[Kerberos] Are the current refactoring changes going to break Triplesec?

Web Server Talk > Web Servers reviews > Apache Server configuration support > Apache Directory Project > [Kerberos] Are the current refactoring changes going to break Triplesec?

Last Thread Next Thread Next

[Kerberos] Are the current refactoring changes going to break Triplesec?

Alex Karasulu

07-21-07 06:11 PM

Enrique,

I'm just curious if the current refactoring changes you're making are going
to break Triplesec.
Are you tracking if these changes break the way the verifiers are used so
the HOTP verifier
is not broken in Triplesec?

Alex

[ Post a follow-up to this message ]

Re: [Kerberos] Are the current refactoring changes going to break Triplesec?

Emmanuel Lecharny

07-21-07 06:11 PM

Hi,

yes, I wish that refactoring are done only on parts we now have tests
cases. The major issue we currently have with kerberos is the lack of
tests case. As soon as the tests case are written, it's ok, to
refactor the code, but tests case should cover the current server and
TSec too, as it's now a part of the project.

Thanks.

On 7/21/07, Alex Karasulu <akarasulu-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
> Enrique,
>
> I'm just curious if the current refactoring changes you're making are goi=
ng
> to break Triplesec.
> Are you tracking if these changes break the way the verifiers are used so
> the HOTP verifier
> is not broken in Triplesec?
>
> Alex
>

--=20
Regards,
Cordialement,
Emmanuel L=E9charny
www.iktek.com

[ Post a follow-up to this message ]

Re: [Kerberos] Are the current refactoring changes going to break Triplesec?

Enrique Rodriguez

07-22-07 06:11 AM

These changes were all to protocol workflow behavior in the
ticket-granting service (TGS).  As such, they didn't touch the
pre-authentication verifiers at all, which are in the authentication
service (AS).

I tried checking T-Sec to make sure but the build fails since
org.apache.directory.server 1.0.3-SNAPSHOT artifacts don't appear to
be deployed.  If you have them checked out, could you please deploy
them?  Then I'll get into double-checking T-Sec is OK.

Enrique

On 7/21/07, Alex Karasulu <akarasulu-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
> Enrique,
>
> I'm just curious if the current refactoring changes you're making are goin
g
> to break Triplesec.
> Are you tracking if these changes break the way the verifiers are used so
> the HOTP verifier
> is not broken in Triplesec?
>
> Alex
>

[ Post a follow-up to this message ]

Re: [Kerberos] Are the current refactoring changes going to break Triplesec?

Enrique Rodriguez

07-22-07 06:11 AM

On 7/21/07, Emmanuel Lecharny <elecharny-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:[vbc
ol=seagreen]
> ...
> yes, I wish that refactoring are done only on parts we now have tests
> cases. The major issue we currently have with kerberos is the lack of
> tests case. As soon as the tests case are written, it's ok, to
> refactor the code, but tests case should cover the current server and
> TSec too, as it's now a part of the project.[/vbcol]

I have been exclusively focused on providing test coverage.  The
latest series of changes was fully "test driven."  In the last week I
added ~70 new tests (~4 kloc).  The changes I made last night were
improvements to spec compliance found while writing the tests and
reviewing the latest Kerberos RFC.

The AS and TGS are now pretty well covered in protocol-kerberos.  I
will now move on to protocol-changepw and then move back to the
integration tests for Kerberos, Change Password, and SASL GSSAPI.

Enrique

[ Post a follow-up to this message ]