[PATCHSET] Introduce SDB - a KDC backend abstraction
Andreas Schneider
asn at samba.org
Fri Jul 31 10:06:13 UTC 2015
On Friday 31 July 2015 10:47:32 Andrew Bartlett wrote:
> On Wed, 2015-07-29 at 13:36 +0200, Andreas Schneider wrote:
> > Hello,
> >
> > attached is a patchset which brings us again a step forward. It
> > introduces SDB
> > a KDC backend abstraction. It implements a sdb to hdb translation
> > layer.
> >
> > I've gone through the patches with Alexander and we cleaned up the
> > interface
> > yesterday. It passes a full 'make test' on my machine.
> >
> > I will plan to push it tomorrow.
>
> I'm sorry to see this pushed in such a rush. As I've said before, this
> is a delicate area, and I would like to explicitly review each change
> here, and to other parts of our KDC infrastructure.
I do not see a rush here. We introduced SDB last year at the SambaXP
conference and we explained the implementation at the SambaXP conference again
this year. SDB is in place since quite some time now.
We based SDB on HDB so that the changes to the code are minimal.
> It seems we now have a partial copy of the Heimdal ABI in our tree,
> that if we diverge will cause some nasty challenges.
Which changes to HDB are expected that you see nasty challenges coming up?
> I still don't see
> why couldn't we just keep the hdb structures, but if we must have this
> half-copy, can we please have some assertions that the #defines and
> bitmaps in sdb.h really are identical?
Because we build against system MIT Kerberos and do not want to build and/or
link Heimdal!
If the flags are changed, we can change sdb_flags_to_hdb_flags() to translate
them instead of just copying them ...
> In particular, why was int2SDBFlags done in the sdb layer, rather than
> in the hdb layer?
It is used by db-glue?
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the samba-technical
mailing list