Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/mech-ntlm.c @ 9608:f30e6a345d73 HEAD
Added tag 1.2.14 for changeset eb04e2b13e3d
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 24 Aug 2010 18:10:29 +0100 |
parents | 84eea1977632 |
children |
rev | line source |
---|---|
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 /* |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 * NTLM and NTLMv2 authentication mechanism. |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 * |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 * Copyright (c) 2004 Andrey Panin <pazke@donpac.ru> |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 * |
4382
f8d37e26a2b3
Relicensed dovecot-auth to MIT.
Timo Sirainen <tss@iki.fi>
parents:
4020
diff
changeset
|
6 * This software is released under the MIT license. |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 */ |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 #include "common.h" |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "mech.h" |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 #include "passdb.h" |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 #include "str.h" |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 #include "buffer.h" |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include "hex-binary.h" |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 #include "safe-memset.h" |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
16 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
17 #include "ntlm.h" |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 struct ntlm_auth_request { |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 struct auth_request auth_request; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
21 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 pool_t pool; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
23 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
24 /* requested: */ |
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
25 bool ntlm2_negotiated; |
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
26 bool unicode_negotiated; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
27 const unsigned char *challenge; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
28 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
29 /* received: */ |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
30 struct ntlmssp_response *response; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
31 }; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
32 |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
33 static bool lm_verify_credentials(struct ntlm_auth_request *request, |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
34 const unsigned char *credentials, size_t size) |
2381
6531fd0f779f
Added LANMAN password scheme. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2377
diff
changeset
|
35 { |
6531fd0f779f
Added LANMAN password scheme. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2377
diff
changeset
|
36 const unsigned char *client_response; |
6531fd0f779f
Added LANMAN password scheme. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2377
diff
changeset
|
37 unsigned char lm_response[LM_RESPONSE_SIZE]; |
2876
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
38 unsigned int response_length; |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
39 |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
40 if (size != LM_HASH_SIZE) { |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
41 auth_request_log_error(&request->auth_request, "lm", |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
42 "invalid credentials length"); |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
43 return FALSE; |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
44 } |
2381
6531fd0f779f
Added LANMAN password scheme. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2377
diff
changeset
|
45 |
2876
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
46 response_length = |
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
47 ntlmssp_buffer_length(request->response, lm_response); |
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
48 client_response = ntlmssp_buffer_data(request->response, lm_response); |
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
49 |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
50 if (response_length < LM_RESPONSE_SIZE) { |
3069 | 51 auth_request_log_error(&request->auth_request, "ntlm", |
3229
bb7282d1e2da
Fixes incorrect error message and adds missing hex_to_binary() return value
Timo Sirainen <tss@iki.fi>
parents:
3072
diff
changeset
|
52 "LM response length is too small"); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
53 return FALSE; |
2381
6531fd0f779f
Added LANMAN password scheme. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2377
diff
changeset
|
54 } |
6531fd0f779f
Added LANMAN password scheme. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2377
diff
changeset
|
55 |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
56 ntlmssp_v1_response(credentials, request->challenge, lm_response); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
57 return memcmp(lm_response, client_response, LM_RESPONSE_SIZE) == 0; |
2381
6531fd0f779f
Added LANMAN password scheme. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2377
diff
changeset
|
58 } |
6531fd0f779f
Added LANMAN password scheme. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2377
diff
changeset
|
59 |
5475
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
60 static void |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
61 lm_credentials_callback(enum passdb_result result, |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
62 const unsigned char *credentials, size_t size, |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
63 struct auth_request *auth_request) |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
64 { |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
65 struct ntlm_auth_request *request = |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
66 (struct ntlm_auth_request *)auth_request; |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
67 |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
68 switch (result) { |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
69 case PASSDB_RESULT_OK: |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
70 if (lm_verify_credentials(request, credentials, size)) |
5475
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
71 auth_request_success(auth_request, NULL, 0); |
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
72 else |
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
73 auth_request_fail(auth_request); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
74 break; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
75 case PASSDB_RESULT_INTERNAL_FAILURE: |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
76 auth_request_internal_failure(auth_request); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
77 break; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
78 default: |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
79 auth_request_fail(auth_request); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
80 break; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
81 } |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
82 } |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
83 |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
84 static int |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
85 ntlm_verify_credentials(struct ntlm_auth_request *request, |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
86 const unsigned char *credentials, size_t size) |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
87 { |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
88 struct auth_request *auth_request = &request->auth_request; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
89 const unsigned char *client_response; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
90 unsigned int response_length; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
91 |
2876
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
92 response_length = |
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
93 ntlmssp_buffer_length(request->response, ntlm_response); |
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
94 client_response = ntlmssp_buffer_data(request->response, ntlm_response); |
78dc2381f3af
allow LM authentication for older (Win9x) clients
Timo Sirainen <tss@iki.fi>
parents:
2808
diff
changeset
|
95 |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
96 if (response_length == 0) { |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
97 /* try LM authentication unless NTLM2 was negotiated */ |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
98 return request->ntlm2_negotiated ? -1 : 0; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
99 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
100 |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
101 if (size != NTLMSSP_HASH_SIZE) { |
3229
bb7282d1e2da
Fixes incorrect error message and adds missing hex_to_binary() return value
Timo Sirainen <tss@iki.fi>
parents:
3072
diff
changeset
|
102 auth_request_log_error(&request->auth_request, "ntlm", |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
103 "invalid credentials length"); |
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
104 return -1; |
3229
bb7282d1e2da
Fixes incorrect error message and adds missing hex_to_binary() return value
Timo Sirainen <tss@iki.fi>
parents:
3072
diff
changeset
|
105 } |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
106 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
107 if (response_length > NTLMSSP_RESPONSE_SIZE) { |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
108 unsigned char ntlm_v2_response[NTLMSSP_V2_RESPONSE_SIZE]; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
109 const unsigned char *blob = |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
110 client_response + NTLMSSP_V2_RESPONSE_SIZE; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
111 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
112 /* |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
113 * Authentication target == NULL because we are acting |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
114 * as a standalone server, not as NT domain member. |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
115 */ |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
116 ntlmssp_v2_response(auth_request->user, NULL, |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
117 credentials, request->challenge, blob, |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
118 response_length - NTLMSSP_V2_RESPONSE_SIZE, |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
119 ntlm_v2_response); |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
120 |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
121 return memcmp(ntlm_v2_response, client_response, |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
122 NTLMSSP_V2_RESPONSE_SIZE) == 0 ? 1 : -1; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
123 } else { |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 unsigned char ntlm_response[NTLMSSP_RESPONSE_SIZE]; |
2692
1065a557516b
NTLM2 authentication support. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
125 const unsigned char *client_lm_response = |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
126 ntlmssp_buffer_data(request->response, lm_response); |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
127 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
128 if (request->ntlm2_negotiated) |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
129 ntlmssp2_response(credentials, request->challenge, |
2692
1065a557516b
NTLM2 authentication support. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
130 client_lm_response, |
1065a557516b
NTLM2 authentication support. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
131 ntlm_response); |
1065a557516b
NTLM2 authentication support. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
132 else |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
133 ntlmssp_v1_response(credentials, request->challenge, |
2692
1065a557516b
NTLM2 authentication support. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
134 ntlm_response); |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
135 |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
136 return memcmp(ntlm_response, client_response, |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
137 NTLMSSP_RESPONSE_SIZE) == 0 ? 1 : -1; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
138 } |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
139 } |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
140 |
5475
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
141 static void |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
142 ntlm_credentials_callback(enum passdb_result result, |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
143 const unsigned char *credentials, size_t size, |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
144 struct auth_request *auth_request) |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
145 { |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
146 struct ntlm_auth_request *request = |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
147 (struct ntlm_auth_request *)auth_request; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
148 int ret; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
149 |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
150 switch (result) { |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
151 case PASSDB_RESULT_OK: |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
5593
diff
changeset
|
152 ret = ntlm_verify_credentials(request, credentials, size); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
153 if (ret > 0) { |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
154 auth_request_success(auth_request, NULL, 0); |
5475
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
155 return; |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
156 } |
5475
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
157 if (ret < 0) { |
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
158 auth_request_fail(auth_request); |
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
159 return; |
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
160 } |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
161 break; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
162 case PASSDB_RESULT_INTERNAL_FAILURE: |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
163 auth_request_internal_failure(auth_request); |
5475
769aaaee6821
Reverted accidental commit. This code isn't ready yet.
Timo Sirainen <tss@iki.fi>
parents:
5462
diff
changeset
|
164 return; |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
165 default: |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
166 break; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
167 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
168 |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
169 /* NTLM credentials not found or didn't want to use them, |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2915
diff
changeset
|
170 try with LM credentials */ |
5593
f8dc0bdb06a7
Removed enum passdb_credentials. Use scheme strings directly instead. This
Timo Sirainen <tss@iki.fi>
parents:
5475
diff
changeset
|
171 auth_request_lookup_credentials(auth_request, "LANMAN", |
3068 | 172 lm_credentials_callback); |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
173 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
174 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
175 static void |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
176 mech_ntlm_auth_continue(struct auth_request *auth_request, |
3071 | 177 const unsigned char *data, size_t data_size) |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
178 { |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
179 struct ntlm_auth_request *request = |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
180 (struct ntlm_auth_request *)auth_request; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
181 const char *error; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
182 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
183 if (!request->challenge) { |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
184 const struct ntlmssp_request *ntlm_request = |
4020
fcfd44f56b04
While casting const pointers to something else, the const was often
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
185 (const struct ntlmssp_request *)data; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
186 const struct ntlmssp_challenge *message; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
187 size_t message_size; |
2808
48250919bbc4
support OEM encoding in NTLM messages. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
188 uint32_t flags; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
189 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
190 if (!ntlmssp_check_request(ntlm_request, data_size, &error)) { |
3069 | 191 auth_request_log_info(auth_request, "ntlm", |
192 "invalid NTLM request: %s", error); | |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
193 auth_request_fail(auth_request); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
194 return; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
195 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
196 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
197 message = ntlmssp_create_challenge(request->pool, ntlm_request, |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
198 &message_size); |
2808
48250919bbc4
support OEM encoding in NTLM messages. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
199 flags = read_le32(&message->flags); |
48250919bbc4
support OEM encoding in NTLM messages. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
200 request->ntlm2_negotiated = flags & NTLMSSP_NEGOTIATE_NTLM2; |
48250919bbc4
support OEM encoding in NTLM messages. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
201 request->unicode_negotiated = flags & NTLMSSP_NEGOTIATE_UNICODE; |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
202 request->challenge = message->challenge; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
203 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
204 auth_request->callback(auth_request, |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
205 AUTH_CLIENT_RESULT_CONTINUE, |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
206 message, message_size); |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
207 } else { |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
208 const struct ntlmssp_response *response = |
4020
fcfd44f56b04
While casting const pointers to something else, the const was often
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
209 (const struct ntlmssp_response *)data; |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
210 const char *username; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
211 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
212 if (!ntlmssp_check_response(response, data_size, &error)) { |
3069 | 213 auth_request_log_info(auth_request, "ntlm", |
214 "invalid NTLM response: %s", error); | |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
215 auth_request_fail(auth_request); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
216 return; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
217 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
218 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
219 request->response = p_malloc(request->pool, data_size); |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
220 memcpy(request->response, response, data_size); |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
221 |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
222 username = ntlmssp_t_str(request->response, user, |
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
223 request->unicode_negotiated); |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
224 |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
225 if (!auth_request_set_username(auth_request, username, &error)) { |
3069 | 226 auth_request_log_info(auth_request, "ntlm", |
227 "%s", error); | |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
228 auth_request_fail(auth_request); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
229 return; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
230 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
231 |
5593
f8dc0bdb06a7
Removed enum passdb_credentials. Use scheme strings directly instead. This
Timo Sirainen <tss@iki.fi>
parents:
5475
diff
changeset
|
232 auth_request_lookup_credentials(auth_request, "NTLM", |
3068 | 233 ntlm_credentials_callback); |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
234 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
235 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
236 |
3072 | 237 static struct auth_request *mech_ntlm_auth_new(void) |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
238 { |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
239 struct ntlm_auth_request *request; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
240 pool_t pool; |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
241 |
3695
4f8598b0ca62
Use a bit larger initial pool sizes
Timo Sirainen <tss@iki.fi>
parents:
3683
diff
changeset
|
242 pool = pool_alloconly_create("ntlm_auth_request", 1024); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
243 request = p_new(pool, struct ntlm_auth_request, 1); |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
244 request->pool = pool; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
245 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
246 request->auth_request.pool = pool; |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
247 return &request->auth_request; |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
248 } |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
249 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
250 const struct mech_module mech_ntlm = { |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
251 "NTLM", |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
252 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
253 MEMBER(flags) MECH_SEC_DICTIONARY | MECH_SEC_ACTIVE, |
8605
84eea1977632
auth: Code cleanup for specifying what passdb features auth mechanisms need.
Timo Sirainen <tss@iki.fi>
parents:
5598
diff
changeset
|
254 MEMBER(passdb_need) MECH_PASSDB_NEED_LOOKUP_CREDENTIALS, |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
255 |
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
256 mech_ntlm_auth_new, |
4414
9017db478693
Added mech_generic_auth_internal() and mech_generic_auth_free() functions
Timo Sirainen <tss@iki.fi>
parents:
4382
diff
changeset
|
257 mech_generic_auth_initial, |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2696
diff
changeset
|
258 mech_ntlm_auth_continue, |
4414
9017db478693
Added mech_generic_auth_internal() and mech_generic_auth_free() functions
Timo Sirainen <tss@iki.fi>
parents:
4382
diff
changeset
|
259 mech_generic_auth_free |
2377
8f5be0be3199
NTLM authentication. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
260 }; |