74 Commits

Author SHA1 Message Date
Taylor R Campbell
6630cf5889 krb5/plugin.c: Constify. 2023-06-20 12:19:48 -05:00
Jeffrey Altman
d4c0d34548 lib/krb5: krb5_get_instance does not work on Windows 7
krb5_get_instance() is meant to ensure that the shared library
instance of heimdal loaded by a plugin matches the instance that
loaded the plugin.  It works by declaring a static C string whose
memory address will be used as an instance identifier.  If the
instance returned from the plugin matches the instance obtain
by the code that loads the plugin, then we can conclude the two
instances are the same.

This doesn't work on Windows 7.  When heimdal.dll loads a plugin
that is linked to heimdal.dll, the plugin's heimdal.dll is always
a new instance.  However, the requirement for plugin safety is
not that the plugin be the same instance in memory but that they
be the same instance on disk.

This change loads the path name and version string for the module
and generates a hash of those strings as an instance identifier.

Change-Id: I1c0651969e9738c5feecb0b323969d13efd4704d
2020-05-27 23:22:40 -05:00
Nicolas Williams
64d5f86ec3 Fix warnings (some bugs, some spurious)
Many spurious VC warnings not quieted though.
2020-03-12 21:02:09 -05:00
Nicolas Williams
ea90ca8666 Move some infra bits of lib/krb5/ to lib/base/ (2)
This is the second of two commits in a series that must be picked together.

This series of two commits moves parts of lib/krb5/ infrastructure
functionality to lib/base/, leaving behind wrappers.

Some parts of libkrb5 are entirely generic or easily made so, and could
be useful in various parts of Heimdal that are not specific to the krb5
API, such as:

 - lib/gssapi/  (especially since the integration of NegoEx)
 - lib/hx509/
 - bx509d       (which should really move out of kdc/)

For the above we need to move these bits of lib/krb5/:

 - lib/krb5/config_file.c   (all of it, leaving forwardings behind)
 - lib/krb5/config_reg.c    (all of it)
 - lib/krb5/plugin.c        (all of it, leaving forwardings behind)
 - lib/krb5/log.c           (all of it, ditto)
 - lib/krb5/heim_err.et     (all of it)

And because of those two, these too must also move:

 - lib/krb5/expand_path.c   (all of it, leaving forwardings behind)
 - lib/krb5/warn.c          (just the warning functions, ditto)

The changes to the moved files are mostly quite straightforward and are
best reviewed with --word-diff=color.

We're also creating a heim_context and a heim API to go with it.  But
it's as thin as possible, with as little state as necessary to enable
this move.  Functions for dealing with error messages use callbacks.

Moving plugin.c does have one knock-on effect on all users of the old
krb5 plugin API (which remains), which is that a global search and
replace of struct krb5_plugin_data to struct heim_plugin_data was
needed, though the layout and size of that structure doesn't change, so
the ABI doesn't either.

As well, we now build lib/vers/ and lib/com_err/ before lib/base/ so as
to be able to move lib/krb5/heim_err.et to lib/base/ so that we can make
use of HEIM_ERR_* in lib/base/, specifically in the files that moved.

Once this is all done we'll be able to use config files and plugins in
lib/hx509/, we'll be able to move bx509d out of kdc/, and so on.

Most if not all of the new functions in lib/base/ are Heimdal-private,
thus calling conventions for them are not declared.

Status:

 - builds and passes CIs (Travis, Appveyor)
 - ran make check-valgrind and no new leaks or other memory errors
 - ready for review

HOW TO REVIEW:

     $ # Review file moves:
     $ git log --stat -n1 HEAD^
     $
     $ # Review changes to moved files using --word-diff=color
     $ git log -p -b -w --word-diff=color HEAD^..HEAD   \
               lib/base/config_file.c                   \
               lib/base/config_reg.c                    \
               lib/base/expand_path.c                   \
               lib/base/warn.c                          \
               lib/krb5/config_file.c                   \
               lib/krb5/config_reg.c                    \
               lib/krb5/expand_path.c                   \
               lib/krb5/warn.c
     $
     $ # Review the whole thing, possibly adding -b and/or -w, and
     $ # maybe --word-diff=color:
     $ git log -p origin/master..HEAD
     $ git log -p -b -w origin/master..HEAD
     $ git log -p -b -w --word-diff=color origin/master..HEAD

TBD (future commits):

 - make lib/gssapi use the new heimbase functions
 - move kx509/bx509d common code to lib/hx509/ or other approp. location
 - move bx509d out of kdc/
2020-03-02 10:56:13 -06:00
Nicolas Williams
b2823cbd74 Move some infra bits of lib/krb5/ to lib/base/ (1)
This is the first of two commits in a series that must be picked
together.

This series of two commits moves parts of lib/krb5/ infrastructure
functionality to lib/base/, leaving behind wrappers.

This commit only renames files to enable git log/diff/blame to follow
the renames: to help future code archeology, and to make reviewing these
two commits easier.

The next commit in this series ensures that the moved files have the
correct content (i.e., defining heim APIs instead of krb5 APIs), and
will create files in lib/krb5 with the same names and krb5 API wrappers
around the new heim API functions.

The next commit also explains the motivation, which, briefly, is to:

 - remove krb5 API usage from lib/gssapi/,
 - enable the use of configuration and plugins in lib/hx509/
   (as well as lib/gssapi/ and future projects),

and

 - enable the further disentanglement of bx509d from kdc/.
2020-03-02 10:56:13 -06:00
Nicolas Williams
7dc134e410 krb5: Move krb5_plugin_load_t typedef to header 2019-11-02 18:49:42 -05:00
Jeffrey Altman
434b34d71c lib/krb5: prevent build failures of krb5_plugin_common on Windows
The Microsoft compiler cannot handle multiple const modifiers
for the same type.    It is also unhappy with the output pointer
parameter being declared const.

This change introduces new typedefs and cast of the dlsym() return
type to prevent warnings.

Change-Id: Ia92645efab8d2ec6745339a6f47c690782ae730a
2019-05-21 22:20:14 -04:00
Jeffrey Altman
ac6fa4cadc lib/krb5: prepare to make common plugins public
Rename common_plugin_ftable to krb5_plugin_common_ftable.

Create lib/krb5/common_plugin.h to include the structure and typedef.

The common_plugin.h header is now included by ccache_plugin.h
along with a prototype for the required ccache_ops_plugin_load()
function.

Change-Id: I2b27d6d0f5cf0544482c3f01784fef945e12e8d8
2019-05-21 22:20:14 -04:00
Jeffrey Altman
df78c88cc0 lib/krb5: common_plugin_ftable_desc funcs KRB5_LIB_CALL
As with the krb5plugin_an2ln_ftable_desc, krb5plugin_db_ftable_desc,
and krb5plugin_kuserok_ftable_desc the function pointers in
common_plugin_ftable_desc must be annotated with KRB5_LIB_CALL.

Change-Id: Ia7ea78743ee9eb8c7f6b648063852ca91a360d2c
2019-05-21 22:20:14 -04:00
Jeffrey Altman
32fe791c2e lib/krb5: common plugin only fallback if load_fn() fails
Only fallback to loading the plugin function table directly if
if the initialization function is not exported.  Failing a
consistency check should not permit falling back to a potentially
incompatible function table.

Change-Id: Ic753ed9a090aef6073853f7309f0f8f0f29d0aa9
2019-05-21 22:20:14 -04:00
Jeffrey Altman
9d3e206b76 lib/krb5: WIN32 _krb5_load_plugins wrong constness
The 'plugin_prefix' variable was declared 'const' which generates
a warning because the C string is freed.

This change removes the 'const' designation.

Change-Id: I6f3838d6dbf1bb496f286c96aea96bae8948930d
2019-01-14 06:12:36 -05:00
Luke Howard
ff21a49cb0 krb5: change "version" to "instance" in plugin error message
A mismatch of instance cookie just means that the instances of Heimdal do not
match; they may in fact be the same version.
2019-01-07 16:49:38 +11:00
Luke Howard
befe1b8f90 always load plugins with RTLD_LOCAL/RTLD_GROUP if available 2019-01-03 20:06:27 -06:00
Luke Howard
803efebca5 krb5, kadm5: refactor plugin API
Refactor plugin framework to use a single list of loaded plugins; add a new
plugin API where DSOs export a load function that can declare dependencies and
export multiple plugins; refactor kadm5 hook API to use krb5 plugin framework.

More information in krb5-plugin(7).
2019-01-03 20:06:27 -06:00
Andrew Bartlett
d99b8acd1c do not dereference NULL pointer modules if we do not have dlopen
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2018-09-10 14:40:51 -04:00
Gary Lockyer
1c8cae58cc heimdal: Use #ifdef HAVE_DLOPEN around functions and variables used by HAVE_DLOPEN
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2018-09-10 14:40:51 -04:00
Jeffrey Altman
8de592ab5a improve resolve_origin readability
comment the HAVE_DLADDR preprocessor #else and #endif
because they are so many lines apart.

indent the strrchr() call after the _Win32 block to demonstrate
they are related.

Change-Id: I112dc91b350b277cdb1dc1cd3ccd8f31a2084409
2014-02-04 23:20:11 -05:00
Nicolas Williams
2820cd7716 Revert "Minor WIN32/POSIX bug in resolve_origin()"
This reverts commit c9985fc695.
2014-02-04 14:37:54 -06:00
Nicolas Williams
c9985fc695 Minor WIN32/POSIX bug in resolve_origin() 2013-12-13 13:28:51 -06:00
Arran Cudbard-Bell
f604e424d1 Issue : bus error in resolve_origin()
resolve_origin attempts to insert '\0' into a field from a DL_info
struct, causes BUS error.

Signed-off-by: Nicolas Williams <nico@cryptonector.com>
2013-12-13 13:27:57 -06:00
Jeffrey Altman
9f2a06a80e Windows: Construct paths for LoadLibrary with backslashes
Mixing forward and backslashes is confusing.  Use the expected
backslashes.

Change-Id: Ia775c73eca430138f677decc1975aad0a401fc53
2013-09-13 22:19:00 -04:00
Jeffrey Altman
ce3d2be1c7 _krb5_load_plugins: Windows naming rules
Windows plugins must be loaded from the same directory as the
heimdal.dll in order to ensure that "DLL Hell" is not revisited.
Since plugins cannot be grouped in a directory by "module" name
the plugins must have a name of the form:

  plugin_<module>_<name>.dll

Construct the "plugin_<module>_" prefix string dynamically and
test for both the prefix and the ".dll" extension when building
the list of plugins to load.

Change-Id: I0ff7bf7287f8fb38061c226f0844d7d0f1fb59ec
2013-09-10 22:31:43 -04:00
Jeffrey Altman
5a8da41b38 krb5 plugin fix typo in comment
Change-Id: Ic73d44fa14f38f078dbc97a0aa94d2b0ba1f5028
2013-09-10 22:31:42 -04:00
Jeffrey Altman
31a00d6647 ISPATHSEP and ISTILDE macros; Windows portability
Windows treats '\\' and '/' equivalently but we cannot control
the form that will be used by end users.  Introduce ISPATHSEP()
macro which tests only for '/' on UNIX and both on Windows.
Introduce ISTILDE() macro to test for '~'.   When testing for
'/' with strchr() or strrchr() add conditional checks for '\\' on
Windows.

Change-Id: Ia85e698fc88f15a6a71db649db5417f02ef7e5fe
2013-09-10 22:31:38 -04:00
Nicolas Williams
3e74e2e3bb Fix some DLL hell: use dladdr() to find plugin dir
Normally one would dlopen() a shared object's basename, not its absolute
path.  However, lib/krb5/plugin.c, in an effort to be zero-conf-ish,
wants to readdir() to find plugins to load, and in the process it ends
up defeating the RTLD's search-the-caller's-rpath.

This commit partially addresses this by allowing the use of $ORIGIN in
plugin_dir values and using them for the default (except on OS X).

This allows multiple Heimdal versions installed on the same host, but
with different plugin ABIs, to co-exist.  A step forward for doing make
check on hosts where Heimdal is installed.

For now we hardcode $ORIGIN/../lib/plugin/krb5 (linux, Solaris, *BSD),
or $ORIGIN (Windows; for assemblies objects need to be in the same
directory) and we eval $ORIGIN by using dladdr() (Linux, Solaris) or
GetModuleHandleEx() (Win32, via a dladdr() wrapper in libroken) to find
the path to libkrb5 whose dirname to use as $ORIGIN.  For Windows,
because we need the plugins to be in the same directory as libkrb5, we
require a prefix on plugin DLLs ("plugin_krb5_") to distinguish them
from other objects.

We should add a special token to mean "look in $ORIGIN, sure, but
dlopen() the plugin basenames only (so the RTLD can search the rpath)".
2013-09-06 16:51:53 -05:00
Jeffrey Altman
5f138a16ef libkrb5: Add missing KRB5_LIB_FUNCTION/KRB5_LIB_CALL
KRB5_LIB_FUNCTION and KRB5_LIB_CALL are necessary even on private
functions that are exported.

Change-Id: Iccd0cfe87ff0a9d851e29890e9cb55b3ae517ce1
2013-06-22 21:17:32 -04:00
Love Hornquist Astrand
a3f21747aa move to new plugin system 2013-06-04 00:16:55 -07:00
Nicolas Williams
d4f23fe2ae Revert c1423a8 and fix things up
Also, we were stopping as soon as one registered plugin returned
something other than KRB5_PLUGIN_NO_HANDLE, but we weren't doing the
same for discovered plugins.  Add KRB5_PLUGIN_INVOKE_ALL flag to deal
with this; by default we'll stop at the first plugin that returns
anything other than KRB5_PLUGIN_NO_HANDLE.

Other buglets fixed as in c1423a8.
2013-03-05 21:44:43 -06:00
Love Hornquist Astrand
c1423a8eea redo plugin interface 2013-02-10 22:50:49 -08:00
Love Hornquist Astrand
58ff480763 rewrite send to kdc to be more agressive, try kdcs in paralell and easier to configure behavior 2013-02-10 19:02:52 -08:00
Love Hornquist Astrand
b45e4a6f98 require version >= 0 2012-10-07 11:13:17 -07:00
Jeffrey Altman
8257cc2232 Plugin functions should be KRB5_LIB_CALL
Plugin functions should be KRB5_LIB_CALL for speed on Windows.

Change-Id: Iaa4dcf73fd2e29e3f95feede5217eac4eaded4e2
2012-03-13 23:56:11 -04:00
Love Hornquist Astrand
8e1b58e923 move function pointer to last argument 2011-12-15 21:48:33 -08:00
Nicolas Williams
ad7e54d698 Generalize token expansion to allow for context-specific tokens 2011-12-08 13:33:37 -06:00
Nicolas Williams
6aec02f979 Make krb5_kuserok() pluggable and add features (including MIT config compat) 2011-12-08 13:33:36 -06:00
Nicolas Williams
cfe7f6312a Improve _krb5_plugin_run_f() 2011-12-08 13:33:36 -06:00
Love Hörnquist Åstrand
01884ebf2f fix argument order 2011-12-03 13:24:15 -08:00
Nicolas Williams
d0abcebf80 Make _krb5_plugin_run_f() use krb5_plugin_register()ed plugins too 2011-12-02 00:58:26 -06:00
Love Hörnquist Åstrand
354ef711f3 restructure 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
1d7c483db2 use get and set 2011-11-21 20:34:35 -08:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Jeffrey Altman
6850d6a65f avoid uninit variable and unreachable code warnings
most of these warnings are not problems because of ample
use of abort() calls.  However, the large number of warnings
makes it difficult to identify real problems.  Initialize
the variables to shut up the compilers.

Change-Id: I8477c11b17c7b6a7d9074c721fdd2d7303b186a8
2011-05-17 12:02:16 -04:00
Asanka C. Herath
0f853405fe Add missing export and calling convention annotations 2010-11-24 15:32:49 -05:00
Asanka C. Herath
03694f3505 Trim trailing slashes of plug-in paths 2010-11-24 15:32:11 -05:00
Asanka C. Herath
6abe08a0a3 Validate plug-in names before loading
On Windows, we only want to load .dll files are plug-ins, even though
there might be other support files present in the plug-in directory.
2010-11-24 15:32:06 -05:00
Asanka C. Herath
7fea5ff69a Use expanded path names when loading plug-ins 2010-11-24 15:32:05 -05:00
Love Hornquist Astrand
e0a1e0a806 simplify 2010-10-27 20:48:55 -07:00
Love Hornquist Astrand
7259b7deff new way to run plugins that have less overhead (code and performance vice) 2010-10-27 20:42:35 -07:00
Love Hornquist Astrand
788189805c catch error from as.*printf 2010-05-30 13:28:49 -07:00
Love Hornquist Astrand
2664543dd5 spelling 2010-05-27 10:41:39 -05:00