Age | Commit message (Collapse) | Author | Files | Lines |
|
(well, under certain conditions :-)
There is no length limit on the size of the authentication response added
into the MD5 hash. (We had previously limited this to lengths like 40, 44 or
64 in attempts to make sense of what the SNIA spec tells us).
Instead, the entire authentication response is added in.
Currently, this only works on a Win2k domain members with a Samba PDC,
becouse our NTLMv2 code currently fails against an Win2k PDC.
However, this splits the problem in half - particularly as the NTLMv2 format
is known, and even has an ethereal disector! (thanks tpot).
Andrew Bartlett
(This used to be commit 7645d3d28afbb8eea502c0e063df3afb3aa812f4)
|
|
This should make it clearer what magic numbers refer to the magic numbers
in the CIFS spec, and what bits and peices are being appended into the MD5
calculation where.
Andrew Bartlett
(This used to be commit 7f1c271cfb04f621e36f1acf60979652e82dc6f4)
|
|
(This used to be commit c6c4f69b8ddc500890a65829e1b9fb7a3e9839e9)
|
|
would work now...
Volker
(This used to be commit 8c70f657cfb2f2b32fbaa31112d7953a3a6dc775)
|
|
Andrew Bartlett
(This used to be commit 3d4c4b6cb3f4850f0801f140ea3dad2c8423ee52)
|
|
Jeremy.
(This used to be commit f93c64b5ca1bc21f5fa89200034cd82dcbc0910b)
|
|
Who knows what .NET server brings, though ...? ;-)
Rafal
(This used to be commit d81b0d26903004be6a99ac029dd531fd18947268)
|
|
get Win2k to send a valid signiture in it's session setup reply - which it will
give to win2k clients.
So, I need to look at becoming 'more like MS', but for now I'll get this code
into the tree. It's actually based on the TNG cli_pipe_ntlmssp.c, as it was
slightly easier to understand than our own (but only the utility functions
remain in any way intact...).
This includes the mysical 'NTLM2' code - I have no idea if it actually works.
(I couldn't get TNG to use it for its pipes either).
Andrew Bartlett
(This used to be commit a034a5e381ba5612be21e2ba640d11f82cd945da)
|
|
(This used to be commit 05cffbee56f0556f550b4d14f3111bd7db972621)
|
|
The intention is to allow for NTLMSSP and kerberos signing of packets, but
for now it's just what I call 'simple' signing. (aka SMB signing per the SNIA
spec)
Andrew Bartlett
(This used to be commit b9cf95c3dc04a45de71fb16e85c1bfbae50e6d8f)
|