[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Design Questions for Adding PTserver Support

"Henry B. Hotz" <hotz@jpl.nasa.gov> writes:

> I've got some patches to make the kafs lib in Heimdal do the pt server
> exchange to get the right uid for the AFS token.  I'm not satisfied
> that I'm doing the right thing for error handling though.
> The default is to use the local Unix uid for the token, but several
> app's seem to use some other information to supply the uid to use.
> ftpd, for example, pulls the uid out of a password file entry.  Is it
> worth hacking on the API in order to preserve these values as backups
> in case the ptserver doesn't respond?  (I'm hoping the answer is no,
> but I think the answer is yes.)

The uid that stored in the afs token interface is just to confuse the user,
it have not mening to the server or cache-manager. You can store nothing or
a number there, its all up to how you want to confuse the user.

> Second issue:  is there an Arla equivalent to pr_Initialize() that
> does  the whole parse-the-CellServDB-or-AFSDB-DNS-records-and-use-UBIK
> business?

the kocell_ api will use parse CellServDB and parse DNS appropriately.

> As long as I'm asking questions:  Anyone know when 0.7 will be
> released?  I'd kind of like to get an "official release" that supports
> AES (and PKINIT if possible).

I don't know. I think there are two issues left (db info parsing and
something else) before a release can be done. Any feedback on running
0.7-to-be is most welcome.


PGP signature