From owner-freebsd-hackers  Sun Jun 10 10:50:51 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from gw.nectar.com (gw.nectar.com [208.42.49.153])
	by hub.freebsd.org (Postfix) with ESMTP id E88D737B403
	for <freebsd-hackers@FreeBSD.ORG>; Sun, 10 Jun 2001 10:50:44 -0700 (PDT)
	(envelope-from nectar@nectar.com)
Received: by gw.nectar.com (Postfix, from userid 1001)
	id 71EEDAF600; Sun, 10 Jun 2001 12:50:44 -0500 (CDT)
Date: Sun, 10 Jun 2001 12:50:44 -0500
From: "Jacques A. Vidrine" <n@nectar.com>
To: Gyori Sandor <gyori@szit.bme.hu>
Cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: nsswitch dynamically loadable modules
Message-ID: <20010610125044.A60711@hellblazer.nectar.com>
Mail-Followup-To: "Jacques A. Vidrine" <n@nectar.com>,
	Gyori Sandor <gyori@szit.bme.hu>, freebsd-hackers@FreeBSD.ORG
References: <Pine.BSF.4.21.0106092126030.46154-100000@sasami.jurai.net> <20010610175233.J83779-100000@fourier.szit.bme.hu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010610175233.J83779-100000@fourier.szit.bme.hu>; from gyori@szit.bme.hu on Sun, Jun 10, 2001 at 06:24:58PM +0200
X-Url: http://www.nectar.com/
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Sun, Jun 10, 2001 at 06:24:58PM +0200, Gyori Sandor wrote:
> 1. I don't understand exactly why, but even into -CURRENT there was
> implemented only the statical part of nsswitch. 

Please search the archives for  full information.  Here is the history
in summary:

  = I ported NetBSD's nsswitch  implementation to FreeBSD-CURRENT.  It
    only  implements files,  NIS,  and Hesiod.   It  does not  support
    dynamically loaded sources.

  = I  extended  the  implementation  to  support  dynamically  loaded
    sources, and ported nss_ldap to use the invented interface.  These
    are the patches you referred to.   This was a prototype to help me
    understand the issues.   They will never be  committed, and should
    not be used in production.

  = I  re-did  the implementation  using  a  design  that I  am  happy
    with, and  interfaces which are agreed-upon-in-principal  with the
    NetBSD nsswitch author.   In addition to new  interfaces, this new
    implementation is reentrant (although YP and our resolver is not).
    A major design goal was to enable the creation of modules that are
    stubs  which talk  to a  long-running  daemon that  does the  hard
    work.  PADL.COM's  nss_ldap is (IMHO) completely  unsuitable for a
    production environment, particularly if you use SSL.

  = Eventually I will finish  the implementation just described.  Left
    to do  is updating some resolver-oriented  stuff like getaddrinfo,
    and (importantly) creating an nsswitch-ldap daemon.

If someone wants  to work on this  stuff, I would be happy  to hand it
off after  we had sufficient  discussion so  that I was  confident the
design was understood.  Otherwise, please wait.  I wish I had finished
it sooner, but that's how it goes.

Cheers,
-- 
Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message