mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-04-12 16:20:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

ntlm: remove unused feature defines

Browse Source 
They're not used anymore and always supported.

Closes https://github.com/curl/curl/pull/8453
This commit is contained in:
Marcel Raad 2022-02-15 13:50:06 +01:00
parent 3369f9f289
commit 897e8baa54
No known key found for this signature in database
GPG Key ID: 33C416EFAE4D6F02
4 changed files with 12 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/curl_ntlm_core.c
View File

@ -444,7 +444,6 @@ CURLcode Curl_ntlm_core_mk_lm_hash(const char *password,
return CURLE_OK;
}
#ifdef USE_NTRESPONSES
static void ascii_to_unicode_le(unsigned char *dest, const char *src,
size_t srclen)
{
@ -455,7 +454,7 @@ static void ascii_to_unicode_le(unsigned char *dest, const char *src,
}
}
#if defined(USE_NTLM_V2) && !defined(USE_WINDOWS_SSPI)
#if !defined(USE_WINDOWS_SSPI)
static void ascii_uppercase_to_unicode_le(unsigned char *dest,
const char *src, size_t srclen)
@ -467,7 +466,7 @@ static void ascii_uppercase_to_unicode_le(unsigned char *dest,
}
}
#endif /* USE_NTLM_V2 && !USE_WINDOWS_SSPI */
#endif /* !USE_WINDOWS_SSPI */
/*
* Set up nt hashed passwords
@ -495,7 +494,7 @@ CURLcode Curl_ntlm_core_mk_nt_hash(const char *password,
return CURLE_OK;
}
#if defined(USE_NTLM_V2) && !defined(USE_WINDOWS_SSPI)
#if !defined(USE_WINDOWS_SSPI)
/* Timestamp in tenths of a microsecond since January 1, 1601 00:00:00 UTC. */
struct ms_filetime {
@ -711,8 +710,6 @@ CURLcode Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash,
return result;
}
#endif /* USE_NTLM_V2 && !USE_WINDOWS_SSPI */
#endif /* USE_NTRESPONSES */
#endif /* !USE_WINDOWS_SSPI */
#endif /* USE_CURL_NTLM_CORE */

23
lib/curl_ntlm_core.h
View File

@ -42,22 +42,6 @@
# include <openssl/ssl.h>
#endif
/* Define USE_NTRESPONSES in order to make the type-3 message include
* the NT response message. */
#define USE_NTRESPONSES
/* Define USE_NTLM2SESSION in order to make the type-3 message include the
NTLM2Session response message, requires USE_NTRESPONSES defined to 1 */
#if defined(USE_NTRESPONSES)
#define USE_NTLM2SESSION
#endif
/* Define USE_NTLM_V2 in order to allow the type-3 message to include the
LMv2 and NTLMv2 response messages, requires USE_NTRESPONSES defined to 1 */
#if defined(USE_NTRESPONSES)
#define USE_NTLM_V2
#endif
/* Helpers to generate function byte arguments in little endian order */
#define SHORTPAIR(x) ((int)((x) & 0xff)), ((int)(((x) >> 8) & 0xff))
#define LONGQUARTET(x) ((int)((x) & 0xff)), ((int)(((x) >> 8) & 0xff)), \
@ -70,11 +54,10 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys,
CURLcode Curl_ntlm_core_mk_lm_hash(const char *password,
unsigned char *lmbuffer /* 21 bytes */);
#ifdef USE_NTRESPONSES
CURLcode Curl_ntlm_core_mk_nt_hash(const char *password,
unsigned char *ntbuffer /* 21 bytes */);
#if defined(USE_NTLM_V2) && !defined(USE_WINDOWS_SSPI)
#if !defined(USE_WINDOWS_SSPI)
CURLcode Curl_hmac_md5(const unsigned char *key, unsigned int keylen,
const unsigned char *data, unsigned int datalen,
@ -96,9 +79,7 @@ CURLcode Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash,
unsigned char *challenge_server,
unsigned char *lmresp);
#endif /* USE_NTLM_V2 && !USE_WINDOWS_SSPI */
#endif /* USE_NTRESPONSES */
#endif /* !USE_WINDOWS_SSPI */
#endif /* USE_CURL_NTLM_CORE */

4
lib/smb.c
View File

@ -464,12 +464,8 @@ static CURLcode smb_send_setup(struct Curl_easy *data)
Curl_ntlm_core_mk_lm_hash(conn->passwd, lm_hash);
Curl_ntlm_core_lm_resp(lm_hash, smbc->challenge, lm);
#ifdef USE_NTRESPONSES
Curl_ntlm_core_mk_nt_hash(conn->passwd, nt_hash);
Curl_ntlm_core_lm_resp(nt_hash, smbc->challenge, nt);
#else
memset(nt, 0, sizeof(nt));
#endif
memset(&msg, 0, sizeof(msg));
msg.word_count = SMB_WC_SETUP_ANDX;

84
lib/vauth/ntlm.c
View File

@ -382,12 +382,6 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
/* Clean up any former leftovers and initialise to defaults */
Curl_auth_cleanup_ntlm(ntlm);
#if defined(USE_NTRESPONSES) && \
(defined(USE_NTLM2SESSION) || defined(USE_NTLM_V2))
#define NTLM2FLAG NTLMFLAG_NEGOTIATE_NTLM2_KEY
#else
#define NTLM2FLAG 0
#endif
ntlmbuf = aprintf(NTLMSSP_SIGNATURE "%c"
"\x01%c%c%c" /* 32-bit type = 1 */
"%c%c%c%c" /* 32-bit NTLM flag field */
@ -407,7 +401,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM |
NTLMFLAG_REQUEST_TARGET |
NTLMFLAG_NEGOTIATE_NTLM_KEY |
NTLM2FLAG |
NTLMFLAG_NEGOTIATE_NTLM2_KEY |
NTLMFLAG_NEGOTIATE_ALWAYS_SIGN),
SHORTPAIR(domlen),
SHORTPAIR(domlen),
@ -432,18 +426,18 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM |
NTLMFLAG_REQUEST_TARGET |
NTLMFLAG_NEGOTIATE_NTLM_KEY |
NTLM2FLAG |
NTLMFLAG_NEGOTIATE_NTLM2_KEY |
NTLMFLAG_NEGOTIATE_ALWAYS_SIGN),
NTLMFLAG_NEGOTIATE_OEM |
NTLMFLAG_REQUEST_TARGET |
NTLMFLAG_NEGOTIATE_NTLM_KEY |
NTLM2FLAG |
NTLMFLAG_NEGOTIATE_NTLM2_KEY |
NTLMFLAG_NEGOTIATE_ALWAYS_SIGN);
ntlm_print_flags(stderr,
NTLMFLAG_NEGOTIATE_OEM |
NTLMFLAG_REQUEST_TARGET |
NTLMFLAG_NEGOTIATE_NTLM_KEY |
NTLM2FLAG |
NTLMFLAG_NEGOTIATE_NTLM2_KEY |
NTLMFLAG_NEGOTIATE_ALWAYS_SIGN);
fprintf(stderr, "\n****\n");
});
@ -497,13 +491,11 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
unsigned char ntlmbuf[NTLM_BUFSIZE];
int lmrespoff;
unsigned char lmresp[24]; /* fixed-size */
#ifdef USE_NTRESPONSES
int ntrespoff;
unsigned int ntresplen = 24;
unsigned char ntresp[24]; /* fixed-size */
unsigned char *ptr_ntresp = &ntresp[0];
unsigned char *ntlmv2resp = NULL;
#endif
bool unicode = (ntlm->flags & NTLMFLAG_NEGOTIATE_UNICODE) ? TRUE : FALSE;
char host[HOSTNAME_MAX + 1] = "";
const char *user;
@ -539,12 +531,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
hostlen = strlen(host);
}
#if defined(USE_NTRESPONSES) && \
(defined(USE_NTLM2SESSION) || defined(USE_NTLM_V2))
/* We don't support NTLM2 or extended security if we don't have
USE_NTRESPONSES */
if(ntlm->flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) {
# if defined(USE_NTLM_V2)
unsigned char ntbuffer[0x18];
unsigned char entropy[8];
unsigned char ntlmv2hash[0x18];
@ -579,65 +566,19 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
return result;
ptr_ntresp = ntlmv2resp;
# else /* defined(USE_NTLM_V2) */
unsigned char ntbuffer[0x18];
unsigned char tmp[0x18];
unsigned char md5sum[MD5_DIGEST_LEN];
unsigned char entropy[8];
/* NTLM version 1 with extended security. */
/* Need to create 8 bytes random data */
result = Curl_rand(data, entropy, 8);
if(result)
return result;
/* 8 bytes random data as challenge in lmresp */
memcpy(lmresp, entropy, 8);
/* Pad with zeros */
memset(lmresp + 8, 0, 0x10);
/* Fill tmp with challenge(nonce?) + entropy */
memcpy(tmp, &ntlm->nonce[0], 8);
memcpy(tmp + 8, entropy, 8);
result = Curl_md5it(md5sum, tmp, 16);
if(result)
return result;
/* We shall only use the first 8 bytes of md5sum, but the des code in
Curl_ntlm_core_lm_resp only encrypt the first 8 bytes */
result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer);
if(result)
return result;
Curl_ntlm_core_lm_resp(ntbuffer, md5sum, ntresp);
/* End of NTLM2 Session code */
/* NTLM v2 session security is a misnomer because it is not NTLM v2.
It is NTLM v1 using the extended session security that is also
in NTLM v2 */
# endif /* defined(USE_NTLM_V2) */
}
else
#endif
{
else {
#ifdef USE_NTRESPONSES
unsigned char ntbuffer[0x18];
#endif
unsigned char lmbuffer[0x18];
/* NTLM version 1 */
#ifdef USE_NTRESPONSES
result = Curl_ntlm_core_mk_nt_hash(passwdp, ntbuffer);
if(result)
return result;
Curl_ntlm_core_lm_resp(ntbuffer, &ntlm->nonce[0], ntresp);
#endif
result = Curl_ntlm_core_mk_lm_hash(passwdp, lmbuffer);
if(result)
@ -658,12 +599,8 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
}
lmrespoff = 64; /* size of the message header */
#ifdef USE_NTRESPONSES
ntrespoff = lmrespoff + 0x18;
domoff = ntrespoff + ntresplen;
#else
domoff = lmrespoff + 0x18;
#endif
useroff = domoff + domlen;
hostoff = useroff + userlen;
@ -718,17 +655,11 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
SHORTPAIR(lmrespoff),
0x0, 0x0,
#ifdef USE_NTRESPONSES
SHORTPAIR(ntresplen), /* NT-response length, twice */
SHORTPAIR(ntresplen),
SHORTPAIR(ntrespoff),
0x0, 0x0,
#else
0x0, 0x0,
0x0, 0x0,
0x0, 0x0,
0x0, 0x0,
#endif
SHORTPAIR(domlen),
SHORTPAIR(domlen),
SHORTPAIR(domoff),
@ -765,7 +696,6 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
ntlm_print_hex(stderr, (char *)&ntlmbuf[lmrespoff], 0x18);
});
#ifdef USE_NTRESPONSES
/* ntresplen + size should not be risking an integer overflow here */
if(ntresplen + size > sizeof(ntlmbuf)) {
failf(data, "incoming NTLM message too big");
@ -782,8 +712,6 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
free(ntlmv2resp);/* Free the dynamic buffer allocated for NTLMv2 */
#endif
DEBUG_OUT({
fprintf(stderr, "\n flags=0x%02.2x%02.2x%02.2x%02.2x 0x%08.8x ",
LONGQUARTET(ntlm->flags), ntlm->flags);