4 files changed, 47 insertions, 5 deletions

diff --git a/src/pluto/keys.c b/src/pluto/keys.c
index 7aea81fbf..eed81230f 100644
--- a/src/pluto/keys.c
+++ b/src/pluto/keys.c
@@ -683,14 +683,14 @@ xauth_defaults(void)
     if (xauth_module.get_secret == NULL)
     {
 	DBG(DBG_CONTROL,
-	    DBG_log("xauth_module: using default get_secret() function")
+	    DBG_log("xauth module: using default get_secret() function")
 	)
 	xauth_module.get_secret = xauth_get_secret;
     }
     if (xauth_module.verify_secret == NULL)
     {
 	DBG(DBG_CONTROL,
-	    DBG_log("xauth_module: using default verify_secret() function")
+	    DBG_log("xauth module: using default verify_secret() function")
 	)
 	xauth_module.verify_secret = xauth_verify_secret;
     }
diff --git a/src/pluto/plutomain.c b/src/pluto/plutomain.c
index 4a4f30acf..f8cc75cde 100644
--- a/src/pluto/plutomain.c
+++ b/src/pluto/plutomain.c
@@ -599,7 +599,7 @@ main(int argc, char **argv)
     init_nat_traversal(nat_traversal, keep_alive, force_keepalive, nat_t_spf);
     init_virtual_ip(virtual_private);
     scx_init(pkcs11_module_path);   /* load and initialize PKCS #11 module */
-    xauth_init();		    /* load and initialize XAUTH module */
+    xauth_init();  		    /* load and initialize XAUTH module */
     init_rnd_pool();
     init_secret();
     init_states();
diff --git a/src/pluto/xauth.c b/src/pluto/xauth.c
index e44ac4ec9..1947609bd 100644
--- a/src/pluto/xauth.c
+++ b/src/pluto/xauth.c
@@ -15,22 +15,63 @@
  * RCSID $Id: xauth.c,v 1.1 2005/01/06 22:10:15 as Exp $
  */
 
+#include <dlfcn.h>
+
 #include <freeswan.h>
 
 #include "constants.h"
 #include "defs.h"
 #include "xauth.h"
 #include "keys.h"
+#include "log.h"
 
 void 
 xauth_init(void)
 {
-    /* TODO: locate and load dynamic XAUTH module */
+#ifdef XAUTH_DEFAULT_LIB
+    xauth_module.handle = dlopen(XAUTH_DEFAULT_LIB, RTLD_NOW);
+
+    if (xauth_module.handle != NULL)
+    {
+	DBG(DBG_CONTROL,
+	    DBG_log("xauth module '%s' loading'", XAUTH_DEFAULT_LIB)
+	)
+	xauth_module.get_secret = (bool (*) (const xauth_t*))
+			dlsym(xauth_module.handle, "get_secret");
+	DBG(DBG_CONTROL,
+	    if (xauth_module.get_secret != NULL)
+	    {
+		DBG_log("xauth module: found get_secret() function");
+	    }
+	)
+	xauth_module.verify_secret = (bool (*) (const xauth_t*))
+			dlsym(xauth_module.handle, "verify_secret");
+	DBG(DBG_CONTROL,
+	    if (xauth_module.verify_secret != NULL)
+	    {
+		DBG_log("xauth module: found verify_secret() function");
+	    }
+	)
+    }
+#endif
+    /* any null function pointers will be filled in by default functions */
     xauth_defaults();
 }
 
 void
 xauth_finalize(void)
 {
-    /* TODO: unload dynamic XAUTH module */
+    if (xauth_module.handle != NULL)
+    {
+	if (dlclose(xauth_module.handle))
+	{
+	    plog("failed to unload xauth module");
+	}
+	else
+	{
+	    DBG(DBG_CONTROL,
+		DBG_log("xauth module unloaded")
+	    )
+	}
+    }
 }
diff --git a/src/pluto/xauth.h b/src/pluto/xauth.h
index f60d1d025..f86cbb1cd 100644
--- a/src/pluto/xauth.h
+++ b/src/pluto/xauth.h
@@ -28,6 +28,7 @@ typedef struct {
 } xauth_t;
 
 typedef struct {
+    void *handle;
     bool (*get_secret) (const xauth_t *xauth_secret);
     bool (*verify_secret) (const xauth_t *xauth_secret);
 } xauth_module_t;