[squid-users] problem with ntlm_smb_lm_auth helper
Emmanuel Garette
egarette at cadoles.com
Wed Sep 16 09:05:32 UTC 2015
Le 07/09/2015 18:40, Amos Jeffries a écrit :
> On 8/09/2015 1:17 a.m., Emmanuel Garette wrote:
>>
>> Seems to be ok for me. Thanks for your fast reply.
>>
>> Need I open a bug in bugzilla ?
>>
> No need. I think this may be one of the existing ones about this helper.
> Thanks for the feedback it should be applied to the current versions
> shortly.
Hi,
Today I found a new problem. All work fine with computer join into
windows domain. Not for computer user CNTLM (not in the domain).
In debug mode I can see this error:
> ntlm_smb_lm_auth.cc(307): pid=4668 :NT response: insane data (pkt-sz:
108, fetch len: 0, offset: 108)
If I understand, there is no NT password.
In older code, there was this line:
> tmp = ntlm_fetch_string ((char *) auth, auth_length, &auth->ntresponse);
> if (tmp.str != NULL && tmp.l != 0) {
The NT password was check only if len was different to 0.
In this part of your patch:
> /* still fetch the NT response and check validity against empty
password */
> {
> const strhdr * str = &auth->ntresponse;
> int16_t len = le16toh(str->len);
> int32_t offset = le32toh(str->offset);
> if (len != ENCODED_PASS_LEN || offset + len > auth_length ||
offset == 0) {
if I replace last line with:
> if ((len != 0 && len != ENCODED_PASS_LEN) || offset + len >
auth_length || offset == 0) {
Everything works well.
Regards,
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list