S3 plain text to encrypted password transition
Andreas Schneider
asn at samba.org
Thu Jul 29 00:46:00 MDT 2010
On Wednesday 28 July 2010 23:48:36 simo wrote:
> > This decision is a bit
difficult to make without seeing the
> > code changes that are blocked by
it. While it works and does
> > not conflict with anything else, I would say
keep it. If you
> > have something in the pipeline that would become
> >
significantly easier if it was dropped, I think we should
> > look more
closely at the benefits of having either.
> >
> > Does that sound
reasonable?
>
> Yes, absolutely.
>
> I will let Andreas comment on that
though.
I know that there are old clients, but this code is that a password
gets automatically migrated to a hashed password during login. If someone
wants to have this migrated, I think he probably did it in the past 9
years.
Well the plan is to change the auth code to use samr/lsa/netlogon
instead of directly accessing passdb. If I have to migrate code and the
comment says this code should die and that 9 years ago, I prefer to ask if
this code is really needed anymore.
I can spend hours writing rpc code to
replace this function. To be sure it works I need to test it or write a
torture test. So I can spend a day replacing this functionality or ask if I
can cleanup the code which is probably dead since a long time.
So this is 1
day vs. 1 hour, the question is if it is worth to spend the
day.
Cheers,
-- andreas
More information about the samba-technical
mailing list