Re: Quoting Username/Password in authenticate.c

You can try the attached patch. It is a direct port of the old one.
Completely untested, but not much have changed...

--
Henrik
Andrew Reid wrote:
> On Fri, Sep 07, 2001 at 09:11:06AM +0200, Henrik Nordstrom wrote:
>
> > It is a very good idea. Actually I have even made a patch to
> > Squid-2.2.STABLE3 once in a time but without an on/off option. (see
> > http://squid.sourceforge.net/hno/patches-devel.html#wait).
>
> Would you be able to "port" the patch to SQUID-2.4?
>
>    - andrew
>
> --
> void signature () {
>         cout << "Andrew Reid -- andrew.reid@plug.cx" << endl ;
>         cout << "Cell: +61 401 946 813" << endl;
>         cout << "Quidquid latine dictum sit, altum viditur" << endl;
> }

Squid-2.4.STABLE5: proxy_auth and spaces in username or password
    This patch adds support for spaces in the username or password by
    encoding unsafe characters before calling the authenticator. Please note
    that this patch breaks compability with any existing authenticator modules
    and you need to URL unescape the username and password prior to processing
    or authentication will fail if unsafe characters is used in the username
    or password.

Index: squid/auth_modules/NCSA/ncsa_auth.c
--- squid/auth_modules/NCSA/ncsa_auth.c 1998/10/08 02:40:02 1.5
+++ squid/auth_modules/NCSA/ncsa_auth.c 2001/09/11 05:32:24
@@ -130,6 +130,8 @@
                 printf("ERR\n");
                 continue;
         }
+ rfc1738_unescape(user);
+ rfc1738_unescape(passwd);
         u = hash_lookup(hash, user);
         if (u == NULL) {
             printf("ERR\n");
Index: squid/auth_modules/SMB/Makefile.in
--- squid/auth_modules/SMB/Makefile.in 2001/01/16 21:12:27 1.3.2.1
+++ squid/auth_modules/SMB/Makefile.in 2001/09/11 05:32:24
@@ -56,7 +56,7 @@
 
 INCLUDE = -I. -I../../include -I$(top_srcdir)/include
 CFLAGS = $(AC_CFLAGS) $(INCLUDE) $(DEFINES)
-AUTH_LIBS = $(XTRA_LIBS)
+AUTH_LIBS = -L../../lib/ -lmiscutil $(XTRA_LIBS)
 
 LIBPROGS = $(SMB_AUTH_EXE)
 LIBSCRIPTS = $(SMB_AUTH_HELPER)
Index: squid/auth_modules/SMB/smb_auth.c
--- squid/auth_modules/SMB/smb_auth.c 2001/02/17 10:22:57 1.2.2.2
+++ squid/auth_modules/SMB/smb_auth.c 2001/09/11 05:32:24
@@ -45,6 +45,8 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "util.h"
+
 #define BUFSIZE 256
 #define NMB_UNICAST 1
 #define NMB_BROADCAST 2
@@ -183,6 +185,9 @@
                         }
                         continue;
                 }
+
+ rfc1738_unescape(user);
+ rfc1738_unescape(pass);
 
                 if (strcmp(argv[i], "-S") == 0)
                 {
Index: squid/auth_modules/getpwnam/getpwnam_auth.c
--- squid/auth_modules/getpwnam/getpwnam_auth.c 1999/04/15 06:14:56 1.2
+++ squid/auth_modules/getpwnam/getpwnam_auth.c 2001/09/11 05:32:24
@@ -40,6 +40,7 @@
 #include <pwd.h>
 #endif
 
+#include "util.h"
 
 #define ERR "ERR\n"
 #define OK "OK\n"
@@ -65,6 +66,8 @@
             printf(ERR);
             continue;
         }
+ rfc1738_unescape(user);
+ rfc1738_unescape(passwd);
         pwd = getpwnam(user);
         if (pwd == NULL) {
             printf(ERR);
Index: squid/src/authenticate.c
--- squid/src/authenticate.c 2001/01/12 00:51:44 1.13.2.1
+++ squid/src/authenticate.c 2001/09/11 05:32:25
@@ -37,6 +37,8 @@
 
 typedef struct {
     void *data;
+ char user[256];
+ char passwd[256];
     acl_proxy_auth_user *auth_user;
     RH *handler;
 } authenticateStateData;
@@ -96,12 +98,13 @@
     }
     r = xcalloc(1, sizeof(authenticateStateData));
     cbdataAdd(r, cbdataXfree, 0);
+ xstrncpy(r->user, rfc1738_escape(hashKeyStr(auth_user->hash), sizeof(r->user));
+ xstrncpy(r->passwd, rfc1738_escape(auth_user->passwd), sizeof(r->passwd));
     r->handler = handler;
     cbdataLock(data);
     r->data = data;
     r->auth_user = auth_user;
- snprintf(buf, 8192, "%s %s\n", hashKeyStr(&r->auth_user->hash),
- r->auth_user->passwd);
+ snprintf(buf, 8192, "%s %s\n", r->user), r->passwd);
     helperSubmit(authenticators, buf, authenticateHandleReply, r);
 }
 
Received on Tue Sep 11 2001 - 02:41:48 MDT