RE: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a questi

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a questi

From:	Tony Lewis
Subject:	RE: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question.
Date:	Thu, 14 Oct 2010 08:32:02 -0700

address@hidden wrote:

> So, it seems like the problem is that wget may be doing only NTLM?  

The current version of wget only supports NTLM authentication. Specifically, it 
sends the following flags to the server:
  NEGOTIATE_OEM (0x00000002)
  NEGOTIATE_NTLM_KEY (0x00000200)

> Does anyone know if wget (latest version) is able to support NTLMV2 (vs. 
> NTLM)?

A year ago, I dug into NTLM authentication and rewrote http-ntlm.c so that it 
sends (and supports) the following flags:
  NEGOTIATE_UNICODE (0x00000001)
  NEGOTIATE_OEM (0x00000002)
  NEGOTIATE_NTLM_KEY (0x00000200)
  NEGOTIATE_NTLM2_KEY (0x00080000)

My code works with the servers in my work environment. However, I don't have 
access to a environment where I can tweak the settings in the Active Directory 
Controller and on the ISS machine so I was not able to thoroughly test wget 
against the various combinations of settings. Given that, Micah (who was 
maintainer at the time) wasn't willing to deploy my changes; a decision, with 
which I agree.

Jim, if you have an environment in which you can facilitate testing with all 
the combinations of settings, we can test my code and then submit it to 
Giuseppe Scrivano (the current maintainer) for inclusion in a future release.

By the way, I think we only need to test against all combinations of settings 
in a live environment once. If we capture all the exchanges between wget and 
the server then we can develop wget tests for all futures testing.

For anyone who is interested, I have attached my versions of http-ntlm.c and 
http-ntlm.h, which were last tested against a development version of 1.12. I 
also had to patch http.c because at some point in time the code got reordered 
in a way that completely broke NTLM authentication. I know that this code will 
need some tweaking; in particular the bit to make TOUPPER work on both 1.11.4 
and 1.12 is no longer needed.

Tony

http.c.patch
Description: Binary data

http-ntlm.c
Description: Binary data

http-ntlm.h
Description: Binary data

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question., ohaya, 2010/10/14
- Re: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question., Micah Cowan, 2010/10/14
  - Re: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question., ohaya, 2010/10/14
- RE: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question., Tony Lewis <=
  - RE: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question., ohaya, 2010/10/14
    - RE: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question., Tony Lewis, 2010/10/14

Prev by Date: Re: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question.
Next by Date: Re: [Bug-wget] QuickStart tutorial
Previous by thread: Re: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question.
Next by thread: RE: [Bug-wget] Solution for wget, IIS, and NTLM "500 error" and a question.
Index(es):
- Date
- Thread