import org.junit.jupiter.api.Test;

/**
 * JUnit 5 tests for AndXServerMessageBlock in legacy smb1 package.
 *
 * The tests use small stub subclasses to drive encode/decode paths and
 * validate batching, chaining, signing, and NT_CREATE_ANDX extended handling.
 */
class AndXServerMessageBlockTest {

    /**
     * Test stub for AndXServerMessageBlock to control read/write logic.
     */

                (byte) 0xFE, (byte) 0xDC, (byte) 0xBA, (byte) 0x98, (byte) 0x76, (byte) 0x54, (byte) 0x32, (byte) 0x10 };

        // Security mode with signing required
        int testSecurityMode = 0x0003; // SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED

        // SMB 3.1.1 dialect
        int testDialect = 0x0311;

        // Write to buffer

                trans.ensureConnected();
                log.warn("""
                        Default credentials (jcifs.smb.client.username/password)\
                         not specified. SMB signing may not work propertly.\
                          Skipping DC interrogation.""");
            } else {

        setField(transport, "negotiated", new Smb2NegotiateResponse(cfg));
        assertNull(transport.getServerEncryptionKey());
    }

    @Test
    @DisplayName("Signing enforced/optional adhere to flags and negotiation")
    void signingModes() throws Exception {
        // Enforced via constructor flag -> optional false, enforced true regardless of negotiation

    "path": "platforms/core-runtime/service-registry-impl",
    "unitTests": true,
    "functionalTests": false,
    "crossVersionTests": false
  },
  {
    "name": "signing",
    "path": "platforms/software/signing",
    "unitTests": true,
    "functionalTests": true,
    "crossVersionTests": false
  },
  {
    "name": "smoke-ide-test",
    "path": "testing/smoke-ide-test",

            jcifs.CIFSContext context = createDefaultContext();

            // Create transport with multi-channel specific settings
            // Multi-channel transports should use signing consistently with the main session
            boolean forceSigning = context.getConfig().isSigningEnforced();

            <option value="$PROJECT_DIR$/platforms/software/resources-sftp" />
            <option value="$PROJECT_DIR$/platforms/software/security" />
            <option value="$PROJECT_DIR$/platforms/software/signing" />
            <option value="$PROJECT_DIR$/platforms/software/software-diagnostics" />
            <option value="$PROJECT_DIR$/platforms/software/test-suites-base" />

    }
    
    public void validateRemoteAccess(long remoteAddress, int length, int remoteKey) {
        // Validate that remote memory access is authorized
        // This would integrate with SMB3 encryption/signing
        if (!isAuthorizedAccess(remoteAddress, length, remoteKey)) {
            throw new SecurityException("Unauthorized RDMA remote access");
        }
    }
    

*   `etcd2` as a backend is deprecated and support will be removed in Kubernetes 1.13 or 1.14.

### **Auth**

*   Default controller-manager options for `--cluster-signing-cert-file` and `--cluster-signing-key-file` are deprecated and will be removed in a future release. ([#54495](https://github.com/kubernetes/kubernetes/pull/54495),[ @mikedanese](https://github.com/mikedanese))

- The kube-controller-manager managed signers can now have distinct signing certificates and keys.  See the help about `--cluster-signing-[signer-name]-{cert,key}-file`.  `--cluster-signing-{cert,key}-file` is still the default. ([#90822](https://github.com/kubernetes/kubernetes/pull/90822), [@deads2k](https://github.com/deads2k)) [SIG API Machinery, Apps and Auth]