[Patch] Make samba4 return a correct Supported Encryption

Stefan (metze) Metzmacher metze at samba.org
Tue Sep 8 04:28:26 MDT 2009 

Matthieu Patou schrieb:
> 
> On 09/08/2009 02:26 AM, Andrew Bartlett wrote:
>> On Mon, 2009-09-07 at 23:40 +0400, Matthieu Patou wrote:
>>   
>>> On 09/07/2009 04:51 PM, Stefan (metze) Metzmacher wrote:
>>>     
>>>> Hi Matthieu,
>>>>
>>>>
>>>>       
>>>>> Please Find attached a patch that allow S4 to return correctly the
>>>>> SupportedEncryption in the getDomainInfo RPC.
>>>>>
>>>>> This patch make the assumption that by default if the
>>>>> msDS-SupportedEncryptionTypes is not populated then the workstation
>>>>> support all the encryption up to RC4 (same assumption as Windows 2008
>>>>> and upper do).
>>>>>
>>>>>          
>>>> Can you resend the patch using:
>>>> - tab indentation
>>>> - using the same type 'uint32_t' in all places,
>>>>     currently you're mixing uint32_t, int and samdb_search_int64()
>>>>
>>>> Thanks!
>>>> metze
>>>>
>>>>
>>>>        
>>> Hi metze,
>>> Sorry for the tabs, about 32/64 I didn't find the samdb_search_int32
>>> function and I've seen in the code of samba4 that it's done like this
>>> (ie. samdb_result_force_password_change in dsdb/common/util.c).
>>> Maybe it will be more cleaner to create a samdb_search_int32() ?
>>>
>>> In any case here is the updated patch I also attached a variant just
>>> with 64 bit ints ...
>>>      
>> We need to avoid magic things like 0xf in the code.  Can you a bitmap of
>> constants to the netlogon.idl and use them?
>>
>>    
> Metze, Andrew,
> 
> Find attached the version that use the IDL (good point because it
> allowed me to realize that we should return 0x07 in fact ...) with int32
> and a silent cast from samdb_search_int64.

I just noticed that we already do a samdb_search_string(),
which would mean we do 2 ldb searches for the same object.
I think we should use only one search, maybe using gendb_search_dn()
and ldb_msg_find_attr_as_uint().

> I attached the version with both generated code and not generated code
> included in the patch.

Note: the leading whitespaces in the idl changes...

metze


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20090908/6e5ef2f3/attachment.pgp>

More information about the samba-technical mailing list