Getting Wine to do NTLMSSP authentication and what is needed on
the Samba side
jra at samba.org
Mon Jul 3 16:17:22 GMT 2006
On Sun, Jul 02, 2006 at 09:18:56PM +0200, Kai Blin wrote:
> 2) Scratch the current approach using GENSEC and add handling of NTLMSSP blobs
> to winbind. This would possibly go into Samba 3, and thus be part of a
> distribution's Samba package sooner. It would also mean that there is a nice
> IPC border between the GPL and the LGPL code, so no problems there. I would
> need to rewrite that part of Wine yet again, though.
This is the quickest way to make this work (IMHO).
> 3) Extend ntlm_auth to also handle signing/sealing and extend the current Wine
> code to use ntlm_auth for that, too. This would also keep the GPL and LGPL
> code seperate and force me to ditch my current work, but at least I can keep
> the stuff I did last year. It would add bloat to ntlm_auth, of course.
Probably second best solution.
> 4) I could drop using Samba at all and try to extend libntlm. I don't
> particularly fancy this idea, but there's a couple of people on the Wine side
> who would prefer not to add another dependency to Wine, so it might be easier
> to convince Alexandre Julliard to accept that code. I would again mean to
> rewrite all the Wine code I wrote so far, plus it smells of reinventing (and
> maintaining) the wheel.
I looked at libntlm - currently it doesn't correctly handle unicode
(it does what Samba 1.x or was it 2.x used to do, add zero byes
every other byte) so this will be a long long road to walk....
More information about the samba-technical