[Patch] Make samba4 return a correct Supported Encryption

Matthieu Patou mat+Informatique.Samba at matws.net
Tue Sep 8 07:12:12 MDT 2009 

On 09/08/2009 05:00 PM, Andrew Bartlett wrote:
> On Tue, 2009-09-08 at 12:28 +0200, Stefan (metze) Metzmacher wrote:
>    
>> Matthieu Patou schrieb:
>>      
>>> On 09/08/2009 02:26 AM, Andrew Bartlett wrote:
>>>        
>>>> On Mon, 2009-09-07 at 23:40 +0400, Matthieu Patou wrote:
>>>>
>>>>          
>>>>> On 09/07/2009 04:51 PM, Stefan (metze) Metzmacher wrote:
>>>>>
>>>>>            
>>>>>> Hi Matthieu,
>>>>>>
>>>>>>
>>>>>>
>>>>>>              
>>>>>>> Please Find attached a patch that allow S4 to return correctly the
>>>>>>> SupportedEncryption in the getDomainInfo RPC.
>>>>>>>
>>>>>>> This patch make the assumption that by default if the
>>>>>>> msDS-SupportedEncryptionTypes is not populated then the workstation
>>>>>>> support all the encryption up to RC4 (same assumption as Windows 2008
>>>>>>> and upper do).
>>>>>>>
>>>>>>>
>>>>>>>                
>>>>>> Can you resend the patch using:
>>>>>> - tab indentation
>>>>>> - using the same type 'uint32_t' in all places,
>>>>>>      currently you're mixing uint32_t, int and samdb_search_int64()
>>>>>>
>>>>>> Thanks!
>>>>>> metze
>>>>>>
>>>>>>
>>>>>>
>>>>>>              
>>>>> Hi metze,
>>>>> Sorry for the tabs, about 32/64 I didn't find the samdb_search_int32
>>>>> function and I've seen in the code of samba4 that it's done like this
>>>>> (ie. samdb_result_force_password_change in dsdb/common/util.c).
>>>>> Maybe it will be more cleaner to create a samdb_search_int32() ?
>>>>>
>>>>> In any case here is the updated patch I also attached a variant just
>>>>> with 64 bit ints ...
>>>>>
>>>>>            
>>>> We need to avoid magic things like 0xf in the code.  Can you a bitmap of
>>>> constants to the netlogon.idl and use them?
>>>>
>>>>
>>>>          
>>> Metze, Andrew,
>>>
>>> Find attached the version that use the IDL (good point because it
>>> allowed me to realize that we should return 0x07 in fact ...) with int32
>>> and a silent cast from samdb_search_int64.
>>>        
>> I just noticed that we already do a samdb_search_string(),
>> which would mean we do 2 ldb searches for the same object.
>> I think we should use only one search, maybe using gendb_search_dn()
>> and ldb_msg_find_attr_as_uint().
>>      
> I've pushed the patch, but I agree.
>    
Expect a patch to correct this soon :-)
Matthieu.

More information about the samba-technical mailing list