Daniel Stenberg <[EMAIL PROTECTED]> writes: > I had friends providing the test servers for both host and proxy > authentication when I've worked on NTLM code.
It's a shame that those test servers are no longer available. I don't think it will be possible to finish the NTLM code without some sort of test bed. > o I had a buffer security problem in the NTLM code, but related to > base64 decode function and that is bound to be different when you > adapt the code to wget conditions anwyay. I've seen notice of it and fixed allocation of BUFFER accordingly. > o There was also another less alarming buffer problem with a > memset() of 8 bytes instead of 5. You may have of course already > have found and fixed this. I've now changed this, thanks. > o POSTing with NTLM auth is a pain, since NTLM is for connections and thus you > cannot close the connection without breaking the auth so thus you > are (more likely than with other multi-pass auth methods) forced > to send the full request body multiple times. I guess there's no avoiding that.
