Date: Sun, 10 Jun 2001 20:14:57 +0200 (CEST) From: Gyori Sandor <gyori@szit.bme.hu> To: "Jacques A. Vidrine" <n@nectar.com> Cc: <freebsd-hackers@FreeBSD.ORG> Subject: Re: nsswitch dynamically loadable modules Message-ID: <20010610200113.T89118-100000@fourier.szit.bme.hu> In-Reply-To: <20010610125044.A60711@hellblazer.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Thank you for your detailed explanation, I'm sure it will be great. I have some short questions: On Sun, 10 Jun 2001, Jacques A. Vidrine wrote: > = I extended the implementation to support dynamically loaded > sources, and ported nss_ldap to use the invented interface. These > are the patches you referred to. This was a prototype to help me > understand the issues. They will never be committed, and should > not be used in production. By applying these patches (nsswitch & nss_ldap) did you get a proper working authentication via LDAP? I applied them, but system doesn't know LDAP's user names. This is my fault or I should even not try this way? > = I re-did the implementation using a design that I am happy > with, and interfaces which are agreed-upon-in-principal with the > NetBSD nsswitch author. In addition to new interfaces, this new > implementation is reentrant (although YP and our resolver is not). > A major design goal was to enable the creation of modules that are > stubs which talk to a long-running daemon that does the hard > work. PADL.COM's nss_ldap is (IMHO) completely unsuitable for a > production environment, particularly if you use SSL. May I see this code anywhere? I can't find info about above way on your homepage. > = Eventually I will finish the implementation just described. Left > to do is updating some resolver-oriented stuff like getaddrinfo, > and (importantly) creating an nsswitch-ldap daemon. > > If someone wants to work on this stuff, I would be happy to hand it > off after we had sufficient discussion so that I was confident the > design was understood. Otherwise, please wait. I wish I had finished > it sooner, but that's how it goes. No, I'm not able to do this work, but if you need some help (e.g. testing), I am ready. Do you have any idea approximately when will you finish it? I think it's very important. Best wishes, Sandor Gyori To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010610200113.T89118-100000>