From: Luke Howard Date: Wed, 26 Aug 2009 12:24:51 +0000 (+0000) Subject: sample authdata client plugin X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3c39b3d6b83a88a9d1ff2b5fce9d06b104f90e58;p=thirdparty%2Fkrb5.git sample authdata client plugin git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/authdata@22618 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/plugins/authdata/greet_client/Makefile.in b/src/plugins/authdata/greet_client/Makefile.in index 1c71c4521a..72d665ad27 100644 --- a/src/plugins/authdata/greet_client/Makefile.in +++ b/src/plugins/authdata/greet_client/Makefile.in @@ -1,6 +1,6 @@ thisconfigdir=../../.. -myfulldir=plugins/authdata/greet -mydir=plugins/authdata/greet +myfulldir=plugins/authdata/greet_client +mydir=plugins/authdata/greet_client BUILDTOP=$(REL)..$(S)..$(S).. KRB5_RUN_ENV = @KRB5_RUN_ENV@ KRB5_CONFIG_SETUP = KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf ; export KRB5_CONFIG ; @@ -11,21 +11,20 @@ DEFS=@DEFS@ LOCALINCLUDES = -I../../../include/krb5 -LIBBASE=greet +LIBBASE=greet_client LIBMAJOR=0 LIBMINOR=0 SO_EXT=.so -#RELDIR=../plugins/preauth/wpse -# Depends on nothing -SHLIB_EXPDEPS = -SHLIB_EXPLIBS= +SHLIB_EXPDEPS = $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ + $(TOPLIBD)/libkrb5$(SHLIBEXT) +SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(LIBS) SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) STOBJLISTS=OBJS.ST -STLIBOBJS= greet_auth.o +STLIBOBJS= greet.o -SRCS= greet_auth.c +SRCS= greet.c all-unix:: all-liblinks install-unix:: install-libs diff --git a/src/plugins/authdata/greet_client/greet.c b/src/plugins/authdata/greet_client/greet.c new file mode 100644 index 0000000000..e636c34410 --- /dev/null +++ b/src/plugins/authdata/greet_client/greet.c @@ -0,0 +1,274 @@ +/* + * plugins/authdata/greet_client/ + * + * Copyright 2009 by the Massachusetts Institute of Technology. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * Sample authorization data plugin + */ + +#include +#include +#include "k5-int.h" +#include +#include + +struct greet_context { + krb5_data greeting; +}; + +static krb5_data greet_attr = { + KV5M_DATA, sizeof("greet:greeting") - 1, "greet:greeting" }; + +static krb5_error_code +greet_init(krb5_context context, void **plugin_context) +{ + *plugin_context = 0; + return 0; +} + +static void +greet_flags(krb5_context context, + void *plugin_context, + krb5_authdatatype ad_type, + krb5_flags *flags) +{ + *flags = AD_USAGE_AP_REQ | AD_INFORMATIONAL; +} + +static void +greet_fini(krb5_context context, void *plugin_context) +{ + return; +} + +static krb5_error_code +greet_request_init(krb5_context context, + void *plugin_context, + void **request_context) +{ + struct greet_context *greet; + + greet = malloc(sizeof(*greet)); + if (greet == NULL) + return ENOMEM; + + greet->greeting.data = NULL; + greet->greeting.length = 0; + + *request_context = greet; + + return 0; +} + +static krb5_error_code +greet_import_attributes(krb5_context context, + void *plugin_context, + void *request_context, + krb5_authdata **authdata) +{ + krb5_error_code code; + struct greet_context *greet = (struct greet_context *)request_context; + krb5_data data; + + krb5_free_data_contents(context, &greet->greeting); + + assert(authdata[0] != NULL); + + data.length = authdata[0]->length; + data.data = (char *)authdata[0]->contents; + + code = krb5int_copy_data_contents_add0(context, &data, &greet->greeting); + + return code; +} + +static void +greet_request_fini(krb5_context context, + void *plugin_context, + void *request_context) +{ + struct greet_context *greet = (struct greet_context *)request_context; + + if (greet != NULL) { + krb5_free_data_contents(context, &greet->greeting); + free(greet); + } +} + +static krb5_error_code +greet_get_attribute_types(krb5_context context, + void *plugin_context, + void *request_context, + krb5_data **asserted, + krb5_data **verified) +{ + krb5_error_code code; + struct greet_context *greet = (struct greet_context *)request_context; + + if (greet->greeting.length == 0) + return ENOENT; + + *asserted = calloc(2, sizeof(krb5_data)); + if (*asserted == NULL) + return ENOMEM; + + code = krb5int_copy_data_contents_add0(context, &greet_attr, &(*asserted)[0]); + if (code != 0) { + free(*asserted); + *asserted = NULL; + return code; + } + + *verified = NULL; + + return 0; +} + +static krb5_error_code +greet_get_attribute(krb5_context context, + void *plugin_context, + void *request_context, + const krb5_data *attribute, + krb5_boolean *authenticated, + krb5_boolean *complete, + krb5_data *value, + krb5_data *display_value, + int *more) +{ + struct greet_context *greet = (struct greet_context *)request_context; + + if (!data_eq(*attribute, greet_attr) || greet->greeting.length == 0) + return ENOENT; + + *authenticated = FALSE; + *complete = TRUE; + *more = 0; + + return krb5int_copy_data_contents_add0(context, &greet->greeting, value); +} + +static krb5_error_code +greet_set_attribute(krb5_context context, + void *plugin_context, + void *request_context, + krb5_boolean complete, + const krb5_data *attribute, + const krb5_data *value) +{ + struct greet_context *greet = (struct greet_context *)request_context; + krb5_data data; + krb5_error_code code; + + code = krb5int_copy_data_contents_add0(context, value, &data); + if (code != 0) + return code; + + krb5_free_data_contents(context, &greet->greeting); + greet->greeting = data; + + return 0; +} + +static krb5_error_code +greet_delete_attribute(krb5_context context, + void *plugin_context, + void *request_context, + const krb5_data *attribute) +{ + struct greet_context *greet = (struct greet_context *)request_context; + + krb5_free_data_contents(context, &greet->greeting); + + return 0; +} + +static krb5_error_code +greet_export_attributes(krb5_context context, + void *plugin_context, + void *request_context, + krb5_flags usage, + krb5_authdata ***out_authdata) +{ + struct greet_context *greet = (struct greet_context *)request_context; + krb5_authdata *data[2]; + krb5_authdata datum; + krb5_error_code code; + + datum.ad_type = -42; + datum.length = greet->greeting.length; + datum.contents = (krb5_octet *)greet->greeting.data; + + data[0] = &datum; + data[1] = NULL; + + code = krb5_copy_authdata(context, data, out_authdata); + + return code; +} + +static krb5_error_code +greet_copy_context(krb5_context context, + void *plugin_context, + void *request_context, + void **dst_request_context) +{ + struct greet_context *src = (struct greet_context *)request_context; + struct greet_context *dst = (struct greet_context *)request_context; + krb5_error_code code; + + code = greet_request_init(context, plugin_context, (void **)&dst); + if (code != 0) + return code; + + code = krb5int_copy_data_contents_add0(context, &src->greeting, &dst->greeting); + if (code != 0) { + greet_request_fini(context, plugin_context,(void **)&dst); + return code; + } + + *dst_request_context = dst; + + return 0; +} + +static krb5_authdatatype greet_ad_types[] = { -42, 0 }; + +krb5plugin_authdata_client_ftable_v0 authdata_client_0 = { + "greet", + greet_ad_types, + greet_init, + greet_fini, + greet_flags, + greet_request_init, + greet_request_fini, + greet_get_attribute_types, + greet_get_attribute, + greet_set_attribute, + greet_delete_attribute, + greet_import_attributes, + greet_export_attributes, + NULL, + NULL, + greet_copy_context, + NULL +}; diff --git a/src/plugins/authdata/greet_client/greet.exports b/src/plugins/authdata/greet_client/greet.exports deleted file mode 100644 index 1189effc30..0000000000 --- a/src/plugins/authdata/greet_client/greet.exports +++ /dev/null @@ -1 +0,0 @@ -authdata_server_0 diff --git a/src/plugins/authdata/greet_client/greet_auth.c b/src/plugins/authdata/greet_client/greet_client.c similarity index 100% rename from src/plugins/authdata/greet_client/greet_auth.c rename to src/plugins/authdata/greet_client/greet_client.c diff --git a/src/plugins/authdata/greet_client/greet_client.exports b/src/plugins/authdata/greet_client/greet_client.exports new file mode 100644 index 0000000000..8d5d5c47f4 --- /dev/null +++ b/src/plugins/authdata/greet_client/greet_client.exports @@ -0,0 +1 @@ +authdata_client_0