diff options
author | Tom Yu <tlyu@mit.edu> | 2012-09-07 20:18:41 -0400 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2012-10-15 19:41:14 -0400 |
commit | 0a2f14f752c32a24200363cc6b6ae64a92f81379 (patch) | |
tree | 707f1dce91dfbe42df0eead38b33cbf7728d9703 /src/kdc/dispatch.c | |
parent | 1a3f548db030b764f46820c342fb2abb226dc43b (diff) | |
download | krb5-0a2f14f752c32a24200363cc6b6ae64a92f81379.tar.gz krb5-0a2f14f752c32a24200363cc6b6ae64a92f81379.tar.xz krb5-0a2f14f752c32a24200363cc6b6ae64a92f81379.zip |
Eliminate some KDC globals
Make kdc_active_realm a local variable in every function that needs
it. Pass it around in various state structures as needed. Keep the
macros that reference its members remain for now.
Diffstat (limited to 'src/kdc/dispatch.c')
-rw-r--r-- | src/kdc/dispatch.c | 48 |
1 files changed, 33 insertions, 15 deletions
diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c index e3f43bc248..68c67f4d55 100644 --- a/src/kdc/dispatch.c +++ b/src/kdc/dispatch.c @@ -28,19 +28,23 @@ #include "kdc_util.h" #include "extern.h" #include "adm_proto.h" +#include "realm_data.h" #include <netinet/in.h> #include <arpa/inet.h> #include <string.h> static krb5_int32 last_usec = 0, last_os_random = 0; -static krb5_error_code make_too_big_error (krb5_data **out); +static krb5_error_code make_too_big_error(kdc_realm_t *kdc_active_realm, + krb5_data **out); struct dispatch_state { loop_respond_fn respond; void *arg; krb5_data *request; int is_tcp; + kdc_realm_t *active_realm; + krb5_context kdc_err_context; }; static void @@ -49,12 +53,13 @@ finish_dispatch(struct dispatch_state *state, krb5_error_code code, { loop_respond_fn oldrespond = state->respond; void *oldarg = state->arg; + kdc_realm_t *kdc_active_realm = state->active_realm; if (state->is_tcp == 0 && response && response->length > (unsigned int)max_dgram_reply_size) { krb5_free_data(kdc_context, response); response = NULL; - code = make_too_big_error(&response); + code = make_too_big_error(kdc_active_realm, &response); if (code) krb5_klog_syslog(LOG_ERR, "error constructing " "KRB_ERR_RESPONSE_TOO_BIG error: %s", @@ -69,16 +74,17 @@ static void finish_dispatch_cache(void *arg, krb5_error_code code, krb5_data *response) { struct dispatch_state *state = arg; + krb5_context kdc_err_context = state->kdc_err_context; #ifndef NOCACHE /* Remove the null cache entry unless we actually want to discard this * request. */ if (code != KRB5KDC_ERR_DISCARD) - kdc_remove_lookaside(kdc_context, state->request); + kdc_remove_lookaside(kdc_err_context, state->request); /* Put the response into the lookaside buffer (if we produced one). */ if (code == 0 && response != NULL) - kdc_insert_lookaside(state->request, response); + kdc_insert_lookaside(kdc_err_context, state->request, response); #endif finish_dispatch(state, code, response); @@ -94,6 +100,8 @@ dispatch(void *cb, struct sockaddr *local_saddr, krb5_int32 now, now_usec; krb5_data *response = NULL; struct dispatch_state *state; + struct server_handle *handle = cb; + krb5_context kdc_err_context = handle->kdc_err_context; state = k5alloc(sizeof(*state), &retval); if (state == NULL) { @@ -104,12 +112,13 @@ dispatch(void *cb, struct sockaddr *local_saddr, state->arg = arg; state->request = pkt; state->is_tcp = is_tcp; + state->kdc_err_context = kdc_err_context; /* decode incoming packet, and dispatch */ #ifndef NOCACHE /* try the replay lookaside buffer */ - if (kdc_check_lookaside(pkt, &response)) { + if (kdc_check_lookaside(kdc_err_context, pkt, &response)) { /* a hit! */ const char *name = 0; char buf[46]; @@ -134,7 +143,7 @@ dispatch(void *cb, struct sockaddr *local_saddr, /* Insert a NULL entry into the lookaside to indicate that this request * is currently being processed. */ - kdc_insert_lookaside(pkt, NULL); + kdc_insert_lookaside(kdc_err_context, pkt, NULL); #endif retval = krb5_crypto_us_timeofday(&now, &now_usec); @@ -145,21 +154,21 @@ dispatch(void *cb, struct sockaddr *local_saddr, last_os_random = now; /* Grab random data from OS every hour*/ if(now-last_os_random >= 60*60) { - krb5_c_random_os_entropy(kdc_context, 0, NULL); + krb5_c_random_os_entropy(kdc_err_context, 0, NULL); last_os_random = now; } data.length = sizeof(krb5_int32); data.data = (void *) &usec_difference; - krb5_c_random_add_entropy(kdc_context, + krb5_c_random_add_entropy(kdc_err_context, KRB5_C_RANDSOURCE_TIMING, &data); last_usec = now_usec; } /* try TGS_REQ first; they are more common! */ if (krb5_is_tgs_req(pkt)) { - retval = process_tgs_req(pkt, from, &response); + retval = process_tgs_req(handle, pkt, from, &response); } else if (krb5_is_as_req(pkt)) { if (!(retval = decode_krb5_as_req(pkt, &as_req))) { /* @@ -167,13 +176,15 @@ dispatch(void *cb, struct sockaddr *local_saddr, * pointer. * process_as_req frees the request if it is called */ - if (!(retval = setup_server_realm(as_req->server))) { - process_as_req(as_req, pkt, from, vctx, finish_dispatch_cache, - state); + state->active_realm = setup_server_realm(handle, as_req->server); + if (state->active_realm != NULL) { + process_as_req(as_req, pkt, from, state->active_realm, vctx, + finish_dispatch_cache, state); return; + } else { + retval = KRB5KDC_ERR_WRONG_REALM; + krb5_free_kdc_req(kdc_err_context, as_req); } - else - krb5_free_kdc_req(kdc_context, as_req); } } else retval = KRB5KRB_AP_ERR_MSG_TYPE; @@ -182,7 +193,7 @@ dispatch(void *cb, struct sockaddr *local_saddr, } static krb5_error_code -make_too_big_error (krb5_data **out) +make_too_big_error(kdc_realm_t *kdc_active_realm, krb5_data **out) { krb5_error errpkt; krb5_error_code retval; @@ -213,3 +224,10 @@ make_too_big_error (krb5_data **out) *out = scratch; return 0; } + +krb5_context get_context(void *handle) +{ + struct server_handle *sh = handle; + + return sh->kdc_err_context; +} |