MySQL 8.4.0
Source Code Documentation
krb5_interface.h
Go to the documentation of this file.
1/* Copyright (c) 2023, 2024, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is designed to work with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have either included with
13 the program or referenced in the documentation.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License, version 2.0, for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23
24#ifndef _KRB5_INTERFACE_H_
25#define _KRB5_INTERFACE_H_
26
27#include <string>
28
29#include <assert.h>
30#include <krb5/krb5.h>
31#include <my_sharedlib.h>
32#include <profile.h>
33
34#include "log_client.h"
35
36namespace auth_ldap_sasl_client {
37
38/**
39 \defgroup Krb5FunctionTypes Types of Krb5 interface functions.
40 @{
41*/
42using krb5_build_principal_type = krb5_error_code (*)(krb5_context context,
43 krb5_principal *princ,
44 unsigned int rlen,
45 const char *realm, ...);
46using krb5_cc_close_type = krb5_error_code (*)(krb5_context context,
47 krb5_ccache cache);
48using krb5_cc_default_type = krb5_error_code (*)(krb5_context context,
49 krb5_ccache *ccache);
50using krb5_cc_get_principal_type = krb5_error_code (*)(
51 krb5_context context, krb5_ccache cache, krb5_principal *principal);
52using krb5_cc_initialize_type = krb5_error_code (*)(krb5_context context,
53 krb5_ccache cache,
54 krb5_principal principal);
55using krb5_cc_remove_cred_type = krb5_error_code (*)(krb5_context context,
56 krb5_ccache cache,
57 krb5_flags flags,
58 krb5_creds *creds);
59using krb5_cc_retrieve_cred_type = krb5_error_code (*)(krb5_context context,
60 krb5_ccache cache,
61 krb5_flags flags,
62 krb5_creds *mcreds,
63 krb5_creds *creds);
64using krb5_cc_store_cred_type = krb5_error_code (*)(krb5_context context,
65 krb5_ccache cache,
66 krb5_creds *creds);
67using krb5_free_context_type = void (*)(krb5_context context);
68using krb5_free_cred_contents_type = void (*)(krb5_context context,
69 krb5_creds *val);
70using krb5_free_default_realm_type = void (*)(krb5_context context,
71 char *lrealm);
72using krb5_free_error_message_type = void (*)(krb5_context ctx,
73 const char *msg);
74using krb5_free_principal_type = void (*)(krb5_context context,
75 krb5_principal val);
76using krb5_free_unparsed_name_type = void (*)(krb5_context context, char *val);
77using krb5_get_default_realm_type = krb5_error_code (*)(krb5_context context,
78 char **lrealm);
79using krb5_get_error_message_type = const char *(*)(krb5_context ctx,
80 krb5_error_code code);
81using krb5_get_init_creds_opt_alloc_type =
82 krb5_error_code (*)(krb5_context context, krb5_get_init_creds_opt **opt);
83using krb5_get_init_creds_opt_free_type =
84 void (*)(krb5_context context, krb5_get_init_creds_opt *opt);
85using krb5_get_init_creds_password_type = krb5_error_code (*)(
86 krb5_context context, krb5_creds *creds, krb5_principal client,
87 const char *password, krb5_prompter_fct prompter, void *data,
88 krb5_deltat start_time, const char *in_tkt_service,
89 krb5_get_init_creds_opt *k5_gic_options);
90using krb5_get_profile_type = krb5_error_code (*)(krb5_context context,
91 struct _profile_t **profile);
92
93using krb5_init_context_type = krb5_error_code (*)(krb5_context *context);
94using krb5_parse_name_type = krb5_error_code (*)(krb5_context context,
95 const char *name,
96 krb5_principal *principal_out);
97using krb5_timeofday_type = krb5_error_code (*)(krb5_context context,
98 krb5_timestamp *timeret);
99using krb5_unparse_name_type = krb5_error_code (*)(
100 krb5_context context, krb5_const_principal principal, char **name);
101using krb5_verify_init_creds_type = krb5_error_code (*)(
102 krb5_context context, krb5_creds *creds, krb5_principal server,
103 krb5_keytab keytab, krb5_ccache *ccache,
104 krb5_verify_init_creds_opt *options);
105using profile_get_boolean_type = long (*)(profile_t profile, const char *name,
106 const char *subname,
107 const char *subsubname, int def_val,
108 int *ret_default);
109using profile_get_string_type = long (*)(profile_t profile, const char *name,
110 const char *subname,
111 const char *subsubname,
112 const char *def_val,
113 char **ret_string);
114using profile_release_type = void (*)(profile_t profile);
115using profile_release_string_type = void (*)(char *str);
116/**@}*/
117
118/**
119 Shortcut macro defining getter of the interfacee function
120*/
121#define KRB5_INTERFACE_DECLARE_FUNCTION(FUNCTION) \
122 auto FUNCTION() { \
123 assert(FUNCTION##_ptr); \
124 return FUNCTION##_ptr; \
125 }
126
127/**
128 Shortcut macro defining pointer to the interfacee function
129*/
130#define KRB5_INTERFACE_DECLARE_FUNCTION_PTR(FUNCTION) \
131 FUNCTION##_type FUNCTION##_ptr;
132
133/**
134 Class representing interface to KRB5 functions.
135 The functions are located in a library or libraries that are loaded in
136 runtime. The class provides easy and safe access to them.
137*/
138class Krb5_interface {
139 public:
140 /**
141 Constructor.
142 The constructor is trivial and the libraries are not loaded by it. This is
143 done in initialize() to give chance the caller to check if succeeded.
144 */
145 Krb5_interface();
146
147 /**
148 Destructor.
149 Closes the libraries.
150 */
151 ~Krb5_interface();
152
153 /**
154 Initialize the object by loading the libraries and setting pointers to the
155 interface functions. It must be called before any interface functions are
156 called.
157
158 @retval true success
159 @retval false failure
160 */
161 bool initialize();
162
163 /**
164 \defgroup Krb5Functions Getters of pointers to the interface functions.
165 @{
166 */
167 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_build_principal)
168 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_close)
169 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_default)
170 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_get_principal)
171 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_initialize)
172 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_remove_cred)
173 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_retrieve_cred)
174 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_store_cred)
175 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_context)
176 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_cred_contents)
177 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_default_realm)
178 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_error_message)
179 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_principal)
180 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_unparsed_name)
181 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_default_realm)
182 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_error_message)
183 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_init_creds_opt_alloc)
184 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_init_creds_opt_free)
185 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_init_creds_password)
186 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_profile)
187 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_init_context)
188 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_parse_name)
189 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_timeofday)
190 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_unparse_name)
191 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_verify_init_creds)
192 KRB5_INTERFACE_DECLARE_FUNCTION(profile_get_boolean)
193 KRB5_INTERFACE_DECLARE_FUNCTION(profile_get_string)
194 KRB5_INTERFACE_DECLARE_FUNCTION(profile_release)
195 KRB5_INTERFACE_DECLARE_FUNCTION(profile_release_string)
196 /**@}*/
197
198 private:
199 /**
200 Handle to the library providing krb5_* functions
201 */
202 void *krb5_lib_handle;
203
204 /**
205 Handle to the library providing profile_* functions
206 */
207 void *profile_lib_handle;
208
209 /**
210 \defgroup Krb5FunctionPointers Pointers to the interface functions.
211 @{
212 */
213 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_build_principal)
214 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_close)
215 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_default)
216 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_get_principal)
217 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_initialize)
218 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_remove_cred)
219 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_retrieve_cred)
220 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_store_cred)
221 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_context)
222 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_cred_contents)
223 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_default_realm)
224 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_error_message)
225 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_principal)
226 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_unparsed_name)
227 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_default_realm)
228 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_error_message)
229 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_init_creds_opt_alloc)
230 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_init_creds_opt_free)
231 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_init_creds_password)
232 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_profile)
233 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_init_context)
234 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_parse_name)
235 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_timeofday)
236 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_unparse_name)
237 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_verify_init_creds)
238 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(profile_get_boolean)
239 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(profile_get_string)
240 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(profile_release)
241 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(profile_release_string)
242 /**@}*/
243
244 /**
245 Loads single library.
246
247 @param name [in] path or name of the library
248 @param handle [out] handle to the library
249
250 @retval true success
251 @retval false failure
252 */
253 bool load_lib(const char *name, void *&handle);
254
255 /**
256 Closes the libraries.
257 */
258 void close_libs();
259
260 /**
261 Get pointer to the interface function by its name.
262
263 @tparam T type of the function
264 @param lib_handle [in] handle to the library providing the function
265 @param name [in] name of the function
266 @param function [out] pointer to the function
267
268 @retval true success
269 @retval false failure
270 */
271 template <class T>
272 bool get_function(void *lib_handle, const char *name, T &function) {
273 function = reinterpret_cast<T>(dlsym(lib_handle, name));
274 if (function == nullptr) {
275 log_error("Failed to load function ", name, ".");
276 return false;
277 }
278 log_dbg("Successfuly loaded function ", name, ".");
279 return true;
280 }
281};
282} // namespace auth_ldap_sasl_client
283#endif //_KRB5_INTERFACE_H_
log_client.h
auth_ldap_sasl_client::Krb5_interface
Class representing interface to KRB5 functions.
Definition: krb5_interface.h:138
auth_ldap_sasl_client::Krb5_interface::~Krb5_interface
~Krb5_interface()
Destructor.
Definition: krb5_interface.cc:71
auth_ldap_sasl_client::Krb5_interface::profile_lib_handle
void * profile_lib_handle
Handle to the library providing profile_* functions.
Definition: krb5_interface.h:207
auth_ldap_sasl_client::Krb5_interface::initialize
bool initialize()
Initialize the object by loading the libraries and setting pointers to the interface functions.
Definition: krb5_interface.cc:73
auth_ldap_sasl_client::Krb5_interface::close_libs
void close_libs()
Closes the libraries.
Definition: krb5_interface.cc:203
auth_ldap_sasl_client::Krb5_interface::Krb5_interface
Krb5_interface()
Constructor.
Definition: krb5_interface.cc:38
auth_ldap_sasl_client::Krb5_interface::get_function
bool get_function(void *lib_handle, const char *name, T &function)
Get pointer to the interface function by its name.
Definition: krb5_interface.h:272
auth_ldap_sasl_client::Krb5_interface::load_lib
bool load_lib(const char *name, void *&handle)
Loads single library.
Definition: krb5_interface.cc:179
auth_ldap_sasl_client::Krb5_interface::krb5_lib_handle
void * krb5_lib_handle
Handle to the library providing krb5_* functions.
Definition: krb5_interface.h:202
auth_ldap_sasl_client::profile_release_type
void(*)(profile_t profile) profile_release_type
Definition: krb5_interface.h:114
auth_ldap_sasl_client::krb5_cc_close_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache) krb5_cc_close_type
Definition: krb5_interface.h:47
auth_ldap_sasl_client::krb5_free_cred_contents_type
void(*)(krb5_context context, krb5_creds *val) krb5_free_cred_contents_type
Definition: krb5_interface.h:69
auth_ldap_sasl_client::krb5_cc_retrieve_cred_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_flags flags, krb5_creds *mcreds, krb5_creds *creds) krb5_cc_retrieve_cred_type
Definition: krb5_interface.h:63
auth_ldap_sasl_client::krb5_get_init_creds_opt_alloc_type
krb5_error_code(*)(krb5_context context, krb5_get_init_creds_opt **opt) krb5_get_init_creds_opt_alloc_type
Definition: krb5_interface.h:82
auth_ldap_sasl_client::krb5_free_error_message_type
void(*)(krb5_context ctx, const char *msg) krb5_free_error_message_type
Definition: krb5_interface.h:73
auth_ldap_sasl_client::krb5_cc_store_cred_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_creds *creds) krb5_cc_store_cred_type
Definition: krb5_interface.h:66
auth_ldap_sasl_client::krb5_get_init_creds_opt_free_type
void(*)(krb5_context context, krb5_get_init_creds_opt *opt) krb5_get_init_creds_opt_free_type
Definition: krb5_interface.h:84
auth_ldap_sasl_client::krb5_timeofday_type
krb5_error_code(*)(krb5_context context, krb5_timestamp *timeret) krb5_timeofday_type
Definition: krb5_interface.h:98
auth_ldap_sasl_client::krb5_get_error_message_type
const char *(*)(krb5_context ctx, krb5_error_code code) krb5_get_error_message_type
Definition: krb5_interface.h:80
auth_ldap_sasl_client::krb5_cc_remove_cred_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_flags flags, krb5_creds *creds) krb5_cc_remove_cred_type
Definition: krb5_interface.h:58
auth_ldap_sasl_client::krb5_cc_get_principal_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_principal *principal) krb5_cc_get_principal_type
Definition: krb5_interface.h:51
auth_ldap_sasl_client::krb5_free_context_type
void(*)(krb5_context context) krb5_free_context_type
Definition: krb5_interface.h:67
auth_ldap_sasl_client::krb5_build_principal_type
krb5_error_code(*)(krb5_context context, krb5_principal *princ, unsigned int rlen, const char *realm,...) krb5_build_principal_type
Definition: krb5_interface.h:45
auth_ldap_sasl_client::krb5_free_unparsed_name_type
void(*)(krb5_context context, char *val) krb5_free_unparsed_name_type
Definition: krb5_interface.h:76
auth_ldap_sasl_client::profile_release_string_type
void(*)(char *str) profile_release_string_type
Definition: krb5_interface.h:115
auth_ldap_sasl_client::krb5_cc_default_type
krb5_error_code(*)(krb5_context context, krb5_ccache *ccache) krb5_cc_default_type
Definition: krb5_interface.h:49
auth_ldap_sasl_client::krb5_verify_init_creds_type
krb5_error_code(*)(krb5_context context, krb5_creds *creds, krb5_principal server, krb5_keytab keytab, krb5_ccache *ccache, krb5_verify_init_creds_opt *options) krb5_verify_init_creds_type
Definition: krb5_interface.h:104
auth_ldap_sasl_client::krb5_cc_initialize_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_principal principal) krb5_cc_initialize_type
Definition: krb5_interface.h:54
auth_ldap_sasl_client::krb5_get_default_realm_type
krb5_error_code(*)(krb5_context context, char **lrealm) krb5_get_default_realm_type
Definition: krb5_interface.h:78
auth_ldap_sasl_client::profile_get_boolean_type
long(*)(profile_t profile, const char *name, const char *subname, const char *subsubname, int def_val, int *ret_default) profile_get_boolean_type
Definition: krb5_interface.h:108
auth_ldap_sasl_client::krb5_free_principal_type
void(*)(krb5_context context, krb5_principal val) krb5_free_principal_type
Definition: krb5_interface.h:75
auth_ldap_sasl_client::krb5_get_init_creds_password_type
krb5_error_code(*)(krb5_context context, krb5_creds *creds, krb5_principal client, const char *password, krb5_prompter_fct prompter, void *data, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *k5_gic_options) krb5_get_init_creds_password_type
Definition: krb5_interface.h:89
auth_ldap_sasl_client::krb5_parse_name_type
krb5_error_code(*)(krb5_context context, const char *name, krb5_principal *principal_out) krb5_parse_name_type
Definition: krb5_interface.h:96
auth_ldap_sasl_client::krb5_free_default_realm_type
void(*)(krb5_context context, char *lrealm) krb5_free_default_realm_type
Definition: krb5_interface.h:71
auth_ldap_sasl_client::profile_get_string_type
long(*)(profile_t profile, const char *name, const char *subname, const char *subsubname, const char *def_val, char **ret_string) profile_get_string_type
Definition: krb5_interface.h:113
auth_ldap_sasl_client::krb5_get_profile_type
krb5_error_code(*)(krb5_context context, struct _profile_t **profile) krb5_get_profile_type
Definition: krb5_interface.h:91
auth_ldap_sasl_client::krb5_unparse_name_type
krb5_error_code(*)(krb5_context context, krb5_const_principal principal, char **name) krb5_unparse_name_type
Definition: krb5_interface.h:100
auth_ldap_sasl_client::krb5_init_context_type
krb5_error_code(*)(krb5_context *context) krb5_init_context_type
Definition: krb5_interface.h:93
log_dbg
#define log_dbg(...)
Definition: log_client.h:152
log_error
#define log_error(...)
Definition: log_client.h:155
flags
static int flags[50]
Definition: hp_test1.cc:40
KRB5_INTERFACE_DECLARE_FUNCTION
#define KRB5_INTERFACE_DECLARE_FUNCTION(FUNCTION)
Shortcut macro defining getter of the interfacee function.
Definition: krb5_interface.h:121
KRB5_INTERFACE_DECLARE_FUNCTION_PTR
#define KRB5_INTERFACE_DECLARE_FUNCTION_PTR(FUNCTION)
Shortcut macro defining pointer to the interfacee function.
Definition: krb5_interface.h:130
my_sharedlib.h
Functions related to handling of plugins and other dynamically loaded libraries.
password
static char * password
Definition: mysql_secure_installation.cc:58
anonymous_namespace{config_generator.cc}::str
std::string str(const mysqlrouter::ConfigGenerator::Options::Endpoint &ep)
Definition: config_generator.cc:1073
auth_ldap_sasl_client
Definition: auth_ldap_kerberos.cc:30
services::handle
static int handle(int sql_errno, const char *sqlstate, const char *message, void *state)
Bridge function between the C++ API offered by this module and the C API of the parser service.
Definition: services.cc:64
server
struct server server
Definition: server_struct.h:59
options
static const Query_options options
Definition: sql_show_processlist.cc:69
name
case opt name
Definition: sslopt-case.h:29