moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

Enabled 'NT responses' in the NTLM type-3 message.

This commit is contained in:
Daniel Stenberg 2004-03-22 13:50:30 +00:00
parent a4ea5a4054
commit dd1ba7633e
10 changed files with 34 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CHANGES
View File

@ -6,6 +6,30 @@
Changelog
Daniel (22 March 2004)
- Enabled "NT responses" in the NTLM authentication. Doing this simply means
that we provide an extra chunk of data in each "type-3 message". The only
reason for doing this is that it seems that using only the "Lanmanager hash"
(as we've been doing until now) doesn't support passwords longer than 14
characters and it turns out there are users out there who want to use
libcurl and NTLM with such passwords! ;-) Seven NTLM-related test cases were
updated accordingly. Mentioned as issue 29 in TODO-RELEASE, bug report
#915609
- Moved the generated libcurl version info to a new header file, named
curl/curlver.h. Now interested parties can include ONLY version info, should
anyone want that (and it seems at least some windows resource files would).
Mentioned as issue 27 in TODO-RELEASE.
Daniel (21 March 2004)
- Fixed the root Makefile to use tabs for the netware target. Günter Knauf
pointed this out.
- Marty Kuhrt's VMS cleanup
- Thomas Schwinge made buildconf recognize ACLOCAL_FLAGS to invoke aclocal
with particular pre-determined options.
Version 7.11.1 (19 March 2004)
Daniel (18 March 2004)

4
TODO-RELEASE
View File

@ -27,10 +27,6 @@ To get fixed in 7.11.2 (planned release May/June 2004)
28. Optimize the way libcurl uses CWD on each new request over a persistent
connection (on FTP) even if it doesn't have to.
29. Define USE_NTRESPONSES in the NTLM code to work properly with >14 letter
passwords against IIS servers. Requires test cases to be updated
accordingly. #915609
30. Digest re-negotiation is not supported, we wrongly assume a new 401
response to signify an authenticaion error. We need to detect the
difference between a 401 due to a bad Digest authorization header and a

2
lib/http_ntlm.c
View File

@ -77,7 +77,7 @@
#endif
/* Define this to make the type-3 message include the NT response message */
#undef USE_NTRESPONSES
#define USE_NTRESPONSES 1
/*
(*) = A "security buffer" is a triplet consisting of two shorts and one

2
tests/data/test67
View File

@ -72,7 +72,7 @@ Pragma: no-cache
Accept: */*
GET /67 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:8999
Pragma: no-cache

2
tests/data/test68
View File

@ -74,7 +74,7 @@ Pragma: no-cache
Accept: */*
GET /68 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:8999
Pragma: no-cache

2
tests/data/test69
View File

@ -93,7 +93,7 @@ Pragma: no-cache
Accept: */*
GET /69 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:8999
Pragma: no-cache

2
tests/data/test81
View File

@ -70,7 +70,7 @@ Pragma: no-cache
Accept: */*
GET http://127.0.0.1:8999/81 HTTP/1.1
Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB
Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:8999
Pragma: no-cache

4
tests/data/test89
View File

@ -104,7 +104,7 @@ Pragma: no-cache
Accept: */*
GET /89 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:8999
Pragma: no-cache
@ -118,7 +118,7 @@ Pragma: no-cache
Accept: */*
GET /you/890010 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145
User-Agent: curl/7.10.8-pre1 (i686-pc-linux-gnu) libcurl/7.10.8-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 GSS
Host: 127.0.0.1:8999
Pragma: no-cache

4
tests/data/test90
View File

@ -143,7 +143,7 @@ Pragma: no-cache
Accept: */*
GET /90 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:8999
Pragma: no-cache
@ -162,7 +162,7 @@ Pragma: no-cache
Accept: */*
GET /you/900010 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145
User-Agent: curl/7.10.8-pre1 (i686-pc-linux-gnu) libcurl/7.10.8-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 GSS
Host: 127.0.0.1:8999
Pragma: no-cache

2
tests/data/test91
View File

@ -94,7 +94,7 @@ Pragma: no-cache
Accept: */*
GET /91 HTTP/1.1
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAE4AAAAAAAAAZgAAAAgACABAAAAABgAGAEgAAAAAAAAATgAAAAAAAABmAAAAAYIAAG15ZG9tYWlubXlzZWxmwjImlHmYemDYVmFrmRFoVn3jfoYDE+7Q
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAE4AAAAYABgAZgAAAAgACABAAAAABgAGAEgAAAAAAAAATgAAAAAAAAB+AAAAAYIAAG15ZG9tYWlubXlzZWxmwjImlHmYemDYVmFrmRFoVn3jfoYDE+7QLmWXF7FJDlDNWSItJ+RylXJGAJdepH4C
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3
Host: 127.0.0.1:8999
Pragma: no-cache