Getting rid of smb_krb5_send_and_recv_func()

Andreas Schneider asn at samba.org
Tue May 6 00:25:57 MDT 2014 

On Tuesday 06 May 2014 10:52:00 you wrote:
> On Mon, 2014-05-05 at 09:32 +0200, Andreas Schneider wrote:
> > On Thursday 01 May 2014 09:31:50 Andrew Bartlett wrote:
> > > On Wed, 2014-04-30 at 11:54 +0200, Andreas Schneider wrote:
> > > > Hi,
> > > > 
> > > > with Andrew his patches and the preloadable socket_wrapper we're now
> > > > able
> > > > to get rid of smb_krb5_send_and_recv_func().
> > > > 
> > > > I've prepared a patchset here:
> > > > 
> > > > https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/smb_krb
> > > > 5_se
> > > > nd_and_recv_func
> > > > 
> > > > 
> > > > A local 'make test' completed successfully.
> > > 
> > > My main concern is that this implies that we are backing down from
> > > Kerberos due to it failing, rather than actually handling this properly.
> > 
> > I don't really get what you want to explain to me. For me this code looks
> > like it has been created so that heimdal works with socket_wrapper.
> > 
> > > That is, I think we fall into the KDC not found case, and fall back to
> > > NTLM, when Samba is operating in single process mode.
> > 
> > If we remove this function then heimdal will take care of sending the
> > packet. doesn't it?
> > 
> > Can you please explain this in more details so that Günther and I
> > understand the purpose of these functions.
> 
> It has three purposes:
> 
> To use socket_wrapper, and to use our name resolution, and to use our
> event loop, so a single-process mode server can talk to itself.  You
> handled the first, perhaps the second and not the third.

nss_wrapper does name resolution and this works even with system libraries! 
For more details read: https://lwn.net/Articles/594863/

So this leaves the event loop. Why does it need to use the Samba event loop?


> Please do not remove this without my explicit ACK.

We're trying to port Samba 4 to MIT Kerberos and are trying to understand why 
we do certain things. Please go into more details so we can understand why it 
was done this way.


Cheers,


	-- andreas

-- 
Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org
www.samba.org

More information about the samba-technical mailing list