Adding NTLMv2 support for Cyrus SASL 2.1.23

Ken Murchison murch at andrew.cmu.edu
Tue Oct 13 06:48:56 EDT 2009


Can you submit a patch?


Dhruva T S wrote:
> 
> Hi,
> 
> 
> This is regarding NTLMv2 in Cyrus SASL 2.1.23.
> I have modified the plugins/ntlm.c file so as to add NTLMv2 support.
> If NTLMv2 is enabled, then the Type 3 message contains only LMv2 response.
> 
> The reason being that the 'blob' structure is not being passed to the 
> function V2()
> which does NTLM hash,HMAC-MD5 ....
> 
> 
> So in function ntlm_client_step_mech2(),I am passing the parameters to 
> V2 () as
> 
> V2(resp,password,oparams->authid,domain,serverin+NTLM_TYPE2_CHALLENGE_OFFSET,
>    blobbuf,bloblen,params->utils,&text->out_buf,&text->out_buf_len,&result);
> 
> where 'blobbuf' is the blob and 'bloblen' is the length of the blob.
> Then I am assigning the 'resp' to 'nt_resp'.
> Also, I have commented the part
>        "/*if (sendv2 &&
>         (*sendv2 == '1' || *sendv2 == 'y' ||
>          (*sendv2 == 'o' && *sendv2 == 'n') || *sendv2 == 't'))*/
> 
> When I checked in ethereal, everything is fine and I am able to successfully
> authenticate against Microsoft Active Directory server.
> 
> Please let me know if I am doing anything wrong.
> 
> 
> Thanks,
> Dhruva
> 

-- 
Kenneth Murchison
Systems Programmer
Carnegie Mellon University


More information about the Cyrus-sasl mailing list