That's currently always the case and will simplifies the callers.
WORKS now???
TDB_NO_FSYNC=1 buildnice make -j test FAIL_IMMEDIATELY=1 SOCKET_WRAPPER_KEEP_PCAP=1 TESTS='samba4.rpc.lsa.secrets.*ncacn_np.*Kerberos.*Samba3.*fl2000dc'
and
TDB_NO_FSYNC=1 buildnice make -j test FAIL_IMMEDIATELY=1 SOCKET_WRAPPER_KEEP_PCAP=1 TESTS='samba3.rpc.lsa.*ncacn_ip_tcp.*nt4_dc'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Dec 23 21:33:51 CET 2018 on sn-devel-144
static NTSTATUS gensec_verify_features(struct gensec_security *gensec_security)
{
static NTSTATUS gensec_verify_features(struct gensec_security *gensec_security)
{
/*
* gensec_want_feature(GENSEC_FEATURE_SIGN)
* and
/*
* gensec_want_feature(GENSEC_FEATURE_SIGN)
* and
+ if (gensec_security->dcerpc_auth_level < DCERPC_AUTH_LEVEL_PACKET) {
+ return NT_STATUS_OK;
+ }
+
+ ok = gensec_have_feature(gensec_security,
+ GENSEC_FEATURE_SIGN_PKT_HEADER);
+ if (!ok) {
+ DBG_ERR("backend [%s] does not support header signing! "
+ "auth_level[0x%x]\n",
+ gensec_security->ops->name,
+ gensec_security->dcerpc_auth_level);
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+