PATCH - HTTP NTLM Authentication

[Karsten Künne]

I while ago I posted a message saying that I don't intend to support NTLM. 
Well, after I discovered libntlm I changed my mind :-).

This patch adds NTLM authentication to kio_http. It depends on libntlm which 
you can get from http://www.josefsson.org/libntlm . This is how NTLM 
authentication works:

- the server (usually IIS) offers "NTLM" (and at least in my tests also 
"Negotiate" but I couldn't figure out what to do with it as it apparently 
doesn't want Kerberos/GSSAPI here) in the "WWW-Authenticate" header on a 401 
response.

- the client sends a NTLM type 1 message (a request) in the "Authorization" 
header on the next message and it MUST NOT close the connection! (this is 
important, NTLM authentication doesn't work otherwise as it is 
connection-oriented and not request-oriented)

- the server then answers with 401 and sends a type 2 message (a challenge) in 
the "WWW-Authenticate" header

- the client then sends a type 3 message (a response) in the "Authorization" 
header on the next message on the SAME connection

- if everything was o.k., the server answers with a 200.

In order to test NTLM authentication I even set up a Windows 2000 server on my 
laptop (what a pain!). So, I tested it with Windows 2000 Server SP4 (IIS 5.0) 
and libntlm-0.3.3.

The patch is against CVS HEAD from today.


Karsten.
-- 
43rd Law of Computing:
	Anything that can go wr
fortune: Segmentation violation -- Core dumped
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ntlm.diff
Type: text/x-diff
Size: 10372 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20040921/18a51d6e/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20040921/18a51d6e/attachment.sig>