From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 4 Jan 2010 21:22:00 +0000 (+0000)
Subject: Add preauth_module_dir support to the KDC preauth module loader
X-Git-Tag: krb5-1.8-alpha1~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5b815bc782b211e800babfc9fafb521a2c16098b;p=thirdparty%2Fkrb5.git

Add preauth_module_dir support to the KDC preauth module loader
(should have been part of r23531).  Most or all of this logic should
be moved into the plugin code or a layer above it, after the branch.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23584 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index d14b18333e..18052cf4e1 100644
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -389,6 +389,49 @@ static krb5_preauth_systems *preauth_systems;
 static int n_preauth_systems;
 static struct plugin_dir_handle preauth_plugins;
 
+/* Open plugin directories for preauth modules. */
+static krb5_error_code
+open_preauth_plugin_dirs(krb5_context kcontext)
+{
+    static const char *path[] = {
+        KRB5_CONF_LIBDEFAULTS, KRB5_CONF_PREAUTH_MODULE_DIR, NULL,
+    };
+    char **profpath = NULL;
+    const char **plugindirs = NULL;
+    size_t nprofdirs, nobjdirs;
+    krb5_error_code retval;
+
+    /* Fetch the list of paths specified in the profile, if any. */
+    retval = profile_get_values(kcontext->profile, path, &profpath);
+    if (retval != 0 && retval != PROF_NO_RELATION)
+        return retval;
+
+    /* Count the number of profile dirs. */
+    nprofdirs = 0;
+    if (profpath) {
+        while (profpath[nprofdirs] != NULL)
+            nprofdirs++;
+    }
+
+    nobjdirs = sizeof(objdirs) / sizeof(*objdirs);
+    plugindirs = k5alloc((nprofdirs + nobjdirs) * sizeof(char *), &retval);
+    if (retval != 0)
+        goto cleanup;
+
+    /* Concatenate the profile and hardcoded directory lists. */
+    if (profpath)
+        memcpy(plugindirs, profpath, nprofdirs * sizeof(char *));
+    memcpy(plugindirs + nprofdirs, objdirs, nobjdirs * sizeof(char *));
+
+    retval = krb5int_open_plugin_dirs(plugindirs, NULL, &preauth_plugins,
+                                      &kcontext->err);
+
+cleanup:
+    profile_free_list(profpath);
+    free(plugindirs);
+    return retval;
+}
+
 krb5_error_code
 load_preauth_plugins(krb5_context context)
 {
@@ -402,10 +445,8 @@ load_preauth_plugins(krb5_context context)
     /* Attempt to load all of the preauth plugins we can find. */
     PLUGIN_DIR_INIT(&preauth_plugins);
     if (PLUGIN_DIR_OPEN(&preauth_plugins) == 0) {
-        if (krb5int_open_plugin_dirs(objdirs, NULL,
-                                     &preauth_plugins, &context->err) != 0) {
+        if (open_preauth_plugin_dirs(context) != 0)
             return KRB5_PLUGIN_NO_HANDLE;
-        }
     }
 
     /* Get the method tables provided by the loaded plugins. */