On Mon, 2004-10-18 at 00:48, Henrik Nordstrom wrote: > On Sun, 17 Oct 2004, Andrew Bartlett wrote: > > > Can somebody give me a quick status update on NTLM in Squid3? > > Pretty broken. Pretty much none of the patches which has gone into > Squid-2.5 has yet gone into Squid-3. > > > Also, does anybody want to dare to add SPNEGO (Negotiate) support? > > I am still struggling to find time to implement this, but it is looking > better now that I feel pretty much done with Squid-2.5 and Guido is doing > a great job on forward porting the missing patches to Squid-3. > > Implementation of Negotiate is better done on a clean sheet not looking > too closely at the muddled NTLM implementation where the cludgy support > for session reuse really complicates several things and obfuscates much of > the rest..
Just as a status update: https://bugzilla.mozilla.org/show_bug.cgi?id=266485 is the Mozilla bug to implement a client for Negotiate/SPNEGO. http://download.samba.org/ftp/unpacked/lorikeet/trunk/mod_ntlm_winbind is an apache 1.3 module, which calls Samba's ntlm_auth. I've created a concoction of Samba3 and Samba4, and it works. I'll work to make it a little less fragile, but it should give you some idea how I think it should work... Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
