added support for SSPI-based NTLM authentication using the credentials of the currently logged in Windows user (Windows only)

Net/include/Poco/Net/HTTPCredentials.h

@@ -103,6 +103,14 @@ public:
 	const std::string& getPassword() const;
 		/// Returns the password.
 
+	void setHost(const std::string& host);
+		/// Sets the target host. Only used for SSPI-based NTLM authentication using
+		/// the credentials of the currently logged-in user on Windows.
+
+	const std::string& getHost() const;
+		/// Returns the target host. Only used for SSPI-based NTLM authentication using
+		/// the credentials of the currently logged-in user on Windows.
+
 	void authenticate(HTTPRequest& request, const HTTPResponse& response);
 		/// Inspects WWW-Authenticate header of the response, initializes
 		/// the internal state (in case of digest authentication) and
@@ -196,6 +204,18 @@ inline const std::string& HTTPCredentials::getPassword() const
 }
 
 
+inline void HTTPCredentials::setHost(const std::string& host)
+{
+	_ntlm.setHost(host);
+}
+
+
+inline const std::string& HTTPCredentials::getHost() const
+{
+	return _ntlm.getHost();
+}
+
+
 } } // namespace Poco::Net
 
 

Net/include/Poco/Net/HTTPNTLMCredentials.h

@@ -19,6 +19,7 @@
 
 
 #include "Poco/Net/Net.h"
+#include "Poco/Net/SSPINTLMCredentials.h"
 #include <vector>
 
 
@@ -42,6 +43,9 @@ public:
 	HTTPNTLMCredentials(const std::string& username, const std::string& password);
 		/// Creates a HTTPNTLMCredentials object with the given username and password.
 
+	HTTPNTLMCredentials(const std::string& username, const std::string& password, const std::string& host);
+		/// Creates a HTTPNTLMCredentials object with the given username, password and target host.
+
 	~HTTPNTLMCredentials();
 		/// Destroys the HTTPNTLMCredentials.
 
@@ -60,6 +64,14 @@ public:
 	const std::string& getPassword() const;
 		/// Returns the password.
 
+	void setHost(const std::string& host);
+		/// Sets the target host.\
+		///
+		/// Used for SSPI-based NTLM authentication only.
+
+	const std::string& getHost() const;
+		/// Returns the target host.
+
 	void authenticate(HTTPRequest& request, const HTTPResponse& response);
 		/// Parses WWW-Authenticate header of the HTTPResponse, initializes
 		/// internal state, and adds authentication information to the given HTTPRequest.
@@ -101,9 +113,12 @@ private:
 	HTTPNTLMCredentials& operator = (const HTTPNTLMCredentials&);
 
 	std::string createNTLMMessage(const std::string& ntlmChallengeBase64);
+	bool useSSPINTLM() const;
 
 	std::string _username;
 	std::string _password;
+	std::string _host;
+	Poco::SharedPtr<NTLMContext> _pNTLMContext;
 };
 
 
@@ -122,6 +137,18 @@ inline const std::string& HTTPNTLMCredentials::getPassword() const
 }
 
 
+inline const std::string& HTTPNTLMCredentials::getHost() const
+{
+	return _host;
+}
+
+
+inline bool HTTPNTLMCredentials::useSSPINTLM() const
+{
+	return _username.empty() && _password.empty() && SSPINTLMCredentials::available();
+}
+
+
 } } // namespace Poco::Net
 
 

Net/include/Poco/Net/NTLMCredentials.h

@@ -2,7 +2,7 @@
 // NTLMCredentials.h
 //
 // Library: Net
-// Package: HTTP
+// Package: NTLM
 // Module:	NTLMCredentials
 //
 // Definition of the NTLMCredentials class.
@@ -152,7 +152,7 @@ public:
 		/// Returns true if the message was parsed successfully, otherwise false.
 
 	static std::vector<unsigned char> formatAuthenticateMessage(const AuthenticateMessage& message);
-		/// Creates the NTLM Type 1 Authenticate message used for initiating NTLM authentication from the client.
+		/// Creates the NTLM Type 3 Authenticate message used for sending the response to the challenge.
 
 	static void readBufferDesc(Poco::BinaryReader& reader, BufferDesc& desc);
 		/// Reads a buffer descriptor.

Net/include/Poco/Net/SMTPClientSession.h

@@ -192,6 +192,7 @@ private:
 	void sendCommands(const MailMessage& message, const Recipients* pRecipients = 0);
 	void transportMessage(const MailMessage& message);
 
+	std::string  _host;
 	DialogSocket _socket;
 	bool         _isOpen;
 };

Net/include/Poco/Net/SSPINTLMCredentials.h

@@ -0,0 +1,83 @@
+//
+// SSPINTLMCredentials.h
+//
+// Library: Net
+// Package: NTLM
+// Module:	SSPINTLMCredentials
+//
+// Definition of the SSPINTLMCredentials class.
+//
+// Copyright (c) 2019, Applied Informatics Software Engineering GmbH.
+// and Contributors.
+//
+// SPDX-License-Identifier:	BSL-1.0
+//
+
+
+#include "Poco/Net/Net.h"
+#include <vector>
+
+
+#ifndef Net_SSPINTLMCredentials_INCLUDED
+#define Net_SSPINTLMCredentials_INCLUDED
+
+
+#include "Poco/Net/Net.h"
+#include "Poco/Net/NTLMCredentials.h"
+#include "Poco/SharedPtr.h"
+
+
+namespace Poco {
+namespace Net {
+
+
+struct NTLMContextImpl;
+
+
+class NTLMContext
+	/// An opaque context class for working with SSPI NTLM authentication.
+{
+public:
+	~NTLMContext();
+
+protected:
+	NTLMContext(NTLMContextImpl* pImpl);
+
+private:
+	NTLMContextImpl* _pImpl;
+
+	NTLMContext();
+	NTLMContext(const NTLMContext&);
+	NTLMContext& operator = (const NTLMContext&);
+	
+	friend class SSPINTLMProvider;
+};
+
+
+class Net_API SSPINTLMCredentials
+	/// Support for NTLM authentication using credentials of the currently
+	/// logged in user via SSPI.
+{
+public:
+	static bool available();
+		/// Returns true if SSPI NTLM support is available.
+
+	static Poco::SharedPtr<NTLMContext> createNTLMContext(const std::string& host, const std::string& service);
+		/// Creates an NTLMContext structure for use with negotiate()
+		/// and authenticate().
+
+	static std::vector<unsigned char> negotiate(NTLMContext& context);
+		/// Creates the NTLM Type 1 Negotiate message used for initiating NTLM authentication from the client.
+
+	static std::vector<unsigned char> authenticate(NTLMContext& context, const std::vector<unsigned char>& challenge);
+		/// Creates the NTLM Type 3 Authenticate message used for sending the response to the challenge.
+
+	static const std::string SERVICE_HTTP;
+	static const std::string SERVICE_SMTP;
+};
+
+
+} } // namespace Poco::Net
+
+
+#endif // Net_SSPINTLMCredentials_INCLUDED