hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Wright (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1624) NTLMresp in type3message is being generated wrong when using NEGOTIATE_NTLM2_KEY
Date Thu, 26 Feb 2015 22:38:04 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14339324#comment-14339324
] 

Karl Wright commented on HTTPCLIENT-1624:
-----------------------------------------

Hi Jason,

bq. When the type2 message comes back, if it has the NEGOTIATE_NTLM2_KEY (known by microsoft
as NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) the NTLMEngineImpl does not check this flag.

It does check that flag (called "FLAG_REQUEST_NTLM2_SESSION" in NTLMEngineImpl), just not
if it thinks that NTLMv2 has been specified.  It thinks NTLMv2 is specified whenever it sees
FLAG_TARGETINFO_PRESENT (0x00800000), so that overrides the request for NTLM 2 Session Response.

If you think the logic is wrong, please describe how you would modify the code snippet above
to correct it.  Please bear in mind that in experiments with Windows machines, in my experience
the logic is in fact correct; TARGETINFO_PRESENT supercedes REQUEST_NTLM2_SESSION.  But it
is possible that there is some other flag or combination of flags that is needed to decide
that NTLMv2 should be used.  Please help clear up this matter.


> NTLMresp in type3message is being generated wrong when using NEGOTIATE_NTLM2_KEY
> --------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1624
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1624
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpAuth
>    Affects Versions: 4.3.6, 4.4 Final
>         Environment: Running from a linux box, connecting to a windows 7 machine.
>            Reporter: Jason Forand
>         Attachments: wireshark_400.pcapng
>
>
> When connecting to a windows host using NTLM authentication, if the windows host passes
back the 
> NEGOTIATE_UNICODE
> REQUEST_TARGET
> NEGOTIATE_SIGN
> NEGOTIATE_SEAL
> NEGOTITATE_LAN_MANAGER_KEY
> NEGOTIATE_NTLM
> NEGOTIATE_ALWAYS_SIGN
> TARGET_TYPE_DOMAIN
> NEGOTIATE_NTLM2_KEY
> NEGOTIATE_TARGET_INFO
> UNKNOWN_4
> NEGOTIATE_128
> NEGOTIATE_KEY_EXCHANGE
> NEGOTIATE_56
> flags, (in this case the offending flag is NEGOTIATE_NTLM2_KEY) the type3 message is
generating an ntresp using 
> http://davenport.sourceforge.net/ntlm.html#theNtlmv2Response when it should be generating
according to http://davenport.sourceforge.net/ntlm.html#theNtlm2SessionResponse 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message