More s3compat-for-review patches
abartlet at samba.org
Thu May 27 16:57:59 MDT 2010
On Thu, 2010-05-27 at 17:31 +0200, Stefan (metze) Metzmacher wrote:
> Hi Andrew,
> >> The first things I noticed are:
> >> - we don't need a ntlmssp_private.h (at least in this patch stream).
> > Yes and no. There is no reason ntlmssp_debug_flags needs to be used
> > outside the NTLMSSP code, but must be shared between the sign and main
> > code.
> yes, I kept it with debug_ntlmssp_flags() only in my branch.
> > I agree the other changes are not strictly required, but as you may have
> > guessed or seen in my s3compat branch, I need those for the way GENSEC
> > uses the common code. I don't see how they do any harm.
> we only need it for struct ntlmssp_crypt_direction save_direction;
> correct? I think we should try to solve that in a different way
> and keep the structures private.
> maybe adding a flag to ntlmssp_sign_init() that it should allocate
> a struct ntlmssp_crypt_direction *crypt_save;
> the caller needs to do a ntlmssp_save_crypt_state() and
Honestly, I just don't see the value in added complexity for that amount
If we were going to do that much, then it would be better to make the
special case code in gensec_ntlmssp common.
I don't like outside code peering into private structures, but for
GENSEC's NTLMSSP implementation, which I hope will eventually be the
common and only NTLMSSP API to peer into the NTLMSSP code is quite
reasonable I think.
I hope to put most of ntlmssp.h into ntlmssp_private.h eventually - but
likewise I strongly suspect that gensec_ntlmssp will need to deal with
these structures too.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 190 bytes
Desc: This is a digitally signed message part
More information about the samba-technical