[cifs-protocol] DCE/RPC PFC_SUPPORT_HEADER_SIGN not optional
Andrew Bartlett
abartlet at samba.org
Fri Jul 25 03:36:19 GMT 2008
MS-RPCE 3.3.1.5.2.2 implies that the PFC_SUPPORT_HEADER_SIGN bit in the
RPC bind messages negotiates optional support for header signing.
however, this is not the case - the client (Vista SP1 in this case) will
sign the RPC headers if the target security mechanism supports it.
(ie, original style NTLM has unsigned headers, NTLM2 session security
signs them, GSSAPI does not, unless using AES per MS-KILE 3.4.5.4.1)
Therefore the documentation for this extension should be rewritten to
indicate that this is an informative bit, not a negotiated flag.
(And while painful to me, if this were to be a real negotiation, the
attacker this feature is expected to disrupt would be able to simply
turn it off).
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080725/ce0a2a84/attachment.bin
More information about the cifs-protocol
mailing list