Golang library implementing NTLM
Home Page: https://godoc.org/github.com/bodgit/ntlmssp
License: BSD 3-Clause "New" or "Revised" License
Feature comparison:
| Library | NTLMv1 | NTLMv2 | Connection-orientated | Connectionless | Signing & sealing | Channel Bindings | Client | Server | Notes |
|---|---|---|---|---|---|---|---|---|---|
| https://github.com/bodgit/ntlmssp | Yes | Yes | Yes | No | Yes | Yes | Yes | No | |
| https://github.com/Azure/go-ntlmssp | No | Yes | Yes | No | No | No | Yes | No | HTTP only |
| https://github.com/ThomsonReutersEikon/go-ntlm | Yes | Yes | No | Yes | No | No | Yes | Yes | Archived |
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
When I am trying to connect to the same windows machine using NTLM authentication concurrently I get 401s for all requests but 1
found with integration with masterzen/winrm#142
Test code below
package main
import (
"bytes"
"context"
"fmt"
"net/http"
"sync"
"github.com/bodgit/ntlmssp"
ntlmhttp "github.com/bodgit/ntlmssp/http"
)
var (
host = "192.168.10.1"
pwd = "pwd"
port = 5985
https = false
domain = "my_domain"
userName = "administrator"
)
func main() {
Count := 10
wg := new(sync.WaitGroup)
wg.Add(Count)
for i := 1; i <= Count; i++ {
go ntlmAuth(i, host, domain, userName, pwd, port, https, wg)
}
wg.Wait()
fmt.Println("done")
}
func ntlmAuth(i int, host string, domain string, user string, pwd string, port int, useHttps bool, wg *sync.WaitGroup) {
defer wg.Done()
ntlmClient, err := ntlmssp.NewClient(ntlmssp.SetUserInfo(user, pwd), ntlmssp.SetDomain(domain), ntlmssp.SetVersion(ntlmssp.DefaultVersion()))
if err != nil {
fmt.Println(i, " - Error in ntlmssp.NewClient: ", err)
return
}
httpClient := &http.Client{}
ntlmhttp, err := ntlmhttp.NewClient(httpClient, ntlmClient)
if err != nil {
fmt.Println(i, " - Error in ntlmhttp.NewClient: ", err)
return
}
var scheme string
if useHttps {
scheme = "https"
} else {
scheme = "http"
}
// should use url.URL, but QD
endpoint := fmt.Sprintf("%s://%s:%d/wsman", scheme, host, port)
req, err := http.NewRequest("POST", endpoint, nil)
if err != nil {
fmt.Println("error in NewRequest", err)
return
}
req.Header.Set("User-Agent", "WinRM client")
req.Header.Set("Content-Length", "0")
req.Header.Set("Content-Type", "application/soap+xml;charset=UTF-8")
req.Header.Set("Connection", "Keep-Alive")
resp, err := ntlmhttp.Do(req)
if err != nil {
fmt.Println("unknown error do", err)
return
}
if resp.StatusCode != 200 {
fmt.Println("http error", resp.StatusCode)
} else {
fmt.Println(i, " - ok")
}
}Hello! :)
I'm trying to use this lib in my go project, we've been using https://github.com/Azure/go-ntlmssp which worked fine until now that we need to use channel bindings.. we're interacting with an AD Certificate Services instance
I wanted to start simple and "just" replace the Azure lib (with which we're able to authenticate using NTLM properly on the remote server), however, with the same creds we keep getting 401 using this lib.
I've been trying to debug this to understand better what could be happening (to the point of trying to make a sense of the decoded base64 headers used during the negociations and comparing them with Azure's ones) but so far I haven't been able to fix anything.
While this works (with Azure lib):
client := &http.Client{
Transport: azurentlm.Negotiator{
RoundTripper: &http.Transport{},
},
}
req, _ := http.NewRequest("GET", url, nil)
req.SetBasicAuth(username, password)
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}This doesn't with this lib (I replaced some errs with _ as they don't throw errors for the sake of readability) :
ntlmClient, _ := ntlmssp.NewClient(
ntlmssp.SetUserInfo(username, password),
)
client := &http.Client{}
ntlmhttpclient, _ := ntlmhttp.NewClient(client, ntlmClient)
resp, err := ntlmhttpclient.Get(url)
if err != nil {
fmt.Println(err)
return
}Is this something you might have encountered before & managed to fix? I already tried playing with workstation name, domain, setting the Version to the same values as what can be found in Azure's lib, no success
Note that in both attempts, username, passwords & URL are the same. Domain isn't defined for either lib (and our username isn't something like domain\user nor user@domain, but just user
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.