[stunnel-users] STunnel NTLM Proxy problem

• Previous message (by thread): [stunnel-users] Failed to run 2 instances of windows service (error 1053)
• Next message (by thread): [stunnel-users] (no subject)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Has anyone use Stunnel to works with NTLM proxy?

I am using Stunnel 4.35 on window
It works fine straught and basic proxy but fails to use NTLM proxy. My config for NTLM is like this
---------------- configuration ---------------------
[https]
accept  = someport
connect = proxy:proxy_port
protocol = connect
protocolAuthentication = NTLM
protocolHost = dest:dest_port
protocolUsername = domain\username
protocolPassword = password
-----------------------------------------------------

I checked the traffic using the win shark
 
-----------------win shark for stunnel -----------------
CONNECT dest:destport HTTP/1.1 , NTLMSSP_AUTH, User: \domain\username
Proxy-Authorization: NTLM some long string
NTLM Secure Service Provider
NTLMSSP identifier: NTLMSSP
NTLM Message Type: NTLMSSP_AUTH (0x00000003)
Lan Manager Response: Empty
NTLM Response: 951842e95a3e1a0001d8ac6fb2980a004b82ffa75232795d
…
Domain name: NULL
User name: domain\username
…
------------------------------------------------------
 
STunnel is not sending the domain and sends the user name consisting of domain and username.

When IE is configured to use NLM proxy, traffic is as
-------------- win shark for IE -----------------------------
CONNECT dest:destport HTTP/1.1 , NTLMSSP_AUTH, User: domain\username
Proxy-Authorization: NTLM some long string
NTLM Secure Service Provider
NTLMSSP identifier: NTLMSSP
NTLM Message Type: NTLMSSP_AUTH (0x00000003)
Lan Manager Response: 10f2d8147a2651de00000000000000000000000000000000
…
NTLM Response: 951842e95a3e1a0001d8ac6fb2980a004b82ffa75232795d
…
Domain name: domain
…
User name: username
..
Host name: host
--------------------------------------------------------------
 
---- stunnel log ---------------
2011.08.04 10:11:16 LOG7[2384:5480]: Service https started
2011.08.04 10:11:16 LOG7[2384:5480]: Option TCP_NODELAY set on local socket
2011.08.04 10:11:16 LOG5[2384:5480]: Service https accepted connection from 127.0.0.1:9913
2011.08.04 10:11:16 LOG7[2384:5480]: remote socket: FD=1456 allocated (non-blocking mode)
2011.08.04 10:11:16 LOG6[2384:5480]: connect_blocking: connecting 172.23.11.161:8080
2011.08.04 10:11:16 LOG7[2384:5480]: connect_blocking: s_poll_wait 172.23.11.161:8080: waiting 10 seconds
2011.08.04 10:11:16 LOG5[2384:5480]: connect_blocking: connected 172.23.11.161:8080
2011.08.04 10:11:16 LOG5[2384:5480]: Service https connected remote server from 172.23.11.45:9914
2011.08.04 10:11:16 LOG7[2384:5480]: Remote FD=1456 initialized
2011.08.04 10:11:16 LOG7[2384:5480]: Option TCP_NODELAY set on remote socket
2011.08.04 10:11:16 LOG5[2384:5480]: Negotiations for connect (client side) started
2011.08.04 10:11:16 LOG7[2384:5480]:  -> CONNECT 172.23.11.35:443 HTTP/1.1
2011.08.04 10:11:16 LOG7[2384:5480]:  -> Host: 172.23.11.35:443
2011.08.04 10:11:16 LOG7[2384:5480]:  -> Proxy-Connection: keep-alive
2011.08.04 10:11:16 LOG7[2384:5480]:  -> Proxy-Authorization: NTLM TlRMTVNTUAABAAAAAgIAAA==
2011.08.04 10:11:16 LOG7[2384:5480]:  -> 
2011.08.04 10:11:16 LOG7[2384:5480]:  <- HTTP/1.1 407 Proxy Authentication Required
2011.08.04 10:11:16 LOG7[2384:5480]:  <- Server: FreeProxy/4.50
2011.08.04 10:11:16 LOG7[2384:5480]:  <- Date: Thu, 04 Aug 2011 17:11:16 GMT
2011.08.04 10:11:16 LOG7[2384:5480]:  <- Content-Type: text/html
2011.08.04 10:11:16 LOG7[2384:5480]:  <- Transfer-Encoding: Chunked
2011.08.04 10:11:16 LOG7[2384:5480]:  <- Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAADgAAAACAgACATR6TVahgFIAAAAAAAAAAAAAAAA4AAAABQLODgAAAA8=
2011.08.04 10:11:16 LOG7[2384:5480]:  <- Proxy-Connection: Keep-Alive
2011.08.04 10:11:16 LOG7[2384:5480]:  <- 
2011.08.04 10:11:16 LOG7[2384:5480]:  -> CONNECT 172.23.11.35:443 HTTP/1.1
2011.08.04 10:11:16 LOG7[2384:5480]:  -> Host: 172.23.11.35:443
2011.08.04 10:11:16 LOG7[2384:5480]:  -> Proxy-Authorization: NTLM TlRMTVNTUAADAAAAAAAAAGwAAAAYABgAQAAAAAAAAABsAAAAFAAUAFgAA......1jDUOrcoBBus0aPbH44onfcpGZvdW5kc3RvbmVccHN5cy1udGxt
2011.08.04 10:11:16 LOG7[2384:5480]:  -> 
2011.08.04 10:11:16 LOG7[2384:5480]:  <- 7E5
2011.08.04 10:11:16 LOG3[2384:5480]: CONNECT request rejected
2011.08.04 10:11:16 LOG7[2384:5480]:  <- <html>
2011.08.04 10:11:16 LOG7[2384:5480]:  <- 
2011.08.04 10:11:16 LOG5[2384:5480]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2011.08.04 10:11:16 LOG7[2384:5480]: Service https finished (0 left)
2011.08.04 10:11:16 LOG7[2384:5480]: str_stats: 0 block(s), 0 byte(s)
--------------------------------
Please help!!!

Subhash Sharma  		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20110804/8dc7f6a9/attachment.html>

• Previous message (by thread): [stunnel-users] Failed to run 2 instances of windows service (error 1053)
• Next message (by thread): [stunnel-users] (no subject)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]