[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Potential issues in libntlm 1.2

From: Olivier Lau
Subject: Potential issues in libntlm 1.2
Date: Thu, 22 Apr 2010 09:19:17 +0000 (GMT)


I have noticed the following potential issues in libntlm 1.2:

- definition of tSmbNtlmAuthRequest in ntlm.h: the fields user and domain are 
inverted. According to the spec (, 
domain should be first. Also, "user" should actually be named "workstation" or 

- buildSmbNtlmAuthResponse_userlen() function (in smbutil.c): about the last 
line of the function:

response->flags = challenge->flags;

I believe the response to challenge should not mirror flags sent from the 
server, as the client does not necessarilly have the same capabilities as the 


reply via email to

[Prev in Thread] Current Thread [Next in Thread]