[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: kio_http NTLM auth problem and possible patch.
From: Simone Gotti <simone.gotti () email ! it>
Date: 2005-06-10 10:35:24
Message-ID: 200506101235.24857.simone.gotti () email ! it
[Download RAW message or body]
On Thursday 09 June 2005 23:46, Szombathelyi György wrote:
> Or maybe changing the mentioned line to
>
> if ( forceNTLMv2 || (!targetInfo.isEmpty() && (ch->flags &
> Negotiate_Target_Info)) /* may support NTLMv2 */ ) {
>
> helps?
No, because the Challenge as both targetInfo setted and (ch->flags &
Negotiate_Target_Info) = true so it returns an NTLMv2 string.
Bye!
>
> 2005. június 7. 18.24 dátummal Hasso Tepper ezt Ãrta:
> > Simone Gotti wrote:
> > > Browsing a site on a customer intranet I noticed that I cannot access
> > > it via NTLM with konqueror but it worked well with mozilla. I tcpdumped
> > > the HTTP packets and noticed that the problem is that kio_http uses
> > > NTLMv2 while mozilla uses NTLMv1 (maybe it doesn't support v2). The v2
> > > auth isn't recognized by the server and the auth fails.
> > >
> > > The problem is that, as the TargetInfo field in the challenge string
> > > isn't empty, KNTLM::getAuth tries to use, without succes, NTLMv2.
> > > I read some docs but I didn't found a way to really check if NTLMv2 is
> > > supported. Forcing kntlm to use NTLMv1 (brutally commenting the NTLMv2
> > > code made it work).
> > >
> > > I'm doing a patch for kio_http/kntlm but I'd like to do some questions
> > > on how the whole thing can be implemented:
> > >
> > > 1) bool KNTLM::getAuth( QByteArray &auth, const QByteArray &challenge,
> > > const QString &user,
> > > const QString &password, const QString &domain, const QString
> > > &workstation, bool forceNTLM, bool forceNTLMv2 )
> > >
> > > With the current API you cannot force NTLMv1 instead of NTLMv2 as the
> > > "forceNTLM" flag means that it'll just use NTLMv1 or v2 and not simple
> > > LM or LMv2.
> > >
> > > A solution without api change will be to change the line:
> > >
> > > if ( forceNTLMv2 || !targetInfo.isEmpty() /* may support NTLMv2 */ ) {
> > >
> > > to
> > >
> > > if ( forceNTLMv2 ) {
> >
> > This hack solves issue for me reported as
> > http://bugs.kde.org/show_bug.cgi?id=93454
> >
> > Many thanks for finding cause of problem!
> >
> > > When I finished my patch I'll post and commit it (if accepted), but I'd
> > > be very happy to ear suggestions from people more experts than me on
> > > this side.
> >
> > Would be happy to help with testing patch.
> >
> >
> > regards,
>
> ____________________________________________________________________
> Miert fizetsz az internetert? Korlatlan, ingyenes internet hozzaferes a
> FreeStarttol. Probald ki most! http://www.freestart.hu
>
> >> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to
> >> unsubscribe <<
--
Simone Gotti
<simone.gotti@email.it>
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic