ntlm message type2 flags wrong

Joe Orton joe at manyfish.co.uk
Mon Dec 6 17:45:12 EST 2010


On Fri, Nov 26, 2010 at 12:25:34PM -0600, Kevin Radke wrote:
> In ne_ntlm.c, around line 533, I think the hardcoded flags value is
> wrong.  It appears to be hardcoded to say that Unicode is being
> used, but I see the domain/username passed in non-unicode.  (When
> using svn on solaris).  I suggest it be changed to something like:
> 
> "\x02\x82" /* flags */
> 
> or even better, start using the constant definitions like are used
> for the type1 message earlier.
> 
> LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM|      /*    2 */
>             NTLMFLAG_NEGOTIATE_NTLM_KEY| /*  200 */
>             NTLMFLAG_NEGOTIATE_NTML2_KEY /* 8000 */
>             /* equals 0x8202 */
>            ),
> 
> 
> I'm not sure that 0x8202 is exactly what is needed, since fidler2
> still decodes the domain and hostnames as garbage, but this change
> does allow NTLM to be used instead of falling back to basic auth
> when using mod_auth_sspi on a windows server.

Hi Kevin, thanks for your mail.  I'm not overly familiar with this code, 
but your analysis looks to be correct from a cursory inspection of the 
docs referenced from the top of top.

Can you confirm this patch correctly reflects the change you indicated?

Regards, Joe

Index: src/ne_ntlm.c
===================================================================
--- src/ne_ntlm.c	(revision 1832)
+++ src/ne_ntlm.c	(working copy)
@@ -530,7 +530,7 @@
                     "\xff\xff"  /* message length */
                     "%c%c"  /* 2 zeroes */
                     
-                    "\x01\x82" /* flags */
+                    "%c%c%c%c" /* flags */
                     "%c%c"  /* 2 zeroes */
 
                     /* domain string */
@@ -573,7 +573,13 @@
                     0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
              
                     0x0, 0x0,
-
+                       
+                    LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM|       /*    2 */
+                                NTLMFLAG_NEGOTIATE_NTLM_KEY|  /*  200 */
+                                NTLMFLAG_NEGOTIATE_NTLM2_KEY  /* 8000 */
+                        /* equals 0x8202 */
+                        ),
+                       
                     0x0, 0x0);
 
     /* size is now 64 */



More information about the neon mailing list