diff options
author | Andrew Boardman <amb@mit.edu> | 2006-08-23 23:36:45 +0000 |
---|---|---|
committer | Andrew Boardman <amb@mit.edu> | 2006-08-23 23:36:45 +0000 |
commit | fb08b991949fa83e5bb40a47c53a5ca2bb3daf5f (patch) | |
tree | 5d3917e1cc97a7f378c395b6fd820d8b8b573a51 | |
parent | 4b20dd2dfe55f594211dad279ab3eddf8a1af006 (diff) | |
download | krb5-fb08b991949fa83e5bb40a47c53a5ca2bb3daf5f.zip krb5-fb08b991949fa83e5bb40a47c53a5ca2bb3daf5f.tar.gz krb5-fb08b991949fa83e5bb40a47c53a5ca2bb3daf5f.tar.bz2 |
Add notes from meeting
git-svn-id: svn://anonsvn.mit.edu/krb5/users/amb/referrals@18521 dc483132-0cff-0310-8789-dd5450dbe970
-rw-r--r-- | TODO | 32 |
1 files changed, 30 insertions, 2 deletions
@@ -1,19 +1,47 @@ +from 21 aug 2006 meeting, notable screw cases and notes on same: + +- referrals which terminate at a non-referral-capable realm should retry + the final request without referrals turned on (the "referrals to MIT" case) +- intermediate cross-realm TGTs should not be cached, only the final + service ticket, anything from the local KDC, and anything that came up + during the degenerate (walk_realm_tree) unreferred traversal case +- "too many hops" failure can be a hard failure +- TGT referrals per original 4120 spec should continue to Just Work + - the code path for this is different and doesn't check much. + is this a gaping hole waiting to be filled maliciously? +- bug: principal parsing fails with zero-length realm +- maybe bug: win->athena referrals don't work + - hey, wait, there's no cross-realm TGT there. wacky. +- the case where we make a default realm assumption is very important to + maintain the current functionality with +- it's more important to minimize KDC round-trips and perform to + minimally functional spec than to make all possible (and probably + futile) fallbacks + current: - now that we're getting real referral tickets handle them properly in krb5_get_cred_from_kdc_opt - referral-relevant credential checks in krb5_get_cred_via_tkt completely disabled; fix +- verify that cached tickets work properly (it seems so) +- rewrite verification to be more tightly-coupled to referral case +- when should ccache be checked during referral process? never? low-priority: - code (or explicitly punt) edge cases in krb5_get_cred_from_kdc_opt - add klist option to print actual credential principal +- referral loop checking + +later, hopefully soon: +- padata parsing final: - check namespace use with tom - review code for: - - string safety, particularly strcmp use + - string safety, particularly strcmp use -- nothing is guaranteed to be a string, + do not use string functions at all. - memory leaks -- check assumptions on dereference of credential members +- check assumptions on assumed dereferencability of credential members - code format - remove tracing/debugging code |