Using SPNEGO/SSPI in SMB
samba-technical.10.overbored at spamgourmet.com
samba-technical.10.overbored at spamgourmet.com
Thu Aug 18 22:44:21 GMT 2005
Hi all, I'm trying to understand the SPNEGO and SSPI security blobs used
in the SMB protocol. The SNIA reference and the CIFS spec don't talk
about this at all, and the Implementing CIFS book only skims the subject.
The following are packet dumps illustrating what I'm seeing:
http://www.overbored.net/temp/smb/0.png
This is an SMB protocol negotiation response (sent by the server) using
extended security. I don't understand what the security blob is supposed
to be, only that it's SPNEGO data to list viable security protocols to
be used subsequently (by SSPI). Is there any API in Windows that will
let me obtain such a list? Furthermore, how would I format/insert that
data into this security blob (and what other data might I need)? I think
(I forgot how I know this) that this also has something to do with ASN.1
encoding.
http://www.overbored.net/temp/smb/1.png
http://www.overbored.net/temp/smb/2.png
http://www.overbored.net/temp/smb/3.png
This is the corresponding SMB session setup requests/responses. Are
these entire security blobs just the direct outputs of the SSPI calls to
InitializeSecurityContext()/AcceptSecurityContext()? Or is there
additional (meta-)data/encoding here that I need to be aware of?
Are there any good resources out there that explain these issues in detail?
Thanks in advance for any help!
More information about the samba-technical
mailing list