From: Kevin Coffman Date: Mon, 13 Nov 2006 22:51:23 +0000 (+0000) Subject: correct client preauth plugin request_context X-Git-Tag: krb5-1.7-alpha1~1455 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=2aa0ac015abb18cd1ba1237f3d3027197127d558;p=krb5.git correct client preauth plugin request_context Correctly share the same request_context between all modules within a single client preauth plugin. ticket: new Component: krb5-libs Target_Version: 1.6 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18800 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 13109e291..6568ab132 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -914,10 +914,14 @@ typedef struct _krb5_preauth_context { void **request_context); void (*client_req_fini)(krb5_context context, void *plugin_context, void *request_context); - /* The per-pa_type context which the client_process() function + /* The per-request context which the client_req_init() function * might allocate, which we'll need to clean up later by - * calling the client_cleanup() function. */ + * calling the client_req_fini() function. */ void *request_context; + /* A pointer to the request_context pointer. All modules within + * a plugin will point at the request_context of the first + * module within the plugin. */ + void **request_context_pp; } *modules; } krb5_preauth_context; diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index b2a513e20..c7c083fe3 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -73,6 +73,7 @@ krb5_init_preauth_context(krb5_context kcontext) krb5_preauth_context *context = NULL; void *plugin_context; krb5_preauthtype pa_type; + void **rcpp; /* Only do this once for each krb5_context */ if (kcontext->preauth_context != NULL) @@ -143,7 +144,8 @@ krb5_init_preauth_context(krb5_context kcontext) continue; } - for (j = 0; table->pa_type_list[j] > 0; j++) { + rcpp = NULL; + for (j = 0; table->pa_type_list[j] > 0; j++) { pa_type = table->pa_type_list[j]; context->modules[k].pa_type = pa_type; context->modules[k].enctypes = table->enctype_list; @@ -159,15 +161,24 @@ krb5_init_preauth_context(krb5_context kcontext) context->modules[k].use_count = 0; context->modules[k].client_process = table->process; context->modules[k].client_tryagain = table->tryagain; - /* Only call request_init and request_fini once per plugin */ + context->modules[k].request_context = NULL; + /* + * Only call request_init and request_fini once per plugin. + * Only the first module within each plugin will ever + * have request_context filled in. Every module within + * the plugin will have its request_context_pp pointing + * to that entry's request_context. That way all the + * modules within the plugin share the same request_context + */ if (j == 0) { context->modules[k].client_req_init = table->request_init; context->modules[k].client_req_fini = table->request_fini; + rcpp = &context->modules[k].request_context; } else { context->modules[k].client_req_init = NULL; context->modules[k].client_req_fini = NULL; } - context->modules[k].request_context = NULL; + context->modules[k].request_context_pp = rcpp; #ifdef DEBUG fprintf (stderr, "init module \"%s\", pa_type %d, flag %d\n", context->modules[k].name, @@ -239,7 +250,7 @@ krb5_preauth_request_context_init(krb5_context context) for (i = 0; i < context->preauth_context->n_modules; i++) { pctx = context->preauth_context->modules[i].plugin_context; if (context->preauth_context->modules[i].client_req_init != NULL) { - rctx = &context->preauth_context->modules[i].request_context; + rctx = context->preauth_context->modules[i].request_context_pp; (*context->preauth_context->modules[i].client_req_init) (context, pctx, rctx); } } @@ -473,7 +484,7 @@ krb5_run_preauth_plugins(krb5_context kcontext, #endif ret = module->client_process(kcontext, module->plugin_context, - module->request_context, + *module->request_context_pp, client_data_proc, get_data_rock, request, @@ -1314,7 +1325,7 @@ krb5_do_preauth_tryagain(krb5_context kcontext, } if ((*module->client_tryagain)(kcontext, module->plugin_context, - module->request_context, + *module->request_context_pp, client_data_proc, get_data_rock, request,