circular reference between libkrb5 and libk5crypto
Sam Hartman
hartmans at MIT.EDU
Wed Jan 5 20:30:32 EST 2005
>>>>> "John" == John Hascall <john at iastate.edu> writes:
>> Clearly libkrb5 uses libk5crypto.
>>
>> I seem to have created a case where libk5crypto wants to use
>> libkrb5. In particular, as part of implementing a PRF, I
>> called krb5_init_keyblock because I was setting up a derived
>> key.
>>
>> That ends up coming from libkrb5, which is
>> probematiproblematic.
>>
>> One proposal would be to move these routines into k5crypto.
>> I'm concerned that doing so would break our ABI on AIX and
>> Debian (because of symbol versions).
>>
>> I'm not sure what the right solution is besides that.
John> How about: 1) Move krb5_init_keyblock;s code into k5crypto
John> using some new function name 2) Make krb5_init_keyblock
John> (still in libkrb5) do nothing but call "1" above 3) When in
John> k5crypto call the new function name. 4) Optionally phase
John> out calls to krb5_init_keyblock over time.
Discussion here favors implementing 1-3.
--Sam
More information about the krbdev
mailing list