Implementing preauthentication using loadable modules

Sam Hartman hartmans at MIT.EDU
Thu Oct 5 18:14:49 EDT 2006

>>>>> "Nalin" == Nalin Dahyabhai <nalin at> writes:

    Nalin> What would new minor version numbers designate?  I can
    Nalin> imagine that if the interface were extended by adding new
    Nalin> items to the end of one structure or another, that the
    Nalin> routines which load the modules could use the minor version
    Nalin> number to determine where the structure provided by the
    Nalin> module "ends".


    Nalin> In the short term, would those functions need to be
    Nalin> modified to reject modules which implement a newer minor
    Nalin> version than they support, or do we force modules which
    Nalin> implement newer minor versions to still work correctly if
    Nalin> the newer members are ignored?

I think that's the major difference between a minor version change and
a major version change.  If we change in a manner where the kdc or
client requires new functionality or we add interfaces that need to be
called differently then we bump the major version.  I guess it's
possible that you could have a module that really is only useful with
new functionality.  The KDC could give its minor version as an
argument to the module init routine.

More information about the krbdev mailing list