When Directory Server calls a password storage scheme plug-in encode function, it passes that function an input password char * and expects an encoded password char * in return. The prototype for the example encode function, xorenc(), is as follows:
static char * xorenc(char * pwd);
Allocate space for the encoded password with slapi_ch_malloc() rather than regular malloc(). Directory Server can then terminate with an “out of memory” message if allocation fails memory with slapi_ch_free().
By convention, you prefix the encoded password with the name of the password storage scheme, enclosed in braces, { and }. In other words, the example plug-in is called XOR.
The name is declared in the example:
static char * name = "XOR"; /* Storage scheme name */
You return encoded strings prefixed with {XOR}. You also register the name with Directory Server.
#include "slapi-plugin.h" static char * name ="XOR"; /* Storage scheme name */ #define PREFIX_START '{' #define PREFIX_END '}' static char * xorenc(char * pwd) { char * tmp = NULL; /* Used for encoding */ char * head = NULL; /* Encoded password */ char * cipher = NULL; /* Prefix, then pwd */ int i, len; /* Allocate space to build the encoded password */ len = strlen(pwd); tmp = slapi_ch_malloc(len + 1); if (tmp == NULL) return NULL; memset(tmp, '\0', len + 1); head = tmp; /* Encode. This example is not secure by any means. */ for (i = 0; i < len; i++, pwd++, tmp++) *tmp = *pwd ^ 42; /* Add the prefix to the cipher */ if (tmp != NULL) { cipher = slapi_ch_malloc(3 + strlen(name) + strlen(head)); if (cipher != NULL) { sprintf(cipher,"%c%s%c%s",PREFIX_START,name,PREFIX_END,head); } } slapi_ch_free((void **) &head); return (cipher); /* Server frees cipher */ }
Notice that you free only memory allocated for temporary use. Directory Server frees memory for the char * returned, not the plug-in. For details on slapi_ch_malloc() and slapi_ch_free(), see Chapter 16, Function Reference, Part I.