Are we aware of NEGOEX?
Luke Howard
lukeh at padl.com
Sat Jun 30 00:50:06 MDT 2012
NegoEx isn't yet integrated into MIT trunk, it's on my branch on Github. (I have not yet released it under a compatible license.) It interops with Windows (tested with a custom SSP).
I haven't checked to see if Heimdal had an independent implementation.
Sent from my iPhone
On 30/06/2012, at 5:02, simo <idra at samba.org> wrote:
> On Thu, 2012-06-28 at 06:44 -0700, Richard Sharpe wrote:
>> Hi folks,
>>
>> In an SMB2 packet capture at Sharkfest I saw a new OID in the SPNEGO stuff.
>>
>> It turned out to be this:
>> http://msdn.microsoft.com/en-us/library/gg567315%28v=PROT.10%29.aspx
>>
>> The Windows client was only offering NEGOEX and NTLMSSP.
>>
>> More info here: http://tools.ietf.org/id/draft-zhu-negoex-02.txt and
>> here http://msdn.microsoft.com/en-us/library/cc247030%28v=PROT.13%29.aspx
>>
>> If I get the time soon I might implement a dissector for NEGOEX ...
>> which will help with the implementation.
>
> I think both MIT and Heimdal's SPNEGO implementations now support
> NEGOEX, I would *really* like to get us to use those implementations
> instead of having our own SPNEGO implementation.
>
> We can do that by providing a ntlmssp gssapi plugin to either library.
>
> Simo.
>
> --
> Simo Sorce
> Samba Team GPL Compliance Officer <simo at samba.org>
> Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
>
More information about the samba-technical
mailing list