Review Request 126982: Fix NTLMv2 stage 3 response creation
Krzysztof Nowicki
krissn at op.pl
Wed Feb 3 21:35:22 UTC 2016
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/126982/
-----------------------------------------------------------
Review request for KDE Frameworks.
Summary (updated)
-----------------
Fix NTLMv2 stage 3 response creation
Repository: kio
Description (updated)
-------
The Blob structure occupies 28 bytes. Unfortunately on 64-bit architectures the size grows to 32 bytes due to alignment. This causes code using sizeof() to calculate its size to produce wrong data. The immediate effect is that the target info is not copied correctly. In order to fix this introduce a constant defining the desired size of the blob structure.
Additionally the size of the target info was not calculated correctly when extracting it from the phase 2 response. This caused too much data to be copied over causing bad termination of the target info in the stage 3 response.
Diffs (updated)
-----
src/kntlm/kntlm.cpp ed6f388
Diff: https://git.reviewboard.kde.org/r/126982/diff/
Testing (updated)
-------
I have tested this against IIS 7.5 which in my case was configured to only accept NTLMv2 authentication. In addition to that I have executed the automatic test suite and found no regressions.
I intended to write a test case for NTLMv2, but a bug in KHttpNtlmAuthentication class blocked me from doing this (bug will be addressed shortly).
Thanks,
Krzysztof Nowicki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20160203/e99ad7ec/attachment.html>
More information about the Kde-frameworks-devel
mailing list