svn commit: samba r6219 - in branches/SAMBA_4_0/source: librpc/rpc ntvfs/posix

Richard Sharpe rsharpe at
Wed Apr 6 03:19:49 GMT 2005

On Wed, 6 Apr 2005, Andrew Tridgell wrote:

> Richard,
>  > This change allows us to fall back to authenticating without
>  > DCERPC_SCHANNEL_128 if we fail. Thus, it allows us to work with Windows
>  > NT DCs ...
> Could you explain in what situation this is needed? What specific
> setup and set of calls is triggering this?

I was testing Samba 4 joined as a domain member to an NT PDC, and
authentication was not working because we could not set up credentials for
the NetLogon channel.

By dropping back on a failure, I was able to authenticate from a Win2K
client to the Samba 4 member server.

>  > -	pvfs_list_hibernate(dir);
>  > +	/*pvfs_list_hibernate(dir);*/
> Did you really mean to commit this too? If so, why are you changing
> this? Have you thought about the consequences in terms of a denial of
> service attack?

This is a temporary fix to the problem to do with closedir making pointers
obtained with telldir useless. I have to implement a solution like that
Jeremy put in place for Samba 3. At the moment, large directories cause
a client to sit in an infinite FindNext loop ...

> A golden rule of commits is that you read the diffs before the commit.

Yeah, I did look at the diffs.

I didn't want to commit the second bit, and I checked with someone who
didn't really know any better than I, who said I could edit the files I
didn't want committed from the commit message. Of course, he was wrong.

I can back that change out ...

Richard Sharpe, rsharpe[at], rsharpe[at],

More information about the samba-technical mailing list