From 9c1e1a6105f34ffe3b5a16e874a92c9558ddbd96 Mon Sep 17 00:00:00 2001 From: Patrick Monnerat Date: Tue, 6 Apr 2021 19:32:21 +0200 Subject: ntlm: fix negotiated flags usage According to Microsoft document MS-NLMP, current flags usage is not accurate: flag NTLMFLAG_NEGOTIATE_NTLM2_KEY controls the use of extended security in an NTLM authentication message and NTLM version 2 cannot be negotiated within the protocol. The solution implemented here is: if the extended security flag is set, prefer using NTLM version 2 (as a server featuring extended security should also support version 2). If version 2 has been disabled at compile time, use extended security. Tests involving NTLM are adjusted to this new behavior. Fixes #6813 Closes #6849 --- tests/data/test68 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/data/test68') diff --git a/tests/data/test68 b/tests/data/test68 index c26f4c6b8..cd3378b5a 100644 --- a/tests/data/test68 +++ b/tests/data/test68 @@ -90,7 +90,7 @@ Accept: */* GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBADQzMjE1MzIxAAAAAAAAAAAAAAAAAAAAADj3hs3u3j0kgJqCrLM+74BmaoNHDfIJjHRlc3R1c2VyY3VybGhvc3Q= +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyY3VybGhvc3Q= User-Agent: curl/%VERSION Accept: */* -- cgit v1.2.1