[PATCH] Add support for MS Catalog files

Andrew Bartlett abartlet at samba.org
Thu Jun 21 20:28:30 UTC 2018

On Thu, 2018-06-21 at 18:05 +0200, Andreas Schneider via samba-
technical wrote:
> Hi,
> the attached patch adds support for parsing MS Catalog files. This will be 
> needed for MS-PAR support in future.
> For the cryptography it is using GnuTLS and for the asn1 part it uses 
> libtasn1. libtasn1 is used by GnuTLS and maintained by Nikos 
> Mavrogiannopoulos. As we already use GnuTLS we already consume libtasn1 
> through it.
> libtasn1 is fuzzed via GnuTLS on oss-fuzz.
> It is very well documented, see:
> https://www.gnu.org/software/libtasn1/manual/libtasn1.html
> It would make sense to use it for other asn1 stuff in Samba.
> Review is much appreciated.

Just a few things.  Not now, but when this becomes a dependency for
printing, can we please ensure it is a hard dependency?  Having
features drop out based on configure-time tests causes trouble.

If we can't add a hard dependency on libtasn1 and gnutls, then we
should have a --without-printing-support that removes all the spoolss,
ms-par etc code and so this dependency.  (Additionally useful for the
small-build folks).

Finally, this needs automated tests, particularly as it is handling
ASN.1, the root of too many security holes historically. 


Andrew Bartlett
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list