Usage of ntlm_auth's gss-spnego-client helper
Mohan Narayanaswamy
mohann at silver-peak.com
Thu May 27 15:47:31 MDT 2010
Thanks for information Henrik.
-Mohan
-----Original Message-----
From: Henrik Nordström [mailto:henrik at henriknordstrom.net]
Sent: Thursday, May 27, 2010 11:55 AM
To: Mohan Narayanaswamy
Cc: samba-technical at lists.samba.org; Kai Blin; abartlet at samba.org
Subject: Re: Usage of ntlm_auth's gss-spnego-client helper
tor 2010-05-27 klockan 11:18 -0700 skrev Mohan Narayanaswamy:
> ( man page says “Client-side helper that implements GSS-SPNEGO. This
> also uses a protocol similar to the above helpers, but is currently
> undocumented.”)
Heh.. yes it's largerly undocumented.
From what i can understand from the source it's the same as the server
protocol with just TT/KK used in the inverse.
requests:
YR (starts new session)
TT base64 (message exchange)
responses
YR base64 (first message in an exchange)
KK base64 (additional message in an exchange)
AF base64 (last message in an exchange)
BH error (failure)
Plus a bunch of other commands, all shared between the modes
Seems like it does not matter very much which command you use for
requests (TT/KK/AF), with the exception of YR only used when starting a
new session.
Regards
Henrik
More information about the samba-technical
mailing list