NTsecAPI - Work in progress
Luke Kenneth Casson Leighton
lkcl at samba-tng.org
Mon Sep 3 18:16:49 GMT 2001
i'm starting an nt security api.
it will basically be a generic wrapper around
and merge of:
cli_pipe_ntlmssp.c, srv_pipe_ntlmssp.c,
cli_pipe_netsec.c, srv_pipe_netsec.c,
and supporting code.
[see http://www.samba-tng.org, cvs instructions,
the above files are in source/rpc_client and
source/rpc_server.]
the idea is, however, to provide a client/server
framework for general user authentication, signing
and sealing.
once this framework is written, it will be a heck
of a lot simpler to add new user auth / dce/rpc
crypto methods: i will investigate, for example,
porting the kerberos5 auth used in dce 1.22 to
the api, which will allow freedce to do kerberos5
authentication (something it can't do at the moment
because noone's added it)
the api is to be written as a stand-alone library
into which it will need to even be passed memory
allocation and debug handling functions: it will therefore
have practical applications *outside* of samba, dce/rpc
etc. etc., be threadsafe etc. etc.
i'm currently munging the ntlmssp code as the first
working example.
if anyone is interested in helping, please
subscribe to ntsecapi-dev on http://lists.dcerpc.net
and we'll continue the discussions there.
luke
More information about the samba-technical
mailing list