From 709ae2454f4387e6533e35a161ded6a5650cdf1c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 20 May 2022 16:23:21 +0200
Subject: [PATCH] ntlm: provide a fixed fake host name

The NTLM protocol includes providing the local host name, but apparently
other implementations already provide a fixed fake name instead to avoid
leaking the real local name.

The exact name used is 'WORKSTATION', because Firefox uses that.

The change is written to allow someone to "back-pedal" fairly easy in
case of need.

Reported-by: Carlo Alberto
Fixes #8859
Closes #8889
---
 lib/vauth/ntlm.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index 115f70b0e1..91c8157dd9 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -62,6 +62,10 @@
 /* "NTLMSSP" signature is always in ASCII regardless of the platform */
 #define NTLMSSP_SIGNATURE "\x4e\x54\x4c\x4d\x53\x53\x50"
 
+/* The fixed host name we provide, in order to not leak our real local host
+   name. Copy the name used by Firefox. */
+#define NTLM_HOSTNAME "WORKSTATION"
+
 #if DEBUG_ME
 # define DEBUG_OUT(x) x
 static void ntlm_print_flags(FILE *handle, unsigned long flags)
@@ -521,6 +525,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
 
   userlen = strlen(user);
 
+#ifndef NTLM_HOSTNAME
   /* Get the machine's un-qualified host name as NTLM doesn't like the fully
      qualified domain name */
   if(Curl_gethostname(host, sizeof(host))) {
@@ -530,6 +535,9 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
   else {
     hostlen = strlen(host);
   }
+#else
+  hostlen = sizeof(NTLM_HOSTNAME)-1;
+#endif
 
   if(ntlm->flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) {
     unsigned char ntbuffer[0x18];