directory-kerby mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zheng, Kai" <kai.zh...@intel.com>
Subject Remote mode kadmin interoperable with MIT KDC
Date Sun, 03 Jan 2016 12:24:43 GMT
Hi folks,

As we discussed some time ago, we would need to support remote kadmin that's interoperable
with MIT KDC. As part of the upcoming release, I just reviewed and refined kerb-admin module.
As a result of it, I split Kadmin codes into two parts: LocalKadmin(impl) and RemoteKadmin(impl),
similar to the constructs in MIT Kerberos: kadmin local mode and kadmin remote mode. Please
check out the latest commit for it. Doing that way, it prepared the necessary setup for the
support. We'll also need to support XDR encoding/decoding for the required GSS-RPC stub. I
will spend some time in this direction laying on the necessary facilities and would welcome
any contribution to the feature functionalities. Note the major work for the client side is
all about communication (collecting operation parameters, encoding in XDR packet, and sending
via GSS protected layer); the real work in KadminServer side is trivial because we can just
reuse and delegate the call to LocalKadmin. Hope it can be done after RC2 before 1.0.0 formal
release.

Wish we can move even faster in the new year!

Regards,
Kai


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message