Loading configure.ac +4 −4 Original line number Diff line number Diff line Loading @@ -3697,8 +3697,8 @@ fi if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then if test "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \ -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \ -o "x$DARWINSSL_ENABLED" = "x1"; then -o "x$GNUTLS_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ -o "x$NSS_ENABLED" = "x1" -o "x$DARWINSSL_ENABLED" = "x1"; then SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM" if test "x$CURL_DISABLE_HTTP" != "x1" -a \ Loading Loading @@ -3770,8 +3770,8 @@ fi if test "x$CURL_DISABLE_SMB" != "x1" \ -a "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" \ -a \( "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \ -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \ -o "x$DARWINSSL_ENABLED" = "x1" \); then -o "x$GNUTLS_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ -o "x$NSS_ENABLED" = "x1" -o "x$DARWINSSL_ENABLED" = "x1" \); then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB" if test "x$SSL_ENABLED" = "x1"; then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMBS" Loading docs/FAQ +2 −2 Original line number Diff line number Diff line Loading @@ -968,8 +968,8 @@ FAQ 4.9 Curl can't authenticate to the server that requires NTLM? NTLM support requires OpenSSL, GnuTLS, NSS, Secure Transport, or Microsoft Windows libraries at build-time to provide this functionality. NTLM support requires OpenSSL, GnuTLS, mbedTLS, NSS, Secure Transport, or Microsoft Windows libraries at build-time to provide this functionality. NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You should not use such ones. Loading docs/FEATURES +2 −2 Original line number Diff line number Diff line Loading @@ -195,8 +195,8 @@ FOOTNOTES *7 = requires OpenSSL, NSS, GSKit, WinSSL or Secure Transport; GnuTLS, for example, only supports SSLv3 and TLSv1 *8 = requires libssh2 *9 = requires OpenSSL, GnuTLS, NSS, yassl, Secure Transport or SSPI (native Windows) *9 = requires OpenSSL, GnuTLS, mbedTLS, NSS, yassl, Secure Transport or SSPI (native Windows) *10 = requires any of the SSL libraries in (*1) above other than axTLS, which does not support SSLv3 *11 = requires libidn or Windows Loading lib/curl_ntlm_core.c +31 −4 Original line number Diff line number Diff line Loading @@ -76,6 +76,11 @@ # define MD5_DIGEST_LENGTH 16 # define MD4_DIGEST_LENGTH 16 #elif defined(USE_MBEDTLS) # include <mbedtls/des.h> # include <mbedtls/md4.h> #elif defined(USE_NSS) # include <nss.h> Loading Loading @@ -188,6 +193,26 @@ static void setup_des_key(const unsigned char *key_56, gcry_cipher_setkey(*des, key, sizeof(key)); } #elif defined(USE_MBEDTLS) static bool encrypt_des(const unsigned char *in, unsigned char *out, const unsigned char *key_56) { mbedtls_des_context ctx; char key[8]; /* Expand the 56-bit key to 64-bits */ extend_key_56_to_64(key_56, key); /* Set the key parity to odd */ mbedtls_des_key_set_parity((unsigned char *) key); /* Perform the encryption */ mbedtls_des_init(&ctx); mbedtls_des_setkey_enc(&ctx, (unsigned char *) key); return mbedtls_des_crypt_ecb(&ctx, in, out) == 0; } #elif defined(USE_NSS) /* Loading Loading @@ -400,8 +425,8 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys, setup_des_key(keys + 14, &des); gcry_cipher_encrypt(des, results + 16, 8, plaintext, 8); gcry_cipher_close(des); #elif defined(USE_NSS) || defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) \ || defined(USE_WIN32_CRYPTO) #elif defined(USE_MBEDTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) \ || defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) encrypt_des(plaintext, results, keys); encrypt_des(plaintext, results + 8, keys + 7); encrypt_des(plaintext, results + 16, keys + 14); Loading Loading @@ -464,8 +489,8 @@ CURLcode Curl_ntlm_core_mk_lm_hash(struct Curl_easy *data, setup_des_key(pw + 7, &des); gcry_cipher_encrypt(des, lmbuffer + 8, 8, magic, 8); gcry_cipher_close(des); #elif defined(USE_NSS) || defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) \ || defined(USE_WIN32_CRYPTO) #elif defined(USE_MBEDTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) \ || defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) encrypt_des(magic, lmbuffer, pw); encrypt_des(magic, lmbuffer + 8, pw + 7); #endif Loading Loading @@ -543,6 +568,8 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data, gcry_md_write(MD4pw, pw, 2 * len); memcpy (ntbuffer, gcry_md_read (MD4pw, 0), MD4_DIGEST_LENGTH); gcry_md_close(MD4pw); #elif defined(USE_MBEDTLS) mbedtls_md4(pw, 2 * len, ntbuffer); #elif defined(USE_NSS) || defined(USE_OS400CRYPTO) Curl_md4it(ntbuffer, pw, 2 * len); #elif defined(USE_DARWINSSL) Loading lib/curl_setup.h +3 −2 Original line number Diff line number Diff line Loading @@ -634,8 +634,9 @@ int netware_init(void); /* Single point where USE_NTLM definition might be defined */ #if !defined(CURL_DISABLE_NTLM) && !defined(CURL_DISABLE_CRYPTO_AUTH) #if defined(USE_OPENSSL) || defined(USE_WINDOWS_SSPI) || \ defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) || \ defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) defined(USE_GNUTLS) || defined(USE_MBEDTLS) || defined(USE_NSS) || \ defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) || \ defined(USE_WIN32_CRYPTO) #define USE_NTLM #endif Loading Loading
configure.ac +4 −4 Original line number Diff line number Diff line Loading @@ -3697,8 +3697,8 @@ fi if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then if test "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \ -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \ -o "x$DARWINSSL_ENABLED" = "x1"; then -o "x$GNUTLS_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ -o "x$NSS_ENABLED" = "x1" -o "x$DARWINSSL_ENABLED" = "x1"; then SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM" if test "x$CURL_DISABLE_HTTP" != "x1" -a \ Loading Loading @@ -3770,8 +3770,8 @@ fi if test "x$CURL_DISABLE_SMB" != "x1" \ -a "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" \ -a \( "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \ -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \ -o "x$DARWINSSL_ENABLED" = "x1" \); then -o "x$GNUTLS_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ -o "x$NSS_ENABLED" = "x1" -o "x$DARWINSSL_ENABLED" = "x1" \); then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB" if test "x$SSL_ENABLED" = "x1"; then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMBS" Loading
docs/FAQ +2 −2 Original line number Diff line number Diff line Loading @@ -968,8 +968,8 @@ FAQ 4.9 Curl can't authenticate to the server that requires NTLM? NTLM support requires OpenSSL, GnuTLS, NSS, Secure Transport, or Microsoft Windows libraries at build-time to provide this functionality. NTLM support requires OpenSSL, GnuTLS, mbedTLS, NSS, Secure Transport, or Microsoft Windows libraries at build-time to provide this functionality. NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You should not use such ones. Loading
docs/FEATURES +2 −2 Original line number Diff line number Diff line Loading @@ -195,8 +195,8 @@ FOOTNOTES *7 = requires OpenSSL, NSS, GSKit, WinSSL or Secure Transport; GnuTLS, for example, only supports SSLv3 and TLSv1 *8 = requires libssh2 *9 = requires OpenSSL, GnuTLS, NSS, yassl, Secure Transport or SSPI (native Windows) *9 = requires OpenSSL, GnuTLS, mbedTLS, NSS, yassl, Secure Transport or SSPI (native Windows) *10 = requires any of the SSL libraries in (*1) above other than axTLS, which does not support SSLv3 *11 = requires libidn or Windows Loading
lib/curl_ntlm_core.c +31 −4 Original line number Diff line number Diff line Loading @@ -76,6 +76,11 @@ # define MD5_DIGEST_LENGTH 16 # define MD4_DIGEST_LENGTH 16 #elif defined(USE_MBEDTLS) # include <mbedtls/des.h> # include <mbedtls/md4.h> #elif defined(USE_NSS) # include <nss.h> Loading Loading @@ -188,6 +193,26 @@ static void setup_des_key(const unsigned char *key_56, gcry_cipher_setkey(*des, key, sizeof(key)); } #elif defined(USE_MBEDTLS) static bool encrypt_des(const unsigned char *in, unsigned char *out, const unsigned char *key_56) { mbedtls_des_context ctx; char key[8]; /* Expand the 56-bit key to 64-bits */ extend_key_56_to_64(key_56, key); /* Set the key parity to odd */ mbedtls_des_key_set_parity((unsigned char *) key); /* Perform the encryption */ mbedtls_des_init(&ctx); mbedtls_des_setkey_enc(&ctx, (unsigned char *) key); return mbedtls_des_crypt_ecb(&ctx, in, out) == 0; } #elif defined(USE_NSS) /* Loading Loading @@ -400,8 +425,8 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys, setup_des_key(keys + 14, &des); gcry_cipher_encrypt(des, results + 16, 8, plaintext, 8); gcry_cipher_close(des); #elif defined(USE_NSS) || defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) \ || defined(USE_WIN32_CRYPTO) #elif defined(USE_MBEDTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) \ || defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) encrypt_des(plaintext, results, keys); encrypt_des(plaintext, results + 8, keys + 7); encrypt_des(plaintext, results + 16, keys + 14); Loading Loading @@ -464,8 +489,8 @@ CURLcode Curl_ntlm_core_mk_lm_hash(struct Curl_easy *data, setup_des_key(pw + 7, &des); gcry_cipher_encrypt(des, lmbuffer + 8, 8, magic, 8); gcry_cipher_close(des); #elif defined(USE_NSS) || defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) \ || defined(USE_WIN32_CRYPTO) #elif defined(USE_MBEDTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) \ || defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) encrypt_des(magic, lmbuffer, pw); encrypt_des(magic, lmbuffer + 8, pw + 7); #endif Loading Loading @@ -543,6 +568,8 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data, gcry_md_write(MD4pw, pw, 2 * len); memcpy (ntbuffer, gcry_md_read (MD4pw, 0), MD4_DIGEST_LENGTH); gcry_md_close(MD4pw); #elif defined(USE_MBEDTLS) mbedtls_md4(pw, 2 * len, ntbuffer); #elif defined(USE_NSS) || defined(USE_OS400CRYPTO) Curl_md4it(ntbuffer, pw, 2 * len); #elif defined(USE_DARWINSSL) Loading
lib/curl_setup.h +3 −2 Original line number Diff line number Diff line Loading @@ -634,8 +634,9 @@ int netware_init(void); /* Single point where USE_NTLM definition might be defined */ #if !defined(CURL_DISABLE_NTLM) && !defined(CURL_DISABLE_CRYPTO_AUTH) #if defined(USE_OPENSSL) || defined(USE_WINDOWS_SSPI) || \ defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) || \ defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) defined(USE_GNUTLS) || defined(USE_MBEDTLS) || defined(USE_NSS) || \ defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) || \ defined(USE_WIN32_CRYPTO) #define USE_NTLM #endif Loading
