hdb: eliminate hdb_entry_ex

Remove hdb_entry_ex and revert to the original design of hdb_entry (except with an additional context member in hdb_entry which is managed by the free_entry method in HDB).
2022-01-07 12:54:40 +11:00
parent c5551775e2
commit 0e8c4ccc6e
50 changed files with 1035 additions and 1032 deletions
--- a/kdc/misc.c
+++ b/kdc/misc.c
@@ -67,11 +67,11 @@ synthesize_client(krb5_context context,
                  krb5_kdc_configuration *config,
                  krb5_const_principal princ,
                  HDB **db,
-                  hdb_entry_ex **h)
+                  hdb_entry **h)
 {
    static HDB null_db;
    krb5_error_code ret;
-    hdb_entry_ex *e;
+    hdb_entry *e;

    /* Hope this works! */
    null_db.hdb_destroy = synthesize_hdb_close;
@@ -81,40 +81,40 @@ synthesize_client(krb5_context context,

    ret = (e = calloc(1, sizeof(*e))) ? 0 : krb5_enomem(context);
    if (ret == 0) {
-        e->entry.flags.client = 1;
-        e->entry.flags.immutable = 1;
-        e->entry.flags.virtual = 1;
-        e->entry.flags.synthetic = 1;
-        e->entry.flags.do_not_store = 1;
-        e->entry.kvno = 1;
-        e->entry.keys.len = 0;
-        e->entry.keys.val = NULL;
-        e->entry.created_by.time = time(NULL);
-        e->entry.modified_by = NULL;
-        e->entry.valid_start = NULL;
-        e->entry.valid_end = NULL;
-        e->entry.pw_end = NULL;
-        e->entry.etypes = NULL;
-        e->entry.generation = NULL;
-        e->entry.extensions = NULL;
+        e->flags.client = 1;
+        e->flags.immutable = 1;
+        e->flags.virtual = 1;
+        e->flags.synthetic = 1;
+        e->flags.do_not_store = 1;
+        e->kvno = 1;
+        e->keys.len = 0;
+        e->keys.val = NULL;
+        e->created_by.time = time(NULL);
+        e->modified_by = NULL;
+        e->valid_start = NULL;
+        e->valid_end = NULL;
+        e->pw_end = NULL;
+        e->etypes = NULL;
+        e->generation = NULL;
+        e->extensions = NULL;
    }
    if (ret == 0)
-        ret = (e->entry.max_renew = calloc(1, sizeof(*e->entry.max_renew))) ?
+        ret = (e->max_renew = calloc(1, sizeof(*e->max_renew))) ?
            0 : krb5_enomem(context);
    if (ret == 0)
-        ret = (e->entry.max_life = calloc(1, sizeof(*e->entry.max_life))) ?
+        ret = (e->max_life = calloc(1, sizeof(*e->max_life))) ?
            0 : krb5_enomem(context);
    if (ret == 0)
-        ret = krb5_copy_principal(context, princ, &e->entry.principal);
+        ret = krb5_copy_principal(context, princ, &e->principal);
    if (ret == 0)
-        ret = krb5_copy_principal(context, princ, &e->entry.created_by.principal);
+        ret = krb5_copy_principal(context, princ, &e->created_by.principal);
    if (ret == 0) {
        /*
         * We can't check OCSP in the TGS path, so we can't let tickets for
         * synthetic principals live very long.
         */
-        *(e->entry.max_renew) = config->synthetic_clients_max_renew;
-        *(e->entry.max_life) = config->synthetic_clients_max_life;
+        *(e->max_renew) = config->synthetic_clients_max_renew;
+        *(e->max_life) = config->synthetic_clients_max_life;
        *h = e;
    } else {
        hdb_free_entry(context, &null_db, e);
@@ -129,9 +129,9 @@ _kdc_db_fetch(krb5_context context,
 	      unsigned flags,
 	      krb5uint32 *kvno_ptr,
 	      HDB **db,
-	      hdb_entry_ex **h)
+	      hdb_entry **h)
 {
-    hdb_entry_ex *ent = NULL;
+    hdb_entry *ent = NULL;
    krb5_error_code ret = HDB_ERR_NOENTRY;
    int i;
    unsigned kvno = 0;
@@ -246,7 +246,7 @@ out:
 }

 KDC_LIB_FUNCTION void KDC_LIB_CALL
-_kdc_free_ent(krb5_context context, HDB *db, hdb_entry_ex *ent)
+_kdc_free_ent(krb5_context context, HDB *db, hdb_entry *ent)
 {
    hdb_free_entry (context, db, ent);
    free (ent);
@@ -260,7 +260,7 @@ _kdc_free_ent(krb5_context context, HDB *db, hdb_entry_ex *ent)
 krb5_error_code
 _kdc_get_preferred_key(krb5_context context,
 		       krb5_kdc_configuration *config,
-		       hdb_entry_ex *h,
+		       hdb_entry *h,
 		       const char *name,
 		       krb5_enctype *enctype,
 		       Key **key)
@@ -273,9 +273,9 @@ _kdc_get_preferred_key(krb5_context context,

 	for (i = 0; p[i] != (krb5_enctype)ETYPE_NULL; i++) {
 	    if (krb5_enctype_valid(context, p[i]) != 0 &&
-		!_kdc_is_weak_exception(h->entry.principal, p[i]))
+		!_kdc_is_weak_exception(h->principal, p[i]))
 		continue;
-	    ret = hdb_enctype2key(context, &h->entry, NULL, p[i], key);
+	    ret = hdb_enctype2key(context, h, NULL, p[i], key);
 	    if (ret != 0)
 		continue;
 	    if (enctype != NULL)
@@ -285,12 +285,12 @@ _kdc_get_preferred_key(krb5_context context,
    } else {
 	*key = NULL;

-	for (i = 0; i < h->entry.keys.len; i++) {
-	    if (krb5_enctype_valid(context, h->entry.keys.val[i].key.keytype) != 0 &&
-		!_kdc_is_weak_exception(h->entry.principal, h->entry.keys.val[i].key.keytype))
+	for (i = 0; i < h->keys.len; i++) {
+	    if (krb5_enctype_valid(context, h->keys.val[i].key.keytype) != 0 &&
+		!_kdc_is_weak_exception(h->principal, h->keys.val[i].key.keytype))
 		continue;
-	    ret = hdb_enctype2key(context, &h->entry, NULL,
-				  h->entry.keys.val[i].key.keytype, key);
+	    ret = hdb_enctype2key(context, h, NULL,
+				  h->keys.val[i].key.keytype, key);
 	    if (ret != 0)
 		continue;
 	    if (enctype != NULL)
@@ -334,9 +334,9 @@ _kdc_verify_checksum(krb5_context context,
 krb5_boolean
 _kdc_include_pac_p(astgs_request_t r)
 {
-    if (krb5_principal_is_krbtgt(r->context, r->server->entry.principal))
+    if (krb5_principal_is_krbtgt(r->context, r->server->principal))
 	return TRUE;
-    else if (r->server->entry.flags.no_auth_data_reqd)
+    else if (r->server->flags.no_auth_data_reqd)
 	return FALSE;

    return !!(r->pac_attributes & (KRB5_PAC_WAS_REQUESTED | KRB5_PAC_WAS_GIVEN_IMPLICITLY));