* int min_ver, krb5_plugin_vtable vtable);
*
* The kdcpreauth interface has a single supported major version, which is 1.
- * Major version 1 has a current minor version of 1. kdcpreauth modules should
+ * Major version 1 has a current minor version of 2. kdcpreauth modules should
* define a function named kdcpreauth_<modulename>_initvt, matching the
* signature:
*
krb5_kdcpreauth_moddata moddata,
krb5_kdcpreauth_modreq modreq);
+/* Optional: invoked after init_fn to provide the module with a pointer to the
+ * verto main loop. */
+typedef krb5_error_code
+(*krb5_kdcpreauth_loop_fn)(krb5_context context,
+ krb5_kdcpreauth_moddata moddata,
+ struct verto_ctx *ctx);
+
typedef struct krb5_kdcpreauth_vtable_st {
/* Mandatory: name of module. */
char *name;
krb5_kdcpreauth_verify_fn verify;
krb5_kdcpreauth_return_fn return_padata;
krb5_kdcpreauth_free_modreq_fn free_modreq;
+ /* Minor 1 ends here. */
+
+ krb5_kdcpreauth_loop_fn loop;
+ /* Minor 2 ends here. */
} *krb5_kdcpreauth_vtable;
#endif /* KRB5_PREAUTH_PLUGIN_H_INCLUDED */
krb5_kdcpreauth_verify_fn verify_padata;
krb5_kdcpreauth_return_fn return_padata;
krb5_kdcpreauth_free_modreq_fn free_modreq;
+ krb5_kdcpreauth_loop_fn loop;
} preauth_system;
static void
if (vtables == NULL)
goto cleanup;
for (pl = plugins, n_tables = 0; *pl != NULL; pl++) {
- if ((*pl)(context, 1, 1, (krb5_plugin_vtable)&vtables[n_tables]) == 0)
+ if ((*pl)(context, 1, 2, (krb5_plugin_vtable)&vtables[n_tables]) == 0)
n_tables++;
}
for (i = 0, n_systems = 0; i < n_tables; i++) {
}
void
-load_preauth_plugins(struct server_handle *handle, krb5_context context)
+load_preauth_plugins(struct server_handle *handle, krb5_context context,
+ verto_ctx *ctx)
{
krb5_error_code ret;
struct krb5_kdcpreauth_vtable_st *vtables = NULL, *vt;
continue;
}
}
+
+ if (vt->loop) {
+ ret = vt->loop(context, moddata, ctx);
+ if (ret) {
+ emsg = krb5_get_error_message(context, ret);
+ krb5_klog_syslog(LOG_ERR, _("preauth %s failed to setup "
+ "loop: %s"), vt->name, emsg);
+ krb5_free_error_message(context, emsg);
+ if (vt->fini)
+ vt->fini(context, moddata);
+ continue;
+ }
+ }
+
/* Add this module to the systems list once for each pa type. */
for (j = 0; vt->pa_type_list[j] > 0; j++) {
sys = &preauth_systems[n_systems];
sys->verify_padata = vt->verify;
sys->return_padata = vt->return_padata;
sys->free_modreq = vt->free_modreq;
+ sys->loop = vt->loop;
n_systems++;
}
}
krb5_kdcpreauth_rock rock, krb5_pa_data ***e_data_out,
kdc_hint_respond_fn respond, void *arg);
void
-load_preauth_plugins(struct server_handle * handle, krb5_context context);
+load_preauth_plugins(struct server_handle * handle, krb5_context context,
+ verto_ctx *ctx);
void
unload_preauth_plugins(krb5_context context);
return 1;
}
- load_preauth_plugins(&shandle, kcontext);
+ load_preauth_plugins(&shandle, kcontext, ctx);
load_authdata_plugins(kcontext);
retval = setup_sam();
projects / thirdparty / krb5.git / commitdiff
