hdb: decorate HDB_entry with context member
Decorate HDB_entry with context and move free_entry callback into HDB structure itself. Requires updating hdb_free_entry() signature to include HDB parameter. A follow-up commit will consolidate hdb_entry_ex (which has a single hdb_entry member) into hdb_entry.
This commit is contained in:
Luke Howard
@@ -146,10 +146,7 @@ $(srcdir)/hdb-private.h: $(dist_libhdb_la_SOURCES)
|
||||
$(gen_files_hdb) hdb_asn1.h hdb_asn1-priv.h: hdb_asn1_files
|
||||
|
||||
hdb_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/hdb.asn1
|
||||
$(ASN1_COMPILE) --sequence=HDB-extensions \
|
||||
--sequence=HDB-Ext-KeyRotation \
|
||||
--sequence=HDB-Ext-KeySet \
|
||||
--sequence=Keys $(srcdir)/hdb.asn1 hdb_asn1
|
||||
$(ASN1_COMPILE) --option-file=$(srcdir)/hdb.opt $(srcdir)/hdb.asn1 hdb_asn1
|
||||
|
||||
# to help stupid solaris make
|
||||
|
||||
|
||||
@@ -37,7 +37,7 @@ intcflags=-DASN1_LIB
|
||||
|
||||
$(OBJ)\asn1_hdb_asn1.c $(OBJ)\hdb_asn1.h $(OBJ)\hdb_asn1-priv.h: $(BINDIR)\asn1_compile.exe hdb.asn1
|
||||
cd $(OBJ)
|
||||
$(BINDIR)\asn1_compile.exe --sequence=HDB-extensions --sequence=HDB-Ext-KeyRotation --sequence=HDB-Ext-KeySet --sequence=Keys --one-code-file $(SRCDIR)\hdb.asn1 hdb_asn1
|
||||
$(BINDIR)\asn1_compile.exe --one-code-file --option-file=$(SRCDIR)\hdb.opt $(SRCDIR)\hdb.asn1 hdb_asn1
|
||||
cd $(SRCDIR)
|
||||
|
||||
!ifdef OPENLDAP_MODULE
|
||||
|
||||
@@ -233,13 +233,13 @@ _hdb_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal,
|
||||
/* Decrypt the current keys */
|
||||
ret = hdb_unseal_keys(context, db, &entry->entry);
|
||||
if (ret) {
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
return ret;
|
||||
}
|
||||
/* Decrypt the key history too */
|
||||
ret = hdb_unseal_keys_kvno(context, db, 0, flags, &entry->entry);
|
||||
if (ret) {
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
return ret;
|
||||
}
|
||||
} else if ((flags & HDB_F_DECRYPT)) {
|
||||
@@ -247,7 +247,7 @@ _hdb_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal,
|
||||
/* Decrypt the current keys */
|
||||
ret = hdb_unseal_keys(context, db, &entry->entry);
|
||||
if (ret) {
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
return ret;
|
||||
}
|
||||
} else {
|
||||
@@ -259,7 +259,7 @@ _hdb_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal,
|
||||
*/
|
||||
ret = hdb_unseal_keys_kvno(context, db, kvno, flags, &entry->entry);
|
||||
if (ret) {
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
@@ -273,7 +273,7 @@ _hdb_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal,
|
||||
*/
|
||||
ret = add_default_salts(context, db, &entry->entry);
|
||||
if (ret) {
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
@@ -1567,7 +1567,7 @@ fetch_it(krb5_context context,
|
||||
ret = pick_kvno(context, db, flags, t, kvno, ent);
|
||||
}
|
||||
if (ret)
|
||||
hdb_free_entry(context, ent);
|
||||
hdb_free_entry(context, db, ent);
|
||||
krb5_free_principal(context, nsprinc);
|
||||
free(host);
|
||||
return ret;
|
||||
|
||||
@@ -143,14 +143,14 @@ DB_seq(krb5_context context, HDB *db,
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
code = hdb_unseal_keys (context, db, &entry->entry);
|
||||
if (code)
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
}
|
||||
if (code == 0 && entry->entry.principal == NULL) {
|
||||
entry->entry.principal = malloc(sizeof(*entry->entry.principal));
|
||||
if (entry->entry.principal == NULL) {
|
||||
code = ENOMEM;
|
||||
krb5_set_error_message(context, code, "malloc: out of memory");
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
} else {
|
||||
hdb_key2principal(context, &key_data, entry->entry.principal);
|
||||
}
|
||||
|
||||
@@ -161,12 +161,12 @@ DB_seq(krb5_context context, HDB *db,
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
code = hdb_unseal_keys (context, db, &entry->entry);
|
||||
if (code)
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
}
|
||||
if (entry->entry.principal == NULL) {
|
||||
entry->entry.principal = malloc(sizeof(*entry->entry.principal));
|
||||
if (entry->entry.principal == NULL) {
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
|
||||
return ENOMEM;
|
||||
} else {
|
||||
|
||||
@@ -767,7 +767,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent,
|
||||
}
|
||||
|
||||
if (msg)
|
||||
hdb_free_entry(context, &orig);
|
||||
hdb_free_entry(context, db, &orig);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -1467,7 +1467,7 @@ out:
|
||||
free(ntPasswordIN);
|
||||
|
||||
if (ret)
|
||||
hdb_free_entry(context, ent);
|
||||
hdb_free_entry(context, db, ent);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -1552,7 +1552,7 @@ LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry_ex * entry)
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
ret = hdb_unseal_keys(context, db, &entry->entry);
|
||||
if (ret)
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1712,7 +1712,7 @@ LDAP_fetch_kvno(krb5_context context, HDB * db, krb5_const_principal principal,
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
ret = hdb_unseal_keys(context, db, &entry->entry);
|
||||
if (ret)
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -411,12 +411,12 @@ DB_seq(krb5_context context, HDB *db,
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
code = hdb_unseal_keys (context, db, &entry->entry);
|
||||
if (code)
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
}
|
||||
if (entry->entry.principal == NULL) {
|
||||
entry->entry.principal = malloc(sizeof(*entry->entry.principal));
|
||||
if (entry->entry.principal == NULL) {
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
|
||||
return ENOMEM;
|
||||
} else {
|
||||
|
||||
@@ -802,7 +802,7 @@ mdb_seq(krb5_context context, HDB *db,
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
code = hdb_unseal_keys (context, db, &entry->entry);
|
||||
if (code)
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
}
|
||||
|
||||
return code;
|
||||
@@ -961,7 +961,7 @@ mdb_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal,
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
ret = hdb_unseal_keys (context, db, &entry->entry);
|
||||
if (ret) {
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -548,7 +548,7 @@ hdb_sqlite_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal princi
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
ret = hdb_unseal_keys(context, db, &entry->entry);
|
||||
if(ret) {
|
||||
hdb_free_entry(context, entry);
|
||||
hdb_free_entry(context, db, entry);
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -397,13 +397,13 @@ hdb_unlock(int fd)
|
||||
}
|
||||
|
||||
void
|
||||
hdb_free_entry(krb5_context context, hdb_entry_ex *ent)
|
||||
hdb_free_entry(krb5_context context, HDB *db, hdb_entry_ex *ent)
|
||||
{
|
||||
Key *k;
|
||||
size_t i;
|
||||
|
||||
if (ent->free_entry)
|
||||
(*ent->free_entry)(context, ent);
|
||||
if (db && db->hdb_free_entry_context)
|
||||
db->hdb_free_entry_context(context, db, ent);
|
||||
|
||||
for(i = 0; i < ent->entry.keys.len; i++) {
|
||||
k = &ent->entry.keys.val[i];
|
||||
@@ -430,7 +430,7 @@ hdb_foreach(krb5_context context,
|
||||
krb5_clear_error_message(context);
|
||||
while(ret == 0){
|
||||
ret = (*func)(context, db, &entry, data);
|
||||
hdb_free_entry(context, &entry);
|
||||
hdb_free_entry(context, db, &entry);
|
||||
if(ret == 0)
|
||||
ret = db->hdb_nextkey(context, db, flags, &entry);
|
||||
}
|
||||
|
||||
@@ -110,9 +110,7 @@ typedef struct hdb_master_key_data *hdb_master_key;
|
||||
*/
|
||||
|
||||
typedef struct hdb_entry_ex {
|
||||
void *ctx;
|
||||
hdb_entry entry;
|
||||
void (*free_entry)(krb5_context, struct hdb_entry_ex *);
|
||||
} hdb_entry_ex;
|
||||
|
||||
|
||||
@@ -165,9 +163,9 @@ typedef struct HDB {
|
||||
*/
|
||||
krb5_error_code (*hdb_close)(krb5_context, struct HDB*);
|
||||
/**
|
||||
* Free an entry after use.
|
||||
* Free backend-specific entry context.
|
||||
*/
|
||||
void (*hdb_free)(krb5_context, struct HDB*, hdb_entry_ex*);
|
||||
void (*hdb_free_entry_context)(krb5_context, struct HDB*, hdb_entry_ex*);
|
||||
/**
|
||||
* Fetch an entry from the backend
|
||||
*
|
||||
|
||||
5
lib/hdb/hdb.opt
Normal file
5
lib/hdb/hdb.opt
Normal file
@@ -0,0 +1,5 @@
|
||||
--sequence=HDB-extensions
|
||||
--sequence=HDB-Ext-KeyRotation
|
||||
--sequence=HDB-Ext-KeySet
|
||||
--sequence=Keys
|
||||
--decorate=HDB_entry:void:context?:::
|
||||
@@ -227,7 +227,7 @@ hdb_get_entry(krb5_context context,
|
||||
goto out;
|
||||
|
||||
if(kvno && (krb5_kvno)ent.entry.kvno != kvno) {
|
||||
hdb_free_entry(context, &ent);
|
||||
hdb_free_entry(context, db, &ent);
|
||||
ret = KRB5_KT_NOTFOUND;
|
||||
goto out;
|
||||
}
|
||||
@@ -246,7 +246,7 @@ hdb_get_entry(krb5_context context,
|
||||
break;
|
||||
}
|
||||
}
|
||||
hdb_free_entry(context, &ent);
|
||||
hdb_free_entry(context, db, &ent);
|
||||
out:
|
||||
(*db->hdb_close)(context, db);
|
||||
(*db->hdb_destroy)(context, db);
|
||||
@@ -337,7 +337,7 @@ hdb_next_entry(krb5_context context,
|
||||
return ret;
|
||||
|
||||
if (c->hdb_entry.entry.keys.len == 0)
|
||||
hdb_free_entry(context, &c->hdb_entry);
|
||||
hdb_free_entry(context, c->db, &c->hdb_entry);
|
||||
else
|
||||
c->next = FALSE;
|
||||
}
|
||||
@@ -354,7 +354,7 @@ hdb_next_entry(krb5_context context,
|
||||
|
||||
/* If no keys on this entry, try again */
|
||||
if (c->hdb_entry.entry.keys.len == 0)
|
||||
hdb_free_entry(context, &c->hdb_entry);
|
||||
hdb_free_entry(context, c->db, &c->hdb_entry);
|
||||
else
|
||||
c->next = FALSE;
|
||||
}
|
||||
@@ -387,7 +387,7 @@ hdb_next_entry(krb5_context context,
|
||||
*/
|
||||
|
||||
if ((size_t)c->key_idx == c->hdb_entry.entry.keys.len) {
|
||||
hdb_free_entry(context, &c->hdb_entry);
|
||||
hdb_free_entry(context, c->db, &c->hdb_entry);
|
||||
c->next = TRUE;
|
||||
c->key_idx = 0;
|
||||
}
|
||||
@@ -404,7 +404,7 @@ hdb_end_seq_get(krb5_context context,
|
||||
struct hdb_cursor *c = cursor->data;
|
||||
|
||||
if (!c->next)
|
||||
hdb_free_entry(context, &c->hdb_entry);
|
||||
hdb_free_entry(context, c->db, &c->hdb_entry);
|
||||
|
||||
(c->db->hdb_close)(context, c->db);
|
||||
(c->db->hdb_destroy)(context, c->db);
|
||||
|
||||
@@ -104,12 +104,12 @@ NDBM_seq(krb5_context context, HDB *db,
|
||||
if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {
|
||||
ret = hdb_unseal_keys (context, db, &entry->entry);
|
||||
if (ret)
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
}
|
||||
if (ret == 0 && entry->entry.principal == NULL) {
|
||||
entry->entry.principal = malloc (sizeof(*entry->entry.principal));
|
||||
if (entry->entry.principal == NULL) {
|
||||
hdb_free_entry (context, entry);
|
||||
hdb_free_entry (context, db, entry);
|
||||
ret = ENOMEM;
|
||||
krb5_set_error_message(context, ret, "malloc: out of memory");
|
||||
} else {
|
||||
|
||||
@@ -346,8 +346,6 @@ make_namespace(krb5_context context, HDB *db, const char *name)
|
||||
|
||||
/* Setup the HDB entry */
|
||||
memset(&e, 0, sizeof(e));
|
||||
e.ctx = 0;
|
||||
e.free_entry = 0;
|
||||
e.entry.created_by.time = krs[0].epoch;
|
||||
e.entry.valid_start = e.entry.valid_end = e.entry.pw_end = 0;
|
||||
e.entry.generation = 0;
|
||||
@@ -424,7 +422,7 @@ make_namespace(krb5_context context, HDB *db, const char *name)
|
||||
if (ret)
|
||||
krb5_err(context, 1, ret, "failed to setup a namespace principal");
|
||||
free_Key(&k);
|
||||
hdb_free_entry(context, &e);
|
||||
hdb_free_entry(context, db, &e);
|
||||
}
|
||||
|
||||
#define WK_PREFIX "WELLKNOWN/" HDB_WK_NAMESPACE "/"
|
||||
@@ -936,7 +934,7 @@ main(int argc, char **argv)
|
||||
|
||||
/* Cleanup */
|
||||
for (i = 0; ret == 0 && i < sizeof(e) / sizeof(e[0]); i++)
|
||||
hdb_free_entry(context, &e[i]);
|
||||
hdb_free_entry(context, db, &e[i]);
|
||||
db->hdb_destroy(context, db);
|
||||
krb5_free_context(context);
|
||||
return 0;
|
||||
|
||||
Reference in New Issue
Block a user