---------- Forwarded message ---------- Date: Tue, 4 Sep 2001 03:02:04 +0200 From: Luke Kenneth Casson Leighton <lkcl@samba-tng.org> To: tng-technical@samba-tng.org, samba-technical@samba.org, ntsecapi-dev@lists.dcerpc.net Cc: samba-ntdom@samba.org, coderpunks@toad.com, cifs@discuss.microsoft.com Subject: NTsecAPI - Work in progress i'm starting an nt security api. it will basically be a generic wrapper around and merge of: cli_pipe_ntlmssp.c, srv_pipe_ntlmssp.c, cli_pipe_netsec.c, srv_pipe_netsec.c, and supporting code. [see http://www.samba-tng.org, cvs instructions, the above files are in source/rpc_client and source/rpc_server.] the idea is, however, to provide a client/server framework for general user authentication, signing and sealing. once this framework is written, it will be a heck of a lot simpler to add new user auth / dce/rpc crypto methods: i will investigate, for example, porting the kerberos5 auth used in dce 1.22 to the api, which will allow freedce to do kerberos5 authentication (something it can't do at the moment because noone's added it) the api is to be written as a stand-alone library into which it will need to even be passed memory allocation and debug handling functions: it will therefore have practical applications *outside* of samba, dce/rpc etc. etc., be threadsafe etc. etc. i'm currently munging the ntlmssp code as the first working example. if anyone is interested in helping, please subscribe to ntsecapi-dev on http://lists.dcerpc.net and we'll continue the discussions there. luke