logo_kerberos.gif

Projects/DB Entry Redesign

From K5Wiki
< Projects
Revision as of 04:57, 20 July 2010 by Ghudson (talk | contribs) (New page: {{project-early}} This project has been split out of Projects/Database Access Layer cleanup. ==Background== The current in-memory data structure for KDB principal entries is designe...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.


This project has been split out of Projects/Database Access Layer cleanup.

Background

The current in-memory data structure for KDB principal entries is designed around the needs of the DB2 module. As a result, it is at times cumbersome to use by the KDB and kadmind, which must search through the tl_data table for information not originally represented in DB2 databases.

Goals

This project is to redesign the in-memory structure for KDB principal entries, either by making it totally opaque, or just by making it more logical from the perspective of the KDC and kadmind. Specific desirables include:

  • Eliminate e_length, e_data, and tl_data, replacing them with the logical elements currently stored using tl_data.
  • Provide a well-defined place for module-specific entry data.
  • Abstract key data accesses through a functional interface, to better handle AD-style modules which store the password rather than a list of keys.