mirror of
https://github.com/pocoproject/poco.git
synced 2025-01-06 00:31:10 +01:00
fixed NTLM SMTP authentication; added additional check for malformed server challenge to HTTPNTLMCredentials
This commit is contained in:
Günter Obiltschnig
parent
6ec6b58da3
commit
42cf54b742
@ -117,6 +117,7 @@ std::string HTTPNTLMCredentials::createNTLMMessage(const std::string& responseAu
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
std::vector<unsigned char> buffer = NTLMCredentials::fromBase64(responseAuthParams);
|
std::vector<unsigned char> buffer = NTLMCredentials::fromBase64(responseAuthParams);
|
||||||
|
if (buffer.empty()) throw HTTPException("Invalid NTLM challenge");
|
||||||
NTLMCredentials::ChallengeMessage challengeMsg;
|
NTLMCredentials::ChallengeMessage challengeMsg;
|
||||||
if (NTLMCredentials::parseChallengeMessage(&buffer[0], buffer.size(), challengeMsg))
|
if (NTLMCredentials::parseChallengeMessage(&buffer[0], buffer.size(), challengeMsg))
|
||||||
{
|
{
|
||||||
|
|||||||
@ -254,7 +254,8 @@ void SMTPClientSession::loginUsingNTLM(const std::string& username, const std::s
|
|||||||
int status = sendCommand("AUTH NTLM", NTLMCredentials::toBase64(negotiateBuf), response);
|
int status = sendCommand("AUTH NTLM", NTLMCredentials::toBase64(negotiateBuf), response);
|
||||||
if (status == 334)
|
if (status == 334)
|
||||||
{
|
{
|
||||||
std::vector<unsigned char> buffer = NTLMCredentials::fromBase64(response);
|
std::vector<unsigned char> buffer = NTLMCredentials::fromBase64(response.substr(4));
|
||||||
|
if (buffer.empty()) throw SMTPException("Invalid NTLM challenge");
|
||||||
NTLMCredentials::ChallengeMessage challengeMsg;
|
NTLMCredentials::ChallengeMessage challengeMsg;
|
||||||
if (NTLMCredentials::parseChallengeMessage(&buffer[0], buffer.size(), challengeMsg))
|
if (NTLMCredentials::parseChallengeMessage(&buffer[0], buffer.size(), challengeMsg))
|
||||||
{
|
{
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user