# policy, and support documentation.

name: Scorecard supply-chain security
on:
  # For Branch-Protection check. Only the default branch is supported. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained

 */

package jcifs.smb1.dcerpc;

import jcifs.smb1.dcerpc.ndr.NdrBuffer;

/**
 * Interface for DCERPC security providers that handle message protection
 */
public interface DcerpcSecurityProvider {
    /**
     * Wraps outgoing DCERPC message data for security protection
     * @param outgoing the buffer containing data to be wrapped
     * @throws DcerpcException if the wrapping operation fails
     */

## Why distributed MinIO?

MinIO in distributed mode can help you setup a highly-available storage system with a single object storage deployment. With distributed MinIO, you can optimally use storage devices, irrespective of their location in a network.

### Data protection

    }

    /**
     * Test integer overflow protection in security buffer offset calculation.
     */
    @Test
    public void testSecurityBufferIntegerOverflow() {
        byte[] buffer = createBasicNegotiateResponseBuffer();

        // Set security buffer offset close to Integer.MAX_VALUE to test overflow protection

# ============================================================================

name: Scorecards supply-chain security
on:
  # For Branch-Protection check. Only the default branch is supported. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained

    }

    /**
     * Gets the mechanism list MIC (Message Integrity Code) for integrity protection
     * @return the mechanism list MIC bytes
     */
    public byte[] getMechanismListMIC() {
        return this.mechanismListMIC;
    }

    /**
     * Sets the mechanism list MIC (Message Integrity Code) for integrity protection
     * @param mechanismListMIC the mechanism list MIC bytes
     */

## CSRF Risk { #csrf-risk }

This default behavior provides protection against a class of **Cross-Site Request Forgery (CSRF)** attacks in a very specific scenario.

These attacks exploit the fact that browsers allow scripts to send requests without doing any CORS preflight check when they:

            try {
                KeyStore.SecretKeyEntry keyEntry = new KeyStore.SecretKeyEntry(secretKey);
                KeyStore.ProtectionParameter protection = new KeyStore.PasswordProtection(keyStorePassword);
                keyStore.setEntry("smb.session." + sessionId, keyEntry, protection);
            } catch (Exception e) {
                log.warn("Failed to store key in KeyStore: {}", e.getMessage());
            }
        }

In 12 drive example above, with MinIO server running in the default configuration, you can lose any of the six drives and still reconstruct the data reliably from the remaining drives.

        run: echo "$GITHUB_CONTEXT"

  # https://github.com/marketplace/actions/alls-green#why
  test-redistribute-alls-green:  # This job does nothing and is only used for the branch protection
    if: always()
    needs:
      - test-redistribute
    runs-on: ubuntu-latest
    steps:
      - name: Decide whether the needed jobs succeeded or failed
        uses: re-actors/alls-green@release/v1