On 210, 07 28, 2004 at 12:36:30AM +0300, Timo Sirainen wrote:
On 27.7.2004, at 16:18, Andrey Panin wrote:
It contains common code in src/lib-ntlm directory, Samba compatible NTLM password scheme and authentication mechanism itself.
So now Dovecot has md4, md5, sha1 and des code. Maybe there should be a lib-crypto or something similiar for those.. Or anyway md4 and des would be better in lib/ than lib-ntlm/.
md4 and hmac-md5 can be moved to lib/ easily. I'm not sure about usefulness of ntlm-des.c outside of NTLM authentication code.
Please take a look.
HMAC-MD5 code looks quite similiar to src/auth/password-scheme-cram-md5.c. Could they be merged somehow?
I'll take a look at them later today.
You use "char var[0]" in end of some structures. I've tried to avoid them so far everywhere since C89 doesn't support it. But I guess it's common enough feature that it could be allowed the way C99 supports it, var[].
We can safely remove this fields, now they serve to illustrate NTLM message structure only.
- int len = strlen(passwd);
- ucs2le_t wpwd[len + 1];
Another C99ism.. Are there enough C99 compilers that it'd be good idea to require it? gcc of course works, but how about others?
Reworked using buffer API.
+ntlmssp_v1_response(const unsigned char *hash, ..
- memset(des_hash + NTLMSSP_HASH_SIZE, 0, sizeof(hash) - NTLMSSP_HASH_SIZE);
sizeof(des_hash)
Fixed.
+#define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
offsetof() is ansi-c and defined in stddef.h
Removed.
+const char * __ntlmssp_t_str(void *message, struct ntlmssp_buffer *buffer) ..
- str_append_c(str, '\0');
- return str_c(str);
str_c() nul-terminates the returned string so str_append_c() isn't needed there.
Fixed.
+static int ntlmssp_check_buffer(struct ntlmssp_buffer *buffer, size_t data_size, const char **error) +{
- uint32_t offset = read_le32(&buffer->offset);
- if (offset <= data_size) {
*error = "buffer offset out of bounds";
return 0;
- }
offset >= data_size I'd think?
Fixed.
Updated patches attached.
-- Andrey Panin | Linux and UNIX system administrator pazke@donpac.ru | PGP key: wwwkeys.pgp.net