Hi Mauro (I'm guessing here - got this from the web page) Here is a patch against 1.10.2 which fixes an issue I found when using NTLM with Microsoft's Intermittent Information Server (IIS).
The issue is not with wget, but rather a bug in IIS. Nevertheless, here is the fix and a description of the problem. Essentially IIS has the ability to create "domains" for want of a better description (I'm not an IIS expert by any means) within a single instance of the IIS server. Each of these domains (I understand) is more or less independent. The bug manifests itself when a page within one domain links to a page within another domain on the same IIS instance. The web address of the server remains the same except the URI points to some other directory under the server's root. In this case, when the connection is first setup by wget, NTLM authenticates correctly. Subsequent recursive gets also work fine *until* a reference is made to another "domain". When the cross domain reference occurs IIS issues another NTLM challenge, as if the connection is not authenticated. Now, as you and I know, NTLM is a connection authentication protocol, meaning you cannot be connected unless you are authenticated. So IIS's other domains already know the connection is authenticated because it *is* a connection, nevertheless, they insist on re-authentication. This patch addresses the issue by forcing a disconnect and retry when this circumstance is detected (Actually, this always disconnects in this rev. The detection bit needs more work). That is to say, if an NTLM challenge occurs when the connection is already active *and* NTLM authenticated, the connection is terminated and restarted (thus invoking the challenge-response code) and ultimately re-authenticating. This work is the result of many hours of work and extensive network debugging with the help of an Australian law enforcement agency. --- wget-1.10.2.orig/src/http.c 2005-08-09 08:54:16.000000000 +1000 +++ wget-1.10.2/src/http.c 2006-11-21 12:25:22.000000000 +1100 @@ -1960,10 +1960,12 @@ hs->restval, &hs->rd_size, &hs->len, &hs->dltime, flags); +/* if (hs->res >= 0) CLOSE_FINISH (sock); else - CLOSE_INVALIDATE (sock); +*/ + CLOSE_INVALIDATE (sock); { /* Close or flush the file. We have to be careful to check for Cheers Phill. P.S. the work was done last year and I'm finally cleaning up the loose ends. Hope this helps. Phill Bertolus Technical Director Web Wombat Pty. Ltd. Ph: +61-3-9675-0900 (Switch) Ph: +61-3-9675-0901 (Direct) Mb: +61-4-1632-6853 Fx: +61-3-9675-0999