[Freeipa-devel] [PATCH] allow different protocol versions for PAM and NSS

Stephen Gallagher sgallagh at redhat.com
Fri May 8 10:54:34 UTC 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sumit Bose wrote:
> Hi,
> 
> this patch adds support for different version numbers of the PAM and NSS
> communication with the specific responder.
> 
> I have not changed the logic of the get_version request, i.e. the client
> (pam_sss or libnss_sss) sends a get_version request to the responder,
> the responder sends back his version number and the client proceeds if
> the version number meet his expectation. Maybe it would make sense to
> switch the logic here, i.e. the client send his version number and the
> responder says ACK if he can support the version and NACK otherwise.
> This way we can theoretically support more than one version for either
> PAM or NSS communication on the responder side, although I do not know
> if there ever will be a use case for this.
> 
> bye,
> Sumit
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel

I can think of a use-case: Consider upgrading of the SSSD. Any
long-running process that is currently loaded with our sss_client will
continue to use the old version until such time as it is reloaded.
Unless we want to require full system reboots on SSSD upgrade, we need
to be able to support at least one prior version of the protocol.

- --
Stephen Gallagher
RHCE 804006346421761

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkoED2cACgkQeiVVYja6o6OhvACeLKVa8LE1UVft10rcXmjP+pyP
2W4AnjE+2BSx4TXkWkEMtFewJFM+gf+X
=DO47
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090508/806d9efc/attachment.bin>

More information about the Freeipa-devel mailing list