src/auth/mech-ntlm.c

	mech-ntlm.c revision 50782de8a9d5ebe11ee61496b4e695a1d3875230
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch/*
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch * NTLM and NTLMv2 authentication mechanism.
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch *
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch * Copyright (c) 2004 Andrey Panin <pazke@donpac.ru>
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch *
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch * This software is released under the MIT license.
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "auth-common.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "mech.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "passdb.h"
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen#include "str.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "buffer.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "hex-binary.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "safe-memset.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch#include "ntlm.h"
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschstruct ntlm_auth_request {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    struct auth_request auth_request;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    pool_t pool;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    /* requested: */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    bool ntlm2_negotiated;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    bool unicode_negotiated;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    const unsigned char *challenge;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    /* received: */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    struct ntlmssp_response *response;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch};
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschstatic bool lm_verify_credentials(struct ntlm_auth_request *request,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                  const unsigned char *credentials, size_t size)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    const unsigned char *client_response;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    unsigned char lm_response[LM_RESPONSE_SIZE];
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    unsigned int response_length;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    if (size != LM_HASH_SIZE) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                auth_request_log_error(&request->auth_request, "lm",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                       "invalid credentials length");
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        return FALSE;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    response_length =
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        ntlmssp_buffer_length(request->response, lm_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    client_response = ntlmssp_buffer_data(request->response, lm_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    if (response_length < LM_RESPONSE_SIZE) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                auth_request_log_error(&request->auth_request, "ntlm",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            "LM response length is too small");
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        return FALSE;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    ntlmssp_v1_response(credentials, request->challenge, lm_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    return memcmp(lm_response, client_response, LM_RESPONSE_SIZE) == 0;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschstatic void
7384b4e78eaab44693c985192276e31322155e32Stephan Boschlm_credentials_callback(enum passdb_result result,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            const unsigned char *credentials, size_t size,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            struct auth_request *auth_request)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    struct ntlm_auth_request *request =
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        (struct ntlm_auth_request *)auth_request;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    switch (result) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    case PASSDB_RESULT_OK:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        if (lm_verify_credentials(request, credentials, size))
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_success(auth_request, NULL, 0);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        else
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_fail(auth_request);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        break;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    case PASSDB_RESULT_INTERNAL_FAILURE:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        auth_request_internal_failure(auth_request);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        break;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    default:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        auth_request_fail(auth_request);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        break;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschstatic int
7384b4e78eaab44693c985192276e31322155e32Stephan Boschntlm_verify_credentials(struct ntlm_auth_request *request,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            const unsigned char *credentials, size_t size)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        struct auth_request *auth_request = &request->auth_request;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    const unsigned char *client_response;
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen    unsigned int response_length;
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen    response_length =
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen        ntlmssp_buffer_length(request->response, ntlm_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    client_response = ntlmssp_buffer_data(request->response, ntlm_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    if (response_length == 0) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        /* try LM authentication unless NTLM2 was negotiated */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        return request->ntlm2_negotiated ? -1 : 0;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    if (size != NTLMSSP_HASH_SIZE) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                auth_request_log_error(&request->auth_request, "ntlm",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                       "invalid credentials length");
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        return -1;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    if (response_length > NTLMSSP_RESPONSE_SIZE) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        unsigned char ntlm_v2_response[NTLMSSP_V2_RESPONSE_SIZE];
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        const unsigned char *blob =
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            client_response + NTLMSSP_V2_RESPONSE_SIZE;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        /*
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch         * Authentication target == NULL because we are acting
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch         * as a standalone server, not as NT domain member.
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch         */
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        ntlmssp_v2_response(auth_request->user, NULL,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                    credentials, request->challenge, blob,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                    response_length - NTLMSSP_V2_RESPONSE_SIZE,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                    ntlm_v2_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        return memcmp(ntlm_v2_response, client_response,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                  NTLMSSP_V2_RESPONSE_SIZE) == 0 ? 1 : -1;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    } else {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        unsigned char ntlm_response[NTLMSSP_RESPONSE_SIZE];
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        const unsigned char *client_lm_response =
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            ntlmssp_buffer_data(request->response, lm_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        if (request->ntlm2_negotiated)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            ntlmssp2_response(credentials, request->challenge,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                      client_lm_response,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                      ntlm_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        else
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            ntlmssp_v1_response(credentials, request->challenge,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                        ntlm_response);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        return memcmp(ntlm_response, client_response,
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen                  NTLMSSP_RESPONSE_SIZE) == 0 ? 1 : -1;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainenstatic void
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainenntlm_credentials_callback(enum passdb_result result,
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen              const unsigned char *credentials, size_t size,
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen              struct auth_request *auth_request)
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    struct ntlm_auth_request *request =
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        (struct ntlm_auth_request *)auth_request;
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen    int ret;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    switch (result) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    case PASSDB_RESULT_OK:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        ret = ntlm_verify_credentials(request, credentials, size);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        if (ret > 0) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_success(auth_request, NULL, 0);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            return;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        if (ret < 0) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_fail(auth_request);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            return;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        break;
57962a937b214be3a131f78005509afaa26fe4bfTimo Sirainen    case PASSDB_RESULT_INTERNAL_FAILURE:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        auth_request_internal_failure(auth_request);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        return;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    default:
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        break;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    }
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    /* NTLM credentials not found or didn't want to use them,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch       try with LM credentials */
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen    auth_request_lookup_credentials(auth_request, "LANMAN",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                    lm_credentials_callback);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Boschstatic void
7384b4e78eaab44693c985192276e31322155e32Stephan Boschmech_ntlm_auth_continue(struct auth_request *auth_request,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            const unsigned char *data, size_t data_size)
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen{
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen    struct ntlm_auth_request *request =
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen        (struct ntlm_auth_request *)auth_request;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    const char *error;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    if (!request->challenge) {
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen        const struct ntlmssp_request *ntlm_request =
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen            (const struct ntlmssp_request *)data;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        const struct ntlmssp_challenge *message;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        size_t message_size;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        uint32_t flags;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        if (!ntlmssp_check_request(ntlm_request, data_size, &error)) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_log_info(auth_request, "ntlm",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                "invalid NTLM request: %s", error);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_fail(auth_request);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            return;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        message = ntlmssp_create_challenge(request->pool, ntlm_request,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                           &message_size);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        flags = read_le32(&message->flags);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        request->ntlm2_negotiated = flags & NTLMSSP_NEGOTIATE_NTLM2;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        request->unicode_negotiated = flags & NTLMSSP_NEGOTIATE_UNICODE;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        request->challenge = message->challenge;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        auth_request_handler_reply_continue(auth_request, message,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                            message_size);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    } else {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        const struct ntlmssp_response *response =
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            (const struct ntlmssp_response *)data;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        const char *username;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        if (!ntlmssp_check_response(response, data_size, &error)) {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_log_info(auth_request, "ntlm",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                "invalid NTLM response: %s", error);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_fail(auth_request);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            return;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        request->response = p_malloc(request->pool, data_size);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        memcpy(request->response, response, data_size);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        username = ntlmssp_t_str(request->response, user,
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen                     request->unicode_negotiated);
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen        if (!auth_request_set_username(auth_request, username, &error)) {
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen            auth_request_log_info(auth_request, "ntlm",
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen                          "%s", error);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch            auth_request_fail(auth_request);
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen            return;
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen        }
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch        auth_request_lookup_credentials(auth_request, "NTLM",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch                        ntlm_credentials_callback);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    }
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschstatic struct auth_request *mech_ntlm_auth_new(void)
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch{
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    struct ntlm_auth_request *request;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    pool_t pool;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    pool = pool_alloconly_create("ntlm_auth_request", 1024);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    request = p_new(pool, struct ntlm_auth_request, 1);
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    request->pool = pool;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    request->auth_request.pool = pool;
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    return &request->auth_request;
65c0e43da8cfc730eeb4634f8aa384081bbfa4e7Timo Sirainen}
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Boschconst struct mech_module mech_ntlm = {
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    "NTLM",
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    .flags = MECH_SEC_DICTIONARY | MECH_SEC_ACTIVE,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    .passdb_need = MECH_PASSDB_NEED_LOOKUP_CREDENTIALS,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    mech_ntlm_auth_new,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    mech_generic_auth_initial,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    mech_ntlm_auth_continue,
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch    mech_generic_auth_free
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch};
7384b4e78eaab44693c985192276e31322155e32Stephan Bosch