oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Generalize MSLSA ccache type to a plug-in based ccache type

Browse Source
This commit is contained in:
Asanka C. Herath
2010-09-18 23:37:32 -04:00
parent a4be8fcd7e
commit cad554ad3d
7 changed files with 110 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/krb5/Makefile.am
View File

@@ -152,6 +152,7 @@ dist_libkrb5_la_SOURCES = \
n-fold.c \
pac.c \
padata.c \
pcache.c \
pkinit.c \
principal.c \
prog_setup.c \
@@ -258,7 +259,7 @@ nodist_include_HEADERS = krb5_err.h heim_err.h k524_err.h
# XXX use nobase_include_HEADERS = krb5/locate_plugin.h
krb5dir = $(includedir)/krb5
krb5_HEADERS = locate_plugin.h send_to_kdc_plugin.h
krb5_HEADERS = locate_plugin.h send_to_kdc_plugin.h ccache_plugin.h
build_HEADERZ = \
$(krb5_HEADERS) \

10
lib/krb5/NTMakefile
View File

@@ -124,6 +124,7 @@ libkrb5_OBJS = \
$(OBJ)\store_emem.obj \
$(OBJ)\store_fd.obj \
$(OBJ)\store_mem.obj \
$(OBJ)\pcache.obj \
$(OBJ)\plugin.obj \
$(OBJ)\ticket.obj \
$(OBJ)\time.obj \
@@ -253,6 +254,7 @@ dist_libkrb5_la_SOURCES = \
store_emem.c \
store_fd.c \
store_mem.c \
pcache.c \
plugin.c \
ticket.c \
time.c \
@@ -264,14 +266,6 @@ dist_libkrb5_la_SOURCES = \
warn.c \
write_message.c
!ifdef HAVE_MSLSA_CACHE
libkrb5_OBJS=$(libkrb5_OBJS) \
$(OBJ)\lsacache.obj
dist_libkrb5_la_SOURCES=$(dist_libkrb5_la_SOURCES) \
lsacache.c
!endif
$(OBJ)\krb5-protos.h: $(dist_libkrb5_la_SOURCES)
$(PERL) ..\..\cf\make-proto.pl -E KRB5_LIB -q -P remove -o $(OBJ)\krb5-protos.h $(dist_libkrb5_la_SOURCES) || $(RM) -f krb5-protos.h

39
lib/krb5/ccache_plugin.h Normal file
View File

@@ -0,0 +1,39 @@
/***********************************************************************
* Copyright (c) 2010, Secure Endpoints Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* - Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
**********************************************************************/
#ifndef HEIMDAL_KRB5_CCACHE_PLUGIN_H
#define HEIMDAL_KRB5_CCACHE_PLUGIN_H 1
#include <krb5.h>
#define KRB5_PLUGIN_CCACHE "ccache_ops"
#endif /* HEIMDAL_KRB5_CCACHE_PLUGIN_H */

4
lib/krb5/context.c
View File

@@ -247,9 +247,7 @@ cc_ops_register(krb5_context context)
#endif
krb5_cc_register(context, &krb5_kcm_ops, TRUE);
#endif
#ifdef HAVE_MSLSA_CACHE
_krb5_mslsa_register_cc_ops(context, TRUE);
#endif
_krb5_load_ccache_plugins(context);
return 0;
}

92
lib/krb5/lsacache.c
View File

@@ -1,92 +0,0 @@
/*
*/
#include "krb5_locl.h"
#ifdef HAVE_DLFCN_H
#include <dlfcn.h>
#endif
#include <assert.h>
static HEIMDAL_MUTEX lsacc_mutex = HEIMDAL_MUTEX_INITIALIZER;
const krb5_cc_ops * lsacc_ops = NULL;
static void *lsacc_handle;
krb5_error_code
_krb5_mslsa_register_cc_ops(krb5_context context, krb5_boolean override)
{
const char *lib = NULL;
HEIMDAL_MUTEX_lock(&lsacc_mutex);
if (lsacc_ops) {
HEIMDAL_MUTEX_unlock(&lsacc_mutex);
if (context) {
krb5_clear_error_message(context);
krb5_cc_register(context, lsacc_ops, override);
}
return 0;
}
if (context)
lib = krb5_config_get_string(context, NULL,
"libdefaults", "mslsa_library",
NULL);
if (lib == NULL) {
lib = "%{LIBDIR}/mslsa_cc.dll";
}
{
char * explib = NULL;
if (_krb5_expand_path_tokens(context, lib, &explib) == 0) {
lsacc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL);
free(explib);
}
}
if (lsacc_handle == NULL) {
HEIMDAL_MUTEX_unlock(&lsacc_mutex);
if (context)
krb5_set_error_message(context, KRB5_CC_NOSUPP,
N_("Failed to load MSLSA cache module %s", "file"),
lib);
return KRB5_CC_NOSUPP;
}
{
krb5_error_code ret = 0;
krb5_error_code (KRB5_CALLCONV *lsacc_get_ops)(const krb5_cc_ops ** ops);
lsacc_get_ops = (krb5_error_code (KRB5_CALLCONV *)(const krb5_cc_ops **))
dlsym(lsacc_handle, "lsacc_get_ops");
if (lsacc_get_ops) {
ret = (*lsacc_get_ops)(&lsacc_ops);
}
HEIMDAL_MUTEX_unlock(&lsacc_mutex);
if (ret != 0) {
if (context)
krb5_set_error_message(context, KRB5_CC_NOSUPP,
N_("LSA cache initialization failed (%d)",
"error"), ret);
dlclose(lsacc_handle);
return KRB5_CC_NOSUPP;
}
if (lsacc_get_ops == NULL) {
if (context)
krb5_set_error_message(context, KRB5_CC_NOSUPP,
N_("Failed to find lsacc_get_ops"
"in %s: %s", "file, error"), lib, dlerror());
dlclose(lsacc_handle);
return KRB5_CC_NOSUPP;
}
}
assert(lsacc_ops != NULL);
if (context)
return krb5_cc_register(context, lsacc_ops, override);
return 0;
}

66
lib/krb5/pcache.c Normal file
View File

@@ -0,0 +1,66 @@
/***********************************************************************
* Copyright (c) 2010, Secure Endpoints Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* - Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
**********************************************************************/
#include "krb5_locl.h"
#include "ccache_plugin.h"
#ifdef HAVE_DLFCN_H
#include <dlfcn.h>
#endif
#include <assert.h>
krb5_error_code
_krb5_load_ccache_plugins(krb5_context context)
{
struct krb5_plugin * plist = NULL;
struct krb5_plugin *p;
krb5_error_code code;
code = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, KRB5_PLUGIN_CCACHE,
&plist);
if (code)
return code;
for (p = plist; p != NULL; p = _krb5_plugin_get_next(p)) {
krb5_cc_ops * ccops;
krb5_error_code c_load;
ccops = _krb5_plugin_get_symbol(p);
if (ccops != NULL && ccops->version == KRB5_CC_OPS_VERSION) {
c_load = krb5_cc_register(context, ccops, FALSE);
if (c_load != 0)
code = c_load;
}
}
_krb5_plugin_free(plist);
return code;
}

3
windows/NTMakefile.config
View File

@@ -96,8 +96,5 @@ HAVE_SCC=1
DIR_hdbdir=%{COMMON_APPDATA}/heimdal/hdb
# Enable MSLSA cache backend
HAVE_MSLSA_CACHE=1
# Enable weak crypto
WEAK_CRYPTO=1