From bac6f2dd13cfc8d1f1fa16cac6bcc242e1a3356e Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 19 May 2011 16:24:57 -0400 Subject: ipa-kdb: Initial plugin skeleton --- daemons/Makefile.am | 1 + daemons/configure.ac | 1 + daemons/ipa-kdb/Makefile.am | 43 ++++++++++ daemons/ipa-kdb/README | 1 + daemons/ipa-kdb/ipa_kdb.c | 185 ++++++++++++++++++++++++++++++++++++++++++++ freeipa.spec.in | 2 + 6 files changed, 233 insertions(+) create mode 100644 daemons/ipa-kdb/Makefile.am create mode 100644 daemons/ipa-kdb/README create mode 100644 daemons/ipa-kdb/ipa_kdb.c diff --git a/daemons/Makefile.am b/daemons/Makefile.am index 7b2b99746..254d20b45 100644 --- a/daemons/Makefile.am +++ b/daemons/Makefile.am @@ -13,6 +13,7 @@ endif export AM_CFLAGS SUBDIRS = \ + ipa-kdb \ ipa-kpasswd \ ipa-slapi-plugins \ $(NULL) diff --git a/daemons/configure.ac b/daemons/configure.ac index d15a5c70c..5e411fe36 100644 --- a/daemons/configure.ac +++ b/daemons/configure.ac @@ -288,6 +288,7 @@ AC_SUBST(LDFLAGS) AC_CONFIG_FILES([ Makefile + ipa-kdb/Makefile ipa-kpasswd/Makefile ipa-slapi-plugins/Makefile ipa-slapi-plugins/ipa-enrollment/Makefile diff --git a/daemons/ipa-kdb/Makefile.am b/daemons/ipa-kdb/Makefile.am new file mode 100644 index 000000000..1368da862 --- /dev/null +++ b/daemons/ipa-kdb/Makefile.am @@ -0,0 +1,43 @@ +NULL = + +INCLUDES = \ + -I. \ + -I$(srcdir) \ + -DPREFIX=\""$(prefix)"\" \ + -DBINDIR=\""$(bindir)"\" \ + -DLIBDIR=\""$(libdir)"\" \ + -DLIBEXECDIR=\""$(libexecdir)"\" \ + -DDATADIR=\""$(datadir)"\" \ + $(AM_CFLAGS) \ + $(LDAP_CFLAGS) \ + $(KRB5_CFLAGS) \ + $(SSL_CFLAGS) \ + $(WARN_CFLAGS) \ + $(NULL) + +plugindir = $(libdir)/krb5/plugins/kdb +plugin_LTLIBRARIES = \ + ipadb.la \ + $(NULL) + +ipadb_la_SOURCES = \ + ipa_kdb.c \ + $(NULL) + +ipadb_la_LDFLAGS = \ + -avoid-version \ + -module + +ipadb_la_LIBADD = \ + $(KRB5_LIBS) \ + $(SSL_LIBS) \ + $(LDAP_LIBS) \ + $(NULL) + +EXTRA_DIST = \ + README \ + $(NULL) + +MAINTAINERCLEANFILES = \ + *~ \ + Makefile.in diff --git a/daemons/ipa-kdb/README b/daemons/ipa-kdb/README new file mode 100644 index 000000000..b0786853b --- /dev/null +++ b/daemons/ipa-kdb/README @@ -0,0 +1 @@ +This is the ipa krb5kdc database backend. diff --git a/daemons/ipa-kdb/ipa_kdb.c b/daemons/ipa-kdb/ipa_kdb.c new file mode 100644 index 000000000..ba0bd2f0c --- /dev/null +++ b/daemons/ipa-kdb/ipa_kdb.c @@ -0,0 +1,185 @@ +/* + * MIT Kerberos KDC database backend for FreeIPA + * + * Authors: Simo Sorce + * + * Copyright (C) 2011 Simo Sorce, Red Hat + * see file 'COPYING' for use and warranty information + * + * This program is free software you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#include + +static krb5_error_code ipadb_init_library(void) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_fini_library(void) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_init_module(krb5_context kcontext, + char *conf_section, + char **db_args, int mode) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_fini_module(krb5_context kcontext) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_create(krb5_context kcontext, + char *conf_section, + char **db_args) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_get_age(krb5_context kcontext, + char *db_name, time_t *age) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_get_principal(krb5_context kcontext, + krb5_const_principal search_for, + unsigned int flags, + krb5_db_entry **entry) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +void ipadb_free_principal(krb5_context kcontext, krb5_db_entry *entry) +{ + return; +} + +static krb5_error_code ipadb_put_principal(krb5_context kcontext, + krb5_db_entry *entry, + char **db_args) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_delete_principal(krb5_context kcontext, + krb5_const_principal search_for) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_iterate(krb5_context kcontext, + char *match_entry, + int (*func)(krb5_pointer, + krb5_db_entry *), + krb5_pointer func_arg) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_create_policy(krb5_context kcontext, + osa_policy_ent_t policy) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_get_policy(krb5_context kcontext, char *name, + osa_policy_ent_t *policy) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_put_policy(krb5_context kcontext, + osa_policy_ent_t policy) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_iterate_policy(krb5_context kcontext, + char *match_entry, + osa_adb_iter_policy_func func, + void *data) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static krb5_error_code ipadb_delete_policy(krb5_context kcontext, + char *policy) +{ + return KRB5_PLUGIN_OP_NOTSUPP; +} + +static void ipadb_free_policy(krb5_context kcontext, osa_policy_ent_t val) +{ + return; +} + +static void *ipadb_alloc(krb5_context context, void *ptr, size_t size) +{ + return realloc(ptr, size); +} + +static void ipadb_free(krb5_context context, void *ptr) +{ + free(ptr); +} + +/* KDB Virtual Table */ + +kdb_vftabl kdb_function_table = { + KRB5_KDB_DAL_MAJOR_VERSION, /* major version number */ + 0, /* minor version number */ + ipadb_init_library, /* init_library */ + ipadb_fini_library, /* fini_library */ + ipadb_init_module, /* init_module */ + ipadb_fini_module, /* fini_module */ + ipadb_create, /* create */ + NULL, /* destroy */ + ipadb_get_age, /* get_age */ + NULL, /* lock */ + NULL, /* unlock */ + ipadb_get_principal, /* get_principal */ + ipadb_free_principal, /* free_principal */ + ipadb_put_principal, /* put_principal */ + ipadb_delete_principal, /* delete_principal */ + ipadb_iterate, /* iterate */ + ipadb_create_policy, /* create_policy */ + ipadb_get_policy, /* get_policy */ + ipadb_put_policy, /* put_policy */ + ipadb_iterate_policy, /* iter_policy */ + ipadb_delete_policy, /* delete_policy */ + ipadb_free_policy, /* free_policy */ + ipadb_alloc, /* alloc */ + ipadb_free, /* free */ + NULL, /* fetch_master_key */ + NULL, /* fetch_master_key_list */ + NULL, /* store_master_key_list */ + NULL, /* dbe_search_enctype */ + NULL, /* change_pwd */ + NULL, /* promote_db */ + NULL, /* decrypt_key_data */ + NULL, /* encrypt_key_data */ + NULL, /* sign_authdata */ + NULL, /* check_transited_realms */ + NULL, /* check_policy_as */ + NULL, /* check_policy_tgs */ + NULL, /* audit_as_req */ + NULL, /* refresh_config */ + NULL /* check_allowed_to_delegate */ +}; + diff --git a/freeipa.spec.in b/freeipa.spec.in index 58f3d944c..fb2462105 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -283,6 +283,7 @@ rm %{buildroot}/%{plugin_dir}/libipa_repl_version.la rm %{buildroot}/%{plugin_dir}/libipa_uuid.la rm %{buildroot}/%{plugin_dir}/libipa_modrdn.la rm %{buildroot}/%{plugin_dir}/libipa_lockout.la +rm %{buildroot}/%{_libdir}/krb5/plugins/kdb/ipadb.la # Some user-modifiable HTML files are provided. Move these to /etc # and link back. @@ -467,6 +468,7 @@ fi %dir %{_localstatedir}/cache/ipa %attr(700,apache,apache) %dir %{_localstatedir}/cache/ipa/sessions %attr(700,root,root) %dir %{_localstatedir}/cache/ipa/kpasswd +%attr(755,root,root) %{_libdir}/krb5/plugins/kdb/ipadb.so %{_mandir}/man1/ipa-replica-conncheck.1.gz %{_mandir}/man1/ipa-replica-install.1.gz %{_mandir}/man1/ipa-replica-manage.1.gz -- cgit