Commit 8ee18228 authored by Ulrich Telle's avatar Ulrich Telle Committed by Steve Holme
Browse files

ntlm: Fixed HTTP proxy authentication when using Windows SSPI 

Removed ISC_REQ_* flags from calls to InitializeSecurityContext to fix
bug in NTLM handshake for HTTP proxy authentication.

NTLM handshake for HTTP proxy authentication failed with error
SEC_E_INVALID_TOKEN from InitializeSecurityContext for certain proxy
servers on generating the NTLM Type-3 message.

The flag ISC_REQ_CONFIDENTIALITY seems to cause the problem according
to the observations and suggestions made in a bug report for the
QT project (https://bugreports.qt-project.org/browse/QTBUG-17322).

Removing all the flags solved the problem.

Bug: http://curl.haxx.se/mail/lib-2014-08/0273.html
Reported-by: Ulrich Telle
Assisted-by: Steve Holme, Daniel Stenberg
parent 006b61eb

lib/curl_ntlm_msgs.c

+7 −10
Original line number Diff line number Diff line
@@ -476,10 +476,7 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp, 
  /* Generate our type-1 message */

  status = s_pSecFn->InitializeSecurityContext(&ntlm->handle, NULL,

                                               (TCHAR *) TEXT(""),

                                               ISC_REQ_CONFIDENTIALITY |

                                               ISC_REQ_REPLAY_DETECT |

                                               ISC_REQ_CONNECTION,

                                               0, SECURITY_NETWORK_DREP,

                                               0, 0, SECURITY_NETWORK_DREP,

                                               NULL, 0,

                                               &ntlm->c_handle, &type_1_desc,

                                               &attrs, &tsDummy);
@@ -641,7 +638,6 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data, 


  (void)passwdp;

  (void)userp;

  (void)data;



  /* Setup the type-2 "input" security buffer */

  type_2_desc.ulVersion = SECBUFFER_VERSION;
@@ -663,16 +659,17 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data, 
  status = s_pSecFn->InitializeSecurityContext(&ntlm->handle,

                                               &ntlm->c_handle,

                                               (TCHAR *) TEXT(""),

                                               ISC_REQ_CONFIDENTIALITY |

                                               ISC_REQ_REPLAY_DETECT |

                                               ISC_REQ_CONNECTION,

                                               0, SECURITY_NETWORK_DREP,

                                               0, 0, SECURITY_NETWORK_DREP,

                                               &type_2_desc,

                                               0, &ntlm->c_handle,

                                               &type_3_desc,

                                               &attrs, &tsDummy);

  if(status != SEC_E_OK)

  if(status != SEC_E_OK) {

    infof(data, "NTLM handshake failure (type-3 message): Status=%x\n",

          status);



    return CURLE_RECV_ERROR;

  }



  size = type_3_buf.cbBuffer;