diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-10-15 15:06:37 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-10-15 15:06:37 +0000 |
| commit | 1b885bfc9a05e3e030a0f49c16493f114bb661a1 (patch) | |
| tree | 7c87da42594b6ae106ab8694032138ecbf674b27 /src/plugins | |
| parent | 5f8d6146a69b3afe6bf8a83d40e811c8a6d8f96b (diff) | |
| download | krb5-1b885bfc9a05e3e030a0f49c16493f114bb661a1.tar.gz krb5-1b885bfc9a05e3e030a0f49c16493f114bb661a1.tar.xz krb5-1b885bfc9a05e3e030a0f49c16493f114bb661a1.zip | |
Make kdcpreauth edata method respond via callback
From npmccallum@redhat.com with changes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25348 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/plugins')
| -rw-r--r-- | src/plugins/preauth/cksum_body/cksum_body_main.c | 22 | ||||
| -rw-r--r-- | src/plugins/preauth/pkinit/pkinit_srv.c | 14 | ||||
| -rw-r--r-- | src/plugins/preauth/wpse/wpse_main.c | 11 |
3 files changed, 30 insertions, 17 deletions
diff --git a/src/plugins/preauth/cksum_body/cksum_body_main.c b/src/plugins/preauth/cksum_body/cksum_body_main.c index da2643fc1..6643e8e04 100644 --- a/src/plugins/preauth/cksum_body/cksum_body_main.c +++ b/src/plugins/preauth/cksum_body/cksum_body_main.c @@ -271,13 +271,15 @@ server_fini(krb5_context kcontext, krb5_kdcpreauth_moddata moddata) /* Obtain and return any preauthentication data (which is destined for the * client) which matches type data->pa_type. */ -static krb5_error_code +static void server_get_edata(krb5_context kcontext, krb5_kdc_req *request, krb5_kdcpreauth_callbacks cb, krb5_kdcpreauth_rock rock, - krb5_kdcpreauth_moddata moddata, krb5_pa_data *data) + krb5_kdcpreauth_moddata moddata, krb5_preauthtype pa_type, + krb5_kdcpreauth_edata_respond_fn respond, void *arg) { krb5_keyblock *keys; krb5_int32 *enctypes, enctype; + krb5_pa_data *data; int i; /* Retrieve the client's keys. */ @@ -285,7 +287,8 @@ server_get_edata(krb5_context kcontext, krb5_kdc_req *request, #ifdef DEBUG fprintf(stderr, "Error retrieving client keys.\n"); #endif - return KRB5KDC_ERR_PADATA_TYPE_NOSUPP; + (*respond)(arg, KRB5KDC_ERR_PADATA_TYPE_NOSUPP, NULL); + return; } /* Count which types of keys we've got. */ @@ -295,7 +298,8 @@ server_get_edata(krb5_context kcontext, krb5_kdc_req *request, enctypes = malloc((unsigned)i * 4); if (enctypes == NULL) { cb->free_keys(kcontext, rock, keys); - return ENOMEM; + (*respond)(arg, ENOMEM, NULL); + return; } #ifdef DEBUG fprintf(stderr, "Supported enctypes = {"); @@ -310,11 +314,17 @@ server_get_edata(krb5_context kcontext, krb5_kdc_req *request, #ifdef DEBUG fprintf(stderr, "}.\n"); #endif + cb->free_keys(kcontext, rock, keys); + data = malloc(sizeof(*data)); + if (data == NULL) { + free(enctypes); + (*respond)(arg, ENOMEM, NULL); + } + data->magic = KV5M_PA_DATA; data->pa_type = KRB5_PADATA_CKSUM_BODY_REQ; data->length = (i * 4); data->contents = (unsigned char *) enctypes; - cb->free_keys(kcontext, rock, keys); - return 0; + (*respond)(arg, 0, data); } /* Verify a request from a client. */ diff --git a/src/plugins/preauth/pkinit/pkinit_srv.c b/src/plugins/preauth/pkinit/pkinit_srv.c index d209f9e76..e43fb7e81 100644 --- a/src/plugins/preauth/pkinit/pkinit_srv.c +++ b/src/plugins/preauth/pkinit/pkinit_srv.c @@ -95,13 +95,15 @@ cleanup: return retval; } -static krb5_error_code +static void pkinit_server_get_edata(krb5_context context, krb5_kdc_req *request, krb5_kdcpreauth_callbacks cb, krb5_kdcpreauth_rock rock, krb5_kdcpreauth_moddata moddata, - krb5_pa_data *data) + krb5_preauthtype pa_type, + krb5_kdcpreauth_edata_respond_fn respond, + void *arg) { krb5_error_code retval = 0; pkinit_kdc_context plgctx = NULL; @@ -111,8 +113,10 @@ pkinit_server_get_edata(krb5_context context, /* Remove (along with armor_key) when FAST PKINIT is settled. */ /* Don't advertise PKINIT if the client used FAST. */ - if (armor_key != NULL) - return EINVAL; + if (armor_key != NULL) { + (*respond)(arg, EINVAL, NULL); + return; + } /* * If we don't have a realm context for the given realm, @@ -122,7 +126,7 @@ pkinit_server_get_edata(krb5_context context, if (plgctx == NULL) retval = EINVAL; - return retval; + (*respond)(arg, retval, NULL); } static krb5_error_code diff --git a/src/plugins/preauth/wpse/wpse_main.c b/src/plugins/preauth/wpse/wpse_main.c index 4da2c2f48..4f603474d 100644 --- a/src/plugins/preauth/wpse/wpse_main.c +++ b/src/plugins/preauth/wpse/wpse_main.c @@ -243,18 +243,17 @@ server_free_modreq(krb5_context kcontext, /* Obtain and return any preauthentication data (which is destined for the * client) which matches type data->pa_type. */ -static krb5_error_code +static void server_get_edata(krb5_context kcontext, krb5_kdc_req *request, krb5_kdcpreauth_callbacks cb, krb5_kdcpreauth_rock rock, krb5_kdcpreauth_moddata moddata, - krb5_pa_data *data) + krb5_preauthtype pa_type, + krb5_kdcpreauth_edata_respond_fn respond, + void *arg) { - /* Return zero bytes of data. */ - data->length = 0; - data->contents = NULL; - return 0; + (*respond)(arg, 0, NULL); } /* Verify a request from a client. */ |
