1639895 – [RFE] krb5: update locator plugin interface

Bug 1639895 - [RFE] krb5: update locator plugin interface

Summary: [RFE] krb5: update locator plugin interface

Keywords:
Status:	CLOSED DEFERRED
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	krb5
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Robbie Harwood
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-10-16 20:23 UTC by Robbie Harwood
Modified:	2020-09-10 17:36 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-09-10 17:36:08 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Robbie Harwood 2018-10-16 20:23:17 UTC

The current interface for server location plugins is old and hasn't kept up with changes.  In particular, there is no support for HTTPS endpoints, plugins must perform their own DNS, and the number of servers that can be returned is opaque.

Among other things, this would enable sssd to use URI records from DNS for Kerberos/IPA discovery (https://pagure.io/SSSD/sssd/issue/3533), which would in turn allow sssd/freeIPA to not require ports 88 and 464 to be open.

Comment 1 Robbie Harwood 2020-09-10 17:36:08 UTC

Clearing out tracker of things that aren't likely to happen soon, but this remains on my todo list tracked elsewhere.

Note You need to log in before you can comment on or make changes to this bug.