diff options
Diffstat (limited to 'src/plugins/kdb/db2')
| -rw-r--r-- | src/plugins/kdb/db2/db2_exp.c | 28 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/kdb_db2.c | 42 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/kdb_db2.h | 13 |
3 files changed, 69 insertions, 14 deletions
diff --git a/src/plugins/kdb/db2/db2_exp.c b/src/plugins/kdb/db2/db2_exp.c index 123d20afb..5c8162468 100644 --- a/src/plugins/kdb/db2/db2_exp.c +++ b/src/plugins/kdb/db2/db2_exp.c @@ -59,7 +59,7 @@ static char *_csrc = "@(#) %filespec: db2_exp.c~5 % (%full_filespec: db2_exp.c~ locking code into the top and bottom of each referenced function won't do. (We aren't doing recursive locks, currently.) */ -static k5_mutex_t *krb5_db2_mutex; +k5_mutex_t *krb5_db2_mutex; #define WRAP(NAME,TYPE,ARGLIST,ARGNAMES,ERROR_RESULT) \ static TYPE wrap_##NAME ARGLIST \ @@ -178,21 +178,21 @@ WRAP_VOID (krb5_db2_free_policy, ( krb5_context kcontext, osa_policy_ent_t entry ), (kcontext, entry)); -WRAP (krb5_db2_alloc, void *, - ( krb5_context kcontext, - void *ptr, - size_t size ), - (kcontext, ptr, size), NULL); -WRAP_VOID (krb5_db2_free, - ( krb5_context kcontext, void *ptr ), - (kcontext, ptr)); - WRAP_K (krb5_db2_set_master_key_ext, ( krb5_context kcontext, char *pwd, krb5_keyblock *key), (kcontext, pwd, key)); WRAP_K (krb5_db2_db_get_mkey, ( krb5_context context, krb5_keyblock **key), (context, key)); + +WRAP_K (krb5_db2_db_set_mkey_list, + ( krb5_context kcontext, krb5_keylist_node *keylist), + (kcontext, keylist)); + +WRAP_K (krb5_db2_db_get_mkey_list, + ( krb5_context context, krb5_keylist_node **keylist), + (context, keylist)); + WRAP_K (krb5_db2_promote_db, ( krb5_context kcontext, char *conf_section, char **db_args ), (kcontext, conf_section, db_args)); @@ -248,11 +248,13 @@ kdb_vftabl kdb_function_table = { /* db_free_supported_realms */ NULL, /* errcode_2_string */ NULL, /* release_errcode_string */ NULL, - /* db_alloc */ wrap_krb5_db2_alloc, - /* db_free */ wrap_krb5_db2_free, + /* db_alloc */ krb5_db2_alloc, + /* db_free */ krb5_db2_free, /* set_master_key */ wrap_krb5_db2_set_master_key_ext, /* get_master_key */ wrap_krb5_db2_db_get_mkey, - /* blah blah blah */ 0,0,0,0,0,0, + /* set_master_key_list */ wrap_krb5_db2_db_set_mkey_list, + /* get_master_key_list */ wrap_krb5_db2_db_get_mkey_list, + /* blah blah blah */ 0,0,0,0,0,0,0,0, /* promote_db */ wrap_krb5_db2_promote_db, 0,0,0, }; diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c index 704e47d6b..90c893305 100644 --- a/src/plugins/kdb/db2/kdb_db2.c +++ b/src/plugins/kdb/db2/kdb_db2.c @@ -431,6 +431,37 @@ krb5_db2_db_get_mkey(krb5_context context, krb5_keyblock **key) return 0; } +krb5_error_code +krb5_db2_db_set_mkey_list(krb5_context context, krb5_keylist_node *key_list) +{ + krb5_db2_context *db_ctx; + kdb5_dal_handle *dal_handle; + + if (!k5db2_inited(context)) + return (KRB5_KDB_DBNOTINITED); + + dal_handle = context->dal_handle; + db_ctx = dal_handle->db_context; + db_ctx->db_master_key_list = key_list; + return 0; +} + +krb5_error_code +krb5_db2_db_get_mkey_list(krb5_context context, krb5_keylist_node **key_list) +{ + krb5_db2_context *db_ctx; + kdb5_dal_handle *dal_handle; + + if (!k5db2_inited(context)) + return (KRB5_KDB_DBNOTINITED); + + dal_handle = context->dal_handle; + db_ctx = dal_handle->db_context; + *key_list = db_ctx->db_master_key_list; + + return 0; +} + /* * Set the "name" of the current database to some alternate value. * @@ -1171,8 +1202,19 @@ krb5_db2_db_iterate_ext(krb5_context context, retval = krb5_decode_princ_contents(context, &contdata, &entries); if (retval) break; + retval = k5_mutex_unlock(krb5_db2_mutex); + if (retval) + break; retval = (*func) (func_arg, &entries); krb5_dbe_free_contents(context, &entries); + /* Note: If re-locking fails, the wrapper in db2_exp.c will + still try to unlock it again. That would be a bug. Fix + when integrating the locking better. */ + if (retval) { + (void) k5_mutex_lock(krb5_db2_mutex); + break; + } + retval = k5_mutex_lock(krb5_db2_mutex); if (retval) break; if (!recursive) { diff --git a/src/plugins/kdb/db2/kdb_db2.h b/src/plugins/kdb/db2/kdb_db2.h index d6cb1e881..640c4d62d 100644 --- a/src/plugins/kdb/db2/kdb_db2.h +++ b/src/plugins/kdb/db2/kdb_db2.h @@ -42,7 +42,8 @@ typedef struct _krb5_db2_context { int db_locks_held; /* Number of times locked */ int db_lock_mode; /* Last lock mode, e.g. greatest*/ krb5_boolean db_nb_locks; /* [Non]Blocking lock modes */ - krb5_keyblock *db_master_key; /* Master key of database */ + krb5_keyblock *db_master_key; /* Master key of database */ + krb5_keylist_node *db_master_key_list; /* Master key list of database */ osa_adb_policy_t policy_db; krb5_boolean tempdb; } krb5_db2_context; @@ -121,6 +122,13 @@ krb5_db2_db_set_mkey( krb5_context context, krb5_error_code krb5_db2_db_get_mkey( krb5_context context, krb5_keyblock **key); +krb5_error_code +krb5_db2_db_set_mkey_list( krb5_context context, + krb5_keylist_node *keylist); + +krb5_error_code +krb5_db2_db_get_mkey_list( krb5_context context, + krb5_keylist_node **keylist); krb5_error_code krb5_db2_db_put_principal( krb5_context context, @@ -208,4 +216,7 @@ krb5_error_code krb5_db2_delete_policy ( krb5_context kcontext, void krb5_db2_free_policy( krb5_context kcontext, osa_policy_ent_t entry ); +/* Thread-safety wrapper slapped on top of original implementation. */ +extern k5_mutex_t *krb5_db2_mutex; + #endif /* KRB5_KDB_DB2_H */ |