[cifs-protocol] Re: 600169 - RE: DCE/RPC PFC_SUPPORT_HEADER_SIGN
not optional
Stefan (metze) Metzmacher
metze at samba.org
Mon Jul 28 11:52:54 GMT 2008
Stefan (metze) Metzmacher schrieb:
> Andrew Bartlett schrieb:
>> On Fri, 2008-07-25 at 11:43 -0700, Richard Guthrie wrote:
>>> Andrew,
>>>
>>> I will be working to resolve your issue. Would it be possible to have you capture and send us a network trace that captures the behavior you are seeing?
>
> Some comments about stuff I found while doing some tests as a 'client'
> against a windows server:
>
>> Samba4 seems to send a valid request using the current heimdal
>> AES implementation, I'm not getting an DCERPC fault back.
>>
>> But it seems the server always sends back the response with AEAD
>> and we can't handle the response.
>
>
>> Also when I send the DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN flag in the
>> DCERPC Bind, then I'm getting DCERPC faults using rc4 and des keys.
>
>
> This seems to imply that windows always do AEAD for AES, but accept
> client without out it, but also imply this client would be able to
> handle the reply using AEAD.
I also checked the server didn't set the
DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN in the BindAck.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080728/f7088a86/signature.bin
More information about the cifs-protocol
mailing list