Francesco Chemolli wrote:
>
> Since I've put live my winbindd setup, I've discovered two embarassing
> truths about that code:
>
> 1) It doesn't like NTLMv2 at all, refusing access to anybody who dares
> provide NTLMv2 credentials
> 2) (much more embarassing) due to an one-liner it ends up ignoring NT
> credentals, always falling back to LM even when the NThash is provided.
>
> Here's the patch. Please apply to the -PRE tree before -STABLE release.
This patch looks wrong.
The remote NT server is in a much better position than the intermediate
helper to know about challange lengths etc. The only thing that the
helper should do is avoid overflowing the fstring.
Andrew Bartlett
-- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.netReceived on Wed Sep 18 2002 - 04:19:06 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:16:33 MST