svn commit: samba r11619 - in branches/SAMBA_4_0/source/kdc: .

Andrew Bartlett abartlet at samba.org
Thu Nov 10 09:06:37 GMT 2005 

On Thu, 2005-11-10 at 00:26 +0000, tridge at samba.org wrote:
> Author: tridge
> Date: 2005-11-10 00:26:26 +0000 (Thu, 10 Nov 2005)
> New Revision: 11619
> 
> WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11619
> 
> Log:
> 
> use the 32 bit length helper in the kdc. 
> 
> 
> 
> 
> Modified:
>    branches/SAMBA_4_0/source/kdc/kdc.c
> 
> 
> Changeset:
> Modified: branches/SAMBA_4_0/source/kdc/kdc.c
> ===================================================================
> --- branches/SAMBA_4_0/source/kdc/kdc.c	2005-11-10 00:25:57 UTC (rev 11618)
> +++ branches/SAMBA_4_0/source/kdc/kdc.c	2005-11-10 00:26:26 UTC (rev 11619)
> @@ -199,29 +199,7 @@
>  	stream_terminate_connection(kdcconn->conn, reason);
>  }
>  
> -
>  /*
> -  work out if a tcp packet is complete
> -*/
> -NTSTATUS kdc_tcp_is_complete(void *private, DATA_BLOB blob, size_t *size)
> -{
> -	if (blob.length < 4) {
> -		return STATUS_MORE_ENTRIES;
> -	}
> -	*size = 4 + RIVAL(blob.data, 0);
> -	if (*size > blob.length) {
> -		return STATUS_MORE_ENTRIES;
> -	}
> -	if ((*size) & (1 << 31)) {
> -		/* NOTE: we should send a 'KRB_ERR_FIELD_TOOLONG' and terminate, 
> -		   but for now we just terminate */
> -		return NT_STATUS_PORT_MESSAGE_TOO_LONG;
> -	}
> -	return NT_STATUS_OK;
> -}

Why did you remove this?  Aside from it testing the wrong way around, I
need that particular error for RFC compliance.  

Also, could I just queue a reply at this point?  I'm required to send a
kerberos error packet then terminate the stream.

(I'm not too worried about all this, as Heimdal doesn't do it either,
but there are extensions being proposed that would rely on this).

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051110/095c515d/attachment.bin

More information about the samba-technical mailing list