[PATCHSET] Cleanup KDC code

[Andrew Bartlett]

On Tue, 2015-03-17 at 10:36 +0100, Andreas Schneider wrote:
> Hello,
> 
> attached is a patchset to cleanup the KDC code of Samba. Some of the patches 
> remove obsolete code, or subtle bugs we were running into while investigating 
> issues in 'make test'.
> 
> 
> Please review and push the patches you consider fine. Please give us feedback 
> on patches you consider incomplete or are not clear enough.
> 
> 36 patches:
> 
>  .ycm_extra_conf.py                             |   1 +
>  lib/krb5_wrap/krb5_samba.c                     |   7 +-
>  source4/dns_server/dlz_bind9.c                 |   2 +-
>  source4/dsdb/samdb/ldb_modules/password_hash.c |  59 +++---
>  source4/kdc/db-glue.c                          | 242 +++++++++++++-----------
>  source4/kdc/pac-glue.c                         |  35 ++--
>  source4/libnet/wscript_build                   |   2 +-
>  source4/rpc_server/wscript_build               |   3 +-
>  source4/scripting/bin/samba_dnsupdate          |  15 +-
>  source4/torture/rpc/remote_pac.c               |  33 +++-
>  source4/winbind/winbindd.c                     |   2 +-
>  11 files changed, 234 insertions(+), 167 deletions(-)

I've not had time for a full review, but at the same time I didn't see
anything particularly odd or unexpected.

The only thing I would like is to have the krb5.kdc tests extended to
verify that encryption order, by having it parse the relevant packets
and asserting on those values.

(Otherwise, a 'cleanup' later might change the order, or fail to enable
an AES key when we should, and we might never notice we were below full
strength).

Thanks!

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba