diff options
author | Greg Hudson <ghudson@mit.edu> | 2016-05-16 22:54:06 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2016-05-26 11:20:05 -0400 |
commit | 03d34fcfa329fbc2f686a0b34e2731e37f483a34 (patch) | |
tree | e5dcda351a26b5637e6f2299d12d36747a8ea993 /src/plugins | |
parent | 2ac75e548afadde4f87f20fcc1ee1472cdac3fed (diff) | |
download | krb5-03d34fcfa329fbc2f686a0b34e2731e37f483a34.zip krb5-03d34fcfa329fbc2f686a0b34e2731e37f483a34.tar.gz krb5-03d34fcfa329fbc2f686a0b34e2731e37f483a34.tar.bz2 |
Use library malloc for principal, policy entries
Alter the KDB module contract to require that KDB modules use an
allocator compatible with the malloc() seen by libkrb5 and libkdb5.
Change krb5_db_alloc() and krb5_db_free() to provide access to this
allocator. Remove free_principal, free_policy, alloc, and free from
the KDB interface and from all in-tree KDB modules.
ticket: 8414 (new)
Diffstat (limited to 'src/plugins')
-rw-r--r-- | src/plugins/kdb/db2/db2_exp.c | 11 | ||||
-rw-r--r-- | src/plugins/kdb/db2/kdb_db2.c | 23 | ||||
-rw-r--r-- | src/plugins/kdb/db2/kdb_db2.h | 4 | ||||
-rw-r--r-- | src/plugins/kdb/db2/kdb_xdr.c | 35 | ||||
-rw-r--r-- | src/plugins/kdb/db2/lockout.c | 2 | ||||
-rw-r--r-- | src/plugins/kdb/ldap/ldap_exp.c | 4 | ||||
-rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c | 13 | ||||
-rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h | 2 | ||||
-rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c | 2 | ||||
-rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c | 17 | ||||
-rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.h | 3 | ||||
-rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports | 4 | ||||
-rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/lockout.c | 2 | ||||
-rw-r--r-- | src/plugins/kdb/test/kdb_test.c | 46 |
14 files changed, 10 insertions, 158 deletions
diff --git a/src/plugins/kdb/db2/db2_exp.c b/src/plugins/kdb/db2/db2_exp.c index a666123..1a41481 100644 --- a/src/plugins/kdb/db2/db2_exp.c +++ b/src/plugins/kdb/db2/db2_exp.c @@ -117,10 +117,6 @@ WRAP_K (krb5_db2_get_principal, unsigned int f, krb5_db_entry **d), (ctx, p, f, d)); -WRAP_VOID (krb5_db2_free_principal, - (krb5_context ctx, - krb5_db_entry *d), - (ctx, d)); WRAP_K (krb5_db2_put_principal, (krb5_context ctx, krb5_db_entry *d, @@ -158,9 +154,6 @@ WRAP_K (krb5_db2_iter_policy, WRAP_K (krb5_db2_delete_policy, ( krb5_context kcontext, char *policy ), (kcontext, policy)); -WRAP_VOID (krb5_db2_free_policy, - ( krb5_context kcontext, osa_policy_ent_t entry ), - (kcontext, entry)); WRAP_K (krb5_db2_promote_db, ( krb5_context kcontext, char *conf_section, char **db_args ), @@ -215,7 +208,6 @@ kdb_vftabl PLUGIN_SYMBOL_NAME(krb5_db2, kdb_function_table) = { /* lock */ wrap_krb5_db2_lock, /* unlock */ wrap_krb5_db2_unlock, /* get_principal */ wrap_krb5_db2_get_principal, - /* free_principal */ wrap_krb5_db2_free_principal, /* put_principal */ wrap_krb5_db2_put_principal, /* delete_principal */ wrap_krb5_db2_delete_principal, /* rename_principal */ NULL, @@ -225,9 +217,6 @@ kdb_vftabl PLUGIN_SYMBOL_NAME(krb5_db2, kdb_function_table) = { /* put_policy */ wrap_krb5_db2_put_policy, /* iter_policy */ wrap_krb5_db2_iter_policy, /* delete_policy */ wrap_krb5_db2_delete_policy, - /* free_policy */ wrap_krb5_db2_free_policy, - /* alloc */ krb5_db2_alloc, - /* free */ krb5_db2_free, /* blah blah blah */ 0,0,0,0,0, /* promote_db */ wrap_krb5_db2_promote_db, 0, 0, 0, 0, diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c index 09d96d5..84dadc3 100644 --- a/src/plugins/kdb/db2/kdb_db2.c +++ b/src/plugins/kdb/db2/kdb_db2.c @@ -802,13 +802,6 @@ cleanup: return retval; } -/* Free an entry returned by krb5_db2_get_principal. */ -void -krb5_db2_free_principal(krb5_context context, krb5_db_entry *entry) -{ - krb5_dbe_free(context, entry); -} - krb5_error_code krb5_db2_put_principal(krb5_context context, krb5_db_entry *entry, char **db_args) @@ -912,7 +905,7 @@ krb5_db2_delete_principal(krb5_context context, krb5_const_principal searchfor) } retval = krb5_encode_princ_entry(context, &contdata, entry); - krb5_dbe_free(context, entry); + krb5_db_free_principal(context, entry); if (retval) goto cleankey; @@ -1074,7 +1067,7 @@ curs_run_cb(iter_curs *curs, ctx_iterate_cb func, krb5_pointer func_arg) k5_mutex_unlock(krb5_db2_mutex); retval = (*func)(func_arg, entry); - krb5_dbe_free(ctx, entry); + krb5_db_free_principal(ctx, entry); k5_mutex_lock(krb5_db2_mutex); if (dbc->unlockiter) { lockerr = curs_lock(curs); @@ -1256,18 +1249,6 @@ cleanup: return status; } -void * -krb5_db2_alloc(krb5_context context, void *ptr, size_t size) -{ - return realloc(ptr, size); -} - -void -krb5_db2_free(krb5_context context, void *ptr) -{ - free(ptr); -} - /* policy functions */ krb5_error_code krb5_db2_create_policy(krb5_context context, osa_policy_ent_t policy) diff --git a/src/plugins/kdb/db2/kdb_db2.h b/src/plugins/kdb/db2/kdb_db2.h index 2db74ce..b1b50c8 100644 --- a/src/plugins/kdb/db2/kdb_db2.h +++ b/src/plugins/kdb/db2/kdb_db2.h @@ -55,7 +55,6 @@ krb5_error_code krb5_db2_fini(krb5_context); krb5_error_code krb5_db2_get_age(krb5_context, char *, time_t *); krb5_error_code krb5_db2_get_principal(krb5_context, krb5_const_principal, unsigned int, krb5_db_entry **); -void krb5_db2_free_principal(krb5_context, krb5_db_entry *); krb5_error_code krb5_db2_put_principal(krb5_context, krb5_db_entry *, char **db_args); krb5_error_code krb5_db2_iterate(krb5_context, char *, @@ -93,8 +92,6 @@ krb5_error_code krb5_db2_destroy(krb5_context kcontext, char *conf_section, char **db_args); const char *krb5_db2_err2str(krb5_context kcontext, long err_code); -void *krb5_db2_alloc(krb5_context kcontext, void *ptr, size_t size); -void krb5_db2_free(krb5_context kcontext, void *ptr); /* policy management functions */ @@ -113,7 +110,6 @@ krb5_error_code krb5_db2_iter_policy(krb5_context kcontext, char *match_entry, krb5_error_code krb5_db2_delete_policy(krb5_context kcontext, char *policy); -void krb5_db2_free_policy(krb5_context kcontext, osa_policy_ent_t entry); /* Thread-safety wrapper slapped on top of original implementation. */ extern k5_mutex_t *krb5_db2_mutex; diff --git a/src/plugins/kdb/db2/kdb_xdr.c b/src/plugins/kdb/db2/kdb_xdr.c index b587f8e..c9f5f04 100644 --- a/src/plugins/kdb/db2/kdb_xdr.c +++ b/src/plugins/kdb/db2/kdb_xdr.c @@ -427,39 +427,6 @@ krb5_decode_princ_entry(krb5_context context, krb5_data *content, return 0; error_out: - krb5_dbe_free(context, entry); + krb5_db_free_principal(context, entry); return retval; } - -void -krb5_dbe_free(krb5_context context, krb5_db_entry *entry) -{ - krb5_tl_data * tl_data_next; - krb5_tl_data * tl_data; - int i, j; - - if (entry == NULL) - return; - free(entry->e_data); - krb5_free_principal(context, entry->princ); - for (tl_data = entry->tl_data; tl_data; tl_data = tl_data_next) { - tl_data_next = tl_data->tl_data_next; - free(tl_data->tl_data_contents); - free(tl_data); - } - if (entry->key_data) { - for (i = 0; i < entry->n_key_data; i++) { - for (j = 0; j < entry->key_data[i].key_data_ver; j++) { - if (entry->key_data[i].key_data_length[j]) { - zapfree(entry->key_data[i].key_data_contents[j], - entry->key_data[i].key_data_length[j]); - } - entry->key_data[i].key_data_contents[j] = NULL; - entry->key_data[i].key_data_length[j] = 0; - entry->key_data[i].key_data_type[j] = 0; - } - } - free(entry->key_data); - } - free(entry); -} diff --git a/src/plugins/kdb/db2/lockout.c b/src/plugins/kdb/db2/lockout.c index ba54212..7d151b5 100644 --- a/src/plugins/kdb/db2/lockout.c +++ b/src/plugins/kdb/db2/lockout.c @@ -75,7 +75,7 @@ lookup_lockout_policy(krb5_context context, *pw_max_fail = policy->pw_max_fail; *pw_failcnt_interval = policy->pw_failcnt_interval; *pw_lockout_duration = policy->pw_lockout_duration; - krb5_db2_free_policy(context, policy); + krb5_db_free_policy(context, policy); } } diff --git a/src/plugins/kdb/ldap/ldap_exp.c b/src/plugins/kdb/ldap/ldap_exp.c index d524941..1d7cd14 100644 --- a/src/plugins/kdb/ldap/ldap_exp.c +++ b/src/plugins/kdb/ldap/ldap_exp.c @@ -58,7 +58,6 @@ kdb_vftabl PLUGIN_SYMBOL_NAME(krb5_ldap, kdb_function_table) = { /* lock */ krb5_ldap_lock, /* unlock */ krb5_ldap_unlock, /* get_principal */ krb5_ldap_get_principal, - /* free_principal */ krb5_ldap_free_principal, /* put_principal */ krb5_ldap_put_principal, /* delete_principal */ krb5_ldap_delete_principal, /* rename_principal */ krb5_ldap_rename_principal, @@ -68,9 +67,6 @@ kdb_vftabl PLUGIN_SYMBOL_NAME(krb5_ldap, kdb_function_table) = { /* put_policy */ krb5_ldap_put_password_policy, /* iter_policy */ krb5_ldap_iterate_password_policy, /* delete_policy */ krb5_ldap_delete_password_policy, - /* free_policy */ krb5_ldap_free_password_policy, - /* alloc */ krb5_ldap_alloc, - /* free */ krb5_ldap_free, /* optional functions */ /* fetch_master_key */ NULL /* krb5_ldap_fetch_mkey */, /* fetch_master_key_list */ NULL, diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c index 56839ff..00c2c88 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c @@ -128,15 +128,6 @@ krb5_dbe_free_contents(krb5_context context, krb5_db_entry *entry) } -void -krb5_ldap_free_principal(krb5_context kcontext, krb5_db_entry *entry) -{ - if (entry == NULL) - return; - krb5_dbe_free_contents(kcontext, entry); - free(entry); -} - krb5_error_code krb5_ldap_iterate(krb5_context context, char *match_expr, krb5_error_code (*func)(krb5_pointer, krb5_db_entry *), @@ -345,7 +336,7 @@ cleanup: if (DN) free (DN); - krb5_ldap_free_principal(context, entry); + krb5_db_free_principal(context, entry); ldap_mods_free(mods, 1); krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle); @@ -563,7 +554,7 @@ cleanup: free(dn); free(suser); free(tuser); - krb5_ldap_free_principal(context, entry); + krb5_db_free_principal(context, entry); ldap_mods_free(mods, 1); krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle); return st; diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h index 752f54f..a3f3c3c 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h @@ -108,8 +108,6 @@ krb5_ldap_delete_principal(krb5_context, krb5_const_principal); krb5_error_code krb5_ldap_rename_principal(krb5_context context, krb5_const_principal source, krb5_const_principal target); -void -krb5_ldap_free_principal(krb5_context, krb5_db_entry *); krb5_error_code krb5_ldap_iterate(krb5_context, char *, diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c index 74bc361..7deafb1 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c @@ -224,7 +224,7 @@ krb5_ldap_get_principal(krb5_context context, krb5_const_principal searchfor, cleanup: ldap_msgfree(result); - krb5_ldap_free_principal(context, entry); + krb5_db_free_principal(context, entry); if (filter) free (filter); diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c index 6779f51..838583a 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c @@ -324,7 +324,7 @@ cleanup: ldap_msgfree(result); if (st != 0) { if (*policy != NULL) { - krb5_ldap_free_password_policy(context, *policy); + krb5_db_free_policy(context, *policy); *policy = NULL; } } @@ -453,7 +453,7 @@ krb5_ldap_iterate_password_policy(krb5_context context, char *match_expr, goto cleanup; (*func)(func_arg, entry); - krb5_ldap_free_password_policy(context, entry); + krb5_db_free_policy(context, entry); entry = NULL; free(policy); @@ -467,16 +467,3 @@ cleanup: krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle); return st; } - -void -krb5_ldap_free_password_policy (context, entry) - krb5_context context; - osa_policy_ent_t entry; -{ - if (entry) { - free(entry->name); - free(entry->allowed_keysalts); - free(entry); - } - return; -} diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.h b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.h index 39e46cc..81c5659 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.h +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.h @@ -48,7 +48,4 @@ krb5_ldap_iterate_password_policy(krb5_context, char *, void (*)(krb5_pointer, osa_policy_ent_t), krb5_pointer); -void -krb5_ldap_free_password_policy(krb5_context kcontext, osa_policy_ent_t entry); - #endif diff --git a/src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports b/src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports index 9d1db88..2342f1d 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports +++ b/src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports @@ -10,7 +10,6 @@ krb5_ldap_put_principal krb5_ldap_get_principal krb5_ldap_delete_principal krb5_ldap_rename_principal -krb5_ldap_free_principal krb5_ldap_iterate krb5_ldap_read_krbcontainer_dn krb5_ldap_list_realm @@ -30,13 +29,10 @@ krb5_ldap_create_password_policy krb5_ldap_put_password_policy krb5_ldap_get_password_policy krb5_ldap_delete_password_policy -krb5_ldap_free_password_policy krb5_ldap_iterate_password_policy krb5_dbe_free_contents krb5_ldap_free_server_params krb5_ldap_free_server_context_params -krb5_ldap_alloc -krb5_ldap_free krb5_ldap_delete_realm_1 krb5_ldap_lock krb5_ldap_unlock diff --git a/src/plugins/kdb/ldap/libkdb_ldap/lockout.c b/src/plugins/kdb/ldap/libkdb_ldap/lockout.c index 5a225d4..0fc56c2 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/lockout.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/lockout.c @@ -71,7 +71,7 @@ lookup_lockout_policy(krb5_context context, *pw_failcnt_interval = policy->pw_failcnt_interval; *pw_lockout_duration = policy->pw_lockout_duration; } - krb5_ldap_free_password_policy(context, policy); + krb5_db_free_policy(context, policy); } xdrmem_create(&xdrs, NULL, 0, XDR_FREE); diff --git a/src/plugins/kdb/test/kdb_test.c b/src/plugins/kdb/test/kdb_test.c index d8c2c54..01f17b6 100644 --- a/src/plugins/kdb/test/kdb_test.c +++ b/src/plugins/kdb/test/kdb_test.c @@ -393,48 +393,6 @@ cleanup: return ret; } -static void -test_free_principal(krb5_context context, krb5_db_entry *entry) -{ - krb5_tl_data *tl, *next; - int i, j; - - if (entry == NULL) - return; - free(entry->e_data); - krb5_free_principal(context, entry->princ); - for (tl = entry->tl_data; tl != NULL; tl = next) { - next = tl->tl_data_next; - free(tl->tl_data_contents); - free(tl); - } - for (i = 0; i < entry->n_key_data; i++) { - for (j = 0; j < entry->key_data[i].key_data_ver; j++) { - if (entry->key_data[i].key_data_length[j]) { - zapfree(entry->key_data[i].key_data_contents[j], - entry->key_data[i].key_data_length[j]); - } - entry->key_data[i].key_data_contents[j] = NULL; - entry->key_data[i].key_data_length[j] = 0; - entry->key_data[i].key_data_type[j] = 0; - } - } - free(entry->key_data); - free(entry); -} - -static void * -test_alloc(krb5_context context, void *ptr, size_t size) -{ - return realloc(ptr, size); -} - -static void -test_free(krb5_context context, void *ptr) -{ - free(ptr); -} - static krb5_error_code test_fetch_master_key(krb5_context context, krb5_principal mname, krb5_keyblock *key_out, krb5_kvno *kvno_out, @@ -556,7 +514,6 @@ kdb_vftabl PLUGIN_SYMBOL_NAME(krb5_test, kdb_function_table) = { NULL, /* lock */ NULL, /* unlock */ test_get_principal, - test_free_principal, NULL, /* put_principal */ NULL, /* delete_principal */ NULL, /* rename_principal */ @@ -566,9 +523,6 @@ kdb_vftabl PLUGIN_SYMBOL_NAME(krb5_test, kdb_function_table) = { NULL, /* put_policy */ NULL, /* iter_policy */ NULL, /* delete_policy */ - NULL, /* free_policy */ - test_alloc, - test_free, test_fetch_master_key, test_fetch_master_key_list, NULL, /* store_master_key_list */ |