Release Meeting Minutes/2011-06-21

From K5Wiki

< Release Meeting Minutes

Jump to: navigation, search

Will Fiveash, Thomas Hardjono, Greg Hudson, Carlos Garay, Nathaniel McCallum, Simo Sorce, Zhanna Tsitkova, Tom Yu

[ PAD stuff. Josh Howlett's messages to krb-wg... ]

DNS pain

Simo: Problems in glibc related to getaddrinfo(). Tried to log into a host via ssh but kept requesting wrong principal. Tried turning off rdns (in libdefaults) etc. Finally ran gdb to discover that getaddrinfo() does PTR record lookup (when AF_INET and AI_CANONNAME).

Tom: Does it do likewise with AF_INET6?

Simo: unknown

Greg: No idea why we use AF_INET in sn2princ?

Tom: Bug workaround? [ unknown ] getaddrinfo() seems very unportable after 10+ years...

Greg: No real other choice for IPv6. No obvious notes from Ken Raeburn on this situation.

Tom: Drop getaddrinfo() completely?

Greg: We want to have domain name appended in case the user doesn't type the FQDN. Alias resolution.

Tom: Another knob to turn off forward resolution?

Greg: Reading resolv.conf to emulate domain search list seems problematic. Long-term, KDC should set a flag "trust me for aliases".

Simo: Shorter term?

Greg: I'll ask Ken why we use AF_INET in sn2princ.

Simo: OK as first step. Maybe don't set AI_CANONNAME at all?

Greg: Maybe. In any case don't overload rdns, because the call to getaddrinfo() is intended to do a forward resolution.

Tom: Maybe another knob for forward DNS.

[ Tom will set up some test case DNS records in kerberos.org domain. ]

Tom: Also some issues with gethostname(), e.g. whether it appends the domain name.

Greg: Most Linux distributions give just the short name.

Simo: Depends on configuration.

Greg: See Projects/Acceptor_Names.

libverto

Nathaniel: libverto. Code mostly up. https://fedorahosted.org/libverto/

Tom: Too bad about idle support. [ libdispatch, etc. does some nice things with that sort of task queue thing ]

Nathaniel: Back end for libevent ~120 lines. Are blocks (C language extension) needed in libdispatch?

Tom: Only needed for interface convenience. Without blocks, you don't get the entire API (you miss the blocks-dependent interfaces), but you still get the complete functionality.

Nathaniel: verto.c:verto_free() ...handles some signal races during unload.

Nathaniel: Where to test? (Doing Linux already.)

Greg: Solaris.

Nathaniel: Nothing too GNU-specific: dladdr() and asprintf().

Misc.

Will: Glenn was working on code... what's the rule on testing for null before calling free()?

Greg: We recently made a massive move toward not testing. [ Was needed a long time ago for platforms that had a conforming C compiler but libc was nonconforming in a way that made free(NULL) unsafe. ]

Tom: Planning patch releases for early/mid-July.

Retrieved from "https://k5wiki.kerberos.org./wiki?title=Release_Meeting_Minutes/2011-06-21&oldid=3875"

Release meeting minutes 2011

Navigation menu