Re: NTLM module

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 11 Jul 2000 01:17:46 +0200

Robert Collins wrote:
>
> AFAICT it was largely inactive - the code looked like it was pre-auth
> modules?

No development has taken place on the ntlm branch for the last two
months or so, only minor bug fixes to problems reported by the person(s)
trying it.

What auth modules are you talking about here? Not sure I understand what
you are talking about. The "ntlm" branch includes an attempt to make the
proxy_auth modules more generic to support added requirements from NTLM
and Digest authentication.

> I have no IE 4 machines to test it on at the moment, but the clients were
> sending auth strings like "Basic acbegf6552163bcbc=00" (that one's fake!)

Thats Basic, not NTLM.

> It does respond with
> ==
> Proxy-Auth Basic=squid proxy realm
> Proxy Auth NTLM
> ==

Mine responds with

...
Proxy-Authenticate: Basic realm="Squid proxy-caching web server"
Proxy-Authenticate: NTLM
...

I have been able to verify that Squid selects the correct code path for
next step of the protocol also by using constructed requests, but
without a real Windows box on the network I cannot test much more. It is
no fun manually base64 encoding those NTLM structures..

/Henrik
Received on Mon Jul 10 2000 - 17:18:27 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:32 MST