Custom kdc lookup
paul.moore at centrify.com
Mon Aug 16 16:28:20 EDT 2004
I am already implementing it - I will send you diffs when its done.
The main issue I see is the it forces the krb5_locate_kdc interface (or
the logical equivalent of it) to become public. This interface is not
entirely obvious and has a history of changing. I am simply working with
the released 1.3.4 signature.
Of course you can imagine a much more sophisticated mechanism than I
propose (dynamic loading of plugin library based on config file) however
I don't need it for my usage. Hmm - actually the more I think about it
the more useful that sounds. Then of course one would want to generalize
the mechanism to allow plugin at all major points (dynamically loadable
encryption types is the obvious one - and long overdue)
Anyway I am doing the simple one for now.
From: Sam Hartman [mailto:hartmans at mit.edu]
Sent: Monday, August 16, 2004 11:23 AM
To: Paul Moore
Cc: krbdev at MIT.EDU
Subject: Re: Custom kdc lookup
It's an old topic; there's some desire to support the functionality you
desire. We may have implementation resources soon for this idea.
We're probably going to be more interested in a plugin architecture than
in app-specific replacements of the KDC location strategy.
If we do not and you have time to implement something yourself, we would
probably be interested in evaluating any contributions you have.
More information about the krbdev