On Mon, 2009-01-26 at 14:10 -0500, Peter Shoults wrote: > Mark Phalan wrote: > > On Tue, 2009-01-20 at 19:27 +0100, Mark Phalan wrote: > > > >> On Tue, 2009-01-20 at 13:14 -0500, Peter Shoults wrote: > >> > >>>>> 6784485 keys for kadmind princs should be created with all supported > >>>>> enc-types > >>>>> http://cr.opensolaris.org/~mbp/6784485-enctypes_for_default_kadmin_princs/ > >>>>> > >>>>> > >>> 1) Should we be calling > >>> > >>> krb5_free_ktypes(context, enctype); > >>> > >>> IF we failed the malloc() on line 321? > >>> > >> Yup, nice catch. I'll make the change. > >> > >> > >>> 2) Line 341 of new file - How are you determining you are only creating > >>> keys with "Normal" enctypes? > >>> > >> Normal _salt_types. > >> Line 330 a "normal" salttype is created. This salttype is used when > >> creating the keys. See line 344 where the salttype is being set. > >> > >> > >>> Otherwise looks good. > >>> > > > > Sorry to bother you with this again but when going over my fixes a final > > time I saw a more elegant way to deal with 6776724 > > > > The updated webrev is posted here: > > > > http://cr.opensolaris.org/~mbp/6776724-updated/ > > > > The only thing which has changed is the fix for 6776724. Its just a one > > line change (+copyright year). > > The -znodelete option marks the pkinit plugin as something not to be > > deleted even if its dlclosed. You can find out more in ld(1). I've > > tested it and it works fine. > > > > Cheers, > > > > -M > > > > _______________________________________________ > > kerberos-discuss mailing list > > kerberos-discuss at opensolaris.org > > http://mail.opensolaris.org/mailman/listinfo/kerberos-discuss > > > Don'tt forget to update the CR record with this new information.
CRs will be updated. > Also, > when I looked at the ld manpage, it says this > > " Marks the object as non-deletable at runtime. This mode > is similar to adding the object to the process by using > dlopen(3C) with the RTLD_NODELETE mode." > > I do not know the answer to this, but is using z nodelete prefered over > using dlopen with the RTLD_NODELETE mode? Is there a rule about that in > cstyle or something or advantages of one way over the other? Well the clear advantage in this case is that its pkinit plugin specific. Other plugins will be deleted on dlclose(). The other advantage is that no source code needs to be changed so we can keep our differences with MIT to a minimum. -M
