[PATCHSET] Cleanup KDC code
abartlet at samba.org
Tue Mar 17 22:16:05 MDT 2015
On Tue, 2015-03-17 at 10:36 +0100, Andreas Schneider wrote:
> attached is a patchset to cleanup the KDC code of Samba. Some of the patches
> remove obsolete code, or subtle bugs we were running into while investigating
> issues in 'make test'.
> Please review and push the patches you consider fine. Please give us feedback
> on patches you consider incomplete or are not clear enough.
> 36 patches:
> .ycm_extra_conf.py | 1 +
> lib/krb5_wrap/krb5_samba.c | 7 +-
> source4/dns_server/dlz_bind9.c | 2 +-
> source4/dsdb/samdb/ldb_modules/password_hash.c | 59 +++---
> source4/kdc/db-glue.c | 242 +++++++++++++-----------
> source4/kdc/pac-glue.c | 35 ++--
> source4/libnet/wscript_build | 2 +-
> source4/rpc_server/wscript_build | 3 +-
> source4/scripting/bin/samba_dnsupdate | 15 +-
> source4/torture/rpc/remote_pac.c | 33 +++-
> source4/winbind/winbindd.c | 2 +-
> 11 files changed, 234 insertions(+), 167 deletions(-)
I've not had time for a full review, but at the same time I didn't see
anything particularly odd or unexpected.
The only thing I would like is to have the krb5.kdc tests extended to
verify that encryption order, by having it parse the relevant packets
and asserting on those values.
(Otherwise, a 'cleanup' later might change the order, or fail to enable
an AES key when we should, and we might never notice we were below full
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical