Remove dead code from plaintext auth case (impacting on AFS, DCE/DFS, OSF1, HP-UX and others)

Christian Ambach ambi at
Wed Jan 22 12:34:24 MST 2014

Am 22.01.14 04:47, schrieb Andrew Bartlett:
> This post, by Yannick Bergeron indicates that PAM covers the DCE/DFS use
> case:
> This does not address the actually useful use case of
> --with-fake-kaserver, that is bug
> and remains open.

I am still working on getting --with-fake-kaserver into the waf build.
I already have it working, but it is a big patch that needs to be broken 
into smaller pieces. So please do not remove any code that
this functionality depends on, as it will be revived soon.

> There is a lot of dead code here, and clearly a lot missed the WAF
> transition, which is unfortunate.  That said, if someone wishes to
> revive this, we need test systems and tested patches for WAF to
> implement the configure checks, as it isn't safe to just blindly copy
> the logic across from the old autoconf build.

I am testing this on an Ubuntu with recent OpenAFS headers. I found a 
problem with OpenAFS 1.6's headers while doing that, so I probably
have to continue with 1.4 until those issues have been sorted out by the 
OpenAFS folks.

> The purpose of these patches is just dead code elimination.  If we
> wanted to wait longer for feedback from our 4.0 waf and 4.1 users who
> are already without this feature, we could, but my instinct is that the
> number of users using plaintext authentication and using these systems
> is very, very small.  But if they exist, then they will be the folks who
> will best be able to confirm any patch to restore this is actually
> correct.

I do not want to fix the plaintext auth case, just the fake kaserver 
pieces, so no objection from me as long as the functions I need will 
remain. I have to admit I didn't check your patches in detail to 
determine the impact yet.


More information about the samba-technical mailing list