Make kdcpreauth edata method respond via callback

From npmccallum@redhat.com with changes.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25348 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 30 insertions, 17 deletions

diff --git a/src/plugins/preauth/cksum_body/cksum_body_main.c b/src/plugins/preauth/cksum_body/cksum_body_main.c
index da2643fc1..6643e8e04 100644
--- a/src/plugins/preauth/cksum_body/cksum_body_main.c
+++ b/src/plugins/preauth/cksum_body/cksum_body_main.c
@@ -271,13 +271,15 @@ server_fini(krb5_context kcontext, krb5_kdcpreauth_moddata moddata)
 
 /* Obtain and return any preauthentication data (which is destined for the
  * client) which matches type data->pa_type. */
-static krb5_error_code
+static void
 server_get_edata(krb5_context kcontext, krb5_kdc_req *request,
                  krb5_kdcpreauth_callbacks cb, krb5_kdcpreauth_rock rock,
-                 krb5_kdcpreauth_moddata moddata, krb5_pa_data *data)
+                 krb5_kdcpreauth_moddata moddata, krb5_preauthtype pa_type,
+                 krb5_kdcpreauth_edata_respond_fn respond, void *arg)
 {
     krb5_keyblock *keys;
     krb5_int32 *enctypes, enctype;
+    krb5_pa_data *data;
     int i;
 
     /* Retrieve the client's keys. */
@@ -285,7 +287,8 @@ server_get_edata(krb5_context kcontext, krb5_kdc_req *request,
 #ifdef DEBUG
         fprintf(stderr, "Error retrieving client keys.\n");
 #endif
-        return KRB5KDC_ERR_PADATA_TYPE_NOSUPP;
+        (*respond)(arg, KRB5KDC_ERR_PADATA_TYPE_NOSUPP, NULL);
+        return;
     }
 
     /* Count which types of keys we've got. */
@@ -295,7 +298,8 @@ server_get_edata(krb5_context kcontext, krb5_kdc_req *request,
     enctypes = malloc((unsigned)i * 4);
     if (enctypes == NULL) {
         cb->free_keys(kcontext, rock, keys);
-        return ENOMEM;
+        (*respond)(arg, ENOMEM, NULL);
+        return;
     }
 #ifdef DEBUG
     fprintf(stderr, "Supported enctypes = {");
@@ -310,11 +314,17 @@ server_get_edata(krb5_context kcontext, krb5_kdc_req *request,
 #ifdef DEBUG
     fprintf(stderr, "}.\n");
 #endif
+    cb->free_keys(kcontext, rock, keys);
+    data = malloc(sizeof(*data));
+    if (data == NULL) {
+        free(enctypes);
+        (*respond)(arg, ENOMEM, NULL);
+    }
+    data->magic = KV5M_PA_DATA;
     data->pa_type = KRB5_PADATA_CKSUM_BODY_REQ;
     data->length = (i * 4);
     data->contents = (unsigned char *) enctypes;
-    cb->free_keys(kcontext, rock, keys);
-    return 0;
+    (*respond)(arg, 0, data);
 }
 
 /* Verify a request from a client. */
diff --git a/src/plugins/preauth/pkinit/pkinit_srv.c b/src/plugins/preauth/pkinit/pkinit_srv.c
index d209f9e76..e43fb7e81 100644
--- a/src/plugins/preauth/pkinit/pkinit_srv.c
+++ b/src/plugins/preauth/pkinit/pkinit_srv.c
@@ -95,13 +95,15 @@ cleanup:
     return retval;
 }
 
-static krb5_error_code
+static void
 pkinit_server_get_edata(krb5_context context,
                         krb5_kdc_req *request,
                         krb5_kdcpreauth_callbacks cb,
                         krb5_kdcpreauth_rock rock,
                         krb5_kdcpreauth_moddata moddata,
-                        krb5_pa_data *data)
+                        krb5_preauthtype pa_type,
+                        krb5_kdcpreauth_edata_respond_fn respond,
+                        void *arg)
 {
     krb5_error_code retval = 0;
     pkinit_kdc_context plgctx = NULL;
@@ -111,8 +113,10 @@ pkinit_server_get_edata(krb5_context context,
 
     /* Remove (along with armor_key) when FAST PKINIT is settled. */
     /* Don't advertise PKINIT if the client used FAST. */
-    if (armor_key != NULL)
-        return EINVAL;
+    if (armor_key != NULL) {
+        (*respond)(arg, EINVAL, NULL);
+        return;
+    }
 
     /*
      * If we don't have a realm context for the given realm,
@@ -122,7 +126,7 @@ pkinit_server_get_edata(krb5_context context,
     if (plgctx == NULL)
         retval = EINVAL;
 
-    return retval;
+    (*respond)(arg, retval, NULL);
 }
 
 static krb5_error_code
diff --git a/src/plugins/preauth/wpse/wpse_main.c b/src/plugins/preauth/wpse/wpse_main.c
index 4da2c2f48..4f603474d 100644
--- a/src/plugins/preauth/wpse/wpse_main.c
+++ b/src/plugins/preauth/wpse/wpse_main.c
@@ -243,18 +243,17 @@ server_free_modreq(krb5_context kcontext,
 
 /* Obtain and return any preauthentication data (which is destined for the
  * client) which matches type data->pa_type. */
-static krb5_error_code
+static void
 server_get_edata(krb5_context kcontext,
                  krb5_kdc_req *request,
                  krb5_kdcpreauth_callbacks cb,
                  krb5_kdcpreauth_rock rock,
                  krb5_kdcpreauth_moddata moddata,
-                 krb5_pa_data *data)
+                 krb5_preauthtype pa_type,
+                 krb5_kdcpreauth_edata_respond_fn respond,
+                 void *arg)
 {
-    /* Return zero bytes of data. */
-    data->length = 0;
-    data->contents = NULL;
-    return 0;
+    (*respond)(arg, 0, NULL);
 }
 
 /* Verify a request from a client. */