[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using Heimdal for SPNEGO and NTLM in Samba4



On Wed, 2008-06-18 at 17:12 -0700, Love Hörnquist Åstrand wrote:
> 18 jun 2008 kl. 03.48 skrev Andrew Bartlett:
> 
> > Either way, I need an extended gss_wrap that supports AEAD (the
> > signature is over a header and body, while the crypto is just over the
> > body).  This is needed for DCE/RPC in Samba4.
> 
> You should look at Luke Howards gss_wrap_ex that does this.
> 
> I can dig up patches to the mechglue layer that implements the _ex  
> functions.

I've implemented this, at least to the stage of compiling.   See
http://build.samba.org/?function=diff;tree=lorikeet;date=1214302102;revision=797

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

This is a digitally signed message part