From 41c912b326a4b88b548a6897fd9efe11f71ebfad Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Fri, 2 Jul 2010 03:23:21 +0000 Subject: [PATCH] DAL improvements Add KRB5_KDB_API_VERSION to allow callers to adjust to incompatible changes in libkdb; to be kept in sync with the libkdb major version, which is bumped to 5 in anticipation of other changes. Add KRB5_KDB_DAL_VERSION to allow database modules to detect when they are mismatched with the KDB version. Since KDB modules are often developed concurrently with trunk code, this is defined to be the date of the last incompatible DAL change. The DAL version is passed to the init_library DAL function; the module should check it against the value of KRB5_KDB_DAL_VERSION it was compiled with and return KRB5_KDB_DBTYPE_MISMATCH if it doesn't match. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24157 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/kdb.h | 13 ++++++++++++- src/lib/kdb/Makefile.in | 3 ++- src/lib/kdb/kdb5.c | 4 ++-- src/lib/krb5/error_tables/kdb5_err.et | 1 + src/plugins/kdb/db2/db2_exp.c | 5 ++++- src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h | 2 +- src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c | 5 +++-- 7 files changed, 25 insertions(+), 8 deletions(-) diff --git a/src/include/kdb.h b/src/include/kdb.h index 5225a12e5..6248725a6 100644 --- a/src/include/kdb.h +++ b/src/include/kdb.h @@ -72,6 +72,10 @@ #include +/* This version will be incremented when incompatible changes are made to the + * KDB API, and will be kept in sync with the libkdb major version. */ +#define KRB5_KDB_API_VERSION 5 + /* Salt types */ #define KRB5_KDB_SALTTYPE_NORMAL 0 #define KRB5_KDB_SALTTYPE_V4 1 @@ -859,6 +863,13 @@ krb5_dbe_free_tl_data(krb5_context, krb5_tl_data *); #define KRB5_KDB_OPT_SET_DB_NAME 0 #define KRB5_KDB_OPT_SET_LOCK_MODE 1 +/* + * This number indicates the date of the last incompatible change to the + * DAL. It is passed to init_library to allow KDB modules to detect when + * they are being loaded by an incompatible version of the KDC. + */ +#define KRB5_KDB_DAL_VERSION 20100701 + /* * A krb5_context can hold one database object. Modules should use * context->dal_handle->db_context to store state associated with the database @@ -886,7 +897,7 @@ typedef struct _kdb_vftabl { * Mandatory: Invoked after the module library is loaded, when the first DB * using the module is opened, across all contexts. */ - krb5_error_code (*init_library)(void); + krb5_error_code (*init_library)(int dal_version); /* * Mandatory: Invoked before the module library is unloaded, after the last diff --git a/src/lib/kdb/Makefile.in b/src/lib/kdb/Makefile.in index c450a9819..3781dfb9a 100644 --- a/src/lib/kdb/Makefile.in +++ b/src/lib/kdb/Makefile.in @@ -8,8 +8,9 @@ CFLAGS=@CFLAGS@ -DKDB5_USE_LIB_KDB_DB2 LOCALINCLUDES= -I. DEFS= +# Keep LIBMAJOR in sync with KRB5_KDB_API_VERSION in include/kdb.h. LIBBASE=kdb5 -LIBMAJOR=4 +LIBMAJOR=5 LIBMINOR=0 LIBINITFUNC=kdb_init_lock_list LIBFINIFUNC=kdb_fini_lock_list diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index a7e1bb5c1..c4c7ec6dc 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -311,7 +311,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library *libptr) memcpy(&lib->vftabl, vftabl_addr, sizeof(kdb_vftabl)); kdb_setup_opt_functions(lib); - status = lib->vftabl.init_library(); + status = lib->vftabl.init_library(KRB5_KDB_DAL_VERSION); if (status) goto cleanup; @@ -408,7 +408,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib) memcpy(&(*lib)->vftabl, vftabl_addrs[0], sizeof(kdb_vftabl)); kdb_setup_opt_functions(*lib); - if ((status = (*lib)->vftabl.init_library())) + if ((status = (*lib)->vftabl.init_library(KRB5_KDB_DAL_VERSION))) goto clean_n_exit; clean_n_exit: diff --git a/src/lib/krb5/error_tables/kdb5_err.et b/src/lib/krb5/error_tables/kdb5_err.et index cd7214d9b..f6b97dc9d 100644 --- a/src/lib/krb5/error_tables/kdb5_err.et +++ b/src/lib/krb5/error_tables/kdb5_err.et @@ -82,5 +82,6 @@ ec KRB5_LOG_CONV, "Update log conversion error" ec KRB5_LOG_UNSTABLE, "Update log is unstable" ec KRB5_LOG_CORRUPT, "Update log is corrupt" ec KRB5_LOG_ERROR, "Generic update log error" +ec KRB5_KDB_DBTYPE_MISMATCH, "Database module does not match KDC version" end diff --git a/src/plugins/kdb/db2/db2_exp.c b/src/plugins/kdb/db2/db2_exp.c index c7fb7566a..73aa6394f 100644 --- a/src/plugins/kdb/db2/db2_exp.c +++ b/src/plugins/kdb/db2/db2_exp.c @@ -201,9 +201,12 @@ WRAP_K (krb5_db2_invoke, (kcontext, method, request, response)); static krb5_error_code -hack_init () +hack_init (int dal_version) { krb5_error_code c; + + if (dal_version != KRB5_KDB_DAL_VERSION) + return KRB5_KDB_DBTYPE_MISMATCH; c = krb5int_mutex_alloc (&krb5_db2_mutex); if (c) return c; diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h index 95909f6be..0f7921074 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h +++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h @@ -254,7 +254,7 @@ krb5_error_code krb5_ldap_db_get_age(krb5_context, char *, time_t *); krb5_error_code -krb5_ldap_lib_init(void); +krb5_ldap_lib_init(int dal_version); krb5_error_code krb5_ldap_lib_cleanup(void); diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c index 82b0333cd..8ebe73abd 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c @@ -312,9 +312,10 @@ krb5_ldap_rebind(krb5_ldap_context *ldap_context, * DAL API functions */ krb5_error_code -krb5_ldap_lib_init() +krb5_ldap_lib_init(int dal_version) { - return 0; + if (dal_version != KRB5_KDB_DAL_VERSION) + return KRB5_KDB_DBTYPE_MISMATCH; } krb5_error_code -- 2.26.2