[squid-users] problem with ntlm_smb_lm_auth helper

Emmanuel Garette egarette at cadoles.com
Mon Sep 7 08:01:00 UTC 2015


Hi,

I manage to migrate my squid version from 3.1.19 to 3.3.8 (version
included in ubuntu LTS) and I'm using the helper ntlm_smb_lm_auth helper.

I cannot authentifiate any user with this version of the helper.

I've two problem:

* in file lib/ntlmauth/ntlmauth.cc, this line is not working:

    /* Authenticating against the NT response doesn't seem to work... */
    tmp = ntlm_fetch_string(&(auth->hdr), auth_length, &auth->lmresponse, auth->flags);


The function ntlm_fetch_string check if password contains only ASCII
character. In my test, password contains no ASCII character at all.

In file lib/ntlmauth/ntlmauth.cc, if I remove "return rv;" here:

                fprintf(stderr, "ntlmssp: bad ascii: %04x\n", *sc);
                return rv;

 all works fine.

* in file lib/ntlmauth/ntlmauth.cc, the test is not correct:

    /* Authenticating against the NT response doesn't seem to work... */
    tmp = ntlm_fetch_string(&(auth->hdr), auth_length, &auth->lmresponse, auth->flags);
    if (tmp.str == NULL || tmp.l == 0) {
        fprintf(stderr, "No auth at all. Returning no-auth\n");
        ntlm_errno = NTLM_ERR_LOGON;
        return NULL;
    }

Value of tmp.l is -1 for me (the first character is not an ASCII
character). The test should be "tmp.l < 1".

I'm not sure (not try with this version) but those problems seems to be
in trunk version

I would like to know if I am wrong or if there is a better solution for
than remove return's line.

Regards,


More information about the squid-users mailing list