Coverage Report

Created: 2026-03-12 17:15

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
be/src/common/kerberos/krb5_interface_impl.cpp
Line
Count
Source
1
// Licensed to the Apache Software Foundation (ASF) under one
2
// or more contributor license agreements.  See the NOTICE file
3
// distributed with this work for additional information
4
// regarding copyright ownership.  The ASF licenses this file
5
// to you under the Apache License, Version 2.0 (the
6
// "License"); you may not use this file except in compliance
7
// with the License.  You may obtain a copy of the License at
8
//
9
//   http://www.apache.org/licenses/LICENSE-2.0
10
//
11
// Unless required by applicable law or agreed to in writing,
12
// software distributed under the License is distributed on an
13
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14
// KIND, either express or implied.  See the License for the
15
// specific language governing permissions and limitations
16
// under the License.
17
18
#include "common/kerberos/krb5_interface_impl.h"
19
20
namespace doris::kerberos {
21
22
0
Status Krb5InterfaceImpl::init_context(krb5_context* context) {
23
0
    krb5_error_code code = krb5_init_context(context);
24
0
    if (code != 0) {
25
0
        return Status::InternalError("Failed to initialize krb5 context, error code: {}", code);
26
0
    }
27
0
    return Status::OK();
28
0
}
29
30
Status Krb5InterfaceImpl::parse_name(krb5_context context, const char* name,
31
0
                                     krb5_principal* principal) {
32
0
    krb5_error_code code = krb5_parse_name(context, name, principal);
33
0
    return _check_error(code, context, "Failed to parse principal name");
34
0
}
35
36
0
Status Krb5InterfaceImpl::kt_resolve(krb5_context context, const char* name, krb5_keytab* keytab) {
37
0
    krb5_error_code code = krb5_kt_resolve(context, name, keytab);
38
0
    return _check_error(code, context, "Failed to resolve keytab");
39
0
}
40
41
0
Status Krb5InterfaceImpl::cc_resolve(krb5_context context, const char* name, krb5_ccache* ccache) {
42
0
    krb5_error_code code = krb5_cc_resolve(context, name, ccache);
43
0
    return _check_error(code, context, "Failed to resolve credential cache");
44
0
}
45
46
Status Krb5InterfaceImpl::get_init_creds_opt_alloc(krb5_context context,
47
0
                                                   krb5_get_init_creds_opt** opt) {
48
0
    krb5_error_code code = krb5_get_init_creds_opt_alloc(context, opt);
49
0
    return _check_error(code, context, "Failed to allocate get_init_creds_opt");
50
0
}
51
52
Status Krb5InterfaceImpl::get_init_creds_keytab(krb5_context context, krb5_creds* creds,
53
                                                krb5_principal client, krb5_keytab keytab,
54
                                                krb5_deltat start, const char* in_tkt_service,
55
0
                                                krb5_get_init_creds_opt* options) {
56
0
    krb5_error_code code = krb5_get_init_creds_keytab(context, creds, client, keytab, start,
57
0
                                                      in_tkt_service, options);
58
0
    return _check_error(code, context, "Failed to get initial credentials");
59
0
}
60
61
Status Krb5InterfaceImpl::cc_initialize(krb5_context context, krb5_ccache cache,
62
0
                                        krb5_principal principal) {
63
0
    krb5_error_code code = krb5_cc_initialize(context, cache, principal);
64
0
    return _check_error(code, context, "Failed to initialize credential cache");
65
0
}
66
67
Status Krb5InterfaceImpl::cc_store_cred(krb5_context context, krb5_ccache cache,
68
0
                                        krb5_creds* creds) {
69
0
    krb5_error_code code = krb5_cc_store_cred(context, cache, creds);
70
0
    return _check_error(code, context, "Failed to store credentials");
71
0
}
72
73
0
Status Krb5InterfaceImpl::timeofday(krb5_context context, krb5_timestamp* timeret) {
74
0
    krb5_error_code code = krb5_timeofday(context, timeret);
75
0
    return _check_error(code, context, "Failed to get current time");
76
0
}
77
78
Status Krb5InterfaceImpl::cc_start_seq_get(krb5_context context, krb5_ccache cache,
79
0
                                           krb5_cc_cursor* cursor) {
80
0
    krb5_error_code code = krb5_cc_start_seq_get(context, cache, cursor);
81
0
    return _check_error(code, context, "Failed to start credential iteration");
82
0
}
83
84
Status Krb5InterfaceImpl::cc_next_cred(krb5_context context, krb5_ccache cache,
85
0
                                       krb5_cc_cursor* cursor, krb5_creds* creds) {
86
0
    krb5_error_code code = krb5_cc_next_cred(context, cache, cursor, creds);
87
0
    return _check_error(code, context, "Failed to get next credential");
88
0
}
89
90
void Krb5InterfaceImpl::cc_end_seq_get(krb5_context context, krb5_ccache cache,
91
0
                                       krb5_cc_cursor* cursor) {
92
0
    krb5_cc_end_seq_get(context, cache, cursor);
93
0
}
94
95
0
void Krb5InterfaceImpl::free_principal(krb5_context context, krb5_principal principal) {
96
0
    krb5_free_principal(context, principal);
97
0
}
98
99
0
void Krb5InterfaceImpl::free_cred_contents(krb5_context context, krb5_creds* creds) {
100
0
    krb5_free_cred_contents(context, creds);
101
0
}
102
103
void Krb5InterfaceImpl::get_init_creds_opt_free(krb5_context context,
104
0
                                                krb5_get_init_creds_opt* opt) {
105
0
    krb5_get_init_creds_opt_free(context, opt);
106
0
}
107
108
0
void Krb5InterfaceImpl::kt_close(krb5_context context, krb5_keytab keytab) {
109
0
    krb5_kt_close(context, keytab);
110
0
}
111
112
0
void Krb5InterfaceImpl::cc_close(krb5_context context, krb5_ccache cache) {
113
0
    krb5_cc_close(context, cache);
114
0
}
115
116
0
void Krb5InterfaceImpl::free_context(krb5_context context) {
117
0
    krb5_free_context(context);
118
0
}
119
120
0
const char* Krb5InterfaceImpl::get_error_message(krb5_context context, krb5_error_code code) {
121
0
    return krb5_get_error_message(context, code);
122
0
}
123
124
0
void Krb5InterfaceImpl::free_error_message(krb5_context context, const char* message) {
125
0
    krb5_free_error_message(context, message);
126
0
}
127
128
Status Krb5InterfaceImpl::unparse_name(krb5_context context, krb5_principal principal,
129
0
                                       char** name) {
130
0
    krb5_error_code code = krb5_unparse_name(context, principal, name);
131
0
    return _check_error(code, context, "Failed to unparse principal name");
132
0
}
133
134
0
void Krb5InterfaceImpl::free_unparsed_name(krb5_context context, char* name) {
135
0
    krb5_free_unparsed_name(context, name);
136
0
}
137
138
Status Krb5InterfaceImpl::_check_error(krb5_error_code code, krb5_context context,
139
0
                                       const char* message) {
140
0
    if (code) {
141
0
        const char* err_message = get_error_message(context, code);
142
0
        std::string full_message = std::string(message) + ": " + err_message;
143
0
        free_error_message(context, err_message);
144
0
        return Status::InternalError(full_message);
145
0
    }
146
0
    return Status::OK();
147
0
}
148
149
2
std::unique_ptr<Krb5Interface> Krb5InterfaceFactory::create() {
150
2
    return std::make_unique<Krb5InterfaceImpl>();
151
2
}
152
153
} // namespace doris::kerberos