commit d3be89bb73a0324731d16e795d59d418ac8f3bff
author Willy Tarreau <w@1wt.eu> Thu May 07 19:10:15 2020 +0200
committer Christopher Faulet <cfaulet@haproxy.com> Mon May 25 08:22:22 2020 +0200
tree 615ae65c3d4546c9ebf9d0e6e57a2436c2643832
parent 8762feaabc0a14e474f60609231f63ac33639fe1

BUG/MINOR: http-ana: fix NTLM response parsing again

Commit 9df188695f ("BUG/MEDIUM: http-ana: Handle NTLM messages correctly.")
tried to address an HTTP-reuse issue reported in github issue #511 by making
sure we properly detect extended NTLM responses, but made the match case-
sensitive while it's a token so it's case insensitive.

This should be backported to the same versions as the commit above.

(cherry picked from commit 49a1d28fcb69b87317ab7ae7f26505c69ec927d9)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit b22441dfca4be0287511838eda615cb9b2af90f7)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

src/proto_htx.c

diff --git a/src/proto_htx.c b/src/proto_htx.c
index 7b3464b..5b74733 100644
--- a/src/proto_htx.c
+++ b/src/proto_htx.c
@@ -1804,7 +1804,7 @@
 		ctx.blk = NULL;
 		while (http_find_header(htx, hdr, &ctx, 0)) {
 			if ((ctx.value.len >= 9 && word_match(ctx.value.ptr, ctx.value.len, "Negotiate", 9)) ||
-			    (ctx.value.len >= 4 && !memcmp(ctx.value.ptr, "NTLM", 4))) {
+			    (ctx.value.len >= 4 && strncasecmp(ctx.value.ptr, "NTLM", 4) == 0)) {
 				sess->flags |= SESS_FL_PREFER_LAST;
 				srv_conn->flags |= CO_FL_PRIVATE;
 			}