git.samba.org - samba.git/commit

author	Stefan Metzmacher <metze@samba.org>
	Wed, 21 Nov 2018 10:01:55 +0000 (11:01 +0100)
committer	Jeremy Allison <jra@samba.org>
	Sat, 12 Jan 2019 02:13:41 +0000 (03:13 +0100)
commit	a0b230631bcb0fd9b0299aa41711af08cc2594c3
tree	47f47e236fb7c86e49441deae90fb7b5cdb32412	tree
parent	3f535ed1adfe9c7088852a2c6aa56988440ce8fa	commit \| diff

py:dcerpc/raw_protocol: add tests to demonstrate how security context multiplexing works

Important things are this:
- It's not required to use the bind time feature negotiation in order
  to use it, it's only a hint for the client, but nothing is really
  negotiated, unlike the request multiplexing with the
  DCERPC_PFC_FLAG_CONC_MPX.
- There's special handling related to AUTH_LEVEL_CONNECT
  and requests without auth trailer
- An security context is identified by the unique
  tuple of auth_type, auth_level and auth_context_id (all together!),
  not just the auth_context_id.
- There's a limit of 2049 explicit authentication contexts.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

python/samba/tests/dcerpc/raw_protocol.py		diff \| blob \| history
selftest/knownfail.d/security_context_multiplexing	[new file with mode: 0644]	blob