Hi there
We are facing a problem with squid/fakeauth_auth helper, after change in NTLM parameters of our stations(Require Message Integrity, Message Confidentiality, NTLMv2 Session Security, 128-bit Encryption).
I made some tests and realized that NTLMSSP Flags returned in NTLMSSP_CHALLENGE to station is wrong:
1 - Success Authentication (ntlm_auth)
1 - HTTP/1.0 407 Proxy Authentication Required (text/html)
2 - GET http:/// HTTP/1.1 , NTLMSSP_NEGOTIATE
-Proxy-Authorization: NTLM Taldjfpoa\sdfalsdmflasdflafajsdfjajasldjJAJA\r\n - EXAMPLE
- NTLMSSP
NTLMSSP identifier: NTLMSSP
NTLM Message Type: NTLMSSP_NEGOTIATE (0x00000001)
-Flags: 0xa208b207 - estation send this flag
3 - HTTP/1.0 407 Proxy Authentication Required , NTLMSSP_CHALLENGE (text/html)
Proxy-Authenticate: NTLM TaljdflasjdfljasdlfjoqAJDFJQOWEURPOQWEURPQWEJKROQWEUFÇLAJSLFJASDLFJKQWEO........................
NTLMSSP
NTLMSSP identifier: NTLMSSP
NTLM Message Type: NTLMSSP_CHALLENGE (0x00000002)
.....
Flags: 0xa2898205 - estation receive these flag from squid.
4 - HTTP/1.1 , NTLMSSP_AUTH, User: Domain\User
2 - Unssucess Authentication (fakeauth_auth)
1 - HTTP/1.0 407 Proxy Authentication Required (text/html)
2 - GET http:/// HTTP/1.1 , NTLMSSP_NEGOTIATE
-Proxy-Authorization: NTLM Taldjfpoa\sdfalsdmflasdflafajsdfjajasldjJAJA\r\n - EXAMPLE
- NTLMSSP
NTLMSSP identifier: NTLMSSP
NTLM Message Type: NTLMSSP_NEGOTIATE (0x00000001)
-Flags: 0xa208b207 - estation send this flag
3 - HTTP/1.0 407 Proxy Authentication Required , NTLMSSP_CHALLENGE (text/html)
Proxy-Authenticate: NTLM TaljdflasjdfljasdlfjoqAJDFJQOWEURPOQWEURPQWEJKROQWEUFÇLAJSLFJASDLFJKQWEO........................
NTLMSSP
NTLMSSP identifier: NTLMSSP
NTLM Message Type: NTLMSSP_CHALLENGE (0x00000002)
.....
Flags: 0x00018205 - estation receive this flag from squid/fakeauth_auth.
4 - Authetication Failed
As a test, I forced NTLMSSP_CHALLENGE FLAGS to be equal NTLMSSP_NEGOTIATE(0xa208b207) then it worked fine.
fakeauth_auth.c
void ntlmMakeChallenge(struct ntlm_challenge *chal, int32_t flags)
{
static unsigned hash;
int r;
char *d;
int i;
debug("ntlmMakeChallenge: flg %08x\n", flags);
memset(chal, 0, sizeof(*chal));
memcpy(chal->hdr.signature, "NTLMSSP", 8);
chal->flags = htole32(CHALLENGE_TARGET_IS_DOMAIN |
NEGOTIATE_ALWAYS_SIGN |
NEGOTIATE_USE_NTLM |
NEGOTIATE_REQUEST_TARGET |
(NEGOTIATE_UNICODE & flags ? NEGOTIATE_UNICODE : NEGOTIATE_ASCII)
);
// Testing purpose
chal->flags = flags;
chal->hdr.type = htole32(NTLM_CHALLENGE);
chal->unknown[6] = htole16(0x003a);
d = (char *) chal + 48;
i = 0;
if (authenticate_ntlm_domain != NULL)
while (authenticate_ntlm_domain[i++]);
chal->target.offset = htole32(48);
chal->target.maxlen = htole16(i);
chal->target.len = chal->target.maxlen;
r = (int) rand();
r = (hash ^ r) + r;
for (i = 0; i < 8; i++) {
chal->challenge[i] = r;
r = (r>> 2) ^ r;
}
hash = r;
}
any idea?
_________________________________________________________________
Rediscover Hotmail®: Get e-mail storage that grows with you.
http://windowslive.com/RediscoverHotmail?ocid=TXT_TAGLM_WL_HM_Rediscover_Storage2_042009
