Re: Status on NTLM in Squid3? from Andrew Bartlett on 2004-10-29 (squid-dev)

From: Andrew Bartlett <abartlet@dont-contact.us>
Date: Fri, 29 Oct 2004 22:27:00 +1000

On Mon, 2004-10-18 at 00:48, Henrik Nordstrom wrote:
> On Sun, 17 Oct 2004, Andrew Bartlett wrote:
>
> > Can somebody give me a quick status update on NTLM in Squid3?
>
> Pretty broken. Pretty much none of the patches which has gone into
> Squid-2.5 has yet gone into Squid-3.
>
> > Also, does anybody want to dare to add SPNEGO (Negotiate) support?
>
> I am still struggling to find time to implement this, but it is looking
> better now that I feel pretty much done with Squid-2.5 and Guido is doing
> a great job on forward porting the missing patches to Squid-3.
>
> Implementation of Negotiate is better done on a clean sheet not looking
> too closely at the muddled NTLM implementation where the cludgy support
> for session reuse really complicates several things and obfuscates much of
> the rest..

Just as a status update:

https://bugzilla.mozilla.org/show_bug.cgi?id=266485 is the Mozilla bug
to implement a client for Negotiate/SPNEGO.

http://download.samba.org/ftp/unpacked/lorikeet/trunk/mod_ntlm_winbind
is an apache 1.3 module, which calls Samba's ntlm_auth.

I've created a concoction of Samba3 and Samba4, and it works. I'll work
to make it a little less fragile, but it should give you some idea how I
think it should work...

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet@samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet@hawkerc.net

application/pgp-signature attachment: This is a digitally signed message part

Received on Fri Oct 29 2004 - 06:27:18 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Oct 31 2004 - 12:00:02 MST