FW: [Samba] NTLMv2 in Samba 3.0
Jeremy Allison
jra at samba.org
Thu Nov 6 20:19:38 GMT 2003
On Thu, Nov 06, 2003 at 07:20:30PM +0000, Andrew Bartlett wrote:
> On Thu, Nov 06, 2003 at 07:06:58PM +0000, Jeremy Allison wrote:
> > On Thu, Nov 06, 2003 at 01:29:08PM +0100, Stefan Metzmacher wrote:
> > >
> > > This is because we doesn't support NTLM2 Session Response.with value '1'
> > > http://davenport.sourceforge.net/ntlm.html#theNtlm2SessionResponse
> >
> > Ok, can you explain this a little more please ? It'd be nice
> > to get this fixed for 3.0.1.
>
> The code in libsmb/ntlmssp.c:ntlmssp_client_challenge() needs to be
> translated for server-side use in ntlmssp_server_auth(). Note that we
> are probably going to need to add some fancy logic, if you want
> 'security=server' to still work, as you will need to change the
> 'challenge' being submitted to the auth backend.
Arrgggh. Andrew, I hate you. My brain now *REALLY HURTS*
trying to understand this horror :-).
Am I correct in thinking that this is when the client is
using ntlmv2 auth, we correctly can use ntlm2 session
security, but when the client is not using ntlmv2, we
don't correctly handle the ntlm2 session security (which
is valid in the spec) ?
I feel ill now :-).
Jeremy.
More information about the samba-technical
mailing list