Skip to content

Commit

Permalink
ntlm: Use static client nonce for the test suite
Browse files Browse the repository at this point in the history
  • Loading branch information
@captain-caveman2k
captain-caveman2k committed Jan 30, 2014
1 parent 0f23662 commit 0e11307
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion lib/curl_ntlm_msgs.c
View file
Expand Up @@ -763,8 +763,13 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
unsigned char entropy[8];
unsigned char ntlmv2hash[0x18];

/* Need to create 8 bytes random client nonce */
#if defined(DEBUGBUILD)
/* Use static client nonce in debug (Test Suite) builds */

This comment has been minimized.

Sign in to view

Copy link
@kdudka

kdudka Mar 17, 2014

Contributor

Does it mean that NTLM tests cannot run on top of non-debug builds of libcurl any more? This used to work fine prior to commit 8672458...

This comment has been minimized.

Sign in to view

Copy link
@captain-caveman2k

captain-caveman2k via email Mar 17, 2014

Author Contributor

This comment has been minimized.

Sign in to view

Copy link
@bagder

bagder Mar 17, 2014

Member

Yes, the thing is that I want debug-builds to work if you happen to run them against real machines and having a fixed entropy for real use is a security issue. I'll post my entropy-patch to the list again now for discussion and possibly inclusion before next release!

This comment has been minimized.

Sign in to view

Copy link
@kdudka

kdudka Mar 18, 2014

Contributor

I would personally prefer to have fresh test-cases for NTLMv2 while keeping the NTLMv1 test-cases working as they used to work, but I am probably too late for this discussion...

This comment has been minimized.

Sign in to view

Copy link
@captain-caveman2k

captain-caveman2k via email Mar 18, 2014

Author Contributor
memcpy(entropy, "12345678", sizeof(entropy));
#else
/* Create an 8 byte random client nonce */
Curl_ssl_random(data, entropy, sizeof(entropy));
#endif

res = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer);
if(res)
Expand Down

0 comments on commit 0e11307

Please sign in to comment.