[squid-users] ntlmssp: bad ascii: ffffffab (Lan Manager auth broken?)
Victor Sudakov
sudakov at sibptus.tomsk.ru
Mon Oct 6 09:08:44 UTC 2014
Francesco,
What do you mean by "client"? Absolutely everything in this lab setup
is the same, including the browser.
The only difference is the ntlm plugin binary (ntlm_auth taken from
the old squid and ntlm_smb_lm_auth from the new one).
In fact, I replaced the binary and restarted squid.
Kinkie wrote:
> Whoops, sorry for the empty message.
> This seems like a broken client. Can you check whether the client
> sending that was a legitimate one?
>
> On Mon, Oct 6, 2014 at 10:24 AM, Victor Sudakov
> <sudakov at sibptus.tomsk.ru> wrote:
> > Colleagues,
> >
> > The NTLM (LM) plugin in squid27 worked perfectly while the NTLM plugin in
> > squid34 is obviously broken.
> >
> > I am attaching two log files, one of the old plugin and the other of
> > the new one. Could someone please have a look at bad-ntlm.log to see
> > why ntlm_smb_lm_auth does not work any more after upgrading to 34?
> >
> > What does this failure
> >
> > ntlmssp: bad ascii: ffffffab
> > No auth at all. Returning no-auth
> > ntlm_smb_lm_auth.cc(531): pid=16346 :sending 'NA Logon Failure' to squid
> >
> > actually mean?
> >
> > I know that LM is bad and insecure, but I cannot give it up for the
> > present in the production environment until I make Kerberos
> > (negotiate) work.
> >
> > --
> > Victor Sudakov, VAS4-RIPE, VAS47-RIPN
> > sip:sudakov at sibptus.tomsk.ru
> >
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
> > http://lists.squid-cache.org/listinfo/squid-users
> >
>
>
>
> --
> Francesco
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:sudakov at sibptus.tomsk.ru
More information about the squid-users
mailing list