diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-08-29 23:12:00 +0000 | 
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-08-29 23:12:00 +0000 | 
| commit | f7880d17b11d858446f7b19ee36d5b5f4d289206 (patch) | |
| tree | a09d53405223615cdccdde8bdc4d1ced4008252f | |
| parent | c378f43667fdbc8491d3999e8eee8079acb8844d (diff) | |
Flesh out further and divide into things required to replace leland_srvtab
and future work.  This should now be relatively complete.
| -rw-r--r-- | TODO | 49 | 
1 files changed, 38 insertions, 11 deletions
| @@ -1,20 +1,38 @@                              wallet To-Do List +Required to replace leland_srvtab: +  * Testing.  Most of the classes have no tests at all right now.  Doing    meaningful testing will require finding a way to set up a database    for testing purposes, probably using sqlite.  * Documentation missing for Wallet::Server, Wallet::ACL, Wallet::Config, -  Wallet::Object::Keytab, and wallet-backend. +  Wallet::Object::Keytab, wallet-backend, and wallet.  * Add an ACL list function to display an ACL in human-readable form and    call it from wallet-backend.  * Display ACL details when displaying objects. -* There is a lot of duplicate code in wallet-backend.  Convert that to -  use some sort of data-driven model with argument count and flags so -  that the method calls can be written only once. +* Write new files atomically in the wallet client and save backups unless +  told not to (write to file.new, link the old file to file.old, and do +  an atomic rename). + +* Implement creation of srvtabs from keytabs in the wallet client. + +* Add kasetkey support to the keytab object backend. + +* Implement flag setting and retrieval. + +* Implement support for the unchanging flag on keytabs and the backend +  remctl calls to retrieve the existing keytab. + +* Implement the locked flag. + +* Write the remctl configuration and finish Debian packaging of the +  wallet client and server. + +Future work:  * Log failures in the wallet-backend properly, which also requires    catching all exceptions. @@ -22,14 +40,10 @@  * Implement default ACL policy to allow dynamic object creation on first    request for keytabs. -* Remove the hard-coded ADMIN ACL in the server with something more -  configurable, perhaps a global ACL table or something. - -* Implement flags, including support for the unchanging attribute on -  keytabs and the corresponding back-end remctl calls to retrieve the -  existing keytab. +* Implement special handling for keytabs in the wallet client. -* Implement the locked flag. +* Use the class names in the database tables when loading object and +  ACL verifier implementations.  * The ACL implementation is currently rather inefficient for ACL    verifiers that need to maintain state (such as LDAP binds).  Now @@ -37,6 +51,19 @@    somehow return global verifiers, probably through a factory    implementation. +* There is a lot of duplicate code in wallet-backend.  Convert that to +  use some sort of data-driven model with argument count and flags so +  that the method calls can be written only once. +  * There's a lot of code duplication in the dispatch functions in the    Wallet::Server class.  Find a way to rewrite that so that the dispatch    doesn't duplicate the same code patterns. + +* Remove the hard-coded ADMIN ACL in the server with something more +  configurable, perhaps a global ACL table or something. + +* Write a wallet-admin program to provide an interface to things like +  database initialization and, eventually, upgrades. + +* Compiling kasetkey should be optional and probably not enabled by +  default. | 
