krb5 commit [krb5-1.20]: Fix PKCS11 module path search

ghudson at mit.edu ghudson at mit.edu
Tue Nov 15 11:32:02 EST 2022 

https://github.com/krb5/krb5/commit/3401546ecd8abc0d51347c329c8db7933a620d0d
commit 3401546ecd8abc0d51347c329c8db7933a620d0d
Author: sashan <anedvedicky at gmail.com>
Date:   Sat Jun 18 00:05:32 2022 +0200

    Fix PKCS11 module path search
    
    Commit c5c11839e02c7993eb78f2c94c75c10cf93f2195 switched the loading
    of the PKCS#11 module from dlopen() to krb5int_open_plugin().  Because
    krb5int_open_plugin() includes a stat() test, this change has the
    unintended consequence of requiring the module name to be an absolute
    or relative path to the library, not a filename within the dynamic
    linker search path.
    
    Within krb5int_open_plugin(), only stat() the filename on the
    platforms which will use the file type.
    
    [ghudson at mit.edu: adjusted conditionals to call stat() on Windows;
    rewrote commit message]
    
    (cherry picked from commit e134d9a6b6332bd085093e9075c949ece784fcd0)
    
    ticket: 9067
    version_fixed: 1.20.1

 src/util/support/plugins.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/util/support/plugins.c b/src/util/support/plugins.c
index 1ff10c354..c6a9a21d5 100644
--- a/src/util/support/plugins.c
+++ b/src/util/support/plugins.c
@@ -189,9 +189,10 @@ long KRB5_CALLCONV
 krb5int_open_plugin (const char *filepath, struct plugin_file_handle **h, struct errinfo *ep)
 {
     long err = 0;
-    struct stat statbuf;
     struct plugin_file_handle *htmp = NULL;
     int got_plugin = 0;
+#if defined(USE_CFBUNDLE) || defined(_WIN32)
+    struct stat statbuf;
 
     if (!err) {
         if (stat (filepath, &statbuf) < 0) {
@@ -201,6 +202,7 @@ krb5int_open_plugin (const char *filepath, struct plugin_file_handle **h, struct
                          filepath, strerror(err));
         }
     }
+#endif
 
     if (!err) {
         htmp = calloc (1, sizeof (*htmp)); /* calloc initializes ptrs to NULL */
@@ -208,11 +210,12 @@ krb5int_open_plugin (const char *filepath, struct plugin_file_handle **h, struct
     }
 
 #if USE_DLOPEN
-    if (!err && ((statbuf.st_mode & S_IFMT) == S_IFREG
+    if (!err
 #if USE_CFBUNDLE
-                 || (statbuf.st_mode & S_IFMT) == S_IFDIR
+                 && ((statbuf.st_mode & S_IFMT) == S_IFREG
+                 || (statbuf.st_mode & S_IFMT) == S_IFDIR)
 #endif /* USE_CFBUNDLE */
-        )) {
+        ) {
         void *handle = NULL;
 
 #if USE_CFBUNDLE

More information about the cvs-krb5 mailing list