Backporting DCERPC Security Context Multiplexing?

Clement Wong cw at clement.hk
Sun Jan 20 07:46:55 UTC 2019 

Hi,

For me it would be really cool to get it backported as the next stable
version of Debian is shipped with 4.9.

Clement

On Sun, Jan 20, 2019 at 12:56 AM Andrew Bartlett via samba-technical <
samba-technical at lists.samba.org> wrote:

> On Thu, 2019-01-17 at 10:05 -0800, Jeremy Allison via samba-technical
> wrote:
> > On Thu, Jan 17, 2019 at 05:09:28PM +0100, Stefan Metzmacher wrote:
> > >
> > > Hi,
> > >
> > > >
> > > > >
> > > > > Here's what I'm going with. No real changes, just the
> > > > > comments/commit massage updates and talloc -> talloc_zero
> > > > > change.
> > > > >
> > > > > RB+.
> > > > >
> > > > > Phew. That was a marathon review session :-).
> > > As these patches would like fix real world problems, see:
> > >
> > > https://bugzilla.samba.org/show_bug.cgi?id=7113
> > > https://bugzilla.samba.org/show_bug.cgi?id=11892
> > >
> > > I'm wondering if we should backport them to current releases?
> > > We could also turn the feature off in order to keep the old
> > > behavior.
> > >
> > > The patchset has a lot of patches, but the changes are very
> > > isolated
> > > in the core s4:rpc_server and we have an it's tested a lot in
> > > raw_protocol.py. I have a 4.9 backport here:
> > >
> > > https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/head
> > > s/v4-9-dcerpc-auth
> > >
> > > And a pipeline is running here:
> > > https://gitlab.com/samba-team/devel/samba/pipelines/43756435
> > >
> > > What do you think?
> > If you're willing to do the back-port work,
> > the least I can do is to re-review the
> > patches :-).
>
> I've been bitten too much with feature backports as bug-fixes, I really
> think we can wait until 4.10 for this.
>
> I agree there are very real-world issues (I had clients come to me
> looking to fix it) but the scale of the fix required was even greater
> than I imagined.
>
> Metze,
>
> Thank you so much for doing this work, it is really appreciated, I just
> think the best way to ensure our users get to use it is to try not
> avoid brown paper bags with the 4.10 release.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett                       http://samba.org/~abartlet/
> Authentication Developer, Samba Team  http://samba.org
> Samba Developer, Catalyst IT
> http://catalyst.net.nz/services/samba
>
>
>
>
>

More information about the samba-technical mailing list