[cifs-protocol] RE: [Pfif] erroneous references to little-endian
(SRX090617600092)
Bill Wesse
billwe at microsoft.com
Tue Jun 23 10:08:05 GMT 2009
Good morning once again - and thanks for your patience.
Unlike the [MS-SMB] SMB_COM_SESSION_SETUP_ANDX, [MS-SMB2] SESSION_SETUP does not contain 'NativeOS (variable)' and 'NativeLANMan (variable)' string fields.
For the sake of completeness, as you no doubt are already familiar with, the security 'Buffer (variable)' will contain this information. For 'Implicit NTLM' (raw NTLMSSP), or NTLM tokens embedded in GSS-API, the NEGOTIATE_MESSAGE, AUTHENTICATE_MESSAGE and AUTHENTICATE_MESSAGE AV_PAIR and Version fields (as described in [MS-NLMP]). Kerberos [MS-KILE] is, of course, a different beast entirely. The KRB_AP_REQ Ticket contains the Realm and Sname. The Privilege Attribute Certificate Structure [MS-PAC] contains the PAC_CLIENT_INFO structure, and so on, as documented in {MS-KILE].
Regards,
Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL: +1(980) 776-8200
CELL: +1(704) 661-5438
FAX: +1(704) 665-9606
-----Original Message-----
From: Bill Wesse
Sent: Wednesday, June 17, 2009 11:26 AM
To: Steve French; Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: [Pfif] erroneous references to little-endian (SRX090617600092)
Good morning Mr. French. Thank you for reporting the OS and NOS string documentation shortcomings in [MS-SMB2].
I have created case SRX090617600092 for your comments concerning that, and expect to begin work on this later today, or tomorrow morning at the latest.
I confirm that a documentation change is currently pending (work in progress) against the raw ('Implicit NTLM') NTLMSSP buffer content. I will be glad to update you when we have the final text ready.
Regards,
Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL: +1(980) 776-8200
CELL: +1(704) 661-5438
FAX: +1(704) 665-9606
-----Original Message-----
From: Steve French [mailto:smfrench at gmail.com]
Sent: Wednesday, June 17, 2009 9:14 AM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: Re: [Pfif] erroneous references to little-endian
In implementing SMB2 Session Setup protocol support I did not notice
reference to the "OS" and "NOS" (the strings which name the operating
system and network operating system version fields of the client and
server) which followed the security blob. See sections 2.2.5 and
2.2.6 of MS-SMB2 and 3.3.5.5. The description of the "buffer" field
just notes that it "MUST contain a token as produced by the GSS
protocol as specified in section 3.2.5.3" (which would not describe
the operating system or network operating system fields). Note that
an earlier CAR shows that the description of the buffer field is
incorrect in another way (Windows servers accept NTLMSSP, not
encapsulated in GSS in the buffer field for SMB2, and in some ways
that is easier and safer to generate).
--
Thanks,
Steve
More information about the cifs-protocol
mailing list