mars-nwe/doc/NSS_PUBLIC_CORE_AUDIT.md

NSS public_core import audit

This note classifies the top-level NSS public_core directories for the MARS-NWE import path. It is intentionally conservative: directly import useful open NSS code where it is a real subsystem, adapt only at platform/closed-source boundaries, and do not build wrappers around old MARS half-implementations when an NSS replacement exists.

Current import policy

• Prefer direct NSS source import/adaptation over reimplementing behavior.
• Keep original NSS file/API names where practical.
• Put primitive reusable helpers in libnwcore.
• Put filesystem/storage/runtime subsystems in a future libnwfs.
• Put eDirectory/NDS code in a future libnwnds.
• Put Bindery/auth/object-ID bridging in a future libnwbind.
• Do not import Novell closed/kernel-only backend code. Adapt those boundaries to libc, libowfat, MatrixSSL, libsodium, or existing MARS-NWE state.

Top-level public_core directories

library/

Status: already partly imported; continue selectively into libnwcore.

Useful lowlevel helpers already imported or identified:

library/utc/*        => imported UTC/DOS/MS-time helpers
library/guid/guid.c  => imported GUID helper
library/id/id.c      => imported ID helper
library/eDir/*       => future libnwnds, not core
library/misc/*       => selective utility/error/table helpers only
library/os/*         => OS/NLM/platform glue; import only when needed
library/wio/*        => tool/UI logging; not server runtime first

library/eDir/getDSGuid.c depends on DDC/DS access and belongs in libnwnds. library/eDir/parseDSObjectName.c can also stay there unless a guarded 4.x endpoint needs it earlier.

nss/

Status: selective libnwcore plus later runtime work.

Already useful:

nss/lib/bitmap.c
nss/lib/crc.c
nss/lib/hash.c

Potential later helpers:

nss/lib/setErrno.c
nss/msg/*
nss/cache/*

nss/msg and nss/cache are not first-tier imports; they tie into NSS runtime message/cache infrastructure and should be pulled only when a concrete consumer requires them.

sharedsrc/

Status: source-fragment support for direct imports.

This directory contains .c.h implementation fragments used by multiple NSS library files. Continue importing these locally into src/core/ or the future src/nwfs/ when the corresponding real source file needs them. Do not install .c.h files as public headers.

Examples already used:

sharedsrc/guid.c.h
sharedsrc/uni2utf.c.h
sharedsrc/utf2uni.c.h
sharedsrc/unicpy.c.h
sharedsrc/unilen.c.h

comn/namespace/

Status: future direct NSS namespace replacement path, not wrapper.

Sources:

comn/namespace/nameSpace.c
comn/namespace/dosNSpace.c
comn/namespace/dosNSWild.c
comn/namespace/longNSpace.c
comn/namespace/macNSpace.c
comn/namespace/unixNSpace.c
comn/namespace/dataStreamNSpace.c
comn/namespace/extAttrNSpace.c

Targets:

• DOS namespace
• LONG namespace
• MAC namespace
• UNIX namespace
• Data Stream namespace
• Extended Attribute namespace

The goal is to replace old MARS namedos/nameos2 behavior, not wrap it. The runtime parts belong to libnwfs; reusable legal-name/wildcard helpers can be introduced first if they compile cleanly.

comn/common/

Status: important libnwfs runtime source, but too broad for blind import.

This is where much of the NSS common/filesystem object model lives:

adminVolume.c
adminVolFile.c
beastClass.c
beastHash.c
beastIO.c
beastStartup.c
comnDataStream.c
comnFile.c
comnIO.c
comnLookup.c
comnMacintosh.c
comnPool.c
comnUnicode.c
comnVariableData.c
comnVol.c
extAttrBeast.c
fileBeast.c
fileHandle.c
name.c
nameCache.c
nameLookup.c
objectIDStore.c
rootBeast.c
volBeast.c
zPool.c
zPublics.c

Useful later in libnwfs:

• Beast object model
• volume/pool object model
• name/name-cache lookup
• data-stream/extended-attribute runtime
• _ADMIN virtual management volume
• object ID store

Do not import this as one block. Pull it in along the namespace/data-stream/ volume axis after the boundary is clear.

comn/authsys/

Status: future direct authsys import/adaptation, split across libnwbind, libnwfs, and libnwnds as needed.

Files:

authorize.c
unixAuthModel.c
unixAuthSpace.c
unixDecision.c
zasAuthCache.c
zasAuthModel.c
zasAuthSpace.c
zasDecision.c

Policy:

• Do not build a wrapper over old MARS auth behavior as the long-term target.
• Import/adapt NSS authsys logic directly where it is open and useful.
• Adapt only at closed/platform/backend boundaries.

Backend boundary mapping:

AES/crypto/RNG     => MatrixSSL/libsodium/libc as appropriate
Bindery identity   => future libnwbind
NDS/eDir identity  => future libnwnds
filesystem hooks   => future libnwfs

The AES code under comn/aes/ should not become a new crypto stack. Use the existing MatrixSSL/libsodium integration for real crypto operations.

comn/compression/

Status: future libnwfs storage feature.

Lowlevel algorithm sources are useful later:

cdcomp.c
cdcompa.c
cduncomp.c
cduncompa.c
nwAlgo.c
copyAlgo.c

Larger manager/runtime:

cmActivity.c
cmAlgoMan.c
cmBgCompress.c
cmCompDecomp.c
cmCompFile.c
cmControl.c
cmRuntime.c
comnCompress.c

Import after namespace/data-stream/volume metadata exists. Relevant NCPs must report real state, not synthetic state:

decimal 90/12  == wire/code 0x5a/0x0c
decimal 123/70 == wire/code 0x7b/0x46
decimal 123/71 == wire/code 0x7b/0x47
decimal 123/72 == wire/code 0x7b/0x48
decimal 22/51  == wire/code 0x16/0x33

comn/main/ and comn/sbs/

Status: runtime/startup/support code, not first-tier library import.

comn/main includes NSS startup, symbol-export, command-line, and NLM/Linux module plumbing. Import only narrow pieces when a real libnwfs subsystem needs those APIs.

comn/sbs appears to be support/mgmt plumbing. Keep reference-only until a concrete endpoint or management path needs it.

lsa/

Status: possible future libnwfs storage adapter reference.

The LSA layer looks like logical storage adapter / super-volume / pool support:

lsa.c
lsaXattr.c
lsaSuperVol.c
lsaSuperPool.c
lsaUser.c
lsaNSSKR.c

Useful later for volume/pool/storage modeling and Linux xattr integration, but not needed before namespace/data-stream basics.

zlss/

Status: large ZLSS storage engine reference, future libnwfs only.

Contains B-tree, name-tree, file-map, pool/volume, repair, and storage I/O code:

nameTree.c
beastTree.c
myBTree.c
zfs.c
zfsFileMap.c
zfsPool.c
zfsVol.c
zlssLogicalVolume.c
repair*.c

This is valuable for NSS-shaped storage semantics, but too large for early imports. Use as reference while building libnwfs; import only if the complete required dependency slice is understood.

manage/

Status: future management tooling / _ADMIN / libnwadmin or libnwfs-mgmt.

Contains management commands for pools, volumes, NDS, partitions, server, Linux, and user-space restrictions. Not needed for NetWare 3.x data-path behavior. Potential later user: _ADMIN:/Manage_NSS/....

ndpmod/

Status: future NDP/NDS identity broker, likely libnwnds plus references for identity mapping.

Files such as ndp_idbroker.c and ndp_guids.c are not core imports. Revisit when guarded 4.x/NDS endpoints or DS identity mapping need them.

admindrv/, nebdrv/, nsslnxlib/

Status: platform/driver glue.

• admindrv: Linux kernel/admin driver module wrapper.
• nebdrv: driver/service plumbing.
• nsslnxlib: Linux NSS compatibility wrappers (procdefslnx.c, nwlocale.c, microSecondTimer.c, kernel file helpers).

Import only specific userland-compatible functions when needed. Do not create a new kernel-driver dependency.

nwraid/

Status: future storage reference, not NCP namespace priority.

Contains RAID 0/1/5 logic and DM I/O helpers. Keep out of current libnwfs work until volume/pool/storage layering exists.

Transport and host-change boundaries

The transport split is outside NSS public_core, but it constrains the import boundaries. Future TCP/IP support belongs under the existing server process as a code/library split (nwtransport, nwipx, later nwtcp), not as a new daemon and not as an NSS namespace dependency. NCP providers and imported namespace code must remain transport-neutral.

The audited bundled libowfat API names for the later TCP listener are socket_tcp4(), socket_tcp6(), socket_bind4_reuse(), socket_bind6_reuse(), socket_listen(), socket_accept4_*(), socket_accept6_*(), and the io_* readiness helpers. Do not write future TCP code against shorthand socket4/socket6 names.

External host changes are a libnwfs/metadata concern, not a transport concern. When Samba, rsync, backup restore or local admin tools create files, the watcher/startup scanner should create or reconcile netware.metadata and DOS/LONG/MAC/UNIX namespace records. Keep that state in NSS-shaped metadata, not in a private database.

Recommended order after Unicode/GUID/string imports

1. Keep documentation current: direct namespace import, authsys direct/adapted import, and platform-boundary adapters only.
2. Start namespace with the smallest direct NSS DOS namespace slice that can replace old namedos behavior under tests.
3. Add LONG namespace and retire nameos2 logic under tests.
4. Add MAC/UNIX/DataStream/EA namespace slices.
5. Build libnwfs Beast/name-cache/data-stream/EA runtime as required by those namespace imports.
6. Then revisit compression, _ADMIN, objectID/authsys, and NDS/bindery splits.