ANAME_DB re-enable with patch.
Roland C. Dowdeswell
elric at imrryr.org
Wed Sep 1 17:03:03 EDT 2010
On Wed, Sep 01, 2010 at 01:54:15PM -0700, Russ Allbery wrote:
>
> "Roland C. Dowdeswell" <elric at imrryr.org> writes:
>
> > I found ANAME_DB in the code but it appears to have been disabled, so I
> > revived it along with converting it to use the BDB code which is already
> > in the Kerberos libs rather than DBM.
>
> I hate to see that BDB code being used for anything new, since it's
> essentially a fork of something that's now completely unmaintained
> upstream. I don't know that I have a good alternative, though (although I
> bet a simple scan of a text file would be fast enough in many cases).
>
> Have folks considered embedding TDB? http://tdb.samba.org/
I wasn't incredibly excited by the use of that version of BDB,
either. But, it is already in the srcs which makes it attactive
for now.
Given the configuration file syntax, though, we could offer a few
options. Right now the BDB interface is:
REALM = {
...
auth_to_local = DB:/var/tmp/an2ln.db
}
It would be easy to provide a different one via TDB:/path/to/db or
perhaps it would make more sense for me to use KBDB:/path/to/db to
indicate that I'm using the Kerberos BDB implementation.
TDB or CDB would both be reasonable choices. Anything that I can
link into libkrb5.so statically so that I'm not at risk of accidentally
changing my ABI by requiring additional shared objects.
--
Roland Dowdeswell http://Imrryr.ORG/~elric/
More information about the krbdev
mailing list