Implementing preauthentication using loadable modules
Kevin Coffman
kwc at citi.umich.edu
Mon Oct 2 20:09:35 EDT 2006
On 10/2/06, Ken Raeburn <raeburn at mit.edu> wrote:
>
> On Oct 2, 2006, at 10:06, Kevin Coffman wrote:
>
> > On 10/2/06, Nalin Dahyabhai <nalin at redhat.com> wrote:
> >> On Fri, Sep 29, 2006 at 03:30:50PM -0400, Kevin Coffman wrote:
> >>> Something else I'd like to see added is a module initialization and
> >>> cleanup (init/fini) function as is defined for the other module
> >>> interfaces. We found this convenient to do required openssl
> >>> initialization.
> >>
> >> Makes sense. The KDC loads its modules once, so no problem
> >> there. At
> >> the moment, libkrb5 loads and unloads modules for each call to
> >> krb5_get_init_creds() -- would that cause problems for libraries like
> >> OpenSSL?
>
> We've already got hooks for load-time initialization (and unload-time
> cleanup).
>
> The functions added to the other plugins are intended for per-context
> initialization. And the KDC does create multiple contexts.
>
> > I think we need to initialize our use each time we are loaded, so it
> > shouldn't be a problem.
>
> If it only needs to be called once for the process, is the existing
> load-time hook not adequate?
>
> Ken
The load-time hook is through the use of
"__attribute__((constructor))" or something else that I'm missing?
Use of "__attribute__((constructor))" seems to work, so it looks like
that or whatever I'm missing should be sufficient.
K.C.
More information about the krbdev
mailing list