diff options
author | Simo Sorce <idra@samba.org> | 2012-04-20 13:14:30 -0400 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2012-04-23 16:40:05 -0400 |
commit | 110dad8c9eb95e6729e589b52ef204d369803bdb (patch) | |
tree | 89703746eb0c7f86efbd70c92d18acd6b7b3b5d9 | |
parent | 090f9072da6974b506901547c0091e3e1b8a11cc (diff) | |
download | samba-110dad8c9eb95e6729e589b52ef204d369803bdb.tar.gz samba-110dad8c9eb95e6729e589b52ef204d369803bdb.tar.xz samba-110dad8c9eb95e6729e589b52ef204d369803bdb.zip |
Make krb5 context initialization not heimdal specific
Turn the logging data to an opaque pointer.
Ifdef code and use MIT logging function when built against system MIT.
-rw-r--r-- | source4/auth/kerberos/krb5_init_context.c | 72 | ||||
-rw-r--r-- | source4/auth/kerberos/krb5_init_context.h | 4 | ||||
-rw-r--r-- | source4/kdc/kdc.c | 2 |
3 files changed, 55 insertions, 23 deletions
diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c index fbcaad29d9..e3c0876f1a 100644 --- a/source4/auth/kerberos/krb5_init_context.c +++ b/source4/auth/kerberos/krb5_init_context.c @@ -30,7 +30,7 @@ #include "param/param.h" #include "libcli/resolve/resolve.h" #include "../lib/tsocket/tsocket.h" - +#include "krb5_init_context.h" /* context structure for operations on cldap packets */ @@ -52,9 +52,17 @@ struct smb_krb5_socket { static krb5_error_code smb_krb5_context_destroy(struct smb_krb5_context *ctx) { - /* Otherwise krb5_free_context will try and close what we have already free()ed */ - krb5_set_warn_dest(ctx->krb5_context, NULL); - krb5_closelog(ctx->krb5_context, ctx->logf); +#ifdef SAMBA4_USES_HEIMDAL + if (ctx->pvt_log_data) { + /* Otherwise krb5_free_context will try and close what we + * have already free()ed */ + krb5_set_warn_dest(ctx->krb5_context, NULL); + krb5_closelog(ctx->krb5_context, + (krb5_log_facility *)ctx->pvt_log_data); + } +#else + krb5_set_trace_callback(ctx->krb5_context, NULL, NULL); +#endif krb5_free_context(ctx->krb5_context); return 0; } @@ -64,10 +72,19 @@ static void smb_krb5_debug_close(void *private_data) { return; } +#ifdef SAMBA4_USES_HEIMDAL static void smb_krb5_debug_wrapper(const char *timestr, const char *msg, void *private_data) { DEBUG(3, ("Kerberos: %s\n", msg)); } +#else +static void smb_krb5_debug_wrapper(krb5_context context, + const struct krb5_trace_info *info, + void *cb_data) +{ + DEBUG(3, ("Kerberos: %s\n", info->message)); +} +#endif /* handle recv events on a smb_krb5 socket @@ -461,6 +478,10 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, { krb5_error_code ret; TALLOC_CTX *tmp_ctx; + krb5_context kctx; +#ifdef SAMBA4_USES_HEIMDAL + krb5_log_facility *logf; +#endif initialize_krb5_error_table(); @@ -472,37 +493,39 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, return ENOMEM; } - ret = smb_krb5_init_context_basic(tmp_ctx, lp_ctx, - &(*smb_krb5_context)->krb5_context); + ret = smb_krb5_init_context_basic(tmp_ctx, lp_ctx, &kctx); if (ret) { DEBUG(1,("smb_krb5_context_init_basic failed (%s)\n", error_message(ret))); talloc_free(tmp_ctx); return ret; } + (*smb_krb5_context)->krb5_context = kctx; + talloc_set_destructor(*smb_krb5_context, smb_krb5_context_destroy); + +#ifdef SAMBA4_USES_HEIMDAL /* TODO: Should we have a different name here? */ - ret = krb5_initlog((*smb_krb5_context)->krb5_context, "Samba", &(*smb_krb5_context)->logf); + ret = krb5_initlog(kctx, "Samba", &logf); if (ret) { DEBUG(1,("krb5_initlog failed (%s)\n", - smb_get_krb5_error_message((*smb_krb5_context)->krb5_context, ret, tmp_ctx))); - krb5_free_context((*smb_krb5_context)->krb5_context); + smb_get_krb5_error_message(kctx, ret, tmp_ctx))); talloc_free(tmp_ctx); return ret; } + (*smb_krb5_context)->pvt_log_data = logf; - talloc_set_destructor(*smb_krb5_context, smb_krb5_context_destroy); - - ret = krb5_addlog_func((*smb_krb5_context)->krb5_context, (*smb_krb5_context)->logf, 0 /* min */, -1 /* max */, - smb_krb5_debug_wrapper, smb_krb5_debug_close, NULL); + ret = krb5_addlog_func(kctx, logf, 0 /* min */, -1 /* max */, + smb_krb5_debug_wrapper, + smb_krb5_debug_close, NULL); if (ret) { DEBUG(1,("krb5_addlog_func failed (%s)\n", - smb_get_krb5_error_message((*smb_krb5_context)->krb5_context, ret, tmp_ctx))); + smb_get_krb5_error_message(kctx, ret, tmp_ctx))); talloc_free(tmp_ctx); return ret; } - krb5_set_warn_dest((*smb_krb5_context)->krb5_context, (*smb_krb5_context)->logf); + krb5_set_warn_dest(kctx, logf); /* Set use of our socket lib */ if (ev) { @@ -515,13 +538,22 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, } } - talloc_steal(parent_ctx, *smb_krb5_context); - talloc_free(tmp_ctx); - /* Set options in kerberos */ - krb5_set_dns_canonicalize_hostname((*smb_krb5_context)->krb5_context, - lpcfg_parm_bool(lp_ctx, NULL, "krb5", "set_dns_canonicalize", false)); + krb5_set_dns_canonicalize_hostname(kctx, + lpcfg_parm_bool(lp_ctx, NULL, "krb5", + "set_dns_canonicalize", false)); +#else + ret = krb5_set_trace_callback(kctx, smb_krb5_debug_wrapper, NULL); + if (ret && ret != KRB5_TRACE_NOSUPP) { + DEBUG(1, ("krb5_set_trace_callback failed (%s)\n" + smb_get_krb5_error_message(kctx, ret, tmp_ctx))); + talloc_free(tmp_ctx); + return ret; + } +#endif + talloc_steal(parent_ctx, *smb_krb5_context); + talloc_free(tmp_ctx); return 0; } diff --git a/source4/auth/kerberos/krb5_init_context.h b/source4/auth/kerberos/krb5_init_context.h index 835438cc5b..24ae374cd7 100644 --- a/source4/auth/kerberos/krb5_init_context.h +++ b/source4/auth/kerberos/krb5_init_context.h @@ -22,10 +22,10 @@ struct smb_krb5_context { krb5_context krb5_context; - krb5_log_facility *logf; + void *pvt_log_data; struct tevent_context *current_ev; }; - + struct tevent_context; struct loadparm_context; diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c index d1ce527b24..5424d213e8 100644 --- a/source4/kdc/kdc.c +++ b/source4/kdc/kdc.c @@ -932,7 +932,7 @@ static void kdc_task_init(struct task_server *task) return; } - kdc->config->logf = kdc->smb_krb5_context->logf; + kdc->config->logf = (krb5_log_facility *)kdc->smb_krb5_context->pvt_log_data; kdc->config->db = talloc(kdc, struct HDB *); if (!kdc->config->db) { task_server_terminate(task, "kdc: out of memory", true); |