pax_global_header00006660000000000000000000000064146064542610014522gustar00rootroot0000000000000052 comment=7dc46da7dba4322cb6d81068e93c31b909b71676 libntlm-v1.8/000077500000000000000000000000001460645426100132215ustar00rootroot00000000000000libntlm-v1.8/.gitignore000066400000000000000000000010011460645426100152010ustar00rootroot00000000000000*~ .deps/ .libs/ /build-aux/ /gnulib/ GNUmakefile INSTALL Makefile Makefile.in aclocal.m4 autom4te.cache/ config.h config.h.in config.log config.status configure lib/ libntlm-*-win??.zip* libntlm-*.tar.gz* libntlm.la libntlm.pc libntlm.spec libntlm_impl.la libtool m4/ maint.mk ntlm.h smbencrypt.lo smbencrypt.o smbutil.lo smbutil.o stamp-h1 test-suite.log test.out test_CVE-2019-17455 test_CVE-2019-17455.log test_CVE-2019-17455.o test_CVE-2019-17455.trs test_ntlm test_ntlm.log test_ntlm.o test_ntlm.trs tests/ libntlm-v1.8/.gitlab-ci.yml000066400000000000000000000536651460645426100156740ustar00rootroot00000000000000# Copyright (C) 2018-2024 Simon Josefsson. # # This file is part of Libntlm. # # Libntlm is free software; you can redistribute it and/or modify # it under the terms of the GNU Lesser General Public License as # published by the Free Software Foundation; either version 2.1 of # the License, or (at your option) any later version. # # Libntlm is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with Libntlm; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, # USA variables: GNULIB_URL: https://gitlab.com/libidn/gnulib-mirror.git default: interruptible: true artifacts: expire_in: 2 weeks when: always paths: - "*.tar.*" - "**/*.tar.*" - ./*.log - ./config.h - ./**/*.log B-AlmaLinux8: image: almalinux:8 tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - dnf update -y - dnf install -y gcc make autoconf automake git libtool diffutils script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t # FIXME XXX - make syntax-check - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-AlmaLinux9: image: almalinux:9 tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - dnf update -y - dnf install -y gcc make autoconf automake git libtool diffutils script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t - make syntax-check - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-Alpine: image: alpine:latest tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apk update - apk add build-base git autoconf automake libtool make gzip coreutils valgrind script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make syntax-check - make -j$(nproc) V=1 distcheck VERBOSE=t - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-ArchLinux: image: archlinux:latest tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - pacman -Syu --noconfirm make gcc autoconf automake libtool git script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make syntax-check - make -j$(nproc) V=1 distcheck VERBOSE=t - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-Debian11: image: debian:11-slim tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make valgrind ca-certificates script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make syntax-check - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-Debian12: image: debian:12 tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make valgrind ca-certificates script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make syntax-check - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-Debian-testing: image: debian:testing-slim tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make valgrind indent ca-certificates script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make syntax-check - make -j$(nproc) V=1 check VERBOSE=t - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-PureOS10: image: pureos/byzantium:latest tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make valgrind ca-certificates script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make syntax-check - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-RockyLinux8: image: rockylinux:8 tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - dnf update -y - dnf install -y gcc make autoconf automake git libtool diffutils script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t # FIXME XXX - make syntax-check - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-RockyLinux9: image: rockylinux:9 tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - dnf update -y - dnf install -y gcc make autoconf automake git libtool diffutils script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t - make syntax-check - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-Trisquel11: image: kpengboy/trisquel:11.0 tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make valgrind ca-certificates script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t - make syntax-check - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-Ubuntu2204: image: ubuntu:22.04 tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make valgrind ca-certificates script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t - make syntax-check - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-Ubuntu2404: image: ubuntu:24.04 tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make valgrind ca-certificates script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 check VERBOSE=t - make syntax-check - make -j$(nproc) V=1 distcheck - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; # https://docs.gitlab.com/ee/ci/runners/saas/windows_saas_runner.html B-Windows-UCRT64: tags: [ shared-windows, windows-1809 ] stage: build script: # https://www.msys2.org/docs/ci/#other-systems - wget.exe --no-check-certificate -nv -O msys2.exe https://github.com/msys2/msys2-installer/releases/download/nightly-x86_64/msys2-base-x86_64-latest.sfx.exe - ./msys2.exe -y -oC:\ - Remove-Item msys2.exe - $env:CHERE_INVOKING = 'yes' - $env:MSYSTEM = 'UCRT64' # https://www.msys2.org/docs/environments/ - C:\msys64\usr\bin\bash -lc ' ' - C:\msys64\usr\bin\bash -lc 'pacman --noconfirm -Syuu' - C:\msys64\usr\bin\bash -lc 'pacman --noconfirm -Syuu' - | C:\msys64\usr\bin\bash -lcx ' pacman --noconfirm -Syu git autoconf automake libtool make mingw-w64-ucrt-x86_64-gcc ./bootstrap ./configure make V=1 check VERBOSE=t make dist make -f cfg.mk srcdist sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log' B-clang: image: silkeh/clang:latest tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make script: - clang --version - ./bootstrap - ./configure CC="clang -std=gnu2x" --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 distcheck VERBOSE=t - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; B-gcc: image: gcc:latest tags: [ saas-linux-medium-amd64 ] stage: build before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy --no-install-recommends git autoconf automake libtool make valgrind script: - gcc --version - ./bootstrap - ./configure CC="gcc -std=gnu2x" --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - make -j$(nproc) V=1 distcheck VERBOSE=t - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; # https://docs.gitlab.com/ee/ci/runners/saas/macos/environment.html B-macOS14Xcode15: stage: build image: macos-14-xcode-15 tags: [ saas-macos-medium-m1 ] variables: HOMEBREW_NO_AUTO_UPDATE: 1 HOMEBREW_NO_INSTALL_UPGRADE: 1 HOMEBREW_NO_INSTALL_CLEANUP: 1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 before_script: - brew install autoconf automake libtool coreutils script: - ./bootstrap - ./configure --enable-gcc-warnings WARN_CFLAGS=-Werror - make -j$(nproc) V=1 - env PATH="/opt/homebrew/opt/coreutils/libexec/gnubin:$PATH" make -j$(nproc) V=1 distcheck VERBOSE=t - make syntax-check - make -f cfg.mk srcdist - git status - git diff --exit-code - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; 000-reproducability: image: debian:12-slim tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-AlmaLinux8, B-AlmaLinux9, B-Alpine, B-ArchLinux, B-Debian11, B-Debian12, B-Debian-testing, B-PureOS10, B-RockyLinux8, B-RockyLinux9, B-Trisquel11, B-Ubuntu2204, B-Ubuntu2404, B-clang, B-gcc, B-macOS14Xcode15, AlmaLinux8, Alpine, ArchLinux, CentOS7, Fedora39, Ubuntu2204, Ubuntu2204-autoreconf, Ubuntu2204-rebootstrap, Ubuntu-rolling, macOS13Xcode14 ] script: - cat /etc/os-release - mv -v libntlm-*/* . - echo diffoscope libntlm-*.tar.*-b-trisquel11 libntlm-*.tar.*-b-pureos10 - echo diffoscope libntlm-*.tar.*-b-almalinux9 libntlm-*.tar.*-b-rockylinux9 - echo diffoscope libntlm-*.tar.*-b-almalinux8 libntlm-*.tar.*-b-rockylinux8 - echo diffoscope libntlm-*.tar.*-b-macos14xcode15 libntlm-*.tar.*-b-debian-testing - echo diffoscope libntlm-*.tar.*-fedora39 libntlm-*.tar.*-b-debian12 - sha256sum libntlm-*.tar.* - tail -v SHA256SUMS-* - cat SHA256SUMS-* | sort | uniq -c - cat SHA256SUMS-* | grep -- -src.tar. | sort | uniq -c | grep -v '^ 1 ' - cat SHA256SUMS-* | grep -v -- -src.tar. | sort | uniq -c | grep -v '^ 1 ' - find . -name "libntlm-*-src.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG-src" \; - echo diffoscope libntlm-*.tar.*-b-trisquel11 libntlm-*.tar.*-b-ubuntu2204 - echo diffoscope libntlm-*.tar.*-b-pureos10 libntlm-*.tar.*-b-debian11 - cmp libntlm-*.tar.*-b-trisquel11 libntlm-*.tar.*-b-ubuntu2204 - cmp libntlm-*.tar.*-b-pureos10 libntlm-*.tar.*-b-debian11 - cmp libntlm-*.tar.*-b-almalinux8 libntlm-*.tar.*-b-rockylinux8 - cmp libntlm-*.tar.*-b-almalinux9 libntlm-*.tar.*-b-rockylinux9 AlmaLinux8: image: almalinux:8 tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - dnf update -y - dnf -y install make gcc diffutils script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - ./configure --enable-gcc-warnings - make syntax-check - make -j$(nproc) V=1 distcheck VERBOSE=t - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; Alpine: image: alpine:latest tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - apk update - apk add build-base valgrind script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - ./configure --enable-gcc-warnings - make syntax-check - make -j$(nproc) V=1 check VERBOSE=t - apk add gzip # busybox doesn't support gzip --best - make dist - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; ArchLinux: image: archlinux:latest tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - pacman -Syu --noconfirm make gcc script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - mkdir b - cd b - ../configure --enable-gcc-warnings - make syntax-check - make -j$(nproc) V=1 distcheck VERBOSE=t - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; # Too old for 'make dist': tar: unrecognized option '--sort=name' CentOS7: image: centos:7 tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - yum -y install make gcc script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - mkdir b - cd b - ../configure --enable-gcc-warnings - make syntax-check - make -j$(nproc) V=1 check VERBOSE=t Fedora39: image: fedora:39 tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - dnf update -y - dnf install -y gcc make script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - ./configure --enable-gcc-warnings - make syntax-check - make -j$(nproc) V=1 distcheck VERBOSE=t - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; Ubuntu2204: image: ubuntu:22.04 tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - apt-get update -qq - apt-get install -qqy make gcc script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - ./configure - make syntax-check - make -j$(nproc) V=1 distcheck VERBOSE=t - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; Ubuntu2204-autoreconf: image: ubuntu:22.04 tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - apt-get update -qq - apt-get install -qqy make gcc autoconf automake libtool script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - mkdir -v t - autoreconf -fvi - ./configure - make -j$(nproc) V=1 distcheck VERBOSE=t - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-1" \; - make clean - make distcheck - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-2" \; - make distclean - ./configure - make distcheck - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-3" \; - make maintainer-clean - ./configure - make distcheck - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-4" \; - make maintainer-clean - autoreconf -fvi - ./configure - make distcheck - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-5" \; - mv -v t/* . - rmdir -v t - cat SHA256SUMS-$CI_JOB_NAME_SLUG.log Ubuntu2204-rebootstrap: image: ubuntu:22.04 tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - apt-get update -qq - apt-get install -qqy make gcc autoconf automake libtool git script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - mkdir -v t - ./bootstrap --force - ./configure - make -j$(nproc) V=1 distcheck VERBOSE=t - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-1" \; - make clean - make distcheck - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-2" \; - make distclean - ./configure - make distcheck - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-3" \; - make maintainer-clean - ./configure - make distcheck - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-4" \; - make maintainer-clean - ./bootstrap --force - ./configure - make distcheck - sha256sum libntlm-*.tar.* | tee -a SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "t/{}-$CI_JOB_NAME_SLUG-5" \; - mv t/* . - rmdir t - cat SHA256SUMS-$CI_JOB_NAME_SLUG.log Ubuntu-rolling: image: ubuntu:rolling tags: [ saas-linux-medium-amd64 ] stage: test needs: [ B-Trisquel11 ] before_script: - cat /etc/os-release - apt-get update -qq - apt-get install -qqy make gcc script: - tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` - cd `ls -d libntlm-* | grep -v .tar.` - ./configure - make syntax-check - make -j$(nproc) V=1 distcheck VERBOSE=t - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; Windows-MINGW64: tags: [ shared-windows, windows-1809 ] stage: test needs: [ B-Trisquel11 ] script: # https://www.msys2.org/docs/ci/#other-systems - wget.exe --no-check-certificate -nv -O msys2.exe https://github.com/msys2/msys2-installer/releases/download/nightly-x86_64/msys2-base-x86_64-latest.sfx.exe - ./msys2.exe -y -oC:\ - Remove-Item msys2.exe - $env:CHERE_INVOKING = 'yes' - $env:MSYSTEM = 'MINGW64' # https://www.msys2.org/docs/environments/ - C:\msys64\usr\bin\bash -lc ' ' - C:\msys64\usr\bin\bash -lc 'pacman --noconfirm -Syuu' - C:\msys64\usr\bin\bash -lc 'pacman --noconfirm -Syuu' - | C:\msys64\usr\bin\bash -lcx ' pacman --noconfirm -Syu make mingw-w64-x86_64-gcc tar xfa `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` cd `ls -d libntlm-* | grep -v .tar.` ./configure --enable-gcc-warnings make V=1 distcheck VERBOSE=t sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log' macOS13Xcode14: image: macos-13-xcode-14 tags: [ saas-macos-medium-m1 ] stage: test needs: [ B-Trisquel11 ] script: - gzip -cd `ls -d libntlm-*.tar.* | grep -v -- -src.tar.` | tar xf - - cd `ls -d libntlm-* | grep -v .tar.` - mkdir b - cd b - ../configure --enable-gcc-warnings - make syntax-check - make -j$(nproc) V=1 distcheck VERBOSE=t - sha256sum libntlm-*.tar.* | tee SHA256SUMS-$CI_JOB_NAME_SLUG.log - find . -name "libntlm-*.tar.*" -exec mv "{}" "{}-$CI_JOB_NAME_SLUG" \; libntlm-v1.8/AUTHORS000066400000000000000000000013601460645426100142710ustar00rootroot00000000000000Libntlm AUTHORS -- information about the authors Copyright (C) 2002-2024 Simon Josefsson See the end for copying conditions. Please do not send general e-mail about the library to the addresses below. Use the mailing list instead, see README. Grant Edwards Original author of libntlm Andrew Tridgell Wrote functions borrowed from Samba. Simon Josefsson Build environment, maintainer. Frediano Ziglio Contributed LGPL versions of some of the GPL'd Samba files. ---------------------------------------------------------------------- Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. libntlm-v1.8/CONTRIBUTING.md000066400000000000000000000022771460645426100154620ustar00rootroot00000000000000# Contributing Development is coordinated from: https://gitlab.com/gsasl/libntlm Clone the source code and bootstrap it as follows: ``` git clone https://gitlab.com/gsasl/libntlm.git cd libntlm ./bootstrap ./configure make check ``` # Release process ## Pre release checks ``` git clean -d -x -f git reset --hard git restore --worktree --staged . git status ./bootstrap ./configure make check make prepare ``` ## Review of diff since last release Make sure `AC_INIT` and `LT_REVISION` in `configure.ac` has the right version information. Check `srcdist` in `cfg.mk`. Make sure NEWS entries describe all significant modifications: ``` make review-diff ``` ## Update NEWS & README with release date ## GitLab CI/CD checks ``` git push ``` Check https://gitlab.com/gsasl/libntlm/-/pipelines # Release process Prepare tarball, sign and upload them. Verify that SHA256 checksums of your tarballs match some version generated via pipeline. ``` make prepare make ship ``` Then send an e-mail with an updated version of `doc/announce.txt`. # Post release procedure - Commit doc/announce.txt - Review this file if anything was missing - Update NEWS. - Bump `AC_INIT` and `LT_REVISION` in configure.ac. libntlm-v1.8/COPYING000066400000000000000000000636421460645426100142670ustar00rootroot00000000000000 GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. , 1 April 1990 Ty Coon, President of Vice That's all there is to it! libntlm-v1.8/ChangeLog000066400000000000000000000007741460645426100150030ustar00rootroot000000000000002024-04-13 Simon Josefsson We no longer manually curate a ChangeLog file. You may use `git log` to show git commit log messages. If you downloaded this file through a tarball, you will have to retrieve the git repository to read commit history, see README for links to the repository. This file used to be automatically generated from git history, but that made it impossible to re-create the tarball from a "git archive"-style copy of the project. * ChangeLog: Rewrite. libntlm-v1.8/Makefile.am000066400000000000000000000037501460645426100152620ustar00rootroot00000000000000## Process this file with automake to produce Makefile.in # Copyright (C) 2002-2024 Simon Josefsson. # # This file is part of Libntlm. # # Libntlm is free software; you can redistribute it and/or modify # it under the terms of the GNU Lesser General Public License as # published by the Free Software Foundation; either version 2.1 of # the License, or (at your option) any later version. # # Libntlm is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with Libntlm; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, # USA SUBDIRS = lib ACLOCAL_AMFLAGS = -I m4 EXTRA_DIST = cfg.mk maint.mk EXTRA_DIST += CONTRIBUTING.md EXTRA_DIST += libntlm.pc.in test.txt libntlm.spec EXTRA_DIST += bootstrap.conf bootstrap bootstrap-funclib.sh pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libntlm.pc noinst_LTLIBRARIES = libntlm_impl.la lib_LTLIBRARIES = libntlm.la include_HEADERS = ntlm.h AM_CFLAGS = $(WARN_CFLAGS) AM_CPPFLAGS = -I$(srcdir)/lib -I$(builddir)/lib -DNTLM_SRCDIR=\"$(srcdir)\" libntlm_impl_la_SOURCES = smbutil.c smbencrypt.c libntlm_la_SOURCES = libntlm_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) \ -export-symbols-regex '^(dumpSmb|buildSmb|ntlm_).*' -no-undefined libntlm_la_LIBADD = libntlm_impl.la lib/libgnu.la # test TESTS = test_ntlm test_CVE-2019-17455 check_PROGRAMS = $(TESTS) LDADD = libntlm_impl.la lib/libgnu.la CLEANFILES = test.out test_ntlm_LDFLAGS = -no-install LOG_COMPILER = $(VALGRIND) # dist dist-hook: mtime-NEWS-to-git-HEAD .PHONY: mtime-NEWS-to-git-HEAD mtime-NEWS-to-git-HEAD: $(AM_V_GEN)if test -e $(srcdir)/.git \ && command -v git > /dev/null; then \ touch -m -d @"$$(git log -1 --format=%ct)" $(srcdir)/NEWS; \ fi libntlm-v1.8/NEWS000066400000000000000000000154401460645426100137240ustar00rootroot00000000000000Libntlm NEWS -- history of user-visible changes. -*- outline -*- Copyright (C) 2002-2024 Simon Josefsson Copyright (C) 1999 Grant Edwards See the end for copying conditions. * Version 1.8 (released 2024-04-13) ** The release tarball is now reproducible. It was created using Trisquel 11 aramo, and has been reproduced on at least Ubuntu 22.04 and AlmaLinux 8. ** We publish a minimal source-only tarball. This tarball does not contain any generated files, and is sufficient to reproduce the full tarball (assuming build dependencies are available). ** We no longer manually curate a ChangeLog file. You may use `git log` to show git commit log messages. This file used to be automatically generated from git history, but that made it impossible to re-create the tarball from a "git archive"-style copy of the project. ** API and ABI modifications. No changes since last version. * Version 1.7 (released 2023-12-31) ** Moved GitLab URL to . ** Use gnulib ./bootstrap for building from version controlled sources. ** API and ABI modifications. No changes since last version. * Version 1.6 (released 2020-04-19) ** Fix buffer overflow in buildSmbNtlmAuth* function. CVE-2019-17455. Reported by Kirin in and patch provided by Cedric Buissart. See newly introduced regression check test_CVE-2019-17455.c for test of a vulnerable library. ** API and ABI modifications. No changes since last version. * Version 1.5 (released 2018-08-24) ** Build system fixes. Patch for LTO/gcc8 support from Romain GEISSLER. ** API and ABI modifications. No changes since last version. * Version 1.4 (released 2013-07-08) ** Fix build issues. ** API and ABI modifications. No changes since last version. * Version 1.3 (released 2011-06-20) ** Update gnulib files. ** API and ABI modifications. No changes since last version. * Version 1.2 (released 2009-11-06) ** Fix build error when cross-compiling to MinGW. ** API and ABI modifications. No changes since last version. * Version 1.1 (released 2009-05-08) ** Update gnulib files. ** The core library is now compiled with many warning flags. Some warnings have been fixed too. ** API and ABI modifications. No changes since last version. * Version 1.0 (released 2008-04-12) ** Update gnulib files. ** API and ABI modifications. No changes since last version. * Version 0.4.2 (released 2008-03-05) ** Fix endian related bug in self test. Reported by Andrej Kacian , see and . ** Add a note in README about NTLM being a insecure protocol. ** Cleaned up internal endianness handling. ** Update of gnulib files. ** API and ABI modifications. No changes since last version. * Version 0.4.1 (released 2007-10-29) ** Update of gnulib files. ** API and ABI modifications. No changes since last version. * Version 0.4.0 (released 2007-09-23) ** Only public API functions are exported in shared library. Using libtool's -export-symbols-regex. ** Update of gnulib files. ** API and ABI modifications. No changes since last version. * Version 0.3.13 (released 2007-03-27) ** Update of gnulib files. ** API and ABI modifications. No changes since last version. * Version 0.3.12 (released 2006-08-24) ** Update of gnulib files. ** API and ABI modifications. No changes since last version. * Version 0.3.11 (released 2006-05-16) ** Fix buggy MD4 implementation on 64-bit platforms. ** Self tests are run under valgrind, if available. ** Updated gnulib files. ** API and ABI modifications. No changes since last version. * Version 0.3.10 (released 2006-03-24) ** The library is linked with -no-undefined, to enable building a Windows DLL. ** Add new APIs to access the SMBencrypt and SMBNTencrypt functions. Suggested by Pavel Fedin . ** API and ABI modifications. ntlm_smb_encrypt: ADD ntlm_smb_nt_encrypt: ADD * Version 0.3.9 (released 2005-10-23) ** DES and MD4 functionality replaced with gnulib modules. These modules also comes with self tests. ** API and ABI modifications. No changes since last version. * Version 0.3.8 (released 2005-09-27) ** New: buildSmbNtlmAuthRequest_noatsplit, buildSmbNtlmAuthResponse_noatsplit. These functions can be used when your username contains '@' and you do not wish that the remainder of the string is treated as a REALM value. Suggested by David Leonard . ** Uses memset instead of bzero. ** Fix license typo in libntlm.spec. ** Made the COPYING file contain LGPL, not GPL. ** Updated gnulib files. ** API and ABI modifications. buildSmbNtlmAuthRequest_noatsplit: ADD. buildSmbNtlmAuthResponse_noatsplit: ADD. * Version 0.3.7 (released 2005-07-15) ** A RPM *.spec file is included. ** Fix compiler warnings, contributed by Frediano Ziglio. ** Gnulib is used, currently only to provide more robust ntlm_check_version. ** Address in license was updated to reflect the new FSF postal address. * Version 0.3.6 (released 2004-09-30) ** Some code cleanup and improvements, contributed by Frediano Ziglio. ** Slight changes in output vectors, contributed by Frediano Ziglio. * Version 0.3.5 (released 2004-09-23) ** Make it compile on C89 platforms. * Version 0.3.4 (released 2004-09-23) ** The license has been changed from GPL to LGPL. Thanks to a rewrite of several files, contributed by Frediano Ziglio. ** The output may now be slightly different, due to a bug in earlier versions. Unused parts of the output string are now initialized to 0 consistently. * Version 0.3.3 (released 2004-09-18) ** Use const for buildSmbNtlmAuthRequest() and buildSmbNtlmAuthResponse(). ** Source code is indented according to GNU Coding Standard. * Version 0.3.2 (released 2003-03-17) ** Further build cleanups. * Version 0.3.1 (released 2002-10-19) ** Uses automake 1.7, gnits and pkg-config. Still no code changes. * Version 0.3.0 (released 2002-10-01) ** Added autoconf, automake and libtool support. Unofficial release made ** by Simon Josefsson. * Revsion 0.21 (released 1999-10-07) ** Added support for usernames with embedded domain strings of the ** format username@domain. If present, the domain will override the ** domain that is returned by the host in the challenge. * Version 0.2 (released 1999-10-06) ** Fixed another byte-order problem in unicode routine in smbutil.c. ** Added a copy of GPL to the distribution. Added test driver ** program directory. * Version 0.1 (released 1999-10-05) ** Fixed usage of byte-order macros in smbutil.c. Hopefully this ** will make it work on SPARC machines... ---------------------------------------------------------------------- Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. libntlm-v1.8/README000077700000000000000000000000001460645426100153532README.mdustar00rootroot00000000000000libntlm-v1.8/README.md000066400000000000000000000175521460645426100145120ustar00rootroot00000000000000# Libntlm README -- Introduction information Libntlm is a client-side Microsoft NTLM authentication library. References for the NTLM protocol are: * [The NTLM Authentication Protocol](https://davenport.sourceforge.net/ntlm.html), by Eric Glass. * [NTLM Authentication Scheme for HTTP](https://web.archive.org/web/20210126065105/http://www.innovation.ch/personal/ronald/ntlm.html), by Ronald Tschalär. *Warning!* NTLM is not a secure authentication protocol -- it uses MD4 and single-DES. MD4 has been broken, and single-DES have a too small key size to be considered secure against brute-force attacks. You should only use Libntlm for interoperability purposes, not to achieve any kind of security. # License Libntlm is licensed under the GNU Lesser General Public License version 2.1 or (at your option) any later version, see [COPYING](COPYING). This code was initially taken mostly from the Samba project and was initially intended for use with Microsoft Exchange Server when it is configured to require NTLM authentication for clients of it's IMAP server. Today, libntlm contain re-written code, so that the license is now LGPLv2+ instead of the GPL that would be inherited from the Samba files. # Support The [Libntlm project page at GitLab](https://gitlab.com/gsasl/libntlm) provides git repository, issue tracker, CI/CD and more. The [Libntlm project page at Savannah](https://savannah.nongnu.org/projects/libntlm/) manages the tarball distribution and the mailing list. If you want to discuss something related to Libntlm we have a [mailing list](https://lists.nongnu.org/mailman/listinfo/libntlm) reachable at libntlm@nongnu.org. Old discussions are available from the [Libntlm mailing list archive](https://lists.nongnu.org/archive/html/libntlm/). # History The old libntlm (note lower case) was a library that implement Microsoft's NTLM authentication. However, the packaging of libntlm lacked certain things, such as having build problems, lacking shared library support, lacking autoconf macro for use in other applications, lacking pkg-config support, and more. So this page distributes an improved version of the library; called Libntlm (note upper case L to differentiate it from the original libntlm). Compared to the original releases, the current version has been entirely re-written and only shares the same function interfaces. See [NEWS](NEWS) for more detailed release information, however brief updates related to the project are here: * 2024-04-13: Version 1.8 released. Reproducible tarball. * 2023-12-31: Version 1.7 released. Maintainance fixes. * 2020-04-19: Version 1.6 released. Security bugfix for buffer overflow. CVE-2019-17455. * 2018-08-24: Version 1.5 released. LTO/gcc8 support. Git repository moved to GitLab. * 2013-07-08: Version 1.4 released. Build fixes. * 2011-06-20: Version 1.3 released. Proving the project is still alive. * 2009-11-06: Version 1.2 released. Fixes MinGW cross-compile bug. * 2009-05-08: Version 1.1 released. No significant changes. * 2008-04-12: Version 1.0 released. Declared stable. * 2008-03-05: Version 0.4.2 released. Portability fixes for big-endian platforms. * 2008-03-05: Development (source code and web pages) moved to savannah. * 2007-10-29: Version 0.4.1 released. Maintainance release. * 2007-09-23: Version 0.4.0 released. Gnulib files updated, only public API is exported in shared library. Approaching a stable v1.0. * 2007-09-23: Developed in Git instead of CVS. * 2007-03-27: Version 0.3.13 released. Minor portability fixes, by updating from gnulib. * 2006-06-24: Version 0.3.12 released. Minor portability fixes, by updating from gnulib. * 2006-05-16: Version 0.3.11 released. Now works on 64-bit platforms. * 2006-03-24: Version 0.3.10 released. Exports the ntlm_smb_encrypt and ntlm_smb_nt_encrypt APIs. * 2005-10-23: Version 0.3.9 released. The DES and MD4 functions are now shared with gnulib, to simplify maintenance. * 2005-09-27: Version 0.3.8 released. APIs to build requests/responses for usernames with @ in them (earlier an @ was used to separate the username from the realm). Build fixes. * 2005-07-15: Version 0.3.7 released. A spec file was added. Compiler warnings fixed, thanks to Frediano Ziglio. Gnulib is used, currently only for a more robust ntlm_check_version. * 2004-09-30: Version 0.3.6 released. Various cleanups, thanks to Frediano Ziglio. * 2004-09-23: Version 0.3.5 released. Ported to many platforms. * 2004-09-23: Version 0.3.4 released. License changed to LGPL, thanks to rewrites by Frediano Ziglio. * 2004-09-18: Version 0.3.3 released. Use of 'const' in function prototypes. Source code indented according to GNU Coding Standard. * 2003-03-17: Version 0.3.2 released. Only build changes. * 2002-10-17: Version 0.3.1 released. No code changes, but uses automake 1.7, gnits and pkg-config. * 2002-10-04: Anonymous CVS is available via pserver. * 2002-10-01: Version 0.3.0 released. No code changes compared to the last official 0.21 release. # Download Tarball releases are available from [https://download.savannah.nongnu.org/releases/libntlm/](https://download.savannah.nongnu.org/releases/libntlm/). The tarballs are signed with [Simon Josefsson's OpenPGP key](https://josefsson.org/key-20190320.txt): ``` ed25519 2019-03-20 [SC] Simon Josefsson B1D2 BD13 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE ``` Older releases are signed with [Simon Josefsson's OpenPGP key with fingerprint B565716F](https://josefsson.org/key.txt) or [Simon Josefsson's OpenPGP key with fingerprint 54265E8C](https://josefsson.org/54265e8c.txt). # Building Build instructions are in [INSTALL](INSTALL). Typically, the following is sufficient: ``` ./configure make make check sudo make install ``` # Development Clone the source code and bootstrap it as follows: ``` git clone https://gitlab.com/gsasl/libntlm.git cd libntlm ./bootstrap ``` Then build it as usual. See [CONTRIBUTING.md](CONTRIBUTING.md) for more information. # Usage The application program must convert these structures to/from base64 which is used to transfer data for IMAP authentication. For example usage see the sources for the mutt MUA or the fetchmail package. In general the usage is something like shown below (no, I don't know if this code even compiles, but you get the idea hopefully): ``` #include extern char *seqTag; /* IMAP sequence number */ int imap_auth_ntlm(char *user, char *domain, char *pass) { tSmbNtlmAuthRequest request; tSmbNtlmAuthChallenge challenge; tSmbNtlmAuthResponse response; char buffer[512]; char tmpstr[32]; writeToServer("%s AUTHENTICATE NTLM\r\n",seqTag); readFromServer(buffer) /* buffer should be "+", but we won't show code to check */ /* * prepare the request, convert to base64, and send it to * the server. My server didn't care about domain, and NULL * worked fine. */ buildSmbNtlmAuthRequest(&request,user,domain); convertToBase64(buffer, &request, SmbLength(&request)); writeToServer("%s\r\n",buffer); /* read challange data from server, convert from base64 */ readFromServer(buffer); /* buffer should contain the string "+ [base 64 data]" */ convertFromBase64(&challenge, buffer+2); /* prepare response, convert to base64, send to server */ buildSmbNtlmAuthResponse(&challenge, &response, user, pass); convertToBase64(buffer,&response,SmbLength(&response)); writeToServer("%s\r\n",buffer); /* read line from server, it should be "[seq] OK blah blah blah" */ readFromServer(buffer); sprintf(tmpstr,"%s OK",seqTag); if (strncmp(buffer,tmpstr,strlen(tmpstr))) { /* login failed */ return -1; } return 0; } ``` ---------------------------------------------------------------------- ``` Copyright (C) 2002-2024 Simon Josefsson Copyright (C) 1999 Grant Edwards Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. ``` libntlm-v1.8/THANKS000066400000000000000000000016311460645426100141350ustar00rootroot00000000000000Libntlm THANKS -- acknowledgements Copyright (C) 2002-2024 Simon Josefsson See the end for copying conditions. Much of the code was originally written by Andrew Tridgell for the Samba project. Frediano Ziglio contributed rewritten files, so the library could be released under LGPL instead of GPL. The MD4 and DES implementation was replaced by the Gnulib LGPL copy, contributed by Simon Josefsson. Bug reports, patches and/or suggestions were also received from: David Leonard Matthias Andree Pavel Fedin Andrej Kacian Romain GEISSLER Kirin Cedric Buissart ---------------------------------------------------------------------- Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. libntlm-v1.8/bootstrap000077500000000000000000000204051460645426100151650ustar00rootroot00000000000000#! /bin/sh # Bootstrap this package from checked-out sources. scriptversion=2023-12-10.18; # UTC # Copyright (C) 2003-2023 Free Software Foundation, Inc. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Originally written by Paul Eggert. The canonical version of this # script is maintained as top/bootstrap in gnulib. However, to be # useful to your package, you should place a copy of it under version # control in the top-level directory of your package. The intent is # that all customization can be done with a bootstrap.conf file also # maintained in your version control; gnulib comes with a template # build-aux/bootstrap.conf to get you started. # Please report bugs or propose patches to bug-gnulib@gnu.org. me="$0" medir=`dirname "$me"` # Read the function library and the configuration. . "$medir"/bootstrap-funclib.sh usage() { cat <. # Originally written by Paul Eggert. The canonical version of this # script is maintained as top/bootstrap-funclib.sh in gnulib. However, # to be useful to your package, you should place a copy of it under # version control in the top-level directory of your package. The # intent is that all customization can be done with a bootstrap.conf # file also maintained in your version control; gnulib comes with a # template build-aux/bootstrap.conf to get you started. nl=' ' # Ensure file names are sorted consistently across platforms. LC_ALL=C export LC_ALL # Honor $PERL, but work even if there is none. PERL="${PERL-perl}" default_gnulib_url=https://git.savannah.gnu.org/git/gnulib.git # Copyright year, for the --version output. copyright_year=`echo "$scriptlibversion" | sed -e 's/[^0-9].*//'` copyright="Copyright (C) ${copyright_year} Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later . This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law." # warnf_ FORMAT-STRING ARG1... warnf_ () { warnf_format_=$1 shift nl=' ' case $* in *$nl*) me_=$(printf "$me"|tr "$nl|" '??') printf "$warnf_format_" "$@" | sed "s|^|$me_: |" ;; *) printf "$me: $warnf_format_" "$@" ;; esac >&2 } # warn_ WORD1... warn_ () { # If IFS does not start with ' ', set it and emit the warning in a subshell. case $IFS in ' '*) warnf_ '%s\n' "$*";; *) (IFS=' '; warn_ "$@");; esac } # die WORD1... die() { warn_ "$@"; exit 1; } # ------------------------------ Configuration. ------------------------------ # Directory that contains package-specific gnulib modules and/or overrides. local_gl_dir=gl # Name of the Makefile.am # XXX Not used. gnulib_mk=gnulib.mk # List of gnulib modules needed. gnulib_modules= # Any gnulib files needed that are not in modules. gnulib_files= # A function to be called for each unrecognized option. Returns 0 if # the option in $1 has been processed by the function. Returns 1 if # the option has not been processed by the function. Override it via # your own definition in bootstrap.conf bootstrap_option_hook() { return 1; } # A function to be called in order to print the --help information # corresponding to user-defined command-line options. bootstrap_print_option_usage_hook() { :; } # A function to be called at the end of autopull.sh. # Override it via your own definition in bootstrap.conf. bootstrap_post_pull_hook() { :; } # A function to be called right after gnulib-tool is run. # Override it via your own definition in bootstrap.conf. bootstrap_post_import_hook() { :; } # A function to be called after everything else in this script. # Override it via your own definition in bootstrap.conf. bootstrap_epilogue() { :; } # The command to download all .po files for a specified domain into a # specified directory. Fill in the first %s with the destination # directory and the second with the domain name. po_download_command_format=\ "wget --mirror --level=1 -nd -nv -A.po -P '%s' \ https://translationproject.org/latest/%s/" # Prefer a non-empty tarname (4th argument of AC_INIT if given), else # fall back to the package name (1st argument with munging). extract_package_name=' /^AC_INIT(\[*/{ s/// /^[^,]*,[^,]*,[^,]*,[ []*\([^][ ,)]\)/{ s//\1/ s/[],)].*// p q } s/[],)].*// s/^GNU // y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ s/[^abcdefghijklmnopqrstuvwxyz0123456789_]/-/g p } ' package=$(${AUTOCONF:-autoconf} --trace AC_INIT:\$4 configure.ac 2>/dev/null) if test -z "$package"; then package=$(sed -n "$extract_package_name" configure.ac) \ || die 'cannot find package name in configure.ac' fi gnulib_name=lib$package build_aux=build-aux source_base=lib m4_base=m4 doc_base=doc tests_base=tests gnulib_extra_files=" build-aux/install-sh build-aux/mdate-sh build-aux/texinfo.tex build-aux/depcomp build-aux/config.guess build-aux/config.sub doc/INSTALL " # Additional gnulib-tool options to use. Use "\newline" to break lines. gnulib_tool_option_extras= # Other locale categories that need message catalogs. EXTRA_LOCALE_CATEGORIES= # Additional xgettext options to use. Use "\\\newline" to break lines. XGETTEXT_OPTIONS='\\\ --flag=_:1:pass-c-format\\\ --flag=N_:1:pass-c-format\\\ --flag=error:3:c-format --flag=error_at_line:5:c-format\\\ ' # Package bug report address and copyright holder for gettext files COPYRIGHT_HOLDER='Free Software Foundation, Inc.' MSGID_BUGS_ADDRESS=bug-$package@gnu.org # Files we don't want to import. # XXX Not used. excluded_files= # File that should exist in the top directory of a checked out hierarchy, # but not in a distribution tarball. checkout_only_file=README-hacking # Set this to '.cvsignore .gitignore' in bootstrap.conf if you want # those files to be generated in directories like lib/, m4/, and po/. # Or set it to 'auto' to make this script select which to use based # on which version control system (if any) is used in the source directory. vc_ignore=auto # Set this to true in bootstrap.conf to enable --bootstrap-sync by # default. bootstrap_sync=false # Override the default configuration, if necessary. # Make sure that bootstrap.conf is sourced from the current directory # if we were invoked as "sh bootstrap". conffile=`dirname "$me"`/bootstrap.conf test -r "$conffile" && . "$conffile" # ------------------------- Build-time prerequisites ------------------------- check_exists() { if test "$1" = "--verbose"; then ($2 --version /dev/null 2>&1 if test $? -ge 126; then # If not found, run with diagnostics as one may be # presented with env variables to set to find the right version ($2 --version /dev/null 2>&1 fi test $? -lt 126 } # Note this deviates from the version comparison in automake # in that it treats 1.5 < 1.5.0, and treats 1.4.4a < 1.4-p3a # but this should suffice as we won't be specifying old # version formats or redundant trailing .0 in bootstrap.conf. # If we did want full compatibility then we should probably # use m4_version_compare from autoconf. sort_ver() { # sort -V is not generally available ver1="$1" ver2="$2" # split on '.' and compare each component i=1 while : ; do p1=$(echo "$ver1" | cut -d. -f$i) p2=$(echo "$ver2" | cut -d. -f$i) if [ ! "$p1" ]; then echo "$1 $2" break elif [ ! "$p2" ]; then echo "$2 $1" break elif [ ! "$p1" = "$p2" ]; then if [ "$p1" -gt "$p2" ] 2>/dev/null; then # numeric comparison echo "$2 $1" elif [ "$p2" -gt "$p1" ] 2>/dev/null; then # numeric comparison echo "$1 $2" else # numeric, then lexicographic comparison lp=$(printf "%s\n%s\n" "$p1" "$p2" | LANG=C sort -n | tail -n1) if [ "$lp" = "$p2" ]; then echo "$1 $2" else echo "$2 $1" fi fi break fi i=$(($i+1)) done } get_version_sed=' # Move version to start of line. s/.*[v ]\([0-9]\)/\1/ # Skip lines that do not start with version. /^[0-9]/!d # Remove characters after the version. s/[^.a-z0-9-].*// # The first component must be digits only. s/^\([0-9]*\)[a-z-].*/\1/ #the following essentially does s/5.005/5.5/ s/\.0*\([1-9]\)/.\1/g p q' get_version() { app=$1 $app --version >/dev/null 2>&1 || { $app --version; return 1; } $app --version 2>&1 | sed -n "$get_version_sed" } check_versions() { ret=0 while read app req_ver; do # We only need libtoolize from the libtool package. if test "$app" = libtool; then app=libtoolize fi # Exempt git if git is not needed. if test "$app" = git; then $check_git || continue fi # Honor $APP variables ($TAR, $AUTOCONF, etc.) appvar=$(echo $app | LC_ALL=C tr '[a-z]-' '[A-Z]_') test "$appvar" = TAR && appvar=AMTAR case $appvar in GZIP) ;; # Do not use $GZIP: it contains gzip options. PERL::*) ;; # Keep perl modules as-is *) eval "app=\${$appvar-$app}" ;; esac # Handle the still-experimental Automake-NG programs specially. # They remain named as the mainstream Automake programs ("automake", # and "aclocal") to avoid gratuitous incompatibilities with # preexisting usages (by, say, autoreconf, or custom autogen.sh # scripts), but correctly identify themselves (as being part of # "GNU automake-ng") when asked their version. case $app in automake-ng|aclocal-ng) app=${app%-ng} ($app --version | grep '(GNU automake-ng)') >/dev/null 2>&1 || { warn_ "Error: '$app' not found or not from Automake-NG" ret=1 continue } ;; # Another check is for perl modules. These can be written as # e.g. perl::XML::XPath in case of XML::XPath module, etc. perl::*) # Extract module name app="${app#perl::}" if ! $PERL -m"$app" -e 'exit 0' >/dev/null 2>&1; then warn_ "Error: perl module '$app' not found" ret=1 fi continue ;; esac if [ "$req_ver" = "-" ]; then # Merely require app to exist; not all prereq apps are well-behaved # so we have to rely on $? rather than get_version. if ! check_exists --verbose $app; then warn_ "Error: '$app' not found" ret=1 fi else # Require app to produce a new enough version string. inst_ver=$(get_version $app) if [ ! "$inst_ver" ]; then warn_ "Error: '$app' not found" ret=1 else latest_ver=$(sort_ver $req_ver $inst_ver | cut -d' ' -f2) if [ ! "$latest_ver" = "$inst_ver" ]; then warnf_ '%s\n' \ "Error: '$app' version == $inst_ver is too old" \ " '$app' version >= $req_ver is required" ret=1 fi fi fi done return $ret } print_versions() { echo "Program Min_version" echo "----------------------" printf %s "$buildreq" echo "----------------------" # can't depend on column -t } # check_build_prerequisites check_git check_build_prerequisites() { check_git="$1" # gnulib-tool requires at least automake and autoconf. # If either is not listed, add it (with minimum version) as a prerequisite. case $buildreq in *automake*) ;; *) buildreq="automake 1.9 $buildreq" ;; esac case $buildreq in *autoconf*) ;; *) buildreq="autoconf 2.59 $buildreq" ;; esac # When we can deduce that gnulib-tool will require patch, # and when patch is not already listed as a prerequisite, add it, too. if test -d "$local_gl_dir" \ && ! find "$local_gl_dir" -name '*.diff' -exec false {} +; then case $buildreq in *patch*) ;; *) buildreq="patch - $buildreq" ;; esac fi if ! printf '%s' "$buildreq" | check_versions; then echo >&2 if test -f README-prereq; then die "See README-prereq for how to get the prerequisite programs" else die "Please install the prerequisite programs" fi fi # Warn the user if autom4te appears to be broken; this causes known # issues with at least gettext 0.18.3. probe=$(echo 'm4_quote([hi])' | autom4te -l M4sugar -t 'm4_quote:$%' -) if test "x$probe" != xhi; then warn_ "WARNING: your autom4te wrapper eats stdin;" warn_ "if bootstrap fails, consider upgrading your autotools" fi } # find_tool ENVVAR NAMES... # ------------------------- # Search for a required program. Use the value of ENVVAR, if set, # otherwise find the first of the NAMES that can be run. # If found, set ENVVAR to the program name, die otherwise. # # FIXME: code duplication, see also gnu-web-doc-update. find_tool () { find_tool_envvar=$1 shift find_tool_names=$@ eval "find_tool_res=\$$find_tool_envvar" if test x"$find_tool_res" = x; then for i; do if check_exists $i; then find_tool_res=$i break fi done fi if test x"$find_tool_res" = x; then warn_ "one of these is required: $find_tool_names;" die "alternatively set $find_tool_envvar to a compatible tool" fi eval "$find_tool_envvar=\$find_tool_res" eval "export $find_tool_envvar" } # --------------------- Preparing GNULIB_SRCDIR for use. --------------------- # This is part of autopull.sh, but bootstrap needs it too, for self-upgrading. cleanup_gnulib() { status=$? # XXX It's a bad idea to erase the submodule directory if it contains local # modifications. rm -fr "$gnulib_path" exit $status } git_modules_config () { test -f .gitmodules && git config --file .gitmodules "$@" } prepare_GNULIB_SRCDIR () { if test -n "$GNULIB_SRCDIR"; then # Use GNULIB_SRCDIR directly. # We already checked that $GNULIB_SRCDIR references a directory. # Verify that it contains a gnulib checkout. test -f "$GNULIB_SRCDIR/gnulib-tool" \ || die "Error: --gnulib-srcdir or \$GNULIB_SRCDIR is specified," \ "but does not contain gnulib-tool" elif $use_git; then gnulib_path=$(git_modules_config submodule.gnulib.path) test -z "$gnulib_path" && gnulib_path=gnulib # Get gnulib files. Populate $gnulib_path, possibly updating a # submodule, for use in the rest of the script. if test -n "$GNULIB_REFDIR" && test -d "$GNULIB_REFDIR"/.git \ && git_modules_config submodule.gnulib.url >/dev/null; then # Use GNULIB_REFDIR as a reference. echo "$0: getting gnulib files..." if git submodule -h|grep -- --reference > /dev/null; then # Prefer the one-liner available in git 1.6.4 or newer. git submodule update --init --reference "$GNULIB_REFDIR" \ "$gnulib_path" || exit $? else # This fallback allows at least git 1.5.5. if test -f "$gnulib_path"/gnulib-tool; then # Since file already exists, assume submodule init already complete. git submodule update -- "$gnulib_path" || exit $? else # Older git can't clone into an empty directory. rmdir "$gnulib_path" 2>/dev/null git clone --reference "$GNULIB_REFDIR" \ "$(git_modules_config submodule.gnulib.url)" "$gnulib_path" \ && git submodule init -- "$gnulib_path" \ && git submodule update -- "$gnulib_path" \ || exit $? fi fi else # GNULIB_REFDIR is not set or not usable. Ignore it. if git_modules_config submodule.gnulib.url >/dev/null; then echo "$0: getting gnulib files..." git submodule init -- "$gnulib_path" || exit $? git submodule update -- "$gnulib_path" || exit $? elif [ ! -d "$gnulib_path" ]; then echo "$0: getting gnulib files..." trap cleanup_gnulib HUP INT PIPE TERM shallow= if test -z "$GNULIB_REVISION"; then if git clone -h 2>&1 | grep -- --depth > /dev/null; then shallow='--depth 2' fi git clone $shallow ${GNULIB_URL:-$default_gnulib_url} "$gnulib_path" \ || cleanup_gnulib else if git fetch -h 2>&1 | grep -- --depth > /dev/null; then shallow='--depth 2' fi mkdir -p "$gnulib_path" # Only want a shallow checkout of $GNULIB_REVISION, but git does not # support cloning by commit hash. So attempt a shallow fetch by commit # hash to minimize the amount of data downloaded and changes needed to # be processed, which can drastically reduce download and processing # time for checkout. If the fetch by commit fails, a shallow fetch can # not be performed because we do not know what the depth of the commit # is without fetching all commits. So fall back to fetching all # commits. git -C "$gnulib_path" init git -C "$gnulib_path" remote add origin \ ${GNULIB_URL:-$default_gnulib_url} git -C "$gnulib_path" fetch $shallow origin "$GNULIB_REVISION" \ || git -C "$gnulib_path" fetch origin \ || cleanup_gnulib git -C "$gnulib_path" reset --hard FETCH_HEAD fi trap - HUP INT PIPE TERM fi fi GNULIB_SRCDIR=$gnulib_path # Verify that the submodule contains a gnulib checkout. test -f "$gnulib_path/gnulib-tool" \ || die "Error: $gnulib_path is supposed to contain a gnulib checkout," \ "but does not contain gnulib-tool" fi # XXX Should this be done if $use_git is false? if test -d "$GNULIB_SRCDIR"/.git && test -n "$GNULIB_REVISION" \ && ! git_modules_config submodule.gnulib.url >/dev/null; then (cd "$GNULIB_SRCDIR" && git checkout "$GNULIB_REVISION") || cleanup_gnulib fi # $GNULIB_SRCDIR now points to the version of gnulib to use, and # we no longer need to use git or $gnulib_path below here. } # -------- Upgrading bootstrap to the version found in GNULIB_SRCDIR. -------- upgrade_bootstrap () { if test -f "$medir"/bootstrap-funclib.sh; then update_lib=true { cmp -s "$medir"/bootstrap "$GNULIB_SRCDIR/top/bootstrap" \ && cmp -s "$medir"/bootstrap-funclib.sh \ "$GNULIB_SRCDIR/top/bootstrap-funclib.sh" \ && cmp -s "$medir"/autopull.sh "$GNULIB_SRCDIR/top/autopull.sh" \ && cmp -s "$medir"/autogen.sh "$GNULIB_SRCDIR/top/autogen.sh"; \ } else update_lib=false cmp -s "$medir"/bootstrap "$GNULIB_SRCDIR/build-aux/bootstrap" fi || { if $update_lib; then echo "$0: updating bootstrap & companions and restarting..." else echo "$0: updating bootstrap and restarting..." fi case $(sh -c 'echo "$1"' -- a) in a) ignored=--;; *) ignored=ignored;; esac u=$update_lib exec sh -c \ '{ if '$u' && test -f "$1"; then cp "$1" "$3"; else cp "$2" "$3"; fi; } && { if '$u' && test -f "$4"; then cp "$4" "$5"; else rm -f "$5"; fi; } && { if '$u' && test -f "$6"; then cp "$6" "$7"; else rm -f "$7"; fi; } && { if '$u' && test -f "$8"; then cp "$8" "$9"; else rm -f "$9"; fi; } && shift && shift && shift && shift && shift && shift && shift && shift && shift && exec "${CONFIG_SHELL-/bin/sh}" "$@"' \ $ignored \ "$GNULIB_SRCDIR/top/bootstrap" "$GNULIB_SRCDIR/build-aux/bootstrap" \ "$medir/bootstrap" \ "$GNULIB_SRCDIR/top/bootstrap-funclib.sh" "$medir/bootstrap-funclib.sh" \ "$GNULIB_SRCDIR/top/autopull.sh" "$medir/autopull.sh" \ "$GNULIB_SRCDIR/top/autogen.sh" "$medir/autogen.sh" \ "$0" "$@" --no-bootstrap-sync } } # ---------------------------------------------------------------------------- if test x"$gnulib_modules$gnulib_files$gnulib_extra_files" = x; then use_gnulib=false else use_gnulib=true fi # -------- Fetch auxiliary files from the network. -------------------------- autopull_usage() { cat </dev/null 2>&1 && unset CDPATH # Parse options. # Use git to update gnulib sources use_git=true for option do case $option in --help) autopull_usage return;; --version) set -e echo "autopull.sh $scriptlibversion" echo "$copyright" return 0 ;; --skip-po) SKIP_PO=t;; --force) checkout_only_file=;; --bootstrap-sync) bootstrap_sync=true;; --no-bootstrap-sync) bootstrap_sync=false;; --no-git) use_git=false;; *) bootstrap_option_hook $option || die "$option: unknown option";; esac done $use_git || test -n "$GNULIB_SRCDIR" \ || die "Error: --no-git requires \$GNULIB_SRCDIR environment variable" \ "or --gnulib-srcdir option" test -z "$GNULIB_SRCDIR" || test -d "$GNULIB_SRCDIR" \ || die "Error: \$GNULIB_SRCDIR environment variable" \ "or --gnulib-srcdir option is specified," \ "but does not denote a directory" if test -n "$checkout_only_file" && test ! -r "$checkout_only_file"; then die "Running this script from a non-checked-out distribution is risky." fi check_build_prerequisites $use_git if $use_gnulib || $bootstrap_sync; then prepare_GNULIB_SRCDIR if $bootstrap_sync; then upgrade_bootstrap "$@" fi fi # Find sha1sum, named gsha1sum on MacPorts, shasum on Mac OS X 10.6. # Also find the compatible sha1 utility on the BSDs if test x"$SKIP_PO" = x; then find_tool SHA1SUM sha1sum gsha1sum shasum sha1 fi # See if we can use gnulib's git-merge-changelog merge driver. if $use_git && test -d .git && check_exists git; then if git config merge.merge-changelog.driver >/dev/null ; then : elif check_exists git-merge-changelog; then echo "$0: initializing git-merge-changelog driver" git config merge.merge-changelog.name 'GNU-style ChangeLog merge driver' git config merge.merge-changelog.driver 'git-merge-changelog %O %A %B' else echo "$0: consider installing git-merge-changelog from gnulib" fi fi case $SKIP_PO in '') if test -d po; then update_po_files po $package || return fi if test -d runtime-po; then update_po_files runtime-po $package-runtime || return fi;; esac # --------------------------------------------------------------------------- bootstrap_post_pull_hook \ || die "bootstrap_post_pull_hook failed" # Don't proceed if there are uninitialized submodules. In particular, # autogen.sh will remove dangling links, which might be links into # uninitialized submodules. # But it's OK if the 'gnulib' submodule is uninitialized, as long as # GNULIB_SRCDIR is set. if $use_git; then # Uninitialized submodules are listed with an initial dash. uninitialized=`git submodule | grep '^-' | awk '{ print $2 }'` if test -n "$GNULIB_SRCDIR"; then uninitialized=`echo "$uninitialized" | grep -v '^gnulib$'` fi if test -n "$uninitialized"; then uninit_comma=`echo "$uninitialized" | tr '\n' ',' | sed -e 's|,$|.|'` die "Some git submodules are not initialized: "$uninit_comma \ "Either use option '--no-git'," \ "or run 'git submodule update --init' and bootstrap again." fi fi if test -f "$medir"/autogen.sh; then echo "$0: done. Now you can run '$medir/autogen.sh'." fi } # ----------------------------- Get translations. ----------------------------- download_po_files() { subdir=$1 domain=$2 echo "$me: getting translations into $subdir for $domain..." cmd=$(printf "$po_download_command_format" "$subdir" "$domain") eval "$cmd" } # Mirror .po files to $po_dir/.reference and copy only the new # or modified ones into $po_dir. Also update $po_dir/LINGUAS. # Note po files that exist locally only are left in $po_dir but will # not be included in LINGUAS and hence will not be distributed. update_po_files() { # Directory containing primary .po files. # Overwrite them only when we're sure a .po file is new. po_dir=$1 domain=$2 # Mirror *.po files into this dir. # Usually contains *.s1 checksum files. ref_po_dir="$po_dir/.reference" test -d $ref_po_dir || mkdir $ref_po_dir || return download_po_files $ref_po_dir $domain \ && ls "$ref_po_dir"/*.po 2>/dev/null | sed 's|.*/||; s|\.po$||' > "$po_dir/LINGUAS" || return langs=$(cd $ref_po_dir && echo *.po | sed 's/\.po//g') test "$langs" = '*' && langs=x for po in $langs; do case $po in x) continue;; esac new_po="$ref_po_dir/$po.po" cksum_file="$ref_po_dir/$po.s1" if ! test -f "$cksum_file" || ! test -f "$po_dir/$po.po" || ! $SHA1SUM -c "$cksum_file" < "$new_po" > /dev/null 2>&1; then echo "$me: updated $po_dir/$po.po..." cp "$new_po" "$po_dir/$po.po" \ && $SHA1SUM < "$new_po" > "$cksum_file" || return fi done } # -------- Generate files automatically from existing sources. -------------- autogen_usage() { cat < /dev/null 2>&1 elif test -d .svn; then svn log -r HEAD "$file" > /dev/null 2>&1 elif test -d CVS; then grep -F "/${file##*/}/" "$parent/CVS/Entries" 2>/dev/null | grep '^/[^/]*/[0-9]' > /dev/null else warn_ "no version control for $file?" false fi } # Strip blank and comment lines to leave significant entries. gitignore_entries() { sed '/^#/d; /^$/d' "$@" } # If $STR is not already on a line by itself in $FILE, insert it at the start. # Entries are inserted at the start of the ignore list to ensure existing # entries starting with ! are not overridden. Such entries support # whitelisting exceptions after a more generic blacklist pattern. insert_if_absent() { file=$1 str=$2 test -f $file || touch $file test -r $file || die "Error: failed to read ignore file: $file" duplicate_entries=$(gitignore_entries $file | sort | uniq -d) if [ "$duplicate_entries" ] ; then die "Error: Duplicate entries in $file: " $duplicate_entries fi linesold=$(gitignore_entries $file | wc -l) linesnew=$( { echo "$str"; cat $file; } | gitignore_entries | sort -u | wc -l) if [ $linesold != $linesnew ] ; then { echo "$str" | cat - $file > $file.bak && mv $file.bak $file; } \ || die "insert_if_absent $file $str: failed" fi } # Adjust $PATTERN for $VC_IGNORE_FILE and insert it with # insert_if_absent. insert_vc_ignore() { vc_ignore_file="$1" pattern="$2" case $vc_ignore_file in *.gitignore) # A .gitignore entry that does not start with '/' applies # recursively to subdirectories, so prepend '/' to every # .gitignore entry. pattern=$(echo "$pattern" | sed s,^,/,);; esac insert_if_absent "$vc_ignore_file" "$pattern" } symlink_to_dir() { src=$1/$2 dst=${3-$2} test -f "$src" && { # If the destination directory doesn't exist, create it. # This is required at least for "lib/uniwidth/cjk.h". dst_dir=$(dirname "$dst") if ! test -d "$dst_dir"; then mkdir -p "$dst_dir" # If we've just created a directory like lib/uniwidth, # tell version control system(s) it's ignorable. # FIXME: for now, this does only one level parent=$(dirname "$dst_dir") for dot_ig in x $vc_ignore; do test $dot_ig = x && continue ig=$parent/$dot_ig insert_vc_ignore $ig "${dst_dir##*/}/" done fi if $copy; then { test ! -h "$dst" || { echo "$me: rm -f $dst" && rm -f "$dst" } } && test -f "$dst" && cmp -s "$src" "$dst" || { echo "$me: cp -fp $src $dst" && cp -fp "$src" "$dst" } else # Leave any existing symlink alone, if it already points to the source, # so that broken build tools that care about symlink times # aren't confused into doing unnecessary builds. Conversely, if the # existing symlink's timestamp is older than the source, make it afresh, # so that broken tools aren't confused into skipping needed builds. See # . test -h "$dst" && src_ls=$(ls -diL "$src" 2>/dev/null) && set $src_ls && src_i=$1 && dst_ls=$(ls -diL "$dst" 2>/dev/null) && set $dst_ls && dst_i=$1 && test "$src_i" = "$dst_i" && both_ls=$(ls -dt "$src" "$dst") && test "X$both_ls" = "X$dst$nl$src" || { dot_dots= case $src in /*) ;; *) case /$dst/ in *//* | */../* | */./* | /*/*/*/*/*/) die "invalid symlink calculation: $src -> $dst";; /*/*/*/*/) dot_dots=../../../;; /*/*/*/) dot_dots=../../;; /*/*/) dot_dots=../;; esac;; esac echo "$me: ln -fs $dot_dots$src $dst" && ln -fs "$dot_dots$src" "$dst" } fi } } # Regenerate all autogeneratable files that are omitted from the # version control repository. In particular, regenerate all # aclocal.m4, config.h.in, Makefile.in, configure files with new # versions of autoconf or automake. autogen() { # Ensure that CDPATH is not set. Otherwise, the output from cd # would cause trouble in at least one use below. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Environment variables that may be set by the user. : "${AUTOPOINT=autopoint}" : "${AUTORECONF=autoreconf}" if test "$vc_ignore" = auto; then vc_ignore= test -d .git && vc_ignore=.gitignore test -d CVS && vc_ignore="$vc_ignore .cvsignore" fi # Parse options. # Whether to use copies instead of symlinks. copy=false for option do case $option in --help) autogen_usage return;; --version) set -e echo "autogen.sh $scriptlibversion" echo "$copyright" return 0 ;; --force) checkout_only_file=;; --copy) copy=true;; *) bootstrap_option_hook $option || die "$option: unknown option";; esac done test -z "$GNULIB_SRCDIR" || test -d "$GNULIB_SRCDIR" \ || die "Error: \$GNULIB_SRCDIR environment variable or --gnulib-srcdir" \ "option is specified, but does not denote a directory" if test -n "$checkout_only_file" && test ! -r "$checkout_only_file"; then die "Running this script from a non-checked-out distribution is risky." fi if $use_gnulib; then if test -z "$GNULIB_SRCDIR"; then gnulib_path=$(test -f .gitmodules && git config --file .gitmodules submodule.gnulib.path) test -z "$gnulib_path" && gnulib_path=gnulib GNULIB_SRCDIR=$gnulib_path fi fi # Die if there is no AC_CONFIG_AUX_DIR($build_aux) line in configure.ac. found_aux_dir=no grep '^[ ]*AC_CONFIG_AUX_DIR(\['"$build_aux"'])' configure.ac \ >/dev/null && found_aux_dir=yes grep '^[ ]*AC_CONFIG_AUX_DIR('"$build_aux"')' configure.ac \ >/dev/null && found_aux_dir=yes test $found_aux_dir = yes \ || die "configure.ac lacks 'AC_CONFIG_AUX_DIR([$build_aux])'; add it" # If $build_aux doesn't exist, create it now, otherwise some bits # below will malfunction. If creating it, also mark it as ignored. if test ! -d $build_aux; then mkdir $build_aux for dot_ig in x $vc_ignore; do test $dot_ig = x && continue insert_vc_ignore $dot_ig $build_aux/ done fi check_build_prerequisites false use_libtool=0 # We'd like to use grep -E, to see if any of LT_INIT, # AC_PROG_LIBTOOL, AM_PROG_LIBTOOL is used in configure.ac, # but that's not portable enough (e.g., for Solaris). grep '^[ ]*A[CM]_PROG_LIBTOOL' configure.ac >/dev/null \ && use_libtool=1 grep '^[ ]*LT_INIT' configure.ac >/dev/null \ && use_libtool=1 if test $use_libtool = 1; then find_tool LIBTOOLIZE glibtoolize libtoolize fi if $use_gnulib; then gnulib_tool=$GNULIB_SRCDIR/gnulib-tool <$gnulib_tool || return fi # NOTE: we have to be careful to run both autopoint and libtoolize # before gnulib-tool, since gnulib-tool is likely to provide newer # versions of files "installed" by these two programs. # Then, *after* gnulib-tool (see below), we have to be careful to # run autoreconf in such a way that it does not run either of these # two just-pre-run programs. # Import from gettext. with_gettext=yes grep '^[ ]*AM_GNU_GETTEXT_VERSION(' configure.ac >/dev/null || \ with_gettext=no if test $with_gettext = yes || test $use_libtool = 1; then tempbase=.bootstrap$$ trap "rm -f $tempbase.0 $tempbase.1" HUP INT PIPE TERM > $tempbase.0 > $tempbase.1 && find . ! -type d -print | sort > $tempbase.0 || return if test $with_gettext = yes; then # Released autopoint has the tendency to install macros that have been # obsoleted in current gnulib, so run this before gnulib-tool. echo "$0: $AUTOPOINT --force" $AUTOPOINT --force || return fi # Autoreconf runs aclocal before libtoolize, which causes spurious # warnings if the initial aclocal is confused by the libtoolized # (or worse out-of-date) macro directory. # libtoolize 1.9b added the --install option; but we support back # to libtoolize 1.5.22, where the install action was default. if test $use_libtool = 1; then install= case $($LIBTOOLIZE --help) in *--install*) install=--install ;; esac echo "running: $LIBTOOLIZE $install --copy" $LIBTOOLIZE $install --copy fi find . ! -type d -print | sort >$tempbase.1 old_IFS=$IFS IFS=$nl for file in $(comm -13 $tempbase.0 $tempbase.1); do IFS=$old_IFS parent=${file%/*} version_controlled_file "$parent" "$file" || { for dot_ig in x $vc_ignore; do test $dot_ig = x && continue ig=$parent/$dot_ig insert_vc_ignore "$ig" "${file##*/}" done } done IFS=$old_IFS rm -f $tempbase.0 $tempbase.1 trap - HUP INT PIPE TERM fi # Import from gnulib. if $use_gnulib; then gnulib_tool_options="\ --no-changelog\ --aux-dir=$build_aux\ --doc-base=$doc_base\ --lib=$gnulib_name\ --m4-base=$m4_base/\ --source-base=$source_base/\ --tests-base=$tests_base\ --local-dir=$local_gl_dir\ $gnulib_tool_option_extras\ " if test $use_libtool = 1; then case "$gnulib_tool_options " in *' --libtool '*) ;; *) gnulib_tool_options="$gnulib_tool_options --libtool" ;; esac fi echo "$0: $gnulib_tool $gnulib_tool_options --import ..." $gnulib_tool $gnulib_tool_options --import $gnulib_modules \ || die "gnulib-tool failed" for file in $gnulib_files; do symlink_to_dir "$GNULIB_SRCDIR" $file \ || die "failed to symlink $file" done fi bootstrap_post_import_hook \ || die "bootstrap_post_import_hook failed" # Remove any dangling symlink matching "*.m4" or "*.[ch]" in some # gnulib-populated directories. Such .m4 files would cause aclocal to fail. # The following requires GNU find 4.2.3 or newer. Considering the usual # portability constraints of this script, that may seem a very demanding # requirement, but it should be ok. Ignore any failure, which is fine, # since this is only a convenience to help developers avoid the relatively # unusual case in which a symlinked-to .m4 file is git-removed from gnulib # between successive runs of this script. find "$m4_base" "$source_base" \ -depth \( -name '*.m4' -o -name '*.[ch]' \) \ -type l -xtype l -delete > /dev/null 2>&1 # Invoke autoreconf with --force --install to ensure upgrades of tools # such as ylwrap. AUTORECONFFLAGS="--verbose --install --force -I $m4_base $ACLOCAL_FLAGS" AUTORECONFFLAGS="$AUTORECONFFLAGS --no-recursive" # Tell autoreconf not to invoke autopoint or libtoolize; they were run above. echo "running: AUTOPOINT=true LIBTOOLIZE=true $AUTORECONF $AUTORECONFFLAGS" AUTOPOINT=true LIBTOOLIZE=true $AUTORECONF $AUTORECONFFLAGS \ || die "autoreconf failed" # Get some extra files from gnulib, overriding existing files. for file in $gnulib_extra_files; do case $file in */INSTALL) dst=INSTALL;; build-aux/*) dst=$build_aux/${file#build-aux/};; *) dst=$file;; esac symlink_to_dir "$GNULIB_SRCDIR" $file $dst \ || die "failed to symlink $file" done if test $with_gettext = yes; then # Create gettext configuration. echo "$0: Creating po/Makevars from po/Makevars.template ..." rm -f po/Makevars sed ' /^EXTRA_LOCALE_CATEGORIES *=/s/=.*/= '"$EXTRA_LOCALE_CATEGORIES"'/ /^COPYRIGHT_HOLDER *=/s/=.*/= '"$COPYRIGHT_HOLDER"'/ /^MSGID_BUGS_ADDRESS *=/s|=.*|= '"$MSGID_BUGS_ADDRESS"'| /^XGETTEXT_OPTIONS *=/{ s/$/ \\/ a\ '"$XGETTEXT_OPTIONS"' $${end_of_xgettext_options+} } ' po/Makevars.template >po/Makevars \ || die 'cannot generate po/Makevars' # If the 'gettext' module is in use, grab the latest Makefile.in.in. # If only the 'gettext-h' module is in use, assume autopoint already # put the correct version of this file into place. case $gnulib_modules in *gettext-h*) ;; *gettext*) cp $GNULIB_SRCDIR/build-aux/po/Makefile.in.in po/Makefile.in.in \ || die "cannot create po/Makefile.in.in" ;; esac if test -d runtime-po; then # Similarly for runtime-po/Makevars, but not quite the same. rm -f runtime-po/Makevars sed ' /^DOMAIN *=.*/s/=.*/= '"$package"'-runtime/ /^subdir *=.*/s/=.*/= runtime-po/ /^MSGID_BUGS_ADDRESS *=/s/=.*/= bug-'"$package"'@gnu.org/ /^XGETTEXT_OPTIONS *=/{ s/$/ \\/ a\ '"$XGETTEXT_OPTIONS_RUNTIME"' $${end_of_xgettext_options+} } ' po/Makevars.template >runtime-po/Makevars \ || die 'cannot generate runtime-po/Makevars' # Copy identical files from po to runtime-po. (cd po && cp -p Makefile.in.in *-quot *.header *.sed *.sin ../runtime-po) fi fi bootstrap_epilogue echo "$0: done. Now you can run './configure'." } # ---------------------------------------------------------------------------- # Local Variables: # eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptlibversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC0" # time-stamp-end: "; # UTC" # End: libntlm-v1.8/bootstrap.conf000066400000000000000000000022671460645426100161140ustar00rootroot00000000000000# Bootstrap configuration. # Copyright (C) 2006-2020 Free Software Foundation, Inc. # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . GNULIB_REVISION=dfb71172a46ef41f8cf8ab7ca529c1dd3097a41d checkout_only_file=".gitlab-ci.yml" gnulib_tool_option_extras="--lgpl" gnulib_name="libgnu" # gnulib modules used by this package. gnulib_modules=" autobuild byteswap check-version crypto/des crypto/md4 inline maintainer-makefile manywarnings strverscmp unistd update-copyright valgrind-tests warnings " # Build prerequisites buildreq="\ autoconf 2.64 automake 1.10 git 1.5.5 tar - " libntlm-v1.8/cfg.mk000066400000000000000000000046501460645426100143160ustar00rootroot00000000000000# Copyright (C) 2006-2024 Simon Josefsson. # # This file is part of Libntlm. # # Libntlm is free software; you can redistribute it and/or modify # it under the terms of the GNU Lesser General Public License as # published by the Free Software Foundation; either version 2.1 of # the License, or (at your option) any later version. # # Libntlm is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with Libntlm; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, # USA TAR_OPTIONS += --mode=go+u,go-w --mtime=$(srcdir)/NEWS update-copyright-env = \ UPDATE_COPYRIGHT_HOLDER="Simon Josefsson" \ UPDATE_COPYRIGHT_USE_INTERVALS=2 \ UPDATE_COPYRIGHT_FORCE=1 local-checks-to-skip = \ sc_GPL_version \ sc_bindtextdomain \ sc_immutable_NEWS \ sc_prohibit_strcmp VC_LIST_ALWAYS_EXCLUDE_REGEX = ^(examples|lib)/.*$$ exclude_file_name_regexp--sc_trailing_blank = ^test.txt$$ INDENT_SOURCES = $(SOURCES) # maint.mk's public-submodule-commit breaks on shallow gnulib # https://lists.gnu.org/archive/html/bug-gnulib/2022-08/msg00040.html # so let's disable it - XXX FIXME let's revisit this later submodule-checks = gl_public_submodule_commit = # Maintainer targets srcdist: git archive --prefix=libntlm-v1.8/ -o libntlm-1.8-src.tar.gz HEAD release: prepare ship prepare: ! git tag -v v$(VERSION) 2>&1 | grep $(PACKAGE) > /dev/null $(MAKE) distcheck srcdist make -f libntlm4win.mk libntlm4win VERSION=$(VERSION) gpg -b $(distdir).tar.gz gpg -b $(distdir)-src.tar.gz gpg -b $(distdir)-win32.zip gpg -b $(distdir)-win64.zip gpg --verify $(distdir).tar.gz.sig gpg --verify $(distdir)-src.tar.gz.sig gpg --verify $(distdir)-win32.zip.sig gpg --verify $(distdir)-win64.zip.sig tag: git tag -s -m "$(PACKAGE) $(VERSION)" v$(VERSION) ship: tag cp -v $(distdir)*.tar.gz* $(distdir)-win??.zip* ../releases/$(PACKAGE)/ git push git push --tags scp $(distdir)*.tar.gz* $(distdir)-win??.zip* jas@dl.sv.nongnu.org:/releases/libntlm/ review-diff: git diff `git describe --abbrev=0`.. \ | grep -v -e ^index -e '^diff --git' \ | filterdiff -p 1 -x 'build-aux/*' -x 'gl/*' -x 'maint.mk' -x '.gitignore' -x '.x-sc*' -x GNUmakefile \ | less libntlm-v1.8/configure.ac000066400000000000000000000063221460645426100155120ustar00rootroot00000000000000dnl Process this file with autoconf to produce a configure script. dnl Copyright (C) 2002-2024 Simon Josefsson. dnl dnl This file is part of Libntlm. dnl dnl Libntlm is free software; you can redistribute it and/or modify dnl it under the terms of the GNU Lesser General Public License as dnl published by the Free Software Foundation; either version 2.1 of dnl the License, or (at your option) any later version. dnl dnl Libntlm is distributed in the hope that it will be useful, dnl but WITHOUT ANY WARRANTY; without even the implied warranty of dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the dnl GNU Lesser General Public License for more details. dnl dnl You should have received a copy of the GNU Lesser General Public dnl License along with Libntlm; if not, write to the Free Software dnl Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA dnl 02110-1301, USA AC_INIT([libntlm], [1.8], [libntlm@nongnu.org]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIR([m4]) # Interfaces removed: CURRENT++, AGE=0, REVISION=0 # Interfaces added: CURRENT++, AGE++, REVISION=0 # No interfaces changed: REVISION++ AC_SUBST(LT_CURRENT, 0) AC_SUBST(LT_AGE, 0) AC_SUBST(LT_REVISION, 23) AM_INIT_AUTOMAKE([1.10 gnits -Wall]) AC_CONFIG_HEADERS(config.h) AC_CONFIG_SRCDIR(ntlm.h.in) # Checks for programs. AC_PROG_CC gl_EARLY AM_PROG_AR LT_INIT([win32-dll]) AC_C_BIGENDIAN # For gnulib. gl_INIT AC_DEFINE([check_version], ntlm_check_version, [Rename to public API name.]) AC_ARG_ENABLE([gcc-warnings], [AS_HELP_STRING([[--enable-gcc-warnings[=TYPE]]], [control generation of GCC warnings. The TYPE 'no' disables warnings; 'yes' (default) generates cheap warnings.])]) AS_IF([test "$enable_gcc_warnings" != no], [ # Set up the list of unwanted warning options. nw= nw="$nw -fanalyzer" nw="$nw -Wsystem-headers" # Don't warn in system headers. # Setup the list of meaningful warning options for the C compiler. # The list comes from manywarnings.m4. Warning options that are not # generally meaningful have already been filtered out (cf. # build-aux/gcc-warning.spec). gl_MANYWARN_ALL_GCC([possible_warning_options]) # Compute the list of warning options that are desired. gl_MANYWARN_COMPLEMENT([desired_warning_options], [$possible_warning_options], [$nw]) # Compute the list of remaining undesired warning options. # Namely those, that were not in manywarnings.m4 because they were # already listed in build-aux/gcc-warning.spec; this includes those # that are implied by -Wall. gl_MANYWARN_COMPLEMENT([remaining_undesired_warning_options], [$nw], [$possible_warning_options]) # Add the desired warning options to WARN_CFLAGS. for w in $desired_warning_options; do gl_WARN_ADD([$w]) done # Add the opposites of the remaining undesired warning options to # WARN_CFLAGS. for w in `echo "$remaining_undesired_warning_options" | sed -e 's/-W/-Wno-/g'`; do gl_WARN_ADD([$w]) done gl_WARN_ADD([-Wno-pointer-sign]) # Too many warnings for now gl_WARN_ADD([-fdiagnostics-show-option]) ]) AC_CONFIG_FILES([ Makefile lib/Makefile libntlm.pc libntlm.spec ntlm.h ]) AC_OUTPUT libntlm-v1.8/doc/000077500000000000000000000000001460645426100137665ustar00rootroot00000000000000libntlm-v1.8/doc/announce.txt000066400000000000000000000043751460645426100163460ustar00rootroot00000000000000To: libntlm@nongnu.org Subject: Libntlm 1.7 <#secure method=pgpmime mode=sign> This is to announce libntlm-1.7, a stable release. Libntlm provides routines to manipulate the structures used for the client end of Microsoft NTLM authentication. This code was initially taken (mostly) from the Samba project and was initially intended for use with Microsoft Exchange Server when it is configured to require NTLM authentication for clients of it's IMAP server. Today, Libntlm contains re-written code, so that the license is now LGPLv2+. See the NEWS below for a brief summary. The project page of the library is available at: https://gitlab.com/gsasl/libntlm/ If you need help to use Libntlm, or want to help others, you are invited to join our mailing list, see: https://lists.nongnu.org/mailman/listinfo/libntlm Here are the compressed sources (600K) and detached OpenPGP signature: https://download.savannah.nongnu.org/releases/libntlm/libntlm-1.7.tar.gz https://download.savannah.nongnu.org/releases/libntlm/libntlm-1.7.tar.gz.sig Windows binaries are available: https://download.savannah.nongnu.org/releases/libntlm/libntlm-1.7-win64.zip https://download.savannah.nongnu.org/releases/libntlm/libntlm-1.7-win64.zip.sig https://download.savannah.nongnu.org/releases/libntlm/libntlm-1.7-win32.zip https://download.savannah.nongnu.org/releases/libntlm/libntlm-1.7-win32.zip.sig The software is cryptographically signed by the maintainer using an OpenPGP key identified by the following information: sec# ed25519 2019-03-20 [SC] B1D2BD1375BECB784CF4F8C4D73CF638C53C06BE uid [ultimate] Simon Josefsson The key is available from: https://josefsson.org/key-20190320.txt Here are the SHA-256 checksums: d805ebb901cbc9ff411e704cbbf6de4d28e7bcb05c9eca2124f582cbff31c0b1 libntlm-1.7.tar.gz 14b349ea09486bd7e5d7111050c60f7fe8d7865b882549a15ee06eb32f00df24 libntlm-1.7-win32.zip 37c4690c1b5fb92cd304938417ab664decc91513e29b9d016a4cbb93963586c4 libntlm-1.7-win64.zip Happy New Years Eve Hacking, Simon NEWS * Version 1.7 (released 2023-12-31) ** Moved GitLab URL to . ** Use gnulib ./bootstrap for building from version controlled sources. ** API and ABI modifications. No changes since last version. libntlm-v1.8/examples/000077500000000000000000000000001460645426100150375ustar00rootroot00000000000000libntlm-v1.8/examples/COPYING000066400000000000000000000430761460645426100161040ustar00rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA 02139, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) 19yy This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19yy name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. libntlm-v1.8/examples/Makefile000066400000000000000000000002011460645426100164700ustar00rootroot00000000000000dumper: dumper.c getargs.o gcc -g -I.. -o dumper dumper.c getargs.o ../libntlm.a clean: rm -f *.a *.o dumper *.bak *~ \#*\# libntlm-v1.8/examples/README000066400000000000000000000012601460645426100157160ustar00rootroot00000000000000 Dumper is a simple command line utility to display in readable format base64 NTLM messages. Given a base64 NTLM challenge, a username and a password, it will optionally generate and display a response message. Note that there are multiple correct response messages message depending on what order the string data is placed at the end of the frame. There is no required order. Dumper should always generate the string data in the same order (and thus identical base64 responses), even on different architectures. It's possible that another application will generate a different but also correct response message. Run "dumper -?" for help. Someday I'll write more documentation... libntlm-v1.8/examples/dumper.c000066400000000000000000000135671460645426100165130ustar00rootroot00000000000000#include #include #include #include #include #include "getargs.h" int from64tobits(char *out, const char *in); void to64frombits(unsigned char *out, const unsigned char *in, int inlen); int dumpReq; int dumpChal; int dumpResp; int genResp; int dumpRaw; int dumpb64only; int genReq; char *username = "joeuser"; char *password = "joespw"; argSpec argSpecArray[] = { {'q', OptionBoolean, &dumpReq, NULL, "dump NTLM request", NULL}, {'Q', OptionBoolean, &genReq, NULL, "generate (and dump) NTLM request", NULL}, {'c', OptionBoolean, &dumpChal, NULL, "dump NTLM challange", NULL}, {'g', OptionBoolean, &genResp, NULL, "generate (and dump) NTLM response given a challenge", NULL}, {'r', OptionBoolean, &dumpResp, NULL, "dump NTLM response", NULL}, {'R', OptionBoolean, &dumpRaw, NULL, "dump raw bytes", NULL}, {'6', OptionBoolean, &dumpb64only, NULL, "dump generated base64 only", NULL}, {'u', OptionString, &username, NULL, "username", NULL}, {'p', OptionString, &password, NULL, "password", NULL}, }; int argSpecCount = (sizeof argSpecArray / sizeof argSpecArray[0]); char *progName; void usage(void) { printf("usage: %s [options] [base-64-string]\n", progName); printf(" %s -? will display options\n", progName); } unsigned char buf[4096]; unsigned char buf2[4096]; int main(int argc, char *argv[]) { int rawLen = 0; int argsUsed; int i; progName = argv[0]; argsUsed = getargs(argc, argv, argSpecArray, argSpecCount); if (argsUsed < 0) { usage(); exit(1); } argc -= argsUsed; argv += argsUsed; if (argc != 1 && argc != 0) { usage(); exit(1); } if (argc == 1) { rawLen = from64tobits(buf,argv[0]); if (genReq) fprintf(stderr,"%s: extra argument with -Q ignored\n",progName); } else { if (dumpReq || dumpChal || dumpResp || dumpRaw) { fprintf(stderr,"%s: -q -r -c -R specified but no base64 data\n",progName); return 1; } } printf("Converted base64 string to %d data bytes\n",rawLen); if (dumpReq) dumpSmbNtlmAuthRequest(stdout,(tSmbNtlmAuthRequest*)buf); else if (dumpChal) dumpSmbNtlmAuthChallenge(stdout,(tSmbNtlmAuthChallenge*)buf); else if (dumpResp) dumpSmbNtlmAuthResponse(stdout,(tSmbNtlmAuthResponse*)buf); if (dumpRaw) for (i=0; i= 3; inlen -= 3) { *out++ = base64digits[in[0] >> 2]; *out++ = base64digits[((in[0] << 4) & 0x30) | (in[1] >> 4)]; *out++ = base64digits[((in[1] << 2) & 0x3c) | (in[2] >> 6)]; *out++ = base64digits[in[2] & 0x3f]; in += 3; } if (inlen > 0) { unsigned char fragment; *out++ = base64digits[in[0] >> 2]; fragment = (in[0] << 4) & 0x30; if (inlen > 1) fragment |= in[1] >> 4; *out++ = base64digits[fragment]; *out++ = (inlen < 2) ? '=' : base64digits[(in[1] << 2) & 0x3c]; *out++ = '='; } *out = '\0'; } int from64tobits(char *out, const char *in) /* base 64 to raw bytes in quasi-big-endian order, returning count of bytes */ { int len = 0; register unsigned char digit1, digit2, digit3, digit4; if (in[0] == '+' && in[1] == ' ') in += 2; if (*in == '\r') return(0); do { digit1 = in[0]; if (DECODE64(digit1) == BAD) return(-1); digit2 = in[1]; if (DECODE64(digit2) == BAD) return(-1); digit3 = in[2]; if (digit3 != '=' && DECODE64(digit3) == BAD) return(-1); digit4 = in[3]; if (digit4 != '=' && DECODE64(digit4) == BAD) return(-1); in += 4; *out++ = (DECODE64(digit1) << 2) | (DECODE64(digit2) >> 4); ++len; if (digit3 != '=') { *out++ = ((DECODE64(digit2) << 4) & 0xf0) | (DECODE64(digit3) >> 2); ++len; if (digit4 != '=') { *out++ = ((DECODE64(digit3) << 6) & 0xc0) | DECODE64(digit4); ++len; } } } while (*in && *in != '\r' && digit4 != '='); return (len); } /* base64.c ends here */ libntlm-v1.8/examples/getargs.c000066400000000000000000000114761460645426100166500ustar00rootroot00000000000000#include #include "getargs.h" #include #include double dummy(double x) { return x * 56.7; } static int findString(char *name, char **namelist) { int i; for (i=0; *namelist; ++namelist, ++i) if (!strcmp(name, *namelist)) return i; return -1; } static char *progName; typedef int (*fptrNoParam)(void); typedef int (*fptrParam)(char*); static void errorMsg(char c, const char *expected, const char *got) { fprintf(stderr,"%s: option -%c expected %s parameter, got '%s'\n",progName,c,expected,got); } static void prOptions(argSpec arg[], int specCount) { int i; fprintf(stderr,"%s: options: \n",progName); for (i=0; i "); break; case OptionLong: fprintf(stderr," "); break; case OptionDouble: fprintf(stderr," "); break; case OptionString: fprintf(stderr," "); break; case OptionBoolean: fprintf(stderr," "); break; case OptionEnumerated: fprintf(stderr," "); break; } fprintf(stderr,arg[i].helpString); if (arg[i].optionType == OptionEnumerated) { char **s; int d = *(unsigned*)arg[i].optionPtr; int n; fprintf(stderr,"\n"); fprintf(stderr," where is one of:\n"); for (n=0,s=arg[i].enumValues; *s; ++s,++n) fprintf(stderr," %s%s\n",*s,n==d ? " (default)" : ""); } else { switch (arg[i].optionType) { case OptionInteger: fprintf(stderr," (default %d)\n",*(int*)arg[i].optionPtr); break; case OptionLong: fprintf(stderr," (default %ld)\n",*(long*)arg[i].optionPtr); break; case OptionDouble: fprintf(stderr," (default %f)\n",*(double*)arg[i].optionPtr); break; case OptionString: fprintf(stderr," (default '%s')\n",*(char**)arg[i].optionPtr); break; case OptionBoolean: fprintf(stderr,"\n"); break; case OptionEnumerated: break; } } } } union { int i; long l; double d; char *p; }trash; int getargs(int argc, char *argv[], argSpec arg[], int specCount) { int argsUsed; char *p; int a; int argDone; progName = argv[0]; argsUsed = 1; ++argv; while (argsUsed < argc) { /* at this point, argv[0] is the next item to be processed */ p = argv[0]; if (*p != '-') return argsUsed; ++argsUsed; ++argv; ++p; if (*p =='?') { prOptions(arg,specCount); return -1; } argDone = 0; for (a=0; a argc) { errorMsg(*p,"",""); return -1; } } if (arg[a].optionPtr) optionPtr = arg[a].optionPtr; switch (arg[a].optionType) { case OptionInteger: { char *format = "%d"; if (optionArgPtr[0]=='x') { format = "%x"; ++optionArgPtr; } else if (optionArgPtr[0]=='0' && optionArgPtr[1]=='x') { format = "%x"; optionArgPtr+=2; } if (sscanf(optionArgPtr,format,optionPtr) != 1) { errorMsg(*p,"integer",optionArgPtr); return -1; } break; } case OptionLong: if (sscanf(optionArgPtr,"%ld",(long*)optionPtr) != 1) { errorMsg(*p,"long",optionArgPtr); return -1; } break; case OptionString: *((char**)optionPtr) = strdup(optionArgPtr); break; case OptionDouble: if (sscanf(optionArgPtr,"%lf",(double*)optionPtr) != 1) { errorMsg(*p,"floating point",optionArgPtr); return -1; } break; case OptionBoolean: *((int*)optionPtr) = 1; break; case OptionEnumerated: if ((*((int*)optionPtr) = findString(optionArgPtr,arg[a].enumValues)) < 0) { char **n = arg[a].enumValues; fprintf(stderr,"%s: option -%c expects parameter to be one of:\n",progName,*p); while (*n) { fprintf(stderr," %s\n",*n); ++n; } return -1; } break; default: break; } if (arg[a].funcPtr) { int s = (*arg[a].funcPtr)(optionArgPtr); if (s<0) return s; } if (arg[a].optionType == OptionBoolean) { ++p; if (*p != '\0') { a = 0; continue; } } argDone = 1; break; } ++a; } if (!argDone) { fprintf(stderr,"%s: unrecognized option '%c'\n",progName,*p); prOptions(arg,specCount); return -1; } } return argsUsed; } libntlm-v1.8/examples/getargs.h000066400000000000000000000005501460645426100166440ustar00rootroot00000000000000typedef struct { char optionChar; enum { OptionInteger, OptionDouble, OptionLong, OptionString, OptionBoolean, OptionEnumerated } optionType; void *optionPtr; int (*funcPtr)(char *param); char *helpString; char **enumValues; }argSpec; extern int getargs(int argc, char *argv[], argSpec *arg, int numberSpecs); libntlm-v1.8/libntlm.pc.in000066400000000000000000000007701460645426100156170ustar00rootroot00000000000000# Process this file with autoconf to produce a pkg-config metadata file. # Copyright 2002-2024 Simon Josefsson # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright # notice and this notice are preserved. prefix=@prefix@ exec_prefix=@exec_prefix@ libdir=@libdir@ includedir=@includedir@ Name: Libntlm Description: Library for NTLM authentication Version: @VERSION@ Libs: -L${libdir} -lntlm Cflags: -I${includedir} libntlm-v1.8/libntlm.spec.in000066400000000000000000000015741460645426100161520ustar00rootroot00000000000000Name: libntlm Version: @PACKAGE_VERSION@ Release: 1 Group: Development/Libraries Summary: Microsoft WinNT domain authentication library License: LGPL Source: http://josefsson.org/libntlm/releases/libntlm-%{version}.tar.gz URL: http://josefsson.org/libntlm/ BuildRoot: %{_tmppath}/root-%{name}-%{version} %package devel License: LGPL Group: Development/Libraries Summary: Microsoft WinNT domain authentication library for development %description A library for authenticating with Microsoft NTLM challenge-response, derived from Samba sources. %description devel Development files needed for compiling against libntlm. %prep %setup %build %configure make %install %makeinstall %files %defattr(-,root,root) %{_libdir}/libntlm.so* %files devel %defattr(-,root,root) %{_includedir}/ntlm.h %{_libdir}/libntlm.a %{_libdir}/libntlm.la %{_libdir}/pkgconfig/libntlm.pc %doc README THANKS NEWS libntlm-v1.8/libntlm4win.mk000066400000000000000000000030771460645426100160240ustar00rootroot00000000000000# Copyright (C) 2011-2024 Simon Josefsson # # This file is part of Libntlm. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . SHELL=bash PACKAGE = libntlm distdir = $(PACKAGE)-$(VERSION) TGZ = $(distdir).tar.gz URL = https://download.savannah.nongnu.org/releases/$(PACKAGE)/$(TGZ) all: @echo 'Usage examples:' @echo ' make -f libntlm4win.mk libntlm4win VERSION=1.21' @echo ' make -f libntlm4win.mk libntlm4win32 VERSION=1.21 CHECK=check' libntlm4win: libntlm4win32 libntlm4win64 libntlm4win32: $(MAKE) -f libntlm4win.mk doit ARCH=32 HOST=i686-w64-mingw32 libntlm4win64: $(MAKE) -f libntlm4win.mk doit ARCH=64 HOST=x86_64-w64-mingw32 doit: rm -rf tmp && mkdir tmp && cd tmp && \ cp ../$(TGZ) . || wget $(URL) && \ env TAR_OPTIONS= tar xfa $(TGZ) && \ cd $(distdir) && \ ./configure --host=$(HOST) --build=x86_64-unknown-linux-gnu --prefix=$(PWD)/tmp/root CPPFLAGS=-I$(PWD)/tmp/root/include && \ make all $(CHECK) install && \ cd .. && \ cd root && \ zip -r ../../$(distdir)-win$(ARCH).zip * libntlm-v1.8/ntlm.h.in000066400000000000000000000071311460645426100147530ustar00rootroot00000000000000/* ntlm.h --- Header file for libntlm. -*- c -*- * * This file is part of libntlm. * * Libntlm is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * Libntlm is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with libntlm; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301, USA. * */ #ifndef NTLM_H # define NTLM_H # ifdef __cplusplus extern "C" { # endif /* Get FILE. */ #include typedef unsigned short uint16; typedef unsigned int uint32; typedef unsigned char uint8; #define NTLM_VERSION "@PACKAGE_VERSION@" #define NTLM_MSG_BUFSIZE 1024 /* * These structures are byte-order dependant, and should not * be manipulated except by the use of the routines provided */ typedef struct { uint16 len; uint16 maxlen; uint32 offset; } tSmbStrHeader; typedef struct { char ident[8]; uint32 msgType; uint32 flags; tSmbStrHeader user; tSmbStrHeader domain; uint8 buffer[NTLM_MSG_BUFSIZE]; uint32 bufIndex; } tSmbNtlmAuthRequest; typedef struct { char ident[8]; uint32 msgType; tSmbStrHeader uDomain; uint32 flags; uint8 challengeData[8]; uint8 reserved[8]; tSmbStrHeader emptyString; uint8 buffer[NTLM_MSG_BUFSIZE]; uint32 bufIndex; } tSmbNtlmAuthChallenge; typedef struct { char ident[8]; uint32 msgType; tSmbStrHeader lmResponse; tSmbStrHeader ntResponse; tSmbStrHeader uDomain; tSmbStrHeader uUser; tSmbStrHeader uWks; tSmbStrHeader sessionKey; uint32 flags; uint8 buffer[NTLM_MSG_BUFSIZE]; uint32 bufIndex; } tSmbNtlmAuthResponse; /* public: */ #define SmbLength(ptr) (((ptr)->buffer - (uint8*)(ptr)) + (ptr)->bufIndex) extern void dumpSmbNtlmAuthRequest (FILE * fp, tSmbNtlmAuthRequest * request); extern void dumpSmbNtlmAuthChallenge (FILE * fp, tSmbNtlmAuthChallenge * challenge); extern void dumpSmbNtlmAuthResponse (FILE * fp, tSmbNtlmAuthResponse * response); extern void buildSmbNtlmAuthRequest (tSmbNtlmAuthRequest * request, const char *user, const char *domain); /* Same as buildSmbNtlmAuthRequest, but won't treat @ in USER as a DOMAIN. */ extern void buildSmbNtlmAuthRequest_noatsplit (tSmbNtlmAuthRequest * request, const char *user, const char *domain); extern void buildSmbNtlmAuthResponse (tSmbNtlmAuthChallenge * challenge, tSmbNtlmAuthResponse * response, const char *user, const char *password); /* Same as buildSmbNtlmAuthResponse, but won't treat @ in USER as a REALM. */ extern void buildSmbNtlmAuthResponse_noatsplit (tSmbNtlmAuthChallenge * challenge, tSmbNtlmAuthResponse * response, const char *user, const char *password); /* smbencrypt.c */ extern void ntlm_smb_encrypt (const char *passwd, const uint8 * challenge, uint8 * answer); extern void ntlm_smb_nt_encrypt (const char *passwd, const uint8 * challenge, uint8 * answer); extern const char *ntlm_check_version (const char *req_version); # ifdef __cplusplus } # endif #endif /* NTLM_H */ libntlm-v1.8/smbencrypt.c000066400000000000000000000103761460645426100155620ustar00rootroot00000000000000/* * Copyright (C) 2005-2024 Simon Josefsson * Copyright (C) 1998-1999 Brian Bruns * Copyright (C) 2004 Frediano Ziglio * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Library General Public License * as published by the Free Software Foundation; either version 2 of * the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Library General Public License for more details. * * You should have received a copy of the GNU Library General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301, USA. */ #include #include #include #include #include #include #include #include "ntlm.h" #include "md4.h" #include "des.h" /* C89 compliant way to cast 'char' to 'unsigned char'. */ static inline unsigned char to_uchar (char ch) { return ch; } /* * The following code is based on some psuedo-C code from ronald@innovation.ch */ static void ntlm_encrypt_answer (char *hash, const char *challenge, char *answer); static void ntlm_convert_key (char *key_56, gl_des_ctx * ks); void ntlm_smb_encrypt (const char *passwd, const uint8 *challenge, uint8 *answer) { #define MAX_PW_SZ 14 int len; int i; static const char magic[8] = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 }; gl_des_ctx ks; char hash[24]; char passwd_up[MAX_PW_SZ]; /* convert password to upper and pad to 14 chars */ memset (passwd_up, 0, MAX_PW_SZ); len = strlen (passwd); if (len > MAX_PW_SZ) len = MAX_PW_SZ; for (i = 0; i < len; i++) passwd_up[i] = toupper (passwd[i]); /* hash the first 7 characters */ ntlm_convert_key (passwd_up, &ks); gl_des_ecb_encrypt (&ks, magic, hash + 0); /* hash the second 7 characters */ ntlm_convert_key (passwd_up + 7, &ks); gl_des_ecb_encrypt (&ks, magic, hash + 8); memset (hash + 16, 0, 5); ntlm_encrypt_answer (hash, challenge, answer); /* with security is best be pedantic */ memset (&ks, 0, sizeof (ks)); memset (hash, 0, sizeof (hash)); memset (passwd_up, 0, sizeof (passwd_up)); } void ntlm_smb_nt_encrypt (const char *passwd, const uint8 *challenge, uint8 *answer) { size_t len, i; unsigned char hash[24]; unsigned char nt_pw[256]; /* NT resp */ len = strlen (passwd); if (len > 128) len = 128; for (i = 0; i < len; ++i) { nt_pw[2 * i] = passwd[i]; nt_pw[2 * i + 1] = 0; } md4_buffer (nt_pw, len * 2, hash); memset (hash + 16, 0, 5); ntlm_encrypt_answer (hash, challenge, answer); /* with security is best be pedantic */ memset (hash, 0, sizeof (hash)); memset (nt_pw, 0, sizeof (nt_pw)); } /* * takes a 21 byte array and treats it as 3 56-bit DES keys. The * 8 byte plaintext is encrypted with each key and the resulting 24 * bytes are stored in the results array. */ static void ntlm_encrypt_answer (char *hash, const char *challenge, char *answer) { gl_des_ctx ks; ntlm_convert_key (hash, &ks); gl_des_ecb_encrypt (&ks, challenge, answer); ntlm_convert_key (&hash[7], &ks); gl_des_ecb_encrypt (&ks, challenge, &answer[8]); ntlm_convert_key (&hash[14], &ks); gl_des_ecb_encrypt (&ks, challenge, &answer[16]); memset (&ks, 0, sizeof (ks)); } /* * turns a 56 bit key into the 64 bit, and sets the key schedule ks. */ static void ntlm_convert_key (char *key_56, gl_des_ctx *ks) { char key[8]; key[0] = to_uchar (key_56[0]); key[1] = ((to_uchar (key_56[0]) << 7) & 0xFF) | (to_uchar (key_56[1]) >> 1); key[2] = ((to_uchar (key_56[1]) << 6) & 0xFF) | (to_uchar (key_56[2]) >> 2); key[3] = ((to_uchar (key_56[2]) << 5) & 0xFF) | (to_uchar (key_56[3]) >> 3); key[4] = ((to_uchar (key_56[3]) << 4) & 0xFF) | (to_uchar (key_56[4]) >> 4); key[5] = ((to_uchar (key_56[4]) << 3) & 0xFF) | (to_uchar (key_56[5]) >> 5); key[6] = ((to_uchar (key_56[5]) << 2) & 0xFF) | (to_uchar (key_56[6]) >> 6); key[7] = (to_uchar (key_56[6]) << 1) & 0xFF; gl_des_setkey (ks, key); memset (&key, 0, sizeof (key)); } /** \@} */ libntlm-v1.8/smbutil.c000066400000000000000000000231571460645426100150540ustar00rootroot00000000000000/* smbutil.c --- Main library functions. * Copyright (C) 2002-2024 Simon Josefsson * Copyright (C) 1999-2001 Grant Edwards * Copyright (C) 2004 Frediano Ziglio * * This file is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This file is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this file; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301, USA. * */ #include #include #include #include #include #include #include #include "ntlm.h" #ifdef NTLM_UNIQUE_MODULE # include "des.c" # include "md4.c" # include "smbencrypt.c" #else # include "des.h" # include "md4.h" #endif char versionString[] = PACKAGE_STRING; /* Utility routines that handle NTLM auth structures. */ /* * Must be multiple of two * We use a statis buffer of NTLM_MSG_BUFSIZE [1024] bytes for message * At maximun we but 48 bytes (ntlm responses) and 3 unicode strings so * NTLM_BUFSIZE * 3 + 48 <= NTLM_MSG_BUFSIZE */ #define NTLM_BUFSIZE 320 /* * all bytes in our structures are aligned so just swap bytes so * we have just to swap order */ #ifdef WORDS_BIGENDIAN # define UI16LE(n) bswap_16(n) # define UI32LE(n) bswap_32(n) #else # define UI16LE(n) (n) # define UI32LE(n) (n) #endif /* I am not crazy about these macros -- they seem to have gotten * a bit complex. A new scheme for handling string/buffer fields * in the structures probably needs to be designed */ #define AddBytes(ptr, header, buf, count) \ { \ size_t count2 = count; \ if (count2 > NTLM_MSG_BUFSIZE - ptr->bufIndex) \ count2 = NTLM_MSG_BUFSIZE - ptr->bufIndex; \ ptr->header.len = ptr->header.maxlen = UI16LE(count2); \ ptr->header.offset = UI32LE((ptr->buffer - ((uint8*)ptr)) + ptr->bufIndex); \ memcpy(ptr->buffer+ptr->bufIndex, buf, count2); \ ptr->bufIndex += count2; \ } #define AddString(ptr, header, string) \ { \ const char *p = (string); \ size_t len = p ? strlen(p) : 0; \ AddBytes(ptr, header, p, len); \ } #define AddUnicodeStringLen(ptr, header, string, len) \ { \ unsigned char buf[NTLM_BUFSIZE]; \ unsigned char *b = strToUnicode(string, len, buf); \ AddBytes(ptr, header, b, len*2); \ } #define AddUnicodeString(ptr, header, string) \ { \ size_t len = strlen(string); \ AddUnicodeStringLen(ptr, header, string, len); \ } #define GetUnicodeString(structPtr, header, output) \ getUnicodeString(UI32LE(structPtr->header.offset), UI16LE(structPtr->header.len), ((char*)structPtr), (structPtr->buffer - (uint8*) structPtr), sizeof(structPtr->buffer), output) #define GetString(structPtr, header, output) \ getString(UI32LE(structPtr->header.offset), UI16LE(structPtr->header.len), ((char*)structPtr), (structPtr->buffer - (uint8*) structPtr), sizeof(structPtr->buffer), output) #define DumpBuffer(fp, structPtr, header) \ dumpBuffer(fp, UI32LE(structPtr->header.offset), UI16LE(structPtr->header.len), ((char*)structPtr), (structPtr->buffer - (uint8*) structPtr), sizeof(structPtr->buffer)) static void dumpRaw (FILE *fp, const unsigned char *buf, size_t len) { size_t i; for (i = 0; i < len; ++i) fprintf (fp, "%02x ", buf[i]); fprintf (fp, "\n"); } static inline void dumpBuffer (FILE *fp, uint32 offset, uint32 len, char *structPtr, size_t buf_start, size_t buf_len) { /* prevent buffer reading overflow */ if (offset < buf_start || offset > buf_len + buf_start || offset + len > buf_len + buf_start) len = 0; dumpRaw (fp, structPtr + offset, len); } static char * unicodeToString (const char *p, size_t len, char *buf) { size_t i; if (len >= NTLM_BUFSIZE) len = NTLM_BUFSIZE - 1; for (i = 0; i < len; ++i) { buf[i] = *p & 0x7f; p += 2; } buf[i] = '\0'; return buf; } static inline char * getUnicodeString (uint32 offset, uint32 len, char *structPtr, size_t buf_start, size_t buf_len, char *output) { /* prevent buffer reading overflow */ if (offset < buf_start || offset > buf_len + buf_start || offset + len > buf_len + buf_start) len = 0; return unicodeToString (structPtr + offset, len / 2, output); } static unsigned char * strToUnicode (const char *p, size_t l, unsigned char *buf) { int i = 0; if (l > (NTLM_BUFSIZE / 2)) l = (NTLM_BUFSIZE / 2); while (l--) { buf[i++] = *p++; buf[i++] = 0; } return buf; } static char * toString (const char *p, size_t len, char *buf) { if (len >= NTLM_BUFSIZE) len = NTLM_BUFSIZE - 1; memcpy (buf, p, len); buf[len] = 0; return buf; } static inline char * getString (uint32 offset, uint32 len, char *structPtr, size_t buf_start, size_t buf_len, char *output) { /* prevent buffer reading overflow */ if (offset < buf_start || offset > buf_len + buf_start || offset + len > buf_len + buf_start) len = 0; return toString (structPtr + offset, len, output); } void dumpSmbNtlmAuthRequest (FILE *fp, tSmbNtlmAuthRequest *request) { char buf1[NTLM_BUFSIZE], buf2[NTLM_BUFSIZE]; fprintf (fp, "NTLM Request:\n" " Ident = %.8s\n" " mType = %u\n" " Flags = %08x\n" " User = %s\n" " Domain = %s\n", request->ident, UI32LE (request->msgType), UI32LE (request->flags), GetString (request, user, buf1), GetString (request, domain, buf2)); } void dumpSmbNtlmAuthChallenge (FILE *fp, tSmbNtlmAuthChallenge *challenge) { unsigned char buf[NTLM_BUFSIZE]; fprintf (fp, "NTLM Challenge:\n" " Ident = %.8s\n" " mType = %u\n" " Domain = %s\n" " Flags = %08x\n" " Challenge = ", challenge->ident, UI32LE (challenge->msgType), GetUnicodeString (challenge, uDomain, buf), UI32LE (challenge->flags)); dumpRaw (fp, challenge->challengeData, 8); } void dumpSmbNtlmAuthResponse (FILE *fp, tSmbNtlmAuthResponse *response) { unsigned char buf1[NTLM_BUFSIZE], buf2[NTLM_BUFSIZE], buf3[NTLM_BUFSIZE]; fprintf (fp, "NTLM Response:\n" " Ident = %.8s\n" " mType = %u\n" " LmResp = ", response->ident, UI32LE (response->msgType)); DumpBuffer (fp, response, lmResponse); fprintf (fp, " NTResp = "); DumpBuffer (fp, response, ntResponse); fprintf (fp, " Domain = %s\n" " User = %s\n" " Wks = %s\n" " sKey = ", GetUnicodeString (response, uDomain, buf1), GetUnicodeString (response, uUser, buf2), GetUnicodeString (response, uWks, buf3)); DumpBuffer (fp, response, sessionKey); fprintf (fp, " Flags = %08x\n", UI32LE (response->flags)); } static void buildSmbNtlmAuthRequest_userlen (tSmbNtlmAuthRequest *request, const char *user, size_t user_len, const char *domain) { request->bufIndex = 0; memcpy (request->ident, "NTLMSSP\0\0\0", 8); request->msgType = UI32LE (1); request->flags = UI32LE (0x0000b207); /* have to figure out what these mean */ /* FIXME this should be workstation, not username */ AddBytes (request, user, user, user_len); AddString (request, domain, domain); } void buildSmbNtlmAuthRequest (tSmbNtlmAuthRequest *request, const char *user, const char *domain) { const char *p = strchr (user, '@'); size_t user_len = strlen (user); if (p) { if (!domain) domain = p + 1; user_len = p - user; } buildSmbNtlmAuthRequest_userlen (request, user, user_len, domain); } void buildSmbNtlmAuthRequest_noatsplit (tSmbNtlmAuthRequest *request, const char *user, const char *domain) { buildSmbNtlmAuthRequest_userlen (request, user, strlen (user), domain); } static void buildSmbNtlmAuthResponse_userlen (tSmbNtlmAuthChallenge *challenge, tSmbNtlmAuthResponse *response, const char *user, size_t user_len, const char *domain, const char *password) { uint8 lmRespData[24]; uint8 ntRespData[24]; ntlm_smb_encrypt (password, challenge->challengeData, lmRespData); ntlm_smb_nt_encrypt (password, challenge->challengeData, ntRespData); response->bufIndex = 0; memcpy (response->ident, "NTLMSSP\0\0\0", 8); response->msgType = UI32LE (3); AddUnicodeString (response, uDomain, domain); AddUnicodeStringLen (response, uUser, user, user_len); /* TODO just a dummy value for workstation */ AddUnicodeStringLen (response, uWks, user, user_len); AddBytes (response, lmResponse, lmRespData, 24); AddBytes (response, ntResponse, ntRespData, 24); AddString (response, sessionKey, NULL); response->flags = challenge->flags; } void buildSmbNtlmAuthResponse (tSmbNtlmAuthChallenge *challenge, tSmbNtlmAuthResponse *response, const char *user, const char *password) { const char *p = strchr (user, '@'); size_t user_len = strlen (user); unsigned char buf[NTLM_BUFSIZE]; const char *domain = GetUnicodeString (challenge, uDomain, buf); if (p) { domain = p + 1; user_len = p - user; } buildSmbNtlmAuthResponse_userlen (challenge, response, user, user_len, domain, password); } void buildSmbNtlmAuthResponse_noatsplit (tSmbNtlmAuthChallenge *challenge, tSmbNtlmAuthResponse *response, const char *user, const char *password) { unsigned char buf[NTLM_BUFSIZE]; const char *domain = GetUnicodeString (challenge, uDomain, buf); buildSmbNtlmAuthResponse_userlen (challenge, response, user, strlen (user), domain, password); } libntlm-v1.8/test.txt000066400000000000000000000032261460645426100147440ustar00rootroot00000000000000NTLM Request: Ident = NTLMSSP mType = 1 Flags = 0000b207 User = myuser Domain = mydomain 4e 54 4c 4d 53 53 50 00 01 00 00 00 07 b2 00 00 06 00 06 00 20 00 00 00 08 00 08 00 26 00 00 00 6d 79 75 73 65 72 6d 79 64 6f 6d 61 69 6e NTLM Request: Ident = NTLMSSP mType = 1 Flags = 0000b207 User = Test_! Domain = xXxX.& 4e 54 4c 4d 53 53 50 00 01 00 00 00 07 b2 00 00 06 00 06 00 20 00 00 00 06 00 06 00 26 00 00 00 54 65 73 74 5f 21 78 58 78 58 2e 26 NTLM Challenge: Ident = NTLMSSP mType = 2 Domain = mydomain Flags = 00000000 Challenge = 01 02 03 04 f5 c3 b2 82 4e 54 4c 4d 53 53 50 00 02 00 00 00 10 00 10 00 30 00 00 00 00 00 00 00 01 02 03 04 f5 c3 b2 82 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6d 00 79 00 64 00 6f 00 6d 00 61 00 69 00 6e 00 NTLM Response: Ident = NTLMSSP mType = 3 LmResp = 0b b9 cb bf f6 94 ce ac c6 91 a5 74 bb c6 c8 50 83 a1 dc 55 5f 17 a9 99 NTResp = 94 6e 80 ff da a9 78 43 8f 5c ca a5 19 68 3f e2 72 4f 1e b2 29 6d 92 c8 Domain = mydomain User = otheruser Wks = otheruser sKey = Flags = 00000000 4e 54 4c 4d 53 53 50 00 03 00 00 00 18 00 18 00 74 00 00 00 18 00 18 00 8c 00 00 00 10 00 10 00 40 00 00 00 12 00 12 00 50 00 00 00 12 00 12 00 62 00 00 00 00 00 00 00 a4 00 00 00 00 00 00 00 6d 00 79 00 64 00 6f 00 6d 00 61 00 69 00 6e 00 6f 00 74 00 68 00 65 00 72 00 75 00 73 00 65 00 72 00 6f 00 74 00 68 00 65 00 72 00 75 00 73 00 65 00 72 00 0b b9 cb bf f6 94 ce ac c6 91 a5 74 bb c6 c8 50 83 a1 dc 55 5f 17 a9 99 94 6e 80 ff da a9 78 43 8f 5c ca a5 19 68 3f e2 72 4f 1e b2 29 6d 92 c8 libntlm-v1.8/test_CVE-2019-17455.c000066400000000000000000000034011460645426100161130ustar00rootroot00000000000000/* test_overflow.c --- Test for CVE-2019-17455 overflow bug for libntlm. * Copyright (C) 2020-2024 Simon Josefsson * * This file is free software; you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This file is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this file; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301, USA. * */ #include #include #include #include "ntlm.h" int main (void) { char u[1024]; char d[1024]; char buf[sizeof (tSmbNtlmAuthRequest) + 5]; tSmbNtlmAuthRequest *request = (void *) &buf; size_t i; memset (u, '1', 1024); memset (d, '2', 1024); u[1023] = '\0'; d[1023] = '\0'; memset (buf, '3', sizeof (buf)); printf ("Before call:\n"); for (i = sizeof (tSmbNtlmAuthRequest) - 5; i < sizeof (buf); i++) printf ("str[end + %d] = %02x\n", (int) (i - sizeof (tSmbNtlmAuthRequest)), (unsigned int) buf[i]); buildSmbNtlmAuthRequest (request, u, d); printf ("After call:\n"); for (i = sizeof (tSmbNtlmAuthRequest) - 5; i < sizeof (buf); i++) printf ("str[end + %d] = %02x\n", (int) (i - sizeof (tSmbNtlmAuthRequest)), (unsigned int) buf[i]); for (i = sizeof (tSmbNtlmAuthRequest); i < sizeof (buf); i++) if (buf[i] != '3') return 1; return 0; } libntlm-v1.8/test_ntlm.c000066400000000000000000000107621460645426100154040ustar00rootroot00000000000000/* test_ntlm.c --- Test module for libntlm. * Copyright (C) 2008-2024 Simon Josefsson * Copyright (C) 2004, 2005 Frediano Ziglio * * This file is free software; you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This file is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this file; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301, USA. * */ #include #include #include #include #include #include #include #include "ntlm.h" #include "md4.h" static int md4file (const char *name, unsigned char *hash) { FILE *f; int res = 0; f = fopen (name, "r"); if (!f) return 1; res = md4_stream (f, hash); fclose (f); return res; } static int diffFile (const char *name1, const char *name2) { unsigned char hash1[24], hash2[24]; if (md4file (name1, hash1) || md4file (name2, hash2)) return 1; if (memcmp (hash1, hash2, 16) != 0) return 1; return 0; } static void dumpRaw (FILE *fp, const unsigned char *buf, size_t len) { size_t i; for (i = 0; i < len; ++i) { if (i != 0 && (i & 0xf) == 0) fprintf (fp, "\n"); fprintf (fp, "%02x ", buf[i]); } fprintf (fp, "\n"); } static uint16 intelEndian16 (uint16 n) { uint16 u; unsigned char *buf = (unsigned char *) &u; buf[0] = n & 0xff; buf[1] = (n >> 8) & 0xff; return u; } static uint32 intelEndian32 (uint32 n) { uint32 u; unsigned char *buf = (unsigned char *) &u; buf[0] = n & 0xff; buf[1] = (n >> 8) & 0xff; buf[2] = (n >> 16) & 0xff; buf[3] = (n >> 24) & 0xff; return u; } static void fillUnicode (tSmbStrHeader *header, char *buffer, int buffer_start, int *idx, const char *s) { int len = strlen (s); header->len = header->maxlen = intelEndian16 (len * 2); header->offset = intelEndian32 (*idx + buffer_start); *idx += len * 2; for (; len; --len) { *buffer++ = *s++; *buffer++ = 0; } } static void fillChallenge (tSmbNtlmAuthChallenge *challenge, const char *domain) { int idx = 0; memset (challenge, 0, sizeof (*challenge)); memcpy (challenge->ident, "NTLMSSP\0\0\0", 8); challenge->msgType = intelEndian32 (2); fillUnicode (&challenge->uDomain, challenge->buffer, challenge->buffer - ((uint8 *) challenge), &idx, domain); challenge->flags = intelEndian32 (0); memcpy (challenge->challengeData, "\x01\x02\x03\x04\xf5\xc3\xb2\x82", 8); challenge->bufIndex = idx; } #define DUMP_REQUEST(req) dumpRaw(f, (unsigned char*) req, SmbLength(req)) int main (void) { tSmbNtlmAuthRequest request; tSmbNtlmAuthChallenge challenge; tSmbNtlmAuthResponse response; FILE *f = fopen ("test.out", "w"); if (!f) return 1; printf ("ntlm.h %s libntlm %s\n", NTLM_VERSION, ntlm_check_version (NULL)); if (!ntlm_check_version ("1.2")) { puts ("FAIL: check_version (1.2)"); return 1; } if (ntlm_check_version ("4711.42.23")) { puts ("FAIL: check_version (4711.42.23)"); return 1; } if (ntlm_check_version ("UNKNOWN")) { puts ("FAIL: check_version (UNKNOWN)"); return 1; } if (!ntlm_check_version (NTLM_VERSION)) { puts ("FAIL: !check_version (NTLM_VERSION)"); return 1; } if (strcmp (NTLM_VERSION, ntlm_check_version (NULL)) != 0) { puts ("FAIL: strcmp (NTLM_VERSION, check_version (NULL))"); return 1; } /* do some test then dump */ buildSmbNtlmAuthRequest (&request, "myuser", "mydomain"); dumpSmbNtlmAuthRequest (f, &request); DUMP_REQUEST (&request); buildSmbNtlmAuthRequest (&request, "Test_!@xXxX.&", NULL); dumpSmbNtlmAuthRequest (f, &request); DUMP_REQUEST (&request); fillChallenge (&challenge, "mydomain"); dumpSmbNtlmAuthChallenge (f, &challenge); DUMP_REQUEST (&challenge); buildSmbNtlmAuthResponse (&challenge, &response, "otheruser", "mypasswd"); dumpSmbNtlmAuthResponse (f, &response); DUMP_REQUEST (&response); fclose (f); /* now reopen the file and do a diff */ return diffFile ("test.out", NTLM_SRCDIR "/test.txt"); }