From: Zhanna Tsitkov Date: Mon, 11 Jan 2010 15:19:42 +0000 (+0000) Subject: Group together the funtions related to the supplying options to preauth plugin modules. X-Git-Tag: krb5-1.9-beta1~383 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=faa810c5b59fa33d9f7db837c5bb88df5436bb30;p=krb5.git Group together the funtions related to the supplying options to preauth plugin modules. Also, removed krb5int_ prefix from the names of some static functions in gic_opt.c.s git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23625 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/krb/Makefile.in b/src/lib/krb5/krb/Makefile.in index 39ccdd0cc..8c2b59fc4 100644 --- a/src/lib/krb5/krb/Makefile.in +++ b/src/lib/krb5/krb/Makefile.in @@ -77,6 +77,7 @@ STLIBOBJS= \ pr_to_salt.o \ preauth.o \ preauth2.o \ + gic_opt_set_pa.o \ princ_comp.o \ rd_cred.o \ rd_error.o \ @@ -175,6 +176,7 @@ OBJS= $(OUTPRE)addr_comp.$(OBJEXT) \ $(OUTPRE)pr_to_salt.$(OBJEXT) \ $(OUTPRE)preauth.$(OBJEXT) \ $(OUTPRE)preauth2.$(OBJEXT) \ + $(OUTPRE)gic_opt_set_pa.$(OBJEXT) \ $(OUTPRE)princ_comp.$(OBJEXT) \ $(OUTPRE)rd_cred.$(OBJEXT) \ $(OUTPRE)rd_error.$(OBJEXT) \ @@ -274,6 +276,7 @@ SRCS= $(srcdir)/addr_comp.c \ $(srcdir)/pr_to_salt.c \ $(srcdir)/preauth.c \ $(srcdir)/preauth2.c \ + $(srcdir)/gic_opt_set_pa.c \ $(srcdir)/princ_comp.c \ $(srcdir)/rd_cred.c \ $(srcdir)/rd_error.c \ diff --git a/src/lib/krb5/krb/gic_opt.c b/src/lib/krb5/krb/gic_opt.c index c94ee3487..ab29740bb 100644 --- a/src/lib/krb5/krb/gic_opt.c +++ b/src/lib/krb5/krb/gic_opt.c @@ -132,7 +132,7 @@ free_gic_opt_ext_preauth_data(krb5_context context, krb5_gic_opt_ext *opte); static krb5_error_code -krb5int_gic_opte_private_alloc(krb5_context context, krb5_gic_opt_ext *opte) +gic_opte_private_alloc(krb5_context context, krb5_gic_opt_ext *opte) { if (NULL == opte || !krb5_gic_opt_is_extended(opte)) return EINVAL; @@ -148,7 +148,7 @@ krb5int_gic_opte_private_alloc(krb5_context context, krb5_gic_opt_ext *opte) } static krb5_error_code -krb5int_gic_opte_private_free(krb5_context context, krb5_gic_opt_ext *opte) +gic_opte_private_free(krb5_context context, krb5_gic_opt_ext *opte) { if (NULL == opte || !krb5_gic_opt_is_extended(opte)) return EINVAL; @@ -164,7 +164,7 @@ krb5int_gic_opte_private_free(krb5_context context, krb5_gic_opt_ext *opte) } static krb5_gic_opt_ext * -krb5int_gic_opte_alloc(krb5_context context) +gic_opte_alloc(krb5_context context) { krb5_gic_opt_ext *opte; krb5_error_code code; @@ -174,10 +174,10 @@ krb5int_gic_opte_alloc(krb5_context context) return NULL; opte->flags = KRB5_GET_INIT_CREDS_OPT_EXTENDED; - code = krb5int_gic_opte_private_alloc(context, opte); + code = gic_opte_private_alloc(context, opte); if (code) { krb5int_set_error(&context->err, code, - "krb5int_gic_opte_alloc: krb5int_gic_opte_private_alloc failed"); + "gic_opte_alloc: gic_opte_private_alloc failed"); free(opte); return NULL; } @@ -197,7 +197,7 @@ krb5_get_init_creds_opt_alloc(krb5_context context, /* * We return a new extended structure cast as a krb5_get_init_creds_opt */ - opte = krb5int_gic_opte_alloc(context); + opte = gic_opte_alloc(context); if (NULL == opte) return ENOMEM; @@ -221,19 +221,19 @@ krb5_get_init_creds_opt_free(krb5_context context, opte = (krb5_gic_opt_ext *)opt; if (opte->opt_private) - krb5int_gic_opte_private_free(context, opte); + gic_opte_private_free(context, opte); free(opte); } static krb5_error_code -krb5int_gic_opte_copy(krb5_context context, +gic_opte_copy(krb5_context context, krb5_get_init_creds_opt *opt, krb5_gic_opt_ext **opte) { krb5_gic_opt_ext *oe; - oe = krb5int_gic_opte_alloc(context); + oe = gic_opte_alloc(context); if (NULL == oe) return ENOMEM; @@ -285,7 +285,7 @@ krb5int_gic_opt_to_opte(krb5_context context, { if (!krb5_gic_opt_is_extended(opt)) { if (force) { - return krb5int_gic_opte_copy(context, opt, opte); + return gic_opte_copy(context, opt, opte); } else { krb5int_set_error(&context->err, EINVAL, "%s: attempt to convert non-extended krb5_get_init_creds_opt", @@ -320,75 +320,6 @@ free_gic_opt_ext_preauth_data(krb5_context context, opte->opt_private->num_preauth_data = 0; } -static krb5_error_code -add_gic_opt_ext_preauth_data(krb5_context context, - krb5_gic_opt_ext *opte, - const char *attr, - const char *value) -{ - size_t newsize; - int i; - krb5_gic_opt_pa_data *newpad; - - newsize = opte->opt_private->num_preauth_data + 1; - newsize = newsize * sizeof(*opte->opt_private->preauth_data); - if (opte->opt_private->preauth_data == NULL) - newpad = malloc(newsize); - else - newpad = realloc(opte->opt_private->preauth_data, newsize); - if (newpad == NULL) - return ENOMEM; - opte->opt_private->preauth_data = newpad; - - i = opte->opt_private->num_preauth_data; - newpad[i].attr = strdup(attr); - if (newpad[i].attr == NULL) - return ENOMEM; - newpad[i].value = strdup(value); - if (newpad[i].value == NULL) { - free(newpad[i].attr); - return ENOMEM; - } - opte->opt_private->num_preauth_data += 1; - return 0; -} - -/* - * This function allows the caller to supply options to preauth - * plugins. Preauth plugin modules are given a chance to look - * at each option at the time this function is called in ordre - * to check the validity of the option. - * The 'opt' pointer supplied to this function must have been - * obtained using krb5_get_init_creds_opt_alloc() - */ -krb5_error_code KRB5_CALLCONV -krb5_get_init_creds_opt_set_pa(krb5_context context, - krb5_get_init_creds_opt *opt, - const char *attr, - const char *value) -{ - krb5_error_code retval; - krb5_gic_opt_ext *opte; - - retval = krb5int_gic_opt_to_opte(context, opt, &opte, 0, - "krb5_get_init_creds_opt_set_pa"); - if (retval) - return retval; - - /* - * Copy the option into the extended get_init_creds_opt structure - */ - retval = add_gic_opt_ext_preauth_data(context, opte, attr, value); - if (retval) - return retval; - - /* - * Give the plugins a chance to look at the option now. - */ - retval = krb5_preauth_supply_preauth_data(context, opte, attr, value); - return retval; -} - /* * This function allows a preauth plugin to obtain preauth * options. The preauth_data returned from this function diff --git a/src/lib/krb5/krb/gic_opt_set_pa.c b/src/lib/krb5/krb/gic_opt_set_pa.c new file mode 100644 index 000000000..ff4cbf62f --- /dev/null +++ b/src/lib/krb5/krb/gic_opt_set_pa.c @@ -0,0 +1,146 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * Copyright 1995, 2003, 2008 by the Massachusetts Institute of Technology. All + * Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * krb5_get_init_creds_opt_set_pa() + * krb5_preauth_supply_preauth_data() + */ + +#include "k5-int.h" +#include "int-proto.h" + +static krb5_error_code +add_gic_opt_ext_preauth_data(krb5_context context, + krb5_gic_opt_ext *opte, + const char *attr, + const char *value) +{ + size_t newsize; + int i; + krb5_gic_opt_pa_data *newpad; + + newsize = opte->opt_private->num_preauth_data + 1; + newsize = newsize * sizeof(*opte->opt_private->preauth_data); + if (opte->opt_private->preauth_data == NULL) + newpad = malloc(newsize); + else + newpad = realloc(opte->opt_private->preauth_data, newsize); + if (newpad == NULL) + return ENOMEM; + opte->opt_private->preauth_data = newpad; + + i = opte->opt_private->num_preauth_data; + newpad[i].attr = strdup(attr); + if (newpad[i].attr == NULL) + return ENOMEM; + newpad[i].value = strdup(value); + if (newpad[i].value == NULL) { + free(newpad[i].attr); + return ENOMEM; + } + opte->opt_private->num_preauth_data += 1; + return 0; +} + +/* + * This function allows the caller to supply options to preauth + * plugins. Preauth plugin modules are given a chance to look + * at each option at the time this function is called in ordre + * to check the validity of the option. + * The 'opt' pointer supplied to this function must have been + * obtained using krb5_get_init_creds_opt_alloc() + */ +krb5_error_code KRB5_CALLCONV +krb5_get_init_creds_opt_set_pa(krb5_context context, + krb5_get_init_creds_opt *opt, + const char *attr, + const char *value) +{ + krb5_error_code retval; + krb5_gic_opt_ext *opte; + + retval = krb5int_gic_opt_to_opte(context, opt, &opte, 0, + "krb5_get_init_creds_opt_set_pa"); + if (retval) + return retval; + + /* + * Copy the option into the extended get_init_creds_opt structure + */ + retval = add_gic_opt_ext_preauth_data(context, opte, attr, value); + if (retval) + return retval; + + /* + * Give the plugins a chance to look at the option now. + */ + retval = krb5_preauth_supply_preauth_data(context, opte, attr, value); + return retval; +} + +/* + * Give all the preauth plugins a look at the preauth option which + * has just been set + */ +krb5_error_code +krb5_preauth_supply_preauth_data(krb5_context context, + krb5_gic_opt_ext *opte, + const char *attr, + const char *value) +{ + krb5_error_code retval = 0; + int i; + void *pctx; + const char *emsg = NULL; + + if (context->preauth_context == NULL) + krb5_init_preauth_context(context); + if (context->preauth_context == NULL) { + retval = EINVAL; + krb5int_set_error(&context->err, retval, + "krb5_preauth_supply_preauth_data: " + "Unable to initialize preauth context"); + return retval; + } + + /* + * Go down the list of preauth modules, and supply them with the + * attribute/value pair. + */ + for (i = 0; i < context->preauth_context->n_modules; i++) { + if (context->preauth_context->modules[i].client_supply_gic_opts == NULL) + continue; + pctx = context->preauth_context->modules[i].plugin_context; + retval = (*context->preauth_context->modules[i].client_supply_gic_opts) + (context, pctx, + (krb5_get_init_creds_opt *)opte, attr, value); + if (retval) { + emsg = krb5_get_error_message(context, retval); + krb5int_set_error(&context->err, retval, "Preauth plugin %s: %s", + context->preauth_context->modules[i].name, emsg); + krb5_free_error_message(context, emsg); + break; + } + } + return retval; +} diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index cf99a29b1..ce8d10536 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -241,52 +241,6 @@ krb5_clear_preauth_context_use_counts(krb5_context context) } } -/* - * Give all the preauth plugins a look at the preauth option which - * has just been set - */ -krb5_error_code -krb5_preauth_supply_preauth_data(krb5_context context, - krb5_gic_opt_ext *opte, - const char *attr, - const char *value) -{ - krb5_error_code retval = 0; - int i; - void *pctx; - const char *emsg = NULL; - - if (context->preauth_context == NULL) - krb5_init_preauth_context(context); - if (context->preauth_context == NULL) { - retval = EINVAL; - krb5int_set_error(&context->err, retval, - "krb5_preauth_supply_preauth_data: " - "Unable to initialize preauth context"); - return retval; - } - - /* - * Go down the list of preauth modules, and supply them with the - * attribute/value pair. - */ - for (i = 0; i < context->preauth_context->n_modules; i++) { - if (context->preauth_context->modules[i].client_supply_gic_opts == NULL) - continue; - pctx = context->preauth_context->modules[i].plugin_context; - retval = (*context->preauth_context->modules[i].client_supply_gic_opts) - (context, pctx, - (krb5_get_init_creds_opt *)opte, attr, value); - if (retval) { - emsg = krb5_get_error_message(context, retval); - krb5int_set_error(&context->err, retval, "Preauth plugin %s: %s", - context->preauth_context->modules[i].name, emsg); - krb5_free_error_message(context, emsg); - break; - } - } - return retval; -} /* Free the per-krb5_context preauth_context. This means clearing any * plugin-specific context which may have been created, and then