NTLMSSP and GENSEC
Volker.Lendecke at SerNet.DE
Sat Oct 15 11:32:30 MDT 2011
On Sat, Oct 15, 2011 at 05:52:40PM +1100, Andrew Bartlett wrote:
> > I think only gensec_update*() should use event driven stuff.
> For now, the module does not use any event context, so I've made no
> change here yet.
If only the gensec_update() routines use any event context
stuff at all, wouldn't it be better to pass the event
context explicitly there instead of putting an event context
into the gensec_security struct? This way the risk of using
gensec wrongly leading to nested event loops is greatly
If we absolutely have to accept the whole gensec thing into
the Samba3 code (something which needs much broader
discussion I think), then we should only do it if we can
agree on handling the event stuff. Looking at 'struct
gensec_security' right now I don't think we are there yet.
The risk of accidentially getting nested event loops into
the main Samba3 code, leading to very hard to debug
situations is much too high for my taste with the tevent
context being part of a central structure.
With best regards,
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
More information about the samba-technical