Date: Thu, 02 Apr 1998 10:11:29 -0800 From: Jeremy Allison <jallison@whistle.com> To: lkcl@switchboard.net Subject: Re: NTLMSSP auth header
Luke Kenneth Casson Leighton wrote:
> > Message 1 - Client to server (hello)
> >
> > 00000000 4e 54 4c 4d 53 53 50 00 01 00 00 00 06 82 00 00
>
> > Bytes 0 - 7 "NTLMSSP\0"
> > Bytes 8 - 0xB Message number, little endian format (1)
> > Bytes 0xC - 0xF - flags of some kind (unknown - specifies ascii ?).
>
> negotiation flags? indicates things, according to the bit-fields in the
> CryptoAPI, like "ENCRYPTION" and "VERIFICATION" and "SIGNING" etc.
>
Could be anything. I tried to make sense of it
by looking at unicode vs non-unicode traffic but
there seemed to be no consistancy. The number
I stated seemed to work ok with '95 and NT so
I hardcoded it and left it at that.
Jeremy.
-- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. --------------------------------------------------------