[PATCH] Add three new commands to ntlm_auth.

Andrew Bartlett abartlet at samba.org
Wed Jul 12 23:09:13 GMT 2006

On Wed, 2006-07-12 at 17:52 +0200, Kai Blin wrote:
> Hi folks,
> attached is a patch to make ntlm_auth recognize three new commands in 
> ntlmssp-client-1 and squid-2.5-ntlmssp. It applies against trunk in revision 
> 16983.
> The commands are the following:
> Command: SF <hex number>
> Reply: OK
> Description: Takes feature request flags similar to samba4's 
> gensec_want_feature() call. So far, only NTLMSSP_FEATURE_SESSION_KEY, 
> NTLMSSP_FEATURE_SIGN and NTLMSSP_FEATURE_SEAL are implemented, using the same 
> values as the corresponding GENSEC_FEATURE_* flags in samba4.

Why not make these take text strings?  That way, we can change the
internal values without breaking the interface.

> Command: GF
> Reply: GF <hex number>
> Description: Returns the negotiated flags.
> Command: GK
> Reply: GK <base64 encoded session key>
> Description: Returns the negotiated session key.
> I tested these changes on my system but would appreciate tests on non-ix86 
> platforms.
> One of the issues I noticed is that ntlm_auth in server mode seems to ignore 
> the flags requested by the SF command. It does work in client mode, though.
> Let me know what you think about it.

Hmm, now I have two ntlm_auth patches to look over.  Perhaps I should
start looking at them :-)

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060713/7cf9acdf/attachment.bin

More information about the samba-technical mailing list