rubyntlm 0.6.4 → 0.6.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7e8301388316487463cdc7dece7772084e18b8935407fe769dc57c073a4d092a
-  data.tar.gz: eb6610456e83f88a4a7ffc8f8372770efc601f8398ce85bd99240296ce0ed3bf
+  metadata.gz: 12b18439c86b30b978043850938e3ec611230d2e0783828d6db337dfe4ea97ad
+  data.tar.gz: 872a21844c21c9f64815abd312156c3fcddb8ebedc5185ec128106b6714b8521
 SHA512:
-  metadata.gz: e77ad737f9292ee7662ae65ea6cceb137d3780e95831e1ff44a1a2f9b79dded84a1a80f84c4be8c1b1930991140b18ebb385f926a1f86ba11d9a981eb154bb2f
-  data.tar.gz: d7f817bf3750b9cd8a47249f665dc618e40d94ec6b0bff410dbde2bc2906b53bf7a4f79f65f424d1d613e20a2055679254a779b0941d1284595a1bc10fa1d727
+  metadata.gz: 03df0639b70648b2db81684060ce732d46f21a392590f4995ddb4c97399036ffc8d9a47fd1460b64441a34bebdbabfbd1f3d625bf1246a9e178a0901770f0ee5
+  data.tar.gz: e3ff9341eb1738c501fe90d9456a8203e5771af2c459bb53f0168e24cbdd549540a0369d9a83f2864dce4fac86595cca4c7207b88f11a1b843d9fdbf52b59b20

data/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Change Log
 
+## 0.6.5 (2024-06-11)
+
+* Update available NegotiateFlags during authentication
+* Fix NTLMv2 hash when username contains non-ASCII characters by @cdelafuente-r7 in https://github.com/WinRb/rubyntlm/pull/56
+
 ## 0.6.4 (2024-06-06)
 
 * Fix applying DES-CBC when using OpenSSL 3 by @paulvt in https://github.com/WinRb/rubyntlm/pull/51

data/lib/net/ntlm/encode_util.rb

@@ -39,7 +39,7 @@ module NTLM
       #   the function will convert the string bytes to UTF-16LE and note the encoding as UTF-8 so that byte
       #   concatination works seamlessly.
       def self.encode_utf16le(str)
-        str.dup.force_encoding('UTF-8').encode(Encoding::UTF_16LE, Encoding::UTF_8).force_encoding('UTF-8')
+        str.dup.force_encoding('UTF-8').encode(Encoding::UTF_16LE, Encoding::UTF_8).force_encoding('ASCII-8BIT')
       end
     end
   end

data/lib/net/ntlm/message.rb

@@ -3,28 +3,36 @@ module NTLM
 
   SSP_SIGN = "NTLMSSP\0"
 
+  # See [2.2.2.5 NEGOTIATE](https://msdn.microsoft.com/en-us/library/cc236650.aspx)
   FLAGS = {
       :UNICODE              => 0x00000001,
       :OEM                  => 0x00000002,
       :REQUEST_TARGET       => 0x00000004,
-      :MBZ9                 => 0x00000008,
       :SIGN                 => 0x00000010,
       :SEAL                 => 0x00000020,
       :NEG_DATAGRAM         => 0x00000040,
-      :NETWARE              => 0x00000100,
+      :NEG_LM_KEY           => 0x00000080,
       :NTLM                 => 0x00000200,
-      :NEG_NT_ONLY          => 0x00000400,
-      :MBZ7                 => 0x00000800,
+      :NEG_ANONYMOUS        => 0x00000800,
       :DOMAIN_SUPPLIED      => 0x00001000,
       :WORKSTATION_SUPPLIED => 0x00002000,
-      :LOCAL_CALL           => 0x00004000,
       :ALWAYS_SIGN          => 0x00008000,
       :TARGET_TYPE_DOMAIN   => 0x00010000,
+      :TARGET_TYPE_SERVER   => 0x00020000,
       :NTLM2_KEY            => 0x00080000,
+      :NEG_IDENTIFY         => 0x00100000,
+      :NON_NT_SESSION_KEY   => 0x00400000,
       :TARGET_INFO          => 0x00800000,
+      :NEG_VERSION          => 0x02000000,
       :KEY128               => 0x20000000,
       :KEY_EXCHANGE         => 0x40000000,
-      :KEY56                => 0x80000000
+      :KEY56                => 0x80000000,
+      # Undocumented flags:
+      :MBZ9                 => 0x00000008,
+      :NETWARE              => 0x00000100,
+      :NEG_NT_ONLY          => 0x00000400,
+      :MBZ7                 => 0x00000800, # alias for :NEG_ANONYMOUS
+      :LOCAL_CALL           => 0x00004000,
   }.freeze
 
   FLAG_KEYS = FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }

data/lib/net/ntlm/version.rb

@@ -4,7 +4,7 @@ module Net
     module VERSION
       MAJOR = 0
       MINOR = 6
-      TINY  = 4
+      TINY  = 5
       STRING = [MAJOR, MINOR, TINY].join('.')
     end
   end

data/lib/net/ntlm.rb

@@ -166,7 +166,18 @@ module Net
         else
           ntlmhash = ntlm_hash(password, opt)
         end
-        userdomain = user.upcase + target
+
+        if opt[:unicode]
+          # Uppercase operation on username containing non-ASCI characters
+          # after behing unicode encoded with `EncodeUtil.encode_utf16le`
+          # doesn't play well. Upcase should be done before encoding.
+          user_upcase = EncodeUtil.decode_utf16le(user).upcase
+          user_upcase = EncodeUtil.encode_utf16le(user_upcase)
+        else
+          user_upcase = user.upcase
+        end
+        userdomain = user_upcase + target
+
         unless opt[:unicode]
           userdomain = EncodeUtil.encode_utf16le(userdomain)
         end

data/spec/lib/net/ntlm/message/type3_spec.rb

@@ -222,7 +222,28 @@ describe Net::NTLM::Message::Type3 do
 
   end
 
-  describe '.serialize' do
+  describe '#serialize' do
+    context 'when the username contains non-ASCI characters' do
+      let(:t3) {
+        t2 = Net::NTLM::Message::Type2.new
+        t2.response(
+          {
+            :user => 'Hélène',
+            :password => '123456',
+            :domain => ''
+          },
+          {
+            :ntlmv2 => true,
+            :workstation => 'testlab.local'
+          }
+        )
+      }
+
+      it 'serializes without error' do
+        expect { t3.serialize }.not_to raise_error
+      end
+    end
+
     subject(:message) { described_class.create(opts) }
     context 'with the UNICODE flag set' do
       let(:opts) { {lm_response: "\x00".b, ntlm_response: '', domain: '', workstation: '', user: '', flag: Net::NTLM::DEFAULT_FLAGS[:TYPE3] | Net::NTLM::FLAGS[:UNICODE] } }

data/spec/lib/net/ntlm_spec.rb

@@ -59,6 +59,14 @@ describe Net::NTLM do
     end
   end
 
+  context 'when the username contains non-ASCI characters' do
+    let(:user) { 'юзер' }
+
+    it 'should return the correct ntlmv2 hash' do
+      expect(Net::NTLM::ntlmv2_hash(user, passwd, domain, { unicode: true })).to eq(["a0f4b914a37faeaee884b6b04a20faf0"].pack("H*"))
+    end
+  end
+
   it 'should generate an lm_response' do
     expect(Net::NTLM::lm_response(
         {

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubyntlm
 version: !ruby/object:Gem::Version
-  version: 0.6.4
+  version: 0.6.5
 platform: ruby
 authors:
 - Kohei Kajimoto
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-06-06 00:00:00.000000000 Z
+date: 2024-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: github_changelog_generator