mirror of
https://github.com/moparisthebest/curl
synced 2024-12-23 08:38:49 -05:00
ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4
Just like we do for mbed TLS, use our local implementation of MD4 when OpenSSL doesn't support it. This allows a type-3 message to include the NT response.
This commit is contained in:
parent
7794cacf7e
commit
cd15acd0ec
@ -7,7 +7,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -25,11 +25,13 @@
|
|||||||
#include "curl_setup.h"
|
#include "curl_setup.h"
|
||||||
|
|
||||||
#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \
|
#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \
|
||||||
|
(defined(USE_OPENSSL) && defined(OPENSSL_NO_MD4)) \
|
||||||
(defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))
|
(defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))
|
||||||
|
|
||||||
void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len);
|
void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len);
|
||||||
|
|
||||||
#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) ||
|
#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) ||
|
||||||
|
(defined(USE_OPENSSL) && defined(OPENSSL_NO_MD4)) ||
|
||||||
(defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */
|
(defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */
|
||||||
|
|
||||||
#endif /* HEADER_CURL_MD4_H */
|
#endif /* HEADER_CURL_MD4_H */
|
||||||
|
@ -57,6 +57,8 @@
|
|||||||
# include <openssl/des.h>
|
# include <openssl/des.h>
|
||||||
# ifndef OPENSSL_NO_MD4
|
# ifndef OPENSSL_NO_MD4
|
||||||
# include <openssl/md4.h>
|
# include <openssl/md4.h>
|
||||||
|
# else
|
||||||
|
# include "curl_md4.h"
|
||||||
# endif
|
# endif
|
||||||
# include <openssl/md5.h>
|
# include <openssl/md5.h>
|
||||||
# include <openssl/ssl.h>
|
# include <openssl/ssl.h>
|
||||||
@ -568,10 +570,14 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data,
|
|||||||
{
|
{
|
||||||
/* Create NT hashed password. */
|
/* Create NT hashed password. */
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
|
#if !defined(OPENSSL_NO_MD4)
|
||||||
MD4_CTX MD4pw;
|
MD4_CTX MD4pw;
|
||||||
MD4_Init(&MD4pw);
|
MD4_Init(&MD4pw);
|
||||||
MD4_Update(&MD4pw, pw, 2 * len);
|
MD4_Update(&MD4pw, pw, 2 * len);
|
||||||
MD4_Final(ntbuffer, &MD4pw);
|
MD4_Final(ntbuffer, &MD4pw);
|
||||||
|
#else
|
||||||
|
Curl_md4it(ntbuffer, pw, 2 * len);
|
||||||
|
#endif
|
||||||
#elif defined(USE_GNUTLS_NETTLE)
|
#elif defined(USE_GNUTLS_NETTLE)
|
||||||
struct md4_ctx MD4pw;
|
struct md4_ctx MD4pw;
|
||||||
md4_init(&MD4pw);
|
md4_init(&MD4pw);
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -43,9 +43,7 @@
|
|||||||
|
|
||||||
/* Define USE_NTRESPONSES in order to make the type-3 message include
|
/* Define USE_NTRESPONSES in order to make the type-3 message include
|
||||||
* the NT response message. */
|
* the NT response message. */
|
||||||
#if !defined(USE_OPENSSL) || !defined(OPENSSL_NO_MD4)
|
|
||||||
#define USE_NTRESPONSES
|
#define USE_NTRESPONSES
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Define USE_NTLM2SESSION in order to make the type-3 message include the
|
/* Define USE_NTLM2SESSION in order to make the type-3 message include the
|
||||||
NTLM2Session response message, requires USE_NTRESPONSES defined to 1 and a
|
NTLM2Session response message, requires USE_NTRESPONSES defined to 1 and a
|
||||||
|
@ -38,9 +38,11 @@
|
|||||||
|
|
||||||
#include "curl_setup.h"
|
#include "curl_setup.h"
|
||||||
|
|
||||||
/* The NSS, OS/400 and sometimes mbed TLS crypto libraries do not provide the
|
/* The NSS, OS/400, and when not included, OpenSSL and mbed TLS crypto
|
||||||
* MD4 hash algorithm, so we have a local implementation of it */
|
* libraries do not provide the MD4 hash algorithm, so we use this
|
||||||
|
* implementation of it */
|
||||||
#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \
|
#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \
|
||||||
|
(defined(USE_OPENSSL) && defined(OPENSSL_NO_MD4)) || \
|
||||||
(defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))
|
(defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))
|
||||||
|
|
||||||
#include "curl_md4.h"
|
#include "curl_md4.h"
|
||||||
@ -304,5 +306,7 @@ void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len)
|
|||||||
MD4_Update(&ctx, input, curlx_uztoui(len));
|
MD4_Update(&ctx, input, curlx_uztoui(len));
|
||||||
MD4_Final(output, &ctx);
|
MD4_Final(output, &ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) ||
|
#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) ||
|
||||||
|
(defined(USE_OPENSSL) && defined(OPENSSL_NO_MD4)) ||
|
||||||
(defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */
|
(defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */
|
||||||
|
Loading…
Reference in New Issue
Block a user