svn commit: samba r11619 - in branches/SAMBA_4_0/source/kdc: .

tridge at tridge at
Thu Nov 10 11:51:09 GMT 2005


 > Why did you remove this?  Aside from it testing the wrong way around, I
 > need that particular error for RFC compliance.  

it wasn't being used, as kdc_tcp_recv_error() was just dropping the
connection, so there didn't seem much point in having a local function
that was in effect the same as the global one :)

 > Also, could I just queue a reply at this point?  I'm required to send a
 > kerberos error packet then terminate the stream.

yes, you should be able to queue a reply. The trick will be to ensure
the reply gets out before the socket is dropped (you will have to drop
the socket, as you don't want to try to read 2G of data!).

Probably the easiest method is as follows:

 - when you detect this error, create a krb5 error packet, and set a
   destructor on the data blob
 - then queue that error reply
 - then call packet_recv_disable() to stop trying to receive more data
   on this connection
 - once the packet is sent, the destrctor will fire, and you can setup
   the destructor to drop the connection

Sound ok?

More information about the samba-technical mailing list