Fix smartcard offline logon and NTLM authentication

Stefan Metzmacher metze at samba.org
Thu Jul 21 07:19:05 UTC 2016


Am 21.07.2016 um 06:17 schrieb Andrew Bartlett:
> On Wed, 2016-07-20 at 10:44 +0200, Stefan Metzmacher wrote:
>>> In torture/rpc/remote_pac.c:test_PACVerify(), we need to add a
>> runtime
>>> assertion of the UPN_DNS_INFO, and the PAC ordering, and anything
>> else
>>> (within reason) that we can detect.  
>>>  
>>> This is because the torture/auth/pac.c code no longer runs the same
>> PAC
>>> marshalling code as the KDC, because we let Heimdal do more of that
>>> now.  That is probably why those tests still pass (they expect a
>> byte
>>> -for-byte Win2k3 PAC totally rebuilt!) with the KDC asked to add
>>> UPN_DNS_INFO.
>>
>> Done, see the master4-smart-tmp branch.
> 
> Sorry, but I don't see a torture patch in there.  Perhaps it is
> somewhere else?

Sorry, forgot to push :-(

It's there now.
https://git.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=35cdc3de5e5293fdb305b41a64912dbc04a75f83

metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160721/7d67fe5f/signature.sig>


More information about the samba-technical mailing list