Hi,
At 10.46 12/05/2003, Henrik Nordstrom wrote:
>On Monday 12 May 2003 09.48, Serassio Guido wrote:
>
> > OK, this means a bug in wb_ntlmauth: now it expects only 24 bytes.
> >
> > >However, if you are getting more then 24 bytes for an NTLM
> > > response (check with ethereal), then squid's NTLMSSP parsing is
> > > broken.
>
>Squid just sends what it got from the browser as far as I know.
Ok, this when a NT 4 DC works in NTLM mode (LMCompatibilityLevel = 4) is 60
bytes (log of broken wb_ntlmauth):
(wb_ntlmauth)[1580](wb_ntlm_auth.c:292): Got 'KK
TlRMTVNTUAADAAAAGAAYAFMAAAA8ADwAawAAAAIAAgBAAAAADQANAEIAAAAEAAQATwAAAAAAAACnAAAAAoIBAFNHQURNSU5JU1RSQVRPUlZFR0Gg/OsOTYUep9krL44cOzXt5w2SptkhE8C9KXKOjanFDrrxBZq2KS20AQEAAAAAAAC0fr+1nxfDAecNkqbZIRPASFwUAAIABABTAEcAAAAAAAAAAAA='
from squid.
(wb_ntlmauth)[1580](wb_ntlm_auth.c:234): nthash len = 60
(wb_ntlmauth)[1580](wb_ntlm_auth.c:60): sending 'NA SG\ADMINISTRATOR auth
failure because: Broken NT hash response' to squid
The patched wb_ntlmauth works fine, so Squid is broken or not ?
Regards
Guido
-
========================================================
Guido Serassio
Acme Consulting S.r.l.
Via Gorizia, 69 10136 - Torino - ITALY
Tel. : +39.011.3249426 Fax. : +39.011.3293665
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Mon May 12 2003 - 03:36:22 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:19:55 MST