(11-10-2024, 08:05 PM)Matt G Wrote: Is this something that is currently supported
No, NTLM over SASL has never been supported. Although there is a
TIdSASLNTLM component in the
IdSASL_NTLM.pas unit of the
IndyProtocols package, it has never been tested or registered on the IDE's component Palette.
(11-10-2024, 08:05 PM)Matt G Wrote: downloaded the latest source after coming across AV's with this SASL processing and it looks like this is not enabled?
Code:
AV was with this line: setup_des_key(PDES_cblock(Integer(Akeys) + 7)^, ks);
That particular line of code is present only in the
IdNTLMv2.pas unit, which was never finished, and is used only by
TIdSASLNTLM. Also, that code doesn't look like it was ever re-written to handle 64bit builds.
(11-10-2024, 08:05 PM)Matt G Wrote: Is there any information on NTLM support now or is that gone?
NTLM is (and always has been) supported only for HTTP, not for SASL. I don't have any immediate plans to finish NTLM support for SASL. If someone else wants to finish it, I can incorporate it. However, Microsoft officially deprecated NTLM in 2023 and will be dropping it completely probably in 2025, so I don't think it is really worth the effort at this point.
(11-10-2024, 08:05 PM)Matt G Wrote: Looks like IdFIPS.pas disables NTLM by default now:
Code:
function DefLoadNTLMLibrary: Boolean;
begin
Result := False;
end;
What you are seeing is just a default. Portions of Indy's NTLM code is (and always has been) handled by OpenSSL.
IdFIPS.pas and
IdNTLM.pas were simply refactored a few months ago (in preparation for
moving OpenSSL from the main Indy library into
its own separate package). Code in
IdNTLM.pas that was directly calling a few OpenSSL functions has been moved into the
IdSSLOpenSSLHeaders.pas unit, and is callable by
IdNTLM.pas through some new function pointers added to
IdFIPS.pas. The new logic is meant to help abstract NTLM access so users can substitute OpenSSL with another NTLM library if they desire.