[Dovecot] [PATCH 8/10] NTLM, password scheme

27 Jul 2004

This patch adds NTLM password scheme. As a bonus it can be used to
authenticate users using Samba password database.


 src/auth/Makefile.am            |    1 +
 src/auth/passdb.c               |    2 ++
 src/auth/passdb.h               |    3 ++-
 src/auth/password-scheme-ntlm.c |   15 +++++++++++++++
 src/auth/password-scheme.c      |   13 +++++++++++++
 src/auth/password-scheme.h      |    1 +
 6 files changed, 34 insertions(+), 1 deletion(-)

diff -urpNX /usr/share/dontdiff dovecot-1.0-test30.vanilla/src/auth/Makefile.am dovecot-1.0-test30/src/auth/Makefile.am

--- dovecot-1.0-test30.vanilla/src/auth/Makefile.am	2004-07-27 10:03:23.000000000 +0400
+++ dovecot-1.0-test30/src/auth/Makefile.am	2004-07-27 11:56:34.000000000 +0400
@@ -48,6 +51,7 @@ dovecot_auth_SOURCES = \
 	password-scheme.c \
 	password-scheme-md5crypt.c \
 	password-scheme-cram-md5.c \
+	password-scheme-ntlm.c \
 	userdb.c \
 	userdb-ldap.c \
 	userdb-passwd.c \
diff -urpNX /usr/share/dontdiff dovecot-1.0-test30.vanilla/src/auth/passdb.c dovecot-1.0-test30/src/auth/passdb.c
--- dovecot-1.0-test30.vanilla/src/auth/passdb.c	2004-07-27 10:03:23.000000000 +0400
+++ dovecot-1.0-test30/src/auth/passdb.c	2004-07-27 10:19:58.000000000 +0400
@@ -28,6 +28,8 @@ passdb_credentials_to_str(enum passdb_cr
 		return "HMAC-MD5";
 	case PASSDB_CREDENTIALS_DIGEST_MD5:
 		return "DIGEST-MD5";
+	case PASSDB_CREDENTIALS_NTLM:
+		return "NTLM";
 	}
 
 	return "??";
diff -urpNX /usr/share/dontdiff dovecot-1.0-test30.vanilla/src/auth/passdb.h dovecot-1.0-test30/src/auth/passdb.h
--- dovecot-1.0-test30.vanilla/src/auth/passdb.h	2004-07-27 10:03:23.000000000 +0400
+++ dovecot-1.0-test30/src/auth/passdb.h	2004-07-27 10:19:58.000000000 +0400
@@ -12,7 +12,8 @@ enum passdb_credentials {
 	PASSDB_CREDENTIALS_PLAINTEXT,
 	PASSDB_CREDENTIALS_CRYPT,
 	PASSDB_CREDENTIALS_CRAM_MD5,
-	PASSDB_CREDENTIALS_DIGEST_MD5
+	PASSDB_CREDENTIALS_DIGEST_MD5,
+	PASSDB_CREDENTIALS_NTLM
 };
 
 enum passdb_result {
diff -urpNX /usr/share/dontdiff dovecot-1.0-test30.vanilla/src/auth/password-scheme.c dovecot-1.0-test30/src/auth/password-scheme.c
--- dovecot-1.0-test30.vanilla/src/auth/password-scheme.c	2004-07-27 10:03:23.000000000 +0400
+++ dovecot-1.0-test30/src/auth/password-scheme.c	2004-07-27 10:19:58.000000000 +0400
@@ -216,6 +216,18 @@ static const char *plain_md5_generate(co
 	return binary_to_hex(digest, sizeof(digest));
 }
 
+static int ntlm_verify(const char *plaintext, const char *password,
+		       const char *user __attr_unused__)
+{
+	return strcmp(password, password_generate_ntlm(plaintext)) == 0;
+}
+
+static const char *ntlm_generate(const char *plaintext,
+				 const char *user __attr_unused__)
+{
+	return password_generate_ntlm(plaintext);
+}
+
 static const struct password_scheme default_schemes[] = {
 	{ "CRYPT", crypt_verify, crypt_generate },
 	{ "MD5", md5_verify, md5_generate },
@@ -227,6 +239,7 @@ static const struct password_scheme defa
 	{ "HMAC-MD5", hmac_md5_verify, hmac_md5_generate },
 	{ "DIGEST-MD5", digest_md5_verify, digest_md5_generate },
 	{ "PLAIN-MD5", plain_md5_verify, plain_md5_generate },
+	{ "NTLM", ntlm_verify, ntlm_generate },
 	{ NULL, NULL, NULL }
 };
 
diff -urpNX /usr/share/dontdiff dovecot-1.0-test30.vanilla/src/auth/password-scheme.h dovecot-1.0-test30/src/auth/password-scheme.h
--- dovecot-1.0-test30.vanilla/src/auth/password-scheme.h	2004-07-27 10:03:23.000000000 +0400
+++ dovecot-1.0-test30/src/auth/password-scheme.h	2004-07-27 10:19:58.000000000 +0400
@@ -27,5 +27,6 @@ void password_schemes_deinit(void);
 /* INTERNAL: */
 const char *password_generate_md5_crypt(const char *pw, const char *salt);
 const char *password_generate_cram_md5(const char *pw);
+const char *password_generate_ntlm(const char *pw);
 
 #endif
diff -urpNX /usr/share/dontdiff dovecot-1.0-test30.vanilla/src/auth/password-scheme-ntlm.c dovecot-1.0-test30/src/auth/password-scheme-ntlm.c
--- dovecot-1.0-test30.vanilla/src/auth/password-scheme-ntlm.c	1970-01-01 03:00:00.000000000 +0300
+++ dovecot-1.0-test30/src/auth/password-scheme-ntlm.c	2004-07-27 10:19:58.000000000 +0400
@@ -0,0 +1,15 @@
+
+#include "lib.h"
+#include "hex-binary.h"
+#include "password-scheme.h"
+
+#include "ntlm.h"
+
+const char *password_generate_ntlm(const char *plaintext)
+{
+	unsigned char hash[16];
+
+	ntlm_v1_hash(plaintext, hash);
+
+	return str_ucase((char *)binary_to_hex(hash, sizeof(hash)));
+}

    

[Dovecot] [PATCH 8/10] NTLM, password scheme

Andrey Panin