Hi,
At 11.55 13/07/2004, Henrik Nordstrom wrote:
On Tue, 13 Jul 2004, Andrew Bartlett wrote:
> While I've been trying to code up the 'Negotiate' (SPNEGO) support for > Squid, I have seen a lot of: > > ntlm_request->authchallenge = xstrndup(reply, NTLM_CHALLENGE_SZ > + 5);
As robert already said, there is no reason xstrdup should not be used here, and I also suspect many of these copies should go away completely when we get rid of the challenge/response cache.
> These worry me - not only are these packets not fixed size, Squid has no > way of knowing what they should be!
Correct. Squid has no business trying to guess the properties of the exchanged blobs.
This explains now some strange problems with NTLM negotiate using native Windows NTLM authenticator that I cannot understand before.
I can confirm that NTLM negotiate fails with "long" domain and machine names:
I have just rebuild Squid with NTLM_CHALLENGE_SZ set to 400 instead of 300, and now al works !
Regards
Guido
Regards Henrik
- ======================================================== Guido Serassio Acme Consulting S.r.l. - Microsoft Certified Partner Via Gorizia, 69 10136 - Torino - ITALY Tel. : +39.011.3249426 Fax. : +39.011.3293665 Email: [EMAIL PROTECTED] WWW: http://www.acmeconsulting.it/
