[SCM] Samba Shared Repository - branch v4-0-test updated
- release-4-0-0alpha4-42-g8e96f2e
Stefan (metze) Metzmacher
metze at samba.org
Sat Jun 7 07:31:55 GMT 2008
Hi Tridge,
> + /* supporting signing is mandatory in SMB2, and is per-packet. So we
> + should check the signature on any incoming packet that is signed, and
> + should give a signed reply to any signed request */
shouldn't we reject a request with a session but without signing,
if signing is negotiated as mendatory?
> + if (flags & SMB2_HDR_FLAG_SIGNED) {
> + NTSTATUS status;
> + if (req->session == NULL) {
> + /* we can't check signing with no session */
> + smb2srv_send_error(req, NT_STATUS_ACCESS_DENIED);
I think windows gives NT_STATUS_USER_SESSION_DELETED here...
Can you also change the client back to allow per smb2_session signing,
and we should only sign packets, which belong to a session.
We also need to take care of Oplocks breaks, from the server to the
client...
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-cvs/attachments/20080607/045aa26c/signature.bin
More information about the samba-cvs
mailing list