Mercurial > mxe-octave
comparison src/freetds-1-fastforward.patch @ 1361:da4c01b382dc
upgrade package freetds to cvs
author | Mark Brand <mabrand@mabrand.nl> |
---|---|
date | Tue, 09 Nov 2010 20:45:14 +0100 |
parents | b9f6d372773c |
children | 74f410467f97 |
comparison
equal
deleted
inserted
replaced
1360:e383210b07fa | 1361:da4c01b382dc |
---|---|
157559 + | 157559 + |
157560 + odbc_disconnect(); | 157560 + odbc_disconnect(); |
157561 + return 0; | 157561 + return 0; |
157562 +} | 157562 +} |
157563 + | 157563 + |
157564 | |
157565 commit 0720c32343c06852e55bcd2f399860c259ac4660 | |
157566 Author: freddy77 <freddy77> | |
157567 Date: Thu Nov 4 19:38:33 2010 +0000 | |
157568 | |
157569 allow to specify library options with --enable-krb5 | |
157570 | |
157571 diff --git a/ChangeLog b/ChangeLog | |
157572 index 849923b..75b3e80 100644 | |
157573 --- a/ChangeLog | |
157574 +++ b/ChangeLog | |
157575 @@ -1,3 +1,6 @@ | |
157576 +Thu Nov 4 20:38:16 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157577 + * configure.ac: allow to specify library options with --enable-krb5 | |
157578 + | |
157579 Fri Oct 29 16:52:15 CEST 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157580 * src/odbc/odbc.c src/odbc/unittests/.cvsignore: | |
157581 * src/odbc/unittests/Makefile.am: | |
157582 @@ -2978,4 +2981,4 @@ Wed Jan 9 19:54:43 EST 2008 JK Lowden <jklowden@freetds.org> | |
157583 * ChangeLog-0.82 added because of release | |
157584 | |
157585 $FreeTDS$ | |
157586 -$Id: ChangeLog,v 1.3149 2010/10/29 14:52:40 freddy77 Exp $ | |
157587 +$Id: ChangeLog,v 1.3150 2010/11/04 19:38:33 freddy77 Exp $ | |
157588 diff --git a/configure.ac b/configure.ac | |
157589 index 960c834..b3b2633 100644 | |
157590 --- a/configure.ac | |
157591 +++ b/configure.ac | |
157592 @@ -1,7 +1,7 @@ | |
157593 dnl Process this file with autoconf to produce a configure script. | |
157594 | |
157595 dnl ------------------------------------------------------------ | |
157596 -dnl $Id: configure.ac,v 1.57 2010/10/26 08:12:48 freddy77 Exp $ | |
157597 +dnl $Id: configure.ac,v 1.58 2010/11/04 19:38:33 freddy77 Exp $ | |
157598 dnl If you're trying to create a new configure test, try | |
157599 dnl | |
157600 dnl http://autogen.sourceforge.net/conftest.html | |
157601 @@ -15,7 +15,7 @@ dnl ------------------------------------------------------------ | |
157602 AC_INIT(FreeTDS, 0.83.dev.esyscmd(printf $(date +"%Y%m%d"))) | |
157603 AC_CONFIG_SRCDIR(src/dblib/dblib.c) | |
157604 AC_PREREQ(2.53) | |
157605 -AC_REVISION($Revision: 1.57 $) | |
157606 +AC_REVISION($Revision: 1.58 $) | |
157607 | |
157608 AM_INIT_AUTOMAKE([dist-bzip2]) | |
157609 AC_CONFIG_HEADERS(include/config.h) | |
157610 @@ -136,7 +136,15 @@ AC_SUBST(HAVE_PERL_SOURCES) | |
157611 # Checks for libraries. | |
157612 # ------------------------------------------------------------ | |
157613 AC_ARG_ENABLE(krb5, | |
157614 - AS_HELP_STRING([--enable-krb5], [enable Kerberos support])) | |
157615 + AS_HELP_STRING([--enable-krb5@<:@=LIB@:>@], [enable Kerberos support, optionally with library])) | |
157616 + | |
157617 +krb5_libs=auto | |
157618 +case $enable_krb5 in | |
157619 + yes) ;; | |
157620 + "" | no) krb5_libs= ;; | |
157621 + -* | */* | *.a | *.so | *.so.* | *.o) krb5_libs="$enable_krb5" ;; | |
157622 + *) krb5_libs="-l$enable_krb5" ;; | |
157623 +esac | |
157624 | |
157625 OLDLIBS="$LIBS" | |
157626 LIBS="" | |
157627 @@ -151,6 +159,7 @@ case $host in | |
157628 else | |
157629 LIBS="-lws2_32" | |
157630 fi | |
157631 + krb5_libs= | |
157632 AM_CONDITIONAL(MINGW32, true) | |
157633 ;; | |
157634 *-*-hpux*) | |
157635 @@ -165,12 +174,6 @@ case $host in | |
157636 CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED" | |
157637 LIBS="$LIBS -lxnet" | |
157638 AC_SEARCH_LIBS(gethostbyname, nsl) | |
157639 - if test "$enable_krb5" = "yes" ; then | |
157640 - AC_SEARCH_LIBS(gss_init_sec_context, [gssapi_krb5 gssapi]) | |
157641 - if test "$ac_cv_search_gss_init_sec_context" != no; then | |
157642 - AC_DEFINE(ENABLE_KRB5, 1, [Defined if --enable-krb5 used and library detected]) | |
157643 - fi | |
157644 - fi | |
157645 | |
157646 # check for _xpg_ functions | |
157647 AC_CHECK_FUNCS([_xpg_accept _xpg_getpeername _xpg_getsockname _xpg_getsockopt _xpg_recvfrom \ | |
157648 @@ -180,16 +183,25 @@ case $host in | |
157649 *) | |
157650 AC_SEARCH_LIBS(socket, socket) | |
157651 AC_SEARCH_LIBS(gethostbyname, nsl) | |
157652 - if test "$enable_krb5" = "yes" ; then | |
157653 - AC_SEARCH_LIBS(gss_init_sec_context, [gssapi_krb5 gssapi]) | |
157654 - if test "$ac_cv_search_gss_init_sec_context" != no; then | |
157655 - AC_DEFINE(ENABLE_KRB5, 1, [Defined if --enable-krb5 used and library detected]) | |
157656 - fi | |
157657 - fi | |
157658 | |
157659 AM_CONDITIONAL(MINGW32, false) | |
157660 ;; | |
157661 esac | |
157662 + | |
157663 +case "$krb5_libs" in | |
157664 +"" ) ;; | |
157665 +"auto") | |
157666 + AC_SEARCH_LIBS(gss_init_sec_context, [gssapi_krb5 gssapi]) | |
157667 + if test "$ac_cv_search_gss_init_sec_context" != no; then | |
157668 + AC_DEFINE(ENABLE_KRB5, 1, [Defined if --enable-krb5 used and library detected]) | |
157669 + fi | |
157670 + ;; | |
157671 +*) | |
157672 + AC_DEFINE(ENABLE_KRB5, 1, [Defined if --enable-krb5 used and library detected]) | |
157673 + LIBS="$LIBS $krb5_libs" | |
157674 + ;; | |
157675 +esac | |
157676 + | |
157677 NETWORK_LIBS="$LIBS" | |
157678 LIBS="$OLDLIBS" | |
157679 AC_SUBST(NETWORK_LIBS) | |
157680 | |
157681 commit 139606f96a9b19b1d81fc16af8bc9282a3f9a9cd | |
157682 Author: freddy77 <freddy77> | |
157683 Date: Tue Nov 9 12:36:10 2010 +0000 | |
157684 | |
157685 disable LANMAN authentication (too unsecure) | |
157686 | |
157687 diff --git a/ChangeLog b/ChangeLog | |
157688 index 75b3e80..1eb4b64 100644 | |
157689 --- a/ChangeLog | |
157690 +++ b/ChangeLog | |
157691 @@ -1,3 +1,6 @@ | |
157692 +Tue Nov 9 13:34:50 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157693 + * src/tds/challenge.c: disable LANMAN authentication (too unsecure) | |
157694 + | |
157695 Thu Nov 4 20:38:16 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157696 * configure.ac: allow to specify library options with --enable-krb5 | |
157697 | |
157698 @@ -2981,4 +2984,4 @@ Wed Jan 9 19:54:43 EST 2008 JK Lowden <jklowden@freetds.org> | |
157699 * ChangeLog-0.82 added because of release | |
157700 | |
157701 $FreeTDS$ | |
157702 -$Id: ChangeLog,v 1.3150 2010/11/04 19:38:33 freddy77 Exp $ | |
157703 +$Id: ChangeLog,v 1.3151 2010/11/09 12:36:10 freddy77 Exp $ | |
157704 diff --git a/src/tds/challenge.c b/src/tds/challenge.c | |
157705 index 7822810..c006f95 100644 | |
157706 --- a/src/tds/challenge.c | |
157707 +++ b/src/tds/challenge.c | |
157708 @@ -1,6 +1,6 @@ | |
157709 /* FreeTDS - Library of routines accessing Sybase and Microsoft databases | |
157710 * Copyright (C) 1998-1999 Brian Bruns | |
157711 - * Copyright (C) 2005-2009 Frediano Ziglio | |
157712 + * Copyright (C) 2005-2010 Frediano Ziglio | |
157713 * | |
157714 * This library is free software; you can redistribute it and/or | |
157715 * modify it under the terms of the GNU Library General Public | |
157716 @@ -45,7 +45,7 @@ | |
157717 #include <dmalloc.h> | |
157718 #endif | |
157719 | |
157720 -TDS_RCSID(var, "$Id: challenge.c,v 1.42 2010/09/28 15:09:39 freddy77 Exp $"); | |
157721 +TDS_RCSID(var, "$Id: challenge.c,v 1.43 2010/11/09 12:36:10 freddy77 Exp $"); | |
157722 | |
157723 /** | |
157724 * \ingroup libtds | |
157725 @@ -287,7 +287,8 @@ tds_answer_challenge(TDSSOCKET * tds, | |
157726 challenge = ntlm2_challenge; | |
157727 memset(&md5_ctx, 0, sizeof(md5_ctx)); | |
157728 } else if (names_blob_len <= 0) { | |
157729 - /* NTLM */ | |
157730 + /* LM */ | |
157731 +#if TDS_USE_LM | |
157732 size_t len, i; | |
157733 unsigned char passwd_buf[MAX_PW_SZ]; | |
157734 | |
157735 @@ -311,6 +312,9 @@ tds_answer_challenge(TDSSOCKET * tds, | |
157736 | |
157737 tds_encrypt_answer(hash, challenge, answer->lm_resp); | |
157738 memset(passwd_buf, 0, sizeof(passwd_buf)); | |
157739 +#else | |
157740 + memset(answer->lm_resp, 0, sizeof(answer->lm_resp)); | |
157741 +#endif | |
157742 } else { | |
157743 /* NTLMv2 */ | |
157744 unsigned char *lm_v2_response; | |
157745 | |
157746 commit 512497a4f905387f1390820dde5265eb541ce3fe | |
157747 Author: freddy77 <freddy77> | |
157748 Date: Tue Nov 9 12:48:37 2010 +0000 | |
157749 | |
157750 send OSversion in NTLM type 1, fix flags using NTLMv2 | |
157751 | |
157752 diff --git a/ChangeLog b/ChangeLog | |
157753 index 1eb4b64..2e6a38e 100644 | |
157754 --- a/ChangeLog | |
157755 +++ b/ChangeLog | |
157756 @@ -1,3 +1,7 @@ | |
157757 +Tue Nov 9 13:48:22 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157758 + * src/tds/challenge.c: | |
157759 + - send OSversion in NTLM type 1, fix flags using NTLMv2 | |
157760 + | |
157761 Tue Nov 9 13:34:50 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157762 * src/tds/challenge.c: disable LANMAN authentication (too unsecure) | |
157763 | |
157764 @@ -2984,4 +2988,4 @@ Wed Jan 9 19:54:43 EST 2008 JK Lowden <jklowden@freetds.org> | |
157765 * ChangeLog-0.82 added because of release | |
157766 | |
157767 $FreeTDS$ | |
157768 -$Id: ChangeLog,v 1.3151 2010/11/09 12:36:10 freddy77 Exp $ | |
157769 +$Id: ChangeLog,v 1.3152 2010/11/09 12:48:37 freddy77 Exp $ | |
157770 diff --git a/src/tds/challenge.c b/src/tds/challenge.c | |
157771 index c006f95..aab2ea1 100644 | |
157772 --- a/src/tds/challenge.c | |
157773 +++ b/src/tds/challenge.c | |
157774 @@ -45,7 +45,7 @@ | |
157775 #include <dmalloc.h> | |
157776 #endif | |
157777 | |
157778 -TDS_RCSID(var, "$Id: challenge.c,v 1.43 2010/11/09 12:36:10 freddy77 Exp $"); | |
157779 +TDS_RCSID(var, "$Id: challenge.c,v 1.44 2010/11/09 12:48:38 freddy77 Exp $"); | |
157780 | |
157781 /** | |
157782 * \ingroup libtds | |
157783 @@ -340,8 +340,8 @@ tds_answer_challenge(TDSSOCKET * tds, | |
157784 if (!*ntlm_v2_response) | |
157785 return TDS_FAIL; | |
157786 | |
157787 - /* local not supported */ | |
157788 - *flags &= 0x4000; | |
157789 + /* local not supported, avoid NTLM2 */ | |
157790 + *flags &= ~(0x80000|0x4000); | |
157791 return TDS_SUCCEED; | |
157792 } | |
157793 *flags = 0x8201; | |
157794 @@ -648,6 +648,11 @@ tds_ntlm_handle_next(TDSSOCKET * tds, struct tds_authentication * auth, size_t l | |
157795 if (data_block_offset >= 56 && where + 8 <= length) { | |
157796 /* Version 3 -- The Context, Target Information, and OS Version structure are all present. */ | |
157797 tds_get_n(tds, NULL, 8); /* OS Version Structure */ | |
157798 +#if 0 | |
157799 + /* if we have a version server handle NTLMv2 */ | |
157800 + if (target_info_len > 0) | |
157801 + flags &= ~0x80000; | |
157802 +#endif | |
157803 where += 8; | |
157804 } | |
157805 } | |
157806 @@ -726,7 +731,7 @@ tds_ntlm_get_auth(TDSSOCKET * tds) | |
157807 auth->tds_auth.free = tds_ntlm_free; | |
157808 auth->tds_auth.handle_next = tds_ntlm_handle_next; | |
157809 | |
157810 - auth->tds_auth.packet_len = auth_len = 32 + host_name_len + domain_len; | |
157811 + auth->tds_auth.packet_len = auth_len = 40 + host_name_len + domain_len; | |
157812 auth->tds_auth.packet = packet = malloc(auth_len); | |
157813 if (!packet) { | |
157814 free(auth); | |
157815 @@ -738,27 +743,29 @@ tds_ntlm_get_auth(TDSSOCKET * tds) | |
157816 /* sequence 1 client -> server */ | |
157817 TDS_PUT_A4(packet + 8, TDS_HOST4LE(1)); | |
157818 /* flags */ | |
157819 - TDS_PUT_A4(packet + 12, TDS_HOST4LE(0x08b201)); | |
157820 + TDS_PUT_A4(packet + 12, TDS_HOST4LE(0x08b205)); | |
157821 | |
157822 /* domain info */ | |
157823 TDS_PUT_A2LE(packet + 16, domain_len); | |
157824 TDS_PUT_A2LE(packet + 18, domain_len); | |
157825 - TDS_PUT_A4LE(packet + 20, 32 + host_name_len); | |
157826 + TDS_PUT_A4LE(packet + 20, 40 + host_name_len); | |
157827 | |
157828 /* hostname info */ | |
157829 TDS_PUT_A2LE(packet + 24, host_name_len); | |
157830 TDS_PUT_A2LE(packet + 26, host_name_len); | |
157831 - TDS_PUT_A4LE(packet + 28, 32); | |
157832 + TDS_PUT_A4 (packet + 28, TDS_HOST4LE(40)); | |
157833 | |
157834 /* | |
157835 * here XP put version like 05 01 28 0a (5.1.2600), | |
157836 * similar to GetVersion result | |
157837 * and some unknown bytes like 00 00 00 0f | |
157838 */ | |
157839 + TDS_PUT_A4(packet + 32, TDS_HOST4LE(0x0a280105)); | |
157840 + TDS_PUT_A4(packet + 36, TDS_HOST4LE(0x0f000000)); | |
157841 | |
157842 /* hostname and domain */ | |
157843 - memcpy(packet + 32, tds_dstr_cstr(&tds->connection->client_host_name), host_name_len); | |
157844 - memcpy(packet + 32 + host_name_len, domain, domain_len); | |
157845 + memcpy(packet + 40, tds_dstr_cstr(&tds->connection->client_host_name), host_name_len); | |
157846 + memcpy(packet + 40 + host_name_len, domain, domain_len); | |
157847 | |
157848 return (TDSAUTHENTICATION *) auth; | |
157849 } | |
157850 | |
157851 commit 33a919be62b339b7ce91990770a9af1c12584788 | |
157852 Author: freddy77 <freddy77> | |
157853 Date: Tue Nov 9 15:42:04 2010 +0000 | |
157854 | |
157855 fix possible problem with sspi.h header | |
157856 | |
157857 diff --git a/ChangeLog b/ChangeLog | |
157858 index 2e6a38e..12544a2 100644 | |
157859 --- a/ChangeLog | |
157860 +++ b/ChangeLog | |
157861 @@ -1,3 +1,6 @@ | |
157862 +Tue Nov 9 16:41:37 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157863 + * src/tds/sspi.c: fix possible problem with sspi.h header | |
157864 + | |
157865 Tue Nov 9 13:48:22 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157866 * src/tds/challenge.c: | |
157867 - send OSversion in NTLM type 1, fix flags using NTLMv2 | |
157868 @@ -2988,4 +2991,4 @@ Wed Jan 9 19:54:43 EST 2008 JK Lowden <jklowden@freetds.org> | |
157869 * ChangeLog-0.82 added because of release | |
157870 | |
157871 $FreeTDS$ | |
157872 -$Id: ChangeLog,v 1.3152 2010/11/09 12:48:37 freddy77 Exp $ | |
157873 +$Id: ChangeLog,v 1.3153 2010/11/09 15:42:04 freddy77 Exp $ | |
157874 diff --git a/src/tds/sspi.c b/src/tds/sspi.c | |
157875 index d20dbfa..78a8b32 100644 | |
157876 --- a/src/tds/sspi.c | |
157877 +++ b/src/tds/sspi.c | |
157878 @@ -21,6 +21,9 @@ | |
157879 #include <config.h> | |
157880 #endif | |
157881 | |
157882 +/* fix possible bug in sspi.h header */ | |
157883 +#define FreeCredentialHandle FreeCredentialsHandle | |
157884 + | |
157885 #if HAVE_STDLIB_H | |
157886 #include <stdlib.h> | |
157887 #endif /* HAVE_STDLIB_H */ | |
157888 @@ -46,7 +49,7 @@ | |
157889 #include <dmalloc.h> | |
157890 #endif | |
157891 | |
157892 -TDS_RCSID(var, "$Id: sspi.c,v 1.8 2010/02/12 10:16:17 freddy77 Exp $"); | |
157893 +TDS_RCSID(var, "$Id: sspi.c,v 1.9 2010/11/09 15:42:04 freddy77 Exp $"); | |
157894 | |
157895 /** | |
157896 * \ingroup libtds | |
157897 | |
157898 commit a0217e51c9c8eb5cc7249ca518bc4c3ab2a0b74b | |
157899 Author: freddy77 <freddy77> | |
157900 Date: Tue Nov 9 15:46:42 2010 +0000 | |
157901 | |
157902 add "use ntlmv2" option | |
157903 | |
157904 diff --git a/ChangeLog b/ChangeLog | |
157905 index 12544a2..1a87e00 100644 | |
157906 --- a/ChangeLog | |
157907 +++ b/ChangeLog | |
157908 @@ -1,3 +1,8 @@ | |
157909 +Tue Nov 9 16:46:15 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157910 + * include/tds.h include/tdsodbc.h src/odbc/connectparams.c: | |
157911 + * src/tds/challenge.c src/tds/config.c: | |
157912 + - add "use ntlmv2" option | |
157913 + | |
157914 Tue Nov 9 16:41:37 CET 2010 Frediano Ziglio <freddy77_A_gmail_D_com> | |
157915 * src/tds/sspi.c: fix possible problem with sspi.h header | |
157916 | |
157917 @@ -2991,4 +2996,4 @@ Wed Jan 9 19:54:43 EST 2008 JK Lowden <jklowden@freetds.org> | |
157918 * ChangeLog-0.82 added because of release | |
157919 | |
157920 $FreeTDS$ | |
157921 -$Id: ChangeLog,v 1.3153 2010/11/09 15:42:04 freddy77 Exp $ | |
157922 +$Id: ChangeLog,v 1.3154 2010/11/09 15:46:42 freddy77 Exp $ | |
157923 diff --git a/include/tds.h b/include/tds.h | |
157924 index cd929b9..dba4cfa 100644 | |
157925 --- a/include/tds.h | |
157926 +++ b/include/tds.h | |
157927 @@ -21,7 +21,7 @@ | |
157928 #ifndef _tds_h_ | |
157929 #define _tds_h_ | |
157930 | |
157931 -/* $Id: tds.h,v 1.343 2010/09/16 07:37:23 freddy77 Exp $ */ | |
157932 +/* $Id: tds.h,v 1.344 2010/11/09 15:46:42 freddy77 Exp $ */ | |
157933 | |
157934 #include <stdarg.h> | |
157935 #include <stdio.h> | |
157936 @@ -804,6 +804,7 @@ typedef enum tds_encryption_level { | |
157937 #define TDS_STR_INSTANCE "instance" | |
157938 #define TDS_STR_ASA_DATABASE "asa database" | |
157939 #define TDS_STR_ENCRYPTION "encryption" | |
157940 +#define TDS_STR_USENTLMV2 "use ntlmv2" | |
157941 /* conf values */ | |
157942 #define TDS_STR_ENCRYPTION_OFF "off" | |
157943 #define TDS_STR_ENCRYPTION_REQUEST "request" | |
157944 @@ -880,6 +881,7 @@ typedef struct tds_connection | |
157945 unsigned int bulk_copy:1; | |
157946 unsigned int suppress_language:1; | |
157947 unsigned int gssapi_use_delegation:1; | |
157948 + unsigned int use_ntlmv2:1; | |
157949 } TDSCONNECTION; | |
157950 | |
157951 typedef struct tds_locale | |
157952 diff --git a/include/tdsodbc.h b/include/tdsodbc.h | |
157953 index 305323b..b5ca7b9 100644 | |
157954 --- a/include/tdsodbc.h | |
157955 +++ b/include/tdsodbc.h | |
157956 @@ -66,7 +66,7 @@ extern "C" | |
157957 #endif | |
157958 #endif | |
157959 | |
157960 -/* $Id: tdsodbc.h,v 1.126 2010/08/17 13:16:05 freddy77 Exp $ */ | |
157961 +/* $Id: tdsodbc.h,v 1.127 2010/11/09 15:46:42 freddy77 Exp $ */ | |
157962 | |
157963 #if defined(__GNUC__) && __GNUC__ >= 4 && !defined(__MINGW32__) | |
157964 #pragma GCC visibility push(hidden) | |
157965 @@ -465,7 +465,8 @@ BOOL get_login_info(HWND hwndParent, TDSCONNECTION * connection); | |
157966 ODBC_PARAM(Encryption) \ | |
157967 ODBC_PARAM(Trusted_Connection) \ | |
157968 ODBC_PARAM(APP) \ | |
157969 - ODBC_PARAM(WSID) | |
157970 + ODBC_PARAM(WSID) \ | |
157971 + ODBC_PARAM(UseNTLMv2) | |
157972 | |
157973 #define ODBC_PARAM(p) ODBC_PARAM_##p, | |
157974 enum { | |
157975 diff --git a/src/odbc/connectparams.c b/src/odbc/connectparams.c | |
157976 index 0ba1417..5f11d32 100644 | |
157977 --- a/src/odbc/connectparams.c | |
157978 +++ b/src/odbc/connectparams.c | |
157979 @@ -37,7 +37,7 @@ | |
157980 #include <dmalloc.h> | |
157981 #endif | |
157982 | |
157983 -TDS_RCSID(var, "$Id: connectparams.c,v 1.87 2010/07/08 09:39:34 freddy77 Exp $"); | |
157984 +TDS_RCSID(var, "$Id: connectparams.c,v 1.88 2010/11/09 15:46:42 freddy77 Exp $"); | |
157985 | |
157986 #define ODBC_PARAM(p) static const char odbc_param_##p[] = #p; | |
157987 ODBC_PARAM_LIST | |
157988 @@ -225,6 +225,9 @@ odbc_get_dsn_info(TDS_ERRS *errs, const char *DSN, TDSCONNECTION * connection) | |
157989 if (myGetPrivateProfileString(DSN, odbc_param_Encryption, tmp) > 0) | |
157990 tds_parse_conf_section(TDS_STR_ENCRYPTION, tmp, connection); | |
157991 | |
157992 + if (myGetPrivateProfileString(DSN, odbc_param_UseNTLMv2, tmp) > 0) | |
157993 + tds_parse_conf_section(TDS_STR_USENTLMV2, tmp, connection); | |
157994 + | |
157995 if (myGetPrivateProfileString(DSN, odbc_param_Trusted_Connection, tmp) > 0 && tds_config_boolean(tmp)) { | |
157996 tds_dstr_copy(&connection->user_name, ""); | |
157997 tds_dstr_copy(&connection->password, ""); | |
157998 @@ -377,6 +380,8 @@ odbc_parse_connect_string(TDS_ERRS *errs, const char *connect_string, const char | |
157999 tds_parse_conf_section(TDS_STR_DEBUGFLAGS, tds_dstr_cstr(&value), connection); | |
158000 } else if (CHK_PARAM(Encryption)) { | |
158001 tds_parse_conf_section(TDS_STR_ENCRYPTION, tds_dstr_cstr(&value), connection); | |
158002 + } else if (CHK_PARAM(UseNTLMv2)) { | |
158003 + tds_parse_conf_section(TDS_STR_USENTLMV2, tds_dstr_cstr(&value), connection); | |
158004 } else if (CHK_PARAM(Trusted_Connection)) { | |
158005 trusted = tds_config_boolean(tds_dstr_cstr(&value)); | |
158006 tdsdump_log(TDS_DBG_INFO1, "trusted %s -> %d\n", tds_dstr_cstr(&value), trusted); | |
158007 diff --git a/src/tds/challenge.c b/src/tds/challenge.c | |
158008 index aab2ea1..cea3307 100644 | |
158009 --- a/src/tds/challenge.c | |
158010 +++ b/src/tds/challenge.c | |
158011 @@ -45,7 +45,7 @@ | |
158012 #include <dmalloc.h> | |
158013 #endif | |
158014 | |
158015 -TDS_RCSID(var, "$Id: challenge.c,v 1.44 2010/11/09 12:48:38 freddy77 Exp $"); | |
158016 +TDS_RCSID(var, "$Id: challenge.c,v 1.45 2010/11/09 15:46:42 freddy77 Exp $"); | |
158017 | |
158018 /** | |
158019 * \ingroup libtds | |
158020 @@ -248,6 +248,44 @@ make_lm_v2_response(const unsigned char ntlm_v2_hash[16], | |
158021 return mac; | |
158022 } | |
158023 | |
158024 +static int | |
158025 +tds_answer_challenge_ntlmv2(TDSSOCKET * tds, | |
158026 + TDSCONNECTION * connection, | |
158027 + const unsigned char *challenge, | |
158028 + TDS_UINT * flags, | |
158029 + const unsigned char *names_blob, TDS_INT names_blob_len, TDSANSWER * answer, unsigned char **ntlm_v2_response) | |
158030 +{ | |
158031 + int res; | |
158032 + const char *passwd = tds_dstr_cstr(&connection->password); | |
158033 + | |
158034 + /* NTLMv2 */ | |
158035 + unsigned char *lm_v2_response; | |
158036 + unsigned char ntlm_v2_hash[16]; | |
158037 + const names_blob_prefix_t *names_blob_prefix; | |
158038 + | |
158039 + res = make_ntlm_v2_hash(tds, passwd, ntlm_v2_hash); | |
158040 + if (res != TDS_SUCCEED) | |
158041 + return res; | |
158042 + | |
158043 + /* LMv2 response */ | |
158044 + /* Take client's challenge from names_blob */ | |
158045 + names_blob_prefix = (const names_blob_prefix_t *) names_blob; | |
158046 + lm_v2_response = make_lm_v2_response(ntlm_v2_hash, names_blob_prefix->challenge, 8, challenge); | |
158047 + if (!lm_v2_response) | |
158048 + return TDS_FAIL; | |
158049 + memcpy(answer->lm_resp, lm_v2_response, 24); | |
158050 + free(lm_v2_response); | |
158051 + | |
158052 + /* NTLMv2 response */ | |
158053 + /* Size of lm_v2_response is 16 + names_blob_len */ | |
158054 + *ntlm_v2_response = make_lm_v2_response(ntlm_v2_hash, names_blob, names_blob_len, challenge); | |
158055 + if (!*ntlm_v2_response) | |
158056 + return TDS_FAIL; | |
158057 + | |
158058 + /* local not supported, avoid NTLM2 */ | |
158059 + *flags &= ~(0x80000|0x4000); | |
158060 + return TDS_SUCCEED; | |
158061 +} | |
158062 | |
158063 /** | |
158064 * Crypt a given password using schema required for NTLMv1 or NTLM2 authentication | |
158065 @@ -265,14 +303,16 @@ tds_answer_challenge(TDSSOCKET * tds, | |
158066 { | |
158067 #define MAX_PW_SZ 14 | |
158068 const char *passwd = tds_dstr_cstr(&connection->password); | |
158069 - static const des_cblock magic = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 }; | |
158070 DES_KEY ks; | |
158071 unsigned char hash[24], ntlm2_challenge[16]; | |
158072 int res; | |
158073 | |
158074 memset(answer, 0, sizeof(TDSANSWER)); | |
158075 | |
158076 - if ((*flags & 0x80000) != 0) { | |
158077 + if (connection->use_ntlmv2) { | |
158078 + return tds_answer_challenge_ntlmv2(tds, connection, challenge, flags, | |
158079 + names_blob, names_blob_len, answer, ntlm_v2_response); | |
158080 + } else if ((*flags & 0x80000) != 0) { | |
158081 /* NTLM2 */ | |
158082 MD5_CTX md5_ctx; | |
158083 | |
158084 @@ -286,11 +326,12 @@ tds_answer_challenge(TDSSOCKET * tds, | |
158085 MD5Final(&md5_ctx, ntlm2_challenge); | |
158086 challenge = ntlm2_challenge; | |
158087 memset(&md5_ctx, 0, sizeof(md5_ctx)); | |
158088 - } else if (names_blob_len <= 0) { | |
158089 + } else { | |
158090 /* LM */ | |
158091 #if TDS_USE_LM | |
158092 size_t len, i; | |
158093 unsigned char passwd_buf[MAX_PW_SZ]; | |
158094 + static const des_cblock magic = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 }; | |
158095 | |
158096 /* convert password to upper and pad to 14 chars */ | |
158097 memset(passwd_buf, 0, MAX_PW_SZ); | |
158098 @@ -315,34 +356,6 @@ tds_answer_challenge(TDSSOCKET * tds, | |
158099 #else | |
158100 memset(answer->lm_resp, 0, sizeof(answer->lm_resp)); | |
158101 #endif | |
158102 - } else { | |
158103 - /* NTLMv2 */ | |
158104 - unsigned char *lm_v2_response; | |
158105 - unsigned char ntlm_v2_hash[16]; | |
158106 - const names_blob_prefix_t *names_blob_prefix; | |
158107 - | |
158108 - res = make_ntlm_v2_hash(tds, passwd, ntlm_v2_hash); | |
158109 - if (res != TDS_SUCCEED) | |
158110 - return res; | |
158111 - | |
158112 - /* LMv2 response */ | |
158113 - /* Take client's challenge from names_blob */ | |
158114 - names_blob_prefix = (const names_blob_prefix_t *) names_blob; | |
158115 - lm_v2_response = make_lm_v2_response(ntlm_v2_hash, names_blob_prefix->challenge, 8, challenge); | |
158116 - if (!lm_v2_response) | |
158117 - return TDS_FAIL; | |
158118 - memcpy(answer->lm_resp, lm_v2_response, 24); | |
158119 - free(lm_v2_response); | |
158120 - | |
158121 - /* NTLMv2 response */ | |
158122 - /* Size of lm_v2_response is 16 + names_blob_len */ | |
158123 - *ntlm_v2_response = make_lm_v2_response(ntlm_v2_hash, names_blob, names_blob_len, challenge); | |
158124 - if (!*ntlm_v2_response) | |
158125 - return TDS_FAIL; | |
158126 - | |
158127 - /* local not supported, avoid NTLM2 */ | |
158128 - *flags &= ~(0x80000|0x4000); | |
158129 - return TDS_SUCCEED; | |
158130 } | |
158131 *flags = 0x8201; | |
158132 | |
158133 @@ -743,7 +756,7 @@ tds_ntlm_get_auth(TDSSOCKET * tds) | |
158134 /* sequence 1 client -> server */ | |
158135 TDS_PUT_A4(packet + 8, TDS_HOST4LE(1)); | |
158136 /* flags */ | |
158137 - TDS_PUT_A4(packet + 12, TDS_HOST4LE(0x08b205)); | |
158138 + TDS_PUT_A4(packet + 12, TDS_HOST4LE(0x08b201)); | |
158139 | |
158140 /* domain info */ | |
158141 TDS_PUT_A2LE(packet + 16, domain_len); | |
158142 diff --git a/src/tds/config.c b/src/tds/config.c | |
158143 index b079351..742e3d0 100644 | |
158144 --- a/src/tds/config.c | |
158145 +++ b/src/tds/config.c | |
158146 @@ -80,7 +80,7 @@ | |
158147 #include <dmalloc.h> | |
158148 #endif | |
158149 | |
158150 -TDS_RCSID(var, "$Id: config.c,v 1.161 2010/09/27 21:53:48 jklowden Exp $"); | |
158151 +TDS_RCSID(var, "$Id: config.c,v 1.162 2010/11/09 15:46:42 freddy77 Exp $"); | |
158152 | |
158153 static void tds_config_login(TDSCONNECTION * connection, TDSLOGIN * login); | |
158154 static void tds_config_env_tdsdump(TDSCONNECTION * connection); | |
158155 @@ -613,6 +613,8 @@ tds_parse_conf_section(const char *option, const char *value, void *param) | |
158156 tds_config_encryption(value, connection); | |
158157 } else if (!strcmp(option, TDS_STR_ASA_DATABASE)) { | |
158158 tds_dstr_copy(&connection->server_name, value); | |
158159 + } else if (!strcmp(option, TDS_STR_USENTLMV2)) { | |
158160 + connection->use_ntlmv2 = tds_config_boolean(value); | |
158161 } else { | |
158162 tdsdump_log(TDS_DBG_INFO1, "UNRECOGNIZED option '%s' ... ignoring.\n", option); | |
158163 } |