[PATCHES] Rationalizing and unifing Schannel

simo idra at samba.org
Tue Feb 23 06:38:51 MST 2010


On Tue, 2010-02-23 at 11:11 +0100, Stefan (metze) Metzmacher wrote:
> Andrew Bartlett schrieb:
> > On Mon, 2010-02-22 at 10:53 -0500, simo wrote:
> >> I have been working on a patchset to enhance the schannel interface and
> >> also to make it possible to share this code between S3 and S4 again.
> >>
> >> The first 6 patches shouldn't be controversial.
> >> The last 2 patches remove the use of ldb and goes back to use a tdb for
> >> samba4, the comment on patch 7 explains the rationale.
> >>
> >> Unless there are objections I will push this patches during the week.
> > 
> > Except for the comments on ldb performance, which I think don't really
> > apply here (unlike sam.ldb, schannel.ldb does not load modules, and does
> > not have a very high connect rate anyway), this seems like a very
> > reasonable approach.  In particular, it's important to unify subsystems
> > like this, and the temporary nature of this DB lends itself to NDR'ed
> > structures and a single key lookup.  It's nice to be able to see the
> > details of a running server with a simple ldbsearch, but it does not
> > seem to be needed often. 
> 
> As far as I remember the tdb code was even more verbose, by
> NDR_PRINT_DEBUG() at each step in the log files.
> 
> I could also think about using TDB_CLEAR_IF_FIRST, it's just a runtime
> cache. We don't need a tdb_transaction for each credential step.

I'd like to discuss this point after the patches are applied as it would
be a change in the current behavior which I made sure was not the case
with these patches.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>



More information about the samba-technical mailing list