NTLMSSP and GENSEC
Stefan (metze) Metzmacher
metze at samba.org
Wed Oct 19 07:53:11 MDT 2011
Hi Andrew,
> I've now done the final patches you should need for the common smb
> client lib, updated at the URL above. I think I'll take a break before
> I do any more gensec work in s3, to let this settle in. I do hope to
> get the last of the ntlmssp client code in common, but it is no longer
> urgent for your work.
Ok, thanks! I'll work from there and push this to master once I've
reviewed it.
> Jeremy,
>
> You may wish to look carefully at these changes to the smb sealing code:
>
> This patch removes the server-only context:
> http://git.samba.org/?p=abartlet/samba.git/.git;a=commitdiff;h=3cc013eb40711ab7250a57dfca8b4ae45da95d98
>
> This patch uses gensec_wrap() and gensec_unwrap(). I'll need to test
> against an older version of Samba for this change, as any bug here is
> highly likely to be symmetric:
>
> http://git.samba.org/?p=abartlet/samba.git/.git;a=commitdiff;h=e15b5c8c36ef46ef3e644168be50e7c56a49baf7
I think we can use a new (or old bin/smbtorture4) in the autoconf build
to verify it work against the old (or new) code in make test.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20111019/1de6fbce/attachment.pgp>
More information about the samba-technical
mailing list