Adding NTLMv2 support for Cyrus SASL 2.1.23

Dhruva T S dhruvats at tataelxsi.co.in
Wed Oct 14 00:44:09 EDT 2009


Ken,

Sorry for replying late.

I have hard coded the 'blob' structure as follows in ntlm_client_mech_step2() 
inside plugins/ntlm.c:


 /* should we send a NTLMv2 response? */
    params->utils->getopt(params->utils->getopt_context,
			  "NTLM", "ntlm_v2", &sendv2, NULL);

 /****************commented by dhruva - NTLMv2 support*/
   /*if (sendv2 && (*sendv2 == '1' || *sendv2 == 'y' ||
	 (*sendv2 == 'o' && *sendv2 == 'n') || *sendv2 == 't'))*/ 
   {

         int bloblen;
         char *blobbuf=NULL;
         unsigned char signature[4];
         unsigned char reserved[4];
         unsigned char unknown[4];
         unsigned char timestamp[8];
         
       /* put the cnonce in place after the LMv2 HMAC */
        char *cnonce = resp + MD5_DIGEST_LENGTH;
        
		
        signature[0]=0x01;
        signature[1]=0x01;
        signature[2]=0x00;
        signature[3]=0x00;
        reserved[0]=0x00;
        reserved[1]=0x00;
        reserved[2]=0x00;
        reserved[3]=0x00;
        unknown[0]=0x00;
        unknown[1]=0x00;
        unknown[2]=0x00;
        unknown[3]=0x00;

       
	params->utils->log(NULL, SASL_LOG_DEBUG,
	                 "calculating LMv2 response");

	params->utils->rand(params->utils->rpool, cnonce, NTLM_NONCE_LENGTH);

   
        unix_timestamp(timestamp);  
        bloblen=32+190; 
        blobbuf=malloc(bloblen);
        memcpy(blobbuf,signature,4);
        memcpy(blobbuf+4,reserved,4);
        memcpy(blobbuf+8,timestamp,8);
        memcpy(blobbuf+16,cnonce,8);
        memcpy(blobbuf+24,unknown,4);
        memcpy(blobbuf+28,serverin+64,190); 
        memcpy(blobbuf+28+190,unknown,4);
        memcpy(blobbuf+28+190+4,unknown,4);
  
         /* this is for LMv2 response*/
        /*V2(resp, password, oparams->authid, domain,
	 serverin + NTLM_TYPE2_CHALLENGE_OFFSET, cnonce, NTLM_NONCE_LENGTH,
	 params->utils, &text->out_buf, &text->out_buf_len, &result);*/
         
         /*for NTLMv2 response*/
        V2(resp,password,oparams->authid,domain,serverin+NTLM_TYPE2_CHALLENGE_OFFSET,
	    blobbuf,bloblen,params->utils,&text->out_buf,&text->out_buf_len,&result); 

	//lm_resp = resp;
        memcpy(resp+16,blobbuf,bloblen); /*first 16 bytes has hmac-md5(blobbuf) in 'resp'*/
	nt_resp=resp;
    }

The 'resp' buffer size in my case is 32+190+16 where 32 is the size of the
blob without TIB size, 190 is the TIB size and 16 is the size 
of hmac-md5(blobbuf).

	
One of the parameter being passed in the line
  "
   /* should we send a NTLMv2 response? */
    params->utils->getopt(params->utils->getopt_context,
			  "NTLM", "ntlm_v2", &sendv2, NULL);
  "
is "ntlm_v2". When I checked, the "sendv2" value is not '1' or 'y'.
So the condition check "if (&sendv2 == ...)" fails. That is the reason I have
commented this check as above.
Can you please guide me about how to pass this check?


Sorry, I don't know how to create a patch file.


Thanks,
Dhruva

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20091014/eb8f5037/attachment.html 


More information about the Cyrus-sasl mailing list