Commit 5f830eab authored by Dan Fandrich's avatar Dan Fandrich
Browse files

mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable 

In that case, use libcurl's internal MD4 routine. This fixes tests 1013
and 1014 which were failing due to configure assuming NTLM and SMB were
always available whenever mbed TLS was in use (which is now true).
parent 49eee288

lib/curl_md4.h

+4 −4
Original line number Diff line number Diff line
@@ -24,12 +24,12 @@ 


#include "curl_setup.h"



/* NSS and OS/400 crypto library do not provide the MD4 hash algorithm, so

 * that we have a local implementation of it */

#if defined(USE_NSS) || defined(USE_OS400CRYPTO)

#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \

    (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))



void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len);



#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) */

#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) ||

    (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */



#endif /* HEADER_CURL_MD4_H */

lib/curl_ntlm_core.c

+6 −2
Original line number Diff line number Diff line
@@ -80,6 +80,9 @@ 


#  include <mbedtls/des.h>

#  include <mbedtls/md4.h>

#  if !defined(MBEDTLS_MD4_C)

#    include "curl_md4.h"

#  endif



#elif defined(USE_NSS)
@@ -568,10 +571,11 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data, 
    gcry_md_write(MD4pw, pw, 2 * len);

    memcpy(ntbuffer, gcry_md_read(MD4pw, 0), MD4_DIGEST_LENGTH);

    gcry_md_close(MD4pw);

#elif defined(USE_NSS) || defined(USE_OS400CRYPTO) || \

    (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))

    Curl_md4it(ntbuffer, pw, 2 * len);

#elif defined(USE_MBEDTLS)

    mbedtls_md4(pw, 2 * len, ntbuffer);

#elif defined(USE_NSS) || defined(USE_OS400CRYPTO)

    Curl_md4it(ntbuffer, pw, 2 * len);

#elif defined(USE_DARWINSSL)

    (void)CC_MD4(pw, (CC_LONG)(2 * len), ntbuffer);

#elif defined(USE_WIN32_CRYPTO)

lib/curl_setup.h

+4 −4
Original line number Diff line number Diff line
@@ -623,14 +623,14 @@ int netware_init(void); 
#if !defined(CURL_DISABLE_NTLM) && !defined(CURL_DISABLE_CRYPTO_AUTH)

#if defined(USE_OPENSSL) || defined(USE_WINDOWS_SSPI) || \

    defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) || \

    defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO)

    defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) || \

    defined(USE_MBEDTLS)



#define USE_NTLM



#elif defined(USE_MBEDTLS)

#  if defined(USE_MBEDTLS)

/* Get definition of MBEDTLS_MD4_C */

#  include <mbedtls/md4.h>

#  if defined(MBEDTLS_MD4_C)

#define USE_NTLM

#  endif



#endif

lib/md4.c

+6 −4
Original line number Diff line number Diff line
@@ -37,9 +37,10 @@ 


#include "curl_setup.h"



/* NSS and OS/400 crypto library do not provide the MD4 hash algorithm, so

 * that we have a local implementation of it */

#if defined(USE_NSS) || defined(USE_OS400CRYPTO)

/* The NSS, OS/400 and sometimes mbed TLS crypto libraries do not provide the

 * MD4 hash algorithm, so we have a local implementation of it */

#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \

    (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))



#include "curl_md4.h"

#include "warnless.h"
@@ -302,4 +303,5 @@ void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len) 
  MD4_Update(&ctx, input, curlx_uztoui(len));

  MD4_Final(output, &ctx);

}

#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) */
 
#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) ||

    (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */