[cifs-protocol] [EXTERNAL] Update of MS-PAC spec regarding November 2021 security updates - TrackingID#2111240040005432

Jeff McCashland (HE/HIM/THEY/THEM) jeffm at microsoft.com
Tue Nov 30 17:36:57 UTC 2021 

Hi Alexander and Metze,

I would like to check your understanding of the formula and edge condition. Metze suggested the formula:
((int)(flags_length/32))+1

By my calculation using this forumula, if there are 32 flags, the array would have 2 32-bit unsigned integers. I would expect only one UINT for 32 flags. 

Should it not be ((int)((flags_length -1)/32))+1? Also, I'm not sure what you are referring to as 'bit 33'. 32-bit values are usually designated bits 0-31. 

Best regards,
Jeff McCashland | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team 
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
We value your feedback.  My manager is Natesha Morrison (namorri), +1 (704) 430-4292

-----Original Message-----
From: Alexander Bokovoy <ab at samba.org> 
Sent: Monday, November 29, 2021 11:06 AM
To: Jeff McCashland (HE/HIM/THEY/THEM) <jeffm at microsoft.com>
Cc: metze <metze at samba.org>; cifs-protocol at lists.samba.org
Subject: Re: [EXTERNAL] [cifs-protocol] Update of MS-PAC spec regarding November 2021 security updates - TrackingID#2111240040005432

On ma, 29 marras 2021, Jeff McCashland (HE/HIM/THEY/THEM) wrote:
> Hi Metze,
> 
> How were you able to determine that the array size is '((int)(flags_length/32))+1'? Do you have a trace or document illustrating this? 
> 
> Also, it is expected that changes in the current Errata doc are not included in the published document, but normally the changes would be spelled out in the errata doc. 
> 
> Where did you find the Diff file with the changes? When I click the link, I get a PDF download, but I can't tell where it's coming from. 

You can download it from the MS-WINERRATA:

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fopenspecs%2Fwindows_protocols%2Fms-winerrata%2F314fe022-28ea-4bd9-93ac-7941ecf9ca10&data=04%7C01%7Cjeffm%40microsoft.com%7C64d8ce9cb0ed47229a7108d9b36b494d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637738097041964427%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=bTvMias2XtRmkwoGW%2FwGdIwDteTpu4S11g9ooyqaNfM%3D&reserved=0

For example, choose 'MS-PAC':
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fopenspecs%2Fwindows_protocols%2Fms-winerrata%2F54e7d766-95ed-4e47-bae3-0904176b5958&data=04%7C01%7Cjeffm%40microsoft.com%7C64d8ce9cb0ed47229a7108d9b36b494d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637738097041964427%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=kuFim9bo%2FiYuNC8A6bmIOWikE8Q%2Bi4Njnf3qG2fTXxc%3D&reserved=0

has a table with

------
The following sections were changed or added. Please see the [diff document] for the details. 
------

[diff document] is a link to https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwinprotocoldoc.blob.core.windows.net%2Fproductionwindowsarchives%2FMS-PAC%2F%255bMS-PAC%255d-20211109-diff.pdf&data=04%7C01%7Cjeffm%40microsoft.com%7C64d8ce9cb0ed47229a7108d9b36b494d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637738097041964427%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=Y6JWQGsZCrxJBsxGi1qDEbHZgjWKfbHkF%2BkWOCYmwiM%3D&reserved=0


Also, the same problem exists with [MS-KILE] spec, it also needs an update.

Choose 'MS-KILE' in the list:
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fopenspecs%2Fwindows_protocols%2Fms-winerrata%2Fc982f6c4-2f70-4dc7-b252-09092e9f1eed&data=04%7C01%7Cjeffm%40microsoft.com%7C64d8ce9cb0ed47229a7108d9b36b494d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637738097041964427%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=pIOp6cLleryb3iHav27sSEYTApoZryBsRuJrm9FTj7A%3D&reserved=0

then you'd see in the table 

------
The following sections were changed or
added. Please see the [diff document] for the details.
------

[diff document] is a link to https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwinprotocoldoc.blob.core.windows.net%2Fproductionwindowsarchives%2FMS-KILE%2F%255bMS-KILE%255d-20211109-diff.pdf&data=04%7C01%7Cjeffm%40microsoft.com%7C64d8ce9cb0ed47229a7108d9b36b494d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637738097041964427%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e%2B9JkEZGn3fcdUb34P%2BWXNfr9GsHeFEhxnPrHLDpvXA%3D&reserved=0



> 
> Best regards,
> Jeff McCashland | Senior Escalation Engineer | Microsoft Protocol Open 
> Specifications Team
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: 
> (UTC-08:00) Pacific Time (US and Canada) Local country phone number 
> found here: 
> https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsuppo
> rt.microsoft.com%2Fglobalenglish&data=04%7C01%7Cjeffm%40microsoft.
> com%7C64d8ce9cb0ed47229a7108d9b36b494d%7C72f988bf86f141af91ab2d7cd011d
> b47%7C1%7C0%7C637738097041964427%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wL
> jAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata
> =WUK0paClsBukbVps6Tp13EqWLGzki9eU%2F9aFyFS2DMY%3D&reserved=0 | 
> Extension 1138300 We value your feedback.  My manager is Natesha 
> Morrison (namorri), +1 (704) 430-4292
> 
> -----Original Message-----
> From: Jeff McCashland
> Sent: Wednesday, November 24, 2021 9:18 AM
> To: metze <metze at samba.org>; Alexander Bokovoy <ab at samba.org>
> Cc: cifs-protocol at lists.samba.org
> Subject: RE: [EXTERNAL] [cifs-protocol] Update of MS-PAC spec 
> regarding November 2021 security updates - TrackingID#2111240040005432
> 
> [Kristian to BCC]
> 
> Hi Alexander and Metze,
> 
> I will look into this and get back to you.
> 
> Best regards,
> Jeff McCashland | Senior Escalation Engineer | Microsoft Protocol Open 
> Specifications Team
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: 
> (UTC-08:00) Pacific Time (US and Canada) Local country phone number 
> found here: 
> https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsuppo
> rt.microsoft.com%2Fglobalenglish&data=04%7C01%7Cjeffm%40microsoft.
> com%7C64d8ce9cb0ed47229a7108d9b36b494d%7C72f988bf86f141af91ab2d7cd011d
> b47%7C1%7C0%7C637738097041964427%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wL
> jAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata
> =WUK0paClsBukbVps6Tp13EqWLGzki9eU%2F9aFyFS2DMY%3D&reserved=0 | 
> Extension 1138300 We value your feedback.  My manager is Natesha 
> Morrison (namorri), +1 (704) 430-4292
> 
> -----Original Message-----
> From: Kristian Smith <Kristian.Smith at microsoft.com>
> Sent: Wednesday, November 24, 2021 8:40 AM
> To: metze <metze at samba.org>; Alexander Bokovoy <ab at samba.org>
> Cc: cifs-protocol at lists.samba.org
> Subject: RE:[EXTERNAL] [cifs-protocol] Update of MS-PAC spec regarding 
> November 2021 security updates - TrackingID#2111240040005432
> 
> [DocHelp to Bcc]
> 
> Hi Alexander and Metze,
> 
> Thank you for your request. The case number 2111240040005432 has been created for this inquiry. One of our team members will follow-up with you soon.
> 
> Regards,
> Kristian
> 
> Kristian Smith
> Support Escalation Engineer
> Windows Open Spec Protocols
> Office: (425) 421-4442
> krsmith at microsoftsupport.com
> 
> 
> 
> -----Original Message-----
> From: metze <metze at samba.org>
> Sent: Wednesday, November 24, 2021 2:13 AM
> To: Alexander Bokovoy <ab at samba.org>; Interoperability Documentation 
> Help <dochelp at microsoft.com>
> Cc: cifs-protocol at lists.samba.org
> Subject: [EXTERNAL] Re: [cifs-protocol] Update of MS-PAC spec 
> regarding November 2021 security updates
> 
> 
> Am 24.11.21 um 10:33 schrieb Alexander Bokovoy via cifs-protocol:
> > Hello dochelp,
> >
> > I can see inconsistency in what is published on 
> > https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdo
> > cs 
> > .microsoft.com%2Fen-us%2Fopenspecs%2Fwindows_protocols%2Fms-pac%2F&a
> > mp
> > ;data=04%7C01%7CKristian.Smith%40microsoft.com%7C976b8182b4b84582f4b
> > d0
> > 8d9af334186%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C63773345695
> > 97 
> > 45681%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLC
> > JB 
> > TiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=7gzSojo9ov6Uwx80K%2FwOQG
> > hB
> > drb8oxqR%2F7yid5vn8tQ%3D&reserved=0
> > with regards to the changes introduced as a part of the Microsoft 
> > Windows security update of November 2021. Could this inconsistency 
> > be clarified by publishing the new revision of the MS-PAC document?
> >
> > Errata document[1] talks about changes dated 2021/11/11 post V22.0 
> > but the rest of the linked documents are only V22.0.
> >
> > In particular, the errata document[1] is saying:
> >
> > -----
> > The following sections were changed or added. Please see the diff 
> > document for the details.
> >
> > In section 2.10 UPN_DNS_INFO, added four new fields and a flag to 
> > the UPN_DNS_INFO structure.
> >
> > In section 2.14 PAC_ATTRIBUTES_INFO, added section.
> >
> > In section 2.15 PAC_REQUESTOR, added section.
> > -----
> >
> > The document published, however, does not have these changes. The 
> > last section in chapter 2 is '14', there is no section 2.15.
> 
> I'm seeing it here:
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwinp
> rotocoldoc.blob.core.windows.net%2Fproductionwindowsarchives%2FMS-PAC%
> 2F%255bMS-PAC%255d-20211109-diff.pdf&data=04%7C01%7Cjeffm%40micros
> oft.com%7C64d8ce9cb0ed47229a7108d9b36b494d%7C72f988bf86f141af91ab2d7cd
> 011db47%7C1%7C0%7C637738097041974427%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiM
> C4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&s
> data=HLuGYQaoS0rr6euFqjhik98CZry2AlUYYIfaKciLBNo%3D&reserved=0
> 
> But for me the PAC_ATTRIBUTES_INFO documentation is a bit unclear:
> 
> We have this in Samba:
>         typedef [bitmap32bit] bitmap {
>                 PAC_ATTRIBUTE_FLAG_PAC_WAS_REQUESTED = 0x00000001,
>                 PAC_ATTRIBUTE_FLAG_PAC_WAS_GIVEN_IMPLICITLY = 0x00000002
>         } PAC_ATTRIBUTE_INFO_FLAGS;
> 
>         typedef struct {
>                 uint32 flags_length; /* length in bits */
>                 PAC_ATTRIBUTE_INFO_FLAGS flags;
>         } PAC_ATTRIBUTES_INFO;
> 
> And the documentation has:
> 
>   FlagsLength (4 bytes): An unsigned 32-bit integer in little-endian format that describes the length,
>                          in bits, of the Flags field.
> 
>   Flags (variable): an array of 32-bit unsigned integers in little-endian format that contains flag bits
>                     describing the PAC.
> 
> It's not really clear that the array size is 
> '((int)(flags_length/32))+1', for now it's seems to be just a single
> uint32 element with two defined flags. Unless bit 33 will be defined 
> someday, it would be easier to have it as
> 
> typedef struct {
>   uint32 number_of_valid_flags;
>   uint32 flags;
> } PAC_ATTRIBUTES_INFO;
> 
> which is basically what we currently have in Samba, but in theory it 
> would have to be
> 
> typedef struct {
>   uint32 number_of_valid_flags;
>   uint32 flags[(number_of_valid_flags/32)+1];
> } PAC_ATTRIBUTES_INFO;
> 
> metze

--
/ Alexander Bokovoy

More information about the cifs-protocol mailing list