[Mono-dev] patch for (and question about) Mono.Security.Protocol.Ntlm

Atsushi Eno atsushi at ximian.com
Mon Mar 26 15:50:44 EDT 2007


Hi,

During WCF hacking I found that Mono.Security.Protocol.Ntlm looks
based on somewhat old analysis.

Currently the code does not look "version" aware. According to
http://davenport.sourceforge.net/ntlm.html , there seems three
ntlm versions and the message layout is diffrent for each version.
And WCF SSPI negotiation seems based on version3, which is not
what current code supports.

So I have created a patch to add support for every version of NTLM.
It is not a small, but the purpose is to handle "optional" fields
denoted in the document above.

This patch however breaks some NUnit tests. But as long as I see
the test buffers, they do not seem conformant to the document
above... how were those test buffers created?

(Also, existing message type1 looks based on version 2, while
message type2 and message type3 do not look so, but I'm not sure.
They hence resulted in weird default version mismatch in my patch...)

Atsushi Eno
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: version-aware-ntlm.patch
Url: http://lists.ximian.com/pipermail/mono-devel-list/attachments/20070327/39f2e7e0/attachment.pl 


More information about the Mono-devel-list mailing list