From 0dfa1a1850c6a51a910c5eae084e2eb51f45f956 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Wed, 21 Oct 2009 00:50:08 +0000 Subject: [PATCH] Increment authdata SPI to V2 (V1 was experimental) to account for additional krbtgt key parameter. This was at Sam's suggestion. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22958 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/krb5/authdata_plugin.h | 6 ++-- src/kdc/kdc_authdata.c | 48 +++++++++++++++--------------- 2 files changed, 27 insertions(+), 27 deletions(-) diff --git a/src/include/krb5/authdata_plugin.h b/src/include/krb5/authdata_plugin.h index 449b7f890..a5c3e5355 100644 --- a/src/include/krb5/authdata_plugin.h +++ b/src/include/krb5/authdata_plugin.h @@ -111,7 +111,7 @@ typedef struct krb5plugin_authdata_server_ftable_v0 { typedef krb5plugin_server_authdata_ftable_v0 krb5plugin_authdata_ftable_v0; -typedef struct krb5plugin_authdata_server_ftable_v1 { +typedef struct krb5plugin_authdata_server_ftable_v2 { /* Not-usually-visible name. */ char *name; @@ -157,9 +157,9 @@ typedef struct krb5plugin_authdata_server_ftable_v1 { krb5_const_principal for_user_princ, krb5_enc_tkt_part *enc_tkt_request, krb5_enc_tkt_part *enc_tkt_reply); -} krb5plugin_authdata_server_ftable_v1; +} krb5plugin_authdata_server_ftable_v2; -typedef krb5plugin_authdata_server_ftable_v1 krb5plugin_authdata_ftable_v1; +typedef krb5plugin_authdata_server_ftable_v2 krb5plugin_authdata_ftable_v2; typedef krb5_error_code (*authdata_client_plugin_init_proc)(krb5_context context, diff --git a/src/kdc/kdc_authdata.c b/src/kdc/kdc_authdata.c index 82f934f57..0950a5bf8 100644 --- a/src/kdc/kdc_authdata.c +++ b/src/kdc/kdc_authdata.c @@ -49,7 +49,7 @@ typedef krb5_error_code (*authdata_proc_0) krb5_data *req_pkt, krb5_kdc_req *request, krb5_enc_tkt_part * enc_tkt_reply); -/* MIT Kerberos 1.7 (V1) authdata plugin callback */ +/* MIT Kerberos 1.8 (V2) authdata plugin callback */ typedef krb5_error_code (*authdata_proc_1) (krb5_context, unsigned int flags, krb5_db_entry *client, krb5_db_entry *server, @@ -100,7 +100,7 @@ typedef struct _krb5_authdata_systems { const char *name; #define AUTHDATA_SYSTEM_UNKNOWN -1 #define AUTHDATA_SYSTEM_V0 0 -#define AUTHDATA_SYSTEM_V1 1 +#define AUTHDATA_SYSTEM_V2 2 int type; #define AUTHDATA_FLAG_CRITICAL 0x1 int flags; @@ -108,26 +108,26 @@ typedef struct _krb5_authdata_systems { init_proc init; fini_proc fini; union { - authdata_proc_1 v1; + authdata_proc_1 v2; authdata_proc_0 v0; } handle_authdata; } krb5_authdata_systems; static krb5_authdata_systems static_authdata_systems[] = { - { "tgs_req", AUTHDATA_SYSTEM_V1, AUTHDATA_FLAG_CRITICAL, NULL, NULL, NULL, { handle_request_authdata } }, - { "tgt", AUTHDATA_SYSTEM_V1, AUTHDATA_FLAG_CRITICAL, NULL, NULL, NULL, { handle_tgt_authdata } }, + { "tgs_req", AUTHDATA_SYSTEM_V2, AUTHDATA_FLAG_CRITICAL, NULL, NULL, NULL, { handle_request_authdata } }, + { "tgt", AUTHDATA_SYSTEM_V2, AUTHDATA_FLAG_CRITICAL, NULL, NULL, NULL, { handle_tgt_authdata } }, }; static krb5_authdata_systems *authdata_systems; static int n_authdata_systems; static struct plugin_dir_handle authdata_plugins; -/* Load both v0 and v1 authdata plugins */ +/* Load both v0 and v2 authdata plugins */ krb5_error_code load_authdata_plugins(krb5_context context) { void **authdata_plugins_ftables_v0 = NULL; - void **authdata_plugins_ftables_v1 = NULL; + void **authdata_plugins_ftables_v2 = NULL; size_t module_count; size_t i, k; init_proc server_init_proc = NULL; @@ -144,12 +144,12 @@ load_authdata_plugins(krb5_context context) /* Get the method tables provided by the loaded plugins. */ authdata_plugins_ftables_v0 = NULL; - authdata_plugins_ftables_v1 = NULL; + authdata_plugins_ftables_v2 = NULL; n_authdata_systems = 0; if (krb5int_get_plugin_dir_data(&authdata_plugins, "authdata_server_1", - &authdata_plugins_ftables_v1, &context->err) != 0 || + &authdata_plugins_ftables_v2, &context->err) != 0 || krb5int_get_plugin_dir_data(&authdata_plugins, "authdata_server_0", &authdata_plugins_ftables_v0, &context->err) != 0) { @@ -160,11 +160,11 @@ load_authdata_plugins(krb5_context context) /* Count the valid modules. */ module_count = 0; - if (authdata_plugins_ftables_v1 != NULL) { - struct krb5plugin_authdata_server_ftable_v1 *ftable; + if (authdata_plugins_ftables_v2 != NULL) { + struct krb5plugin_authdata_server_ftable_v2 *ftable; - for (i = 0; authdata_plugins_ftables_v1[i] != NULL; i++) { - ftable = authdata_plugins_ftables_v1[i]; + for (i = 0; authdata_plugins_ftables_v2[i] != NULL; i++) { + ftable = authdata_plugins_ftables_v2[i]; if (ftable->authdata_proc != NULL) module_count++; } @@ -193,15 +193,15 @@ load_authdata_plugins(krb5_context context) k = 0; - /* Add dynamically loaded V1 plugins */ - if (authdata_plugins_ftables_v1 != NULL) { - struct krb5plugin_authdata_server_ftable_v1 *ftable; + /* Add dynamically loaded V2 plugins */ + if (authdata_plugins_ftables_v2 != NULL) { + struct krb5plugin_authdata_server_ftable_v2 *ftable; - for (i = 0; authdata_plugins_ftables_v1[i] != NULL; i++) { + for (i = 0; authdata_plugins_ftables_v2[i] != NULL; i++) { krb5_error_code initerr; void *pctx = NULL; - ftable = authdata_plugins_ftables_v1[i]; + ftable = authdata_plugins_ftables_v2[i]; if ((ftable->authdata_proc == NULL)) { continue; } @@ -222,10 +222,10 @@ load_authdata_plugins(krb5_context context) } authdata_systems[k].name = ftable->name; - authdata_systems[k].type = AUTHDATA_SYSTEM_V1; + authdata_systems[k].type = AUTHDATA_SYSTEM_V2; authdata_systems[k].init = server_init_proc; authdata_systems[k].fini = ftable->fini_proc; - authdata_systems[k].handle_authdata.v1 = ftable->authdata_proc; + authdata_systems[k].handle_authdata.v2 = ftable->authdata_proc; authdata_systems[k].plugin_context = pctx; k++; } @@ -292,8 +292,8 @@ load_authdata_plugins(krb5_context context) code = 0; cleanup: - if (authdata_plugins_ftables_v1 != NULL) - krb5int_free_plugin_dir_data(authdata_plugins_ftables_v1); + if (authdata_plugins_ftables_v2 != NULL) + krb5int_free_plugin_dir_data(authdata_plugins_ftables_v2); if (authdata_plugins_ftables_v0 != NULL) krb5int_free_plugin_dir_data(authdata_plugins_ftables_v0); @@ -611,8 +611,8 @@ handle_authdata (krb5_context context, code = (*asys->handle_authdata.v0)(context, client, req_pkt, request, enc_tkt_reply); break; - case AUTHDATA_SYSTEM_V1: - code = (*asys->handle_authdata.v1)(context, flags, + case AUTHDATA_SYSTEM_V2: + code = (*asys->handle_authdata.v2)(context, flags, client, server, krbtgt, client_key, server_key, req_pkt, request, for_user_princ, -- 2.26.2