DAL improvements

Add KRB5_KDB_API_VERSION to allow callers to adjust to incompatible
changes in libkdb; to be kept in sync with the libkdb major version,
which is bumped to 5 in anticipation of other changes.

Add KRB5_KDB_DAL_VERSION to allow database modules to detect when they
are mismatched with the KDB version.  Since KDB modules are often
developed concurrently with trunk code, this is defined to be the date
of the last incompatible DAL change.  The DAL version is passed to the
init_library DAL function; the module should check it against the value
of KRB5_KDB_DAL_VERSION it was compiled with and return
KRB5_KDB_DBTYPE_MISMATCH if it doesn't match.

ticket: 6749
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24157 dc483132-0cff-0310-8789-dd5450dbe970

7 files changed, 25 insertions, 8 deletions

diff --git a/src/include/kdb.h b/src/include/kdb.h
index 5225a12e52..6248725a60 100644
--- a/src/include/kdb.h
+++ b/src/include/kdb.h
@@ -72,6 +72,10 @@
 
 #include <krb5.h>
 
+/* This version will be incremented when incompatible changes are made to the
+ * KDB API, and will be kept in sync with the libkdb major version. */
+#define KRB5_KDB_API_VERSION 5
+
 /* Salt types */
 #define KRB5_KDB_SALTTYPE_NORMAL        0
 #define KRB5_KDB_SALTTYPE_V4            1
@@ -860,6 +864,13 @@ krb5_dbe_free_tl_data(krb5_context, krb5_tl_data *);
 #define KRB5_KDB_OPT_SET_LOCK_MODE      1
 
 /*
+ * This number indicates the date of the last incompatible change to the
+ * DAL.  It is passed to init_library to allow KDB modules to detect when
+ * they are being loaded by an incompatible version of the KDC.
+ */
+#define KRB5_KDB_DAL_VERSION 20100701
+
+/*
  * A krb5_context can hold one database object.  Modules should use
  * context->dal_handle->db_context to store state associated with the database
  * object.
@@ -886,7 +897,7 @@ typedef struct _kdb_vftabl {
      * Mandatory: Invoked after the module library is loaded, when the first DB
      * using the module is opened, across all contexts.
      */
-    krb5_error_code (*init_library)(void);
+    krb5_error_code (*init_library)(int dal_version);
 
     /*
      * Mandatory: Invoked before the module library is unloaded, after the last
diff --git a/src/lib/kdb/Makefile.in b/src/lib/kdb/Makefile.in
index c450a98193..3781dfb9ac 100644
--- a/src/lib/kdb/Makefile.in
+++ b/src/lib/kdb/Makefile.in
@@ -8,8 +8,9 @@ CFLAGS=@CFLAGS@ -DKDB5_USE_LIB_KDB_DB2
 LOCALINCLUDES= -I.
 DEFS=
 
+# Keep LIBMAJOR in sync with KRB5_KDB_API_VERSION in include/kdb.h.
 LIBBASE=kdb5
-LIBMAJOR=4
+LIBMAJOR=5
 LIBMINOR=0
 LIBINITFUNC=kdb_init_lock_list
 LIBFINIFUNC=kdb_fini_lock_list
diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c
index a7e1bb5c1f..c4c7ec6dc1 100644
--- a/src/lib/kdb/kdb5.c
+++ b/src/lib/kdb/kdb5.c
@@ -311,7 +311,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library *libptr)
     memcpy(&lib->vftabl, vftabl_addr, sizeof(kdb_vftabl));
     kdb_setup_opt_functions(lib);
 
-    status = lib->vftabl.init_library();
+    status = lib->vftabl.init_library(KRB5_KDB_DAL_VERSION);
     if (status)
         goto cleanup;
 
@@ -408,7 +408,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib)
     memcpy(&(*lib)->vftabl, vftabl_addrs[0], sizeof(kdb_vftabl));
     kdb_setup_opt_functions(*lib);
 
-    if ((status = (*lib)->vftabl.init_library()))
+    if ((status = (*lib)->vftabl.init_library(KRB5_KDB_DAL_VERSION)))
         goto clean_n_exit;
 
 clean_n_exit:
diff --git a/src/lib/krb5/error_tables/kdb5_err.et b/src/lib/krb5/error_tables/kdb5_err.et
index cd7214d9b6..f6b97dc9d8 100644
--- a/src/lib/krb5/error_tables/kdb5_err.et
+++ b/src/lib/krb5/error_tables/kdb5_err.et
@@ -82,5 +82,6 @@ ec KRB5_LOG_CONV,		"Update log conversion error"
 ec KRB5_LOG_UNSTABLE,		"Update log is unstable"
 ec KRB5_LOG_CORRUPT,		"Update log is corrupt"
 ec KRB5_LOG_ERROR,		"Generic update log error"
+ec KRB5_KDB_DBTYPE_MISMATCH,    "Database module does not match KDC version"
 
 end
diff --git a/src/plugins/kdb/db2/db2_exp.c b/src/plugins/kdb/db2/db2_exp.c
index c7fb7566a0..73aa6394f0 100644
--- a/src/plugins/kdb/db2/db2_exp.c
+++ b/src/plugins/kdb/db2/db2_exp.c
@@ -201,9 +201,12 @@ WRAP_K (krb5_db2_invoke,
         (kcontext, method, request, response));
 
 static krb5_error_code
-hack_init ()
+hack_init (int dal_version)
 {
     krb5_error_code c;
+
+    if (dal_version != KRB5_KDB_DAL_VERSION)
+        return KRB5_KDB_DBTYPE_MISMATCH;
     c = krb5int_mutex_alloc (&krb5_db2_mutex);
     if (c)
         return c;
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h
index 95909f6beb..0f7921074c 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h
+++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h
@@ -254,7 +254,7 @@ krb5_error_code
 krb5_ldap_db_get_age(krb5_context, char *, time_t *);
 
 krb5_error_code
-krb5_ldap_lib_init(void);
+krb5_ldap_lib_init(int dal_version);
 
 krb5_error_code
 krb5_ldap_lib_cleanup(void);
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
index 82b0333cdd..8ebe73abdc 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
@@ -312,9 +312,10 @@ krb5_ldap_rebind(krb5_ldap_context *ldap_context,
  *     DAL API functions
  */
 krb5_error_code
-krb5_ldap_lib_init()
+krb5_ldap_lib_init(int dal_version)
 {
-    return 0;
+    if (dal_version != KRB5_KDB_DAL_VERSION)
+        return KRB5_KDB_DBTYPE_MISMATCH;
 }
 
 krb5_error_code