[PATCH] Remove .get_challenge from the s3 and s4 auth stack

Andrew Bartlett abartlet at samba.org
Sat Jun 30 02:43:45 MDT 2012

Following on from the removal of the security=server code, this patch
removes the support that was built for that case, where the auth module
is able to force the selection of a particular challenge.

As security=server becoming less useful over time (due to NTLMv2
requirements) demonstrated, it is getting harder to use this in practice
and it is now unused in master.  Removing this makes the auth code
simpler, means that as a server, we will always support NTLM2, which is
good for security, and also makes it easier to get the auth code async.
(That is, we don't have to consider if the .get_challenge could block). 

Any comments?

Andrew Bartlett
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-auth-Remove-.get_challenge-only-used-for-security-se.patch
Type: text/x-patch
Size: 21124 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120630/4ca93cbb/attachment.bin>

More information about the samba-technical mailing list