[SQU] NTLM error report to squid dev

From: <Adam.Shields@dont-contact.us>
Date: Thu, 8 Mar 2001 21:41:20 -0500

hey folks, Adam again

Setup NTLM to work on a squid 2.5 (3/8/2001 is the day I got the CVS tree)
configured it using --enable-auth=ntlm and

compiled and installed fine.

squid.conf is almost straight defaults,

# http_port 3128

# tcp_outgoing_address
# udp_incoming_address
# udp_outgoing_address

#We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

# cache_dir ufs /usr/local/squid/cache 100 16 256

auth_param ntlm program /usr/local/squid/bin/ntlm_auth PSG1/PSGZDCS001
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

acl all src
acl acl_name proxy_auth REQUIRED

http_access allow acl_name
http_access deny all
http_reply_access allow all
icp_access allow all
visible_hostname PSGZLIN001

The access.log file shows the username of the workstation I'm working from
so I know it's at least reading the hash from the borwser

984094928.472 1220 TCP_MISS/200 6780 POST
http://www.squid-cache.org/cgi-bin/swish-query.cgi psg1\shieldsad
DIRECT/ text/html
984094931.842 2 TCP_DENIED/407 1424 GET
http://www.squid-cache.org/mail-archive/squid-users/200010/0547.html NONE/-
984094931.851 5 TCP_DENIED/407 1490 GET
http://www.squid-cache.org/mail-archive/squid-users/200010/0547.html NONE/-
984094932.093 242 TCP_MISS/200 8442 GET
psg1\shieldsad DIRECT/ text/html
984094980.721 888 TCP_MISS/200 4070 GET
psg1\shieldsad DIRECT/ text/html

and now to the actual error

I receive the following when running ./squid -NCd3 with a debug_option of
or what was suggested..

SessSetupAndX response. Action = 0
Error receiving response to SessSetupAndX
2001/03/08 18:53:43| authenticateNTLMDirection: called before NTLM
Authenticate. Report a bug to squid-dev.

I receive the last line a few times in the cache.log, and it's the same.
as well as the SessSetupAndX response error.

any help would be greatly appreiceated, if theres something I'm missing,
could you help me out?

Also, i read somewhere that the NTLM program would verify aginst a net group
in NT, if so, is this an option you have to enable in the ntlm_auth helper?

As alwaysyour help is appreiceated,
        Adam Shields
        Pinkerton Services Group

To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Thu Mar 08 2001 - 19:44:36 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:35 MST