MySQL 9.1.0
Source Code Documentation
krb5_interface.h
Go to the documentation of this file.
1/* Copyright (c) 2023, 2024, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is designed to work with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have either included with
13 the program or referenced in the documentation.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License, version 2.0, for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23
24#ifndef _KRB5_INTERFACE_H_
25#define _KRB5_INTERFACE_H_
26
27#include <string>
28
29#include <assert.h>
30#include <krb5/krb5.h>
31#include <my_sharedlib.h>
32#include <profile.h>
33
34#include "log_client.h"
35
36namespace auth_ldap_sasl_client {
37
38/**
39 \defgroup Krb5FunctionTypes Types of Krb5 interface functions.
40 @{
41*/
42using krb5_build_principal_type = krb5_error_code (*)(krb5_context context,
43 krb5_principal *princ,
44 unsigned int rlen,
45 const char *realm, ...);
46using krb5_cc_close_type = krb5_error_code (*)(krb5_context context,
47 krb5_ccache cache);
48using krb5_cc_default_type = krb5_error_code (*)(krb5_context context,
49 krb5_ccache *ccache);
50using krb5_cc_get_principal_type = krb5_error_code (*)(
51 krb5_context context, krb5_ccache cache, krb5_principal *principal);
52using krb5_cc_initialize_type = krb5_error_code (*)(krb5_context context,
53 krb5_ccache cache,
54 krb5_principal principal);
55using krb5_cc_remove_cred_type = krb5_error_code (*)(krb5_context context,
56 krb5_ccache cache,
57 krb5_flags flags,
58 krb5_creds *creds);
59using krb5_cc_retrieve_cred_type = krb5_error_code (*)(krb5_context context,
60 krb5_ccache cache,
61 krb5_flags flags,
62 krb5_creds *mcreds,
63 krb5_creds *creds);
64using krb5_cc_store_cred_type = krb5_error_code (*)(krb5_context context,
65 krb5_ccache cache,
66 krb5_creds *creds);
67using krb5_free_context_type = void (*)(krb5_context context);
68using krb5_free_cred_contents_type = void (*)(krb5_context context,
69 krb5_creds *val);
70using krb5_free_default_realm_type = void (*)(krb5_context context,
71 char *lrealm);
72using krb5_free_error_message_type = void (*)(krb5_context ctx,
73 const char *msg);
74using krb5_free_principal_type = void (*)(krb5_context context,
75 krb5_principal val);
76using krb5_free_unparsed_name_type = void (*)(krb5_context context, char *val);
77using krb5_get_default_realm_type = krb5_error_code (*)(krb5_context context,
78 char **lrealm);
79using krb5_get_error_message_type = const char *(*)(krb5_context ctx,
80 krb5_error_code code);
81using krb5_get_init_creds_opt_alloc_type =
82 krb5_error_code (*)(krb5_context context, krb5_get_init_creds_opt **opt);
83using krb5_get_init_creds_opt_free_type =
84 void (*)(krb5_context context, krb5_get_init_creds_opt *opt);
85using krb5_get_init_creds_password_type = krb5_error_code (*)(
86 krb5_context context, krb5_creds *creds, krb5_principal client,
87 const char *password, krb5_prompter_fct prompter, void *data,
88 krb5_deltat start_time, const char *in_tkt_service,
89 krb5_get_init_creds_opt *k5_gic_options);
90using krb5_get_profile_type = krb5_error_code (*)(krb5_context context,
91 struct _profile_t **profile);
92
93using krb5_init_context_type = krb5_error_code (*)(krb5_context *context);
94using krb5_parse_name_type = krb5_error_code (*)(krb5_context context,
95 const char *name,
96 krb5_principal *principal_out);
97using krb5_timeofday_type = krb5_error_code (*)(krb5_context context,
98 krb5_timestamp *timeret);
99using krb5_unparse_name_type = krb5_error_code (*)(
100 krb5_context context, krb5_const_principal principal, char **name);
101using krb5_verify_init_creds_type = krb5_error_code (*)(
102 krb5_context context, krb5_creds *creds, krb5_principal server,
103 krb5_keytab keytab, krb5_ccache *ccache,
104 krb5_verify_init_creds_opt *options);
105using krb5_appdefault_boolean_type =
106 void (*)(krb5_context context, const char *appname, const krb5_data *realm,
107 const char *option, int default_value, int *ret_value);
108using krb5_appdefault_string_type =
109 void (*)(krb5_context context, const char *appname, const krb5_data *realm,
110 const char *option, const char *default_value, char **ret_value);
111using krb5_free_string_type = void (*)(krb5_context context, char *val);
112using profile_get_string_type = long (*)(profile_t profile, const char *name,
113 const char *subname,
114 const char *subsubname,
115 const char *def_val,
116 char **ret_string);
117using profile_release_type = void (*)(profile_t profile);
118using profile_release_string_type = void (*)(char *str);
119/**@}*/
120
121/**
122 Shortcut macro defining getter of the interfacee function
123*/
124#define KRB5_INTERFACE_DECLARE_FUNCTION(FUNCTION) \
125 auto FUNCTION() { \
126 assert(FUNCTION##_ptr); \
127 return FUNCTION##_ptr; \
128 }
129
130/**
131 Shortcut macro defining pointer to the interfacee function
132*/
133#define KRB5_INTERFACE_DECLARE_FUNCTION_PTR(FUNCTION) \
134 FUNCTION##_type FUNCTION##_ptr;
135
136/**
137 Class representing interface to KRB5 functions.
138 The functions are located in a library or libraries that are loaded in
139 runtime. The class provides easy and safe access to them.
140*/
141class Krb5_interface {
142 public:
143 /**
144 Constructor.
145 The constructor is trivial and the libraries are not loaded by it. This is
146 done in initialize() to give chance the caller to check if succeeded.
147 */
148 Krb5_interface();
149
150 /**
151 Destructor.
152 Closes the libraries.
153 */
154 ~Krb5_interface();
155
156 /**
157 Initialize the object by loading the libraries and setting pointers to the
158 interface functions. It must be called before any interface functions are
159 called.
160
161 @retval true success
162 @retval false failure
163 */
164 bool initialize();
165
166 /**
167 \defgroup Krb5Functions Getters of pointers to the interface functions.
168 @{
169 */
170 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_build_principal)
171 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_close)
172 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_default)
173 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_get_principal)
174 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_initialize)
175 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_remove_cred)
176 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_retrieve_cred)
177 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_cc_store_cred)
178 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_context)
179 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_cred_contents)
180 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_default_realm)
181 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_error_message)
182 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_principal)
183 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_unparsed_name)
184 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_default_realm)
185 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_error_message)
186 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_init_creds_opt_alloc)
187 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_init_creds_opt_free)
188 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_init_creds_password)
189 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_get_profile)
190 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_init_context)
191 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_parse_name)
192 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_timeofday)
193 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_unparse_name)
194 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_verify_init_creds)
195 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_appdefault_boolean)
196 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_appdefault_string)
197 KRB5_INTERFACE_DECLARE_FUNCTION(krb5_free_string)
198 KRB5_INTERFACE_DECLARE_FUNCTION(profile_get_string)
199 KRB5_INTERFACE_DECLARE_FUNCTION(profile_release)
200 KRB5_INTERFACE_DECLARE_FUNCTION(profile_release_string)
201 /**@}*/
202
203 private:
204 /**
205 Handle to the library providing krb5_* functions
206 */
207 void *krb5_lib_handle;
208
209 /**
210 Handle to the library providing profile_* functions
211 */
212 void *profile_lib_handle;
213
214 /**
215 \defgroup Krb5FunctionPointers Pointers to the interface functions.
216 @{
217 */
218 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_build_principal)
219 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_close)
220 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_default)
221 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_get_principal)
222 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_initialize)
223 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_remove_cred)
224 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_retrieve_cred)
225 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_cc_store_cred)
226 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_context)
227 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_cred_contents)
228 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_default_realm)
229 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_error_message)
230 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_principal)
231 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_unparsed_name)
232 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_default_realm)
233 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_error_message)
234 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_init_creds_opt_alloc)
235 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_init_creds_opt_free)
236 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_init_creds_password)
237 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_get_profile)
238 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_init_context)
239 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_parse_name)
240 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_timeofday)
241 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_unparse_name)
242 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_verify_init_creds)
243 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_appdefault_boolean)
244 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_appdefault_string)
245 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(krb5_free_string)
246 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(profile_get_string)
247 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(profile_release)
248 KRB5_INTERFACE_DECLARE_FUNCTION_PTR(profile_release_string)
249 /**@}*/
250
251 /**
252 Loads single library.
253
254 @param name [in] path or name of the library
255 @param handle [out] handle to the library
256
257 @retval true success
258 @retval false failure
259 */
260 bool load_lib(const char *name, void *&handle);
261
262 /**
263 Closes the libraries.
264 */
265 void close_libs();
266
267 /**
268 Get pointer to the interface function by its name.
269
270 @tparam T type of the function
271 @param lib_handle [in] handle to the library providing the function
272 @param name [in] name of the function
273 @param function [out] pointer to the function
274
275 @retval true success
276 @retval false failure
277 */
278 template <class T>
279 bool get_function(void *lib_handle, const char *name, T &function) {
280 function = reinterpret_cast<T>(dlsym(lib_handle, name));
281 if (function == nullptr) {
282 log_error("Failed to load function ", name, ".");
283 return false;
284 }
285 log_dbg("Successfuly loaded function ", name, ".");
286 return true;
287 }
288};
289} // namespace auth_ldap_sasl_client
290#endif //_KRB5_INTERFACE_H_
log_client.h
auth_ldap_sasl_client::Krb5_interface
Class representing interface to KRB5 functions.
Definition: krb5_interface.h:141
auth_ldap_sasl_client::Krb5_interface::~Krb5_interface
~Krb5_interface()
Destructor.
Definition: krb5_interface.cc:73
auth_ldap_sasl_client::Krb5_interface::profile_lib_handle
void * profile_lib_handle
Handle to the library providing profile_* functions.
Definition: krb5_interface.h:212
auth_ldap_sasl_client::Krb5_interface::initialize
bool initialize()
Initialize the object by loading the libraries and setting pointers to the interface functions.
Definition: krb5_interface.cc:75
auth_ldap_sasl_client::Krb5_interface::close_libs
void close_libs()
Closes the libraries.
Definition: krb5_interface.cc:211
auth_ldap_sasl_client::Krb5_interface::Krb5_interface
Krb5_interface()
Constructor.
Definition: krb5_interface.cc:38
auth_ldap_sasl_client::Krb5_interface::get_function
bool get_function(void *lib_handle, const char *name, T &function)
Get pointer to the interface function by its name.
Definition: krb5_interface.h:279
auth_ldap_sasl_client::Krb5_interface::load_lib
bool load_lib(const char *name, void *&handle)
Loads single library.
Definition: krb5_interface.cc:187
auth_ldap_sasl_client::Krb5_interface::krb5_lib_handle
void * krb5_lib_handle
Handle to the library providing krb5_* functions.
Definition: krb5_interface.h:207
auth_ldap_sasl_client::profile_release_type
void(*)(profile_t profile) profile_release_type
Definition: krb5_interface.h:117
auth_ldap_sasl_client::krb5_cc_close_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache) krb5_cc_close_type
Definition: krb5_interface.h:47
auth_ldap_sasl_client::krb5_free_cred_contents_type
void(*)(krb5_context context, krb5_creds *val) krb5_free_cred_contents_type
Definition: krb5_interface.h:69
auth_ldap_sasl_client::krb5_free_string_type
void(*)(krb5_context context, char *val) krb5_free_string_type
Definition: krb5_interface.h:111
auth_ldap_sasl_client::krb5_cc_retrieve_cred_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_flags flags, krb5_creds *mcreds, krb5_creds *creds) krb5_cc_retrieve_cred_type
Definition: krb5_interface.h:63
auth_ldap_sasl_client::krb5_get_init_creds_opt_alloc_type
krb5_error_code(*)(krb5_context context, krb5_get_init_creds_opt **opt) krb5_get_init_creds_opt_alloc_type
Definition: krb5_interface.h:82
auth_ldap_sasl_client::krb5_appdefault_string_type
void(*)(krb5_context context, const char *appname, const krb5_data *realm, const char *option, const char *default_value, char **ret_value) krb5_appdefault_string_type
Definition: krb5_interface.h:110
auth_ldap_sasl_client::krb5_free_error_message_type
void(*)(krb5_context ctx, const char *msg) krb5_free_error_message_type
Definition: krb5_interface.h:73
auth_ldap_sasl_client::krb5_cc_store_cred_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_creds *creds) krb5_cc_store_cred_type
Definition: krb5_interface.h:66
auth_ldap_sasl_client::krb5_get_init_creds_opt_free_type
void(*)(krb5_context context, krb5_get_init_creds_opt *opt) krb5_get_init_creds_opt_free_type
Definition: krb5_interface.h:84
auth_ldap_sasl_client::krb5_timeofday_type
krb5_error_code(*)(krb5_context context, krb5_timestamp *timeret) krb5_timeofday_type
Definition: krb5_interface.h:98
auth_ldap_sasl_client::krb5_get_error_message_type
const char *(*)(krb5_context ctx, krb5_error_code code) krb5_get_error_message_type
Definition: krb5_interface.h:80
auth_ldap_sasl_client::krb5_cc_remove_cred_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_flags flags, krb5_creds *creds) krb5_cc_remove_cred_type
Definition: krb5_interface.h:58
auth_ldap_sasl_client::krb5_cc_get_principal_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_principal *principal) krb5_cc_get_principal_type
Definition: krb5_interface.h:51
auth_ldap_sasl_client::krb5_free_context_type
void(*)(krb5_context context) krb5_free_context_type
Definition: krb5_interface.h:67
auth_ldap_sasl_client::krb5_build_principal_type
krb5_error_code(*)(krb5_context context, krb5_principal *princ, unsigned int rlen, const char *realm,...) krb5_build_principal_type
Definition: krb5_interface.h:45
auth_ldap_sasl_client::krb5_free_unparsed_name_type
void(*)(krb5_context context, char *val) krb5_free_unparsed_name_type
Definition: krb5_interface.h:76
auth_ldap_sasl_client::profile_release_string_type
void(*)(char *str) profile_release_string_type
Definition: krb5_interface.h:118
auth_ldap_sasl_client::krb5_cc_default_type
krb5_error_code(*)(krb5_context context, krb5_ccache *ccache) krb5_cc_default_type
Definition: krb5_interface.h:49
auth_ldap_sasl_client::krb5_verify_init_creds_type
krb5_error_code(*)(krb5_context context, krb5_creds *creds, krb5_principal server, krb5_keytab keytab, krb5_ccache *ccache, krb5_verify_init_creds_opt *options) krb5_verify_init_creds_type
Definition: krb5_interface.h:104
auth_ldap_sasl_client::krb5_cc_initialize_type
krb5_error_code(*)(krb5_context context, krb5_ccache cache, krb5_principal principal) krb5_cc_initialize_type
Definition: krb5_interface.h:54
auth_ldap_sasl_client::krb5_get_default_realm_type
krb5_error_code(*)(krb5_context context, char **lrealm) krb5_get_default_realm_type
Definition: krb5_interface.h:78
auth_ldap_sasl_client::krb5_appdefault_boolean_type
void(*)(krb5_context context, const char *appname, const krb5_data *realm, const char *option, int default_value, int *ret_value) krb5_appdefault_boolean_type
Definition: krb5_interface.h:107
auth_ldap_sasl_client::krb5_free_principal_type
void(*)(krb5_context context, krb5_principal val) krb5_free_principal_type
Definition: krb5_interface.h:75
auth_ldap_sasl_client::krb5_get_init_creds_password_type
krb5_error_code(*)(krb5_context context, krb5_creds *creds, krb5_principal client, const char *password, krb5_prompter_fct prompter, void *data, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *k5_gic_options) krb5_get_init_creds_password_type
Definition: krb5_interface.h:89
auth_ldap_sasl_client::krb5_parse_name_type
krb5_error_code(*)(krb5_context context, const char *name, krb5_principal *principal_out) krb5_parse_name_type
Definition: krb5_interface.h:96
auth_ldap_sasl_client::krb5_free_default_realm_type
void(*)(krb5_context context, char *lrealm) krb5_free_default_realm_type
Definition: krb5_interface.h:71
auth_ldap_sasl_client::profile_get_string_type
long(*)(profile_t profile, const char *name, const char *subname, const char *subsubname, const char *def_val, char **ret_string) profile_get_string_type
Definition: krb5_interface.h:116
auth_ldap_sasl_client::krb5_get_profile_type
krb5_error_code(*)(krb5_context context, struct _profile_t **profile) krb5_get_profile_type
Definition: krb5_interface.h:91
auth_ldap_sasl_client::krb5_unparse_name_type
krb5_error_code(*)(krb5_context context, krb5_const_principal principal, char **name) krb5_unparse_name_type
Definition: krb5_interface.h:100
auth_ldap_sasl_client::krb5_init_context_type
krb5_error_code(*)(krb5_context *context) krb5_init_context_type
Definition: krb5_interface.h:93
log_dbg
#define log_dbg(...)
Definition: log_client.h:152
log_error
#define log_error(...)
Definition: log_client.h:155
flags
static int flags[50]
Definition: hp_test1.cc:40
KRB5_INTERFACE_DECLARE_FUNCTION
#define KRB5_INTERFACE_DECLARE_FUNCTION(FUNCTION)
Shortcut macro defining getter of the interfacee function.
Definition: krb5_interface.h:124
KRB5_INTERFACE_DECLARE_FUNCTION_PTR
#define KRB5_INTERFACE_DECLARE_FUNCTION_PTR(FUNCTION)
Shortcut macro defining pointer to the interfacee function.
Definition: krb5_interface.h:133
my_sharedlib.h
Functions related to handling of plugins and other dynamically loaded libraries.
password
static char * password
Definition: mysql_secure_installation.cc:58
anonymous_namespace{config_generator.cc}::str
std::string str(const mysqlrouter::ConfigGenerator::Options::Endpoint &ep)
Definition: config_generator.cc:1105
auth_ldap_sasl_client
Definition: auth_ldap_kerberos.cc:30
services::handle
static int handle(int sql_errno, const char *sqlstate, const char *message, void *state)
Bridge function between the C++ API offered by this module and the C API of the parser service.
Definition: services.cc:64
server
struct server server
Definition: server_struct.h:59
options
static const Query_options options
Definition: sql_show_processlist.cc:69
name
case opt name
Definition: sslopt-case.h:29