DCERPC Security Context Multiplexing (ready for review)
Jeremy Allison
jra at samba.org
Fri Jan 11 23:01:15 UTC 2019
On Fri, Jan 11, 2019 at 10:55:18AM +0100, Stefan Metzmacher via samba-technical wrote:
> Hi Jeremy,
>
> >> I'm reviewing the remaining this week, sorry for the delay
> >> over the holidays !
> >
> > One quick comment. In [PATCH 044/103] s4:rpc_server/lsa: make use of dcesrv_call_auth_info()
> >
> > you're removing the check for auth->auth_level < DCERPC_AUTH_LEVEL_INTEGRITY,
> > so this patch also needs the commit message to have the text:
> >
> > "It's enough to check the auth_type for DCERPC_AUTH_TYPE_SCHANNEL,
> > there's no need to also check the auth_level for integrity or privacy.
> >
> > The gensec layer already required at least DCERPC_AUTH_LEVEL_INTEGRITY,
> > see schannel_update_internal()."
> >
> > added to it, as [PATCH 045/103] already does.
> >
> > Just wanted to let you know I'm paying attention :-). FYI, I've
> > added that text into the commit message of my local copy and
> > when finished review will push/resend to the list.
>
> Looks good, thanks!
Here's what I'm going with. No real changes, just the
comments/commit massage updates and talloc -> talloc_zero change.
RB+.
Phew. That was a marathon review session :-).
Cheers,
Jeremy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 173-mod.patch
Type: text/x-diff
Size: 407876 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20190111/e8f3e9c9/173-mod-0001.diff>
More information about the samba-technical
mailing list