diff options
| author | Patrick Monnerat <patrick@monnerat.net> | 2021-04-06 19:32:21 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2021-04-09 09:40:56 +0200 |
| commit | 9c1e1a6105f34ffe3b5a16e874a92c9558ddbd96 (patch) | |
| tree | b68658c6245d378b2ccefbc3feca3faeab6619ef /tests/data/test827 | |
| parent | cca455a36b7c3472fa64b148ded9a11deef93017 (diff) | |
| download | curl-9c1e1a6105f34ffe3b5a16e874a92c9558ddbd96.tar.gz | |
ntlm: fix negotiated flags usage
According to Microsoft document MS-NLMP, current flags usage is not
accurate: flag NTLMFLAG_NEGOTIATE_NTLM2_KEY controls the use of
extended security in an NTLM authentication message and NTLM version 2
cannot be negotiated within the protocol.
The solution implemented here is: if the extended security flag is set,
prefer using NTLM version 2 (as a server featuring extended security
should also support version 2). If version 2 has been disabled at
compile time, use extended security.
Tests involving NTLM are adjusted to this new behavior.
Fixes #6813
Closes #6849
Diffstat (limited to 'tests/data/test827')
| -rw-r--r-- | tests/data/test827 | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/data/test827 b/tests/data/test827 index b828c9bf3..79e449b79 100644 --- a/tests/data/test827 +++ b/tests/data/test827 @@ -15,7 +15,7 @@ SASL-IR AUTH NTLM CAPA SASL-IR REPLY AUTHENTICATE + TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -REPLY TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBADQzMjE1MzIxAAAAAAAAAAAAAAAAAAAAADj3hs3u3j0kgJqCrLM+74BmaoNHDfIJjHRlc3R1c2VyY3VybGhvc3Q= A002 OK AUTHENTICATE completed +REPLY TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyY3VybGhvc3Q= A002 OK AUTHENTICATE completed </servercmd> <data> From: me@somewhere
@@ -63,7 +63,7 @@ chkhostname curlhost <protocol> A001 CAPABILITY
A002 AUTHENTICATE NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
-TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBADQzMjE1MzIxAAAAAAAAAAAAAAAAAAAAADj3hs3u3j0kgJqCrLM+74BmaoNHDfIJjHRlc3R1c2VyY3VybGhvc3Q=
+TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyY3VybGhvc3Q=
A003 SELECT %TESTNUMBER
A004 FETCH 1 BODY[]
A005 LOGOUT
|