ntlm message type2 flags wrong

Kevin Radke kmradke at gmail.com
Fri Dec 24 12:07:22 EST 2010


Joe,

Your patch looks good, except that I unable to get the constant values 
to work correctly.  It kept sending a value of 0x0202 instead of 0x8202. 
  When I hard-coded it to the value it worked fine:

   LONGQUARTET(0x8202),

Something probably not quite right with the data types and the 
bit-shifting, but my C is rusty enough I didn't look into it more.

Kevin R.

On 12/6/2010 4:45 PM, Joe Orton wrote:
> On Fri, Nov 26, 2010 at 12:25:34PM -0600, Kevin Radke wrote:
>> In ne_ntlm.c, around line 533, I think the hardcoded flags value is
>> wrong.  It appears to be hardcoded to say that Unicode is being
>> used, but I see the domain/username passed in non-unicode.  (When
>> using svn on solaris).  I suggest it be changed to something like:
>>
>> "\x02\x82" /* flags */
>>
>> or even better, start using the constant definitions like are used
>> for the type1 message earlier.
>>
>> LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM|      /*    2 */
>>              NTLMFLAG_NEGOTIATE_NTLM_KEY| /*  200 */
>>              NTLMFLAG_NEGOTIATE_NTML2_KEY /* 8000 */
>>              /* equals 0x8202 */
>>             ),
>>
>>
>> I'm not sure that 0x8202 is exactly what is needed, since fidler2
>> still decodes the domain and hostnames as garbage, but this change
>> does allow NTLM to be used instead of falling back to basic auth
>> when using mod_auth_sspi on a windows server.
>
> Hi Kevin, thanks for your mail.  I'm not overly familiar with this code,
> but your analysis looks to be correct from a cursory inspection of the
> docs referenced from the top of top.
>
> Can you confirm this patch correctly reflects the change you indicated?
>
> Regards, Joe
>
> Index: src/ne_ntlm.c
> ===================================================================
> --- src/ne_ntlm.c	(revision 1832)
> +++ src/ne_ntlm.c	(working copy)
> @@ -530,7 +530,7 @@
>                       "\xff\xff"  /* message length */
>                       "%c%c"  /* 2 zeroes */
>
> -                    "\x01\x82" /* flags */
> +                    "%c%c%c%c" /* flags */
>                       "%c%c"  /* 2 zeroes */
>
>                       /* domain string */
> @@ -573,7 +573,13 @@
>                       0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
>
>                       0x0, 0x0,
> -
> +
> +                    LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM|       /*    2 */
> +                                NTLMFLAG_NEGOTIATE_NTLM_KEY|  /*  200 */
> +                                NTLMFLAG_NEGOTIATE_NTLM2_KEY  /* 8000 */
> +                        /* equals 0x8202 */
> +                        ),
> +
>                       0x0, 0x0);
>
>       /* size is now 64 */




More information about the neon mailing list