living in a multi-mech world
Nicolas Williams
Nicolas.Williams at sun.com
Tue May 1 18:19:49 EDT 2007
On Tue, May 01, 2007 at 05:58:15PM -0400, Danilo Almeida wrote:
> > Do we have mechanism plug-in modules export a function which returns a
> > struct full of function pointers? (This is similar to what our
> > Sun-derived mechglue implementation currently does.)
>
> I like a small variation of this:
>
> Call a function to return the struct. This allows for dynamic
> determination of what interface (struct full of pointers) to return.
> It makes it easy to switch what gets returned dynamically.
PKCS#11 is often used this way.
That said, mechglue can determine plug-in capabilities from: a)
presence/absence of symbols, b) calling the plug-in's
gss_inquire_mechs() and friends.
> As far as justification for an interface rather than dlopen w/dlsym
> for each symbols various symbol:
>
> The reason for having an interface rather than loading each symbol is
> that it makes it trivial for a caller to say "grab me an interface to
> the implementation of X" and then just call through it w/o having to
> write a bunch of dlopen/dlsym code.
The dlopen() happens once either way, and the dlsym() code is easily
macro-ized.
The thing I've learned that really helps if one is to dlsym() each
function separately is to have typedefs for each function pointer type.
This also helps simplify the definition of a mechglue-internal struct
containing the function pointers, and reduces the likelyhood of errors.
Nico
--
More information about the krbdev
mailing list