Make preauth_module_dir override, rather than supplement, the

built-in path list, to avoid problems with running the same preauth
module twice.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23602 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 20 insertions, 66 deletions

diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index 18052cf4e..c5dfb1f9b 100644
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -391,45 +391,22 @@ static struct plugin_dir_handle preauth_plugins;
 
 /* Open plugin directories for preauth modules. */
 static krb5_error_code
-open_preauth_plugin_dirs(krb5_context kcontext)
+open_preauth_plugin_dirs(krb5_context ctx)
 {
     static const char *path[] = {
         KRB5_CONF_LIBDEFAULTS, KRB5_CONF_PREAUTH_MODULE_DIR, NULL,
     };
     char **profpath = NULL;
-    const char **plugindirs = NULL;
-    size_t nprofdirs, nobjdirs;
-    krb5_error_code retval;
-
-    /* Fetch the list of paths specified in the profile, if any. */
-    retval = profile_get_values(kcontext->profile, path, &profpath);
-    if (retval != 0 && retval != PROF_NO_RELATION)
-        return retval;
-
-    /* Count the number of profile dirs. */
-    nprofdirs = 0;
-    if (profpath) {
-        while (profpath[nprofdirs] != NULL)
-            nprofdirs++;
-    }
-
-    nobjdirs = sizeof(objdirs) / sizeof(*objdirs);
-    plugindirs = k5alloc((nprofdirs + nobjdirs) * sizeof(char *), &retval);
-    if (retval != 0)
-        goto cleanup;
-
-    /* Concatenate the profile and hardcoded directory lists. */
-    if (profpath)
-        memcpy(plugindirs, profpath, nprofdirs * sizeof(char *));
-    memcpy(plugindirs + nprofdirs, objdirs, nobjdirs * sizeof(char *));
-
-    retval = krb5int_open_plugin_dirs(plugindirs, NULL, &preauth_plugins,
-                                      &kcontext->err);
-
-cleanup:
+    const char **dirs;
+    krb5_error_code ret;
+
+    ret = profile_get_values(ctx->profile, path, &profpath);
+    if (ret != 0 && ret != PROF_NO_RELATION)
+        return ret;
+    dirs = (profpath != NULL) ? (const char **) profpath : objdirs;
+    ret = krb5int_open_plugin_dirs(dirs, NULL, &preauth_plugins, &ctx->err);
     profile_free_list(profpath);
-    free(plugindirs);
-    return retval;
+    return ret;
 }
 
 krb5_error_code
diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c
index d1d2827de..cf99a29b1 100644
--- a/src/lib/krb5/krb/preauth2.c
+++ b/src/lib/krb5/krb/preauth2.c
@@ -72,46 +72,23 @@ typedef struct _pa_types_t {
 
 /* Open plugin directories for preauth modules. */
 static krb5_error_code
-open_preauth_plugin_dirs(krb5_context kcontext)
+open_preauth_plugin_dirs(krb5_context ctx)
 {
     static const char *path[] = {
         KRB5_CONF_LIBDEFAULTS, KRB5_CONF_PREAUTH_MODULE_DIR, NULL,
     };
     char **profpath = NULL;
-    const char **plugindirs = NULL;
-    size_t nprofdirs, nobjdirs;
-    krb5_error_code retval;
-
-    /* Fetch the list of paths specified in the profile, if any. */
-    retval = profile_get_values(kcontext->profile, path, &profpath);
-    if (retval != 0 && retval != PROF_NO_RELATION)
-        return retval;
-
-    /* Count the number of profile dirs. */
-    nprofdirs = 0;
-    if (profpath) {
-        while (profpath[nprofdirs] != NULL)
-            nprofdirs++;
-    }
-
-    nobjdirs = sizeof(objdirs) / sizeof(*objdirs);
-    plugindirs = k5alloc((nprofdirs + nobjdirs) * sizeof(char *), &retval);
-    if (retval != 0)
-        goto cleanup;
-
-    /* Concatenate the profile and hardcoded directory lists. */
-    if (profpath)
-        memcpy(plugindirs, profpath, nprofdirs * sizeof(char *));
-    memcpy(plugindirs + nprofdirs, objdirs, nobjdirs * sizeof(char *));
-
-    retval = krb5int_open_plugin_dirs(plugindirs, NULL,
-                                      &kcontext->preauth_plugins,
-                                      &kcontext->err);
+    const char **dirs;
+    krb5_error_code ret;
 
-cleanup:
+    ret = profile_get_values(ctx->profile, path, &profpath);
+    if (ret != 0 && ret != PROF_NO_RELATION)
+        return ret;
+    dirs = (profpath != NULL) ? (const char **) profpath : objdirs;
+    ret = krb5int_open_plugin_dirs(dirs, NULL, &ctx->preauth_plugins,
+                                   &ctx->err);
     profile_free_list(profpath);
-    free(plugindirs);
-    return retval;
+    return ret;
 }
 
 /* Create the per-krb5_context context. This means loading the modules