netlogon_creds_cli_validate() in master4-schannel
abartlet at samba.org
Sun Nov 10 20:05:16 MST 2013
I was looking over your
https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel tree in the hope that we might see more of this great work in master.
I was looking at this in particular, because it seems to be blocking a
lot of other work.
What I don't understand is why we have this complex
netlogon_creds_cli_validate() routine, rather than something at the NDR
layer using memcmp()? If we ever add something to this structure, we
are going to have to keep this in sync, and that seems unfortunate.
Other than that, it looks good. I was supprised by the downgrade
handling in netlogon_creds_cli_check_caps but as long as we are careful
as to when we choose not to propose AES, I guess it's OK.
How can I help you get the rest of this set merged?
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz
More information about the samba-technical