Mercurial > dovecot > core-2.2

--- a/src/auth/mech-ntlm.c	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/auth/mech-ntlm.c	Fri Jul 30 04:43:21 2004 +0300
@@ -32,6 +32,36 @@
 };

 static void
+lm_credentials_callback(const char *credentials,
+			struct auth_request *auth_request)
+{
+	struct ntlm_auth_request *auth =
+		(struct ntlm_auth_request *)auth_request;
+	const unsigned char *client_response;
+	unsigned char lm_response[LM_RESPONSE_SIZE];
+	unsigned char hash[LM_HASH_SIZE];
+	buffer_t *hash_buffer;
+	int ret;
+
+	if (credentials == NULL) {
+		mech_auth_finish(auth_request, NULL, 0, FALSE);
+		return;
+	}
+
+	hash_buffer = buffer_create_data(auth_request->pool,
+					 hash, sizeof(hash));
+	hex_to_binary(credentials, hash_buffer);
+
+	client_response = ntlmssp_buffer_data(auth->response, lm_response);
+
+	ntlmssp_v1_response(hash, auth->challenge, lm_response);
+
+	ret = memcmp(lm_response, client_response, LM_RESPONSE_SIZE) == 0;
+
+	mech_auth_finish(auth_request, NULL, 0, ret);
+}
+
+static void
 ntlm_credentials_callback(const char *credentials,
 			  struct auth_request *auth_request)
 {
@@ -44,7 +74,9 @@
 	int ret;

 	if (credentials == NULL) {
-		mech_auth_finish(auth_request, NULL, 0, FALSE);
+		passdb->lookup_credentials(auth_request,
+					   PASSDB_CREDENTIALS_LANMAN,
+					   lm_credentials_callback);
 		return;
 	}
--- a/src/auth/passdb.c	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/auth/passdb.c	Fri Jul 30 04:43:21 2004 +0300
@@ -28,6 +28,8 @@
 		return "HMAC-MD5";
 	case PASSDB_CREDENTIALS_DIGEST_MD5:
 		return "DIGEST-MD5";
+	case PASSDB_CREDENTIALS_LANMAN:
+		return "LANMAN";
 	case PASSDB_CREDENTIALS_NTLM:
 		return "NTLM";
 	}
--- a/src/auth/passdb.h	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/auth/passdb.h	Fri Jul 30 04:43:21 2004 +0300
@@ -13,6 +13,7 @@
 	PASSDB_CREDENTIALS_CRYPT,
 	PASSDB_CREDENTIALS_CRAM_MD5,
 	PASSDB_CREDENTIALS_DIGEST_MD5,
+	PASSDB_CREDENTIALS_LANMAN,
 	PASSDB_CREDENTIALS_NTLM
 };
--- a/src/auth/password-scheme-ntlm.c	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/auth/password-scheme-ntlm.c	Fri Jul 30 04:43:21 2004 +0300
@@ -5,11 +5,20 @@

 #include "ntlm.h"

-const char *password_generate_ntlm(const char *plaintext)
+const char *password_generate_lm(const char *pw)
 {
-	unsigned char hash[16];
+	unsigned char hash[LM_HASH_SIZE];

-	ntlm_v1_hash(plaintext, hash);
+	lm_hash(pw, hash);

 	return binary_to_hex_ucase(hash, sizeof(hash));
 }
+
+const char *password_generate_ntlm(const char *pw)
+{
+	unsigned char hash[NTLMSSP_HASH_SIZE];
+
+	ntlm_v1_hash(pw, hash);
+
+	return binary_to_hex_ucase(hash, sizeof(hash));
+}
--- a/src/auth/password-scheme.c	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/auth/password-scheme.c	Fri Jul 30 04:43:21 2004 +0300
@@ -400,10 +400,22 @@
 	return memcmp(md5_digest, data, 16) == 0;
 }

+static int lm_verify(const char *plaintext, const char *password,
+		       const char *user __attr_unused__)
+{
+	return strcasecmp(password, password_generate_lm(plaintext)) == 0;
+}
+
+static const char *lm_generate(const char *plaintext,
+				 const char *user __attr_unused__)
+{
+	return password_generate_lm(plaintext);
+}
+
 static int ntlm_verify(const char *plaintext, const char *password,
 		       const char *user __attr_unused__)
 {
-	return strcmp(password, password_generate_ntlm(plaintext)) == 0;
+	return strcasecmp(password, password_generate_ntlm(plaintext)) == 0;
 }

 static const char *ntlm_generate(const char *plaintext,
@@ -425,6 +437,7 @@
 	{ "DIGEST-MD5", digest_md5_verify, digest_md5_generate },
 	{ "PLAIN-MD5", plain_md5_verify, plain_md5_generate },
 	{ "LDAP-MD5", ldap_md5_verify, ldap_md5_generate },
+	{ "LANMAN", lm_verify, lm_generate },
 	{ "NTLM", ntlm_verify, ntlm_generate },
 	{ NULL, NULL, NULL }
 };
--- a/src/auth/password-scheme.h	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/auth/password-scheme.h	Fri Jul 30 04:43:21 2004 +0300
@@ -30,6 +30,7 @@
 /* INTERNAL: */
 const char *password_generate_md5_crypt(const char *pw, const char *salt);
 const char *password_generate_cram_md5(const char *pw);
+const char *password_generate_lm(const char *pw);
 const char *password_generate_ntlm(const char *pw);

 #endif
--- a/src/lib-ntlm/ntlm-encrypt.c	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/lib-ntlm/ntlm-encrypt.c	Fri Jul 30 04:43:21 2004 +0300
@@ -46,6 +46,26 @@
 }

 const unsigned char *
+lm_hash(const char *passwd, unsigned char hash[LM_HASH_SIZE])
+{
+	static const unsigned char lm_magic[8] = "KGS!@#$%";
+	unsigned char buffer[14];
+	unsigned int i;
+
+	strncpy(buffer, passwd, sizeof(buffer));
+
+	for (i = 0; i < sizeof(buffer); i++)
+		buffer[i] = i_toupper(buffer[i]);
+
+	deshash(hash, buffer, lm_magic);
+	deshash(hash + 8, buffer + 7, lm_magic);
+
+	safe_memset(buffer, 0, sizeof(buffer));
+
+	return hash;
+}
+
+const unsigned char *
 ntlm_v1_hash(const char *passwd, unsigned char hash[NTLMSSP_HASH_SIZE])
 {
 	size_t len;
--- a/src/lib-ntlm/ntlm-encrypt.h	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/lib-ntlm/ntlm-encrypt.h	Fri Jul 30 04:43:21 2004 +0300
@@ -2,6 +2,9 @@
 #define __NTLM_ENCRYPT__

 const unsigned char *
+lm_hash(const char *passwd, unsigned char hash[LM_HASH_SIZE]);
+
+const unsigned char *
 ntlm_v1_hash(const char *passwd, unsigned char hash[NTLMSSP_HASH_SIZE]);

 void ntlmssp_v1_response(const unsigned char *hash,
--- a/src/lib-ntlm/ntlm-types.h	Fri Jul 30 04:39:13 2004 +0300
+++ b/src/lib-ntlm/ntlm-types.h	Fri Jul 30 04:43:21 2004 +0300
@@ -22,6 +22,9 @@

 #define NTLMSSP_CHALLENGE_SIZE		8

+#define LM_HASH_SIZE			16
+#define LM_RESPONSE_SIZE		24
+
 #define NTLMSSP_HASH_SIZE		16
 #define NTLMSSP_RESPONSE_SIZE		24