Patches for channel and service binding for NTLM (extended protection)

[Stephen Zarkos]

Hi folks,

Forwarding per Andrew Bartlett's request:

Earlier this year we had an intern working with us to implement a proof of concept for extended protection (channel and service binding) for Firefox and Samba.  To enable this scenario on the client side, we were able to use libraries available on Windows and contribute code to the Mozilla team to make this all work.  On the Linux side, however, Firefox utilizes Samba for NTLM authentication and so he also built some patches for Samba to enable this scenario.

These patches have been approved for release as 'GPLv2 or later' and copyright has been assigned to me (just like our build farm patches earlier).  My only concern is that these patches may be bit stale and may need some work.  Hopefully they are still useful to you and are not so huge that you can see what he was trying to do.  The original developer (Guillermo Robla Vicario <groblavicario at yahoo.com>) may be able to assist a bit with questions, although he's no longer with MS and is quite busy these days :)

Please let me know what you think.  Also, for reference the Mozilla bug related to Guillermo's contribution to that team can be seen here:  https://bugzilla.mozilla.org/show_bug.cgi?id=573043


Thanks!

Stephen A. Zarkos
Microsoft
Open Source Technology Center


-------------- next part --------------
A non-text attachment was scrubbed...
Name: 3.0.37.diff
Type: application/octet-stream
Size: 15443 bytes
Desc: 3.0.37.diff
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20111010/029fbadf/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 3.4.8.diff
Type: application/octet-stream
Size: 16560 bytes
Desc: 3.4.8.diff
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20111010/029fbadf/attachment-0001.obj>