typedef krb5plugin_authdata_server_ftable_v1 krb5plugin_authdata_ftable_v1;
typedef krb5_error_code
-(*authdata_client_plugin_init_proc)(krb5_context context, void **plugin_context);
+(*authdata_client_plugin_init_proc)(krb5_context context,
+ void **plugin_context);
#define AD_USAGE_AS_REQ 0x01
#define AD_USAGE_TGS_REQ 0x02
#define AD_USAGE_MASK 0x0F
#define AD_INFORMATIONAL 0x10
+struct _krb5_authdata_context;
+
typedef void
-(*authdata_client_plugin_flags_proc)(krb5_context context,
+(*authdata_client_plugin_flags_proc)(krb5_context kcontext,
void *plugin_context,
krb5_authdatatype ad_type,
krb5_flags *flags);
typedef void
-(*authdata_client_plugin_fini_proc)(krb5_context context, void *plugin_context);
+(*authdata_client_plugin_fini_proc)(krb5_context kcontext,
+ void *plugin_context);
typedef krb5_error_code
-(*authdata_client_request_init_proc)(krb5_context context,
+(*authdata_client_request_init_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void **request_context);
typedef void
-(*authdata_client_request_fini_proc)(krb5_context context,
+(*authdata_client_request_fini_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context);
typedef krb5_error_code
-(*authdata_client_import_attributes_proc)(krb5_context context,
+(*authdata_client_import_attributes_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
krb5_authdata **authdata);
typedef krb5_error_code
-(*authdata_client_get_attribute_types_proc)(krb5_context context,
+(*authdata_client_get_attribute_types_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
krb5_data **verified,
krb5_data **all_attrs);
typedef krb5_error_code
-(*authdata_client_get_attribute_proc)(krb5_context context,
+(*authdata_client_get_attribute_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
const krb5_data *attribute,
int *more);
typedef krb5_error_code
-(*authdata_client_set_attribute_proc)(krb5_context context,
+(*authdata_client_set_attribute_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
krb5_boolean complete,
const krb5_data *value);
typedef krb5_error_code
-(*authdata_client_delete_attribute_proc)(krb5_context context,
+(*authdata_client_delete_attribute_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
const krb5_data *attribute);
typedef krb5_error_code
-(*authdata_client_export_attributes_proc)(krb5_context context,
+(*authdata_client_export_attributes_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
krb5_flags usage,
krb5_authdata ***authdata);
typedef krb5_error_code
-(*authdata_client_export_internal_proc)(krb5_context context,
+(*authdata_client_export_internal_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
krb5_boolean restrict_authenticated,
void **ptr);
typedef krb5_error_code
-(*authdata_client_copy_context_proc)(krb5_context context,
+(*authdata_client_copy_context_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
void *dst_plugin_context,
void *dst_request_context);
typedef void
-(*authdata_client_free_internal_proc)(krb5_context context,
+(*authdata_client_free_internal_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
void *ptr);
typedef krb5_error_code
-(*authdata_client_verify_proc)(krb5_context context,
+(*authdata_client_verify_proc)(krb5_context kcontext,
+ struct _krb5_authdata_context *context,
void *plugin_context,
void *request_context,
const krb5_auth_context *auth_context,
/* For now, single request per context. That may change */
code = (*table->request_init)(kcontext,
+ context,
plugin_context,
rcpp);
if ((code != 0 && code != ENOMEM) &&
if (module->client_req_fini != NULL &&
module->request_context != NULL)
(*module->client_req_fini)(kcontext,
+ context,
module->plugin_context,
module->request_context);
assert(authdata[0] != NULL);
code = (*module->ftable->import_attributes)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
authdata);
assert(authdata[0] != NULL);
code = (*module->ftable->import_attributes)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
authdata);
if (code == 0 && module->ftable->verify != NULL) {
code = (*module->ftable->verify)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
auth_context,
continue;
if ((*module->ftable->get_attribute_types)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
verified_attrs ?
continue;
code = (*module->ftable->get_attribute)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
attribute,
continue;
code = (*module->ftable->set_attribute)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
complete,
continue;
code = (*module->ftable->delete_attribute)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
attribute);
continue;
code = (*module->ftable->export_attributes)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
flags,
continue;
code = (*module->ftable->export_internal)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
restrict_authenticated,
continue;
(*module->ftable->free_internal)(kcontext,
+ context,
module->plugin_context,
*(module->request_context_pp),
ptr);
static krb5_error_code
k5_copy_ad_module_data(krb5_context kcontext,
- struct _krb5_authdata_context_module *src_module,
- krb5_authdata_context dst)
+ krb5_authdata_context context,
+ struct _krb5_authdata_context_module *src_module,
+ krb5_authdata_context dst)
{
int i;
krb5_error_code code;
assert(dst_module->request_context_pp == &dst_module->request_context);
code = (*src_module->ftable->copy_context)(kcontext,
+ context,
src_module->plugin_context,
src_module->request_context,
dst_module->plugin_context,
for (i = 0; i < src->n_modules; i++) {
struct _krb5_authdata_context_module *module = &src->modules[i];
- code = k5_copy_ad_module_data(kcontext, module, dst);
+ code = k5_copy_ad_module_data(kcontext, src, module, dst);
if (code != 0)
break;
}
};
static krb5_error_code
-mspac_init(krb5_context context, void **plugin_context)
+mspac_init(krb5_context kcontext, void **plugin_context)
{
*plugin_context = NULL;
return 0;
}
static void
-mspac_flags(krb5_context context,
+mspac_flags(krb5_context kcontext,
void *plugin_context,
krb5_authdatatype ad_type,
krb5_flags *flags)
}
static void
-mspac_fini(krb5_context context, void *plugin_context)
+mspac_fini(krb5_context kcontext, void *plugin_context)
{
return;
}
static krb5_error_code
-mspac_request_init(krb5_context context,
+mspac_request_init(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void **request_context)
{
}
static krb5_error_code
-mspac_import_attributes(krb5_context context,
+mspac_import_attributes(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_authdata **authdata)
struct mspac_context *pacctx = (struct mspac_context *)request_context;
if (pacctx->pac != NULL) {
- krb5_pac_free(context, pacctx->pac);
+ krb5_pac_free(kcontext, pacctx->pac);
pacctx->pac = NULL;
}
assert(authdata[0] != NULL);
assert(authdata[0]->ad_type == KRB5_AUTHDATA_WIN2K_PAC);
- code = krb5_pac_parse(context, authdata[0]->contents,
+ code = krb5_pac_parse(kcontext, authdata[0]->contents,
authdata[0]->length, &pacctx->pac);
return code;
}
static krb5_error_code
-mspac_verify(krb5_context context,
+mspac_verify(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
const krb5_auth_context *auth_context,
if (kdc_issued_flag)
return KRB5KRB_AP_ERR_BAD_INTEGRITY;
- code = krb5_pac_verify(context,
+ code = krb5_pac_verify(kcontext,
pacctx->pac,
req->ticket->enc_part2->times.authtime,
req->ticket->enc_part2->client,
}
static void
-mspac_request_fini(krb5_context context, void *plugin_context, void *request_context)
+mspac_request_fini(krb5_context kcontext,
+ krb5_authdata_context context,
+ void *plugin_context,
+ void *request_context)
{
struct mspac_context *pacctx = (struct mspac_context *)request_context;
if (pacctx != NULL) {
if (pacctx->pac != NULL)
- krb5_pac_free(context, pacctx->pac);
+ krb5_pac_free(kcontext, pacctx->pac);
free(pacctx);
}
}
static krb5_error_code
-mspac_get_attribute_types(krb5_context context,
+mspac_get_attribute_types(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_data **verified,
return ENOMEM;
for (i = 0; i < MSPAC_ATTRIBUTE_COUNT; i++) {
- code = krb5int_copy_data_contents(context,
+ code = krb5int_copy_data_contents(kcontext,
&mspac_attribute_types[i].attribute,
&attrs[i]);
if (code != 0) {
- krb5int_free_data_list(context, attrs);
+ krb5int_free_data_list(kcontext, attrs);
return code;
}
}
j = 0;
/* The entire PAC */
- code = krb5int_copy_data_contents(context,
+ code = krb5int_copy_data_contents(kcontext,
&mspac_attribute_types[0].attribute,
&attrs[j++]);
if (code != 0) {
code = mspac_type2attr(pacctx->pac->pac->Buffers[i].ulType, &attr);
if (code == 0) {
- code = krb5int_copy_data_contents(context, &attr, &attrs[j++]);
+ code = krb5int_copy_data_contents(kcontext, &attr, &attrs[j++]);
if (code != 0) {
- krb5int_free_data_list(context, attrs);
+ krb5int_free_data_list(kcontext, attrs);
return code;
}
} else {
length = asprintf(&attrs[j].data, "mspac:%d",
pacctx->pac->pac->Buffers[i].ulType);
if (length < 0) {
- krb5int_free_data_list(context, attrs);
+ krb5int_free_data_list(kcontext, attrs);
return ENOMEM;
}
attrs[j++].length = length;
}
static krb5_error_code
-mspac_get_attribute(krb5_context context,
+mspac_get_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
const krb5_data *attribute,
/* -1 is a magic type that refers to the entire PAC */
if (type == (krb5_ui_4)-1) {
if (value != NULL)
- code = krb5int_copy_data_contents(context,
+ code = krb5int_copy_data_contents(kcontext,
&pacctx->pac->data,
value);
else
code = 0;
} else {
if (value != NULL)
- code = krb5_pac_get_buffer(context, pacctx->pac, type, value);
+ code = krb5_pac_get_buffer(kcontext, pacctx->pac, type, value);
else
- code = k5_pac_locate_buffer(context, pacctx->pac, type, NULL);
+ code = k5_pac_locate_buffer(kcontext, pacctx->pac, type, NULL);
}
if (code == 0) {
*authenticated = pacctx->pac->verified;
}
static krb5_error_code
-mspac_set_attribute(krb5_context context,
+mspac_set_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_boolean complete,
if (type == (krb5_ui_4)-1) {
krb5_pac newpac;
- code = krb5_pac_parse(context, value->data, value->length, &newpac);
+ code = krb5_pac_parse(kcontext, value->data, value->length, &newpac);
if (code != 0)
return code;
- krb5_pac_free(context, pacctx->pac);
+ krb5_pac_free(kcontext, pacctx->pac);
pacctx->pac = newpac;
} else {
- code = krb5_pac_add_buffer(context, pacctx->pac, type, value);
+ code = krb5_pac_add_buffer(kcontext, pacctx->pac, type, value);
}
return code;
}
static krb5_error_code
-mspac_export_attributes(krb5_context context,
+mspac_export_attributes(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_flags usage,
}
authdata[1] = NULL;
- code = krb5int_copy_data_contents(context, &pacctx->pac->data, &data);
+ code = krb5int_copy_data_contents(kcontext, &pacctx->pac->data, &data);
if (code != 0) {
- krb5_free_authdata(context, authdata);
+ krb5_free_authdata(kcontext, authdata);
return code;
}
}
static krb5_error_code
-mspac_export_internal(krb5_context context,
+mspac_export_internal(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_boolean restrict_authenticated,
if (restrict_authenticated && (pacctx->pac->verified) == FALSE)
return 0;
- code = krb5_pac_parse(context, pacctx->pac->data.data,
+ code = krb5_pac_parse(kcontext, pacctx->pac->data.data,
pacctx->pac->data.length, &pac);
if (code == 0) {
pac->verified = pacctx->pac->verified;
}
static krb5_error_code
-mspac_copy_context(krb5_context context,
+mspac_copy_context(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
void *dst_plugin_context,
assert(dstctx->pac == NULL);
if (srcctx->pac != NULL)
- code = k5_pac_copy(context, srcctx->pac, &dstctx->pac);
+ code = k5_pac_copy(kcontext, srcctx->pac, &dstctx->pac);
return code;
}
static void
-mspac_free_internal(krb5_context context,
+mspac_free_internal(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
void *ptr)
{
if (ptr != NULL)
- krb5_pac_free(context, (krb5_pac)ptr);
+ krb5_pac_free(kcontext, (krb5_pac)ptr);
return;
}
KV5M_DATA, sizeof("greet:greeting") - 1, "greet:greeting" };
static krb5_error_code
-greet_init(krb5_context context, void **plugin_context)
+greet_init(krb5_context kcontext, void **plugin_context)
{
*plugin_context = 0;
return 0;
}
static void
-greet_flags(krb5_context context,
+greet_flags(krb5_context kcontext,
void *plugin_context,
krb5_authdatatype ad_type,
krb5_flags *flags)
}
static void
-greet_fini(krb5_context context, void *plugin_context)
+greet_fini(krb5_context kcontext, void *plugin_context)
{
return;
}
static krb5_error_code
-greet_request_init(krb5_context context,
+greet_request_init(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void **request_context)
{
}
static krb5_error_code
-greet_import_attributes(krb5_context context,
+greet_import_attributes(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_authdata **authdata)
struct greet_context *greet = (struct greet_context *)request_context;
krb5_data data;
- krb5_free_data_contents(context, &greet->greeting);
+ krb5_free_data_contents(kcontext, &greet->greeting);
greet->verified = FALSE;
assert(authdata[0] != NULL);
data.length = authdata[0]->length;
data.data = (char *)authdata[0]->contents;
- code = krb5int_copy_data_contents_add0(context, &data, &greet->greeting);
+ code = krb5int_copy_data_contents_add0(kcontext, &data, &greet->greeting);
return code;
}
static void
-greet_request_fini(krb5_context context,
+greet_request_fini(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context)
{
struct greet_context *greet = (struct greet_context *)request_context;
if (greet != NULL) {
- krb5_free_data_contents(context, &greet->greeting);
+ krb5_free_data_contents(kcontext, &greet->greeting);
free(greet);
}
}
static krb5_error_code
-greet_get_attribute_types(krb5_context context,
+greet_get_attribute_types(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_data **verified,
if (*asserted == NULL)
return ENOMEM;
- code = krb5int_copy_data_contents_add0(context, &greet_attr, &(*asserted)[0]);
+ code = krb5int_copy_data_contents_add0(kcontext, &greet_attr, &(*asserted)[0]);
if (code != 0) {
free(*asserted);
*asserted = NULL;
}
static krb5_error_code
-greet_get_attribute(krb5_context context,
+greet_get_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
const krb5_data *attribute,
*complete = TRUE;
*more = 0;
- return krb5int_copy_data_contents_add0(context, &greet->greeting, value);
+ return krb5int_copy_data_contents_add0(kcontext, &greet->greeting, value);
}
static krb5_error_code
-greet_set_attribute(krb5_context context,
+greet_set_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_boolean complete,
krb5_data data;
krb5_error_code code;
- code = krb5int_copy_data_contents_add0(context, value, &data);
+ code = krb5int_copy_data_contents_add0(kcontext, value, &data);
if (code != 0)
return code;
- krb5_free_data_contents(context, &greet->greeting);
+ krb5_free_data_contents(kcontext, &greet->greeting);
greet->greeting = data;
greet->verified = FALSE;
}
static krb5_error_code
-greet_delete_attribute(krb5_context context,
+greet_delete_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
const krb5_data *attribute)
{
struct greet_context *greet = (struct greet_context *)request_context;
- krb5_free_data_contents(context, &greet->greeting);
+ krb5_free_data_contents(kcontext, &greet->greeting);
greet->verified = FALSE;
return 0;
}
static krb5_error_code
-greet_export_attributes(krb5_context context,
+greet_export_attributes(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
krb5_flags usage,
data[0] = &datum;
data[1] = NULL;
- code = krb5_copy_authdata(context, data, out_authdata);
+ code = krb5_copy_authdata(kcontext, data, out_authdata);
return code;
}
static krb5_error_code
-greet_copy_context(krb5_context context,
+greet_copy_context(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
void *dst_plugin_context,
struct greet_context *src = (struct greet_context *)request_context;
struct greet_context *dst = (struct greet_context *)dst_request_context;
- return krb5int_copy_data_contents_add0(context, &src->greeting, &dst->greeting);
+ return krb5int_copy_data_contents_add0(kcontext,
+ &src->greeting,
+ &dst->greeting);
}
static krb5_error_code
-greet_verify(krb5_context context,
+greet_verify(krb5_context kcontext,
+ krb5_authdata_context context,
void *plugin_context,
void *request_context,
const krb5_auth_context *auth_context,
/*
- * plugins/authdata/greet/
+ * plugins/authdata/greet_server/
*
* Copyright 2009 by the Massachusetts Institute of Technology.
*
projects / thirdparty / krb5.git / commitdiff
