For a detailed description of the kadm5_hook interface, see the header
file ``<krb5/kadm5_hook_plugin.h>``.
-The kadm5_hook interface has four primary methods: **chpass**,
-**create**, **modify**, and **remove**. Each of these methods is
+The kadm5_hook interface has five primary methods: **chpass**,
+**create**, **modify**, **remove**, and **rename**. (The **rename**
+method was introduced in release 1.14.) Each of these methods is
called twice when the corresponding administrative action takes place,
once before the action is committed and once afterwards. A module can
prevent the action from taking place by returning an error code during
* This interface depends on kadm5/admin.h. As such, the interface
* does not provide strong guarantees of ABI stability.
*
+ * The kadm5_hook interface currently has only one supported major version,
+ * which is 1. Major version 1 has a current minor version number of 2.
+ *
* kadm5_hook plugins should:
* kadm5_hook_<modulename>_initvt, matching the signature:
*
int stage, krb5_principal);
/* End of minor version 1. */
+
+ /** Indicate a principal is renamed. */
+ kadm5_ret_t (*rename)(krb5_context,
+ kadm5_hook_modinfo *modinfo,
+ int stage, krb5_principal, krb5_principal);
+
+ /* End of minor version 2. */
+
} kadm5_hook_vftable_1;
#endif /*H_KRB5_KADM5_HOOK_PLUGIN*/
int stage,
krb5_principal princ);
+/** Call rename kadm5_hook entry point. */
+kadm5_ret_t
+k5_kadm5_hook_rename (krb5_context context,
+ kadm5_hook_handle *handles,
+ int stage,
+ krb5_principal oprinc, krb5_principal nprinc);
+
/** @}*/
#endif /* __KADM5_SERVER_INTERNAL_H__ */
handle = k5alloc(sizeof(*handle), &ret);
if (handle == NULL)
goto cleanup;
- ret = (*mod)(context, 1, 1, (krb5_plugin_vtable)&handle->vt);
+ ret = (*mod)(context, 1, 2, (krb5_plugin_vtable)&handle->vt);
if (ret != 0) { /* Failed vtable init is non-fatal. */
free(handle);
handle = NULL;
return 0;
}
+kadm5_ret_t
+k5_kadm5_hook_rename(krb5_context context, kadm5_hook_handle *handles,
+ int stage, krb5_principal oprinc, krb5_principal nprinc)
+{
+ ITERATE(rename, (context, h->data, stage, oprinc, nprinc));
+ return 0;
+}
+
kadm5_ret_t
k5_kadm5_hook_remove(krb5_context context, kadm5_hook_handle *handles,
int stage, krb5_principal princ)
goto done;
}
+ ret = k5_kadm5_hook_rename(handle->context, handle->hook_handles,
+ KADM5_HOOK_STAGE_PRECOMMIT, source, target);
+ if (ret)
+ goto done;
+
if ((ret = kdb_put_entry(handle, kdb, &adb)))
goto done;
+ (void) k5_kadm5_hook_rename(handle->context, handle->hook_handles,
+ KADM5_HOOK_STAGE_POSTCOMMIT, source, target);
+
ret = kdb_delete_entry(handle, source);
done:
return 0;
}
+static kadm5_ret_t
+rename_hook(krb5_context context, kadm5_hook_modinfo *modinfo, int stage,
+ krb5_principal oprinc, krb5_principal nprinc)
+{
+ log_call(context, "rename", stage, oprinc);
+ return 0;
+}
krb5_error_code
kadm5_hook_test_initvt(krb5_context context, int maj_ver, int min_ver,
vt->name = "test";
vt->chpass = chpass;
vt->create = create;
+ vt->rename = rename_hook;
return 0;
}
if "create: stage precommit" not in output:
fail('kadm5_hook test output not found')
+output = realm.run([kadminl, 'renprinc', 'test', 'test2'])
+if "rename: stage precommit" not in output:
+ fail('kadm5_hook test output not found')
+
success('kadm5_hook')
projects / thirdparty / krb5.git / commitdiff
