Authen-Krb5.diff   [plain text]


diff -Naur Authen-Krb5-1.6/Krb5.xs Authen-Krb5/Krb5.xs
--- Authen-Krb5-1.6/Krb5.xs	2011-08-19 10:48:48.000000000 -0700
+++ Authen-Krb5/Krb5.xs	2011-08-19 10:40:15.000000000 -0700
@@ -32,11 +32,71 @@
 typedef krb5_cc_cursor          *Authen__Krb5__CcacheCursor;
 typedef krb5_keyblock		*Authen__Krb5__KeyBlock;
 
-static krb5_context context = 0;
+static krb5_context context = NULL;
 static krb5_error_code err;
 static krb5_keytab_entry keytab_entry_init;
 
 /*
+ * These are internal Kerberos library functions that aren't prototyped and
+ * that we probably shouldn't be calling.  Prototype them with the arguments
+ * we expect and leave them for now pending an API cleanup.
+ *
+ * http://publib.boulder.ibm.com/iseries/v5r1/ic2924/index.htm?info/apis/krb5_free_krbhst.htm
+ * http://www.ncsa.illinois.edu/UserInfo/Resources/Software/kerberos/krb5api/krb5api4.html
+ */
+krb5_error_code krb5_free_krbhst(
+     krb5_context			context,
+     char * krb5_const *		host_list);
+
+krb5_error_code krb5_get_krbhst(
+     krb5_context			context,
+     krb5_const krb5_data *		realm,   
+     char ***				hostlist);
+
+krb5_error_code krb5_get_in_tkt_with_password(
+     krb5_context			context,
+     krb5_const krb5_flags		options,
+     krb5_address * krb5_const *	addrs,
+     krb5_enctype *			enctypes,
+     krb5_preauthtype *			pre_auth_types,   
+     krb5_const char *			password,
+     krb5_ccache			ccache,
+     krb5_creds *			creds,
+     krb5_kdc_rep **			ret_as_reply);
+
+krb5_error_code krb5_get_in_tkt_with_keytab(
+     krb5_context			context,
+     krb5_const krb5_flags		options,
+     krb5_address * krb5_const *	addrs,
+     krb5_enctype *			enctype,
+     krb5_preauthtype *			pre_auth_types,   
+     krb5_const krb5_keytab		keytab,
+     krb5_ccache			ccache,
+     krb5_creds *			creds,
+     krb5_kdc_rep **			ret_as_reply);
+
+krb5_error_code krb5_gen_replay_name(
+     krb5_context			context,
+     krb5_const krb5_address * 		inaddr,  
+     krb5_const char *			unique,
+     char **				string);
+
+void krb5_free_address(
+     krb5_context			context,  
+     krb5_address *			addr); 
+
+krb5_error_code krb5_gen_portaddr(/* IN */
+	krb5_context context,
+	const krb5_address * adr,
+	krb5_const_pointer ptr,
+	/* OUT */
+	krb5_address ** outaddr);
+
+void krb5_free_enc_tkt_part(/* IN/OUT */
+    krb5_context context,
+    krb5_enc_tkt_part * val);
+
+/*
  * The following three routines implement a "safehouse" for nested Kerberos
  * data structures which shouldn't be freed before their parent data
  * structures are freed.  Without this, "Bad free() ignored" errors as well
@@ -60,7 +120,7 @@
 
 	sprintf(key,"%p",sv);
 	if (!free_hash) free_hash = newHV();
-	hv_store(free_hash,key,strlen(key),&PL_sv_yes,0);
+	(void)hv_store(free_hash,key,strlen(key),&PL_sv_yes,0);
 }
 
 int should_free(SV *sv)
@@ -78,7 +138,7 @@
 
 	if (!free_hash) return;
 	sprintf(key,"%p",sv);
-	hv_delete(free_hash,key,strlen(key),G_DISCARD);
+	(void)hv_delete(free_hash,key,strlen(key),G_DISCARD);
 }
 
 
@@ -99,7 +159,7 @@
 	}
 	else {
 		ST(0) = sv_2mortal(newSVpv((char *)error_message(err), 0));
-		SvUPGRADE(ST(0), SVt_PVIV);
+		(void)SvUPGRADE(ST(0), SVt_PVIV);
 		SvIVX(ST(0)) = err;
 		SvIOK_on(ST(0));
 	}
@@ -108,7 +168,11 @@
 krb5_init_context()
 
 	CODE:
-	if (context) croak("Authen::Krb5 already initialized");
+	if (context)
+        {
+          krb5_free_context(context);
+          context = NULL;
+        }
 	err = krb5_init_context(&context);
 	if (err) XSRETURN_UNDEF;
 	XSRETURN_YES;
@@ -142,6 +206,22 @@
 	Safefree(realm);
 
 void
+krb5_context_is_inited()
+
+	CODE:
+	if (!context) XSRETURN_UNDEF;
+	XSRETURN_YES;
+
+void
+krb5_set_default_realm(realm)
+	char *realm;
+
+	CODE:
+	err = krb5_set_default_realm(context,realm);
+	if (err) XSRETURN_UNDEF;
+	XSRETURN_YES;
+
+void
 krb5_get_host_realm(host)
 	char *host
 
@@ -375,9 +455,11 @@
 
 	PREINIT:
 	krb5_data in_data, out_data;
+        STRLEN in_data_length;
 
 	CODE:
-	in_data.data = SvPV(in,in_data.length);
+	in_data.data = SvPV(in,in_data_length);
+        in_data.length = in_data_length;
 	err = krb5_mk_req(context,&auth_context,ap_req_options,service,hostname,
 		&in_data,cc,&out_data);
 	if (err) XSRETURN_UNDEF;
@@ -395,12 +477,14 @@
 
 	PREINIT:
 	krb5_data in_data;
+        STRLEN in_data_length;
 	krb5_ticket *t;
 	krb5_flags ap_req_options;
 
 	CODE:
 	if (!New(0,t,1,krb5_ticket)) XSRETURN_UNDEF;
-	in_data.data = SvPV(in,in_data.length);
+	in_data.data = SvPV(in,in_data_length);
+        in_data.length = in_data_length;
 	err = krb5_rd_req(context,&auth_context,&in_data,server,keytab,
 		NULL,&t);
 	if (err) XSRETURN_UNDEF;
@@ -457,9 +541,11 @@
 
 	PREINIT:
 	krb5_data in_data, out_data;
+        STRLEN in_data_length;
 
 	PPCODE:
-	in_data.data = SvPV(in,in_data.length);
+	in_data.data = SvPV(in,in_data_length);
+        in_data.length = in_data_length;
 	err = krb5_mk_priv(context,auth_context,&in_data,&out_data,NULL);
 	if (err) XSRETURN_UNDEF;
 	XPUSHs(sv_2mortal(newSVpv(out_data.data,out_data.length)));
@@ -472,9 +558,11 @@
 
 	PREINIT:
 	krb5_data in_data, out_data;
+        STRLEN in_data_length;
 
 	PPCODE:
-	in_data.data = SvPV(in,in_data.length);
+	in_data.data = SvPV(in,in_data_length);
+        in_data.length = in_data_length;
 	err = krb5_rd_priv(context,auth_context,&in_data,&out_data,NULL);
 	if (err) XSRETURN_UNDEF;
 	XPUSHs(sv_2mortal(newSVpv(out_data.data,out_data.length)));
@@ -485,9 +573,11 @@
 
 	PREINIT:
 	krb5_data rc_data;
+        STRLEN rc_data_length;
 
 	CODE:
-	rc_data.data=SvPV(piece,rc_data.length);
+	rc_data.data=SvPV(piece,rc_data_length);
+        rc_data.length = rc_data_length;
 	err = krb5_get_server_rcache(context,&rc_data,&RETVAL);
 
 	if (err) XSRETURN_UNDEF;
@@ -509,12 +599,14 @@
 
 	PREINIT:
 	krb5_data in_data;
+        STRLEN in_data_length;
 	krb5_creds *out_creds = NULL;
 	int fd;
 
 	PPCODE:
 	fd = fileno(fh);
-	in_data.data = SvPV(in,in_data.length);
+	in_data.data = SvPV(in,in_data_length);
+	in_data.length = in_data_length;
 	err = krb5_sendauth(context,&auth_context,&fd,version,client,server,
 		options,&in_data,in_creds,cc,NULL,NULL,&out_creds);
 	if (err) XSRETURN_UNDEF;
@@ -937,10 +1029,14 @@
 	unsigned int addrtype
 	SV *contents
 
+	PREINIT:
+        STRLEN length;
+
 	CODE:
 	if (!New(0,RETVAL,1,krb5_address)) XSRETURN_UNDEF;
 	RETVAL->addrtype = addrtype;
-	RETVAL->contents = (krb5_octet *)SvPV(contents,RETVAL->length);
+	RETVAL->contents = (krb5_octet *)SvPV(contents,length);
+        RETVAL->length = length;
 	
 	OUTPUT:
 	RETVAL
@@ -983,8 +1079,8 @@
         Authen::Krb5::Keyblock keyblock
 
         CODE:
-        ST(0) = keyblock->contents
-	    ? sv_2mortal(newSVpv(keyblock->contents, keyblock->length))
+        ST(0) = (keyblock->contents)
+	    ? sv_2mortal(newSVpv((char *)keyblock->contents, keyblock->length))
             : &PL_sv_undef;
 
 
diff -Naur Authen-Krb5-1.6/krb5_constants.c Authen-Krb5/krb5_constants.c
--- Authen-Krb5-1.6/krb5_constants.c	2011-08-19 10:48:48.000000000 -0700
+++ Authen-Krb5/krb5_constants.c	2011-08-18 15:40:10.000000000 -0700
@@ -1366,6 +1366,8 @@
 #else
 	    goto not_there;
 #endif
+#if 0
+        /* Returning these variables make no sense as they should be strings, not numbers. These macros get used to mark up function prototypes in krb5.h. */
 	if (strEQ(name, "KRB5_CALLCONV"))
 #ifdef KRB5_CALLCONV
 	    return KRB5_CALLCONV;
@@ -1378,6 +1380,7 @@
 #else
 	    goto not_there;
 #endif
+#endif
 	if (strEQ(name, "KRB5_CCACHE_BADVNO"))
 #ifdef KRB5_CCACHE_BADVNO
 	    return KRB5_CCACHE_BADVNO;
@@ -1558,12 +1561,15 @@
 #else
 	    goto not_there;
 #endif
+#if 0
+        /* This one is a header inclusion guard, not a number. So can't really return it. */
 	if (strEQ(name, "KRB5_GENERAL__"))
 #ifdef KRB5_GENERAL__
 	    return KRB5_GENERAL__;
 #else
 	    goto not_there;
 #endif
+#endif
 	if (strEQ(name, "KRB5_GET_IN_TKT_LOOP"))
 #ifdef KRB5_GET_IN_TKT_LOOP
 	    return KRB5_GET_IN_TKT_LOOP;