Re: [squid-users] SQUID 3.0.STABLE24 : NTLM+SAMBA/WINBINDD BH Helper detected protocol error from Amos Jeffries on 2010-04-07 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 08 Apr 2010 01:29:04 +0000

On Wed, 07 Apr 2010 22:44:02 +0200, David Touzeau <david_at_touzeau.eu>
wrote:
> Dear
>
> I have installed samba + winbidd on the Squid computer and configure it
> has PDC
>
> squid is compiled has :
> Squid Cache: Version 3.0.STABLE24
> configure options: '--prefix=/usr' '--includedir=/include'
> '--mandir=/share/man' '--infodir=/share/info' '--sysconfdir=/etc'
> '--localstatedir=/var' '--libexecdir=/lib/squid3'
> '--disable-maintainer-mode' '--disable-dependency-tracking' '--srcdir=.'

> '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3'
> '--mandir=/usr/share/man' '--enable-gnuregex'
> '--enable-removal-policy=heap' '--enable-follow-x-forwarded-for'
> '--with-maxfd=32000' '--with-large-files' '--disable-dlmalloc'
> '--with-pthreads' '--enable-esi' '--enable-storeio=aufs,diskd,ufs'
> '--with-aufs-threads=10' '--with-maxfd=16384' '--enable-useragent-log'
> '--enable-referer-log' '--enable-x-accelerator-vary' '--with-dl'
> '--enable-basic-auth-helpers=LDAP' '--enable-truncate'
> '--enable-linux-netfilter' '--enable-auth=basic,digest,ntlm'
> '--enable-digest-auth-helpers=ldap,password'
>
'--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group'
> '--enable-basic-auth-helpers=LDAP,MSNT,multi-domain-NTLM,SMB'
> '--enable-ntlm-auth-helpers=SMB,no_check' '--with-default-user=squid'
> '--enable-icap-client' '--enable-cache-digests' '--enable-icap-support'
> '--enable-poll' '--enable-epoll' '--enable-async-io'
> '--enable-delay-pools' '--enable-ssl' 'CFLAGS=-DNUMTHREADS=60 -O3 -pipe
> -fomit-frame-pointer -funroll-loops -ffast-math -fno-exceptions'
>
>
>
> NTLM events in debug mode are :
>
> ntlm-auth[18942](ntlm_auth.c:444): sending 'BH Helper detected protocol
> error' to squid
> ntlm-auth[18942](ntlm_auth.c:287): managing request
> ntlm-auth[18942](ntlm_auth.c:293): ntlm authenticator. Got
> 'david.touzeau 54321' from Squid
> ntlm-auth[18942](ntlm_auth.c:444): sending 'BH Helper detected protocol
> error' to squid
> ntlm-auth[18942](ntlm_auth.c:287): managing request
> ntlm-auth[18942](ntlm_auth.c:293): ntlm authenticator. Got
> 'david.touzeau 54321' from Squid
> ntlm-auth[18942](ntlm_auth.c:444): sending 'BH Helper detected protocol
> error' to squid
> ntlm-auth[18942](ntlm_auth.c:287): managing request
> ntlm-auth[18942](ntlm_auth.c:293): ntlm authenticator. Got
> 'david.touzeau 54321' from Squid
> ntlm-auth[18942](ntlm_auth.c:444): sending 'BH Helper detected protocol
> error' to squid
>
> Here it is my squid conf
>
> auth_param ntlm program /usr/lib/squid3/ntlm_auth -d
> WORKGROUP/debian503-http
> auth_param basic program /usr/lib/squid3/ntlm_auth -d
> WORKGROUP/debian503-http
> auth_param ntlm children 5
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> #--------- NTLM ACL settings
> acl ntlm_users proxy_auth REQUIRED
>
> has smb.conf is
>
> [global]
> workgroup=WORKGROUP
> netbios name=debian503-http
> server string=%h server
> disable netbios=no
>
>
> How can i resolve it ?

Try the ntlm_auth helper provided by Samba.
The squid one does not do full NTLM.

Amos
Received on Thu Apr 08 2010 - 01:29:06 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 08 2010 - 12:00:03 MDT