GNOME Bugzilla – Bug 471389
NTLM broken in libsoup head
Last modified: 2007-09-24 00:54:26 UTC
Varadhan reports that NTLM is broken in libsoup head: Basically, the "Authorization" header gets removed when lookup_auth() fails - as soup_message_set_auth() is called with a NULL auth parameter that removes this header and because of this, in the response, "WWW-Authenticate" doesn't contain a valid NTLM Challenge token. To my limited knowledge, I think this is a regression because of http://svn.gnome.org/viewcvs/libsoup/trunk/libsoup/soup-session.c?r1=904&r2=922 However, later he said that reverting that commit does not seem to fix it. We can't have a new release of libsoup until this is figured out. And I have no way of testing NTLM any more.
OK, I have an Exchange server to test against now, and reverting that patch *does* fix the bug. However, we're in hard code freeze for GNOME 2.20 right now (and I'm not going to request a break since there hasn't been a HEAD release of libsoup since 2.18 so none of the rest of the new code is especially tested yet either). So GNOME 2.20 will ship with libsoup 2.2.100 just like 2.18 did. A new release will go out before 2.20.1 in October.
Created attachment 95437 [details] [review] patch to fix NTLM Varadhan, can you try this out?
fixed in HEAD. Will go out in 2.2.101 for GNOME 2.20.1