svn commit: samba r21991 - in branches/SAMBA_3_0/source: include lib libsmb smbd

[Jeremy Allison]

On Thu, Mar 29, 2007 at 11:32:59AM -0700, James Peach wrote:
> 
> You probably also want to allow shares to have different levels of  
> encryption. For example,
> 
> [share_really_secure]
>     encryption = mandatory
>     minimum encryption = the_best_algorithm_we_implement
> 
> [homes]
>     encryption = mandatory
>     minimum encryption = the_faster_but_weaker_algorithm

I'm going to leave this up to the /etc/krb5.conf as I'm
using gss-api for this. I don't think we need to get that
fancy.

For connection via IP (ie. non-krb5) we'll default to
NTLM encryption. If you don't want that then turn off
NTLM via the normal mechanisms.

People who are this security aware will be using krb5
anyway and will turn off NTLM auth alltogether.

Actually, looking at our code it looks like currently
we don't have a way to turn off NTLMv2 and force krb5
only for auth. We probably need to add this.

> There's 2 issues - the first is supporting the configuration above,  
> the second is that the only space we have in the protocol is in trans2  
> levels which require a tree connection.

Life sucks :-).

> If you wanted encryption to be a property of the VC, you could connect  
> to [Samba$] and negotiate it there which would work around the second  
> issue. If some shares require encryption and some don't you can just  
> set up different VCs to handle it.

I think it'd be IPC$, rather than Samba$, but the idea is the same.

> That said, we can live with having encryption as a property of the  
> TID :)

Cool ! Now all I need do is work with Andrew Bartlett on where
the NTLM signature should be for maximum compatibility with
SSPI. We're making progress (although you can see the sausage
being made and it's not pretty :-) :-).

Jeremy.