Ticket History #7682: Mechglue dynamic initialization functions miss some functions

# Sat Jul 20 13:38:04 2013 simos (Simo Sorce) - Ticket created

Subject:

Mechglue dynamic initialization functions miss some functions

Download (untitled) / with headers
text/plain 274B

2 recent extensions were added to GSSAPI:
The Credential Store extensions and Export/Import credential extensions.

Unfortunately the new function pointers added to struct gss_config has
not been added to the dynamic loader used to load in memory external
mechanism plugins.

# Sat Jul 20 13:40:21 2013 simos (Simo Sorce) - Correspondence added

Download (untitled) / with headers
text/plain 31B

Patch to add cred store support

Download 6adeb0bcdaf6dd482764acfa1b16b53b672f7839.patch
text/x-diff 1.7KiB

From 6adeb0bcdaf6dd482764acfa1b16b53b672f7839 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Sat, 20 Jul 2013 17:19:19 +0000
Subject: Add support for loading credential store function

This will allow non-builtin mechanism and interposer mechanism to
implement custom credential store extensions if they wish.
---
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index 0d38105..22459eb 100644
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -689,6 +689,9 @@ build_dynamicMech(void *dl, const gss_OID mech_type)
GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_inquire_mech_for_saslname);
/* RFC 5587 */
GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_inquire_attrs_for_mech);
+ /* Credential Strore Extension */
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_from);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_store_cred_into);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_with_password);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_sec_context_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_name_by_mech);
@@ -787,6 +790,9 @@ build_interMech(void *dl, const gss_OID mech_type)
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _inquire_mech_for_saslname);
/* RFC 5587 */
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _inquire_attrs_for_mech);
+ /* Credential Strore Extension */
+ RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _acquire_cred_from);
+ RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _store_cred_into);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _acquire_cred_with_password);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_sec_context_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_name_by_mech);
--
cgit v0.9.1

# Sat Jul 20 13:40:46 2013 simos (Simo Sorce) - Correspondence added

Download (untitled) / with headers
text/plain 34B

Patch to add import/export support

Download 10cc64638fb15295bbf5c13a4e769c7fabc1ea65.patch
text/x-diff 1.7KiB

From 10cc64638fb15295bbf5c13a4e769c7fabc1ea65 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Sat, 20 Jul 2013 17:20:43 +0000
Subject: Add support for import/export credential functions

This will allow non-builtin mechanism and interposer mechanism to
implement custom import/export credential extensions if they wish.
---
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index 22459eb..2b4efe3 100644
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -693,6 +693,9 @@ build_dynamicMech(void *dl, const gss_OID mech_type)
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_from);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_store_cred_into);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_with_password);
+ /* Import/Export Credential extension */
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_export_cred);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_cred);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_sec_context_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_name_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_cred_by_mech);
@@ -794,6 +797,9 @@ build_interMech(void *dl, const gss_OID mech_type)
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _acquire_cred_from);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _store_cred_into);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _acquire_cred_with_password);
+ /* Import/Export Credential extension */
+ RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _export_cred);
+ RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_cred);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_sec_context_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_name_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_cred_by_mech);
--
cgit v0.9.1

# Sat Jul 20 13:47:35 2013 simos (Simo Sorce) - Correspondence added

Download (untitled) / with headers
text/plain 125B

[simos - Sat Jul 20 13:40:21 2013]:

Show quoted text

> Patch to add cred store support

Sorry this one was the wrong patch, new one attached.

Download dc3424786f7685418dcc05f9ba581569c2284354.patch
text/x-diff 1.7KiB

From dc3424786f7685418dcc05f9ba581569c2284354 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Sat, 20 Jul 2013 17:19:19 +0000
Subject: Add support for loading credential store function

This will allow non-builtin mechanism and interposer mechanism to
implement custom credential store extensions if they wish.
---
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index f5b8b15..96387b3 100644
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -680,6 +680,9 @@ build_dynamicMech(void *dl, const gss_OID mech_type)
GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_inquire_mech_for_saslname);
/* RFC 5587 */
GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_inquire_attrs_for_mech);
+ /* Credential Strore Extension */
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_acquire_cred_from);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_store_cred_into);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_with_password);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_sec_context_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_name_by_mech);
@@ -778,6 +781,9 @@ build_interMech(void *dl, const gss_OID mech_type)
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _inquire_mech_for_saslname);
/* RFC 5587 */
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _inquire_attrs_for_mech);
+ /* Credential Strore Extension */
+ RESOLVE_GSSI_SYMBOL(dl, mech, gss, _acquire_cred_from);
+ RESOLVE_GSSI_SYMBOL(dl, mech, gss, _store_cred_into);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _acquire_cred_with_password);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_sec_context_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_name_by_mech);
--
cgit v0.9.1

# Sat Jul 20 13:47:52 2013 simos (Simo Sorce) - Correspondence added

Download (untitled) / with headers
text/plain 128B

[simos - Sat Jul 20 13:40:46 2013]:

Show quoted text

> Patch to add import/export support

Sorry this one was the wrong patch, new one attached.

Download 121eb6a8e7f4404251eaabac5ed67902c6e5be23.patch
text/x-diff 1.7KiB

From 121eb6a8e7f4404251eaabac5ed67902c6e5be23 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Sat, 20 Jul 2013 17:20:43 +0000
Subject: Add support for import/export credential functions

This will allow non-builtin mechanism and interposer mechanism to
implement custom import/export credential extensions if they wish.
---
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index 96387b3..c06af6d 100644
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -684,6 +684,9 @@ build_dynamicMech(void *dl, const gss_OID mech_type)
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_acquire_cred_from);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_store_cred_into);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_with_password);
+ /* Import/Export Credential extension */
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_export_cred);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_import_cred);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_sec_context_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_name_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_cred_by_mech);
@@ -785,6 +788,9 @@ build_interMech(void *dl, const gss_OID mech_type)
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _acquire_cred_from);
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _store_cred_into);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _acquire_cred_with_password);
+ /* Import/Export Credential extension */
+ RESOLVE_GSSI_SYMBOL(dl, mech, gss, _export_cred);
+ RESOLVE_GSSI_SYMBOL(dl, mech, gss, _import_cred);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_sec_context_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_name_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_cred_by_mech);
--
cgit v0.9.1

# Sun Jul 21 01:10:26 2013 simos (Simo Sorce) - Correspondence added

Download (untitled) / with headers
text/plain 230B

[simos - Sat Jul 20 13:47:35 2013]:

Show quoted text

> [simos - Sat Jul 20 13:40:21 2013]:
>

> > Patch to add cred store support

>
> Sorry this one was the wrong patch, new one attached.

Improved commit comment and remove useless code comments

Download a2baf7c128396cb54047c14ef4340f505d9b7d56.patch
text/x-diff 1.8KiB

From a2baf7c128396cb54047c14ef4340f505d9b7d56 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Sat, 20 Jul 2013 17:19:19 +0000
Subject: Add dynamic loading of credential store functions

When the credential store feature was implement the related functions
were added to struct gss_config, but the initialization function that
dynamically loads modules was not changed to see if the plugin being
loaded provided such functions.

This will allow non-builtin mechanism and interposer mechanism to
implement custom credential store extensions if they wish.
---
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index f5b8b15..70cc4ee 100644
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -680,6 +680,8 @@ build_dynamicMech(void *dl, const gss_OID mech_type)
GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_inquire_mech_for_saslname);
/* RFC 5587 */
GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_inquire_attrs_for_mech);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_acquire_cred_from);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_store_cred_into);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_with_password);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_sec_context_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_name_by_mech);
@@ -778,6 +780,8 @@ build_interMech(void *dl, const gss_OID mech_type)
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _inquire_mech_for_saslname);
/* RFC 5587 */
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _inquire_attrs_for_mech);
+ RESOLVE_GSSI_SYMBOL(dl, mech, gss, _acquire_cred_from);
+ RESOLVE_GSSI_SYMBOL(dl, mech, gss, _store_cred_into);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _acquire_cred_with_password);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_sec_context_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_name_by_mech);
--
cgit v0.9.1

# Sun Jul 21 01:10:54 2013 simos (Simo Sorce) - Correspondence added

Download (untitled) / with headers
text/plain 233B

[simos - Sat Jul 20 13:47:52 2013]:

Show quoted text

> [simos - Sat Jul 20 13:40:46 2013]:
>

> > Patch to add import/export support

>
> Sorry this one was the wrong patch, new one attached.

Improved commit comment and removed useless code comment

Download c2eb5baaffa9d6ed69a7bd691d150fcd16540026.patch
text/x-diff 1.8KiB

From c2eb5baaffa9d6ed69a7bd691d150fcd16540026 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Sat, 20 Jul 2013 17:20:43 +0000
Subject: Add dynamic loading of import/export creds functions

When the import/export credential feature was implement the related
functions were added to struct gss_config, but the initialization
function that dynamically loads modules was not changed to see if
the plugin being loaded provided such functions.

This will allow non-builtin mechanism and interposer mechanism to
implement custom import/export credential extensions if they wish.
---
diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index 70cc4ee..48a825e 100644
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -683,6 +683,8 @@ build_dynamicMech(void *dl, const gss_OID mech_type)
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_acquire_cred_from);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_store_cred_into);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_with_password);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_export_cred);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_import_cred);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_sec_context_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_name_by_mech);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_cred_by_mech);
@@ -783,6 +785,8 @@ build_interMech(void *dl, const gss_OID mech_type)
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _acquire_cred_from);
RESOLVE_GSSI_SYMBOL(dl, mech, gss, _store_cred_into);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _acquire_cred_with_password);
+ RESOLVE_GSSI_SYMBOL(dl, mech, gss, _export_cred);
+ RESOLVE_GSSI_SYMBOL(dl, mech, gss, _import_cred);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_sec_context_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_name_by_mech);
RESOLVE_GSSI_SYMBOL(dl, mech, gssspi, _import_cred_by_mech);
--
cgit v0.9.1

# Sun Jul 21 02:24:43 2013 ghudson@mit.edu (Greg Hudson) - Given to ghudson@mit.edu (Greg Hudson)

# Sun Jul 21 02:24:43 2013 ghudson@mit.edu (Greg Hudson) - Status changed from 'new' to 'review'

# Sun Jul 21 02:24:43 2013 ghudson@mit.edu (Greg Hudson) - Correspondence added

From:	ghudson@mit.edu
Subject:	git commit

Download (untitled) / with headers
text/plain 734B

Load cred store functions from GSS modules

When the credential store feature was implement the related functions
were added to struct gss_config, but the initialization function that
dynamically loads modules was not changed to see if the plugin being
loaded provided such functions.

This will allow non-builtin mechanism and interposer mechanism to
implement custom credential store extensions if they wish.

https://github.com/krb5/krb5/commit/ee53a887bead08ec1354de3e74659da537f87515
Author: Simo Sorce <simo@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: ee53a887bead08ec1354de3e74659da537f87515
Branch: master
src/lib/gssapi/mechglue/g_initialize.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)

# Sun Jul 21 02:24:44 2013 ghudson@mit.edu (Greg Hudson) - Correspondence added

From:	ghudson@mit.edu
Subject:	git commit

Download (untitled) / with headers
text/plain 758B

Load import/export cred functions from GSS modules

When the import/export credential feature was implement the related
functions were added to struct gss_config, but the initialization
function that dynamically loads modules was not changed to see if
the plugin being loaded provided such functions.

This will allow non-builtin mechanism and interposer mechanism to
implement custom import/export credential extensions if they wish.

https://github.com/krb5/krb5/commit/744d6f873393b6bbd12e1c1884738676a089fa65
Author: Simo Sorce <simo@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 744d6f873393b6bbd12e1c1884738676a089fa65
Branch: master
src/lib/gssapi/mechglue/g_initialize.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)

# Sun Jul 21 02:25:39 2013 ghudson@mit.edu (Greg Hudson) - Target_Version 1.11.4 added

# Sun Jul 21 02:25:39 2013 ghudson@mit.edu (Greg Hudson) - Tags pullup added

# Fri Oct 11 13:37:53 2013 tlyu (Taylor Yu) - Status changed from 'review' to 'resolved'

# Fri Oct 11 13:37:53 2013 tlyu (Taylor Yu) - Version_Fixed 1.12 added

# Wed Dec 16 18:03:00 2015 tlyu (Taylor Yu) - CustomField pullup deleted