s3-dcerpc: avoid talloc_move on schannel creds in cli_rpc_pipe_open_schannel_with_key().

Jeremy Allison jra at samba.org
Mon Aug 23 19:17:07 MDT 2010


On Tue, Aug 24, 2010 at 10:47:41AM +1000, Andrew Bartlett wrote:
> 
> Is this really correct?  I would have said that talloc_reference() is
> the right thing to do here, as it is shared state.  If one connection
> does any call that updates the credentials chain, then the other
> connections state must reflect that update, otherwise their calls
> (SamLogon and other calls that do the credential chaining) will fail -
> see how we have do this via a tdb on the server. 
> 
> I know talloc_reference() isn't liked, but it really is the right thing
> to do here. 

I'd rather do this with an explicit ref_count element in
the structure, and attaching a destructor that decrements
it - that way callers know there's something special going
on here. Shared pointers like that should be the rare exception,
not the rule and making it clear what is going on in these
cases is better IMHO.

Jeremy.


More information about the samba-technical mailing list