From: Greg Hudson Date: Tue, 15 Nov 2011 02:42:58 +0000 (+0000) Subject: Make verto context available to kdcpreauth modules X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=cd7796cf4dfdcbd63b021624cb6345347ae59c8b;p=krb5.git Make verto context available to kdcpreauth modules Add an event_context callback to kdcpreauth. Adjust the internal KDC and main loop interfaces to pass around the event context, and expose it to kdcpreauth modules via the rock. ticket: 7019 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25475 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/krb5/preauth_plugin.h b/src/include/krb5/preauth_plugin.h index cbc57f147..7506b011b 100644 --- a/src/include/krb5/preauth_plugin.h +++ b/src/include/krb5/preauth_plugin.h @@ -377,6 +377,11 @@ typedef struct krb5_kdcpreauth_callbacks_st { * avoid a dependency on a libkdb5 type). */ void *(*client_entry)(krb5_context context, krb5_kdcpreauth_rock rock); + /* Get a pointer to the verto context an asynchronous plugin should + * use to create events in the edata or verify method. */ + struct verto_ctx *(*event_context)(krb5_context context, + krb5_kdcpreauth_rock rock); + /* End of version 1 kdcpreauth callbacks. */ } *krb5_kdcpreauth_callbacks; diff --git a/src/include/net-server.h b/src/include/net-server.h index e84bdac24..43310ceb0 100644 --- a/src/include/net-server.h +++ b/src/include/net-server.h @@ -68,7 +68,7 @@ typedef void (*loop_respond_fn)(void *arg, krb5_error_code code, krb5_data *response); void dispatch(void *handle, struct sockaddr *local_addr, const krb5_fulladdr *remote_addr, krb5_data *request, - int is_tcp, loop_respond_fn respond, void *arg); + int is_tcp, verto_ctx *vctx, loop_respond_fn respond, void *arg); krb5_error_code make_toolong_error (void *handle, krb5_data **); /* diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c index 8e38cfd04..d2df5db73 100644 --- a/src/kadmin/server/schpw.c +++ b/src/kadmin/server/schpw.c @@ -442,7 +442,7 @@ bailout: void dispatch(void *handle, struct sockaddr *local_saddr, const krb5_fulladdr *remote_faddr, krb5_data *request, int is_tcp, - loop_respond_fn respond, void *arg) + verto_ctx *vctx, loop_respond_fn respond, void *arg) { krb5_error_code ret; krb5_keytab kt = NULL; diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c index 1398a33b6..b4c02f324 100644 --- a/src/kdc/dispatch.c +++ b/src/kdc/dispatch.c @@ -81,8 +81,9 @@ finish_dispatch(void *arg, krb5_error_code code, krb5_data *response) } void -dispatch(void *cb, struct sockaddr *local_saddr, const krb5_fulladdr *from, - krb5_data *pkt, int is_tcp, loop_respond_fn respond, void *arg) +dispatch(void *cb, struct sockaddr *local_saddr, + const krb5_fulladdr *from, krb5_data *pkt, int is_tcp, + verto_ctx *vctx, loop_respond_fn respond, void *arg) { krb5_error_code retval; krb5_kdc_req *as_req; @@ -166,7 +167,8 @@ dispatch(void *cb, struct sockaddr *local_saddr, const krb5_fulladdr *from, * process_as_req frees the request if it is called */ if (!(retval = setup_server_realm(as_req->server))) { - process_as_req(as_req, pkt, from, finish_dispatch, state); + process_as_req(as_req, pkt, from, vctx, finish_dispatch, + state); return; } else diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index a9f31fbea..61d088eb6 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -452,7 +452,8 @@ finish_preauth(void *arg, krb5_error_code code) /*ARGSUSED*/ void process_as_req(krb5_kdc_req *request, krb5_data *req_pkt, - const krb5_fulladdr *from, loop_respond_fn respond, void *arg) + const krb5_fulladdr *from, verto_ctx *vctx, + loop_respond_fn respond, void *arg) { krb5_error_code errcode; krb5_timestamp rtime; @@ -512,6 +513,7 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt, state->rock.request = state->request; state->rock.inner_body = state->inner_body; state->rock.rstate = state->rstate; + state->rock.vctx = vctx; if (!state->request->client) { state->status = "NULL_CLIENT"; errcode = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c index 4c5ef88de..31c2e144c 100644 --- a/src/kdc/kdc_preauth.c +++ b/src/kdc/kdc_preauth.c @@ -574,6 +574,12 @@ client_entry(krb5_context context, krb5_kdcpreauth_rock rock) return rock->client; } +static verto_ctx * +event_context(krb5_context context, krb5_kdcpreauth_rock rock) +{ + return rock->vctx; +} + static struct krb5_kdcpreauth_callbacks_st callbacks = { 1, max_time_skew, @@ -583,7 +589,8 @@ static struct krb5_kdcpreauth_callbacks_st callbacks = { fast_armor, get_string, free_string, - client_entry + client_entry, + event_context }; static krb5_error_code diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h index 9e123ee8e..e80ce106f 100644 --- a/src/kdc/kdc_util.h +++ b/src/kdc/kdc_util.h @@ -117,7 +117,7 @@ rep_etypes2str(char *s, size_t len, krb5_kdc_rep *rep); void process_as_req (krb5_kdc_req *, krb5_data *, const krb5_fulladdr *, - loop_respond_fn, void *); + verto_ctx *, loop_respond_fn, void *); /* do_tgs_req.c */ krb5_error_code @@ -131,6 +131,7 @@ dispatch (void *, const krb5_fulladdr *, krb5_data *, int, + verto_ctx *, loop_respond_fn, void *); @@ -164,9 +165,9 @@ missing_required_preauth (krb5_db_entry *client, krb5_enc_tkt_part *enc_tkt_reply); typedef void (*kdc_hint_respond_fn)(void *arg); void -get_preauth_hint_list(krb5_kdc_req *request, krb5_kdcpreauth_rock rock, - krb5_pa_data ***e_data_out, kdc_hint_respond_fn respond, - void *arg); +get_preauth_hint_list(krb5_kdc_req *request, + krb5_kdcpreauth_rock rock, krb5_pa_data ***e_data_out, + kdc_hint_respond_fn respond, void *arg); void load_preauth_plugins(krb5_context context); void @@ -396,6 +397,7 @@ struct krb5_kdcpreauth_rock_st { krb5_db_entry *client; krb5_key_data *client_key; struct kdc_request_state *rstate; + verto_ctx *vctx; }; #define isflagset(flagfield, flag) (flagfield & (flag)) diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c index 9df909fac..43be27c95 100644 --- a/src/lib/apputils/net-server.c +++ b/src/lib/apputils/net-server.c @@ -1665,7 +1665,7 @@ process_packet(verto_ctx *ctx, verto_ev *ev) init_addr(&state->faddr, ss2sa(&state->saddr)); /* This address is in net order. */ dispatch(state->handle, ss2sa(&state->daddr), &state->faddr, - &state->request, 0, process_packet_response, state); + &state->request, 0, ctx, process_packet_response, state); } static int @@ -1936,7 +1936,7 @@ process_tcp_connection_read(verto_ctx *ctx, verto_ev *ev) local_saddrp = ss2sa(&state->local_saddr); dispatch(state->conn->handle, local_saddrp, &conn->faddr, - &state->request, 1, process_tcp_response, state); + &state->request, 1, ctx, process_tcp_response, state); } return;