Hi, guys.. im working now on RDPoverHTTP feature for FreeRDP and have taken the NTLM sources from libfreerdp-core for authentification. Ive detected a mistake in NTLMSSP flag definition. All indexes are defined in wrong way.
freerdp/libfreerdp-core/ntlmssp.c (line 30): #define NTLMSSP_INDEX_NEGOTIATE_56 0 #define NTLMSSP_INDEX_NEGOTIATE_KEY_EXCH 1 #define NTLMSSP_INDEX_NEGOTIATE_128 2 .... #define NTLMSSP_INDEX_REQUEST_TARGET 29 #define NTLMSSP_INDEX_NEGOTIATE_OEM 30 #define NTLMSSP_INDEX_NEGOTIATE_UNICODE 31 #define NTLMSSP_NEGOTIATE_56 (1 << NTLMSSP_INDEX_NEGOTIATE_56) #define NTLMSSP_NEGOTIATE_KEY_EXCH (1 << NTLMSSP_INDEX_NEGOTIATE_KEY_EXCH) #define NTLMSSP_NEGOTIATE_128 (1 << NTLMSSP_INDEX_NEGOTIATE_128) .... #define NTLMSSP_REQUEST_TARGET (1 << NTLMSSP_INDEX_REQUEST_TARGET) #define NTLMSSP_NEGOTIATE_OEM (1 << NTLMSSP_INDEX_NEGOTIATE_OEM) #define NTLMSSP_NEGOTIATE_UNICODE (1 << NTLMSSP_INDEX_NEGOTIATE_UNICODE) It means NTLMSSP_NEGOTIATE_56 has value 0x00000001 - wrong. According to [MS-NLMP] specification NTLMSSP_NEGOTIATE_56 has value 0x80000000. So all flag indexes should be defined with increment in another direction: #define NTLMSSP_INDEX_NEGOTIATE_56 31 //0 #define NTLMSSP_INDEX_NEGOTIATE_KEY_EXCH 30 //1 #define NTLMSSP_INDEX_NEGOTIATE_128 29 //2 ... #define NTLMSSP_INDEX_REQUEST_TARGET 2 //29 #define NTLMSSP_INDEX_NEGOTIATE_OEM 1 //30 #define NTLMSSP_INDEX_NEGOTIATE_UNICODE 0 //31 ciao Dmitrij ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ Freerdp-devel mailing list Freerdp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freerdp-devel