[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Tue Oct 18 10:49:41 MDT 2011 

On Tue, Oct 18, 2011 at 01:55:04PM +0200, Andrew Bartlett wrote:
> The branch, master has been updated
>        via  94799db s3-auth move the s3 auth context onto gensec_ntlmssp once we start
>        via  fa12756 s3-libsmb Use a gensec module to provide the ntlmssp client in ntlmssp_wrap.c
>        via  f9b0426 s3-ntlmssp split auth_ntlmssp_client_start() into two parts
>        via  f3333bd s3-rpc_client remove cli_auth_ntlmssp_data_destructor
>       from  56328a4 s3/doc: add man page for aio_fork vfs module
> 
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
> 
> 
> - Log -----------------------------------------------------------------
> commit 94799db9b5d33ded34ad3e934da673a44d48094a
> Author: Andrew Bartlett <abartlet at samba.org>
> Date:   Tue Oct 18 16:34:27 2011 +1100
> 
>     s3-auth move the s3 auth context onto gensec_ntlmssp once we start
>     
>     We do not need it on the auth_ntlmssp_state any longer.
>     
>     Andrew Bartlett
>     
>     Autobuild-User: Andrew Bartlett <abartlet at samba.org>
>     Autobuild-Date: Tue Oct 18 13:54:36 CEST 2011 on sn-devel-104
> 
> commit fa1275610b3c7cad75b5b86ae4b32d8781d1acc0
> Author: Andrew Bartlett <abartlet at samba.org>
> Date:   Tue Oct 18 16:16:02 2011 +1100
> 
>     s3-libsmb Use a gensec module to provide the ntlmssp client in ntlmssp_wrap.c
>     
>     This removes the need to have if (ans->gensec_security) everywhere.
>     
>     Andrew Bartlett

Andrew,

	I *really* *really* hate the use of talloc_reference()/talloc_unlink()
in this code. I know it's essentially doing the same as a talloc_move()
in this case, but it doesn't always do so (looking at the calls to
gensec_set_credentials() in source4/smb_server/smb/negprot.c for
example.

I really think that doing references in gensec is a completely broken
design that *WILL* come back and bite us sometime later.

Is there some way gensec can be changed to make a copy of
the credentials instead ?

It's probably not possible to fix this short term, but I'd
strongly recommend gensec moving away from talloc_reference()
of any passed in pointers. This is a disaster waiting to
happen IMHO.

I've been spending a lot of time recently talking to Josh
Bloch (he of the Java library API design), and one of his
biggest points is getting an API design right. Once you do,
then everything else becomes natural.

talloc_reference() is just plain *wrong* and is a broken API
design (an attempt at C++ smart pointers without the "smart"
part :-) IMHO. Please let's reduce its use in our code.

Cheers,

Jeremy.

More information about the samba-technical mailing list