nla

package
v1.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2026 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source 
const MaxCredSSPVersion = 6

MaxCredSSPVersion is the highest CredSSP version we support. v6 = nonce-based pubKeyAuth (SHA-256); v2 = legacy echo.

Variables

View Source 
var ErrCredentialsFatal = errors.New("credentials rejected")

ErrCredentialsFatal is returned when the server rejects credentials with an NTSTATUS that will not succeed on retry (wrong password, locked account, etc.). Callers should stop probing and report the error immediately.

Functions

func Authenticate 

func Authenticate(tlsConn *tls.Conn, log *slog.Logger, hostname, domain, username, password string, advertiseVersion int) error

Authenticate performs CredSSP/NLA authentication over a TLS connection. It runs the full CredSSP handshake using NTLMv2 wrapped in SPNEGO. advertiseVersion is the CredSSP version sent in the initial TSRequest; the actual version used is the minimum of this and the server's response. The hostname is used to construct the SPN for MsvAvTargetName in the NTLM TargetInfo.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.