Andrew Bartlett <abartlet@samba.org> writes:
> Francesco Chemolli wrote:
> >
> > Since I've put live my winbindd setup, I've discovered two embarassing
> > truths about that code:
> >
> > 1) It doesn't like NTLMv2 at all, refusing access to anybody who dares
> > provide NTLMv2 credentials
> > 2) (much more embarassing) due to an one-liner it ends up ignoring NT
> > credentals, always falling back to LM even when the NThash is provided.
> >
> > Here's the patch. Please apply to the -PRE tree before -STABLE release.
>
> This patch looks wrong.
>
> The remote NT server is in a much better position than the intermediate
> helper to know about challange lengths etc. The only thing that the
> helper should do is avoid overflowing the fstring.
Yes. That's stage 2.
I have the patch up and running, and it's working. I'm a bit leery in
experimenting at this time. The patch _is_ a step forward, on which lots of
better things can and must be built.
-- kinkie (kinkie-ml [at] libero [dot] it) Random fortune, unrelated to the message: Whip it, baby. Whip it right. Whip it, baby. Whip it all night!Received on Wed Sep 18 2002 - 07:14:39 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:16:33 MST