[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: kio_http NTLM auth problem and possible patch.
From: Hasso Tepper <hasso () kde ! org>
Date: 2005-06-07 16:24:03
Message-ID: 200506071924.03407.hasso () kde ! org
[Download RAW message or body]
Simone Gotti wrote:
> Browsing a site on a customer intranet I noticed that I cannot access it via
> NTLM with konqueror but it worked well with mozilla. I tcpdumped the HTTP
> packets and noticed that the problem is that kio_http uses NTLMv2 while
> mozilla uses NTLMv1 (maybe it doesn't support v2). The v2 auth isn't
> recognized by the server and the auth fails.
>
> The problem is that, as the TargetInfo field in the challenge string isn't
> empty, KNTLM::getAuth tries to use, without succes, NTLMv2.
> I read some docs but I didn't found a way to really check if NTLMv2 is
> supported. Forcing kntlm to use NTLMv1 (brutally commenting the NTLMv2 code
> made it work).
>
> I'm doing a patch for kio_http/kntlm but I'd like to do some questions on how
> the whole thing can be implemented:
>
> 1) bool KNTLM::getAuth( QByteArray &auth, const QByteArray &challenge, const
> QString &user,
> const QString &password, const QString &domain, const QString &workstation,
> bool forceNTLM, bool forceNTLMv2 )
>
> With the current API you cannot force NTLMv1 instead of NTLMv2 as the
> "forceNTLM" flag means that it'll just use NTLMv1 or v2 and not simple LM or
> LMv2.
>
> A solution without api change will be to change the line:
>
> if ( forceNTLMv2 || !targetInfo.isEmpty() /* may support NTLMv2 */ ) {
>
> to
>
> if ( forceNTLMv2 ) {
This hack solves issue for me reported as http://bugs.kde.org/show_bug.cgi?id=93454
Many thanks for finding cause of problem!
> When I finished my patch I'll post and commit it (if accepted), but I'd be
> very happy to ear suggestions from people more experts than me on this side.
Would be happy to help with testing patch.
regards,
--
Hasso Tepper
KDE Estonian Team
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic