svn rev #24135: branches/plugins/src/ config-files/ include/ kdc/ lib/kadm5/srv/ ...

tsitkova@MIT.EDU tsitkova at MIT.EDU
Mon Jun 14 15:26:21 EDT 2010


http://src.mit.edu/fisheye/changelog/krb5/?cs=24135
Commit By: tsitkova
Log Message:
Added facilities to handle multiple impls of the same static plugins. It is based on plugin_id.

As a proof of the concept, the password quality validation plugins were considered.
So, the following happens:
In the krb5.conf we indicate that we potentially want two pwd quality plugins: plugin_pwd_qlty_krb (native MIT kerb code extracted from server_mics.c) and plugin_pwd_qlty_X (bogus,as a matter of fact, almost identical to plugin_pwd_qlty_krb impl).
In the caller, i.e. in passwd_check of lib/kadm5/srv/server_misc.c, we call KRB and X impl's and verify the pwd against both of the policies:
 plugin_manager_get_service(srv_handle->context->pl_handle, "plugin_pwd_qlty", PWD_QLTY_KRB);
 plugin_manager_get_service(srv_handle->context->pl_handle, "plugin_pwd_qlty", PWD_QLTY_X);

(It is proof of the concept.)





Changed Files:
U   branches/plugins/src/Makefile.in
U   branches/plugins/src/config-files/krb5.conf
U   branches/plugins/src/configure.in
U   branches/plugins/src/include/k5-int.h
U   branches/plugins/src/kdc/enc_challenge.c
U   branches/plugins/src/lib/kadm5/srv/server_misc.c
U   branches/plugins/src/lib/krb5/Makefile.in
U   branches/plugins/src/lib/krb5/krb/init_ctx.c
U   branches/plugins/src/plugin_core/impl/Makefile.in
U   branches/plugins/src/plugin_core/impl/plugin_default_factory.c
U   branches/plugins/src/plugin_core/impl/plugin_default_factory.h
U   branches/plugins/src/plugin_core/impl/plugin_default_manager.c
U   branches/plugins/src/plugin_core/plugin_manager.c
U   branches/plugins/src/plugin_core/plugin_manager.h
U   branches/plugins/src/plugins/pwd_qlty/deps
U   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty.h
A   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/
A   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/Makefile.in
A   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/deps
A   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.c
A   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.h
A   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/server_dict.c
U   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/Makefile.in
U   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/deps
D   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_impl.c
D   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_impl.h
A   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.c
A   branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.h
Modified: branches/plugins/src/Makefile.in
===================================================================
--- branches/plugins/src/Makefile.in	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/Makefile.in	2010-06-14 19:26:20 UTC (rev 24135)
@@ -10,6 +10,7 @@
 SUBDIRS=util include plugin_core plugin_core/impl    \
 	plugins/pa plugins/pa/encrypted_challenge \
 	plugins/pwd_qlty plugins/pwd_qlty/plugin_pwd_qlty_krb	\
+	plugins/pwd_qlty/plugin_pwd_qlty_X	\
 	lib \
 	@ldap_plugin_dir@ \
 	plugins/kdb/db2 \

Modified: branches/plugins/src/config-files/krb5.conf
===================================================================
--- branches/plugins/src/config-files/krb5.conf	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/config-files/krb5.conf	2010-06-14 19:26:20 UTC (rev 24135)
@@ -26,22 +26,24 @@
 #	kdc = CONSOLE
 
 [plugins]
-        plugin_prng = {
+        plugin_list = PQ1
+        plugin_list = PQ2
+
+        PQ1 = {
+                plugin_api = plugin_pwd_qlty
                 plugin_factory_name = plugin_default_factory
                 plugin_factory_type = static
-                plugin_name =  plugin_yarrow_prng
+                plugin_name = plugin_pwd_qlty_X
                 plugin_type = service
+                plugin_id = 1
         }
-        plugin_pa = {
+
+        PQ2 = {
+                plugin_api = plugin_pwd_qlty
                 plugin_factory_name = plugin_default_factory
                 plugin_factory_type = static
-                plugin_name = plugin_encrypted_challenge_pa
-                plugin_type = service
-        }
-        plugin_pwd_qlty = {
-                plugin_factory_name = plugin_default_factory
-                plugin_factory_type = static
                 plugin_name = plugin_pwd_qlty_krb
                 plugin_type = service
+                plugin_id = 0
         }
 

Modified: branches/plugins/src/configure.in
===================================================================
--- branches/plugins/src/configure.in	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/configure.in	2010-06-14 19:26:20 UTC (rev 24135)
@@ -1118,6 +1118,7 @@
 
 	plugins/pwd_qlty
 	plugins/pwd_qlty/plugin_pwd_qlty_krb
+	plugins/pwd_qlty/plugin_pwd_qlty_X
 	plugin_core/impl
 	plugins/pa
 	plugins/pa/encrypted_challenge

Modified: branches/plugins/src/include/k5-int.h
===================================================================
--- branches/plugins/src/include/k5-int.h	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/include/k5-int.h	2010-06-14 19:26:20 UTC (rev 24135)
@@ -1433,6 +1433,7 @@
 
 /* Plugin API ----  PLUGIN HANDLE */
 typedef struct _plhandle{
+    int plugin_id;
     void *api;
     struct _plhandle *next;
 } plhandle;
@@ -1459,7 +1460,7 @@
         void (*configure)(manager_data *  data, const char*);
         void (*start)(manager_data * data);
         void (*stop)(manager_data * data);
-        plhandle (*getService)(manager_data * data, const char*);
+        plhandle (*getService)(manager_data * data, const char*, const int pl_id);
 } plugin_manager;
 
 /* Plugin API ----  PLUGIN HANDLE ----- END*/
@@ -1513,7 +1514,7 @@
 
     krb5_boolean allow_weak_crypto;
 
-    /* PLUGIN HANDLE */
+    /* PLUGIN manager HANDLE */
     plugin_manager *pl_handle;
 };
 

Modified: branches/plugins/src/kdc/enc_challenge.c
===================================================================
--- branches/plugins/src/kdc/enc_challenge.c	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/kdc/enc_challenge.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -10,7 +10,7 @@
 preauth_flags(krb5_context context, krb5_preauthtype pa_type)
 {
     int flags = 0;
-    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa");
+    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa", 0);
     flags = plugin_preauth_flags(handle, context, pa_type);
     return flags;
 
@@ -30,7 +30,7 @@
                                        krb5_pa_data ***out_padata)
 {
     krb5_error_code ret = 0;
-    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa");
+    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa", 0);
 
     ret = plugin_process_preauth(handle, context, plugin_context,
                                        request_context, opt,
@@ -52,7 +52,7 @@
                                           void *pa_module_context, krb5_pa_data *data)
 {
     krb5_error_code retval = 0;
-    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa");
+    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa", 0);
     retval = plugin_kdc_include_padata(handle, context, request,
                                          client,
                                          server,
@@ -69,7 +69,7 @@
                                           krb5_data **e_data, krb5_authdata ***authz_data)
 {
     krb5_error_code retval = 0;
-    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa");
+    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa", 0);
     retval = plugin_kdc_verify_preauth(handle, context, client,
                                           req_pkt, request,
                                           enc_tkt_reply, data,
@@ -89,7 +89,7 @@
                                           void *pa_module_context, void **pa_request_context)
 {
     krb5_error_code retval = 0;
-    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa");
+    plhandle handle = plugin_manager_get_service(context->pl_handle, "plugin_pa", 0);
     retval = plugin_kdc_return_preauth(handle, context, padata,
                                           client, req_pkt,
                                           request, reply,
@@ -106,7 +106,7 @@
                                           void **pa_request_context)
 {
     krb5_error_code retval = 0;
-    plhandle handle = plugin_manager_get_service(kcontext->pl_handle, "plugin_pa");
+    plhandle handle = plugin_manager_get_service(kcontext->pl_handle, "plugin_pa", 0);
     retval = plugin_server_free_reqctx(handle, kcontext,
                                           pa_module_context,
                                           pa_request_context);
@@ -116,14 +116,14 @@
 server_init(krb5_context kcontext, void **module_context, const char **realmnames)
 {
     krb5_error_code retval = 0;
-    plhandle handle = plugin_manager_get_service(kcontext->pl_handle, "plugin_pa");
+    plhandle handle = plugin_manager_get_service(kcontext->pl_handle, "plugin_pa", 0);
     retval = plugin_server_init(handle, kcontext, module_context, realmnames);
     return retval;
 }
 void
 server_fini(krb5_context kcontext, void *module_context)
 {
-    plhandle handle = plugin_manager_get_service(kcontext->pl_handle, "plugin_pa");
+    plhandle handle = plugin_manager_get_service(kcontext->pl_handle, "plugin_pa", 0);
     plugin_server_fini(handle, kcontext, module_context);
     return;
 }

Modified: branches/plugins/src/lib/kadm5/srv/server_misc.c
===================================================================
--- branches/plugins/src/lib/kadm5/srv/server_misc.c	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/lib/kadm5/srv/server_misc.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -55,10 +55,16 @@
         srv_handle->context->pl_handle != NULL ){
 
         plugin_handle = plugin_manager_get_service(srv_handle->context->pl_handle,
-                                                   "plugin_pwd_qlty");
+                                                   "plugin_pwd_qlty", PWD_QLTY_KRB);
 
         ret = plugin_pwd_qlty_check(plugin_handle,
                                     srv_handle, password, use_policy, pol, principal);
+
+        plugin_handle = plugin_manager_get_service(srv_handle->context->pl_handle,
+                                                   "plugin_pwd_qlty", PWD_QLTY_X);
+
+        ret = plugin_pwd_qlty_check(plugin_handle,
+                                    srv_handle, password, use_policy, pol, principal);
     }
     return ret;
 }

Modified: branches/plugins/src/lib/krb5/Makefile.in
===================================================================
--- branches/plugins/src/lib/krb5/Makefile.in	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/lib/krb5/Makefile.in	2010-06-14 19:26:20 UTC (rev 24135)
@@ -10,7 +10,8 @@
 PLUGINS_LIBS = \
 	../../plugin_core/impl/libplugin_impl.a $(PLUGIN_CORE_DEPLIB) 	\
 	../../plugins/pa/encrypted_challenge/libencrypted_challenge.a	\
-	../../plugins/pwd_qlty/plugin_pwd_qlty_krb/libplugin_pwd_qlty_krb.a	
+	../../plugins/pwd_qlty/plugin_pwd_qlty_krb/libplugin_pwd_qlty_krb.a	\
+	../../plugins/pwd_qlty/plugin_pwd_qlty_X/libplugin_pwd_qlty_X.a	
 
 
 ##DOSBUILDTOP = ..\..

Modified: branches/plugins/src/lib/krb5/krb/init_ctx.c
===================================================================
--- branches/plugins/src/lib/krb5/krb/init_ctx.c	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/lib/krb5/krb/init_ctx.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -177,7 +177,7 @@
     ctx->allow_weak_crypto = tmp;
 
 
-    /* Plugin initialization */   // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>...
+    /* Plugin initialization */
     plugin_default_manager_get_instance(&plugin_mngr_instance);
     set_plugin_manager_instance(&ctx->pl_handle,  plugin_mngr_instance);
     plugin_manager_configure(ctx->pl_handle, conf_path);

Modified: branches/plugins/src/plugin_core/impl/Makefile.in
===================================================================
--- branches/plugins/src/plugin_core/impl/Makefile.in	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugin_core/impl/Makefile.in	2010-06-14 19:26:20 UTC (rev 24135)
@@ -6,7 +6,9 @@
 DEFS=
 
 LOCALINCLUDES = -I$(srcdir)/../../include/krb5  -I$(srcdir)/. 	\
-		-I$(srcdir)/../../plugins/pwd_qlty -I$(srcdir)/../../plugins/pwd_qlty/plugin_pwd_qlty_krb 	\
+		-I$(srcdir)/../../plugins/pwd_qlty \
+		-I$(srcdir)/../../plugins/pwd_qlty/plugin_pwd_qlty_krb 	\
+		-I$(srcdir)/../../plugins/pwd_qlty/plugin_pwd_qlty_X 	\
 		-I$(srcdir)/../../plugins/pa -I$(srcdir)/../../plugins/pa/encrypted_challenge 	\
 		-I$(srcdir)/..  -I$(srcdir)/../../lib/kadm5
 
@@ -19,7 +21,8 @@
 STOBJLISTS=OBJS.ST
 
 LIBS_UTILS = ../plugin_core$(SO_EXT) \
-	../../plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_impl$(SO_EXT) 	
+	../../plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl$(SO_EXT) 	\
+	../../plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl$(SO_EXT)
 
 SHLIB_EXPLIBS=  $(LIBS_UTILS) $(CRYPTO_DEPLIB) $(SUPPORT_DEPLIB)
 

Modified: branches/plugins/src/plugin_core/impl/plugin_default_factory.c
===================================================================
--- branches/plugins/src/plugin_core/impl/plugin_default_factory.c	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugin_core/impl/plugin_default_factory.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -9,12 +9,12 @@
 #include "plugin_manager.h"
 #include "plugin_factory.h"
 #include "plugin_pa_impl.h"
-#include "plugin_pwd_qlty_impl.h"
 #include "plugin_default_factory.h"
 
 static plugin_factory* _default_factory_instance = NULL;
 
 static plugin_descr  plugin_default_factory_table[] = {
+        {"plugin_pwd_qlty_X",   plugin_pwd_qlty_X_create},
         {"plugin_pwd_qlty_krb", plugin_pwd_qlty_krb_create},
         {"plugin_encrypted_challenge_pa", plugin_encrypted_challenge_pa_create},
         {"plugin_ldap_audit", NULL},

Modified: branches/plugins/src/plugin_core/impl/plugin_default_factory.h
===================================================================
--- branches/plugins/src/plugin_core/impl/plugin_default_factory.h	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugin_core/impl/plugin_default_factory.h	2010-06-14 19:26:20 UTC (rev 24135)
@@ -7,7 +7,8 @@
 #define PLUGIN_DEFAULT_FACTORY_H_
 
 #include <plugin_factory.h>
-#include "plugin_pwd_qlty_impl.h"
+#include "plugin_pwd_qlty_krb_impl.h"
+#include "plugin_pwd_qlty_X_impl.h"
 
 
 factory_handle plugin_default_factory_get_instance(void);

Modified: branches/plugins/src/plugin_core/impl/plugin_default_manager.c
===================================================================
--- branches/plugins/src/plugin_core/impl/plugin_default_manager.c	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugin_core/impl/plugin_default_manager.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -25,6 +25,9 @@
 {
     factory_handle handle;
     plugin_factory_descr *ptr = NULL;
+#ifdef DEBUG_PLUGINS
+    printf("plugins:  _load_factory\n");
+#endif
 
     handle.api = NULL;
     for( ptr = _table; ptr->factory_name != NULL; ptr++) {
@@ -40,6 +43,9 @@
 _create_registry()
 {
     registry_data* registry = (registry_data*) malloc(sizeof(registry_data));
+#ifdef DEBUG_PLUGINS
+    printf("plugins:  _create_registry\n");
+#endif
     memset(registry, 0, sizeof(registry_data));
 
     return registry;
@@ -48,6 +54,9 @@
 static void
 _extend_registry (registry_data* data, int ext_n)
 {
+#ifdef DEBUG_PLUGINS
+    printf("plugins:  _extend_registry\n");
+#endif
     if(data->registry_max_size == 0) {
         data->table = NULL;
     }
@@ -62,6 +71,9 @@
     int i = 0;
     reg_entry* ptr = data->table;
 
+#ifdef DEBUG_PLUGINS
+    printf("plugins:  _search_registry\n");
+#endif
     for(i = 0; i < data->registry_size; i++,ptr++) {
         if(strcmp(api_name, ptr->api_name) == 0) {
             return ptr;
@@ -72,11 +84,15 @@
 
 static plhandle
 _create_api(const char* plugin_name, const char* factory_name,
-            const char* factory_type/*, config_node* properties*/)
+            const char* factory_type, const char* plugin_id /*, config_node* properties*/)
 {
     plhandle p_handle;
     factory_handle f_handle = _load_factory(factory_name, factory_type);
+#ifdef DEBUG_PLUGINS
+    printf("plugins:  _create_api\n");
+#endif
     p_handle = create_api(f_handle, plugin_name);
+    p_handle.plugin_id = atoi(plugin_id);
 
     return(p_handle);
 }
@@ -101,21 +117,31 @@
     if(data->registry_size == data->registry_max_size) {
         _extend_registry(data, extension_size);
     }
+
+#ifdef DEBUG_PLUGINS
+    printf ("plugins: _register_api %s\n", api_name);
+#endif
+
     entry = _search_registry(data, api_name);
     if(entry == NULL) {
+        /* Do this in case of a new id only */
         entry = data->table + data->registry_size;
         data->registry_size++;
     }
+#if 0
     if(entry->size && strcmp(plugin_type, "service") == 0) {
 #ifdef DEBUG_PLUGINS
         printf("%s is already registered, only one plugin is allowed per service\n", api_name);
 #endif
         ret = API_ALREADY_REGISTERED;
-    } else {
+    } else
+#endif
+    {
         strcpy(entry->api_name, api_name);
         next = (plhandle*) malloc(sizeof(plhandle));
         memset(next, 0, sizeof(plhandle));
         next->api = handle.api;
+        next->plugin_id = handle.plugin_id;
         if(entry->first == NULL) {
             entry->first = next;
             entry->last = next;
@@ -140,6 +166,7 @@
     const char* factory_type = NULL;
     const char* plugin_name = NULL;
     const char* plugin_type = NULL;
+    const char* plugin_id = NULL;
     plhandle handle;
     int ret = API_REGISTER_FAILED;
 
@@ -157,7 +184,10 @@
                     factory_type = q->node_value.str_value;
                 } else if(strcmp(q->node_name, "plugin_name") == 0) {
                     plugin_name = q->node_value.str_value;
+                } else if(strcmp(q->node_name, "plugin_id") == 0) {
+                    plugin_id = q->node_value.str_value;
                 }
+
             }
         } else if(strcmp(p->node_name, "properties") == 0) {
             properties = p;
@@ -170,10 +200,11 @@
     printf("factory_type=%s\n", factory_type);
     printf("plugin_name=%s\n", plugin_name);
     printf("plugin_type=%s\n", plugin_type);
+    printf("plugin_id=%s\n", plugin_id);
     printf("**End**\n");
 #endif
 
-    handle = _create_api(plugin_name, factory_name, factory_type/*, properties*/);
+    handle = _create_api(plugin_name, factory_name, factory_type/*, plugin_id*//*, properties*/);
     if(handle.api != NULL) {
         ret = _register_api(mdata->registry,plugin_api, plugin_type, handle);
         if (ret != API_REGISTER_OK) {
@@ -182,6 +213,9 @@
                     plugin_name, plugin_api, factory_name, plugin_type);
 #endif
         }
+        else
+            printf("SUCCESS to register %s for %s(factory=%s,plugin_type=%s)\n",
+                    plugin_name, plugin_api, factory_name, plugin_type);
     } else {
 #ifdef DEBUG_PLUGINS
         printf("Failed to configure plugin: api=%s, plugin_name=%s,factory=%s\n",
@@ -225,12 +259,17 @@
     krb5_error_code retval;
     char *plugin;
     void *iter;
+    int i = 0;
     profile_filespec_t *files = NULL;
     profile_t profile;
-    const char  *realm_srv_names[4];
+    const char  *hierarchy[4];
     char **factory_name, **factory_type, **plugin_name, **plugin_type;
+    char** plugin_id;
+    char** plugin_api;
     plhandle handle;
+    char **pl_list, *pl_l;
 
+
     retval = krb5_get_default_config_files(&files);
 #if 0
     if (files)
@@ -250,61 +289,98 @@
         com_err("krb5_PLUGIN_iterator_create", retval, 0);
         return;
     }
-    while (iter) {
+    /* Get the list of the plugins that may be used during run time */
+    hierarchy[0] = "plugins";
+    hierarchy[1] = "plugin_list";
+    hierarchy[2] = 0;
+    retval = profile_get_values(profile, hierarchy, &pl_list);
+    if (retval){
+        com_err("krb5_PLUGIN no plugins listed to configure/register", retval, 0);
+        return;
+    }
+
+#if 0
+    while (iter && pl_list[i]) {
         if ((retval = krb5_plugin_iterator(profile, &iter, &plugin))) {
             com_err("krb5_PLUGIN_iterator", retval, 0);
             krb5_plugin_iterator_free(profile, &iter);
             return;
         }
         if (plugin) {
-#ifdef DEBUG_PLUGINS
-            printf("PLUGIN: '%s'\n", plugin);
 #endif
-            realm_srv_names[0] = "plugins";
-            realm_srv_names[1] = plugin;
 
-            /* plugin_name */
-            realm_srv_names[2] = "plugin_name";
-            realm_srv_names[3] = 0;
+    i=0;
+    while (pl_l = pl_list[i++]){
 
-            retval = profile_get_values(profile, realm_srv_names, &plugin_name);
+#ifdef DEBUG_PLUGINS
+        printf("plugins: nickname in conf file: '%s'\n", pl_l);
+#endif
+        hierarchy[0] = "plugins";
+        hierarchy[1] = pl_l;
+        //hierarchy[1] = plugin;
 
-            /* plugin_type */
-            realm_srv_names[2] = "plugin_type";
-            realm_srv_names[3] = 0;
+        /* plugin_name */
+        hierarchy[2] = "plugin_api";
+        hierarchy[3] = 0;
+        retval = profile_get_values(profile, hierarchy, &plugin_api);
 
-            retval = profile_get_values(profile, realm_srv_names, &plugin_type);
+        /* plugin_name */
+        hierarchy[2] = "plugin_name";
+        hierarchy[3] = 0;
+        retval = profile_get_values(profile, hierarchy, &plugin_name);
 
-            /* factory_name */
-            realm_srv_names[2] = "plugin_factory_name";
-            realm_srv_names[3] = 0;
+        /* plugin_type */
+        hierarchy[2] = "plugin_type";
+        hierarchy[3] = 0;
+        retval = profile_get_values(profile, hierarchy, &plugin_type);
 
-            retval = profile_get_values(profile, realm_srv_names, &factory_name);
+        /* plugin_id */
+        hierarchy[2] = "plugin_id";
+        hierarchy[3] = 0;
+        retval = profile_get_values(profile, hierarchy, &plugin_id);
 
-            /* factory_type */
-            realm_srv_names[2] = "plugin_factory_type";
-            realm_srv_names[3] = 0;
+        /* factory_name */
+        hierarchy[2] = "plugin_factory_name";
+        hierarchy[3] = 0;
+        retval = profile_get_values(profile, hierarchy, &factory_name);
 
-            retval = profile_get_values(profile, realm_srv_names, &factory_type);
+        /* factory_type */
+        hierarchy[2] = "plugin_factory_type";
+        hierarchy[3] = 0;
+        retval = profile_get_values(profile, hierarchy, &factory_type);
 
-            handle = _create_api(*plugin_name, *factory_name, *factory_type/*, properties*/);
-            if(handle.api != NULL) {
-                retval = _register_api(mdata->registry,plugin, *plugin_type, handle);
-                if( retval != API_REGISTER_OK) {
 #ifdef DEBUG_PLUGINS
-                   printf("Failed to register %s for %s(factory=%s,plugin_type=%s)\n",
-                            *plugin_name, plugin, *factory_name, *plugin_type);
+        printf("plugins:  >>>\n");
+        printf("api=%s\n", *plugin_api);
+        printf("factory=%s\n", *factory_name);
+        printf("factory_type=%s\n", *factory_type);
+        printf("plugin_name=%s\n", *plugin_name);
+        printf("plugin_type=%s\n",*plugin_type);
+        printf("plugin_id=%s\n", *plugin_id);
+        printf("<<< plugins\n");
 #endif
-                }
+
+        handle = _create_api(*plugin_name, *factory_name, *factory_type ,*plugin_id/*, properties*/);
+        if(handle.api != NULL) {
+            retval = _register_api(mdata->registry,*plugin_api, *plugin_type, handle);
+            if(retval != API_REGISTER_OK) {
+#ifdef DEBUG_PLUGINS
+                printf("plugins: Failed to register %s for %s(factory=%s,plugin_type=%s) ret=%i\n",
+                       *plugin_name, *plugin_api, *factory_name, *plugin_type, retval);
+#endif
             } else {
 #ifdef DEBUG_PLUGINS
-                printf("Failed to configure plugin: api=%s, plugin_name=%s,factory=%s\n",
-                         plugin, *plugin_name, *factory_name);
+                   printf("plugins: registered OK\n");
 #endif
             }
+        } else {
+#ifdef DEBUG_PLUGINS
+            printf("plugins: Failed to configure plugin: api=%s, plugin_name=%s,factory=%s\n",
+                    *plugin_api, *plugin_name, *factory_name);
+#endif
+        }
 
-            krb5_free_plugin_string(profile, plugin);
-        }
+        // Need to cleanup ~ krb5_free_plugin_string(profile, plugin);
     }
 }
 
@@ -323,22 +399,31 @@
 }
 
 static plhandle
-_getService(manager_data* data, const char* service_name)
+_getService(manager_data* data, const char* service_name, int plugin_id)
 {
-    plhandle handle;
+    plhandle *handle;
     manager_data* mdata = (manager_data*) data;
     reg_entry* entry = _search_registry(mdata->registry, service_name);
 
     memset(&handle, 0, sizeof handle);
     if(entry) {
-        handle = *(entry->first);
+        for(handle = entry->first; handle != NULL; handle = handle->next) {
+            if (handle->plugin_id == plugin_id)
+                break;
+        }
+        if (handle == NULL) {
+#ifdef DEBUG_PLUGINS
+            printf("service %s:%d is not registered \n", service_name, plugin_id);
+#endif
+        }
+
     } else {
 #ifdef DEBUG_PLUGINS
         printf("service %s is not available\n", service_name);
 #endif
     }
 
-    return handle;
+    return *handle;
 }
 
 static manager_data*
@@ -354,11 +439,18 @@
 plugin_manager*
 plugin_default_manager_get_instance(plugin_manager** plugin_mngr_instance)
 {
-    plugin_manager* instance = NULL;  // = plugin_mngr_instance;
+    plugin_manager* instance = NULL;
+#ifdef DEBUG_PLUGINS
+    printf("plugins: plugin_default_manager_get_instanc \n");
+#endif
 
     if(*plugin_mngr_instance == NULL) {
+
         instance = (plugin_manager*) malloc(sizeof(plugin_manager));
+        if (!instance)
+            return NULL;
         memset(instance, 0, sizeof(plugin_manager));
+
         instance->data = _init_data();
 #ifdef CONFIG_IN_YAML
         instance->configure = _configure_yaml;
@@ -372,4 +464,3 @@
     }
     return (*plugin_mngr_instance);
 }
-

Modified: branches/plugins/src/plugin_core/plugin_manager.c
===================================================================
--- branches/plugins/src/plugin_core/plugin_manager.c	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugin_core/plugin_manager.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -17,6 +17,7 @@
     if (_instance != NULL) {
         _instance->configure(_instance->data, path);
     }
+    return 0;
 }
 
 void plugin_manager_start(plugin_manager* _instance)
@@ -34,16 +35,13 @@
 }
 
 plhandle
-plugin_manager_get_service(plugin_manager* _instance, const char* service_name)
+plugin_manager_get_service(plugin_manager* _instance, const char* service_name, const int pl_id)
 {
     plhandle handle;
     if (_instance != NULL) {
-        handle = _instance->getService(_instance->data, service_name);
+        handle = _instance->getService(_instance->data, service_name, pl_id);
     } else {
         handle.api = NULL;
     }
     return handle;
 }
-
-
-

Modified: branches/plugins/src/plugin_core/plugin_manager.h
===================================================================
--- branches/plugins/src/plugin_core/plugin_manager.h	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugin_core/plugin_manager.h	2010-06-14 19:26:20 UTC (rev 24135)
@@ -14,6 +14,6 @@
 int plugin_manager_configure(plugin_manager* _instance,const char*);
 void plugin_manager_start(plugin_manager* _instance);
 void plugin_manager_stop(plugin_manager* _instance);
-plhandle plugin_manager_get_service(plugin_manager* _instance,const char*);
+plhandle plugin_manager_get_service(plugin_manager* _instance,const char*, const int);
 
 #endif /* PLUGIN_MANAGER_H_ */

Modified: branches/plugins/src/plugins/pwd_qlty/deps
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/deps	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugins/pwd_qlty/deps	2010-06-14 19:26:20 UTC (rev 24135)
@@ -7,9 +7,3 @@
   $(top_srcdir)/plugin_core/plugin_factory.h \
   $(top_srcdir)/lib/kadm5/admin.h \
   plugin_pwd_qlty.c
-plugin_pwd_qlty_impl.so plugin_pwd_qlty_impl.po $(OUTPRE)plugin_pwd_qlty_impl.$(OBJEXT): \
-  $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/plugins/pwd_qlty/plugin_pwd_qlty_impl.h \
-  $(top_srcdir)/plugin_core/plugin_manager.h \
-  $(top_srcdir)/plugin_core/plugin_factory.h \
-  $(top_srcdir)/lib/kadm5/admin.h \
-  plugin_pwd_qlty_impl.c

Modified: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty.h
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty.h	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty.h	2010-06-14 19:26:20 UTC (rev 24135)
@@ -11,9 +11,13 @@
 #include <admin.h>
 #include <server_internal.h>
 
+#define PWD_QLTY_KRB 0
+#define PWD_QLTY_X 1
+
 /* PWD_QLTY API */
 typedef struct {
 	int version;
+	int plugin_id;
 	kadm5_ret_t (*pwd_qlty_init)(kadm5_server_handle_t);
 	void (*pwd_qlty_cleanup)();
 	kadm5_ret_t (*pwd_qlty_check)(kadm5_server_handle_t, char*,

Added: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/Makefile.in
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/Makefile.in	                        (rev 0)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/Makefile.in	2010-06-14 19:26:20 UTC (rev 24135)
@@ -0,0 +1,25 @@
+mydir=plugins/pwd_qlty/plugin_pwd_qlty_X
+BUILDTOP=$(REL)../../..
+RELDIR=../plugins/pwd_qlty/plugin_pwd_qlty_X
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+DEFS=
+
+LOCALINCLUDES = -I../../../include/krb5 -I. -I../../../plugin_core -I..  -I$(srcdir)/..	\
+		-I../../../lib/kadm5
+
+LIBBASE=plugin_pwd_qlty_X
+
+STLIBOBJS= plugin_pwd_qlty_X_impl.o server_dict.o
+SRCS= $(srcdir)/plugin_pwd_qlty_X_impl.c  $(srcdir)/server_dict.c
+
+STOBJLISTS=OBJS.ST
+
+all-unix:: all-liblinks
+clean-unix:: clean-liblinks clean-libs clean-libobjs
+install-unix:: install-libs
+
+
+ at libpriv_frag@
+ at lib_frag@
+ at libobj_frag@

Added: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/deps
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/deps	                        (rev 0)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/deps	2010-06-14 19:26:20 UTC (rev 24135)
@@ -0,0 +1,11 @@
+# 
+# Generated makefile dependencies follow.
+#
+plugin_pwd_qlty_X_impl.so plugin_pwd_qlty_X_impl.po $(OUTPRE)plugin_pwd_qlty_X_impl.$(OBJEXT): \
+  $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) \
+  $(top_srcdir)/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.h \
+  $(top_srcdir)/lib/kadm5/admin.h \
+  $(top_srcdir)/plugin_core/plugin_manager.h \
+  $(top_srcdir)/plugin_core/plugin_factory.h \
+  plugin_pwd_qlty_X_impl.c
+

Added: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.c
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.c	                        (rev 0)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -0,0 +1,172 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+
+#include "k5-int.h"
+
+#include <plugin_manager.h>
+#include <plugin_pwd_qlty.h>
+#include "plugin_pwd_qlty_X_impl.h"
+#include    <string.h>
+#include    <ctype.h>
+
+
+#ifdef HESIOD
+/* stolen from v4sever/kadm_funcs.c */
+static char *
+reverse(str)
+    char    *str;
+{
+    static char newstr[80];
+    char    *p, *q;
+    int     i;
+
+    i = strlen(str);
+    if (i >= sizeof(newstr))
+        i = sizeof(newstr)-1;
+    p = str+i-1;
+    q = newstr;
+    q[i]='\0';
+    for(; i > 0; i--)
+        *q++ = *p--;
+
+    return(newstr);
+}
+
+static int
+str_check_gecos(gecos, pwstr)
+    char    *gecos;
+    char    *pwstr;
+{
+    char            *cp, *ncp, *tcp;
+
+    for (cp = gecos; *cp; ) {
+        /* Skip past punctuation */
+        for (; *cp; cp++)
+            if (isalnum(*cp))
+                break;
+        /* Skip to the end of the word */
+        for (ncp = cp; *ncp; ncp++)
+            if (!isalnum(*ncp) && *ncp != '\'')
+                break;
+        /* Delimit end of word */
+        if (*ncp)
+            *ncp++ = '\0';
+        /* Check word to see if it's the password */
+        if (*cp) {
+            if (!strcasecmp(pwstr, cp))
+                return 1;
+            tcp = reverse(cp);
+            if (!strcasecmp(pwstr, tcp))
+                return 1;
+            cp = ncp;
+        } else
+            break;
+    }
+    return 0;
+}
+#endif /* HESIOD */
+
+
+static kadm5_ret_t
+_plugin_pwd_qlty_check(kadm5_server_handle_t srv_handle,
+             char *password, int use_policy, kadm5_policy_ent_t pol,
+             krb5_principal principal)
+{
+    int nupper = 0,
+        nlower = 0,
+        ndigit = 0,
+        npunct = 0,
+        nspec = 0;
+    char    c, *s, *cp;
+
+#ifdef HESIOD
+    extern  struct passwd *hes_getpwnam();
+    struct  passwd *ent;
+#endif
+
+#ifdef DEBUG_PLUGINS
+    printf("Plugin pwd qlty X\n");
+#endif
+
+    if(use_policy) {
+        if(strlen(password) < (unsigned int)pol->pw_min_length)
+            return KADM5_PASS_Q_TOOSHORT;
+        s = password;
+        while ((c = *s++)) {
+            if (islower((unsigned char) c)) {
+                nlower = 1;
+                continue;
+            }
+            else if (isupper((unsigned char) c)) {
+                nupper = 1;
+                continue;
+            } else if (isdigit((unsigned char) c)) {
+                ndigit = 1;
+                continue;
+            } else if (ispunct((unsigned char) c)) {
+                npunct = 1;
+                continue;
+            } else {
+                nspec = 1;
+                continue;
+            }
+        }
+        if ((nupper + nlower + ndigit + npunct + nspec) < pol->pw_min_classes || nlower < 1) // Zh X-policy
+            return KADM5_PASS_Q_CLASS;
+        if((find_word(password) == KADM5_OK))
+            return KADM5_PASS_Q_DICT;
+        else {
+            int i, n = krb5_princ_size(handle->context, principal);
+            cp = krb5_princ_realm(handle->context, principal)->data;
+            if (strcasecmp(cp, password) == 0)
+                return KADM5_PASS_Q_DICT;
+            for (i = 0; i < n ; i++) {
+                cp = krb5_princ_component(handle->context, principal, i)->data;
+                if (strcasecmp(cp, password) == 0)
+                    return KADM5_PASS_Q_DICT;
+#ifdef HESIOD
+                ent = hes_getpwnam(cp);
+                if (ent && ent->pw_gecos)
+                    if (str_check_gecos(ent->pw_gecos, password))
+                        return KADM5_PASS_Q_DICT; /* XXX new error code? */
+#endif
+            }
+            return KADM5_OK;
+        }
+    } else {
+        if (strlen(password) < 1)
+            return KADM5_PASS_Q_TOOSHORT;
+    }
+    return KADM5_OK;
+
+}
+
+static kadm5_ret_t
+_plugin_pwd_qlty_init(kadm5_server_handle_t handle)
+{
+    init_dict(&handle->params);
+    return 0;
+}
+
+static void
+_plugin_pwd_qlty_clean()
+{
+    destroy_dict();
+    return;
+}
+
+plhandle
+plugin_pwd_qlty_X_create()
+{
+        plhandle handle;
+        plugin_pwd_qlty* api = malloc(sizeof(plugin_pwd_qlty));
+
+        memset(api, 0, sizeof(plugin_pwd_qlty));
+        api->version = 1;
+        api->plugin_id = PWD_QLTY_X;
+        api->pwd_qlty_init    = _plugin_pwd_qlty_init;
+        api->pwd_qlty_check   = _plugin_pwd_qlty_check;
+        api->pwd_qlty_cleanup = _plugin_pwd_qlty_clean;
+        handle.api = api;
+
+        return handle;
+}


Added: svn:mergeinfo
   + 

Added: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.h
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.h	                        (rev 0)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.h	2010-06-14 19:26:20 UTC (rev 24135)
@@ -0,0 +1,14 @@
+/*
+ * plugin_pwd_qlty_X_impl.h
+ *
+ */
+
+#ifndef PLUGIN_PWD_QLTY_X_IMPL_H_
+#define PLUGIN_PWD_QLTY_X_IMPL_H_
+
+#include <plugin_manager.h>
+#include <plugin_pwd_qlty.h>
+
+plhandle plugin_pwd_qlty_X_create(void);
+
+#endif /* PLUGIN_PWD_QLTY_X_IMPL_H_ */


Added: svn:mergeinfo
   + 

Added: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/server_dict.c
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/server_dict.c	                        (rev 0)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/server_dict.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -0,0 +1,203 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
+ *
+ * $Header$
+ */
+
+#if !defined(lint) && !defined(__CODECENTER__)
+static char *rcsid = "$Header$";
+#endif
+
+#include    <sys/types.h>
+#include    <sys/file.h>
+#include    <fcntl.h>
+#include    <sys/stat.h>
+#include    <unistd.h>
+#include <errno.h>
+#include    <kadm5/admin.h>
+#include    <stdlib.h>
+#include    <stdio.h>
+#include    <string.h>
+#ifdef HAVE_MEMORY_H
+#include    <memory.h>
+#endif
+#include    "adm_proto.h"
+#include    <syslog.h>
+#include    "server_internal.h"
+#include    "k5-platform.h"
+
+static char         **word_list = NULL;     /* list of word pointers */
+static char         *word_block = NULL;     /* actual word data */
+static unsigned int word_count = 0;         /* number of words */
+
+
+/*
+ * Function: word_compare
+ *
+ * Purpose: compare two words in the dictionary.
+ *
+ * Arguments:
+ *      w1              (input) pointer to first word
+ *      w2              (input) pointer to second word
+ *      <return value>  result of strcmp
+ *
+ * Requires:
+ *      w1 and w2 to point to valid memory
+ *
+ */
+
+static int
+word_compare(const void *s1, const void *s2)
+{
+    return (strcasecmp(*(const char **)s1, *(const char **)s2));
+}
+
+/*
+ * Function: init-dict
+ *
+ * Purpose: Initialize in memory word dictionary
+ *
+ * Arguments:
+ *          none
+ *          <return value> KADM5_OK on success errno on failure;
+ *                         (but success on ENOENT)
+ *
+ * Requires:
+ *      If WORDFILE exists, it must contain a list of words,
+ *      one word per-line.
+ *
+ * Effects:
+ *      If WORDFILE exists, it is read into memory sorted for future
+ * use.  If it does not exist, it syslogs an error message and returns
+ * success.
+ *
+ * Modifies:
+ *      word_list to point to a chunck of allocated memory containing
+ *      pointers to words
+ *      word_block to contain the dictionary.
+ *
+ */
+
+int init_dict(kadm5_config_params *params)
+{
+    int             fd,
+        len,
+        i;
+    char            *p,
+        *t;
+    struct  stat    sb;
+
+    if(word_list != NULL && word_block != NULL)
+        return KADM5_OK;
+    if (! (params->mask & KADM5_CONFIG_DICT_FILE)) {
+        return KADM5_OK;
+    }
+    if ((fd = open(params->dict_file, O_RDONLY)) == -1) {
+        if (errno == ENOENT) {
+            return KADM5_OK;
+        } else
+            return errno;
+    }
+    set_cloexec_fd(fd);
+    if (fstat(fd, &sb) == -1) {
+        close(fd);
+        return errno;
+    }
+    if ((word_block = (char *) malloc(sb.st_size + 1)) == NULL)
+        return ENOMEM;
+    if (read(fd, word_block, sb.st_size) != sb.st_size)
+        return errno;
+    (void) close(fd);
+    word_block[sb.st_size] = '\0';
+
+    p = word_block;
+    len = sb.st_size;
+    while(len > 0 && (t = memchr(p, '\n', len)) != NULL) {
+        *t = '\0';
+        len -= t - p + 1;
+        p = t + 1;
+        word_count++;
+    }
+    if ((word_list = (char **) malloc(word_count * sizeof(char *))) == NULL)
+        return ENOMEM;
+    p = word_block;
+    for (i = 0; i < word_count; i++) {
+        word_list[i] = p;
+        p += strlen(p) + 1;
+    }
+    qsort(word_list, word_count, sizeof(char *), word_compare);
+    return KADM5_OK;
+}
+
+/*
+ * Function: find_word
+ *
+ * Purpose: See if the specified word exists in the in-core dictionary
+ *
+ * Arguments:
+ *      word            (input) word to search for.
+ *      <return value>  WORD_NOT_FOUND if not in dictionary,
+ *                      KADM5_OK if if found word
+ *                      errno if init needs to be called and returns an
+ *                      error
+ *
+ * Requires:
+ *      word to be a null terminated string.
+ *      That word_list and word_block besetup
+ *
+ * Effects:
+ *      finds word in dictionary.
+ * Modifies:
+ *      nothing.
+ *
+ */
+
+int
+find_word(const char *word)
+{
+    char    **value;
+
+    if(word_list == NULL || word_block == NULL)
+        return WORD_NOT_FOUND;
+    if ((value = (char **) bsearch(&word, word_list, word_count, sizeof(char *),
+                                   word_compare)) == NULL)
+        return WORD_NOT_FOUND;
+    else
+        return KADM5_OK;
+}
+
+/*
+ * Function: destroy_dict
+ *
+ * Purpose: destroy in-core copy of dictionary.
+ *
+ * Arguments:
+ *          none
+ *          <return value>  none
+ * Requires:
+ *          nothing
+ * Effects:
+ *      frees up memory occupied by word_list and word_block
+ *      sets count back to 0, and resets the pointers to NULL
+ *
+ * Modifies:
+ *      word_list, word_block, and word_count.
+ *
+ */
+
+void
+destroy_dict(void)
+{
+    if(word_list) {
+        free(word_list);
+        word_list = NULL;
+    }
+    if(word_block) {
+        free(word_block);
+        word_block = NULL;
+    }
+    if(word_count)
+        word_count = 0;
+    return;
+}

Modified: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/Makefile.in
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/Makefile.in	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/Makefile.in	2010-06-14 19:26:20 UTC (rev 24135)
@@ -10,8 +10,8 @@
 
 LIBBASE=plugin_pwd_qlty_krb
 
-STLIBOBJS= plugin_pwd_qlty_impl.o server_dict.o
-SRCS= $(srcdir)/plugin_pwd_qlty_impl.c  $(srcdir)/server_dict.c
+STLIBOBJS= plugin_pwd_qlty_krb_impl.o server_dict.o
+SRCS= $(srcdir)/plugin_pwd_qlty_krb_impl.c  $(srcdir)/server_dict.c
 
 STOBJLISTS=OBJS.ST
 

Modified: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/deps
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/deps	2010-06-11 21:03:03 UTC (rev 24134)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/deps	2010-06-14 19:26:20 UTC (rev 24135)
@@ -1,11 +1,11 @@
 # 
 # Generated makefile dependencies follow.
 #
-plugin_pwd_qlty_impl.so plugin_pwd_qlty_impl.po $(OUTPRE)plugin_pwd_qlty_impl.$(OBJEXT): \
+plugin_pwd_qlty_krb_impl.so plugin_pwd_qlty_krb_impl.po $(OUTPRE)plugin_pwd_qlty_krb_impl.$(OBJEXT): \
   $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) \
-  $(top_srcdir)/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_impl.h \
+  $(top_srcdir)/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.h \
   $(top_srcdir)/lib/kadm5/admin.h \
   $(top_srcdir)/plugin_core/plugin_manager.h \
   $(top_srcdir)/plugin_core/plugin_factory.h \
-  plugin_pwd_qlty_impl.c
+  plugin_pwd_qlty_krb_impl.c
 

Copied: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.c (from rev 24108, branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_impl.c)
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.c	                        (rev 0)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.c	2010-06-14 19:26:20 UTC (rev 24135)
@@ -0,0 +1,172 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+
+#include "k5-int.h"
+
+#include <plugin_manager.h>
+#include <plugin_pwd_qlty.h>
+#include "plugin_pwd_qlty_krb_impl.h"
+#include    <string.h>
+#include    <ctype.h>
+
+
+#ifdef HESIOD
+/* stolen from v4sever/kadm_funcs.c */
+static char *
+reverse(str)
+    char    *str;
+{
+    static char newstr[80];
+    char    *p, *q;
+    int     i;
+
+    i = strlen(str);
+    if (i >= sizeof(newstr))
+        i = sizeof(newstr)-1;
+    p = str+i-1;
+    q = newstr;
+    q[i]='\0';
+    for(; i > 0; i--)
+        *q++ = *p--;
+
+    return(newstr);
+}
+
+static int
+str_check_gecos(gecos, pwstr)
+    char    *gecos;
+    char    *pwstr;
+{
+    char            *cp, *ncp, *tcp;
+
+    for (cp = gecos; *cp; ) {
+        /* Skip past punctuation */
+        for (; *cp; cp++)
+            if (isalnum(*cp))
+                break;
+        /* Skip to the end of the word */
+        for (ncp = cp; *ncp; ncp++)
+            if (!isalnum(*ncp) && *ncp != '\'')
+                break;
+        /* Delimit end of word */
+        if (*ncp)
+            *ncp++ = '\0';
+        /* Check word to see if it's the password */
+        if (*cp) {
+            if (!strcasecmp(pwstr, cp))
+                return 1;
+            tcp = reverse(cp);
+            if (!strcasecmp(pwstr, tcp))
+                return 1;
+            cp = ncp;
+        } else
+            break;
+    }
+    return 0;
+}
+#endif /* HESIOD */
+
+
+static kadm5_ret_t
+_plugin_pwd_qlty_check(kadm5_server_handle_t srv_handle,
+             char *password, int use_policy, kadm5_policy_ent_t pol,
+             krb5_principal principal)
+{
+    int nupper = 0,
+        nlower = 0,
+        ndigit = 0,
+        npunct = 0,
+        nspec  = 0;
+    char    c, *s, *cp;
+
+#ifdef HESIOD
+    extern  struct passwd *hes_getpwnam();
+    struct  passwd *ent;
+#endif
+
+#ifdef DEBUG_PLUGINS
+    printf("Plugin pwd qlty KRB\n");
+#endif
+
+    if(use_policy) {
+        if(strlen(password) < (unsigned int)pol->pw_min_length)
+            return KADM5_PASS_Q_TOOSHORT;
+        s = password;
+        while ((c = *s++)) {
+            if (islower((unsigned char) c)) {
+                nlower = 1;
+                continue;
+            }
+            else if (isupper((unsigned char) c)) {
+                nupper = 1;
+                continue;
+            } else if (isdigit((unsigned char) c)) {
+                ndigit = 1;
+                continue;
+            } else if (ispunct((unsigned char) c)) {
+                npunct = 1;
+                continue;
+            } else {
+                nspec = 1;
+                continue;
+            }
+        }
+        if ((nupper + nlower + ndigit + npunct + nspec) < pol->pw_min_classes)
+            return KADM5_PASS_Q_CLASS;
+        if((find_word(password) == KADM5_OK))
+            return KADM5_PASS_Q_DICT;
+        else {
+            int i, n = krb5_princ_size(handle->context, principal);
+            cp = krb5_princ_realm(handle->context, principal)->data;
+            if (strcasecmp(cp, password) == 0)
+                return KADM5_PASS_Q_DICT;
+            for (i = 0; i < n ; i++) {
+                cp = krb5_princ_component(handle->context, principal, i)->data;
+                if (strcasecmp(cp, password) == 0)
+                    return KADM5_PASS_Q_DICT;
+#ifdef HESIOD
+                ent = hes_getpwnam(cp);
+                if (ent && ent->pw_gecos)
+                    if (str_check_gecos(ent->pw_gecos, password))
+                        return KADM5_PASS_Q_DICT; /* XXX new error code? */
+#endif
+            }
+            return KADM5_OK;
+        }
+    } else {
+        if (strlen(password) < 1)
+            return KADM5_PASS_Q_TOOSHORT;
+    }
+    return KADM5_OK;
+
+}
+
+static kadm5_ret_t
+_plugin_pwd_qlty_init(kadm5_server_handle_t handle)
+{
+    init_dict(&handle->params);
+    return 0;
+}
+
+static void
+_plugin_pwd_qlty_clean()
+{
+    destroy_dict();
+    return;
+}
+
+plhandle
+plugin_pwd_qlty_krb_create()
+{
+        plhandle handle;
+        plugin_pwd_qlty* api = malloc(sizeof(plugin_pwd_qlty));
+
+        memset(api, 0, sizeof(plugin_pwd_qlty));
+        api->version = 1;
+        api->plugin_id = PWD_QLTY_KRB;
+        api->pwd_qlty_init    = _plugin_pwd_qlty_init;
+        api->pwd_qlty_check   = _plugin_pwd_qlty_check;
+        api->pwd_qlty_cleanup = _plugin_pwd_qlty_clean;
+        handle.api = api;
+
+        return handle;
+}


Added: svn:mergeinfo
   + 

Copied: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.h (from rev 24108, branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_impl.h)
===================================================================
--- branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.h	                        (rev 0)
+++ branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.h	2010-06-14 19:26:20 UTC (rev 24135)
@@ -0,0 +1,14 @@
+/*
+ * plugin_pwd_qlty_krb_impl.h
+ *
+ */
+
+#ifndef PLUGIN_PWD_QLTY_KRB_IMPL_H_
+#define PLUGIN_PWD_QLTY_KRB_IMPL_H_
+
+#include <plugin_manager.h>
+#include <plugin_pwd_qlty.h>
+
+plhandle plugin_pwd_qlty_krb_create(void);
+
+#endif /* PLUGIN_PWD_QLTY_KRB_IMPL_H_ */


Added: svn:mergeinfo
   + 

Property changes on: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.c
___________________________________________________________________
Property changes on: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_X/plugin_pwd_qlty_X_impl.h
___________________________________________________________________
Property changes on: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.c
___________________________________________________________________
Property changes on: branches/plugins/src/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_krb_impl.h
___________________________________________________________________



More information about the cvs-krb5 mailing list