rlm_krb5.c File Reference

Authenticate users, retrieving their TGT from a Kerberos V5 TDC. More...

#include <freeradius-devel/server/base.h>
#include <freeradius-devel/server/module_rlm.h>
#include <freeradius-devel/unlang/call_env.h>
#include <freeradius-devel/util/debug.h>
#include "krb5.h"

Include dependency graph for rlm_krb5.c:

Go to the source code of this file.

Data Structures
struct	krb5_auth_call_env_t

Macros
#define	LOG_PREFIX   inst->name

Functions
static rlm_rcode_t	krb5_parse_user (krb5_principal *client, KRB5_UNUSED rlm_krb5_t const *inst, request_t *request, krb5_context context, krb5_auth_call_env_t *env)
	Common function for transforming a User-Name string into a principal.
static rlm_rcode_t	krb5_process_error (rlm_krb5_t const *inst, request_t *request, rlm_krb5_handle_t *conn, int ret)
	Log error message and return appropriate rcode.
static unlang_action_t	mod_authenticate (rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
static int	mod_detach (module_detach_ctx_t const *mctx)
static int	mod_instantiate (module_inst_ctx_t const *mctx)

Variables
static const call_env_method_t	krb5_auth_call_env
static const conf_parser_t	module_config []
module_rlm_t	rlm_krb5

Detailed Description

Authenticate users, retrieving their TGT from a Kerberos V5 TDC.

Id

3007de21eba2a53aeceb3a6aba76f00e10712d9c

Copyright

2000,2006,2012-2013 The FreeRADIUS server project

2013 Arran Cudbard-Bell (a.cud.nosp@m.bard.nosp@m.b@fre.nosp@m.erad.nosp@m.ius.o.nosp@m.rg)

2000 Nathan Neulinger (nneul.nosp@m.@umr.nosp@m..edu)

2000 Alan DeKok (aland.nosp@m.@fre.nosp@m.eradi.nosp@m.us.o.nosp@m.rg)

Definition in file rlm_krb5.c.

---

Data Structure Documentation

krb5_auth_call_env_t

struct krb5_auth_call_env_t

Definition at line 53 of file rlm_krb5.c.

Collaboration diagram for krb5_auth_call_env_t:

Data Fields
fr_value_box_t	password
fr_value_box_t	username

Macro Definition Documentation

LOG_PREFIX

#define LOG_PREFIX   inst->name

Definition at line 29 of file rlm_krb5.c.

Function Documentation

krb5_parse_user()

static rlm_rcode_t krb5_parse_user ( krb5_principal *  client, KRB5_UNUSED rlm_krb5_t const *  inst, request_t *  request, krb5_context  context, krb5_auth_call_env_t *  env  )

static

Common function for transforming a User-Name string into a principal.

Parameters

[out]	client	Where to write the client principal.
[in]	inst	of rlm_krb5.
[in]	request	Current request.
[in]	context	Kerberos context.
[in]	env	call env data containing username.

Definition at line 255 of file rlm_krb5.c.

Here is the call graph for this function:

Here is the caller graph for this function:

krb5_process_error()

static rlm_rcode_t krb5_process_error ( rlm_krb5_t const *  inst, request_t *  request, rlm_krb5_handle_t *  conn, int  ret  )

static

Log error message and return appropriate rcode.

Translate kerberos error codes into return codes.

Parameters

inst	of rlm_krb5.
request	Current request.
ret	code from kerberos.
conn	used in the last operation.

Definition at line 286 of file rlm_krb5.c.

Here is the caller graph for this function:

mod_authenticate()

static unlang_action_t mod_authenticate ( rlm_rcode_t *  p_result, module_ctx_t const *  mctx, request_t *  request  )

static

Definition at line 407 of file rlm_krb5.c.

Here is the call graph for this function:

mod_detach()

static int mod_detach ( module_detach_ctx_t const *  mctx )

static

Definition at line 81 of file rlm_krb5.c.

Here is the call graph for this function:

mod_instantiate()

static int mod_instantiate ( module_inst_ctx_t const *  mctx )

static

Definition at line 100 of file rlm_krb5.c.

Here is the call graph for this function:

Variable Documentation

krb5_auth_call_env

const call_env_method_t krb5_auth_call_env

static

Initial value:

= {
        FR_CALL_ENV_METHOD_OUT(krb5_auth_call_env_t),
        .env = (call_env_parser_t[]) {
                { FR_CALL_ENV_OFFSET("username", FR_TYPE_STRING, CALL_ENV_FLAG_REQUIRED, krb5_auth_call_env_t, username),
                        .pair.dflt = "&User-Name", .pair.dflt_quote = T_BARE_WORD },
                { FR_CALL_ENV_OFFSET("password", FR_TYPE_STRING, CALL_ENV_FLAG_SECRET | CALL_ENV_FLAG_REQUIRED, krb5_auth_call_env_t, password),
                        .pair.dflt = "&User-Password", .pair.dflt_quote = T_BARE_WORD },
                CALL_ENV_TERMINATOR
        }
}

Definition at line 485 of file rlm_krb5.c.

module_config

const conf_parser_t module_config[]

static

Initial value:

= {
        { FR_CONF_OFFSET("keytab", rlm_krb5_t, keytabname) },
        { FR_CONF_OFFSET("service_principal", rlm_krb5_t, service_princ) },
 
 
 
        CONF_PARSER_TERMINATOR
}

Definition at line 44 of file rlm_krb5.c.

rlm_krb5

module_rlm_t rlm_krb5

Initial value:

= {
        .common = {
                .magic          = MODULE_MAGIC_INIT,
                .name           = "krb5",
                
 
                .flags          = MODULE_TYPE_THREAD_UNSAFE,
 
 
 
 
 
                .inst_size      = sizeof(rlm_krb5_t),
                .config         = module_config,
                .instantiate    = mod_instantiate,
                .detach         = mod_detach
        },
        .method_group = {
                .bindings = (module_method_binding_t[]){
                        { .section = SECTION_NAME("authenticate", CF_IDENT_ANY), .method = mod_authenticate, .method_env = &krb5_auth_call_env },
                        MODULE_BINDING_TERMINATOR
                }
        }
}

Definition at line 497 of file rlm_krb5.c.