[Mono.Security]: Change NTLM domain policy.

There has been a bug report where a Microsoft Server 2008 RC2 does
not accept the domain name that it sent back in the Type2Message's
TargetInfo / Domain Name field.

Therefor, we're now using the domain name from the `NetworkCredential' -
this is also what's initialy being sent to the server in the
`Type1Message`.

diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/ChallengeResponse2.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/ChallengeResponse2.cs
index 5479520f8851573116db0b96454a39f5cd4e43dc..d84028cf34511a60c23633995b713a734a165d68 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/ChallengeResponse2.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/ChallengeResponse2.cs
@@ -154,12 +154,12 @@ namespace Mono.Security.Protocol.Ntlm {
                        Array.Clear (hash, 0, hash.Length);
                }
 
-               static byte[] Compute_NTLMv2 (Type2Message type2, string username, string password)
+               static byte[] Compute_NTLMv2 (Type2Message type2, string username, string password, string domain)
                {
                        var ntlm_hash = Compute_NTLM_Password (password);
 
                        var ubytes = Encoding.Unicode.GetBytes (username.ToUpperInvariant ());
-                       var tbytes = Encoding.Unicode.GetBytes (type2.TargetName.ToUpperInvariant ());
+                       var tbytes = Encoding.Unicode.GetBytes (domain);
 
                        var bytes = new byte [ubytes.Length + tbytes.Length];
                        ubytes.CopyTo (bytes, 0);
@@ -212,7 +212,7 @@ namespace Mono.Security.Protocol.Ntlm {
                }
 
                public static void Compute (Type2Message type2, NtlmAuthLevel level,
-                                           string username, string password,
+                                           string username, string password, string domain,
                                            out byte[] lm, out byte[] ntlm)
                {
                        lm = null;
@@ -237,7 +237,7 @@ namespace Mono.Security.Protocol.Ntlm {
                                break;
 
                        case NtlmAuthLevel.NTLMv2_only:
-                               ntlm = Compute_NTLMv2 (type2, username, password);
+                               ntlm = Compute_NTLMv2 (type2, username, password, domain);
                                break;
 
                        default:

diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/Type1Message.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/Type1Message.cs
index b6669eb1645b11bd385cccefa884b15b5b1d6ba4..531fce0262275983510daa57a940382110393d26 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/Type1Message.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/Type1Message.cs
@@ -49,7 +49,7 @@ namespace Mono.Security.Protocol.Ntlm {
                        // default values
                        _domain = Environment.UserDomainName;
                        _host = Environment.MachineName;
-                       Flags = (NtlmFlags) 0xb203;
+                       Flags = (NtlmFlags) 0xb207;
                }
 
                public Type1Message (byte[] message) : base (1)

diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/Type3Message.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/Type3Message.cs
index 59e948fdfd9b5e0d77f14eb86a61dca34d345709..50010bffe619311f8bc6cffc6de462ee9950bfd3 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/Type3Message.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Ntlm/Type3Message.cs
@@ -152,9 +152,6 @@ namespace Mono.Security.Protocol.Ntlm {
                public string Domain {
                        get { return _domain; }
                        set {
-                               if (_type2 != null)
-                                       throw new InvalidOperationException (
-                                               "Domain is set automatically from Type2Message.TargetName");
                                if (value == null)
                                        value = "";
                                if (value == "")
@@ -205,11 +202,6 @@ namespace Mono.Security.Protocol.Ntlm {
                {
                        base.Decode (message);
 
-                       if (BitConverterLE.ToUInt16 (message, 56) != message.Length) {
-                               string msg = Locale.GetText ("Invalid Type3 message length.");
-                               throw new ArgumentException (msg, "message");
-                       }
-
                        _password = null;
 
                        if (message.Length >= 64)
@@ -280,7 +272,7 @@ namespace Mono.Security.Protocol.Ntlm {
                                        ntlm = legacy.NT;
                                }
                        } else {
-                               ChallengeResponse2.Compute (_type2, _level, _username, _password, out lm, out ntlm);
+                               ChallengeResponse2.Compute (_type2, _level, _username, _password, _domain, out lm, out ntlm);
                        }
 
                        var lmresp_len = lm != null ? lm.Length : 0;

diff --git a/mcs/class/System/Mono.Http/NtlmClient.cs b/mcs/class/System/Mono.Http/NtlmClient.cs
index f1b678827f2364df9b50f190738eb3d53bef26d0..52c7ca541d430aa768a9e570630e5032f6193262 100644 (file)
--- a/mcs/class/System/Mono.Http/NtlmClient.cs
+++ b/mcs/class/System/Mono.Http/NtlmClient.cs
@@ -92,6 +92,7 @@ namespace Mono.Http
                                Type3Message type3 = new Type3Message (type2);
                                type3.Username = userName;
                                type3.Password = password;
+                               type3.Domain = domain;
                                message = type3;
                                completed = true;
                        } else {