[dovecot-cvs] dovecot/src/auth mech-ntlm.c,1.4,1.5

[cras at dovecot.org]

Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv5822/src/auth

Modified Files:
	mech-ntlm.c 
Log Message:
NTLM2 authentication support. Patch by Andrey Panin



Index: mech-ntlm.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-ntlm.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- mech-ntlm.c	31 Aug 2004 09:31:18 -0000	1.4
+++ mech-ntlm.c	5 Oct 2004 20:01:05 -0000	1.5
@@ -25,6 +25,7 @@
 	pool_t pool;
 
 	/* requested: */
+	int ntlm2_negotiated;
 	const unsigned char *challenge;
 
 	/* received: */
@@ -73,7 +74,7 @@
 	buffer_t *hash_buffer;
 	int ret;
 
-	if (credentials == NULL) {
+	if (credentials == NULL && !auth->ntlm2_negotiated) {
 		passdb->lookup_credentials(auth_request,
 					   PASSDB_CREDENTIALS_LANMAN,
 					   lm_credentials_callback);
@@ -105,8 +106,16 @@
 			     NTLMSSP_V2_RESPONSE_SIZE) == 0;
 	} else {
 		unsigned char ntlm_response[NTLMSSP_RESPONSE_SIZE];
+		const unsigned char *client_lm_response =
+			ntlmssp_buffer_data(auth->response, lm_response);
 
-		ntlmssp_v1_response(hash, auth->challenge, ntlm_response);
+		if (auth->ntlm2_negotiated)
+			ntlmssp2_response(hash, auth->challenge,
+					  client_lm_response,
+					  ntlm_response);
+		else 
+			ntlmssp_v1_response(hash, auth->challenge,
+					    ntlm_response);
 
 		ret = memcmp(ntlm_response, client_response,
 			     NTLMSSP_RESPONSE_SIZE) == 0;
@@ -145,6 +154,7 @@
 
 		message = ntlmssp_create_challenge(auth->pool, request,
 						   &message_size);
+		auth->ntlm2_negotiated = message->flags & NTLMSSP_NEGOTIATE_NTLM2;
 		auth->challenge = message->challenge;
 
 		mech_init_auth_client_reply(&reply);