aboutsummaryrefslogtreecommitdiffstats
path: root/README.NTLM
diff options
context:
space:
mode:
Diffstat (limited to 'README.NTLM')
-rw-r--r--README.NTLM83
1 files changed, 83 insertions, 0 deletions
diff --git a/README.NTLM b/README.NTLM
new file mode 100644
index 00000000..964ba598
--- /dev/null
+++ b/README.NTLM
@@ -0,0 +1,83 @@
+NTLM support by Grant Edwards <grante@visi.com>
+
+This directory contains sources for a library which provides
+routines to manipulate the structures used for the client end
+of Microsoft NTLM authentication.
+
+This code (the ntlm.h file and smb*.[ch] files) was taken mostly from
+the Samba project and was initially intended for use with Microsoft
+Exchange Server when it is configured to require NTLM authentication
+for clients of its IMAP server.
+
+Not much effort has been put into making this portable, and the author
+only know for sure that it works on i386 Linux glibc systems -- though
+there shouldn't be anything all that system-specific anywhere. System
+byte order differences should already be taken care of.
+
+USAGE
+
+The application program must convert these structures to/from base64
+which is used to transfer data for IMAP authentication. For example
+usage see the sources for the mutt MUA or here in the fetchmail
+package.
+
+In general the usage is something like shown below (no, I don't
+know if this code even compiles, but you get the idea
+hopefully):
+
+
+#include <ntlm.h>
+
+extern char *seqTag; /* IMAP sequence number */
+
+int imap_auth_ntlm(char *user, char *domain, char *pass)
+{
+ tSmbNtlmAuthRequest request;
+ tSmbNtlmAuthChallenge challenge;
+ tSmbNtlmAuthResponse response;
+ char buffer[512];
+ char tmpstr[32];
+
+ writeToServer("%s AUTHENTICATE NTLM\r\n",seqTag);
+ readFromServer(buffer)
+
+ /* buffer should be "+", but we won't show code to check */
+
+ /*
+ * prepare the request, convert to base64, and send it to
+ * the the server. My server didn't care about domain, and NULL
+ * worked fine.
+ */
+
+ buildSmbNtlmAuthRequest(&request,user,domain);
+ convertToBase64(buffer, &request, SmbLength(&request));
+ writeToServer("%s\r\n",buffer);
+
+ /* read challange data from server, convert from base64 */
+
+ readFromServer(buffer);
+
+ /* buffer should contain the string "+ [base 64 data]" */
+
+ convertFromBase64(&challenge, buffer+2);
+
+ /* prepare response, convert to base64, send to server */
+
+ buildSmbNtlmAuthResponse(&challenge, &response, user, pass);
+ convertToBase64(buffer,&response,SmbLength(&response));
+ writeToServer("%s\r\n",buffer);
+
+ /* read line from server, it should be "[seq] OK blah blah blah" */
+
+ readFromServer(buffer);
+
+ sprintf(tmpstr,"%s OK",seqTag);
+
+ if (strncmp(buffer,tmpstr,strlen(tmpstr)))
+ {
+ /* login failed */
+ return -1;
+ }
+
+ return 0;
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-18 05:32:24 +0000