[PATCH] Add support for MS Catalog files
Andrew Bartlett
abartlet at samba.org
Thu Jun 21 20:28:30 UTC 2018
On Thu, 2018-06-21 at 18:05 +0200, Andreas Schneider via samba-
technical wrote:
> Hi,
>
> the attached patch adds support for parsing MS Catalog files. This will be
> needed for MS-PAR support in future.
>
> For the cryptography it is using GnuTLS and for the asn1 part it uses
> libtasn1. libtasn1 is used by GnuTLS and maintained by Nikos
> Mavrogiannopoulos. As we already use GnuTLS we already consume libtasn1
> through it.
>
> libtasn1 is fuzzed via GnuTLS on oss-fuzz.
>
> It is very well documented, see:
> https://www.gnu.org/software/libtasn1/manual/libtasn1.html
>
> It would make sense to use it for other asn1 stuff in Samba.
>
> Review is much appreciated.
Just a few things. Not now, but when this becomes a dependency for
printing, can we please ensure it is a hard dependency? Having
features drop out based on configure-time tests causes trouble.
If we can't add a hard dependency on libtasn1 and gnutls, then we
should have a --without-printing-support that removes all the spoolss,
ms-par etc code and so this dependency. (Additionally useful for the
small-build folks).
Finally, this needs automated tests, particularly as it is handling
ASN.1, the root of too many security holes historically.
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list