Are we aware of NEGOEX?

Luke Howard lukeh at padl.com
Sat Jun 30 03:37:33 MDT 2012


http://old.nabble.com/NegoEx-implementation-tc32687404.html

Sent from my iPhone

On 30/06/2012, at 16:50, Luke Howard <lukeh at padl.com> wrote:

> NegoEx isn't yet integrated into MIT trunk, it's on my branch on Github. (I have not yet released it under a compatible license.) It interops with Windows (tested with a custom SSP).
> 
> I haven't checked to see if Heimdal had an independent implementation.
> 
> Sent from my iPhone
> 
> On 30/06/2012, at 5:02, simo <idra at samba.org> wrote:
> 
>> On Thu, 2012-06-28 at 06:44 -0700, Richard Sharpe wrote: 
>>> Hi folks,
>>> 
>>> In an SMB2 packet capture at Sharkfest I saw a new OID in the SPNEGO stuff.
>>> 
>>> It turned out to be this:
>>> http://msdn.microsoft.com/en-us/library/gg567315%28v=PROT.10%29.aspx
>>> 
>>> The Windows client was only offering NEGOEX and NTLMSSP.
>>> 
>>> More info here: http://tools.ietf.org/id/draft-zhu-negoex-02.txt and
>>> here http://msdn.microsoft.com/en-us/library/cc247030%28v=PROT.13%29.aspx
>>> 
>>> If I get the time soon I might implement a dissector for NEGOEX ...
>>> which will help with the implementation.
>> 
>> I think both MIT and Heimdal's SPNEGO implementations now support
>> NEGOEX, I would *really* like to get us to use those implementations
>> instead of having our own SPNEGO implementation.
>> 
>> We can do that by providing a ntlmssp gssapi plugin to either library.
>> 
>> Simo.
>> 
>> -- 
>> Simo Sorce
>> Samba Team GPL Compliance Officer <simo at samba.org>
>> Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
>> 


More information about the samba-technical mailing list