From 7bcca9345977669bce9fd52f85ac2b89ccf550ec Mon Sep 17 00:00:00 2001
From: Markus Moeller <markus_moeller@compuserve.com>
Date: Fri, 28 Dec 2018 15:04:53 +0100
Subject: ntlm: update selection of type 3 response

NTLM2 did not work i.e. no NTLMv2 response was created. Changing the
check seems to work.

Ref: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-NLMP/[MS-NLMP].pdf

Fixes https://github.com/curl/curl/issues/3286
Closes https://github.com/curl/curl/pull/3287
Closes https://github.com/curl/curl/pull/3415
---
 lib/vauth/ntlm.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'lib/vauth')

diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index 458b27253..c3d55ed25 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -562,7 +562,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
   }
 
 #if defined(USE_NTRESPONSES) && defined(USE_NTLM_V2)
-  if(ntlm->target_info_len) {
+  if(ntlm->flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) {
     unsigned char ntbuffer[0x18];
     unsigned char entropy[8];
     unsigned char ntlmv2hash[0x18];
@@ -599,7 +599,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
 
 #if defined(USE_NTRESPONSES) && defined(USE_NTLM2SESSION)
   /* We don't support NTLM2 if we don't have USE_NTRESPONSES */
-  if(ntlm->flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) {
+  if(ntlm->flags & NTLMFLAG_NEGOTIATE_NTLM_KEY) {
     unsigned char ntbuffer[0x18];
     unsigned char tmp[0x18];
     unsigned char md5sum[MD5_DIGEST_LENGTH];
@@ -631,7 +631,9 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
     Curl_ntlm_core_lm_resp(ntbuffer, md5sum, ntresp);
 
     /* End of NTLM2 Session code */
-
+    /* NTLM v2 session security is a misnomer because it is not NTLM v2.
+       It is NTLM v1 using the extended session security that is also
+       in NTLM v2 */
   }
   else
 #endif
-- 
cgit v1.2.3