svn rev #24262: branches/plugins2/src/include/ krb5/

ghudson@MIT.EDU ghudson at MIT.EDU
Thu Aug 26 21:39:17 EDT 2010


http://src.mit.edu/fisheye/changelog/krb5/?cs=24262
Commit By: ghudson
Log Message:
Add documentation to k5-int.h aimed at developers of new pluggable
interfaces.  Add documentation to pwqual_plugin.h aimed at developers
of password quality modules.



Changed Files:
U   branches/plugins2/src/include/k5-int.h
U   branches/plugins2/src/include/krb5/pwqual_plugin.h
Modified: branches/plugins2/src/include/k5-int.h
===================================================================
--- branches/plugins2/src/include/k5-int.h	2010-08-27 00:01:03 UTC (rev 24261)
+++ branches/plugins2/src/include/k5-int.h	2010-08-27 01:39:17 UTC (rev 24262)
@@ -1431,9 +1431,72 @@
                             krb5_authdata_context context, const char *module,
                             void *ptr);
 
-/* Plugin framework */
+/*** Plugin framework ***/
 
 /*
+ * This framework can be used to create pluggable interfaces.  Not all existing
+ * pluggable interface use this framework, but new ones should.  A new
+ * pluggable interface entails:
+ *
+ * - An interface ID definition in the list of #defines below.
+ *
+ * - A name in the interface_names array in lib/krb5/krb/plugins.c.
+ *
+ * - An installed public header file in include/krb5.  The public header should
+ *   include <krb5/plugin.h> and should declare a vtable structure for each
+ *   supported major version of the interface.
+ *
+ * - A consumer API implementation, located within the code unit which makes
+ *   use of the pluggable interface.  The consumer API should consist of:
+ *
+ *   . An interface-specific handle type which contains a vtable structure for
+ *     the module (or a union of several such structures, if there are multiple
+ *     supported major versions) and, optionally, resource data bound to the
+ *     handle.
+ *
+ *   . An interface-specific loader function which creates a handle or list of
+ *     handles.  A list of handles would be created if the interface is a
+ *     one-to-many interface where the consumer wants to consult all available
+ *     modules; a single handle would be created for an interface where the
+ *     consumer wants to consult a specific module.  The loader function should
+ *     use k5_plugin_load or k5_plugin_load_all to produce one or a list of
+ *     vtable initializer functions, and should use those functions to fill in
+ *     the vtable structure for the module (if necessary, trying each supported
+ *     major version starting from the most recent).  The loader function can
+ *     also bind resource data into the handle based on caller arguments, if
+ *     appropriate.
+ *
+ *   . For each plugin method, a wrapper function which accepts a krb5_context,
+ *     a plugin handle, and the method arguments.  Wrapper functions should
+ *     invoke the method function contained in the handle's vtable.
+ *
+ * - Possibly, built-in implementations of the interface, also located within
+ *   the code unit which makes use of the interface.  Built-in implementations
+ *   must be registered with k5_plugin_register before the first call to
+ *   k5_plugin_load or k5_plugin_load_all.
+ *
+ * A pluggable interface should have one or more currently supported major
+ * versions, starting at 1.  Each major version should have a current minor
+ * version, also starting at 1.  If new methods are added to a vtable, the
+ * minor version should be incremented and the vtable stucture should document
+ * where each minor vtable version ends.  If method signatures for a vtable are
+ * changed, the major version should be incremented.
+ *
+ * Plugin module implementations (either built-in or dynamically loaded) should
+ * define a function named <interfacename>_<modulename>_initvt, matching the
+ * signature of krb5_plugin_initvt_fn as declared in include/krb5/plugin.h.
+ * The initvt function should check the given maj_ver argument against its own
+ * supported major versions, cast the vtable pointer to the appropriate
+ * interface-specific vtable type, and fill in the vtable methods, stopping as
+ * appropriate for the given min_ver.  Memory for the vtable structure is
+ * allocated by the caller, not by the module.
+ *
+ * Dynamic plugin modules are registered with the framework through the
+ * [plugins] section of the profile, as described in the admin documentation
+ * and krb5.conf man page.
+ */
+
+/*
  * A linked list entry mapping a module name to a module initvt function.  The
  * entry may also include a dynamic object handle so that it can be released
  * when the context is destroyed.

Modified: branches/plugins2/src/include/krb5/pwqual_plugin.h
===================================================================
--- branches/plugins2/src/include/krb5/pwqual_plugin.h	2010-08-27 00:01:03 UTC (rev 24261)
+++ branches/plugins2/src/include/krb5/pwqual_plugin.h	2010-08-27 01:39:17 UTC (rev 24262)
@@ -26,6 +26,24 @@
  *
  *
  * Declarations for password quality plugin module implementors.
+ *
+ * The password quality pluggable interface currently has only one supported
+ * major version, which is 1.  Major version 1 has a current minor version
+ * number of 1.
+ *
+ * Password quality plugin modules should define a function named
+ * pwqual_<modulename>_initvt.  The initvt function should:
+ *
+ * - Check that the supplied maj_ver number is supported by the module, or
+ *   return KRB5_PLUGIN_VER_NOTSUPP if it is not.
+ *
+ * - Cast the vtable pointer as appropriate for maj_ver:
+ *     maj_ver == 1: Cast to krb5_pwqual_vtable
+ *
+ * - Initialize the methods of the vtable, stopping as appropriate for the
+ *   supplied min_ver.  Optional methods may be left uninitialized.
+ *
+ * Memory for the vtable is allocated by the caller, not by the module.
  */
 
 #ifndef KRB5_PWQUAL_PLUGIN_H
@@ -66,6 +84,7 @@
     krb5_pwqual_open_fn open;
     krb5_pwqual_check_fn check;
     krb5_pwqual_close_fn close;
+    /* Minor version 1 ends here. */
 } *krb5_pwqual_vtable;
 
 #endif /* KRB5_PWQUAL_PLUGIN_H */




More information about the cvs-krb5 mailing list