search for: ntlm_response

...== NULL) && !auth->ntlm2_negotiated) { passdb->lookup_credentials(auth_request, PASSDB_CREDENTIALS_LANMAN, lm_credentials_callback); @@ -105,8 +106,16 @@ ntlm_credentials_callback(const char *cr NTLMSSP_V2_RESPONSE_SIZE) == 0; } else { unsigned char ntlm_response[NTLMSSP_RESPONSE_SIZE]; + const unsigned char *client_lm_response = + ntlmssp_buffer_data(auth->response, lm_response); - ntlmssp_v1_response(hash, auth->challenge, ntlm_response); + if (auth->ntlm2_negotiated) + ntlmssp2_response(hash, auth->challenge, + client_lm_respon...

...ar *cr buffer_t *hash_buffer; int ret; - if (credentials == NULL && !request->ntlm2_negotiated) { - passdb->lookup_credentials(auth_request, - PASSDB_CREDENTIALS_LANMAN, - lm_credentials_callback); + response_length = + ntlmssp_buffer_length(request->response, ntlm_response); + client_response = ntlmssp_buffer_data(request->response, ntlm_response); + + if ((credentials == NULL) || (response_length == 0)) { + /* We can't use LM authentication if NTLM2 was negotiated */ + if (request->ntlm2_negotiated) + mech_auth_finish(auth_request, NULL, 0, FALSE); +...

...-test51/src/auth/mech-ntlm.c 2004-10-29 14:54:38.000000000 +0400 @@ -74,7 +74,11 @@ ntlm_credentials_callback(const char *cr buffer_t *hash_buffer; int ret; - if (credentials == NULL && !request->ntlm2_negotiated) { + response_length = + ntlmssp_buffer_length(request->response, ntlm_response); + client_response = ntlmssp_buffer_data(request->response, ntlm_response); + + if ((credentials == NULL && !request->ntlm2_negotiated) || !response_length) { passdb->lookup_credentials(auth_request, PASSDB_CREDENTIALS_LANMAN, lm_credentials_callback); @@ -85,...

Hello all, as I promised some days ago here is NTLM (aka SPA, aka MSN) authentication support patchset. It contains common code in src/lib-ntlm directory, Samba compatible NTLM password scheme and authentication mechanism itself. All patches are against 1.0-test30. Please take a look. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key:

...20000 -#define NTLM_FLAGS_MASK 0x0ffff - -#define NTLM_NONCE_LENGTH 8 -#define NTLM_HASH_LENGTH 21 -#define NTLM_RESP_LENGTH 24 -#define NTLM_SESSKEY_LENGTH 16 - -typedef unsigned short uint16; -typedef unsigned int uint32; - -typedef enum { - NTLM_REQUEST = 1, - NTLM_CHALLENGE = 2, - NTLM_RESPONSE = 3 -} ntlm_type_t; - -typedef struct { - uint16 len; - uint16 maxlen; - uint32 offset; -} ntlm_buffer_t; - -typedef struct { - u_char sig[sizeof(NTLM_SIGNATURE)]; - uint32 type; - uint32 flags; - ntlm_buffer_t domain; - ntlm_buffer_t wkstn; - /* buffer data follows */ -...

...uct LM_RESPONSE Response : 078e894cc35e1708df68607b51c47cd6fc4cd6febd7d4ca4 NtChallengeResponseLen : 0x0072 (114) NtChallengeResponseMaxLen: 0x0072 (114) NtChallengeResponse : * NtChallengeResponse : union ntlmssp_NTLM_RESPONSE(case 114) v2: struct NTLMv2_RESPONSE Response : ff564e232df73299417995e0973dd4e3 Challenge: struct NTLMv2_CLIENT_CHALLENGE RespType : 0x01 (1) HiRespType : 0x01 (1...

...ct LM_RESPONSE Response : c9d5ed38c43e920200000000000000000000000000000000 NtChallengeResponseLen : 0x0018 (24) NtChallengeResponseMaxLen: 0x0018 (4) NtChallengeResponse : * NtChallengeResponse : union ntlmssp_NTLM_RESPONSE(case 24) v1: struct NTLM_RESPONSE Response : 9aef94e899e80eb4bd12c77bba305d325ed9ef61ed93474 DomainNameLen : 0x0000 (0) DomainNameMaLen : 0x0000 (0) DomainName : * DomainName...