[16333] in Kerberos_V5_Development
Re: Project Review: kinit -C
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Sep 17 11:34:31 2010
From: Greg Hudson <ghudson@mit.edu>
To: John Hascall <john@iastate.edu>
In-Reply-To: <5522.1284736291@malison.ait.iastate.edu>
Date: Fri, 17 Sep 2010 11:34:27 -0400
Message-ID: <1284737667.5992.1785.camel@ray>
Mime-Version: 1.0
Cc: Kerberos Devel list <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Fri, 2010-09-17 at 11:11 -0400, John Hascall wrote:
> > Feel free to take a look at kdc/main.c and lib/apputils/net-server.c and
> > decide where you'd put the if statement here or there. :) I don't think
> > it's impossible, but what we have right now is already kind of an
> > octopus.
>
> Sound like a re-factor might be in order :)
The preprocessor chicken-scratch could be contained a bit better, but
really, it's factored reasonably well. The problem is the inherent
complexity of:
* Sharing code between KDC and kadmind
* TCP, UDP, and (for kadmind) RPC
* IPv4 and IPv6
* pktinfo or separate per-interface UDP listeners (frequently pktinfo
for IPv6 and per-interface listeners for IPv4)
* The non-portability of iterating over network interface addresses
* The non-portability of listening for routing socket updates
And then on the KDC side, separate port specifications per realm.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
