ntlm

Homepage: https://www.gnu.org/software/emacs

Author: Taro Kawagishi

Summary

NTLM (NT LanManager) authentication support

Commentary

This library is a direct translation of the Samba release 2.2.0
implementation of Windows NT and LanManager compatible password
encryption.

Interface functions:

ntlm-build-auth-request
  This will return a binary string, which should be used in the
  base64 encoded form and it is the caller's responsibility to encode
  the returned string with base64.

ntlm-build-auth-response
  It is the caller's responsibility to pass a base64 decoded string
  (which will be a binary string) as the first argument and to
  encode the returned string with base64.  The second argument user
  should be given in user@domain format.

ntlm-get-password-hashes


NTLM authentication procedure example:

 1. Open a network connection to the Exchange server at the IMAP port (143)
 2. Receive an opening message such as:
    "* OK Microsoft Exchange IMAP4rev1 server
       version 5.5.2653.7 (XXXX) ready"
 3. Ask for IMAP server capability by sending "NNN capability"
 4. Receive a capability message such as:
    "* CAPABILITY IMAP4 IMAP4rev1 IDLE LITERAL+
       LOGIN-REFERRALS MAILBOX-REFERRALS NAMESPACE AUTH=NTLM"
 5. Ask for NTLM authentication by sending a string
    "NNN authenticate ntlm"
 6. Receive continuation acknowledgment "+"
 7. Send NTLM authentication request generated by 'ntlm-build-auth-request
 8. Receive NTLM challenge string following acknowledgment "+"
 9. Generate response to challenge by 'ntlm-build-auth-response
    (here two hash function values of the user password are encrypted)
10. Receive authentication completion message such as
    "NNN OK AUTHENTICATE NTLM completed."

Dependencies

Reverse dependencies