On Mon, 2003-05-12 at 00:04, Serassio Guido wrote:
> Hi,
>
> I have made some testing about bug #610 and LM/NTLM support.
> diff -u -p -r1.1.2.6 wb_ntlm_auth.c
> --- helpers/ntlm_auth/winbind/wb_ntlm_auth.c 12 Feb 2003 03:21:01
> -0000 1.1.2.6
> +++ helpers/ntlm_auth/winbind/wb_ntlm_auth.c 11 May 2003 12:44:09 -0000
> @@ -230,6 +230,10 @@ do_authenticate(ntlm_authenticate * auth
> memcpy(request.data.auth_crap.nt_resp, nthash.str, 24);
> request.data.auth_crap.nt_resp_len = 24;
> break;
> + case 60:
> + memcpy(request.data.auth_crap.nt_resp, nthash.str, 60);
> + request.data.auth_crap.nt_resp_len = 60;
> + break;
> default:
> debug("nthash len = %d\n", nthash.l);
> authfail(domain, user, "Broken NT hash response");
>
> I don't know if the 24 value is correct or should be 60, or if both value
> should be present.
This patch is *compleatly* bogus. The NT response may be any size,
depending on the length of your server and domain names sent in the
NTLMSSP request. I think squid might cheat a bit in it's NTLMSSP, but
the principle remains. Any length, up to the size of the struct you are
sending to winbind, should be permitted.
However, if you are getting more then 24 bytes for an NTLM response
(check with ethereal), then squid's NTLMSSP parsing is broken.
Andrew Bartlett
-- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:19:55 MST