--- J:/curl/curl-7.27.0-20120627/lib/curl_ntlm_msgs.c	Wed Jun 27 04:00:10 2012
+++ J:/curl/curl-7.27.0-20120627_patched/lib/curl_ntlm_msgs.c	Mon Jul 02 11:03:20 2012
@@ -353,9 +353,7 @@
   unsigned long attrs;
   const char *user;
   const char *domain = "";
-  size_t userlen = 0;
   size_t domlen = 0;
-  size_t passwdlen = 0;
   TimeStamp tsDummy; /* For Windows 9x compatibility of SSPI calls */
 
   Curl_ntlm_sspi_cleanup(ntlm);
@@ -375,13 +373,7 @@
     domlen = 0;
   }
 
-  if(user)
-    userlen = strlen(user);
-
-  if(passwdp)
-    passwdlen = strlen(passwdp);
-
-  if(userlen > 0) {
+  if(user && *user) {
     /* note: initialize all of this before doing the mallocs so that
      * it can be cleaned up later without leaking memory.
      */
@@ -395,7 +387,7 @@
       return CURLE_OUT_OF_MEMORY;
 #endif
 
-    ntlm->identity.UserLength = (unsigned long)userlen;
+    ntlm->identity.UserLength = (unsigned long)_tcslen((TCHAR *)ntlm->identity.User);
 #ifdef UNICODE
     if((ntlm->identity.Password = Curl_convert_UTF8_to_wchar(passwdp)) == NULL)
       return CURLE_OUT_OF_MEMORY;
@@ -404,14 +396,23 @@
       return CURLE_OUT_OF_MEMORY;
 #endif
 
-    ntlm->identity.PasswordLength = (unsigned long)passwdlen;
+    ntlm->identity.PasswordLength = (unsigned long)_tcslen((TCHAR *)ntlm->identity.Password);
+#ifdef UNICODE
+	if((ntlm->identity.Domain = Curl_convert_UTF8_to_wchar(domain)) == NULL)
+		return CURLE_OUT_OF_MEMORY;
+#else
     if((ntlm->identity.Domain = malloc(domlen + 1)) == NULL)
       return CURLE_OUT_OF_MEMORY;
 
     strncpy((char *)ntlm->identity.Domain, domain, domlen);
-    ntlm->identity.Domain[domlen] = '\0';
+#endif
+    ntlm->identity.Domain[domlen] = TEXT('\0');
     ntlm->identity.DomainLength = (unsigned long)domlen;
+#ifdef UNICODE
+	ntlm->identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
+#else
     ntlm->identity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
+#endif
   }
   else
     ntlm->p_identity = NULL;