/kadm5/clnt/client_init.c
@@ -60,7 +60,8 @@
 
 enum init_type { INIT_PASS, INIT_SKEY, INIT_CREDS };
 
-static kadm5_ret_t _kadm5_init_any(char *client_name,
+static kadm5_ret_t _kadm5_init_any(krb5_context context,
+				   char *client_name,
 				   enum init_type init_type,
 				   char *pass,
 				   krb5_ccache ccache_in,
@@ -97,7 +98,8 @@ kadm5_rpc_auth(kadm5_server_handle_t handle,
 	       gss_cred_id_t gss_client_creds,
 	       gss_name_t gss_target);
 
-kadm5_ret_t kadm5_init_with_creds(char *client_name,
+kadm5_ret_t kadm5_init_with_creds(krb5_context context,
+				  char *client_name,
 				  krb5_ccache ccache,
 				  char *service_name,
 				  kadm5_config_params *params,
@@ -106,27 +108,27 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name,
 				  char **db_args,
 				  void **server_handle)
 {
-     return _kadm5_init_any(client_name, INIT_CREDS, NULL, ccache,
+     return _kadm5_init_any(context, client_name, INIT_CREDS, NULL, ccache,
 			    service_name, params,
 			    struct_version, api_version, db_args,
 			    server_handle);
 }
 
 
-kadm5_ret_t kadm5_init_with_password(char *client_name, char *pass,
-				     char *service_name,
+kadm5_ret_t kadm5_init_with_password(krb5_context context, char *client_name,
+				     char *pass, char *service_name,
 				     kadm5_config_params *params,
 				     krb5_ui_4 struct_version,
 				     krb5_ui_4 api_version,
 				     char **db_args,
 				     void **server_handle)
 {
-     return _kadm5_init_any(client_name, INIT_PASS, pass, NULL,
+     return _kadm5_init_any(context, client_name, INIT_PASS, pass, NULL,
 			    service_name, params, struct_version,
 			    api_version, db_args, server_handle);
 }
 
-kadm5_ret_t kadm5_init(char *client_name, char *pass,
+kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
 		       char *service_name, 
 		       kadm5_config_params *params,
 		       krb5_ui_4 struct_version,
@@ -134,25 +136,25 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
 		       char **db_args,
 		       void **server_handle)
 {
-     return _kadm5_init_any(client_name, INIT_PASS, pass, NULL,
+     return _kadm5_init_any(context, client_name, INIT_PASS, pass, NULL,
 			    service_name, params, struct_version,
 			    api_version, db_args, server_handle);
 }
 
-kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
-				 char *service_name,
+kadm5_ret_t kadm5_init_with_skey(krb5_context context, char *client_name,
+				 char *keytab, char *service_name,
 				 kadm5_config_params *params,
 				 krb5_ui_4 struct_version,
 				 krb5_ui_4 api_version,
 				 char **db_args,
 				 void **server_handle)
 {
-     return _kadm5_init_any(client_name, INIT_SKEY, keytab, NULL,
+     return _kadm5_init_any(context, client_name, INIT_SKEY, keytab, NULL,
 			    service_name, params, struct_version,
 			    api_version, db_args, server_handle);
 }
 
-static kadm5_ret_t _kadm5_init_any(char *client_name,
+static kadm5_ret_t _kadm5_init_any(krb5_context context, char *client_name,
 				   enum init_type init_type,
 				   char *pass,
 				   krb5_ccache ccache_in,
@@ -207,7 +209,7 @@ static kadm5_ret_t _kadm5_init_any(char *client_name,
      handle->lhandle->struct_version = KADM5_STRUCT_VERSION;
      handle->lhandle->lhandle = handle->lhandle;
 
-     krb5_init_context(&handle->context);
+     handle->context = context;
 
      if(client_name == NULL) {
 	free(handle);
@@ -258,7 +260,6 @@ static kadm5_ret_t _kadm5_init_any(char *client_name,
 
      if ((code = kadm5_get_config_params(handle->context, 0,
 					 params_in, &handle->params))) {
-	  krb5_free_context(handle->context);
 	  free(handle);
 	  return(code);
      }
@@ -268,7 +269,6 @@ static kadm5_ret_t _kadm5_init_any(char *client_name,
 			 KADM5_CONFIG_KADMIND_PORT) 
 
      if ((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) {
-	  krb5_free_context(handle->context);
 	  free(handle);
 	  return KADM5_MISSING_KRB5_CONF_PARAMS;
      }
@@ -792,7 +792,6 @@ kadm5_destroy(void *server_handle)
           free (handle->lhandle);
 
      kadm5_free_config_params(handle->context, &handle->params);
-     krb5_free_context(handle->context);
 
      handle->magic_number = 0;
      free(handle);
diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c
index e41ecca..47bc22c 100644
--- a/src/lib/kadm5/srv/server_init.c
+++ b/src/lib/kadm5/srv/server_init.c
@@ -90,20 +90,21 @@ static void free_db_args(kadm5_server_handle_t handle)
     }
 }
 
-kadm5_ret_t kadm5_init_with_password(char *client_name, char *pass,
-				     char *service_name,
+kadm5_ret_t kadm5_init_with_password(krb5_context context, char *client_name,
+				     char *pass, char *service_name,
 				     kadm5_config_params *params,
 				     krb5_ui_4 struct_version,
 				     krb5_ui_4 api_version,
 				     char **db_args,
 				     void **server_handle)
 {
-     return kadm5_init(client_name, pass, service_name, params,
+    return kadm5_init(context, client_name, pass, service_name, params,
 		       struct_version, api_version, db_args,
 		       server_handle);
 }
 
-kadm5_ret_t kadm5_init_with_creds(char *client_name,
+kadm5_ret_t kadm5_init_with_creds(krb5_context context,
+				  char *client_name,
 				  krb5_ccache ccache,
 				  char *service_name,
 				  kadm5_config_params *params,
@@ -120,14 +121,14 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name,
      if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
 	 params->mkey_from_kbd)
 	  return KADM5_BAD_SERVER_PARAMS;
-     return kadm5_init(client_name, NULL, service_name, params,
+     return kadm5_init(context, client_name, NULL, service_name, params,
 		       struct_version, api_version, db_args,
 		       server_handle);
 }
 
 
-kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
-				 char *service_name,
+kadm5_ret_t kadm5_init_with_skey(krb5_context context, char *client_name,
+				 char *keytab, char *service_name,
 				 kadm5_config_params *params,
 				 krb5_ui_4 struct_version,
 				 krb5_ui_4 api_version,
@@ -142,12 +143,12 @@ kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
      if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
 	 params->mkey_from_kbd)
 	  return KADM5_BAD_SERVER_PARAMS;
-     return kadm5_init(client_name, NULL, service_name, params,
+     return kadm5_init(context, client_name, NULL, service_name, params,
 		       struct_version, api_version, db_args,
 		       server_handle);
 }
 
-kadm5_ret_t kadm5_init(char *client_name, char *pass,
+kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
 		       char *service_name,
 		       kadm5_config_params *params_in,
 		       krb5_ui_4 struct_version,
@@ -175,12 +176,7 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
 	return ret;
     }
 
-    ret = (int) krb5int_init_context_kdc(&(handle->context));
-    if (ret) {
-	 free_db_args(handle);
-	 free(handle);
-	 return(ret);
-    }
+    handle->context = context;
 
     initialize_ovk_error_table();
 /*     initialize_adb_error_table(); */
@@ -208,7 +204,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
 	 expect to see admin_server being set sometimes.  */
 #define ILLEGAL_PARAMS (KADM5_CONFIG_ADMIN_SERVER)
      if (params_in && (params_in->mask & ILLEGAL_PARAMS)) {
-	  krb5_free_context(handle->context);
 	  free_db_args(handle);
 	  free(handle);
 	  return KADM5_BAD_SERVER_PARAMS;
@@ -218,7 +213,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
      ret = kadm5_get_config_params(handle->context, 1, params_in,
 				       &handle->params);
      if (ret) {
-	  krb5_free_context(handle->context);
 	  free_db_args(handle);
 	  free(handle);
 	  return(ret);
@@ -236,7 +230,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
 			 KADM5_CONFIG_IPROP_PORT)
 
      if ((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) {
-	  krb5_free_context(handle->context);
 	  free_db_args(handle);
 	  free(handle);
 	  return KADM5_MISSING_CONF_PARAMS;
@@ -244,7 +237,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
      if ((handle->params.mask & KADM5_CONFIG_IPROP_ENABLED) == KADM5_CONFIG_IPROP_ENABLED
 	 && handle->params.iprop_enabled) {
 	 if ((handle->params.mask & IPROP_REQUIRED_PARAMS) != IPROP_REQUIRED_PARAMS) {
-	     krb5_free_context(handle->context);
 	     free_db_args(handle);
 	     free(handle);
 	     return KADM5_MISSING_CONF_PARAMS;
@@ -253,7 +245,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
 
      ret = krb5_set_default_realm(handle->context, handle->params.realm);
      if (ret) {
-	  krb5_free_context(handle->context);
 	  free_db_args(handle);
 	  free(handle);
 	  return ret;
@@ -262,7 +253,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
     ret = krb5_db_open(handle->context, db_args,
 		       KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN);
     if (ret) {
-	 krb5_free_context(handle->context);
 	 free_db_args(handle);
 	 free(handle);
 	 return(ret);
@@ -271,7 +261,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
     if ((ret = krb5_parse_name(handle->context, client_name,
 			       &handle->current_caller))) {
 	 krb5_db_fini(handle->context);
-	 krb5_free_context(handle->context);
 	 free_db_args(handle);
 	 free(handle);
 	 return ret;
@@ -279,7 +268,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
 
     if (! (handle->lhandle = malloc(sizeof(*handle)))) {
 	 krb5_db_fini(handle->context);
-	 krb5_free_context(handle->context);
 	 free_db_args(handle);
 	 free(handle);
 	 return ENOMEM;
@@ -302,7 +290,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
 			  && handle->params.mkey_from_kbd);
     if (ret) {
 	krb5_db_fini(handle->context);
-	krb5_free_context(handle->context);
 	free_db_args(handle);
 	free(handle);
 	return ret;
@@ -311,7 +298,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
     ret = kdb_init_hist(handle, handle->params.realm);
     if (ret) {
 	 krb5_db_fini(handle->context);
-	 krb5_free_context(handle->context);
 	 free_db_args(handle);
 	 free(handle);
 	 return ret;
@@ -321,7 +307,6 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
     if (ret) {
 	 krb5_db_fini(handle->context);
 	 krb5_free_principal(handle->context, handle->current_caller);
-	 krb5_free_context(handle->context);
 	 free_db_args(handle);
 	 free(handle);
 	 return ret;
@@ -344,7 +329,6 @@ kadm5_ret_t kadm5_destroy(void *server_handle)
     krb5_db_fini(handle->context);
     krb5_free_principal(handle->context, handle->current_caller);
     kadm5_free_config_params(handle->context, &handle->params);
-    krb5_free_context(handle->context);
     handle->magic_number = 0;
     free(handle->lhandle);
     free_db_args(handle);
diff --git a/src/lib/kadm5/unit-test/destroy-test.c b/src/lib/kadm5/unit-test/destroy-test.c
index 2610060..e9dd25a 100644
--- a/src/lib/kadm5/unit-test/destroy-test.c
+++ b/src/lib/kadm5/unit-test/destroy-test.c
@@ -18,9 +18,15 @@ int main()
      int    x;
      void *server_handle;
      kadm5_server_handle_t handle;
+     krb5_context context;
 
+     ret = kadm5_init_krb5_context(&context);
+     if (ret != 0) {
+	 com_err("test", ret, "context init");
+	 exit(2);
+     }
      for(x = 0; x < TEST_NUM; x++) {
-	ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
+	ret = kadm5_init(context, "admin", "admin", KADM5_ADMIN_SERVICE, 0,
 			 KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
 			 &server_handle);
 	if(ret != KADM5_OK) {
diff --git a/src/lib/kadm5/unit-test/handle-test.c b/src/lib/kadm5/unit-test/handle-test.c
index 231d950..b5bc82f 100644
--- a/src/lib/kadm5/unit-test/handle-test.c
+++ b/src/lib/kadm5/unit-test/handle-test.c
@@ -24,7 +24,7 @@ int main(int argc, char *argv[])
 
     kadm5_init_krb5_context(&context);
      
-    ret = kadm5_init("admin/none", "admin", KADM5_ADMIN_SERVICE, NULL,
+    ret = kadm5_init(context, "admin/none", "admin", KADM5_ADMIN_SERVICE, NULL,
 		     KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
 		     &server_handle);
     if(ret != KADM5_OK) {
diff --git a/src/lib/kadm5/unit-test/init-test.c b/src/lib/kadm5/unit-test/init-test.c
index 8e9ec82..8c7527c 100644
--- a/src/lib/kadm5/unit-test/init-test.c
+++ b/src/lib/kadm5/unit-test/init-test.c
@@ -10,10 +10,16 @@ int main()
      kadm5_ret_t ret;
      void *server_handle;
      kadm5_config_params params;
+     krb5_context context;
 
      memset(&params, 0, sizeof(params));
      params.mask |= KADM5_CONFIG_NO_AUTH;
-     ret = kadm5_init("admin", "admin", NULL, &params,
+     ret = kadm5_init_krb5_context(&context);
+     if (ret != 0) {
+	 com_err("init-test", ret, "while initializing krb5 context");
+	 exit(1);
+     }
+     ret = kadm5_init(context, "admin", "admin", NULL, &params,
 		      KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
 		      &server_handle);
      if (ret == KADM5_RPC_ERROR)
diff --git a/src/lib/kadm5/unit-test/iter-test.c b/src/lib/kadm5/unit-test/iter-test.c
index 3608150..e3e0b74 100644
--- a/src/lib/kadm5/unit-test/iter-test.c
+++ b/src/lib/kadm5/unit-test/iter-test.c
@@ -8,13 +8,19 @@ int main(int argc, char **argv)
      void *server_handle;
      char **names;
      int count, princ, i;
+     krb5_context context;
 
      if (argc != 3) {
 	  fprintf(stderr, "Usage: %s [-princ|-pol] exp\n", argv[0]);
 	  exit(1);
      }
      princ = (strcmp(argv[1], "-princ") == 0);
-     
+
+     ret = kadm5_init_krb5_context(&context);
+     if (ret != KADM5_OK) {
+	 com_err("iter-test", ret, "while initializing context");
+	 exit(1);
+     }
      ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
 		      KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
 		      &server_handle);
diff --git a/src/lib/kadm5/unit-test/randkey-test.c b/src/lib/kadm5/unit-test/randkey-test.c
index 12e9e23..a9c9d98 100644
--- a/src/lib/kadm5/unit-test/randkey-test.c
+++ b/src/lib/kadm5/unit-test/randkey-test.c
@@ -22,7 +22,7 @@ int main()
      kadm5_init_krb5_context(&context);
 
      krb5_parse_name(context, "testuser", &tprinc);
-     ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, NULL,
+     ret = kadm5_init(context, "admin", "admin", KADM5_ADMIN_SERVICE, NULL,
 		      KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
 		      &server_handle);
      if(ret != KADM5_OK) {
diff --git a/src/lib/kadm5/unit-test/setkey-test.c b/src/lib/kadm5/unit-test/setkey-test.c
index b0dcd0e..27bd7b7 100644
--- a/src/lib/kadm5/unit-test/setkey-test.c
+++ b/src/lib/kadm5/unit-test/setkey-test.c
@@ -118,7 +118,7 @@ main(int argc, char **argv)
        exit(1);
   }
 
-  ret = kadm5_init(authprinc, NULL, KADM5_ADMIN_SERVICE, NULL,
+  ret = kadm5_init(context, authprinc, NULL, KADM5_ADMIN_SERVICE, NULL,
 		   KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
 		   &handle);
   if (ret) {
author	Greg Hudson <ghudson@mit.edu>	2009-08-17 19:40:48 +0000
committer	Greg Hudson <ghudson@mit.edu>	2009-08-17 19:40:48 +0000
commit	1b8c72b7ef064eabb37d726e831b4618cb37d2c7 (patch)
tree	1df8b26a5af064e93ad262ce57801ebff42c80a8 /src/lib/kadm5
parent	f75549596ed93c658805f3df40ca4d9853b28213 (diff)
download	krb5-1b8c72b7ef064eabb37d726e831b4618cb37d2c7.zip krb5-1b8c72b7ef064eabb37d726e831b4618cb37d2c7.tar.gz krb5-1b8c72b7ef064eabb37d726e831b4618cb37d2c7.tar.bz2