master4-schannel-ok
Stefan (metze) Metzmacher
metze at samba.org
Tue Jan 14 07:03:26 MST 2014
Hi Andrew,
>> can you review the attached patches from my master4-schannel-ok
>> branch.
>>
>> It seems that the use computer name in ServerAuthenticate must be at most
>> 15 characters long.
>
> My concerns are:
> - how does this (if at all) interact with the NTLMv2 computer name
> check?
Thanks for finding that :-(
I'm currently writing some tests...
at least wbinfo -ntlmv2 -a ... doesn't work against a w2k8r2 dc,
if we're a member workstation.
> - shouldn't we be stopping the netbios name being more than 15
> characters earlier?
Yes, we can do that.
> - the hash isn't limited to ascii chars, is sending binary really a
> great idea, if it ends up in a windows event log etc?
I'm using 8 hex characters instead of the raw bytes.
metze
More information about the samba-technical
mailing list