HTTP 401 when GET valid resource

[Unyxos]

Hello! :)

I'm trying to use this lib in my go project, we've been using https://github.com/Azure/go-ntlmssp which worked fine until now that we need to use channel bindings.. we're interacting with an AD Certificate Services instance

I wanted to start simple and "just" replace the Azure lib (with which we're able to authenticate using NTLM properly on the remote server), however, with the same creds we keep getting 401 using this lib.

I've been trying to debug this to understand better what could be happening (to the point of trying to make a sense of the decoded base64 headers used during the negociations and comparing them with Azure's ones) but so far I haven't been able to fix anything.

While this works (with Azure lib):

client := &http.Client{
    Transport: azurentlm.Negotiator{
        RoundTripper: &http.Transport{},
    },
}

req, _ := http.NewRequest("GET", url, nil)
req.SetBasicAuth(username, password)
resp, err := client.Do(req)
if err != nil {
    fmt.Println(err)
    return
}

This doesn't with this lib (I replaced some errs with _ as they don't throw errors for the sake of readability) :

ntlmClient, _ := ntlmssp.NewClient(
    ntlmssp.SetUserInfo(username, password),
)

client := &http.Client{}
ntlmhttpclient, _ := ntlmhttp.NewClient(client, ntlmClient)

resp, err := ntlmhttpclient.Get(url)
if err != nil {
    fmt.Println(err)
    return
}

Is this something you might have encountered before & managed to fix? I already tried playing with workstation name, domain, setting the Version to the same values as what can be found in Azure's lib, no success

Note that in both attempts, username, passwords & URL are the same. Domain isn't defined for either lib (and our username isn't something like domain\user nor user@domain, but just user