You are viewing a plain text version of this content. The canonical link for it is here.
Posted to kerby@directory.apache.org by "Zheng, Kai" <ka...@intel.com> on 2016/01/07 08:15:34 UTC
Clear Kerby codes
Hi folks,
There are some discussions that we need to double check our source codes to ensure some of them are cleared up and attributed properly, something like adding some recognition info as comments in codes like "According to krb5.hin in MIT krb5". This should be done as an essential step upon release and release. Even we don't release, we should do it, considering we're running very fast and very likely to miss such things. We committers are committing our own codes in the fly but without any guarding. Some projects need at least a +1 for each change wrapped in a patch, we don't. This should work for this early project but we would then need the post fixes. We don't need to hurry, let's slow down a little bit. Thanks.
Regards,
Kai
RE: Clear Kerby codes
Posted by "Li, Jiajia" <ji...@intel.com>.
Thanks for Emmanuel's providing this template, we can use it in the feature.
Thanks
Jiajia
-----Original Message-----
From: Emmanuel Lécharny [mailto:elecharny@gmail.com]
Sent: Thursday, January 07, 2016 6:46 PM
To: kerby@directory.apache.org
Subject: Re: Clear Kerby codes
Le 07/01/16 08:52, Zheng, Kai a écrit :
> Thanks Emmanuel for elaborating this so fine. It should be clear now. Let's do it in the following days, and don't forget it in future.
For the record, here is a file in which I added such a attribution :
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70ce3a84/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
index b39d2df..a85bbfe 100644
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
@@ -38,8 +38,19 @@ public enum ApOption implements EnumType {
RESERVED(0x80000000), // Bit 0, in ASN.1 BIT STRING definition : the most left-handed bit
USE_SESSION_KEY(0x40000000), // Bit 1
MUTUAL_REQUIRED(0x20000000), // Bit 2
- ETYPE_NEGOTIATION(0x00000002), // ???
- USE_SUBKEY(0x00000001); // ???
+ //
+ // The following values are taken from the MIT Kerberos file krb5.hin :
+ //
+ // #define AP_OPTS_ETYPE_NEGOTIATION 0x00000002
+ // #define AP_OPTS_USE_SUBKEY 0x00000001 /**< Generate a subsession key
+ // from the current session key
+ // obtained from the
+ // credentials */
+ //
+ // ---->
+ ETYPE_NEGOTIATION(0x00000002), // bit 30
+ USE_SUBKEY(0x00000001); // bit 31
+ // <---- End of krb5.hin inclusion
/** The internal value */
private final int value;
You can use the same template.
Re: Clear Kerby codes
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 07/01/16 08:52, Zheng, Kai a écrit :
> Thanks Emmanuel for elaborating this so fine. It should be clear now. Let's do it in the following days, and don't forget it in future.
For the record, here is a file in which I added such a attribution :
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70ce3a84/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
index b39d2df..a85bbfe 100644
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
@@ -38,8 +38,19 @@ public enum ApOption implements EnumType {
RESERVED(0x80000000), // Bit 0, in ASN.1 BIT STRING definition : the most left-handed bit
USE_SESSION_KEY(0x40000000), // Bit 1
MUTUAL_REQUIRED(0x20000000), // Bit 2
- ETYPE_NEGOTIATION(0x00000002), // ???
- USE_SUBKEY(0x00000001); // ???
+ //
+ // The following values are taken from the MIT Kerberos file krb5.hin :
+ //
+ // #define AP_OPTS_ETYPE_NEGOTIATION 0x00000002
+ // #define AP_OPTS_USE_SUBKEY 0x00000001 /**< Generate a subsession key
+ // from the current session key
+ // obtained from the
+ // credentials */
+ //
+ // ---->
+ ETYPE_NEGOTIATION(0x00000002), // bit 30
+ USE_SUBKEY(0x00000001); // bit 31
+ // <---- End of krb5.hin inclusion
/** The internal value */
private final int value;
You can use the same template.
RE: Clear Kerby codes
Posted by "Zheng, Kai" <ka...@intel.com>.
Thanks Emmanuel for elaborating this so fine. It should be clear now. Let's do it in the following days, and don't forget it in future.
-----Original Message-----
From: Emmanuel Lécharny [mailto:elecharny@gmail.com]
Sent: Thursday, January 07, 2016 3:31 PM
To: kerby@directory.apache.org
Subject: Re: Clear Kerby codes
Le 07/01/16 08:15, Zheng, Kai a écrit :
> Hi folks,
>
> There are some discussions that we need to double check our source codes to ensure some of them are cleared up and attributed properly, something like adding some recognition info as comments in codes like "According to krb5.hin in MIT krb5". This should be done as an essential step upon release and release. Even we don't release, we should do it, considering we're running very fast and very likely to miss such things. We committers are committing our own codes in the fly but without any guarding. Some projects need at least a +1 for each change wrapped in a patch, we don't. This should work for this early project but we would then need the post fixes. We don't need to hurry, let's slow down a little bit. Thanks.
Thanks Kai !
To be clear : the MIT Kerberos headers and API may be translated in Java, but we *must* provide a clear attribution when doing so. For three reasons :
- first of all, because this is not *our* work, it's somebody else work and it's just fair to point to the original work
- then it's important to know where the various elements are coming from. Most of the time, we can refer to a RFC, but there is not a RFC for every piece of code we have. For a new comer, it's important to know where the various bits are coming from
- and last, not least, from a legal point of view, not doing so would put the whole Kerby projct in jeopardy, up to the point we may be asked to shutdwon it, something we don't want.
For code (ie, implementation), and I'm not talking about .h or function prototypes, there is no way we can translate it : if you want to know why, just read http://digital-law-online.info/lpdi1.0/treatise27.html,
part Piecewise Reimplementation.
Now, there is no need to freak out, I understand that everybody is going full speed on a limited time, so mistakes can happen, nobody is to blame for that. Add to that it's a really complex matter, and I don't think any of us are lawyers, so it's quite easy to not being aware of such legal things.
Anyway, please be careful, try to remember where the code is coming from for the existing code, and everything will be fine :-)
Thanks !
Re: Clear Kerby codes
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 07/01/16 08:15, Zheng, Kai a écrit :
> Hi folks,
>
> There are some discussions that we need to double check our source codes to ensure some of them are cleared up and attributed properly, something like adding some recognition info as comments in codes like "According to krb5.hin in MIT krb5". This should be done as an essential step upon release and release. Even we don't release, we should do it, considering we're running very fast and very likely to miss such things. We committers are committing our own codes in the fly but without any guarding. Some projects need at least a +1 for each change wrapped in a patch, we don't. This should work for this early project but we would then need the post fixes. We don't need to hurry, let's slow down a little bit. Thanks.
Thanks Kai !
To be clear : the MIT Kerberos headers and API may be translated in
Java, but we *must* provide a clear attribution when doing so. For three
reasons :
- first of all, because this is not *our* work, it's somebody else work
and it's just fair to point to the original work
- then it's important to know where the various elements are coming
from. Most of the time, we can refer to a RFC, but there is not a RFC
for every piece of code we have. For a new comer, it's important to know
where the various bits are coming from
- and last, not least, from a legal point of view, not doing so would
put the whole Kerby projct in jeopardy, up to the point we may be asked
to shutdwon it, something we don't want.
For code (ie, implementation), and I'm not talking about .h or function
prototypes, there is no way we can translate it : if you want to know
why, just read http://digital-law-online.info/lpdi1.0/treatise27.html,
part Piecewise Reimplementation.
Now, there is no need to freak out, I understand that everybody is going
full speed on a limited time, so mistakes can happen, nobody is to blame
for that. Add to that it's a really complex matter, and I don't think
any of us are lawyers, so it's quite easy to not being aware of such
legal things.
Anyway, please be careful, try to remember where the code is coming from
for the existing code, and everything will be fine :-)
Thanks !