[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-187-g9678085

Andrew Bartlett abartlet at samba.org
Tue Jul 29 00:24:20 GMT 2008


On Mon, 2008-07-28 at 11:47 -0500, Stefan Metzmacher wrote:
> The branch, v4-0-test has been updated
>        via  9678085f75b6cb0ed068e22f3d9f94247b200ce2 (commit)
>       from  c2186d5d60aa2b57ecafaa57f9fd41f2a6717046 (commit)
> 
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
> 
> 
> - Log -----------------------------------------------------------------
> commit 9678085f75b6cb0ed068e22f3d9f94247b200ce2
> Author: Stefan Metzmacher <metze at samba.org>
> Date:   Mon Jul 28 17:59:17 2008 +0200
> 
>     Revert "gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work"
>     
>     This reverts commit 73964f069056f46f2f27fc690e42e5c91ae1fe19.
>     
>     This breaks more than it gains:-( It seems to break the ncacn_np session key

So, this breaks Samba4 -> Samba4.  It does however fix Vista -> Samba4
for joining (allowing us to get as far as the DCE/RPC problem).

So, the question is:  What is wrong with Heimdal in this situation?  How
do we come to negotiate different keys with the same code in both
directions?  

Andrew Bartlett

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080729/6d628f90/attachment.bin


More information about the samba-technical mailing list