Hi! Last two days I have been learning and debugging NTLM on the latest version of wget from cvs (1.10-alpha2+cvs-dev). Mainly I have debugged on linux, but noticed same problems occurs on win32 too. During testing I found four bugs, that needs to be fixed.
On previous threads I noticed that you had problem to find test server for NTLM-testing. If you need, I can provide IIS-6.0 server for testing NTLM. Just let me know, so I will set it up. 1:NTLM Domain is not written right in http-ntlm.c line ~420 usr = strchr(user, '\\'); if (!usr) usr = strchr(user, '/'); if (usr) { domain = usr; // Sets pointer to '\' or '/'. Should be: domain = user; domlen = usr - domain; usr++; } 2: NTLM auth stops to early. in http.c there is variable auth_tried_already and test if (auth_tried_already || !(user && passwd)) ... Now when trying, wget tries first basic auth and gets back WWW-Authenticate: NTLM in response header. wget send first phase of authentication fine on next request and gets result 401 and WWW-Authenticate: NTLM TlRMT... in response header. Now wget should send next request with NTLM type-3 message, which contains final authentication information. I made an dirty-hack-hack-fix to get ahead on testing. Then I found next problem. 3: NTLM type-3 message might be invalid, because server sends 401 and WWW-Authenticate: NTLM if response header. My testserver is Microsoft-IIS/6.0. 4: Error on response header handling Microsoft-IIS/6.0 sends actually 2 WWW-Authenticate rows in header ... WWW-Authenticate: Negotiate WWW-Authenticate: NTLM ... This causes that authentication scheme is never recognized. resp_header_strdup (resp, "WWW-Authenticate") gives returns first 'WWW-Authenticate'-value and it is 'Negotiate'. Problem do not occur on all IIS-server. I'm newbie on taking part in open source projects, so hope these descriptions of the problems was clear enough. Thanks before Sami