[Bug-wget] [PATCH] NTLM restart authentication

[André Wolski]

Hello,

about two years ago I had to create a static archive of a large
intranet site (SharePoint / IIS 7.0 with NTLM authentication) with an
unprivileged user. I then noticed that a lot of pages / files haven't
been downloaded.

Digging into that I found out that after a legitimate 401 Unauthorized
for a single url (e.g. useredit.aspx) all following requests were
failing too. The server tried to initiate a reauthentication, but wget
failed with "Unexpected empty NTLM message" as it remained in the
failed state.

I learned that wgets ntlm implementation is based on curl, so I
compared both source files. curl resolved the issue I had in their
commit fe6049f [1]. There is also a related prior commit 50b87c4 [2].

I then manually applied these two changes for wget and was able to
mirror the intranet site and noticed no drawbacks.

Unfortunately I didn't send the patch here at that time but was
reminded of it when I replaced my client hardware. Given that the said
intranet server is now decommissioned I can no longer perform any
tests with it. I also didn't look into the "make check" tests to
recreate the problem I had.

>From what I read in the meantime development of wget continued with
wget2, which has no NTLM support, so I don't know if it makes sense to
merge this patch into wget1. I just want to send the patch to you as
others might have the same problem.

As the picked commits come from curl I don't know the legal
implications / licence compatibility. Also, there are a lot more
changes in curls ntlm implementation which I didn't look into.

Kind regards,
André Wolski

[1] https://github.com/curl/curl/commit/fe6049f04bf7eb0481ba030c0e78aae5cfd0209f
[2] https://github.com/curl/curl/commit/50b87c4e689088fc3ddcf2fac163b75f839ef69a

0001-NTLM-restart-authentication.patch
Description: Text Data