Since we want to get rid of it, might be useful to
allow users to remove the support completely.
Change-Id: I199f83e2db5fc7c48a0ac9280cdbf9fa45f42300
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <
20231230143817.4880-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27863.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
/* Enable LZO compression library */
#cmakedefine ENABLE_LZO
+/* Enable NTLMv2 proxy support */
+#define ENABLE_NTLM 1
+
/* Enable management server capability */
#define ENABLE_MANAGEMENT 1
[enable_x509_alt_username="no"]
)
+AC_ARG_ENABLE(
+ [ntlm],
+ [AS_HELP_STRING([--disable-ntlm], [disable NTLMv2 proxy support @<:@default=yes@:>@])],
+ ,
+ [enable_ntlm="yes"]
+)
+
AC_ARG_ENABLE(
[plugins],
[AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])],
test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support])
test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing])
+test "${enable_ntlm}" = "yes" && AC_DEFINE([ENABLE_NTLM], [1], [Enable NTLMv2 proxy support])
test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
if test "${have_export_keying_material}" = "yes"; then
AC_DEFINE(
if (p[3])
{
/* auto -- try to figure out proxy addr, port, and type automatically */
- /* semiauto -- given proxy addr:port, try to figure out type automatically */
- /* (auto|semiauto)-nct -- disable proxy auth cleartext protocols (i.e. basic auth) */
+ /* auto-nct -- disable proxy auth cleartext protocols (i.e. basic auth) */
if (streq(p[3], "auto"))
{
ho->auth_retry = PAR_ALL;
{
struct gc_arena gc = gc_new();
char buf[512];
- char buf2[129];
- char get[80];
int status;
int nparms;
bool ret = false;
{
#if NTLM
/* look for the phase 2 response */
+ char buf2[129];
while (true)
{
chomp(buf);
msg(D_PROXY, "HTTP proxy returned: '%s'", buf);
- openvpn_snprintf(get, sizeof get, "%%*s NTLM %%%ds", (int) sizeof(buf2) - 1);
+ char get[80];
+ openvpn_snprintf(get, sizeof(get), "%%*s NTLM %%%zus", sizeof(buf2) - 1);
nparms = sscanf(buf, get, buf2);
buf2[128] = 0; /* we only need the beginning - ensure it's null terminated. */
/*
* Should we include NTLM proxy functionality
*/
+#ifdef ENABLE_NTLM
#define NTLM 1
+#endif
/*
* Should we include proxy digest auth functionality