[PATCH]Authentication with NTLM proxy server

Szombathelyi György gyurco at freemail.hu
Wed Sep 27 14:18:02 BST 2006 

Yeah, I think that's correct, but don't forget to test. I'm not 
developing anymore in the KDE3 trunk, so I cannot test it. In the KDE4 
version of KNTLM I solved this in a different way, by specifying flags 
what response types should returned, so one can request for both LM and 
NTLM response (however I think servers that has the Negotiate_NTLM flag 
in their challenge, and cannot live without LM are insane and 
buggy...The whole point of NTLM is that you don't need to pass the 
weaker LM response over the wire).

Bye,
György

Robert Gruber írta:
> Szombathelyi György wrote:
>> Returning the same data for the LM and NTLM response? It's not good!!
>> I would write:
>> addBuf( rbuf, ((Auth*) rbuf.data())->ntResponse, getNTLMResponse( 
>> password, ch->challengeData ) );
>> addBuf( rbuf, ((Auth*) rbuf.data())->lmResponse, getLMResponse( 
>> password, ch->challengeData ));
>>
>> and delete the whole if () above.
> 
> 
> So the updated patch would look like this:
> 
> --- kntlm.cpp.orig      2006-09-26 13:05:06.000000000 +0200
> +++ kntlm.cpp   2006-09-27 14:51:41.000000000 +0200
> @@ -158,16 +158,10 @@ bool KNTLM::getAuth( QByteArray &auth, c
>  //    }
>  //  } else { //if no targetinfo structure and NTLMv2 or LMv2 not forced, try 
> the older methods
> 
> -    if ( KFromToLittleEndian(ch->flags) & Negotiate_NTLM ) {
> -      response = getNTLMResponse( password, ch->challengeData );
> -      addBuf( rbuf, ((Auth*) rbuf.data())->ntResponse, response );
> -    } else {
> -      if ( !forceNTLM ) {
> -        response = getLMResponse( password, ch->challengeData );
> -        addBuf( rbuf, ((Auth*) rbuf.data())->lmResponse, response );
> -      } else
> -        return false;
> -    }
> +    response = getNTLMResponse( password, ch->challengeData );
> +    addBuf( rbuf, ((Auth*) rbuf.data())->ntResponse, response );
> +    response = getLMResponse( password, ch->challengeData );
> +    addBuf( rbuf, ((Auth*) rbuf.data())->lmResponse, response );
>  //  }
>    if ( !dom.isEmpty() )
>      addString( rbuf, ((Auth*) rbuf.data())->domain, dom, unicode );
> 
> 
> 
> Cheers, Robert
> 
>

More information about the kde-core-devel mailing list