GSS Commands
- General:
-
- GSSCommand should consume major, minor
- GSSCommand::toJSON() should produce outer shell, including major, minor
- Provide reasonable default values for the GSSCommands
- Provide comment examples of JSON input and output
- Think through whether toJSON can generate errors
- All JSONs should contain an identifier to match up the response, given a multithreaded environment where multiple requests and responses can happen out of order
- GSSAcquireCred
-
- The returned cred_handle needs to be cached and returned usefully.
- GSSCreateSecContext
-
- Rename to GSSInitSecContext?
- Update to use GSSOID, GSSBuffer, etc.
- Update to cache context, return that usefully
- Update loadParameters to check for JSON value type, NULL
- Update loadParameters to accept strings or integers where named constants exist.
- GSSGetMic - only the general
- GSSImportName
-
- Update loadParameters to check for JSON value type, NULL
- GSSUnwrap - only the general
- GSSWrap - only the general
- Pseudo random - need to implement totally
Datamodel
- General
-
- Make CopyConstructors / Assignment / etc. work for not freeing memory buffers when some stray copy of an object goes out of scope, rather than making the calling code think about it.
- All datamodel objects should be able to generate their own JSON Value representation
- Memory cache
-
- You know... make it happen ;)
- Make a cache object
-
- it can call back into the GSS data object to let the object know of the UID string for itself, to be used when marshaling to JSON
- It will be responsible for sweeping the GSS Data Objects periodically to reap unneeded ones
- implementation thoughts:
-
- A cache object with one hash/map/table/etc. for every kind of data object?
- A cache object with a single table for all, and some way to determine data object type upon retrieval?
- The overall cache object should be responsible for generating the random strings to be used as table keys
- GSS Data object
-
- Should have a settable cache lookup string
- Should have a bool reapable?() method to set the reaping policy for this object
-
- If using a simple ##-minute timer, the timer could be reset upon each access
- Otherwise, it could use the natural timeout for the object, such as the timeout associated with a security context
- Or should objects be linked to a specific security context, and all expire together?
- Or should objects be linked to a specific web page, and all expire together?
- Should have a toJSONValue() method to generate their JSON representation
-
- Memory cached objects should add themselves to the cache during this method, if the object is not already added in.
Organizational
- Move GSS commands into their own directory off src
- Create a single routine that calls all of the appropriate stuff, given an input of a JSON string, and returns the appropriate response JSON string.
- Turn src/datamodel and src/gsscommands into a library
- Move GSS command tests into test/gsscommands
- Make sure that the command line interface to the underlying code is the same as the FF dlopen() interface
-
- So the command line needs to handle only I/O, and hand off the JSON strings to the next layer down, which is also called by the FF dlopen() implementation