Implementing preauthentication using loadable modules
Ken Raeburn
raeburn at MIT.EDU
Mon Oct 2 19:40:47 EDT 2006
On Oct 2, 2006, at 10:06, Kevin Coffman wrote:
> On 10/2/06, Nalin Dahyabhai <nalin at redhat.com> wrote:
>> On Fri, Sep 29, 2006 at 03:30:50PM -0400, Kevin Coffman wrote:
>>> Something else I'd like to see added is a module initialization and
>>> cleanup (init/fini) function as is defined for the other module
>>> interfaces. We found this convenient to do required openssl
>>> initialization.
>>
>> Makes sense. The KDC loads its modules once, so no problem
>> there. At
>> the moment, libkrb5 loads and unloads modules for each call to
>> krb5_get_init_creds() -- would that cause problems for libraries like
>> OpenSSL?
We've already got hooks for load-time initialization (and unload-time
cleanup).
The functions added to the other plugins are intended for per-context
initialization. And the KDC does create multiple contexts.
> I think we need to initialize our use each time we are loaded, so it
> shouldn't be a problem.
If it only needs to be called once for the process, is the existing
load-time hook not adequate?
Ken
More information about the krbdev
mailing list