From 6ba4950ca2631205ed72bb1d24f7f44982070280 Mon Sep 17 00:00:00 2001 From: "Asanka C. Herath" Date: Sat, 18 Sep 2010 23:37:32 -0400 Subject: [PATCH] Generalize MSLSA ccache type to a plug-in based ccache type --- lib/krb5/Makefile.am | 3 +- lib/krb5/NTMakefile | 10 ++---- lib/krb5/ccache_plugin.h | 39 ++++++++++++++++++++ lib/krb5/context.c | 4 +-- lib/krb5/lsacache.c | 92 ----------------------------------------------- lib/krb5/pcache.c | 66 ++++++++++++++++++++++++++++++++++ windows/NTMakefile.config | 3 -- 7 files changed, 110 insertions(+), 107 deletions(-) create mode 100644 lib/krb5/ccache_plugin.h delete mode 100644 lib/krb5/lsacache.c create mode 100644 lib/krb5/pcache.c diff --git a/lib/krb5/Makefile.am b/lib/krb5/Makefile.am index 62346e767..bb7ddf43b 100644 --- a/lib/krb5/Makefile.am +++ b/lib/krb5/Makefile.am @@ -152,6 +152,7 @@ dist_libkrb5_la_SOURCES = \ n-fold.c \ pac.c \ padata.c \ + pcache.c \ pkinit.c \ principal.c \ prog_setup.c \ @@ -258,7 +259,7 @@ nodist_include_HEADERS = krb5_err.h heim_err.h k524_err.h # XXX use nobase_include_HEADERS = krb5/locate_plugin.h krb5dir = $(includedir)/krb5 -krb5_HEADERS = locate_plugin.h send_to_kdc_plugin.h +krb5_HEADERS = locate_plugin.h send_to_kdc_plugin.h ccache_plugin.h build_HEADERZ = \ $(krb5_HEADERS) \ diff --git a/lib/krb5/NTMakefile b/lib/krb5/NTMakefile index b534e6ec0..d5b20e775 100644 --- a/lib/krb5/NTMakefile +++ b/lib/krb5/NTMakefile @@ -124,6 +124,7 @@ libkrb5_OBJS = \ $(OBJ)\store_emem.obj \ $(OBJ)\store_fd.obj \ $(OBJ)\store_mem.obj \ + $(OBJ)\pcache.obj \ $(OBJ)\plugin.obj \ $(OBJ)\ticket.obj \ $(OBJ)\time.obj \ @@ -253,6 +254,7 @@ dist_libkrb5_la_SOURCES = \ store_emem.c \ store_fd.c \ store_mem.c \ + pcache.c \ plugin.c \ ticket.c \ time.c \ @@ -264,14 +266,6 @@ dist_libkrb5_la_SOURCES = \ warn.c \ write_message.c -!ifdef HAVE_MSLSA_CACHE -libkrb5_OBJS=$(libkrb5_OBJS) \ - $(OBJ)\lsacache.obj - -dist_libkrb5_la_SOURCES=$(dist_libkrb5_la_SOURCES) \ - lsacache.c -!endif - $(OBJ)\krb5-protos.h: $(dist_libkrb5_la_SOURCES) $(PERL) ..\..\cf\make-proto.pl -E KRB5_LIB -q -P remove -o $(OBJ)\krb5-protos.h $(dist_libkrb5_la_SOURCES) || $(RM) -f krb5-protos.h diff --git a/lib/krb5/ccache_plugin.h b/lib/krb5/ccache_plugin.h new file mode 100644 index 000000000..f6871d65d --- /dev/null +++ b/lib/krb5/ccache_plugin.h @@ -0,0 +1,39 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#ifndef HEIMDAL_KRB5_CCACHE_PLUGIN_H +#define HEIMDAL_KRB5_CCACHE_PLUGIN_H 1 + +#include + +#define KRB5_PLUGIN_CCACHE "ccache_ops" + +#endif /* HEIMDAL_KRB5_CCACHE_PLUGIN_H */ diff --git a/lib/krb5/context.c b/lib/krb5/context.c index 0b12e6c48..0897c5e7a 100644 --- a/lib/krb5/context.c +++ b/lib/krb5/context.c @@ -247,9 +247,7 @@ cc_ops_register(krb5_context context) #endif krb5_cc_register(context, &krb5_kcm_ops, TRUE); #endif -#ifdef HAVE_MSLSA_CACHE - _krb5_mslsa_register_cc_ops(context, TRUE); -#endif + _krb5_load_ccache_plugins(context); return 0; } diff --git a/lib/krb5/lsacache.c b/lib/krb5/lsacache.c deleted file mode 100644 index 21f05f1a1..000000000 --- a/lib/krb5/lsacache.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - */ - -#include "krb5_locl.h" -#ifdef HAVE_DLFCN_H -#include -#endif -#include - -static HEIMDAL_MUTEX lsacc_mutex = HEIMDAL_MUTEX_INITIALIZER; -const krb5_cc_ops * lsacc_ops = NULL; - -static void *lsacc_handle; - -krb5_error_code -_krb5_mslsa_register_cc_ops(krb5_context context, krb5_boolean override) -{ - const char *lib = NULL; - - HEIMDAL_MUTEX_lock(&lsacc_mutex); - if (lsacc_ops) { - HEIMDAL_MUTEX_unlock(&lsacc_mutex); - if (context) { - krb5_clear_error_message(context); - krb5_cc_register(context, lsacc_ops, override); - } - return 0; - } - - if (context) - lib = krb5_config_get_string(context, NULL, - "libdefaults", "mslsa_library", - NULL); - if (lib == NULL) { - lib = "%{LIBDIR}/mslsa_cc.dll"; - } - - { - char * explib = NULL; - if (_krb5_expand_path_tokens(context, lib, &explib) == 0) { - lsacc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL); - free(explib); - } - } - - if (lsacc_handle == NULL) { - HEIMDAL_MUTEX_unlock(&lsacc_mutex); - if (context) - krb5_set_error_message(context, KRB5_CC_NOSUPP, - N_("Failed to load MSLSA cache module %s", "file"), - lib); - return KRB5_CC_NOSUPP; - } - - { - krb5_error_code ret = 0; - krb5_error_code (KRB5_CALLCONV *lsacc_get_ops)(const krb5_cc_ops ** ops); - - lsacc_get_ops = (krb5_error_code (KRB5_CALLCONV *)(const krb5_cc_ops **)) - dlsym(lsacc_handle, "lsacc_get_ops"); - - if (lsacc_get_ops) { - ret = (*lsacc_get_ops)(&lsacc_ops); - } - - HEIMDAL_MUTEX_unlock(&lsacc_mutex); - - if (ret != 0) { - if (context) - krb5_set_error_message(context, KRB5_CC_NOSUPP, - N_("LSA cache initialization failed (%d)", - "error"), ret); - dlclose(lsacc_handle); - return KRB5_CC_NOSUPP; - } - - if (lsacc_get_ops == NULL) { - if (context) - krb5_set_error_message(context, KRB5_CC_NOSUPP, - N_("Failed to find lsacc_get_ops" - "in %s: %s", "file, error"), lib, dlerror()); - dlclose(lsacc_handle); - return KRB5_CC_NOSUPP; - } - } - - assert(lsacc_ops != NULL); - - if (context) - return krb5_cc_register(context, lsacc_ops, override); - return 0; -} diff --git a/lib/krb5/pcache.c b/lib/krb5/pcache.c new file mode 100644 index 000000000..e7f7a61ec --- /dev/null +++ b/lib/krb5/pcache.c @@ -0,0 +1,66 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#include "krb5_locl.h" +#include "ccache_plugin.h" +#ifdef HAVE_DLFCN_H +#include +#endif +#include + +krb5_error_code +_krb5_load_ccache_plugins(krb5_context context) +{ + struct krb5_plugin * plist = NULL; + struct krb5_plugin *p; + krb5_error_code code; + + code = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, KRB5_PLUGIN_CCACHE, + &plist); + if (code) + return code; + + for (p = plist; p != NULL; p = _krb5_plugin_get_next(p)) { + krb5_cc_ops * ccops; + krb5_error_code c_load; + + ccops = _krb5_plugin_get_symbol(p); + if (ccops != NULL && ccops->version == KRB5_CC_OPS_VERSION) { + c_load = krb5_cc_register(context, ccops, FALSE); + if (c_load != 0) + code = c_load; + } + } + + _krb5_plugin_free(plist); + + return code; +} diff --git a/windows/NTMakefile.config b/windows/NTMakefile.config index 0d4e08742..bf3756fb1 100644 --- a/windows/NTMakefile.config +++ b/windows/NTMakefile.config @@ -96,8 +96,5 @@ HAVE_SCC=1 DIR_hdbdir=%{COMMON_APPDATA}/heimdal/hdb -# Enable MSLSA cache backend -HAVE_MSLSA_CACHE=1 - # Enable weak crypto WEAK_CRYPTO=1 -- 2.11.4.GIT