DCERPC Security Context Multiplexing (ready for review)
Stefan Metzmacher
metze at samba.org
Fri Jan 11 09:55:18 UTC 2019
Hi Jeremy,
>> I'm reviewing the remaining this week, sorry for the delay
>> over the holidays !
>
> One quick comment. In [PATCH 044/103] s4:rpc_server/lsa: make use of dcesrv_call_auth_info()
>
> you're removing the check for auth->auth_level < DCERPC_AUTH_LEVEL_INTEGRITY,
> so this patch also needs the commit message to have the text:
>
> "It's enough to check the auth_type for DCERPC_AUTH_TYPE_SCHANNEL,
> there's no need to also check the auth_level for integrity or privacy.
>
> The gensec layer already required at least DCERPC_AUTH_LEVEL_INTEGRITY,
> see schannel_update_internal()."
>
> added to it, as [PATCH 045/103] already does.
>
> Just wanted to let you know I'm paying attention :-). FYI, I've
> added that text into the commit message of my local copy and
> when finished review will push/resend to the list.
Looks good, thanks!
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20190111/2c94ca27/signature.sig>
More information about the samba-technical
mailing list