generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2024-12-12 18:20:26 +01:00
Code Issues Projects Releases Wiki Activity

fixed NTLM SMTP authentication; added additional check for malformed server challenge to HTTPNTLMCredentials

Browse Source
This commit is contained in:
Günter Obiltschnig 2019-04-03 15:29:32 +02:00
parent 6ec6b58da3
commit 42cf54b742
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Net/src/HTTPNTLMCredentials.cpp
View File

@ -117,6 +117,7 @@ std::string HTTPNTLMCredentials::createNTLMMessage(const std::string& responseAu
else
{
std::vector<unsigned char> buffer = NTLMCredentials::fromBase64(responseAuthParams);
if (buffer.empty()) throw HTTPException("Invalid NTLM challenge");
NTLMCredentials::ChallengeMessage challengeMsg;
if (NTLMCredentials::parseChallengeMessage(&buffer[0], buffer.size(), challengeMsg))
{

3
Net/src/SMTPClientSession.cpp
View File

@ -254,7 +254,8 @@ void SMTPClientSession::loginUsingNTLM(const std::string& username, const std::s
int status = sendCommand("AUTH NTLM", NTLMCredentials::toBase64(negotiateBuf), response);
if (status == 334)
{
std::vector<unsigned char> buffer = NTLMCredentials::fromBase64(response);
std::vector<unsigned char> buffer = NTLMCredentials::fromBase64(response.substr(4));
if (buffer.empty()) throw SMTPException("Invalid NTLM challenge");
NTLMCredentials::ChallengeMessage challengeMsg;
if (NTLMCredentials::parseChallengeMessage(&buffer[0], buffer.size(), challengeMsg))
{