diff --git a/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java b/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java index 22ae8b80e..1e74849a3 100644 --- a/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java +++ b/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java @@ -33,6 +33,7 @@ import java.util.Locale; import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec; +import javax.crypto.Mac; import org.apache.commons.codec.binary.Base64; import org.apache.http.util.EncodingUtils; @@ -966,7 +967,7 @@ final class NTLMEngineImpl implements NTLMEngine { String getResponse() { // Now, build the message. Calculate its length first, including // signature or type. - int finalLength = 32 + 8 + hostBytes.length + domainBytes.length; + int finalLength = 32 + 8 /*+ hostBytes.length + domainBytes.length */; // Set up the response. This will initialize the signature, message // type, and flags. @@ -974,11 +975,11 @@ final class NTLMEngineImpl implements NTLMEngine { // Flags. These are the complete set of flags we support. addULong( - FLAG_WORKSTATION_PRESENT | - FLAG_DOMAIN_PRESENT | + //FLAG_WORKSTATION_PRESENT | + //FLAG_DOMAIN_PRESENT | // Required flags - //FLAG_REQUEST_LAN_MANAGER_KEY | + FLAG_REQUEST_LAN_MANAGER_KEY | FLAG_REQUEST_NTLMv1 | FLAG_REQUEST_NTLM2_SESSION | @@ -986,28 +987,27 @@ final class NTLMEngineImpl implements NTLMEngine { FLAG_REQUEST_VERSION | // Recommended privacy settings - //FLAG_REQUEST_ALWAYS_SIGN | + FLAG_REQUEST_ALWAYS_SIGN | //FLAG_REQUEST_SEAL | - //FLAG_REQUEST_SIGN | + FLAG_REQUEST_SIGN | // These must be set according to documentation, based on use of SEAL above - //FLAG_REQUEST_128BIT_KEY_EXCH | - //FLAG_REQUEST_56BIT_ENCRYPTION | - //FLAG_REQUEST_EXPLICIT_KEY_EXCH | + FLAG_REQUEST_128BIT_KEY_EXCH | + FLAG_REQUEST_56BIT_ENCRYPTION | + FLAG_REQUEST_EXPLICIT_KEY_EXCH | - FLAG_REQUEST_UNICODE_ENCODING | - FLAG_REQUEST_TARGET); + FLAG_REQUEST_UNICODE_ENCODING); // Domain length (two times). - addUShort(domainBytes.length); - addUShort(domainBytes.length); + addUShort(/*domainBytes.length*/0); + addUShort(/*domainBytes.length*/0); // Domain offset. - addULong(hostBytes.length + 32 + 8); + addULong(/*hostBytes.length +*/ 32 + 8); // Host length (two times). - addUShort(hostBytes.length); - addUShort(hostBytes.length); + addUShort(/*hostBytes.length*/0); + addUShort(/*hostBytes.length*/0); // Host offset (always 32 + 8). addULong(32 + 8); @@ -1017,14 +1017,14 @@ final class NTLMEngineImpl implements NTLMEngine { // Build addULong(2600); // NTLM revision - addUShort(15); + addUShort(0x0f00); // Host (workstation) String. - addBytes(hostBytes); + //addBytes(hostBytes); // Domain String. - addBytes(domainBytes); + //addBytes(domainBytes); return super.getResponse(); @@ -1149,7 +1149,9 @@ final class NTLMEngineImpl implements NTLMEngine { // seems warranted. byte[] userSessionKey; try { - if (((type2Flags & FLAG_REQUEST_NTLM2_SESSION) == 0) && + // This conditional may not work on Windows Server 2008 R2 and above, where it has not yet + // been tested + if (((type2Flags & FLAG_TARGETINFO_PRESENT) != 0) && targetInformation != null && target != null) { // NTLMv2 ntResp = gen.getNTLMv2Response(); @@ -1299,8 +1301,9 @@ final class NTLMEngineImpl implements NTLMEngine { (type2Flags & FLAG_REQUEST_56BIT_ENCRYPTION) | (type2Flags & FLAG_REQUEST_EXPLICIT_KEY_EXCH) | - FLAG_REQUEST_UNICODE_ENCODING | - FLAG_REQUEST_TARGET + (type2Flags & FLAG_TARGETINFO_PRESENT) | + (type2Flags & FLAG_REQUEST_UNICODE_ENCODING) | + (type2Flags & FLAG_REQUEST_TARGET) ); // Version @@ -1308,7 +1311,7 @@ final class NTLMEngineImpl implements NTLMEngine { // Build addULong(2600); // NTLM revision - addUShort(15); + addUShort(0x0f00); // Add the actual data addBytes(lmResp); @@ -1388,7 +1391,7 @@ final class NTLMEngineImpl implements NTLMEngine { int transferAmt = input.length - inputIndex; System.arraycopy(input, inputIndex, dataBuffer, curBufferPos, transferAmt); count += transferAmt; - //curBufferPos += transferAmt; + curBufferPos += transferAmt; } }