Some patches for import-lorikeet-heimdal branch

Andrew Bartlett abartlet at
Mon Nov 12 01:52:37 UTC 2018

On Sun, 2018-11-11 at 01:28 +0200, Isaac Boukris via samba-technical
> On Fri, Nov 9, 2018 at 12:56 AM Isaac Boukris <iboukris at> wrote:
> > 
> > > > > >
> > 
> > I pushed one more commit and the count is down to 1436.
> Just pushed two more commits and the failures are now down to 32 :)
> It is mostly wip and some isn't really fixed just figured out, but
> it's a good start.
> The last commit was not easy (as initially I couldn't reproduce
> outside the test environment). I wonder what can we actually do about
> it. In the short term we can try to move some assertions to the
> callbacks.

I agree, putting the assertions in the callbacks sounds like a plan.

We should also see if we really do need to modify the packet as much as
we do.

In the medium term we need to re-write that test in a framework where
we control everything, so this doesn't bite us in the future.

We should probably also work on a strategy to get this all merged. 
When I was last working on it, I was trying to get FAST going, but the
FAST code in heimdal's client wasn't complete.  There is better code in
Apple's code dump, but do we just copy out one file or should we try
and look into their advances more generally?

It would be great if someone would build a git tree (ideally with a
script to allow verification) from the stuff thrown over the wall. 
There are a few repositories out there but they are out of date...

Finally, for the changes around the etype_info2, a manual check needs
to be done to confirm that password lockout isn't being double-
triggered from Windows.  I realise we would now match windows exactly,
but a manual check is still needed.


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team
Samba Development and Support, Catalyst IT

More information about the samba-technical mailing list