Loading CHANGES +24 −0 Original line number Diff line number Diff line Loading @@ -6,6 +6,30 @@ Changelog Daniel (22 March 2004) - Enabled "NT responses" in the NTLM authentication. Doing this simply means that we provide an extra chunk of data in each "type-3 message". The only reason for doing this is that it seems that using only the "Lanmanager hash" (as we've been doing until now) doesn't support passwords longer than 14 characters and it turns out there are users out there who want to use libcurl and NTLM with such passwords! ;-) Seven NTLM-related test cases were updated accordingly. Mentioned as issue 29 in TODO-RELEASE, bug report #915609 - Moved the generated libcurl version info to a new header file, named curl/curlver.h. Now interested parties can include ONLY version info, should anyone want that (and it seems at least some windows resource files would). Mentioned as issue 27 in TODO-RELEASE. Daniel (21 March 2004) - Fixed the root Makefile to use tabs for the netware target. Günter Knauf pointed this out. - Marty Kuhrt's VMS cleanup - Thomas Schwinge made buildconf recognize ACLOCAL_FLAGS to invoke aclocal with particular pre-determined options. Version 7.11.1 (19 March 2004) Daniel (18 March 2004) Loading TODO-RELEASE +0 −4 Original line number Diff line number Diff line Loading @@ -27,10 +27,6 @@ To get fixed in 7.11.2 (planned release May/June 2004) 28. Optimize the way libcurl uses CWD on each new request over a persistent connection (on FTP) even if it doesn't have to. 29. Define USE_NTRESPONSES in the NTLM code to work properly with >14 letter passwords against IIS servers. Requires test cases to be updated accordingly. #915609 30. Digest re-negotiation is not supported, we wrongly assume a new 401 response to signify an authenticaion error. We need to detect the difference between a 401 due to a bad Digest authorization header and a Loading lib/http_ntlm.c +1 −1 Original line number Diff line number Diff line Loading @@ -77,7 +77,7 @@ #endif /* Define this to make the type-3 message include the NT response message */ #undef USE_NTRESPONSES #define USE_NTRESPONSES 1 /* (*) = A "security buffer" is a triplet consisting of two shorts and one Loading tests/data/test67 +1 −1 Original line number Diff line number Diff line Loading @@ -72,7 +72,7 @@ Pragma: no-cache Accept: */* GET /67 HTTP/1.1 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145 User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 Host: 127.0.0.1:8999 Pragma: no-cache Loading tests/data/test68 +1 −1 Original line number Diff line number Diff line Loading @@ -74,7 +74,7 @@ Pragma: no-cache Accept: */* GET /68 HTTP/1.1 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145 User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 Host: 127.0.0.1:8999 Pragma: no-cache Loading Loading
CHANGES +24 −0 Original line number Diff line number Diff line Loading @@ -6,6 +6,30 @@ Changelog Daniel (22 March 2004) - Enabled "NT responses" in the NTLM authentication. Doing this simply means that we provide an extra chunk of data in each "type-3 message". The only reason for doing this is that it seems that using only the "Lanmanager hash" (as we've been doing until now) doesn't support passwords longer than 14 characters and it turns out there are users out there who want to use libcurl and NTLM with such passwords! ;-) Seven NTLM-related test cases were updated accordingly. Mentioned as issue 29 in TODO-RELEASE, bug report #915609 - Moved the generated libcurl version info to a new header file, named curl/curlver.h. Now interested parties can include ONLY version info, should anyone want that (and it seems at least some windows resource files would). Mentioned as issue 27 in TODO-RELEASE. Daniel (21 March 2004) - Fixed the root Makefile to use tabs for the netware target. Günter Knauf pointed this out. - Marty Kuhrt's VMS cleanup - Thomas Schwinge made buildconf recognize ACLOCAL_FLAGS to invoke aclocal with particular pre-determined options. Version 7.11.1 (19 March 2004) Daniel (18 March 2004) Loading
TODO-RELEASE +0 −4 Original line number Diff line number Diff line Loading @@ -27,10 +27,6 @@ To get fixed in 7.11.2 (planned release May/June 2004) 28. Optimize the way libcurl uses CWD on each new request over a persistent connection (on FTP) even if it doesn't have to. 29. Define USE_NTRESPONSES in the NTLM code to work properly with >14 letter passwords against IIS servers. Requires test cases to be updated accordingly. #915609 30. Digest re-negotiation is not supported, we wrongly assume a new 401 response to signify an authenticaion error. We need to detect the difference between a 401 due to a bad Digest authorization header and a Loading
lib/http_ntlm.c +1 −1 Original line number Diff line number Diff line Loading @@ -77,7 +77,7 @@ #endif /* Define this to make the type-3 message include the NT response message */ #undef USE_NTRESPONSES #define USE_NTRESPONSES 1 /* (*) = A "security buffer" is a triplet consisting of two shorts and one Loading
tests/data/test67 +1 −1 Original line number Diff line number Diff line Loading @@ -72,7 +72,7 @@ Pragma: no-cache Accept: */* GET /67 HTTP/1.1 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145 User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 Host: 127.0.0.1:8999 Pragma: no-cache Loading
tests/data/test68 +1 −1 Original line number Diff line number Diff line Loading @@ -74,7 +74,7 @@ Pragma: no-cache Accept: */* GET /68 HTTP/1.1 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAAAAAAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAABgAAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FB Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAACAAIAEAAAAAAAAAASAAAAAAAAAB4AAAAAYIAAHRlc3R1c2VyWmRDApEJkUyGOPS3DjvASModEeW/N/FBqYVyF4y6/y/7F6qmEQ7lXjXFF3tH1145 User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1 OpenSSL/0.9.7a ipv6 zlib/1.1.3 Host: 127.0.0.1:8999 Pragma: no-cache Loading
