You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by kw...@apache.org on 2012/12/22 19:26:38 UTC
svn commit: r1425330 -
/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
Author: kwright
Date: Sat Dec 22 18:26:38 2012
New Revision: 1425330
URL: http://svn.apache.org/viewvc?rev=1425330&view=rev
Log:
Use flags comparable to those used by IE 9. Test on all settings of the LAN Manager Authentication Security Level policy. Part of HTTPCLIENT-1268.
Modified:
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java?rev=1425330&r1=1425329&r2=1425330&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java Sat Dec 22 18:26:38 2012
@@ -33,6 +33,7 @@ import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
+import javax.crypto.Mac;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.util.EncodingUtils;
@@ -966,7 +967,7 @@ final class NTLMEngineImpl implements NT
String getResponse() {
// Now, build the message. Calculate its length first, including
// signature or type.
- int finalLength = 32 + 8 + hostBytes.length + domainBytes.length;
+ int finalLength = 32 + 8 /*+ hostBytes.length + domainBytes.length */;
// Set up the response. This will initialize the signature, message
// type, and flags.
@@ -974,11 +975,11 @@ final class NTLMEngineImpl implements NT
// Flags. These are the complete set of flags we support.
addULong(
- FLAG_WORKSTATION_PRESENT |
- FLAG_DOMAIN_PRESENT |
+ //FLAG_WORKSTATION_PRESENT |
+ //FLAG_DOMAIN_PRESENT |
// Required flags
- //FLAG_REQUEST_LAN_MANAGER_KEY |
+ FLAG_REQUEST_LAN_MANAGER_KEY |
FLAG_REQUEST_NTLMv1 |
FLAG_REQUEST_NTLM2_SESSION |
@@ -986,28 +987,27 @@ final class NTLMEngineImpl implements NT
FLAG_REQUEST_VERSION |
// Recommended privacy settings
- //FLAG_REQUEST_ALWAYS_SIGN |
+ FLAG_REQUEST_ALWAYS_SIGN |
//FLAG_REQUEST_SEAL |
- //FLAG_REQUEST_SIGN |
+ FLAG_REQUEST_SIGN |
// These must be set according to documentation, based on use of SEAL above
- //FLAG_REQUEST_128BIT_KEY_EXCH |
- //FLAG_REQUEST_56BIT_ENCRYPTION |
- //FLAG_REQUEST_EXPLICIT_KEY_EXCH |
+ FLAG_REQUEST_128BIT_KEY_EXCH |
+ FLAG_REQUEST_56BIT_ENCRYPTION |
+ FLAG_REQUEST_EXPLICIT_KEY_EXCH |
- FLAG_REQUEST_UNICODE_ENCODING |
- FLAG_REQUEST_TARGET);
+ FLAG_REQUEST_UNICODE_ENCODING);
// Domain length (two times).
- addUShort(domainBytes.length);
- addUShort(domainBytes.length);
+ addUShort(/*domainBytes.length*/0);
+ addUShort(/*domainBytes.length*/0);
// Domain offset.
- addULong(hostBytes.length + 32 + 8);
+ addULong(/*hostBytes.length +*/ 32 + 8);
// Host length (two times).
- addUShort(hostBytes.length);
- addUShort(hostBytes.length);
+ addUShort(/*hostBytes.length*/0);
+ addUShort(/*hostBytes.length*/0);
// Host offset (always 32 + 8).
addULong(32 + 8);
@@ -1017,14 +1017,14 @@ final class NTLMEngineImpl implements NT
// Build
addULong(2600);
// NTLM revision
- addUShort(15);
+ addUShort(0x0f00);
// Host (workstation) String.
- addBytes(hostBytes);
+ //addBytes(hostBytes);
// Domain String.
- addBytes(domainBytes);
+ //addBytes(domainBytes);
return super.getResponse();
@@ -1149,7 +1149,9 @@ final class NTLMEngineImpl implements NT
// seems warranted.
byte[] userSessionKey;
try {
- if (((type2Flags & FLAG_REQUEST_NTLM2_SESSION) == 0) &&
+ // This conditional may not work on Windows Server 2008 R2 and above, where it has not yet
+ // been tested
+ if (((type2Flags & FLAG_TARGETINFO_PRESENT) != 0) &&
targetInformation != null && target != null) {
// NTLMv2
ntResp = gen.getNTLMv2Response();
@@ -1299,8 +1301,9 @@ final class NTLMEngineImpl implements NT
(type2Flags & FLAG_REQUEST_56BIT_ENCRYPTION) |
(type2Flags & FLAG_REQUEST_EXPLICIT_KEY_EXCH) |
- FLAG_REQUEST_UNICODE_ENCODING |
- FLAG_REQUEST_TARGET
+ (type2Flags & FLAG_TARGETINFO_PRESENT) |
+ (type2Flags & FLAG_REQUEST_UNICODE_ENCODING) |
+ (type2Flags & FLAG_REQUEST_TARGET)
);
// Version
@@ -1308,7 +1311,7 @@ final class NTLMEngineImpl implements NT
// Build
addULong(2600);
// NTLM revision
- addUShort(15);
+ addUShort(0x0f00);
// Add the actual data
addBytes(lmResp);
@@ -1388,7 +1391,7 @@ final class NTLMEngineImpl implements NT
int transferAmt = input.length - inputIndex;
System.arraycopy(input, inputIndex, dataBuffer, curBufferPos, transferAmt);
count += transferAmt;
- //curBufferPos += transferAmt;
+ curBufferPos += transferAmt;
}
}