diff options
author | Simo Sorce <idra@samba.org> | 2012-04-20 13:14:30 -0400 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2012-04-23 16:40:05 -0400 |
commit | 110dad8c9eb95e6729e589b52ef204d369803bdb (patch) | |
tree | 89703746eb0c7f86efbd70c92d18acd6b7b3b5d9 /source4/auth/kerberos | |
parent | 090f9072da6974b506901547c0091e3e1b8a11cc (diff) | |
download | samba-110dad8c9eb95e6729e589b52ef204d369803bdb.tar.gz samba-110dad8c9eb95e6729e589b52ef204d369803bdb.tar.bz2 samba-110dad8c9eb95e6729e589b52ef204d369803bdb.zip |
Make krb5 context initialization not heimdal specific
Turn the logging data to an opaque pointer.
Ifdef code and use MIT logging function when built against system MIT.
Diffstat (limited to 'source4/auth/kerberos')
-rw-r--r-- | source4/auth/kerberos/krb5_init_context.c | 72 | ||||
-rw-r--r-- | source4/auth/kerberos/krb5_init_context.h | 4 |
2 files changed, 54 insertions, 22 deletions
diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c index fbcaad29d9..e3c0876f1a 100644 --- a/source4/auth/kerberos/krb5_init_context.c +++ b/source4/auth/kerberos/krb5_init_context.c @@ -30,7 +30,7 @@ #include "param/param.h" #include "libcli/resolve/resolve.h" #include "../lib/tsocket/tsocket.h" - +#include "krb5_init_context.h" /* context structure for operations on cldap packets */ @@ -52,9 +52,17 @@ struct smb_krb5_socket { static krb5_error_code smb_krb5_context_destroy(struct smb_krb5_context *ctx) { - /* Otherwise krb5_free_context will try and close what we have already free()ed */ - krb5_set_warn_dest(ctx->krb5_context, NULL); - krb5_closelog(ctx->krb5_context, ctx->logf); +#ifdef SAMBA4_USES_HEIMDAL + if (ctx->pvt_log_data) { + /* Otherwise krb5_free_context will try and close what we + * have already free()ed */ + krb5_set_warn_dest(ctx->krb5_context, NULL); + krb5_closelog(ctx->krb5_context, + (krb5_log_facility *)ctx->pvt_log_data); + } +#else + krb5_set_trace_callback(ctx->krb5_context, NULL, NULL); +#endif krb5_free_context(ctx->krb5_context); return 0; } @@ -64,10 +72,19 @@ static void smb_krb5_debug_close(void *private_data) { return; } +#ifdef SAMBA4_USES_HEIMDAL static void smb_krb5_debug_wrapper(const char *timestr, const char *msg, void *private_data) { DEBUG(3, ("Kerberos: %s\n", msg)); } +#else +static void smb_krb5_debug_wrapper(krb5_context context, + const struct krb5_trace_info *info, + void *cb_data) +{ + DEBUG(3, ("Kerberos: %s\n", info->message)); +} +#endif /* handle recv events on a smb_krb5 socket @@ -461,6 +478,10 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, { krb5_error_code ret; TALLOC_CTX *tmp_ctx; + krb5_context kctx; +#ifdef SAMBA4_USES_HEIMDAL + krb5_log_facility *logf; +#endif initialize_krb5_error_table(); @@ -472,37 +493,39 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, return ENOMEM; } - ret = smb_krb5_init_context_basic(tmp_ctx, lp_ctx, - &(*smb_krb5_context)->krb5_context); + ret = smb_krb5_init_context_basic(tmp_ctx, lp_ctx, &kctx); if (ret) { DEBUG(1,("smb_krb5_context_init_basic failed (%s)\n", error_message(ret))); talloc_free(tmp_ctx); return ret; } + (*smb_krb5_context)->krb5_context = kctx; + talloc_set_destructor(*smb_krb5_context, smb_krb5_context_destroy); + +#ifdef SAMBA4_USES_HEIMDAL /* TODO: Should we have a different name here? */ - ret = krb5_initlog((*smb_krb5_context)->krb5_context, "Samba", &(*smb_krb5_context)->logf); + ret = krb5_initlog(kctx, "Samba", &logf); if (ret) { DEBUG(1,("krb5_initlog failed (%s)\n", - smb_get_krb5_error_message((*smb_krb5_context)->krb5_context, ret, tmp_ctx))); - krb5_free_context((*smb_krb5_context)->krb5_context); + smb_get_krb5_error_message(kctx, ret, tmp_ctx))); talloc_free(tmp_ctx); return ret; } + (*smb_krb5_context)->pvt_log_data = logf; - talloc_set_destructor(*smb_krb5_context, smb_krb5_context_destroy); - - ret = krb5_addlog_func((*smb_krb5_context)->krb5_context, (*smb_krb5_context)->logf, 0 /* min */, -1 /* max */, - smb_krb5_debug_wrapper, smb_krb5_debug_close, NULL); + ret = krb5_addlog_func(kctx, logf, 0 /* min */, -1 /* max */, + smb_krb5_debug_wrapper, + smb_krb5_debug_close, NULL); if (ret) { DEBUG(1,("krb5_addlog_func failed (%s)\n", - smb_get_krb5_error_message((*smb_krb5_context)->krb5_context, ret, tmp_ctx))); + smb_get_krb5_error_message(kctx, ret, tmp_ctx))); talloc_free(tmp_ctx); return ret; } - krb5_set_warn_dest((*smb_krb5_context)->krb5_context, (*smb_krb5_context)->logf); + krb5_set_warn_dest(kctx, logf); /* Set use of our socket lib */ if (ev) { @@ -515,13 +538,22 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, } } - talloc_steal(parent_ctx, *smb_krb5_context); - talloc_free(tmp_ctx); - /* Set options in kerberos */ - krb5_set_dns_canonicalize_hostname((*smb_krb5_context)->krb5_context, - lpcfg_parm_bool(lp_ctx, NULL, "krb5", "set_dns_canonicalize", false)); + krb5_set_dns_canonicalize_hostname(kctx, + lpcfg_parm_bool(lp_ctx, NULL, "krb5", + "set_dns_canonicalize", false)); +#else + ret = krb5_set_trace_callback(kctx, smb_krb5_debug_wrapper, NULL); + if (ret && ret != KRB5_TRACE_NOSUPP) { + DEBUG(1, ("krb5_set_trace_callback failed (%s)\n" + smb_get_krb5_error_message(kctx, ret, tmp_ctx))); + talloc_free(tmp_ctx); + return ret; + } +#endif + talloc_steal(parent_ctx, *smb_krb5_context); + talloc_free(tmp_ctx); return 0; } diff --git a/source4/auth/kerberos/krb5_init_context.h b/source4/auth/kerberos/krb5_init_context.h index 835438cc5b..24ae374cd7 100644 --- a/source4/auth/kerberos/krb5_init_context.h +++ b/source4/auth/kerberos/krb5_init_context.h @@ -22,10 +22,10 @@ struct smb_krb5_context { krb5_context krb5_context; - krb5_log_facility *logf; + void *pvt_log_data; struct tevent_context *current_ev; }; - + struct tevent_context; struct loadparm_context; |