NTLM2 signing patch
tridge at samba.org
tridge at samba.org
Fri Sep 10 12:38:43 GMT 2004
Andrew,
Here is a really nasty patch that gets NTLM2 signing working against
the ECHO pipe on w2k3. Obviously the patch is very crude, I'm hoping
you can rework the gensec interface a bit to do this properly.
As you will soon see, my patch breaks non-NTLM2 sign/seal, and breaks
seal on NTLM2. The really interesting part of the patch is the way
that signing happens over the whole PDU, minus the signature area
itself, and the fact that the sequence number is only incremented on
one side of the exchange.
Thanks to Luke Howard for suggesting that NTLM2 signing might use
ADEA!
Cheers, Tridge
-------------- next part --------------
A non-text attachment was scrubbed...
Name: diffs
Type: application/octet-stream
Size: 3931 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20040910/c4192d9f/diffs.obj
More information about the samba-technical
mailing list