On Wed, 2008-06-18 at 17:22 -0700, Love Hörnquist Åstrand wrote: > > > > As NTLM isn't really nearly as special these days as it once was, I > > wondered about helping improve Heimdal's layer, and wondered if it > > might > > be possible to, like the send_to_kdc functions, have a hook we can > > register for 'process NTLM login'. This might perhaps be a Heimdal > > plugin - then Samba3 could perhaps supply it, and Heimdal would talk > > to > > Samba3's winbind. > > I started to implement NTLM plugin for winbind, but since the protocol > is not stable and neither library nor sane protocol have showed up, I > put that on ice for the time being. The Samba3 folks are moving to a stable, shipped library in Samba 3.2, so there may be hope. > See struct ntlm_server_interface in lib/gssapi/ntlm/ntlm.h and lib/ > gssapi/ntlm/digest.c how to implement it. I will do. Thanks! We should also work on Heimdal's parsing of some other parts of the NTLMSSP blob. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
This is a digitally signed message part