[jira] [Commented] (HTTPCLIENT-1624) NTLMresp in type3message is being generated wrong when using NEGOTIATE_NTLM2_KEY

Mon, 09 Mar 2015 07:27:14 -0700 

    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14353027#comment-14353027
 ] 

Jason Forand commented on HTTPCLIENT-1624:
------------------------------------------

Hi Karl,

The only machines I have tested have been newer ( > windows server 2003).

If encryption is not supported, then the values that are generated by the 
type3message are correct.
If 128 bit encryption is supported, then the values that are generated by the 
type3message are incorrect.

Since at present you don't support encryption, I am unsure as to whether or not 
you would even want to classify this as a bug.

> NTLMresp in type3message is being generated wrong when using 
> NEGOTIATE_NTLM2_KEY
> --------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1624
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1624
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpAuth
>    Affects Versions: 4.3.6, 4.4 Final
>         Environment: Running from a linux box, connecting to a windows 7 
> machine.
>            Reporter: Jason Forand
>            Assignee: Karl Wright
>         Attachments: wireshark_400.pcapng
>
>
> When connecting to a windows host using NTLM authentication, if the windows 
> host passes back the 
> NEGOTIATE_UNICODE
> REQUEST_TARGET
> NEGOTIATE_SIGN
> NEGOTIATE_SEAL
> NEGOTITATE_LAN_MANAGER_KEY
> NEGOTIATE_NTLM
> NEGOTIATE_ALWAYS_SIGN
> TARGET_TYPE_DOMAIN
> NEGOTIATE_NTLM2_KEY
> NEGOTIATE_TARGET_INFO
> UNKNOWN_4
> NEGOTIATE_128
> NEGOTIATE_KEY_EXCHANGE
> NEGOTIATE_56
> flags, (in this case the offending flag is NEGOTIATE_NTLM2_KEY) the type3 
> message is generating an ntresp using 
> http://davenport.sourceforge.net/ntlm.html#theNtlmv2Response when it should 
> be generating according to 
> http://davenport.sourceforge.net/ntlm.html#theNtlm2SessionResponse 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to