Version 0.4.0 Release Notes

Highlights

• Added support for MIC and Channel Binding features of NTLMv2
• Improve testing so that multiple versions can be tested
• Various importnat fixes in the GSSAPI interface that were causing errors
• Special workaround for SPNEGO mechanism when talking to Windows Servers and using the internal NTLM MIC feature.

Detailed Changelog

Simo Sorce (37):

• Fix epoch value
• Return Client name if requested
• Return flags and time when requested
• Fix missing assignments in ntlm_decode_target_info
• Always use Extedned Session Security when possible
• Do not send LM Response on auth to modern servers
• Fail if the encryption level is not matched
• Change input parameter to be const
• Remove redundant definition
• Remove unnecessary assignments
• Retry auth with NULL Domain as per spec
• Add internal facility to override standard version
• Set version before tests that use MS test vectors
• Augment target_info processing with a utility
• Use target_info parsing helper
• Add function to calculate MIC
• Add function to verify MICs
• Compute MIC in the client when requested
• Make MIC conditional on integrity being requested
• Return target_info from ntlm_decode_auth_msg
• Get av_flags and check MIC if a client sent it
• Add function to calculate channel bindings hash
• Add function to verify Channel Binding Token
• Add support for setting CBT in the client
• Verify Channel Bindings in accept_sec_context
• Test Challenge V2 message with CBT test vectors
• Always provide netbios computer and domain name
• Check netbios computer and domain name when needed
• Provide the correct target name in the challenge
• Disable MIC by default.
• Release Candidate 1 for 0.4.0
• Add way to talk about MIC with SPNEGO
• Release Candidate 2 for 0.4.0
• Fix memory leak in NTLMv2 acceptor code
• Fix Makefile cflags use
• Fix const warnings
• Release 0.4.0