[prev in list] [next in list] [prev in thread] [next in thread]
List: freetds
Subject: Re: [freetds] Backporting NTLMv2 (was: NTLMv2 support for domain
From: "Sergey Sikorskiy" <sergey.sikorskiy () gmail ! com>
Date: 2008-07-31 22:25:50
Message-ID: a95d717e0807311525teed9822j7964c7d22a0fa5d3 () mail ! gmail ! com
[Download RAW message or body]
Hi,
I've just checked with Microsoft web-site and found detailed
documentation for NTLM.
http://msdn.microsoft.com/en-us/library/cc207842.aspx
This documentation clearly says that "(1.7) "The NTLM authentication
version is not negotiated by the protocol. It must be configured on
both the client and the server prior to authentication. The version is
selected by the client, and requested during the protocol negotiation.
If the server does not support the version selected by the client,
authentication fails."
The rest is negotiable, including sending of LMv2 hash, which won't be
sent in my implementation.
After looking over documentation I figured out that negotiation part
is almost completely missing in my implementation. I'm sorry, but this
documentation wasn't available two years ago.
On Thu, Jul 31, 2008 at 11:27 AM, ZIGLIO, Frediano, VF-IT
<Frediano.Ziglio@vodafone.com> wrote:
> Hi,
> I quite finished merging Sergey Sikorskiy patch for NTLMv2. Well... to say all I'm quite
> ready for backport but I have a problem... compatibility. Currently CVS HEAD
> implementation use NTLMv2 always. There is no problem to add a use_ntlmv2 to TDSCONNECTION
> but this require a new option to set this flag, all this require less than 10 rows, the
> problem is not implementation, but mainly compatibility. If we add an option is supposed
> that this option will work on future versions... or not?? Personally I think that if
> NTLMv2 is available use it or use former version, but how to detect this?? I currently
> don't know... perhaps if Target Info is available use it? I don't have so many
> environment/versions of windows to test with.. which version does not support NTLMv2??
>
> Regards
> Frediano
>
> _______________________________________________
> FreeTDS mailing list
> FreeTDS@lists.ibiblio.org
> http://lists.ibiblio.org/mailman/listinfo/freetds
>
>
--
Sergey Sikorskiy
_______________________________________________
FreeTDS mailing list
FreeTDS@lists.ibiblio.org
http://lists.ibiblio.org/mailman/listinfo/freetds
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic