[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Bug-wget] wget 1.11.4 can no longer authenticate using NTLMfor IIS
Christopher G. Lewis
RE: [Bug-wget] wget 1.11.4 can no longer authenticate using NTLMfor IIS 6.0 & Sharepoint Sites?
Thu, 13 Nov 2008 10:36:54 -0600
Sorry I'm late in joining in on this thread - the dlist change screwed me up
Anyway - I've got NTLM working through the first part of the
Challenge/Response for NTLMv1 and NTLM v2, including v2's signing and
sealing (I believe). What an amazing piece of work :-)
Most of what I'm working on has been taken from the LibCurl library, but my
C skills are sorely lacking, and there are some config items in LibCurl that
I'm not sure that we have in our ntlm.c.
I can forward what I've got to anyone, including the inline diags that I've
got. Works gotten crazy (again) so haven't had time to work why my final
response calculation is failing. NTLMv2 uses MD5 vs NTLMv1's MD4.
This obviously should be a priority for the next release - I'm currently
using two versions of Wget.exe for internal stuff :-)
Christopher G. Lewis
> -----Original Message-----
> From: address@hidden
> On Behalf Of Micah Cowan
> Sent: Thursday, November 13, 2008 2:18 AM
> To: address@hidden
> Cc: address@hidden
> Subject: Re: [Bug-wget] wget 1.11.4 can no longer
> authenticate using NTLMfor IIS 6.0 & Sharepoint Sites?
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Bryan Hoffpauir wrote:
> > ---response begin---
> > HTTP/1.1 401 Access denied
> > Connection: close
> > Date: Sun, 02 Nov 2008 06:38:24 GMT
> > Server: Microsoft-IIS/6.0
> > WWW-Authenticate: NTLM
> > MicrosoftSharePointTeamServices: 184.108.40.20615
> > X-Powered-By: ASP.NET
> > Content-type: text/html
> > ---response end---
> > 401 Access denied
> > Closed fd 1892
> > Unknown authentication scheme.
> So, I missed that line the last time I looked here. That line
> is output
> in just one place, and is a fairly straightforward bit of code (in
> http.c, a little ways below a call to known_authentication_scheme_p,
> which determines when the message is displayed). The fact that you're
> seeing this message means that your copy of Wget was built without
> support for NTLM.
> It's unlikely that you explicitly disabled it; most likely you didn't
> have openssl and its associated headers installed where the configure
> script could find it. The current development sources will
> now tell you
> which compile-time options it was built with, but that won't help you
> for Wget 1.11.x.
> You mentioned you'd be willing to try out patches, so I'm
> guessing this
> means you have a build environment. When you do your build, look
> carefully at what config.log says it set LIBSSL to. If it's empty, it
> didn't find a suitable SSL library. (Another way to check is if your
> Wget balks at https URLs with "unsupported scheme" messages.)
> If you didn't build the copy of Wget 1.11.4 you were first having
> trouble with, please report this issue to the packager from whom you
> obtained it.
> Please tell me one way or another whether this fixes your
> problem, so I
> can close out this issue with confidence, or update it with
> new information.
> - --
> Micah J. Cowan
> Programmer, musician, typesetting enthusiast, gamer.
> GNU Maintainer: wget, screen, teseq
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> -----END PGP SIGNATURE-----
Description: S/MIME cryptographic signature