[Re-send to list, with some edits.] I can see the value of returning an error immediately, but I think this is problematic as it might cause programs to start failing where they were succeeding. Perhaps a ./configure option could determine whether to do this.
I would like to see a function that checks configuration. This should take a krb5_context and optional config file argument, and it should check either the latter or the configuration in the given krb5_context if not filename is given. This function should have an output parameter that allows for detailed error/warning messages to be shown to the user. This would even work for alternative configuration stores. What's nice about this is that one could use this for checking the correctness of new configurations before installing them. Alternatively you could add a new krb5_init_context() variant that allows the application to specify whether configuration errors are fatal or not. Zhanna pointed me at the krb5.conf validator written in Python. I then mentioned the need for a schema for these things, how SMF has a templating facility along those lines, and that MIT should consider using JSON and JSON Schema for this. Nico -- ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
