 |
 |
Hi Pete, On Wed, 2004-08-18 at 12:18, Gerardo Ganis wrote: > Hi, > > > On Tue, Aug 17, 2004 at 12:10:16PM +0200, Fons Rademakers wrote: > > > The main issues I've at the moment are: > > > > > > - build procedure of sec modules separate from xrootd. > > > Currently we can build xrootd and therefore the sec modules only > > > on Linux and Solaris, however we really require the netx client to be > > > able to build on all ROOT supported platforms, incl Win32. Since for > > > the time being the building of the client is linked to the building > > > of the server we have the client only on Linux and Solaris. > > > > Gerri and I talked about this yesterday. He thought there were two > > problems: > > > > o Something in the way the packages are built within ROOT which made the > > netx client build dependent on having built xrootd. Do you have some > > mechanism in the ROOT builds which just skips rootd/xrootd on platforms > > where it is not supported (e.g. Win32)? > > Currently they are dependent since the authentication modules are part of the xrootd tar ball and are build by the xrootd makefile. These authentication modules should be independent from xrootd and be ported to all possible platforms (ideally xrootd should be ported to all platforms so that this issue becomes moot). > > o There was an explicit dependency on libXrdSec.so. It seemed like it > > should be possible to make this load instead as a plugin. > > This is almost ready. > > > > > Hmm, one thing occurs to me: how is the security stuff handled for Win32 > > if the xrootd server isn't built? > > I am modifying things in such a way that, when the server cannot be built, > the protocol header files are extracted from the server source, so that > they can be found when building the client. > Of course, since lib/libXrdSec.so is not there, the client will not able > to satisfy strong authentication requests from the server; however it should > work if no authentication or host authentication are required. > I rather have a solution where the authentication modules are ported to all platforms and delivered as a separate tar. However, porting xrootd to all platforms should be the priority and will solve this problem even better. -- Fons -- Org: CERN, European Laboratory for Particle Physics. Mail: 1211 Geneve 23, Switzerland E-Mail: [log in to unmask] Phone: +41 22 7679248 WWW: http://www.rademakers.org/fons/ Fax: +41 22 7679480