r12026 - in /branches/upstream/libauthen-krb5-perl/current: Changes Krb5.pm Krb5.xs Makefile.PL

ghostbar-guest at users.alioth.debian.org ghostbar-guest at users.alioth.debian.org
Sat Jan 5 02:12:14 UTC 2008


Author: ghostbar-guest
Date: Sat Jan  5 02:12:14 2008
New Revision: 12026

URL: http://svn.debian.org/wsvn/?sc=1&rev=12026
Log:
[svn-upgrade] Integrating new upstream version, libauthen-krb5-perl (1.7)

Modified:
    branches/upstream/libauthen-krb5-perl/current/Changes
    branches/upstream/libauthen-krb5-perl/current/Krb5.pm
    branches/upstream/libauthen-krb5-perl/current/Krb5.xs
    branches/upstream/libauthen-krb5-perl/current/Makefile.PL

Modified: branches/upstream/libauthen-krb5-perl/current/Changes
URL: http://svn.debian.org/wsvn/branches/upstream/libauthen-krb5-perl/current/Changes?rev=12026&op=diff
==============================================================================
--- branches/upstream/libauthen-krb5-perl/current/Changes (original)
+++ branches/upstream/libauthen-krb5-perl/current/Changes Sat Jan  5 02:12:14 2008
@@ -1,30 +1,42 @@
 Revision history for Perl extension Krb5.
 
-1.6	Add methods for iterating through credentials cache
-        (mbrown at fensystems.co.uk)
-	Deprecated init_ets
-	Fix some compiler warnings
+1.7     Use standard search paths for includes and libs
+        Add get_init_creds_password (rra at debian.org)
+        Add get_init_creds_keytab (rra at debian.org)
+        Add a destructor for Authen::Krb5::Creds (rra at debian.org)
+        Add store_cred() method to Authen::Krb5::Ccache (rra at debian.org)
+        Reimplement deprecated get_in_tkt_with_password and
+          get_in_tkt_with_keytab functions to use the the more current
+          get_init_creds_{password,keytab}, krb5_cc_initialize, and
+          krb5_cc_store_cred (rra at debian.org)
+        Set context to NULL after calling krb5_free_context
+          (Wolfgang.Friebel at desy.de)
 
-1.5	Fix broken compile for Authen::Krb5::Keytab::get_name()
+1.6     Add methods for iterating through credentials cache
+          (mbrown at fensystems.co.uk)
+        Deprecated init_ets
+        Fix some compiler warnings
 
-1.4	Added methods for manipulating keytabs (ajk at iu.edu)
-	Added keyblock accessor functions to allow use of the session key.
+1.5     Fix broken compile for Authen::Krb5::Keytab::get_name()
 
-1.3	Added get_in_tkt_with_keytab() function (jorgen at greytower.net)
+1.4     Added methods for manipulating keytabs (ajk at iu.edu)
+        Added keyblock accessor functions to allow use of the session key.
+
+1.3     Added get_in_tkt_with_keytab() function (jorgen at greytower.net)
 
 1.2     Minor fix to support building for Perl 5.6.
 
 1.1     Corrected logic in freed() (internal memory management)
         Fixed segfault on Linux when calling Authen::Krb5::Ccache::DESTROY
-	 after calling Authen::Krb5::Ccache::destroy()
-	Changed Makefile.PL to support auto-detection of crypto libraries.
-	Added support for building with MIT Kerberos 5 Version 1.1.1
-	
-1.0	Moved module into the Authen:: namespace.
-	Changed return syntax for some functions.  Compilation was failing
-	 on certain platforms.
-	Fixed some minor bugs.
+          after calling Authen::Krb5::Ccache::destroy()
+        Changed Makefile.PL to support auto-detection of crypto libraries.
+        Added support for building with MIT Kerberos 5 Version 1.1.1
+        
+1.0     Moved module into the Authen:: namespace.
+        Changed return syntax for some functions.  Compilation was failing
+          on certain platforms.
+        Fixed some minor bugs.
 
-0.90	Tue Mar 17 10:25:43 1998
-	- original version; created by h2xs 1.18
+0.90    Tue Mar 17 10:25:43 1998
+        - original version; created by h2xs 1.18
 

Modified: branches/upstream/libauthen-krb5-perl/current/Krb5.pm
URL: http://svn.debian.org/wsvn/branches/upstream/libauthen-krb5-perl/current/Krb5.pm?rev=12026&op=diff
==============================================================================
--- branches/upstream/libauthen-krb5-perl/current/Krb5.pm (original)
+++ branches/upstream/libauthen-krb5-perl/current/Krb5.pm Sat Jan  5 02:12:14 2008
@@ -52,7 +52,7 @@
 	KRB5_NT_UNKNOWN
 	KRB5_TGS_NAME
 );
-$VERSION = '1.6';
+$VERSION = '1.7';
 
 sub KRB5_TGS_NAME() { return "krbtgt"; }
 
@@ -188,21 +188,48 @@
 I<kvno> and I<enctype>) and returns the key in the form of an
 Authen::Krb5::Keyblock object.
 
+=item get_init_creds_password(client, password[, service])
+
+Attempt to get an initial ticket for the client.  'client' is a principal
+object for which you want an initial ticket.  'password' is the password for
+the client.  'service', if given, is the string representation (not a
+principal object) for the ticket to acquire.  If not given, it defaults to
+krbtgt/REALM at REALM for the local realm.  Returns an Authen::Krb5::Creds
+object or undef on failure.
+
+=item get_init_creds_keytab(client, keytab[, service])
+
+Attempt to get an inintial ticket for the client using a keytab.  'client'
+is a principal object for which you want an initial ticket.  'keytab' is a
+keytab object created with kt_resolve.  'service', if given, is the string
+representation (not a principal object) for the ticket to acquire.  If not
+given, it defaults to krbtgt/REALM at REALM for the local realm.  Returns an
+Authen::Krb5::Creds object or undef on failure.
+
 =item get_in_tkt_with_password(client,server,password,cc)
 
 Attempt to get an initial ticket for the client.  'client' is a principal
 object for which you want an initial ticket.  'server' is a principal object
-for the service (usually krbtgt/REALM at REALM).  'password' is the password for
-the client, and 'cc' is a Authen::Krb5::Ccache object representing the current
-credentials cache.  Returns a Kerberos error code.
+for the service (usually krbtgt/REALM at REALM).  'password' is the password
+for the client, and 'cc' is a Authen::Krb5::Ccache object representing the
+current credentials cache.  Returns a Kerberos error code.
+
+Although this interface is deprecated in the Kerberos C libraries, it's
+supported in the Perl module.  In this module, it's implemented in terms of
+krb5_get_init_creds_password, krb5_cc_initialize, and krb5_cc_store_cred.
 
 =item get_in_tkt_with_keytab(client,server,keytab,cc)
 
 Obtain an initial ticket for the client using a keytab.  'client' is a
-principal object for which you want an initial ticket.  'server' is a principal
-object for the service (usually krbtgt/REALM at REALM).  'keytab' is a keytab
-object createed with kt_resolve.  'cc' is a Authen::Krb5::Ccache object
-representing the current credentials cache.  Returns a Kerberos error code.
+principal object for which you want an initial ticket.  'server' is a
+principal object for the service (usually krbtgt/REALM at REALM).  'keytab' is
+a keytab object createed with kt_resolve.  'cc' is a Authen::Krb5::Ccache
+object representing the current credentials cache.  Returns a Kerberos error
+code.
+
+Although this interface is deprecated in the Kerberos C libraries, it's
+supported in the Perl module.  In this module, it's implemented in terms of
+krb5_get_init_creds_keytab, krb5_cc_initialize, and krb5_cc_store_cred.
 
 =item mk_req(auth_context,ap_req_options,service,hostname,in,cc)
 
@@ -322,6 +349,12 @@
 Creates/refreshes a credentials cache for the primary principal 'p'.  If the
 cache already exists, its contents are destroyed.
 
+=item o store_cred(creds)
+
+Stores the given credentials, which should be an Authen::Krb5::Creds object
+as returned from get_init_creds_password() or get_init_creds_keytab(), in
+the cache.
+
 =item o get_name
 
 Returns the name of the credentials cache.

Modified: branches/upstream/libauthen-krb5-perl/current/Krb5.xs
URL: http://svn.debian.org/wsvn/branches/upstream/libauthen-krb5-perl/current/Krb5.xs?rev=12026&op=diff
==============================================================================
--- branches/upstream/libauthen-krb5-perl/current/Krb5.xs (original)
+++ branches/upstream/libauthen-krb5-perl/current/Krb5.xs Sat Jan  5 02:12:14 2008
@@ -6,6 +6,7 @@
 #include "XSUB.h"
 #include <krb5.h>
 #include <com_err.h>
+#include <errno.h>
 #include "krb5_constants.c"
 
 #ifdef __cplusplus
@@ -32,7 +33,7 @@
 typedef krb5_cc_cursor          *Authen__Krb5__CcacheCursor;
 typedef krb5_keyblock		*Authen__Krb5__KeyBlock;
 
-static krb5_context context = 0;
+static krb5_context context = NULL;
 static krb5_error_code err;
 static krb5_keytab_entry keytab_entry_init;
 
@@ -119,6 +120,7 @@
 	CODE:
 	if (!context) croak("Authen::Krb5 not yet initialized");
 	krb5_free_context(context);
+        context = NULL;
 
 void
 krb5_init_ets()
@@ -310,6 +312,68 @@
         OUTPUT:
         RETVAL
 
+Authen::Krb5::Creds
+krb5_get_init_creds_password(client, password, service = NULL)
+	Authen::Krb5::Principal client
+	char *password
+	char *service
+
+	PREINIT:
+	krb5_get_init_creds_opt opt;
+
+	CODE:
+	if (service != NULL && service[0] == '\0') service = NULL;
+	RETVAL = calloc(1, sizeof(krb5_creds));
+	if (RETVAL == NULL) {
+		err = errno;
+		XSRETURN_UNDEF;
+	}
+	krb5_get_init_creds_opt_init(&opt);
+
+	err = krb5_get_init_creds_password(context, RETVAL, client, password,
+		NULL, NULL, 0, service, &opt);
+	if (err) {
+		free(RETVAL);
+		XSRETURN_UNDEF;
+	}
+	can_free((SV *)RETVAL);
+
+	OUTPUT:
+	RETVAL
+
+Authen::Krb5::Creds
+krb5_get_init_creds_keytab(client, keytab, service = NULL)
+	Authen::Krb5::Principal client
+	Authen::Krb5::Keytab keytab
+	char *service
+
+	PREINIT:
+	krb5_get_init_creds_opt opt;
+
+	CODE:
+	if (service != NULL && service[0] == '\0') service = NULL;
+	RETVAL = calloc(1, sizeof(krb5_creds));
+	if (RETVAL == NULL) {
+		err = errno;
+		XSRETURN_UNDEF;
+	}
+	krb5_get_init_creds_opt_init(&opt);
+
+	err = krb5_get_init_creds_keytab(context, RETVAL, client, keytab, 0,
+		service, &opt);
+	if (err) {
+		free(RETVAL);
+		XSRETURN_UNDEF;
+	}
+	can_free((SV *)RETVAL);
+
+	OUTPUT:
+	RETVAL
+
+
+ # These are legacy interfaces which are deprecated in the current MIT
+ # Kerberos.  Reimplement them in terms of the new get_init_creds
+ # interfaces rather than call the deprecated functions.
 void
 krb5_get_in_tkt_with_password(client, server, password, cc)
 	Authen::Krb5::Principal client
@@ -319,49 +383,69 @@
 
 	PREINIT:
 	krb5_creds cr;
-	krb5_timestamp now;
-	krb5_deltat lifetime = 0;
+	krb5_get_init_creds_opt opt;
+	char *service;
 
 	CODE:
 	memset((char *)&cr,0,sizeof(krb5_creds));
-	krb5_timeofday(context, &now);
-	cr.client = client;
-	cr.server = server;
-	cr.times.starttime = now;
-	cr.times.endtime = now + KRB5_DEFAULT_LIFE;
-	cr.times.renew_till = 0;
-
-	err = krb5_get_in_tkt_with_password(context, 0, 0, NULL, NULL,
-		password, cc, &cr, 0);
-
-	if (err) XSRETURN_UNDEF;
+	krb5_get_init_creds_opt_init(&opt);
+	err = krb5_unparse_name(context, server, &service);
+	if (err) XSRETURN_UNDEF;
+
+	err = krb5_get_in_tkt_with_password(context, &cr, client, password,
+		NULL, NULL, 0, service, &opt);
+	free(service);
+	if (err) XSRETURN_UNDEF;
+
+	err = krb5_cc_initialize(context, cc, client);
+	if (err) {
+		krb5_free_cred_contents(context, &cr);
+		XSRETURN_UNDEF;
+	}
+	err = krb5_cc_store_cred(context, cc, &cr);
+	if (err) {
+		krb5_free_cred_contents(context, &cr);
+		XSRETURN_UNDEF;
+	}
+	krb5_free_cred_contents(context, &cr);
+
 	XSRETURN_YES;
 
 void
 krb5_get_in_tkt_with_keytab(client, server, keytab, cc)
 	Authen::Krb5::Principal client
 	Authen::Krb5::Principal server
-	Authen::Krb5::Keytab    keytab
+	Authen::Krb5::Keytab keytab
 	Authen::Krb5::Ccache cc
 
 	PREINIT:
 	krb5_creds cr;
-	krb5_timestamp now;
-	krb5_deltat lifetime = 0;
-
-	CODE:
-	memset((char *)&cr,0,sizeof(krb5_creds));
-	krb5_timeofday(context, &now);
-	cr.client = client;
-	cr.server = server;
-	cr.times.starttime = now;
-	cr.times.endtime = now + KRB5_DEFAULT_LIFE;
-	cr.times.renew_till = 0;
-
-	err = krb5_get_in_tkt_with_keytab(context, 0, 0, NULL, NULL,
-		keytab, cc, &cr, 0);
-
-	if (err) XSRETURN_UNDEF;
+	krb5_get_init_creds_opt opt;
+	char *service;
+
+	CODE:
+	memset(&cr,0,sizeof(krb5_creds));
+	krb5_get_init_creds_opt_init(&opt);
+	err = krb5_unparse_name(context, server, &service);
+	if (err) XSRETURN_UNDEF;
+
+	err = krb5_get_init_creds_keytab(context, &cr, client, keytab, 0,
+		service, &opt);
+	free(service);
+	if (err) XSRETURN_UNDEF;
+
+	err = krb5_cc_initialize(context, cc, client);
+	if (err) {
+		krb5_free_cred_contents(context, &cr);
+		XSRETURN_UNDEF;
+	}
+	err = krb5_cc_store_cred(context, cc, &cr);
+	if (err) {
+		krb5_free_cred_contents(context, &cr);
+		XSRETURN_UNDEF;
+	}
+	krb5_free_cred_contents(context, &cr);
+
 	XSRETURN_YES;
 
 SV *
@@ -602,6 +686,16 @@
 		XSRETURN_YES;
 	}
 
+void
+store_cred(cc, creds)
+	Authen::Krb5::Ccache cc
+	Authen::Krb5::Creds creds
+
+	CODE:
+	err = krb5_cc_store_cred(context, cc, creds);
+	if (err) XSRETURN_UNDEF;
+	XSRETURN_YES;
+
 const char *
 get_name(cc)
 	Authen::Krb5::Ccache cc
@@ -1177,3 +1271,16 @@
 
         OUTPUT:
         RETVAL
+
+MODULE = Authen::Krb5   PACKAGE = Authen::Krb5::Creds
+
+void
+DESTROY(creds)
+        Authen::Krb5::Creds creds
+
+        CODE:
+        if (creds && should_free((SV *)creds)) {
+                krb5_free_cred_contents(context, creds);
+                free(creds);
+                freed((SV *)creds);
+        }

Modified: branches/upstream/libauthen-krb5-perl/current/Makefile.PL
URL: http://svn.debian.org/wsvn/branches/upstream/libauthen-krb5-perl/current/Makefile.PL?rev=12026&op=diff
==============================================================================
--- branches/upstream/libauthen-krb5-perl/current/Makefile.PL (original)
+++ branches/upstream/libauthen-krb5-perl/current/Makefile.PL Sat Jan  5 02:12:14 2008
@@ -3,7 +3,7 @@
 ##### CHANGE THESE ACCORDING TO YOUR CONFIGURATION #####
 
 # location of Kerberos 5 libraries
-my $KRB5_LIBDIR = '/usr/local/krb5/lib';
+my $KRB5_LIBDIR = '/usr/lib';
 
 # any extra libraries?
 # add -lresolv here if you get errors like the following (usually on linux):
@@ -11,7 +11,7 @@
 my $KRB5_EXTRALIBS = '-lresolv';
 
 # location of Kerberos 5 includes
-my $KRB5_INCDIR = '/usr/local/krb5/include';
+my $KRB5_INCDIR = '/usr/include';
 
 # any extra include flags?
 my $KRB5_EXTRAINCS = '';




More information about the Pkg-perl-cvs-commits mailing list