Article delegate-en/4106 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4104@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: FW: [DeleGate-En] Windows Integrated Authentication
05 Sep 2008 07:09:15 GMT "Nagel, Willy" <ptihqbdyi-uyhyq223y4tr.ml@ml.delegate.org>


Hi Yutaka,

Thanks for your reply.

I've been testing using the same config file, with 9.8.5-pre1, but I'm
still unsuccessfull.

No traffic appears to be going to the destination server (when looking
in our firewall logging).

Here's the logfile:

09/05 08:35:20.90 [1400] 0+0: --- [ssl] 0 dglibssl.dll
09/05 08:35:20.90 [1400] 0+0: --- [ssl] 0 ssl.dll
09/05 08:35:20.90 [1400] 0+0: --- [ssl] 0 ssl
09/05 08:35:20.90 [1400] 0+0: ## cannot load ssl
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] 0 dgliblibeay32.dll
09/05 08:35:20.90 [1400] 0+0: --- [/DeleGate/lib\libeay32.dll]
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] 10000000
/DeleGate/lib\libeay32.dll
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] optional: SSL_set_SSL_CTX
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] optional:
SSL_get_servername
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] optional:
SSL_get_servername_type
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] optional:
SSL_CTX_callback_ctrl
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] optional:
SSL_CTX_use_certificate_chain_file
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] optional:
SSL_CTX_set_session_id_context
09/05 08:35:20.90 [1400] 0+0: --- [libeay32] optional:
SSL_CTX_set_generate_session_id
09/05 08:35:20.90 [1400] 0+0: ---- [libeay32] loaded 102 syms,
unknown=47+7, already=0
09/05 08:35:20.90 [1400] 0+0: --- [ssleay32] 0 dglibssleay32.dll
09/05 08:35:20.90 [1400] 0+0: --- [/DeleGate/lib\ssleay32.dll]
09/05 08:35:20.90 [1400] 0+0: --- [ssleay32] F00000
/DeleGate/lib\ssleay32.dll
09/05 08:35:20.90 [1400] 0+0: ---- [ssleay32] loaded 102 syms,
unknown=0+0, already=47
09/05 08:35:20.90 [1400] 0+0: ---- unknown = 0+0, already = 47 / 102
09/05 08:35:20.90 [1400] 0+0: +++ loaded OpenSSL 0.9.8g 19 Oct 2007
09/05 08:35:20.92 [1400] 0+0: ... testing resolver[SYS] with
'WWW.DeleGate.ORG'
09/05 08:35:20.92 [1400] 0+0: ... you can suppress this test by
RES_WAIT=0
09/05 08:35:20.92 [1400] 0+0: ... gethostname(rd-was19-v)
09/05 08:35:20.92 [1400] 0+0: configuring default RESOLV ...
09/05 08:35:20.92 [1400] 0+0: ... gethostname()='rd-was19-v'
09/05 08:35:20.92 [1400] 0+0: ... SYS: rd-was19-v -> 192.168.1.60
09/05 08:35:20.92 [1400] 0+0: ... DNS: 192.168.1.60 ->
certinternal.test.nl
09/05 08:35:20.92 [1400] 0+0: ... DNS available
09/05 08:35:20.92 [1400] 0+0: ... NIS not available (no default domain)
09/05 08:35:20.92 [1400] 0+0: ... export RES_ORDER=CFD
09/05 08:35:20.92 [1400] 0+0: {R}
confid(detected)[9e444c56c82dc1bc55a42ac40c686088]<-[]
09/05 08:35:20.92 [1400] 0+0: export RESOLV=cache,file,dns (set by
default)
SRCSIGN=9.8.5-pre1:20080905105714+0900:be5143a3b56603e2:Author@DeleGate..
ORG:a9lNFuLHuNUEQU6ImScJCllhLSiOXDlY4v5ZBpFz/hVuOAZ3vijwh5yxPnPP/7tJg/BY
mkOz6qviTtWeEI/VyPz4cWtrqfWWZw/NKu4erhMyygSXAlffy9O521+JZru/T+8GBdkyjblR
sWsqIMV52pPE7keWmROAqZfN5tHUT3E=
BLDSIGN=9.8.5-pre1:20080905105837+0900:be5143a3b56603e2::-
09/05 08:35:20.92 [1400] 0+0: --INITIALIZATION START-08090508+0100:
9.8.5-pre1 on WindowsNT--
09/05 08:35:20.92 [1400] 0+0: BINSHELL=/bin/sh
09/05 08:35:20.92 [1400] 0+0: MAXIMA=delegated:64 for small mem=1341M
09/05 08:35:20.92 [1400] 0+0: scan STLS and FILTERS before beDaemon()...
09/05 08:35:20.92 [1400] 0+0: FILTER[sslway]: sslway -cert lib/cert.crt
-key lib/cert.key
09/05 08:35:20.92 [1400] 0+0: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FSV:starttls"
09/05 08:35:20.92 [1400] 0+0: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FCL:starttls"
09/05 08:35:20.92 [1400] 0+0: --- [dgzlib1] 0 dglibdgzlib1.dll
09/05 08:35:20.94 [1400] 0+0: --- [C:\delegate\dgzlib1.dll]
09/05 08:35:20.94 [1400] 0+0: --- [dgzlib1] FC0000
C:\delegate\dgzlib1.dll
09/05 08:35:20.94 [1400] 0+0: ---- [dgzlib1] loaded 17 syms,
unknown=0+0, already=0
09/05 08:35:20.94 [1400] 0+0: +++ loaded Zlib 1.2.3.f-DeleGate-v3
09/05 08:35:20.94 [1400] 0+0: #### gzip/gunzip = dynamically linked
09/05 08:35:21.12 [1400] 0+0: ## SSLway ## 0.188000 connected/accepted
09/05 08:35:21.12 [1400] 0+0: ## SSLway initialized ctx #-99577434 0 0
(WIN) 07:35:21.123 [1400] #### send_file (1400,1)[1768,7] ->
1400[1824,0] (0,Err=87)
(WIN) 07:35:21.123 [1400] #### file to be sent fd=1 -> 0 5780000
91750400
09/05 08:35:21.14 [1400] 0+0: #### CACHE DISABLED #### Cache directory
seems not exist: C:/Program Files/DeleGate/cache
09/05 08:35:21.14 [1400] 0+0: #### start a service...
09/05 08:35:21.14 [1400] 0+0:
server_open(delegate,192.168.1.62:443,listen=20)
09/05 08:35:21.14 [1400] 0+0: server_open: 192.168.1.62:443
09/05 08:35:21.14 [1400] 0+0: server_open(delegate,192.168.1.62:443)
BOUND
09/05 08:35:23.92 [2400] 0+0: --- [ssl] 0 dglibssl.dll
09/05 08:35:23.92 [2400] 0+0: --- [ssl] 0 ssl.dll
09/05 08:35:23.92 [2400] 0+0: --- [ssl] 0 ssl
09/05 08:35:23.92 [2400] 0+0: ## cannot load ssl
09/05 08:35:23.92 [2400] 0+0: --- [libeay32] optional: SSL_set_SSL_CTX
09/05 08:35:23.92 [2400] 0+0: --- [libeay32] optional:
SSL_get_servername
09/05 08:35:23.92 [2400] 0+0: --- [libeay32] optional:
SSL_get_servername_type
09/05 08:35:23.92 [2400] 0+0: --- [libeay32] optional:
SSL_CTX_callback_ctrl
09/05 08:35:23.92 [2400] 0+0: --- [libeay32] optional:
SSL_CTX_use_certificate_chain_file
09/05 08:35:23.92 [2400] 0+0: --- [libeay32] optional:
SSL_CTX_set_session_id_context
09/05 08:35:23.92 [2400] 0+0: --- [libeay32] optional:
SSL_CTX_set_generate_session_id
09/05 08:35:23.92 [2400] 0+0: ---- [libeay32] loaded 102 syms,
unknown=47+7, already=0
09/05 08:35:23.92 [2400] 0+0: ---- [ssleay32] loaded 102 syms,
unknown=0+0, already=47
09/05 08:35:23.92 [2400] 0+0: ---- unknown = 0+0, already = 47 / 102
09/05 08:35:23.92 [2400] 0+0: +++ loaded OpenSSL 0.9.8g 19 Oct 2007
09/05 08:35:24.48 [2400] 0+0: -- checked integrity:OK (0.562)
a6f1ecf153f75354
09/05 08:35:24.48 [2400] 0+0: ## RES_ORDER=CFD
09/05 08:35:24.48 [2400] 0+0: {R}
confid(RESOLV)[95c4b2abee89c01321ca019d478ea2d5]<-[]
09/05 08:35:24.48 [2400] 0+0: ... testing resolver[CFD] with
'WWW.DeleGate.ORG'
09/05 08:35:24.48 [2400] 0+0: ... you can suppress this test by
RES_WAIT=0
09/05 08:35:24.50 [2400] 0+0: ... gethostname(rd-was19-v)
SRCSIGN=9.8.5-pre1:20080905105714+0900:be5143a3b56603e2:Author@DeleGate..
ORG:a9lNFuLHuNUEQU6ImScJCllhLSiOXDlY4v5ZBpFz/hVuOAZ3vijwh5yxPnPP/7tJg/BY
mkOz6qviTtWeEI/VyPz4cWtrqfWWZw/NKu4erhMyygSXAlffy9O521+JZru/T+8GBdkyjblR
sWsqIMV52pPE7keWmROAqZfN5tHUT3E=
BLDSIGN=9.8.5-pre1:20080905105837+0900:be5143a3b56603e2::-
09/05 08:35:24.50 [2400] 0+0: --INITIALIZATION START-08090508+0100:
9.8.5-pre1 on WindowsNT--
09/05 08:35:24.50 [2400] 0+0: EXECDIR=C:\delegate
09/05 08:35:24.50 [2400] 0+0: BINSHELL=/bin/sh
09/05 08:35:24.50 [2400] 0+0: MAXIMA=delegated:64 for small mem=1337M
09/05 08:35:24.50 [2400] 0+0: scan STLS and FILTERS before beDaemon()...
09/05 08:35:24.50 [2400] 0+0: FILTER[sslway]: sslway -cert lib/cert.crt
-key lib/cert.key
09/05 08:35:24.50 [2400] 0+0: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FSV:starttls"
09/05 08:35:24.50 [2400] 0+0: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FCL:starttls"
09/05 08:35:24.50 [2400] 0+0: ---- [dgzlib1] loaded 17 syms,
unknown=0+0, already=0
09/05 08:35:24.50 [2400] 0+0: +++ loaded Zlib 1.2.3.f-DeleGate-v3
09/05 08:35:24.50 [2400] 0+0: #### gzip/gunzip = dynamically linked
09/05 08:35:24.70 [2400] 0+0: ## SSLway ## 0.203000 connected/accepted
09/05 08:35:24.70 [2400] 0+0: ## SSLway initialized ctx #-99577434 0 0
09/05 08:35:24.70 [2400] 0+0:
server_open(delegate,192.168.1.62:443,listen=20)
09/05 08:35:24.70 [2400] 0+0: server_open: 192.168.1.62:443
09/05 08:35:24.70 [2400] 0+0: server_open(delegate,192.168.1.62:443)
BOUND
09/05 08:35:24.70 [2400] 0+0: NOT-USED DGROOT=/DeleGate/
DGROOT=C:/Program Files/DeleGate^M
09/05 08:35:24.70 [2400] 0+0: <DeleGate/9.8.5-pre1> [2400]
-P192.168.1.62:443 READY^M
09/05 08:35:24.70 [2400] 0+0: PORT= 192.168.1.62:443/12 (0,134)
09/05 08:35:24.70 [2400] 0+0: OWNER=nobody => OWNER=?/?(?/?)
09/05 08:35:24.70 [2400] 0+0: FILTER[sslway]: sslway -cert lib/cert.crt
-key lib/cert.key
09/05 08:35:24.70 [2400] 0+0: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FSV:starttls"
09/05 08:35:24.70 [2400] 0+0: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FCL:starttls"
09/05 08:35:24.72 [2400] 0+0: REMITTABLE =
http,https/{80,443},gopher,ftp,wais
09/05 08:35:24.72 [2400] 0+0: {R} SOA got
[188.134.in-addr.arpa][venlo.test.nl][hostmaster.test.nl] 2008060601
14400 3600 604800 86400
09/05 08:35:24.73 [2400] 0+0: ADMIN=admin@test..nl
protocol=https(specialist)
09/05 08:35:24.73 [2400] 0+0: #### CACHE DISABLED #### Cache directory
seems not exist: C:/Program Files/DeleGate/cache
09/05 08:35:24.73 [2400] 0+0: WORKDIR=/DeleGate/work/192.168.1.62..443
09/05 08:35:24.73 [2400] 0+0: MOUNT[0]X[3] /-/builtin/icons/* = default
09/05 08:35:24.73 [2400] 0+0: MOUNT[1]X[4] /-/* =
forbidden,from=!.RELIABLE,default
09/05 08:35:24.73 [2400] 0+0: MOUNT[2]X[0] /-* = default
09/05 08:35:24.73 [2400] 0+0: MOUNT[3]X[1] /=* = default
09/05 08:35:24.73 [2400] 0+0: MOUNT[4]X[5] /favicon.ico
builtin:icons/ysato/default.ico
default,direction=fo,onerror=404,expires=15m
09/05 08:35:24.73 [2400] 0+0: MOUNT[5]X[2] /* https://192.168.4.24/*
via=192.168.1.60
09/05 08:35:24.75 [2400] 0+0: Stay open PIDFILE for accept() lock[fd=16]
09/05 08:35:24.75 [2400] 0+0:
StickyReport[17,18]127.0.0.1:1426><127.0.0.1:1427 8192/8192 8192/65536
09/05 08:35:24.75 [2400] 0+0: env[27]
LIBPATH=.;C:\WINDOWS\system32;C:/Program
Files/DeleGate/lib;C:\delegate;C:/Program Files/DeleGate/etc
09/05 08:35:24.75 [2400] 0+0: ext[0] ADMIN=admin@test..nl
09/05 08:35:24.75 [2400] 0+0: ext[1] DGROOT=/DeleGate/
09/05 08:35:24.75 [2400] 0+0: ext[2] DELAY=reject:0,unknown:0
09/05 08:35:24.75 [2400] 0+0: ext[3] SERVER=https
09/05 08:35:24.75 [2400] 0+0: ext[4] AUTHORIZER=-ntht
09/05 08:35:24.75 [2400] 0+0: ext[5] HTTPCONF=methods:*
09/05 08:35:24.75 [2400] 0+0: ext[6] STLS=fsv,fcl,sslway -cert
lib/cert.crt -key lib/cert.key
09/05 08:35:24.75 [2400] 0+0: ext[7] MOUNT=/* https://192.168.4.24/*
via=192.168.1.60
09/05 08:35:24.75 [2400] 0+0: ext[8] REACHABLE=192.168.4.24:443
09/05 08:35:24.75 [2400] 0+0: ext[9] RELIABLE=*
09/05 08:35:24.75 [2400] 0+0: arg[1] LIBPATH=.;C:\delegate;C:/Program
Files/DeleGate/lib;delegate;C:/Program Files/DeleGate/etc
09/05 08:35:24.75 [2400] 0+0: arg[2] RESOLV=cache,file,dns
09/05 08:35:24.75 [2400] 0+0: arg[7] ADMIN=admin@test..nl
09/05 08:35:24.75 [2400] 0+0: DELEGATE_Modified[1]: 48c0d32c 1220596524
09/05 08:35:24.75 [2400] 0+0: --INITIALIZATION DONE-08090508+0100:
9.8.5-pre1 on WindowsNT--
(WIN) 07:35:24.763 [2400] --socketpair()=0 OK err=10048 0.015/1 (1426
1427) 0/0
09/05 08:35:24.76 [2400] 0+0: logMMap: 1320000 1336
09/05 08:35:24.76 [2400] 0+0: LOG-Socketpair[23,24]
(WIN) 07:36:00.216 [2400] --socketpair()=0 OK err=10048 0.015/1 (1426
1427) 0/0
(WIN) 07:36:00.248 [2400] spawn() = 488 [3956], children(alive=1/1)
0.047s
09/05 08:36:00.25 [2400] 1+0: spawn() = 488 [3956], children(alive=1/1)
0.047s
(WIN) 06:36:00.248 [3956] Path-Normalized<<< /DeleGate/
(WIN) 06:36:00.248 [3956] Path-Normalized>>> /DeleGate
09/05 08:36:00.25 [3956] 0+0: {R}
confid(RESOLV)[95c4b2abee89c01321ca019d478ea2d5]<-[]
09/05 08:36:00.25 [3956] 1+0: MAXIMA=delegated:64 for small mem=1333M
09/05 08:36:00.25 [3956] 1+0: Stay open PIDFILE for accept() lock[fd=25]
09/05 08:36:00.25 [3956] 1+1: FILTER[sslway]: sslway -cert lib/cert.crt
-key lib/cert.key
09/05 08:36:00.25 [3956] 1+1: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FSV:starttls"
09/05 08:36:00.25 [3956] 1+1: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FCL:starttls"
09/05 08:36:00.48 [3956] 1+1: ## SSLway ## 0.187000 connected/accepted
09/05 08:36:00.48 [3956] 1+1: ## SSLway initialized ctx #-99577434 0 0
09/05 08:36:00.51 [3956] 1+1: (0) accepted [58]
-@[56.38.217.136]ip76de87.speed.planet.com:34188 (0.265s)(1)
09/05 08:36:00.51 [3956] 1+1: PATH:
https://-:443!rd-was19-v:443!ip76de87.speed.planet.com:34188!anonymous@i
p76de87.speed.planet.com;1220596560
09/05 08:36:00.51 [3956] 1+1: # SSL record head[16  3  1  0 41] SSL3
8?/70
09/05 08:36:00.51 [3956] 1+1: gethostbyname(-) unknown[0.00s] 
09/05 08:36:00.51 [3956] 1+1: ## SSLway BA8 loadSession 0.000000 (0 0) /
-1
09/05 08:36:00.55 [3956] 1+1: ## SSLway ## 0.032000 sescache[0] HIT=0
sR=0 cR=1
09/05 08:36:00.56 [3956] 1+1: ## STLS ## IMPLICIT SSL ON 58,58,-1,39
09/05 08:36:00.56 [3956] 1+1: OK: SSL/cl 1220596560.51 0.00/6.00 0.00
0.05 = 1220596560.56
09/05 08:36:00.56 [3956] 1+1: 0.047 CFI_SYNC ready=2 [57/W]
09/05 08:36:00.56 [3956] 1+1: 0.047 CFI_SYNC ready=1 [A]
09/05 08:36:00.72 [3956] 1+1: ## SSLway FCL S-C:0/0 C-S:0/0
09/05 08:36:00.72 [3956] 1+1: SOCKET recv(58)=0 error=0 [0.000] TCP
AF_INET :1430 << :1431 
09/05 08:36:00.72 [3956] 1+1: HTTP empty_request ? from
ip76de87.speed.planet.com (1)
09/05 08:36:00.72 [3956] 1+1: ## left connected but dead [58]
09/05 08:36:00.72 [3956] 1+1: ---CLX 0x1 (0 0 1 0) 1/1
09/05 08:36:00.72 [3956] 1+1: disconnected [58]
-@[56.38.217.136]ip76de87.speed.planet.com:34188 (0.468s)(0)
09/05 08:36:00.72 [3956] 1+1: CFI-wait 1/1 0/1 as=0 xpid=-1,-1 0.00
09/05 08:36:00.72 [3956] 1+1: StickyServer done
[nonStickyProtocol(https:https:https)] 1 req / 1+0/1 conn / 0 sec
(WIN) 07:36:15.373 [2400] wait3(N) = 488 [3956] 0, children(alive=0/1)
0.00s
09/05 08:36:15.37 [2400] 1+0: wait3(N) = 488 [3956] 0,
children(alive=0/1) 0.00s
(WIN) 07:36:39.357 [2400] --socketpair()=0 OK err=10048 0.016/1 (1426
1427) 0/0
(WIN) 07:36:39.388 [2400] spawn() = 476 [1872], children(alive=1/2)
0.047s
09/05 08:36:39.39 [2400] 2+0: spawn() = 476 [1872], children(alive=1/2)
0.047s
(WIN) 06:36:39.388 [1872] Path-Normalized<<< /DeleGate/
(WIN) 06:36:39.388 [1872] Path-Normalized>>> /DeleGate
09/05 08:36:39.39 [1872] 0+0: {R}
confid(RESOLV)[95c4b2abee89c01321ca019d478ea2d5]<-[]
09/05 08:36:39.39 [1872] 2+0: MAXIMA=delegated:64 for small mem=1333M
09/05 08:36:39.40 [1872] 2+0: Stay open PIDFILE for accept() lock[fd=25]
09/05 08:36:39.40 [1872] 2+1: FILTER[sslway]: sslway -cert lib/cert.crt
-key lib/cert.key
09/05 08:36:39.40 [1872] 2+1: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FSV:starttls"
09/05 08:36:39.40 [1872] 2+1: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FCL:starttls"
09/05 08:36:39.62 [1872] 2+1: ## SSLway ## 0.188000 sescache[0] HIT=0
sR=0 cR=2
09/05 08:36:39.62 [1872] 2+1: ## SSLway initialized ctx #-99577434 0 0
09/05 08:36:39.64 [1872] 2+1: (0) accepted [56]
-@[56.38.217.136]ip76de87.speed.planet.com:34191 (0.250s)(1)
09/05 08:36:39.64 [1872] 2+1: PATH:
https://-:443!rd-was19-v:443!ip76de87.speed.planet.com:34191!anonymous@i
p76de87.speed.planet.com;1220596599
09/05 08:36:39.64 [1872] 2+1: # SSL record head[16  3  1  0 61] SSL3
8?/102
09/05 08:36:39.64 [1872] 2+1: gethostbyname(-) unknown[0.00s] 
09/05 08:36:39.64 [1872] 2+1: ## SSLway 20C loadSession 0.000000 (0 1) /
1
09/05 08:36:39.67 [1872] 2+1: ## SSLway ## 0.032000 sescache[1] HIT=1
sR=0 cR=1
09/05 08:36:39.67 [1872] 2+1: ## SSLway FCL S-C:0/0 C-S:0/0
09/05 08:36:39.69 [1872] 2+1: ## STLS ## IMPLICIT SSL ON 56,56,-1,37
09/05 08:36:39.69 [1872] 2+1: OK: SSL/cl 1220596599.64 0.00/6.00 0.00
0.05 = 1220596599.68
09/05 08:36:39.69 [1872] 2+1: 0.047 CFI_SYNC ready=2 [57/W]
09/05 08:36:39.69 [1872] 2+1: 0.047 CFI_SYNC ready=1 [A]
09/05 08:36:39.69 [1872] 2+1: ## left connected but dead [56]
09/05 08:36:39.69 [1872] 2+1: ## left connected but dead [56]
09/05 08:36:39.69 [1872] 2+1: ERROR: SSL/cl disconnected: 1 A 0[56]
09/05 08:36:39.69 [1872] 2+1: disconnected [56]
-@[56.38.217.136]ip76de87.speed.planet.com:34191 (0.297s)(0)
09/05 08:36:39.69 [1872] 2+1: CFI-wait 1/1 0/1 as=0 xpid=-1,-1 0.00
09/05 08:36:39.69 [1872] 2+1: StickyServer done
[nonStickyProtocol(https:https:https)] 1 req / 1+0/2 conn / 0 sec
(WIN) 07:36:39.732 [2400] --socketpair()=0 OK err=10048 0.016/1 (1426
1427) 0/0
(WIN) 07:36:39.763 [2400] spawn() = 564 [2036], children(alive=2/3)
0.047s
09/05 08:36:39.76 [2400] 3+0: spawn() = 564 [2036], children(alive=2/3)
0.047s
(WIN) 06:36:39.763 [2036] Path-Normalized<<< /DeleGate/
(WIN) 06:36:39.763 [2036] Path-Normalized>>> /DeleGate
09/05 08:36:39.76 [2036] 0+0: {R}
confid(RESOLV)[95c4b2abee89c01321ca019d478ea2d5]<-[]
09/05 08:36:39.76 [2036] 3+0: MAXIMA=delegated:64 for small mem=1330M
09/05 08:36:39.76 [2036] 3+0: Stay open PIDFILE for accept() lock[fd=25]
09/05 08:36:39.76 [2036] 3+1: FILTER[sslway]: sslway -cert lib/cert.crt
-key lib/cert.key
09/05 08:36:39.76 [2036] 3+1: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FSV:starttls"
09/05 08:36:39.76 [2036] 3+1: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FCL:starttls"
09/05 08:36:39.99 [2036] 3+1: ## SSLway ## 0.188000 sescache[0] HIT=0
sR=0 cR=2
09/05 08:36:39.99 [2036] 3+1: ## SSLway initialized ctx #-99577434 0 0
09/05 08:36:40.01 [2036] 3+1: (1) accepted [63]
-@[56.38.217.136]ip76de87.speed.planet.com:34192 (0.250s)(1)
09/05 08:36:40.01 [2036] 3+1: PATH:
https://-:443!rd-was19-v:443!ip76de87.speed.planet.com:34192!anonymous@i
p76de87.speed.planet.com;1220596600
09/05 08:36:40.01 [2036] 3+1: # SSL record head[16  3  1  0 61] SSL3
8?/102
09/05 08:36:40.01 [2036] 3+1: gethostbyname(-) unknown[0.00s] 
09/05 08:36:40.01 [2036] 3+1: ## SSLway 9BC loadSession 0.000000 (0 1) /
1
09/05 08:36:40.04 [2036] 3+1: ## SSLway ## 0.032000 sescache[1] HIT=1
sR=0 cR=1
09/05 08:36:40.06 [2036] 3+1: ## STLS ## IMPLICIT SSL ON 63,63,-1,36
09/05 08:36:40.06 [2036] 3+1: OK: SSL/cl 1220596600.01 0.00/6.00 0.00
0.05 = 1220596600.06
09/05 08:36:40.06 [2036] 3+1: 0.047 CFI_SYNC ready=2 [57/W]
09/05 08:36:40.06 [2036] 3+1: 0.047 CFI_SYNC ready=1 [A]
09/05 08:36:40.06 [2036] 3+1: Proxy: host=ip76de87.speed.planet.com;
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1;
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.1;
.NET CLR 2.0.50727); DIRECT
09/05 08:36:40.06 [2036] 3+1: HCKA:[0] Keep-Alive;
host=ip76de87.speed.planet.com; (User-Agent: Mozilla/4.0 (compatible;
MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1; SV1) ; InfoPath.1; .NET CLR 2.0.50727))
09/05 08:36:40.08 [2036] 3+1: REQUEST - GET / HTTP/1.1^M
09/05 08:36:40.08 [2036] 3+1: *** / => https://192.168.4.24/ ***
09/05 08:36:40.08 [2036] 3+1: REQUEST +M https://192.168.4.24/
HTTP/1.1^M
09/05 08:36:40.08 [2036] 3+1: ----NTHT accept 0 MO=1 UT=0
09/05 08:36:40.08 [2036] 3+1: ----NTHT_accept(0,63,63) ss=0
09/05 08:36:40.08 [2036] 3+1: ####cred name=NT AUTHORITY\SYSTEM
09/05 08:36:40.08 [2036] 3+1: ====NTLM Start
09/05 08:36:40.08 [2036] 3+1: SOCKET recv(41)=0 error=0 [0.000] TCP
AF_INET :1435 << :1434 
09/05 08:36:40.08 [2036] 3+1: ## SSLway FCL S-C:64/1 C-S:713/1
(WIN) 07:36:40.091 [2036] send(356) = -1+0 errno=10058 [1688]
09/05 08:36:40.09 [2036] 3+1: ## got SIGPIPE [1] in HTTP: 
(WIN) 07:36:40.091 [2036] +++EPIPE[63] fflushTIMEOUT() for EOF
09/05 08:36:40.09 [2036] 3+1: ClientEOF: request-EOF-7 [63 63] 330 8000
1
09/05 08:36:40.09 [2036] 3+1: HCKA:[0] closed -- d:by client(request
EOF-7)
09/05 08:36:40.09 [2036] 3+1: disconnected [63]
-@[56.38.217.136]ip76de87.speed.planet.com:34192 (0.328s)(0)
09/05 08:36:40.09 [2036] 3+1: CFI-wait 1/1 0/1 as=0 xpid=-1,-1 0.00
09/05 08:36:40.09 [2036] 3+1: StickyServer done
[nonStickyProtocol(https:https:https)] 1 req / 1+0/3 conn / 1 sec
(WIN) 07:36:40.107 [2400] wait3(N) = 476 [1872] 0, children(alive=1/3)
0.00s
09/05 08:36:40.11 [2400] 3+0: wait3(N) = 476 [1872] 0,
children(alive=1/3) 0.00s
(WIN) 07:36:54.904 [2400] wait3(N) = 564 [2036] 0, children(alive=0/3)
0.00s
09/05 08:36:54.90 [2400] 3+0: wait3(N) = 564 [2036] 0,
children(alive=0/3) 0.00s
09/05 08:38:47.75 [3532] 0+0: --- [ssl] 0 dglibssl.dll
09/05 08:38:47.75 [3532] 0+0: --- [ssl] 0 ssl.dll
09/05 08:38:47.75 [3532] 0+0: --- [ssl] 0 ssl
09/05 08:38:47.75 [3532] 0+0: ## cannot load ssl
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] 0 dgliblibeay32.dll
09/05 08:38:47.75 [3532] 0+0: --- [/DeleGate/lib\libeay32.dll]
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] 10000000
/DeleGate/lib\libeay32.dll
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] optional: SSL_set_SSL_CTX
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] optional:
SSL_get_servername
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] optional:
SSL_get_servername_type
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] optional:
SSL_CTX_callback_ctrl
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] optional:
SSL_CTX_use_certificate_chain_file
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] optional:
SSL_CTX_set_session_id_context
09/05 08:38:47.75 [3532] 0+0: --- [libeay32] optional:
SSL_CTX_set_generate_session_id
09/05 08:38:47.75 [3532] 0+0: ---- [libeay32] loaded 102 syms,
unknown=47+7, already=0
09/05 08:38:47.75 [3532] 0+0: --- [ssleay32] 0 dglibssleay32.dll
09/05 08:38:47.75 [3532] 0+0: --- [/DeleGate/lib\ssleay32.dll]
09/05 08:38:47.75 [3532] 0+0: --- [ssleay32] F00000
/DeleGate/lib\ssleay32.dll
09/05 08:38:47.75 [3532] 0+0: ---- [ssleay32] loaded 102 syms,
unknown=0+0, already=47
09/05 08:38:47.75 [3532] 0+0: ---- unknown = 0+0, already = 47 / 102
09/05 08:38:47.75 [3532] 0+0: +++ loaded OpenSSL 0.9.8g 19 Oct 2007
09/05 08:38:47.75 [3532] 0+0: ... testing resolver[SYS] with
'WWW.DeleGate.ORG'
09/05 08:38:47.75 [3532] 0+0: ... you can suppress this test by
RES_WAIT=0
09/05 08:38:47.76 [3532] 0+0: ... gethostname(rd-was19-v)
09/05 08:38:47.76 [3532] 0+0: configuring default RESOLV ...
09/05 08:38:47.76 [3532] 0+0: ... gethostname()='rd-was19-v'
09/05 08:38:47.76 [3532] 0+0: ... SYS: rd-was19-v -> 192.168.1.60
09/05 08:38:47.76 [3532] 0+0: ... DNS: 192.168.1.60 ->
certinternal.test.nl
09/05 08:38:47.76 [3532] 0+0: ... DNS available
09/05 08:38:47.76 [3532] 0+0: ... NIS not available (no default domain)
09/05 08:38:47.76 [3532] 0+0: ... export RES_ORDER=CFD
09/05 08:38:47.76 [3532] 0+0: {R}
confid(detected)[9e444c56c82dc1bc55a42ac40c686088]<-[]
09/05 08:38:47.76 [3532] 0+0: export RESOLV=cache,file,dns (set by
default)
SRCSIGN=9.8.5-pre1:20080905105714+0900:be5143a3b56603e2:Author@DeleGate..
ORG:a9lNFuLHuNUEQU6ImScJCllhLSiOXDlY4v5ZBpFz/hVuOAZ3vijwh5yxPnPP/7tJg/BY
mkOz6qviTtWeEI/VyPz4cWtrqfWWZw/NKu4erhMyygSXAlffy9O521+JZru/T+8GBdkyjblR
sWsqIMV52pPE7keWmROAqZfN5tHUT3E=
BLDSIGN=9.8.5-pre1:20080905105837+0900:be5143a3b56603e2::-
09/05 08:38:47.78 [3532] 0+0: --INITIALIZATION START-08090508+0100:
9.8.5-pre1 on WindowsNT--
09/05 08:38:47.78 [3532] 0+0: BINSHELL=/bin/sh
09/05 08:38:47.78 [3532] 0+0: MAXIMA=delegated:64 for small mem=1332M
09/05 08:38:47.78 [3532] 0+0: scan STLS and FILTERS before beDaemon()...
09/05 08:38:47.78 [3532] 0+0: FILTER[sslway]: sslway -cert lib/cert.crt
-key lib/cert.key
09/05 08:38:47.78 [3532] 0+0: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FSV:starttls"
09/05 08:38:47.78 [3532] 0+0: STLS -> CMAP="sslway -cert lib/cert.crt
-key lib/cert.key:FCL:starttls"
09/05 08:38:47.78 [3532] 0+0: --- [dgzlib1] 0 dglibdgzlib1.dll
09/05 08:38:47.78 [3532] 0+0: --- [C:\delegate\dgzlib1.dll]
09/05 08:38:47.78 [3532] 0+0: --- [dgzlib1] FC0000
C:\delegate\dgzlib1.dll
09/05 08:38:47.78 [3532] 0+0: ---- [dgzlib1] loaded 17 syms,
unknown=0+0, already=0
09/05 08:38:47.78 [3532] 0+0: +++ loaded Zlib 1.2.3.f-DeleGate-v3
09/05 08:38:47.78 [3532] 0+0: #### gzip/gunzip = dynamically linked
09/05 08:38:47.98 [3532] 0+0: ## SSLway ## 0.203000 connected/accepted
09/05 08:38:47.98 [3532] 0+0: ## SSLway initialized ctx #-99577434 0 0
(WIN) 07:38:47.982 [3532] #### send_file (3532,1)[1768,7] ->
3532[1824,0] (0,Err=87)
(WIN) 07:38:47.982 [3532] #### file to be sent fd=1 -> 0 DCC0000
231473152
09/05 08:38:47.98 [3532] 0+0: #### CACHE DISABLED #### Cache directory
seems not exist: C:/Program Files/DeleGate/cache
09/05 08:38:47.98 [3532] 0+0: #### start a service...
09/05 08:38:47.99 [3532] 0+0:
server_open(delegate,192.168.1.62:443,listen=20)
09/05 08:38:47.99 [3532] 0+0: server_open: 192.168.1.62:443
09/05 08:38:47.99 [3532] 0+0: server_open(delegate,192.168.1.62:443)
BOUND
(WIN) 07:38:50.873 [2400] [3896] svc Terminate...
09/05 08:38:50.87 [2400] 3+0: TERMINATE...
09/05 08:38:50.87 [2400] 3+0: CRC ERROR 0 FFFFFFB8
09/05 08:38:50.87 [2400] 3+0: StickyKill(15): 0/0 killed
09/05 08:38:50.87 [2400] 3+0: unlinked
/DeleGate/work/192.168.1.62..443/2400
09/05 08:38:50.87 [2400] 3+0: removed /DeleGate/work/192.168.1.62..443/
09/05 08:38:50.89 [2400] 3+0: TERMINATED.
09/05 08:38:50.89 [2400] 3+0: AcceptByMain: break on TERMINATE.
09/05 08:38:50.89 [2400] 3+0: main loop break on TERMINATE.
09/05 08:38:50.89 [2400] 3+0: _main() done
09/05 08:38:50.89 [2400] 3+0: SetStatus: STOPPED
(WIN) 07:38:50.888 [2400] [1988] svc SetStatus: STOPPED
09/05 08:38:50.89 [2400] 3+0: SetStatus: STOP
(WIN) 07:38:50.888 [2400] [3896] svc SetStatus: STOP
(WIN) 07:38:50.888 [2400] [1988] svc ExitThread() from ServiceStart()
(WIN) 07:38:50.920 [2400] [3896] svc start_service() done (1,1,0)
(WIN) 07:38:50.920 [2400] [3896] svc DO_INITIALIZE -> DO_FINALIZE
(WIN) 07:38:50.920 [2400] [3896] svc DO_FINALIZE 0 0 

Thanks. 

Kind regards,

Willy Nagel.

-----Original Message-----
From: Yutaka Sato [mailto:feedback@delegate.org] 
Sent: Friday, September 05, 2008 4:13 AM
To: feedback@delegate.org
Cc: Nagel, Willy
Subject: Re: [DeleGate-En] FW: [DeleGate-En] Windows Integrated
Authentication

Hi Willy,

First of all, it seems that I disabled the ability to relay NTLM
authentication with AUTHORIZER=-ntht or -Enh.  It should be fixed as the
enclosed patch.  I uploaded the modified version as 9.8.5-pre1.
Thank you for your notice.

In message
<_A4103@delegate-en.ML_>
on 09/04/08(19:09:05) you "Nagel, Willy" <ptihqbdyi-uyhyq223y4tr.ml@ml.delegate.org> wrote:
 |AUTHORIZER=-ntht
...
 |The setup is as follows:
 |
 |IIS (destination ip) - (other-ip-of-delegate-server) delegate
 |(ip-to-listen-on) - client
 |
 |In IIS windows integrated authentication (NTLM) is enabled.
 |
 |Still, when connecting to delegate, I'm unable to connect. The logfile
 |shows:
 |
 |09/04 09:59:33.97 [2444] 3+1: REQUEST - GET / HTTP/1.1^M
 |09/04 09:59:33.97 [2444] 3+1: *** / => destination_ip/ ***
 |09/04 09:59:33.97 [2444] 3+1: REQUEST +M destination_ip/ HTTP/1.1^M
 |09/04 09:59:33.98 [2444] 3+1: ----NTHT accept 0 MO=1 UT=0
 |09/04 09:59:33.98 [2444] 3+1: ----NTHT_accept(0,53,53) ss=0
 |09/04 09:59:33.98 [2444] 3+1: ####cred name=NT AUTHORITY\SYSTEM
 |09/04 09:59:33.98 [2444] 3+1: ====NTLM Start ...
 |09/04 09:59:33.98 [2444] 3+1: disconnected [53] -@[ip]hostname:31199

The NTLM authentication is achieved in two phases and this log shows
only the first phase just to return a challenge response to the client.
The problem was in the second phase to be followed right after this.

 |Is there something wrong in my setup / configuration or did I miss
|anything? Any help would be appreciated.
 |
 |In your documentation I don't find anything about the -Enh option.

It is not ducumented because It might be the default behavior in future
version.

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

*** dist/src/delegate9.8.4/src/http.c	Wed Sep  3 05:11:24 2008
--- src/http.c	Fri Sep  5 09:51:03 2008
***************
*** 11443,11450 ****
--- 11443,11457 ----
  		if( lSECRET() ){
  			sv1log("----NTHT retryAuth:
%s%sX\n",REQ,REQ_FIELDS);
  		}
+ 		/*
  		if( (withNTHT & NTHT_REQ) && (withNTHT & NTHT_RES) ){
+ 		*/
+ 		if( withNTHT & NTHT_RES ){
+ 			if( withNTHT & NTHT_CLAUTHOK ){
+ 				sv1log("----NTHT with client's
auth.\n");
+ 			}else
  			if( (HTTP_opts & HTTP_DOAUTHCONV) == 0 ){
+ 				sv1log("----NTHT without auth.
conv.\n");
  				flushRESP(Conn,ftc);
  				return;
  			}


This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law.

If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.

If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message.

Thank you for your co-operation.



  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V