[PATCH] Add support for MS Catalog files
Andrew Bartlett
abartlet at samba.org
Mon Jun 25 02:05:07 UTC 2018
On Fri, 2018-06-22 at 07:35 +0200, Andreas Schneider via samba-
technical wrote:
> On Thursday, 21 June 2018 22:28:30 CEST Andrew Bartlett wrote:
> > On Thu, 2018-06-21 at 18:05 +0200, Andreas Schneider via samba-
> >
> > technical wrote:
> > > Hi,
> > >
> > > the attached patch adds support for parsing MS Catalog files. This will be
> > > needed for MS-PAR support in future.
> > >
> > > For the cryptography it is using GnuTLS and for the asn1 part it uses
> > > libtasn1. libtasn1 is used by GnuTLS and maintained by Nikos
> > > Mavrogiannopoulos. As we already use GnuTLS we already consume libtasn1
> > > through it.
> > >
> > > libtasn1 is fuzzed via GnuTLS on oss-fuzz.
> > >
> > > It is very well documented, see:
> > > https://www.gnu.org/software/libtasn1/manual/libtasn1.html
> > >
> > > It would make sense to use it for other asn1 stuff in Samba.
> > >
> > > Review is much appreciated.
> >
> > Just a few things. Not now, but when this becomes a dependency for
> > printing, can we please ensure it is a hard dependency? Having
> > features drop out based on configure-time tests causes trouble.
>
> Yes, we can. When I developed this code we needed to implement a few features
> in GnuTLS. So I just checked for the required function to build that code.
> This is 2 years old now. GnuTLS with the required functions should be rolled
> out on most distros in the meantime.
Good. As long as we don't need a time machine to get back to RHEL6 ;-)
> > If we can't add a hard dependency on libtasn1 and gnutls, then we
> > should have a --without-printing-support that removes all the spoolss,
> > ms-par etc code and so this dependency. (Additionally useful for the
> > small-build folks).
>
> We would love to have that, but it is a really long way to achieve that.
> Printing should be in a separate daemon.
Sure. I was more thinking waf build rules to cut out the subsystems at
the same point 'enable spoolss' does. (Note contradiction with my
other line of argument today, but anyway).
> > Finally, this needs automated tests, particularly as it is handling
> > ASN.1, the root of too many security holes historically.
>
> It should be relatively safe. Unless someone steals the Microsoft Root Keys to
> create bogus catalog files :-) We only parse the asn.1 if the signature is
> valid.
>
> The problem is the drivers licenses ... How can we test with real drivers
> without licensing issues. Same for MS-PAR/spoolss testing.
Perhaps test fake drivers with a Samba certificate?
Thanks,
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list