CVS update: samba/source/libsmb
Andrew Bartlett
abartlet at samba.org
Tue Jul 15 23:51:56 GMT 2003
On Tue, Jul 15, 2003 at 11:05:57PM +0000, jra at samba.org wrote:
>
> Date: Tue Jul 15 23:05:56 2003
> Author: jra
>
> Update of /data/cvs/samba/source/libsmb
> In directory dp.samba.org:/tmp/cvs-serv5915/libsmb
>
> Modified Files:
> Tag: SAMBA_3_0
> cliconnect.c clientgen.c smb_signing.c
> Log Message:
> Added the "required" keyword to the "client signing" parameter to force it
> on. Fail if missmatch. Small format tidyups in smbd/sesssetup.c. Preparing
> to add signing on server side.
> Jeremy.
A few comments:
- On the parmaeters:
- Do we really need that may ways to say 'required'?
- Could we rename the 'yes' and 'no' options to 'enabled' and 'disabled'?
- On 'client smb signing = required':
- I think we should bail out only after a successful non-guest session setup,
or if we are put into share level security.
- Guest sesions are not protected anyway, and this could impact on browsing
- We need to defend against protocol-downgrade attacks.
Andrew Bartlett
More information about the samba-technical
mailing list