On 9/06/2012 7:38 a.m., Kevin Elliott wrote:
I'm having the exact same issue as John Treen had back in February 2011 as
found in the list archives. Unfortunately I couldn't find a corresponding
solution.
http://www.squid-cache.org/mail-archive/squid-users/201102/0008.html
It appears that WSUS only sends the first character of the username, hostname
and domain instead of the full string. This of course causes WSUS to fail the
authentication challenge from Squid.
16.693705 199.58.55.61 -> 199.58.55.66 HTTP CONNECT
stats.update.microsoft.com:443 HTTP/1.1 , NTLMSSP_NEGOTIATE
16.693732 199.58.55.66 -> 199.58.55.61 TCP http-alt> 57476 [ACK] Seq=1
Ack=200 Win=6912 Len=0
16.694616 199.58.55.66 -> 199.58.55.61 TCP [TCP segment of a reassembled PDU]
16.694641 199.58.55.66 -> 199.58.55.61 HTTP HTTP/1.0 407 Proxy
Authentication Required , NTLMSSP_CHALLENGE (text/html)
16.695567 199.58.55.61 -> 199.58.55.66 TCP 57476> http-alt [ACK] Seq=200
Ack=2921 Win=65536 Len=0
16.696041 199.58.55.61 -> 199.58.55.66 TCP 57476> http-alt [RST, ACK]
Seq=200 Ack=4144 Win=0 Len=0
16.696182 199.58.55.61 -> 199.58.55.66 TCP 57477> http-alt [SYN] Seq=0
Win=8192 Len=0 MSS=1460 WS=8
16.696216 199.58.55.66 -> 199.58.55.61 TCP http-alt> 57477 [SYN, ACK] Seq=0
Ack=1 Win=5840 Len=0 MSS=1460 WS=7
16.696417 199.58.55.61 -> 199.58.55.66 TCP 57477> http-alt [ACK] Seq=1
Ack=1 Win=65536 Len=0
16.696670 199.58.55.61 -> 199.58.55.66 HTTP CONNECT
stats.update.microsoft.com:443 HTTP/1.1 , NTLMSSP_AUTH, User: C\u
Does anyone know if there was a solution for this posted to the mailing list?
What would you expect Squid to do when the incorrect username/password
are sent?
It seems to me the WSUS help groups are the best place to find out why
this truncation behaviour is happening and how to fix it.
Amos
