[PATCH] libads: record service ticket endtime for sealed ldap connections
Jeremy Allison
jra at samba.org
Tue May 12 12:57:18 MDT 2015
On Tue, May 12, 2015 at 08:41:33PM +0200, Ralph Böhme wrote:
>
> shouldn't we use the proper defines per the doc instead of simply
> checking 0? Haven't looked at what the rest of the codes does wrtt,
> but this doesn't look right to me.
>
> Cf <http://www.gnu.org/software/gss/manual/html_node/Context_002dLevel-Routines.html>
>
> Return value:
>
> GSS_S_COMPLETE: Successful completion.
> GSS_S_CONTEXT_EXPIRED: The context has already expired.
> GSS_S_NO_CONTEXT: The context_handle parameter did not identify a valid context
>
> But to me that doesn't make it clear whethe an expired context should
> be detected via GSS_S_COMPLETE && (context_validity == 0), or via
> GSS_S_CONTEXT_EXPIRED.
>
> Afaict an expired context will return GSS_S_CONTEXT_EXPIRED, not
> GSS_S_COMPLETE (== 0?) and context_validity = 0. Go figure... ;)
OK - good points. How about the following. Uses defines
and also detect an expired context whatever way it's
reported. (FYI, I'm pretty sure GSS_S_COMPLETE == 0,
but you're right in that we should use the constants :-).
Let me know if you're happy with this one !
Jeremy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-libads-record-service-ticket-endtime-for-sealed-ldap.patch
Type: text/x-diff
Size: 2165 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150512/0cd761d3/attachment.patch>
More information about the samba-technical
mailing list