[jira] [Commented] (HTTPCLIENT-1624) NTLMresp in type3message is being generated wrong when using NEGOTIATE_NTLM2_KEY

Thu, 26 Feb 2015 14:39:19 -0800 

    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14339324#comment-14339324
 ] 

Karl Wright commented on HTTPCLIENT-1624:
-----------------------------------------

Hi Jason,

bq. When the type2 message comes back, if it has the NEGOTIATE_NTLM2_KEY (known 
by microsoft as NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) the NTLMEngineImpl 
does not check this flag.

It does check that flag (called "FLAG_REQUEST_NTLM2_SESSION" in 
NTLMEngineImpl), just not if it thinks that NTLMv2 has been specified.  It 
thinks NTLMv2 is specified whenever it sees FLAG_TARGETINFO_PRESENT 
(0x00800000), so that overrides the request for NTLM 2 Session Response.

If you think the logic is wrong, please describe how you would modify the code 
snippet above to correct it.  Please bear in mind that in experiments with 
Windows machines, in my experience the logic is in fact correct; 
TARGETINFO_PRESENT supercedes REQUEST_NTLM2_SESSION.  But it is possible that 
there is some other flag or combination of flags that is needed to decide that 
NTLMv2 should be used.  Please help clear up this matter.


> NTLMresp in type3message is being generated wrong when using 
> NEGOTIATE_NTLM2_KEY
> --------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1624
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1624
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpAuth
>    Affects Versions: 4.3.6, 4.4 Final
>         Environment: Running from a linux box, connecting to a windows 7 
> machine.
>            Reporter: Jason Forand
>         Attachments: wireshark_400.pcapng
>
>
> When connecting to a windows host using NTLM authentication, if the windows 
> host passes back the 
> NEGOTIATE_UNICODE
> REQUEST_TARGET
> NEGOTIATE_SIGN
> NEGOTIATE_SEAL
> NEGOTITATE_LAN_MANAGER_KEY
> NEGOTIATE_NTLM
> NEGOTIATE_ALWAYS_SIGN
> TARGET_TYPE_DOMAIN
> NEGOTIATE_NTLM2_KEY
> NEGOTIATE_TARGET_INFO
> UNKNOWN_4
> NEGOTIATE_128
> NEGOTIATE_KEY_EXCHANGE
> NEGOTIATE_56
> flags, (in this case the offending flag is NEGOTIATE_NTLM2_KEY) the type3 
> message is generating an ntresp using 
> http://davenport.sourceforge.net/ntlm.html#theNtlmv2Response when it should 
> be generating according to 
> http://davenport.sourceforge.net/ntlm.html#theNtlm2SessionResponse 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to