oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: Fix KCM/API ccache type name confusion

Browse Source 
Wrap all KCM cc ops that need to call kcm_alloc() so that they pass in
the cc ops pointer that they're associated with so that kcm_alloc() can
use the correct ccache type name if needed.
This commit is contained in:
Nicolas Williams
2022-01-25 00:02:12 -06:00
parent c44f94fa7e
commit 727682ec41
1 changed files with 58 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
lib/krb5/kcm.c
View File

@@ -128,14 +128,20 @@ krb5_kcm_storage_request(krb5_context context,
return ret; return ret;
} }
static krb5_error_code kcm_get_default_name_kcm(krb5_context, char **);
static krb5_error_code kcm_get_default_name_api(krb5_context, char **);
static krb5_error_code static krb5_error_code
kcm_alloc(krb5_context context, kcm_alloc(krb5_context context,
const krb5_cc_ops *ops,
const char *residual, const char *residual,
const char *sub, const char *sub,
krb5_ccache *id) krb5_ccache *id)
{ {
krb5_error_code ret;
krb5_kcmcache *k; krb5_kcmcache *k;
size_t plen = 0; size_t plen = 0;
char *def_name = NULL;
int aret; int aret;
k = calloc(1, sizeof(*k)); k = calloc(1, sizeof(*k));
@@ -148,6 +154,16 @@ kcm_alloc(krb5_context context,
if (sub && sub[0] == '\0') if (sub && sub[0] == '\0')
sub = NULL; sub = NULL;
if (residual == NULL && sub == NULL) {
if (ops == &krb5_kcm_ops)
ret = kcm_get_default_name_kcm(context, &def_name);
else
ret = kcm_get_default_name_api(context, &def_name);
if (ret == 0) {
residual = def_name + strlen(ops->prefix) + 1;
}
}
if (residual) { if (residual) {
/* KCM cache names must start with {UID} or {UID}: */ /* KCM cache names must start with {UID} or {UID}: */
if (residual[0] != '0') if (residual[0] != '0')
@@ -183,10 +199,12 @@ kcm_alloc(krb5_context context,
residual, sub); residual, sub);
} }
if (aret == -1 || k->name == NULL) { if (aret == -1 || k->name == NULL) {
free(def_name);
free(k); free(k);
return krb5_enomem(context); return krb5_enomem(context);
} }
free(def_name);
(*id)->data.data = k; (*id)->data.data = k;
(*id)->data.length = sizeof(*k); (*id)->data.length = sizeof(*k);
@@ -283,10 +301,10 @@ kcm_get_name_2(krb5_context context,
} }
static krb5_error_code static krb5_error_code
kcm_resolve_2(krb5_context context, kcm_resolve_2_kcm(krb5_context context,
krb5_ccache *id, krb5_ccache *id,
const char *res, const char *res,
const char *sub) const char *sub)
{ {
/* /*
* For now, for KCM the `res' is the `sub'. * For now, for KCM the `res' is the `sub'.
@@ -294,7 +312,22 @@ kcm_resolve_2(krb5_context context,
* TODO: We should use `res' as the IPC name instead of the one currently * TODO: We should use `res' as the IPC name instead of the one currently
* hard-coded in `kcm_ipc_name'. * hard-coded in `kcm_ipc_name'.
*/ */
return kcm_alloc(context, res, sub, id); return kcm_alloc(context, &krb5_kcm_ops, res, sub, id);
}
static krb5_error_code
kcm_resolve_2_api(krb5_context context,
krb5_ccache *id,
const char *res,
const char *sub)
{
/*
* For now, for KCM the `res' is the `sub'.
*
* TODO: We should use `res' as the IPC name instead of the one currently
* hard-coded in `kcm_ipc_name'.
*/
return kcm_alloc(context, &krb5_akcm_ops, res, sub, id);
} }
/* /*
@@ -304,14 +337,14 @@ kcm_resolve_2(krb5_context context,
* NameZ * NameZ
*/ */
static krb5_error_code static krb5_error_code
kcm_gen_new(krb5_context context, krb5_ccache *id) kcm_gen_new(krb5_context context, const krb5_cc_ops *ops, krb5_ccache *id)
{ {
krb5_kcmcache *k; krb5_kcmcache *k;
krb5_error_code ret; krb5_error_code ret;
krb5_storage *request, *response; krb5_storage *request, *response;
krb5_data response_data; krb5_data response_data;
ret = kcm_alloc(context, NULL, NULL, id); ret = kcm_alloc(context, ops, NULL, NULL, id);
if (ret) if (ret)
return ret; return ret;
@@ -344,6 +377,18 @@ kcm_gen_new(krb5_context context, krb5_ccache *id)
return ret; return ret;
} }
static krb5_error_code
kcm_gen_new_kcm(krb5_context context, krb5_ccache *id)
{
return kcm_gen_new(context, &krb5_kcm_ops, id);
}
static krb5_error_code
kcm_gen_new_api(krb5_context context, krb5_ccache *id)
{
return kcm_gen_new(context, &krb5_akcm_ops, id);
}
/* /*
* Request: * Request:
* NameZ * NameZ
@@ -939,7 +984,7 @@ kcm_get_cache_next(krb5_context context, krb5_cc_cursor cursor, const krb5_cc_op
if (ret == 0) { if (ret == 0) {
ret = _krb5_cc_allocate(context, ops, id); ret = _krb5_cc_allocate(context, ops, id);
if (ret == 0) if (ret == 0)
ret = kcm_alloc(context, name, NULL, id); ret = kcm_alloc(context, ops, name, NULL, id);
krb5_xfree(name); krb5_xfree(name);
} }
@@ -1159,7 +1204,7 @@ KRB5_LIB_VARIABLE const krb5_cc_ops krb5_kcm_ops = {
"KCM", "KCM",
NULL, NULL,
NULL, NULL,
kcm_gen_new, kcm_gen_new_kcm,
kcm_initialize, kcm_initialize,
kcm_destroy, kcm_destroy,
kcm_close, kcm_close,
@@ -1182,7 +1227,7 @@ KRB5_LIB_VARIABLE const krb5_cc_ops krb5_kcm_ops = {
kcm_set_kdc_offset, kcm_set_kdc_offset,
kcm_get_kdc_offset, kcm_get_kdc_offset,
kcm_get_name_2, kcm_get_name_2,
kcm_resolve_2 kcm_resolve_2_kcm
}; };
KRB5_LIB_VARIABLE const krb5_cc_ops krb5_akcm_ops = { KRB5_LIB_VARIABLE const krb5_cc_ops krb5_akcm_ops = {
@@ -1190,7 +1235,7 @@ KRB5_LIB_VARIABLE const krb5_cc_ops krb5_akcm_ops = {
"API", "API",
NULL, NULL,
NULL, NULL,
kcm_gen_new, kcm_gen_new_api,
kcm_initialize, kcm_initialize,
kcm_destroy, kcm_destroy,
kcm_close, kcm_close,
@@ -1213,10 +1258,9 @@ KRB5_LIB_VARIABLE const krb5_cc_ops krb5_akcm_ops = {
NULL, NULL,
NULL, NULL,
kcm_get_name_2, kcm_get_name_2,
kcm_resolve_2 kcm_resolve_2_api
}; };
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
_krb5_kcm_is_running(krb5_context context) _krb5_kcm_is_running(krb5_context context)
{ {
@@ -1225,7 +1269,7 @@ _krb5_kcm_is_running(krb5_context context)
krb5_ccache id = &ccdata; krb5_ccache id = &ccdata;
krb5_boolean running; krb5_boolean running;
ret = kcm_alloc(context, NULL, NULL, &id); ret = kcm_alloc(context, NULL, NULL, NULL, &id);
if (ret) if (ret)
return 0; return 0;