'System' access to LDAPI without a bind in Samba4
simo
idra at samba.org
Wed Jun 10 11:54:39 GMT 2009
On Wed, 2009-06-10 at 20:40 +1000, Andrew Bartlett wrote:
> On Wed, 2009-06-10 at 17:26 +1000, tridge at samba.org wrote:
> > > No, it belongs in GENSEC as another SASL mechanism.
> >
> > ok. How will the gensec code get access to the file descriptor in the
> > ldap server so it can ask the kernel who owns the other side of that
> > fd? Is there a path to the fd somewhere inside the gensec structures?
>
> Doing this cleanly will certainly be a challenge.
>
> It's not there at the moment. I'm honestly not sure how best to pass
> this in, but at worst we add a mechanism like ldb_opaque. It could be
> useful for passing out some other things anyway...
Please don't use ldb_opaque for something like this.
We can certainly add a public function, although it's going to be
"interesting" if you have multiple ldap servers beyond the partition
module. But I am sure you can handle the exception within the partition
module itself.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
More information about the samba-technical
mailing list