diff options
| author | Simo Sorce <simo@redhat.com> | 2016-05-23 10:46:13 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2016-05-23 11:31:24 -0400 |
| commit | 142e6cd68db0d083c4506d52a27ef555217b9620 (patch) | |
| tree | 759b1f218a9e95f5800e787517822ab0e63ceb50 /src/gssapi_ntlmssp.h | |
| parent | 4139b9c68b4a3077d4c816f3de58d838a8c6a4cd (diff) | |
| download | gss-ntlmssp-crypto_reset.tar.gz gss-ntlmssp-crypto_reset.tar.xz gss-ntlmssp-crypto_reset.zip | |
Add context extension to reset crypto statecrypto_reset
This is need to account for the special handling described in MS-SPNG 3.3.5.1
It instructs sthat the NTLMSSP crypto state needs to be reset if MIC is
performed in the SPNEGO layer.
Optionally reset sequence numbers too.
Signed-off-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/gssapi_ntlmssp.h')
| -rw-r--r-- | src/gssapi_ntlmssp.h | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/gssapi_ntlmssp.h b/src/gssapi_ntlmssp.h index 2aae434..04dd76c 100644 --- a/src/gssapi_ntlmssp.h +++ b/src/gssapi_ntlmssp.h @@ -59,6 +59,15 @@ extern "C" { #define GSS_SPNEGO_REQUIRE_MIC_OID_STRING GSS_NTLMSSP_BASE_OID_STRING "\x02" #define GSS_SPNEGO_REQUIRE_MIC_OID_LENGTH GSS_NTLMSSP_BASE_OID_LENGTH + 1 +/* SPNEGO Reset Crypto OID + * MS-SPNG 3.3.5.1 warns hat the NTLM mechanism requires to reset the + * crypto engine when the SPNEGO layer uses a MechListMIC. + * This OID is queried by the SPNEGO mechanism after a MIC processing to + * cause the crypto engine to be reset. + */ +#define GSS_NTLMSSP_RESET_CRYPTO_OID_STRING GSS_NTLMSSP_BASE_OID_STRING "\x03" +#define GSS_NTLMSSP_RESET_CRYPTO_OID_LENGTH GSS_NTLMSSP_BASE_OID_LENGTH + 1 + #define GSS_NTLMSSP_CS_DOMAIN "ntlmssp_domain" #define GSS_NTLMSSP_CS_NTHASH "ntlmssp_nthash" #define GSS_NTLMSSP_CS_PASSWORD "ntlmssp_password" |