[Patch] Make samba4 return a correct Supported Encryption
Stefan (metze) Metzmacher
metze at samba.org
Tue Sep 8 04:28:26 MDT 2009
Matthieu Patou schrieb:
>
> On 09/08/2009 02:26 AM, Andrew Bartlett wrote:
>> On Mon, 2009-09-07 at 23:40 +0400, Matthieu Patou wrote:
>>
>>> On 09/07/2009 04:51 PM, Stefan (metze) Metzmacher wrote:
>>>
>>>> Hi Matthieu,
>>>>
>>>>
>>>>
>>>>> Please Find attached a patch that allow S4 to return correctly the
>>>>> SupportedEncryption in the getDomainInfo RPC.
>>>>>
>>>>> This patch make the assumption that by default if the
>>>>> msDS-SupportedEncryptionTypes is not populated then the workstation
>>>>> support all the encryption up to RC4 (same assumption as Windows 2008
>>>>> and upper do).
>>>>>
>>>>>
>>>> Can you resend the patch using:
>>>> - tab indentation
>>>> - using the same type 'uint32_t' in all places,
>>>> currently you're mixing uint32_t, int and samdb_search_int64()
>>>>
>>>> Thanks!
>>>> metze
>>>>
>>>>
>>>>
>>> Hi metze,
>>> Sorry for the tabs, about 32/64 I didn't find the samdb_search_int32
>>> function and I've seen in the code of samba4 that it's done like this
>>> (ie. samdb_result_force_password_change in dsdb/common/util.c).
>>> Maybe it will be more cleaner to create a samdb_search_int32() ?
>>>
>>> In any case here is the updated patch I also attached a variant just
>>> with 64 bit ints ...
>>>
>> We need to avoid magic things like 0xf in the code. Can you a bitmap of
>> constants to the netlogon.idl and use them?
>>
>>
> Metze, Andrew,
>
> Find attached the version that use the IDL (good point because it
> allowed me to realize that we should return 0x07 in fact ...) with int32
> and a silent cast from samdb_search_int64.
I just noticed that we already do a samdb_search_string(),
which would mean we do 2 ldb searches for the same object.
I think we should use only one search, maybe using gendb_search_dn()
and ldb_msg_find_attr_as_uint().
> I attached the version with both generated code and not generated code
> included in the patch.
Note: the leading whitespaces in the idl changes...
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20090908/6e5ef2f3/attachment.pgp>
More information about the samba-technical
mailing list