Library splitup and Packaging
It's probably good to split functionality to reduce dependencies for the simplest use cases and handle a variety of SASL implementations:
-
libkip.so
with unconnected functions: keygen, keymap, keytab, random and of course encrypt/decrypt. Simplify test/demo programs to load only this. -
libkip_client.so
adds the link to the KIP Service, dependency on Quick-DER and SASL callback configuration for the client. -
libkip_service.so
implements functions for the KIP Service, dependency on Quick-DER and SASL callback configuration for the server. -
libkip_client_cyrussasl2.so
adds the Cyrus-SASL2 variant of the SASL functions to use as client SASL callback. Other versions might be imagined as implementations of the client SASL API. -
libkip_service_cyrussasl2.so
adds the Cyrus-SASL2 variant of the SASL functions to use as service SASL callback. Other versions might be imagined as implementations of the service SASL API.
There will be a need to share an internal include file with the internally used structures, as kip-intern.h
and probably included from the source directory, not the include directory.
This enables a number of packages (Debian used as an example):
-
kip-service.deb
with thekipd
program and thelibkip_service.so
library. -
libkip-common.deb
with thelibkip.so
library andpkg-config
setup without SASL. -
libkip-client.deb
with thelibkip_client.so
library andpkg-config
setup with SASL. -
libkip-client-cyrussasl2.deb
with thelipkip_client_cyrussasl2.so
library. -
libkip-service-cyrussasl2.deb
with thelibkip_service_cyrussasl2.so
library. -
libkip-dev.deb
holds a compositelibkip.a
and header filess.
There would be some dependencies, to allow dynamic plugin of SASL implementations:
-
libkip-client.deb
andlibkip-service.deb
depend onlibkip-common.deb
and on a generic resourcelibkip-client-sasl
. -
kip-service.deb
depends onlibkip-service.deb
and a generic resourcelibkip-service-sasl
. -
libkip-client-cyrussasl2.deb
offers generic resourcelibkip-client-sasl
and depends onlibsasl2.deb
. -
libkip-service-cyrussasl2.deb
offers generic resourcelibkip-service-sasl
and depends onlibsasl2.deb
. -
libkip-dev.deb
depends onlibkip-common.deb
,libkip-client.deb
andlibkip-service.deb
to have the dynamic libraries too.
The administrator would be responsible of matching SASL implementations from various packages.
Edited by Rick van Rein