From 144caf67fa6048b69ca2c7523835665985eff1f9 Mon Sep 17 00:00:00 2001
From: Luke Howard <lukeh@padl.com>
Date: Sat, 29 Jan 2022 09:56:34 +1100
Subject: [PATCH] kdc: add wrappers for heimbase object accessors

Add libkdc wrappers for heimbase object accessors so plugins can use audit and
request attribute APIs without consuming libheimbase. Exposed API surface is
minimal and is limited to reading array collections, and reading/creating base
and custom types.
---
 kdc/altsecid_gss_preauth_authorizer.c |  14 +--
 kdc/gss_preauth.c                     |   4 +-
 kdc/kdc-audit.h                       |   4 +-
 kdc/kdc-plugin.c                      | 118 ++++++++++++++++++++++++++
 kdc/kdc.h                             |  11 +++
 kdc/kerberos5.c                       |   2 +-
 kdc/libkdc-exports.def                |  16 ++++
 kdc/process.c                         |  18 ++--
 kdc/version-script.map                |  16 ++++
 9 files changed, 181 insertions(+), 22 deletions(-)

diff --git a/kdc/altsecid_gss_preauth_authorizer.c b/kdc/altsecid_gss_preauth_authorizer.c
index 40925d2e4..559c53f18 100644
--- a/kdc/altsecid_gss_preauth_authorizer.c
+++ b/kdc/altsecid_gss_preauth_authorizer.c
@@ -272,7 +272,7 @@ ad_lookup(krb5_context context,
           gss_const_name_t initiator_name,
           gss_const_OID mech_type,
           krb5_principal *canon_principal,
-          heim_data_t *requestor_sid)
+          kdc_data_t *requestor_sid)
 {
     krb5_error_code ret;
     OM_uint32 minor;
@@ -354,7 +354,7 @@ ad_lookup(krb5_context context,
 	    ldap_count_values_len(values) == 0)
 	    goto out;
 
-	*requestor_sid = heim_data_create(values[0]->bv_val, values[0]->bv_len);
+	*requestor_sid = kdc_data_create(values[0]->bv_val, values[0]->bv_len);
 	if (*requestor_sid == NULL)
 	    goto enomem;
     }
@@ -371,7 +371,7 @@ out:
 	*canon_principal = NULL;
 
 	if (requestor_sid) {
-	    heim_release(*requestor_sid);
+	    kdc_object_release(*requestor_sid);
 	    *requestor_sid = NULL;
 	}
     }
@@ -403,7 +403,7 @@ authorize(void *ctx,
     krb5_const_realm realm = krb5_principal_get_realm(context, client->principal);
     krb5_boolean reconnect_p = FALSE;
     krb5_boolean is_tgs;
-    heim_data_t requestor_sid = NULL;
+    kdc_data_t requestor_sid = NULL;
 
     *authorized = FALSE;
     *mapped_name = NULL;
@@ -457,7 +457,7 @@ authorize(void *ctx,
     if (requestor_sid) {
 	kdc_request_set_attribute((kdc_request_t)r,
 				  HSTR("org.h5l.gss-pa-requestor-sid"), requestor_sid);
-	heim_release(requestor_sid);
+	kdc_object_release(requestor_sid);
     }
 
     return ret;
@@ -466,7 +466,7 @@ authorize(void *ctx,
 static KRB5_LIB_CALL krb5_error_code
 finalize_pac(void *ctx, astgs_request_t r)
 {
-    heim_data_t requestor_sid;
+    kdc_data_t requestor_sid;
 
     requestor_sid = kdc_request_get_attribute((kdc_request_t)r,
 					      HSTR("org.h5l.gss-pa-requestor-sid"));
@@ -476,7 +476,7 @@ finalize_pac(void *ctx, astgs_request_t r)
     kdc_audit_setkv_object((kdc_request_t)r, "gss_requestor_sid", requestor_sid);
 
     return kdc_request_add_pac_buffer(r, PAC_REQUESTOR_SID,
-				      heim_data_get_data(requestor_sid));
+				      kdc_data_get_data(requestor_sid));
 }
 
 static KRB5_LIB_CALL krb5_error_code
diff --git a/kdc/gss_preauth.c b/kdc/gss_preauth.c
index d48690745..db6cb3efc 100644
--- a/kdc/gss_preauth.c
+++ b/kdc/gss_preauth.c
@@ -426,7 +426,7 @@ _kdc_gss_rd_padata(astgs_request_t r,
         goto out;
     }
 
-    gcp = heim_alloc(sizeof(*gcp), "pa-gss-client-params", pa_gss_dealloc_client_params);
+    gcp = kdc_object_alloc(sizeof(*gcp), "pa-gss-client-params", pa_gss_dealloc_client_params);
     if (gcp == NULL) {
         ret = krb5_enomem(r->context);
         goto out;
@@ -476,7 +476,7 @@ out:
     if (gcp && gcp->major != GSS_S_NO_CONTEXT)
         *pgcp = gcp;
     else
-        heim_release(gcp);
+        kdc_object_release(gcp);
 
     return ret;
 }
diff --git a/kdc/kdc-audit.h b/kdc/kdc-audit.h
index 13c9b8f63..4b2203f22 100644
--- a/kdc/kdc-audit.h
+++ b/kdc/kdc-audit.h
@@ -36,8 +36,6 @@
 #ifndef HEIMDAL_KDC_KDC_AUDIT_H
 #define HEIMDAL_KDC_KDC_AUDIT_H 1
 
-#include <heimbase.h>
-
 /*
  * KDC auditing
  */
@@ -55,7 +53,7 @@
 #define KDC_AUTH_EVENT_PREAUTH_SUCCEEDED	9   /* generic (non-long term key) PA success */
 
 /*
- * Audit keys to be queried using heim_audit_getkv(). There are other keys
+ * Audit keys to be queried using kdc_audit_getkv(). There are other keys
  * intended for logging that are not defined below; the constants below are
  * there to ease migration from the older auth_status HDB API.
  */
diff --git a/kdc/kdc-plugin.c b/kdc/kdc-plugin.c
index 34d55ff86..40b730241 100644
--- a/kdc/kdc-plugin.c
+++ b/kdc/kdc-plugin.c
@@ -308,6 +308,124 @@ kdc_get_instance(const char *libname)
     return 0;
 }
 
+/*
+ * Minimum API surface wrapper for libheimbase object types so it
+ * may remain a private interface, yet plugins can interact with
+ * objects.
+ */
+
+KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
+kdc_object_alloc(size_t size, const char *name, kdc_type_dealloc dealloc)
+{
+    return heim_alloc(size, name, dealloc);
+}
+
+KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
+kdc_object_retain(kdc_object_t o)
+{
+    return heim_retain(o);
+}
+
+KDC_LIB_FUNCTION void KDC_LIB_CALL
+kdc_object_release(kdc_object_t o)
+{
+    heim_release(o);
+}
+
+KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
+kdc_bool_create(krb5_boolean v)
+{
+    return heim_bool_create(v);
+}
+
+KDC_LIB_FUNCTION krb5_boolean KDC_LIB_CALL
+kdc_bool_get_value(kdc_object_t o)
+{
+    return heim_bool_val(o);
+}
+
+struct kdc_array_iterator_trampoline_data {
+    kdc_array_iterator_t iter;
+    void *data;
+};
+
+/*
+ * Calling convention shim to avoid needing to update all internal
+ * consumers of heim_array_iterate_f()
+ */
+static void
+_kdc_array_iterator_trampoline(kdc_object_t o, void *data, int *stop)
+{
+    struct kdc_array_iterator_trampoline_data *t = data;
+
+    t->iter(o, t->data, stop);
+}
+
+KDC_LIB_FUNCTION void KDC_LIB_CALL
+kdc_array_iterate(kdc_array_t a, void *d, kdc_array_iterator_t iter)
+{
+    struct kdc_array_iterator_trampoline_data t;
+
+    t.iter = iter;
+    t.data = d;
+
+    return heim_array_iterate_f((heim_array_t)a, &t, _kdc_array_iterator_trampoline);
+}
+
+KDC_LIB_FUNCTION size_t KDC_LIB_CALL
+kdc_array_get_length(kdc_array_t a)
+{
+    return heim_array_get_length((heim_array_t)a);
+}
+
+KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
+kdc_array_get_value(heim_array_t a, size_t i)
+{
+    return heim_array_get_value((heim_array_t)a, i);
+}
+
+KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
+kdc_array_copy_value(heim_array_t a, size_t i)
+{
+    return heim_array_copy_value((heim_array_t)a, i);
+}
+
+KDC_LIB_FUNCTION kdc_string_t KDC_LIB_CALL
+kdc_string_create(const char *s)
+{
+    return (kdc_string_t)heim_string_create(s);
+}
+
+KDC_LIB_FUNCTION const char * KDC_LIB_CALL
+kdc_string_get_utf8(kdc_string_t s)
+{
+    return heim_string_get_utf8((heim_string_t)s);
+}
+
+KDC_LIB_FUNCTION kdc_data_t
+kdc_data_create(const void *d, size_t len)
+{
+    return (kdc_data_t)heim_data_create(d, len);
+}
+
+KDC_LIB_FUNCTION const krb5_data * KDC_LIB_CALL
+kdc_data_get_data(kdc_data_t d)
+{
+    return heim_data_get_data((heim_data_t)d);
+}
+
+KDC_LIB_FUNCTION kdc_number_t KDC_LIB_CALL
+kdc_number_create(int64_t v)
+{
+    return (kdc_number_t)heim_number_create(v);
+}
+
+KDC_LIB_FUNCTION int64_t KDC_LIB_CALL
+kdc_number_get_value(kdc_number_t n)
+{
+    return heim_number_get_long((heim_number_t)n);
+}
+
 /*
  * Plugin accessors
  */
diff --git a/kdc/kdc.h b/kdc/kdc.h
index 289e7adb0..34ff4ac89 100644
--- a/kdc/kdc.h
+++ b/kdc/kdc.h
@@ -98,6 +98,17 @@ struct krb5_kdc_configuration {
 };
 #endif
 
+typedef void *kdc_object_t;
+typedef struct kdc_array_data *kdc_array_t;
+typedef struct kdc_dict_data *kdc_dict_t;
+typedef struct kdc_string_data *kdc_string_t;
+typedef struct kdc_data_data *kdc_data_t;
+typedef struct kdc_number_data *kdc_number_t;
+
+typedef void (KRB5_CALLCONV *kdc_array_iterator_t)(kdc_object_t, void *, int *);
+
+typedef void (KRB5_CALLCONV *kdc_type_dealloc)(kdc_object_t);
+
 #include <kdc-protos.h>
 
 #endif /* __KDC_H__ */
diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index c06c02599..524f1d536 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -601,7 +601,7 @@ pa_gss_validate(astgs_request_t r, const PA_DATA *pa)
 	goto out;
 
 out:
-    heim_release(gcp);
+    kdc_object_release(gcp);
     free(client_name);
 
     return ret;
diff --git a/kdc/libkdc-exports.def b/kdc/libkdc-exports.def
index c2463c2fb..c13f28a83 100644
--- a/kdc/libkdc-exports.def
+++ b/kdc/libkdc-exports.def
@@ -74,6 +74,22 @@ EXPORTS
 	kdc_audit_vaddreason
 	_kdc_audit_trail
 
+	kdc_object_alloc
+	kdc_object_retain
+	kdc_object_release
+	kdc_bool_create
+	kdc_bool_get_value
+	kdc_array_iterate
+	kdc_array_get_length
+	kdc_array_get_value
+	kdc_array_copy_value
+	kdc_string_create
+	kdc_string_get_utf8
+	kdc_data_create
+	kdc_data_get_data
+	kdc_number_create
+	kdc_number_get_value
+
 	; needed for digest-service
 	_kdc_db_fetch
 	_kdc_free_ent
diff --git a/kdc/process.c b/kdc/process.c
index 6d5b5a82e..cf8ab060e 100644
--- a/kdc/process.c
+++ b/kdc/process.c
@@ -113,18 +113,18 @@ kdc_audit_setkv_number(kdc_request_t r, const char *k, int64_t v)
 }
 
 KDC_LIB_FUNCTION void KDC_LIB_CALL
-kdc_audit_addkv_object(kdc_request_t r, const char *k, heim_object_t obj)
+kdc_audit_addkv_object(kdc_request_t r, const char *k, kdc_object_t obj)
 {
     heim_audit_addkv_object((heim_svc_req_desc)r, k, obj);
 }
 
 KDC_LIB_FUNCTION void KDC_LIB_CALL
-kdc_audit_setkv_object(kdc_request_t r, const char *k, heim_object_t obj)
+kdc_audit_setkv_object(kdc_request_t r, const char *k, kdc_object_t obj)
 {
     heim_audit_setkv_object((heim_svc_req_desc)r, k, obj);
 }
 
-KDC_LIB_FUNCTION heim_object_t KDC_LIB_CALL
+KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
 kdc_audit_getkv(kdc_request_t r, const char *k)
 {
     return heim_audit_getkv((heim_svc_req_desc)r, k);
@@ -553,25 +553,25 @@ krb5_kdc_save_request(krb5_context context,
 }
 
 KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL
-kdc_request_set_attribute(kdc_request_t r, heim_object_t key, heim_object_t value)
+kdc_request_set_attribute(kdc_request_t r, kdc_object_t key, kdc_object_t value)
 {
     return heim_dict_set_value(r->attributes, key, value);
 }
 
-KDC_LIB_FUNCTION heim_object_t KDC_LIB_CALL
-kdc_request_get_attribute(kdc_request_t r, heim_object_t key)
+KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
+kdc_request_get_attribute(kdc_request_t r, kdc_object_t key)
 {
     return heim_dict_get_value(r->attributes, key);
 }
 
-KDC_LIB_FUNCTION heim_object_t KDC_LIB_CALL
-kdc_request_copy_attribute(kdc_request_t r, heim_object_t key)
+KDC_LIB_FUNCTION kdc_object_t KDC_LIB_CALL
+kdc_request_copy_attribute(kdc_request_t r, kdc_object_t key)
 {
     return heim_dict_copy_value(r->attributes, key);
 }
 
 KDC_LIB_FUNCTION void KDC_LIB_CALL
-kdc_request_delete_attribute(kdc_request_t r, heim_object_t key)
+kdc_request_delete_attribute(kdc_request_t r, kdc_object_t key)
 {
     heim_dict_delete_key(r->attributes, key);
 }
diff --git a/kdc/version-script.map b/kdc/version-script.map
index 9aa716b7d..a1300b90a 100644
--- a/kdc/version-script.map
+++ b/kdc/version-script.map
@@ -77,6 +77,22 @@ HEIMDAL_KDC_1.0 {
 		kdc_audit_vaddreason;
 		_kdc_audit_trail;
 
+		kdc_object_alloc;
+		kdc_object_retain;
+		kdc_object_release;
+		kdc_bool_create;
+		kdc_bool_get_value;
+		kdc_array_iterate;
+		kdc_array_get_length;
+		kdc_array_get_value;
+		kdc_array_copy_value;
+		kdc_string_create;
+		kdc_string_get_utf8;
+		kdc_data_create;
+		kdc_data_get_data;
+		kdc_number_create;
+		kdc_number_get_value;
+
 		# needed for digest-service
 		_kdc_db_fetch;
 		_kdc_free_ent;