Re: Bugzilla #610 and NTLM in Squid 2.5 from Andrew Bartlett on 2003-05-14 (squid-dev)

From: Andrew Bartlett <abartlet@dont-contact.us>
Date: 14 May 2003 20:46:28 +1000

On Mon, 2003-05-12 at 18:46, Henrik Nordstrom wrote:
> On Monday 12 May 2003 09.48, Serassio Guido wrote:
>
> > OK, this means a bug in wb_ntlmauth: now it expects only 24 bytes.
> >
> > >However, if you are getting more then 24 bytes for an NTLM
> > > response (check with ethereal), then squid's NTLMSSP parsing is
> > > broken.
>
> Squid just sends what it got from the browser as far as I know.

Sorry, I mean squid's NTLMSSP parsing lib, as used in wb_ntlmauth.

However, it appears that this is just an issue of not knowing what the
client is sending when analyzing the results :-).

The correct fix is to simply allow any size between 24 and
sizeof(fstring) bytes.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet@samba.org
Student Network Administrator, Hawker College   abartlet@hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

application/pgp-signature attachment: This is a digitally signed message part

Received on Wed May 14 2003 - 04:46:48 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:19:55 MST