krb5.git/src/plugins/preauth/securid_sam2, branch proxymech MIT Kerberos patches Make it easier to test SAM-2 client code 2012-04-26T21:47:05+00:00 Greg Hudson ghudson@mit.edu 2012-04-26T21:47:05+00:00 ce3ba8ba7670b57ffb2b1e2707f0cb443e900b0f Add a method to the securid_sam2 plugin, built with alternate compile-time flags, which supplies a plain-text challenge to the client to be used as the OTP value. This lets us manually exercise the SAM-2 client code and a little bit of the KDC code. securid_make_sam_challenge_2_and_cksum is moved into the method- independent code and renamed. get_securid_edata_2 has its sc2b parameter removed as it was not used by the caller. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25832 dc483132-0cff-0310-8789-dd5450dbe970 
Add a method to the securid_sam2 plugin, built with alternate
compile-time flags, which supplies a plain-text challenge to the
client to be used as the OTP value.  This lets us manually exercise
the SAM-2 client code and a little bit of the KDC code.

securid_make_sam_challenge_2_and_cksum is moved into the method-
independent code and renamed.  get_securid_edata_2 has its sc2b
parameter removed as it was not used by the caller.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25832 dc483132-0cff-0310-8789-dd5450dbe970
Convert securid module edata method 2012-01-07T20:57:36+00:00 Greg Hudson ghudson@mit.edu 2012-01-07T20:57:36+00:00 d2c2113eb1160b3ddd1a5197c879d44f62f47601 r25348 made modified the edata method of the kdcpreauth interface to be async-capable, but neglected to convert the securid_sam2 module's edata function. Do that now. ticket: 7060 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25621 dc483132-0cff-0310-8789-dd5450dbe970 
r25348 made modified the edata method of the kdcpreauth interface to
be async-capable, but neglected to convert the securid_sam2 module's
edata function.  Do that now.

ticket: 7060
target_version: 1.10
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25621 dc483132-0cff-0310-8789-dd5450dbe970
Get rid of fake-install 2011-11-04T18:39:35+00:00 Greg Hudson ghudson@mit.edu 2011-11-04T18:39:35+00:00 bc47e3eeb7a046a80faf9ba9ea4ccedf111e33a7 Instead, use $(BUILDTOP)/plugins as the plugin base for tests. For each real plugin module, create a link in the parent directory if we're doing a shared-library build--so built KDB modules can be found in plugins/kdb, preauth modules in plugins/preauth, etc.. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25436 dc483132-0cff-0310-8789-dd5450dbe970 
Instead, use $(BUILDTOP)/plugins as the plugin base for tests.  For
each real plugin module, create a link in the parent directory if
we're doing a shared-library build--so built KDB modules can be found
in plugins/kdb, preauth modules in plugins/preauth, etc..

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25436 dc483132-0cff-0310-8789-dd5450dbe970
Use type-safe callbacks in preauth interface 2011-10-06T16:18:56+00:00 Greg Hudson ghudson@mit.edu 2011-10-06T16:18:56+00:00 7003d3dbdfd0a7f4f6843068affb290c844ccb65 Replace the generic get_data functions in clpreauth and kdcpreauth with structures containing callback functions. Each structure has a minor version number to allow adding new callbacks. For simplicity, the new fast armor key callbacks return aliases, which is how we would supply the armor key as a function parameter. The new client keys callback is paired with a free_keys callback to reduce the amount of cleanup code needed in modules. ticket: 6971 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25315 dc483132-0cff-0310-8789-dd5450dbe970 
Replace the generic get_data functions in clpreauth and kdcpreauth
with structures containing callback functions.  Each structure has a
minor version number to allow adding new callbacks.

For simplicity, the new fast armor key callbacks return aliases, which
is how we would supply the armor key as a function parameter.  The new
client keys callback is paired with a free_keys callback to reduce the
amount of cleanup code needed in modules.

ticket: 6971

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25315 dc483132-0cff-0310-8789-dd5450dbe970
Use an opaque handle in the kdcpreauth callback 2011-10-05T17:27:15+00:00 Greg Hudson ghudson@mit.edu 2011-10-05T17:27:15+00:00 4902dd11b115320f252f73d59a692db9ad7dd600 Instead of passing a request and entry to the kdcpreauth get_data callback, pass an opaque handle. Remove DB entry and key data parameters from kdcpreauth methods (but keep the request, since that's transparent). The SecurID plugin links against libkdb5 and needs access to the client DB entry. Rather than continue to pass a DB entry to kdcpreauth methods, add a get_data callback to get the client DB entry for the few plugins which might need it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25300 dc483132-0cff-0310-8789-dd5450dbe970 
Instead of passing a request and entry to the kdcpreauth get_data
callback, pass an opaque handle.  Remove DB entry and key data
parameters from kdcpreauth methods (but keep the request, since that's
transparent).

The SecurID plugin links against libkdb5 and needs access to the client
DB entry.  Rather than continue to pass a DB entry to kdcpreauth
methods, add a get_data callback to get the client DB entry for the few
plugins which might need it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25300 dc483132-0cff-0310-8789-dd5450dbe970
Make kdcpreauth verify respond via callback 2011-10-03T19:14:05+00:00 Greg Hudson ghudson@mit.edu 2011-10-03T19:14:05+00:00 1329c7742c951596efbf06186828a14155194993 From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25294 dc483132-0cff-0310-8789-dd5450dbe970 
From npmccallum@redhat.com with changes.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25294 dc483132-0cff-0310-8789-dd5450dbe970
Reindent per krb5-batch-reindent.el. 2011-09-04T23:52:34+00:00 Ken Raeburn raeburn@mit.edu 2011-09-04T23:52:34+00:00 4ba58f9b6b7ccb372f09e31ee3d302ffafd50b15 Some minor reformatting added in places to avoid exceeding 80 columns. Used Emacs 22.1 built-in C mode. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25144 dc483132-0cff-0310-8789-dd5450dbe970 
Some minor reformatting added in places to avoid exceeding 80 columns.
Used Emacs 22.1 built-in C mode.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25144 dc483132-0cff-0310-8789-dd5450dbe970
Convert preauth_plugin.h to new plugin framework 2011-06-17T13:44:33+00:00 Greg Hudson ghudson@mit.edu 2011-06-17T13:44:33+00:00 6099f525eb64772557927760d8a7ff1e75f79ff7 The preauth plugin interface was introduced in 1.6 but was never made a public API. In preparation for making it public in 1.10, convert it to use the new plugin framework. This will require changes to any existing preauth plugins. A number of symbols were renamed for namespace cleanliness, and abstract types were introduced for module data and module per-request data for better type safety. On the consumer end (preauth2.c and kdc_preauth.c), this is a pretty rough conversion. Eventually we should create proper consumer APIs with module handles, and the flat lists of preauth types should hold pointers to module handles rather than copies of the vtables. The built-in preauth type handlers should then be converted to built-in module providers linked into the consumer code (as should encrypted challenge, since it has no external dependencies). None of this will impact the provider API for preauth plugins, so it can wait. ticket: 6921 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24970 dc483132-0cff-0310-8789-dd5450dbe970 
The preauth plugin interface was introduced in 1.6 but was never made
a public API.  In preparation for making it public in 1.10, convert it
to use the new plugin framework.  This will require changes to any
existing preauth plugins.

A number of symbols were renamed for namespace cleanliness, and
abstract types were introduced for module data and module per-request
data for better type safety.

On the consumer end (preauth2.c and kdc_preauth.c), this is a pretty
rough conversion.  Eventually we should create proper consumer APIs
with module handles, and the flat lists of preauth types should hold
pointers to module handles rather than copies of the vtables.  The
built-in preauth type handlers should then be converted to built-in
module providers linked into the consumer code (as should encrypted
challenge, since it has no external dependencies).  None of this will
impact the provider API for preauth plugins, so it can wait.

ticket: 6921

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24970 dc483132-0cff-0310-8789-dd5450dbe970
Adjust most C source files to match the new standards for copyright 2011-03-09T21:46:07+00:00 Greg Hudson ghudson@mit.edu 2011-03-09T21:46:07+00:00 7da53e2942176c5ddfe007ba0a36f449e9fdb9fb and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970 
and license comments.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
Use for loops for recursion in the Windows build, cutting down on the 2010-11-28T01:36:42+00:00 Greg Hudson ghudson@mit.edu 2010-11-28T01:36:42+00:00 505ae39e1f5ef32013b0e95ff487de28663680cf verbiage in Makefile.in files. For correctness of output, every Makefile.in mydir= definition is changed to use $(S) instead of /. ticket: 6826 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970 
verbiage in Makefile.in files.  For correctness of output, every
Makefile.in mydir= definition is changed to use $(S) instead of /.

ticket: 6826

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970