From 95615f537770bf98d2db67c619111ec0efc880cc Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Wed, 6 Nov 2019 00:16:16 -0700
Subject: [PATCH] reverse_proxy: Fix NTLM auth detection

D'oh. Got mixed up in a refactoring.
---
 modules/caddyhttp/reverseproxy/ntlm.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/modules/caddyhttp/reverseproxy/ntlm.go b/modules/caddyhttp/reverseproxy/ntlm.go
index 06ee4f8fd..e2d46b432 100644
--- a/modules/caddyhttp/reverseproxy/ntlm.go
+++ b/modules/caddyhttp/reverseproxy/ntlm.go
@@ -19,6 +19,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"strings"
 	"sync"
 
 	"github.com/caddyserver/caddy/v2"
@@ -205,7 +206,8 @@ func (n *NTLMTransport) deleteTransportsForClient(clientAddr string) {
 // header with values "NTLM" or "Negotiate".
 func requestHasAuth(req *http.Request) bool {
 	for _, val := range req.Header["Authorization"] {
-		if val == "NTLM" || val == "Negotiate" {
+		if strings.HasPrefix(val, "NTLM") ||
+			strings.HasPrefix(val, "Negotiate") {
 			return true
 		}
 	}