From b9820f5b3bfe1347565a39b6f8dce97828e8a2a3 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 29 Sep 2014 11:19:08 -0400 Subject: [PATCH] Update test KDC authdata module to new interface Remove plugins/authdata/greet, which was a v0 KDC module. Modify plugins/authdata/greet_server to use the new interface. Within greet_auth.c, remove the unused function greet_kdc_verify. Build the greet_client and greet_server modules by default, but do not install them. --- src/Makefile.in | 3 +- src/configure.in | 1 - src/plugins/authdata/greet/Makefile.in | 23 ----- src/plugins/authdata/greet/deps | 6 -- src/plugins/authdata/greet/greet.exports | 1 - src/plugins/authdata/greet/greet_auth.c | 99 ------------------- src/plugins/authdata/greet_client/Makefile.in | 3 +- src/plugins/authdata/greet_server/Makefile.in | 3 +- .../authdata/greet_server/greet_auth.c | 78 +++------------ .../greet_server/greet_server.exports | 2 +- 10 files changed, 21 insertions(+), 198 deletions(-) delete mode 100644 src/plugins/authdata/greet/Makefile.in delete mode 100644 src/plugins/authdata/greet/deps delete mode 100644 src/plugins/authdata/greet/greet.exports delete mode 100644 src/plugins/authdata/greet/greet_auth.c diff --git a/src/Makefile.in b/src/Makefile.in index 65951c5fb9..3c81b22aa3 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -6,7 +6,6 @@ mydir=. # plugins/locate/python # plugins/preauth/wpse # plugins/preauth/cksum_body -# plugins/authdata/greet SUBDIRS=util include lib \ @sam2_plugin@ \ plugins/audit \ @@ -16,6 +15,8 @@ SUBDIRS=util include lib \ plugins/hostrealm/test \ plugins/localauth/test \ plugins/pwqual/test \ + plugins/authdata/greet_server \ + plugins/authdata/greet_client \ plugins/kdb/db2 \ @ldap_plugin_dir@ \ plugins/kdb/test \ diff --git a/src/configure.in b/src/configure.in index f1ba570e6a..13a9b58a15 100644 --- a/src/configure.in +++ b/src/configure.in @@ -1451,7 +1451,6 @@ dnl ccapi ccapi/lib ccapi/lib/unix ccapi/server ccapi/server/unix ccapi/test plugins/preauth/otp plugins/preauth/securid_sam2 plugins/preauth/wpse - plugins/authdata/greet plugins/authdata/greet_client plugins/authdata/greet_server plugins/tls/k5tls diff --git a/src/plugins/authdata/greet/Makefile.in b/src/plugins/authdata/greet/Makefile.in deleted file mode 100644 index f204e2f3a9..0000000000 --- a/src/plugins/authdata/greet/Makefile.in +++ /dev/null @@ -1,23 +0,0 @@ -mydir=plugins$(S)authdata$(S)greet -BUILDTOP=$(REL)..$(S)..$(S).. -MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR) - -LIBBASE=greet -LIBMAJOR=0 -LIBMINOR=0 -#RELDIR=../plugins/preauth/wpse -# Depends on nothing -SHLIB_EXPDEPS = -SHLIB_EXPLIBS= - -STLIBOBJS= greet_auth.o - -SRCS= greet_auth.c - -all-unix:: all-libs -install-unix:: install-libs -clean-unix:: clean-libs clean-libobjs - -@libnover_frag@ -@libobj_frag@ - diff --git a/src/plugins/authdata/greet/deps b/src/plugins/authdata/greet/deps deleted file mode 100644 index ea4b503104..0000000000 --- a/src/plugins/authdata/greet/deps +++ /dev/null @@ -1,6 +0,0 @@ -# -# Generated makefile dependencies follow. -# -greet_auth.so greet_auth.po $(OUTPRE)greet_auth.$(OBJEXT): \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5/authdata_plugin.h \ - greet_auth.c diff --git a/src/plugins/authdata/greet/greet.exports b/src/plugins/authdata/greet/greet.exports deleted file mode 100644 index 1189effc30..0000000000 --- a/src/plugins/authdata/greet/greet.exports +++ /dev/null @@ -1 +0,0 @@ -authdata_server_0 diff --git a/src/plugins/authdata/greet/greet_auth.c b/src/plugins/authdata/greet/greet_auth.c deleted file mode 100644 index beac135a38..0000000000 --- a/src/plugins/authdata/greet/greet_auth.c +++ /dev/null @@ -1,99 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* plugins/authdata/greet/greet_auth.c */ -/* - * Copyright 2008 by the Massachusetts Institute of Technology. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* - * - * Sample authorization data plugin - */ - -#include -#include -#include - -typedef struct krb5_db_entry krb5_db_entry; - -static krb5_error_code -greet_init(krb5_context ctx, void **blob) -{ - *blob = "hello"; - return 0; -} - -static void -greet_fini(krb5_context ctx, void *blob) -{ -} - -static krb5_error_code -greet_authdata(krb5_context ctx, krb5_db_entry *client, - krb5_data *req_pkt, - krb5_kdc_req *request, - krb5_enc_tkt_part * enc_tkt_reply) -{ -#define GREET_SIZE (20) - - char *p; - krb5_authdata *a; - size_t count; - krb5_authdata **new_ad; - - p = calloc(1, GREET_SIZE); - a = calloc(1, sizeof(*a)); - - if (p == NULL || a == NULL) { - free(p); - free(a); - return ENOMEM; - } - strncpy(p, "hello there", GREET_SIZE-1); - a->magic = KV5M_AUTHDATA; - a->ad_type = -42; - a->length = GREET_SIZE; - a->contents = (unsigned char *)p; - if (enc_tkt_reply->authorization_data == 0) { - count = 0; - } else { - for (count = 0; enc_tkt_reply->authorization_data[count] != 0; count++) - ; - } - new_ad = realloc(enc_tkt_reply->authorization_data, - (count+2) * sizeof(krb5_authdata *)); - if (new_ad == NULL) { - free(p); - free(a); - return ENOMEM; - } - enc_tkt_reply->authorization_data = new_ad; - new_ad[count] = a; - new_ad[count+1] = NULL; - return 0; -} - -krb5plugin_authdata_ftable_v0 authdata_server_0 = { - "greet", - greet_init, - greet_fini, - greet_authdata, -}; diff --git a/src/plugins/authdata/greet_client/Makefile.in b/src/plugins/authdata/greet_client/Makefile.in index 7f7277b101..e1af8cccfa 100644 --- a/src/plugins/authdata/greet_client/Makefile.in +++ b/src/plugins/authdata/greet_client/Makefile.in @@ -1,6 +1,5 @@ mydir=plugins$(S)authdata$(S)greet_client BUILDTOP=$(REL)..$(S)..$(S).. -MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR) LIBBASE=greet_client LIBMAJOR=0 @@ -13,7 +12,7 @@ STLIBOBJS= greet.o SRCS= greet.c all-unix:: all-libs -install-unix:: install-libs +install-unix:: clean-unix:: clean-libs clean-libobjs @libnover_frag@ diff --git a/src/plugins/authdata/greet_server/Makefile.in b/src/plugins/authdata/greet_server/Makefile.in index 598ee1fa30..a013076a50 100644 --- a/src/plugins/authdata/greet_server/Makefile.in +++ b/src/plugins/authdata/greet_server/Makefile.in @@ -1,6 +1,5 @@ mydir=plugins$(S)authdata$(S)greet_server BUILDTOP=$(REL)..$(S)..$(S).. -MODULE_INSTALL_DIR = $(KRB5_AD_MODULE_DIR) LIBBASE=greet_server LIBMAJOR=1 @@ -14,7 +13,7 @@ STLIBOBJS= greet_auth.o SRCS= greet_auth.c all-unix:: all-libs -install-unix:: install-libs +install-unix:: clean-unix:: clean-libs clean-libobjs @libnover_frag@ diff --git a/src/plugins/authdata/greet_server/greet_auth.c b/src/plugins/authdata/greet_server/greet_auth.c index 9d8444bb9f..1f1e9de435 100644 --- a/src/plugins/authdata/greet_server/greet_auth.c +++ b/src/plugins/authdata/greet_server/greet_auth.c @@ -29,19 +29,7 @@ */ #include -#include -#include - -static krb5_error_code -greet_init(krb5_context ctx, void **blob) -{ - return 0; -} - -static void -greet_fini(krb5_context ctx, void *blob) -{ -} +#include static krb5_error_code greet_hello(krb5_context context, krb5_data **ret) { @@ -53,49 +41,6 @@ static krb5_error_code greet_hello(krb5_context context, krb5_data **ret) return krb5_copy_data(context, &tmp, ret); } -static krb5_error_code -greet_kdc_verify(krb5_context context, - krb5_enc_tkt_part *enc_tkt_request, - krb5_data **greeting) -{ - krb5_error_code code; - krb5_authdata **tgt_authdata = NULL; - krb5_authdata **kdc_issued = NULL; - krb5_authdata **greet = NULL; - - code = krb5_find_authdata(context, enc_tkt_request->authorization_data, - NULL, KRB5_AUTHDATA_KDC_ISSUED, &tgt_authdata); - if (code != 0 || tgt_authdata == NULL) - return 0; - - code = krb5_verify_authdata_kdc_issued(context, - enc_tkt_request->session, - tgt_authdata[0], - NULL, - &kdc_issued); - if (code != 0) { - krb5_free_authdata(context, tgt_authdata); - return code; - } - - code = krb5_find_authdata(context, kdc_issued, NULL, -42, &greet); - if (code == 0) { - krb5_data tmp; - - tmp.data = (char *)greet[0]->contents; - tmp.length = greet[0]->length; - - code = krb5_copy_data(context, &tmp, greeting); - } else - code = 0; - - krb5_free_authdata(context, tgt_authdata); - krb5_free_authdata(context, kdc_issued); - krb5_free_authdata(context, greet); - - return code; -} - static krb5_error_code greet_kdc_sign(krb5_context context, krb5_enc_tkt_part *enc_tkt_reply, @@ -149,6 +94,7 @@ greet_kdc_sign(krb5_context context, static krb5_error_code greet_authdata(krb5_context context, + krb5_kdcauthdata_moddata moddata, unsigned int flags, krb5_db_entry *client, krb5_db_entry *server, @@ -179,9 +125,17 @@ greet_authdata(krb5_context context, return code; } -krb5plugin_authdata_server_ftable_v2 authdata_server_2 = { - "greet", - greet_init, - greet_fini, - greet_authdata, -}; +krb5_error_code +kdcauthdata_greet_initvt(krb5_context context, int maj_ver, int min_ver, + krb5_plugin_vtable vtable); + +krb5_error_code +kdcauthdata_greet_initvt(krb5_context context, int maj_ver, int min_ver, + krb5_plugin_vtable vtable) +{ + krb5_kdcauthdata_vtable vt = (krb5_kdcauthdata_vtable)vtable; + + vt->name = "greet"; + vt->handle = greet_authdata; + return 0; +} diff --git a/src/plugins/authdata/greet_server/greet_server.exports b/src/plugins/authdata/greet_server/greet_server.exports index ed34a7f627..bddbef18db 100644 --- a/src/plugins/authdata/greet_server/greet_server.exports +++ b/src/plugins/authdata/greet_server/greet_server.exports @@ -1 +1 @@ -authdata_server_2 +kdcauthdata_greet_initvt -- 2.47.3