Re: NTLM

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 25 Feb 2002 10:58:25 +0100

On Monday 25 February 2002 09:53, Chemolli Francesco (USI) wrote:

> Heh, I am writing something along those lines myself.

Cool. What I have so far (which is all but the smbpasswd file
parsing) is in the ntlm_smbpasswd branch at SF.

Both NTLM v1 and LANMANAGER responses are verified correctly.

I am missing the clients negotiate packet in order to negotiate the
protocols and flags correctly or else I would have NTLMv2 support
there as well (the ultimate goal. using the smbpasswd file is
secondary)

> Be careful in that that helper must be suid root, since the
> smbpasswd file must be closely guarded.

I know.

Either the helper needs to be suid root, or the smbpasswd file used
by Squid owned by squid.

> Your best path is probably talking to the members of the samba
> team. They've been very helpful.

I am ;-)

I need to implement relaying of NTLMv2. From what I can tell this can
be done either using NTLMSSP or by using the mentioned secure
channel, just as for NTLM v1 and LANMANAGER logins.

Regards
Henrik
Received on Mon Feb 25 2002 - 02:58:53 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:49 MST