diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2014-03-20 11:17:40 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2014-06-11 23:15:48 +0200 |
| commit | e95ca7cec9c8907646a2bf87e295a638d5b518fc (patch) | |
| tree | 62a7b361221a967288d0e0e83bda9d876ed1e232 /lib/curl_ntlm_msgs.c | |
| parent | ceacbacd149aa64612968d41c03d0577d427f075 (diff) | |
NTLM: set a fake entropy for debug builds with CURL_ENTROPY set
Curl_rand() will return a dummy and repatable random value for this
case. Makes it possible to write test cases that verify output.
Also, fake timestamp with CURL_FORCETIME set.
Only when built debug enabled of course.
Curl_ssl_random() was not used anymore so it has been
removed. Curl_rand() is enough.
create_digest_md5_message: generate base64 instead of hex string
curl_sasl: also fix memory leaks in some OOM situations
Diffstat (limited to 'lib/curl_ntlm_msgs.c')
| -rw-r--r-- | lib/curl_ntlm_msgs.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/lib/curl_ntlm_msgs.c b/lib/curl_ntlm_msgs.c index 969e6bf78..42bab2e59 100644 --- a/lib/curl_ntlm_msgs.c +++ b/lib/curl_ntlm_msgs.c @@ -703,16 +703,11 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data, #if USE_NTRESPONSES if(ntlm->target_info_len) { unsigned char ntbuffer[0x18]; - unsigned char entropy[8]; + unsigned int entropy[2]; unsigned char ntlmv2hash[0x18]; -#if defined(DEBUGBUILD) - /* Use static client nonce in debug (Test Suite) builds */ - memcpy(entropy, "12345678", sizeof(entropy)); -#else - /* Create an 8 byte random client nonce */ - Curl_ssl_random(data, entropy, sizeof(entropy)); -#endif + entropy[0] = Curl_rand(data); + entropy[1] = Curl_rand(data); res = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer); if(res) @@ -724,14 +719,16 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data, return res; /* LMv2 response */ - res = Curl_ntlm_core_mk_lmv2_resp(ntlmv2hash, entropy, &ntlm->nonce[0], - lmresp); + res = Curl_ntlm_core_mk_lmv2_resp(ntlmv2hash, + (unsigned char *)&entropy[0], + &ntlm->nonce[0], lmresp); if(res) return res; /* NTLMv2 response */ - res = Curl_ntlm_core_mk_ntlmv2_resp(ntlmv2hash, entropy, ntlm, &ntlmv2resp, - &ntresplen); + res = Curl_ntlm_core_mk_ntlmv2_resp(ntlmv2hash, + (unsigned char *)&entropy[0], + ntlm, &ntlmv2resp, &ntresplen); if(res) return res; @@ -746,10 +743,11 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data, unsigned char ntbuffer[0x18]; unsigned char tmp[0x18]; unsigned char md5sum[MD5_DIGEST_LENGTH]; - unsigned char entropy[8]; + unsigned int entropy[2]; /* Need to create 8 bytes random data */ - Curl_ssl_random(data, entropy, sizeof(entropy)); + entropy[0] = Curl_rand(data); + entropy[1] = Curl_rand(data); /* 8 bytes random data as challenge in lmresp */ memcpy(lmresp, entropy, 8); |