A preliminary userParameters patch
Andrew Bartlett
abartlet at samba.org
Fri Oct 4 13:50:14 MDT 2013
On Sat, 2013-10-05 at 07:59 +1300, Andrew Bartlett wrote:
> On Fri, 2013-10-04 at 10:47 +0200, Stefan (metze) Metzmacher wrote:
> > Am 04.10.2013 05:47, schrieb Andrew Bartlett:
> > > Attached is a patch that just forces userParameters to be octectString
> > > (I hope).
> > >
> > > We need tests etc, but I wanted your thoughts so we can tell Karolin
> > > what do about 4.1 and bug 8077 (where I have also attached this patch).
> > >
> > > What do you think?
> >
> > I just tested (within TDB_NO_FSYNC=1 buildnice make -j testenv
> > SELFTEST_TESTENV=vampire_dc)
> > that a value of
> >
> > userParameters::
> > IAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgA
> > CAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAUAAFABoACA
> > ABAEMAdAB4AEMAZgBnAFAAcgBlAHMAZQBuAHQANTUxZTBiYjAYAAgAAQBDAHQAeABDAGYAZwBGAGw
> > AYQBnAHMAMQAwMGYwZTBmNxIACAABAEMAdAB4AFMAaABhAGQAbwB3ADAxMDAwMDAwKgACAAEAQwB0
> > AHgATQBpAG4ARQBuAGMAcgB5AHAAdABpAG8AbgBMAGUAdgBlAGwAMDEgAEgAAQBDAHQAeABXAEYAU
> > AByAG8AZgBpAGwAZQBQAGEAdABoADJmNzc2NTJmNjQ2ZjJmNmU2Zjc0MmY3MjY1NzA2YzY5NjM2MT
> > c0NjUyZjc0Njg2OTczMmY2MTc0NzQ3MjY5NjI3NTc0NjUwMA==
> >
> > 0000 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
> > 0010 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
> > 0020 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
> > 0030 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
> > 0040 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
> > 0050 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
> > 0060 50 00 05 00 1A 00 08 00 01 00 43 00 74 00 78 00 P.........C.t.x.
> > 0070 43 00 66 00 67 00 50 00 72 00 65 00 73 00 65 00 C.f.g.P.r.e.s.e.
> > 0080 6E 00 74 00 35 35 31 65 30 62 62 30 18 00 08 00 n.t.551e0bb0....
> > 0090 01 00 43 00 74 00 78 00 43 00 66 00 67 00 46 00 ..C.t.x.C.f.g.F.
> > 00A0 6C 00 61 00 67 00 73 00 31 00 30 30 66 30 65 30 l.a.g.s.1.00f0e0
> > 00B0 66 37 12 00 08 00 01 00 43 00 74 00 78 00 53 00 f7......C.t.x.S.
> > 00C0 68 00 61 00 64 00 6F 00 77 00 30 31 30 30 30 30 h.a.d.o.w.010000
> > 00D0 30 30 2A 00 02 00 01 00 43 00 74 00 78 00 4D 00 00*.....C.t.x.M.
> > 00E0 69 00 6E 00 45 00 6E 00 63 00 72 00 79 00 70 00 i.n.E.n.c.r.y.p.
> > 00F0 74 00 69 00 6F 00 6E 00 4C 00 65 00 76 00 65 00 t.i.o.n.L.e.v.e.
> > 0100 6C 00 30 31 20 00 48 00 01 00 43 00 74 00 78 00 l.01 .H...C.t.x.
> > 0110 57 00 46 00 50 00 72 00 6F 00 66 00 69 00 6C 00 W.F.P.r.o.f.i.l.
> > 0120 65 00 50 00 61 00 74 00 68 00 32 66 37 37 36 35 e.P.a.t.h.2f7765
> > 0130 32 66 36 34 36 66 32 66 36 65 36 66 37 34 32 66 2f646f2f6e6f742f
> > 0140 37 32 36 35 37 30 36 63 36 39 36 33 36 31 37 34 7265706c69636174
> > 0150 36 35 32 66 37 34 36 38 36 39 37 33 32 66 36 31 652f746869732f61
> > 0160 37 34 37 34 37 32 36 39 36 32 37 35 37 34 36 35 7474726962757465
> > 0170 30 30
> >
> > Gets correctly replicated without your patch.
>
> However, that is only between Samba AD and Samba AD. I've not proved it
> yet, but with the wrong syntax in place, replication to Windows should
> result in corrupt values (it would be 20 00 00 00 20 00 00 00 00),
> replication from Windows would also result in corrupt values (20 20).
>
> > So I don't think there's no need for an urgent fix for 4.1.0.
>
> OK.
The main issue with not doing this for 4.1 is: when should we break
replication? It seems unreasonable to break replication between two
Samba 4.1.x DCs because we finally fixed this.
I guess we need to punt this off to 4.2, and as we discussed at the MS
IOLab, we do a 4.2 sooner rather than later.
This whole saga has bubbled along for long enough, and while I don't
like it, I like delaying a release even less.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list