3 1. Client fetchs rxgk ticket from kerberos, by existance of
4 the keberos principal, the cell declare it's running the
7 2. Client fetches initial rxgk token from rxgk-service by
8 using GSS-API. In initial token the cell declares if the
9 vldb and ptserver supports rxgk too.
11 3. When the clients want to talk a fileserver, it talks to the
12 rxgk-service to fetch an new rxgk token (and new key to
13 match that token) from that fileserver, or gets back empty
14 token which means it should fall back to rxkad.
16 4. Talkes to fileserver.
18 code cleanup and verification
21 - check and verify wire formats (1day)
22 - check k0 to connection key (1h)
23 - store for fileserver key (2h)
24 list and update service
25 - rewrite encryption to use custom kcrypto for speed and
27 + write support for rxgk token on each fileserver, 2days
33 RXGK service (have sample service)
37 OpenAFS file server, rxgk service integration
40 first code-drop, 4h, , done
41 rxgk server integeration, 3h
44 integration into OpenAFS client
52 cp /obj/a/rxgk/rxgk_proto.{h,ydr.c,ss.c,cs.c,ss.h,cs.h} ~/src/cvs/arla/rxgk/*.[ch] ~/src/cvs/arla/rxgk/*.xg ~/src/cvs/arla/rxgk/*.et ~/src/cvs/arla/rxgk/README ~/src/cvs/arla/rxgk/TODO ~/src/cvs/arla/rxgk/rxgk_err.et . && perl -pi -e 's/#include <atypes.h>/#include <unistd.h>\n#include <stdint.h>/' rxgk_proto*.[ch]
55 KRB5_KTNAME=FILE:/usr/afs/keyfile.keytab /obj/a/rxgk/rxgk-service &