Index: basic_auth/winbind/wb_basic_auth.c =================================================================== RCS file: /cvsroot/squid/squid/helpers/basic_auth/winbind/wb_basic_auth.c,v retrieving revision 1.1.2.3 diff -u -p -r1.1.2.3 wb_basic_auth.c --- basic_auth/winbind/wb_basic_auth.c 2 Jul 2002 21:05:19 -0000 1.1.2.3 +++ basic_auth/winbind/wb_basic_auth.c 20 Jul 2002 08:05:16 -0000 @@ -31,6 +31,7 @@ char debug_enabled=0; char *myname; pid_t mypid; +int err = 0; NSS_STATUS winbindd_request(int req_type, struct winbindd_request *request, @@ -62,19 +63,32 @@ void do_authenticate(char *user, char *p return; /* useless */ } +static void +usage(char *program) +{ + fprintf(stderr,"Usage: %s [-d] [-h]\n" + " -d enable debugging\n" + " -h this message\n", + program); +} void process_options(int argc, char *argv[]) { int opt; - while (-1 != (opt = getopt(argc, argv, "d"))) { + opterr = 0; + while (-1 != (opt = getopt(argc, argv, "dh"))) { switch (opt) { case 'd': debug_enabled = 1; break; + case 'h': + usage(argv[0]); + exit(0); default: - warn("Unknown option: -%c. Exiting\n", opt); + warn("Unknown option: -%c\n\n", optopt); + usage(argv[0]); exit(1); break; /* not reached */ } @@ -82,7 +96,6 @@ process_options(int argc, char *argv[]) return; } - void manage_request(void) { char buf[BUFFER_SIZE+1]; @@ -97,14 +110,27 @@ void manage_request(void) c=memchr(buf,'\n',BUFFER_SIZE); if (c) { - *c='\0'; - length=c-buf; + *c = '\0'; + length = c-buf; } else { - warn("No newline in '%s'. Dying.\n",buf); - exit(1); + err = 1; + return; + } + if (err) { + warn("Oversized message\n"); + SEND("ERR"); + err = 0; + return; } debug("Got '%s' from squid (length: %d).\n",buf,length); + + if (buf[0] == '\0') { + warn("Invalid Request\n"); + SEND("ERR"); + return; + } + user=buf; pass=memchr(buf,' ',length); Index: basic_auth/winbind/wbntlm.h =================================================================== RCS file: /cvsroot/squid/squid/helpers/basic_auth/winbind/wbntlm.h,v retrieving revision 1.1.2.1 diff -u -p -r1.1.2.1 wbntlm.h --- basic_auth/winbind/wbntlm.h 28 Jun 2002 14:46:20 -0000 1.1.2.1 +++ basic_auth/winbind/wbntlm.h 20 Jul 2002 08:05:16 -0000 @@ -33,8 +33,6 @@ /* the attempted entropy source. If it doesn't exist, random() is uesed */ #define ENTROPY_SOURCE "/dev/urandom" -#define DOMAIN "GCSINT" /* TODO: fix ntlm_make_challenge */ - /************* END CONFIGURATION *************/ /* Debugging stuff */ Index: external_acl/winbind_group/wb_check_group.c =================================================================== RCS file: /cvsroot/squid/squid/helpers/external_acl/winbind_group/wb_check_group.c,v retrieving revision 1.2.2.2 diff -u -p -r1.2.2.2 wb_check_group.c --- external_acl/winbind_group/wb_check_group.c 17 Jul 2002 15:30:22 -0000 1.2.2.2 +++ external_acl/winbind_group/wb_check_group.c 20 Jul 2002 08:05:16 -0000 @@ -186,18 +186,32 @@ Valid_Group(char *UserName, char *UserGr return match; } +static void +usage(char *program) +{ + fprintf(stderr,"Usage: %s [-d] [-h]\n" + " -d enable debugging\n" + " -h this message\n", + program); +} + void process_options(int argc, char *argv[]) { int opt; - while (-1 != (opt = getopt(argc, argv, "d"))) { + opterr = 0; + while (-1 != (opt = getopt(argc, argv, "dh"))) { switch (opt) { case 'd': debug_enabled = 1; break; + case 'h': + usage(argv[0]); + exit(0); default: - warn("Unknown option: -%c. Exiting\n", opt); + warn("Unknown option: -%c\n\n", optopt); + usage(argv[0]); exit(1); break; /* not reached */ } @@ -212,6 +226,7 @@ main (int argc, char *argv[]) char buf[BUFSIZE]; char *username; char *group; + int err = 0; if (argc > 0) { /* should always be true */ myname=strrchr(argv[0],'/'); @@ -234,22 +249,37 @@ main (int argc, char *argv[]) /* Main Loop */ while (fgets (buf, BUFSIZE, stdin)) { - + if (NULL == strchr(buf, '\n')) { + err = 1; + continue; + } + if (err) { + warn("Oversized message\n"); + goto error; + } + if ((p = strchr(buf, '\n')) != NULL) *p = '\0'; /* strip \n */ if ((p = strchr(buf, '\r')) != NULL) *p = '\0'; /* strip \r */ debug("Got '%s' from Squid (length: %d).\n",buf,sizeof(buf)); - + + if (buf[0] == '\0') { + warn("Invalid Request\n"); + goto error; + } + username = strwordtok(buf, &t); group = strwordtok(NULL, &t); if (Valid_Group(username, group)) { printf ("OK\n"); } else { +error: printf ("ERR\n"); } + err = 0; } return 0; } Index: ntlm_auth/winbind/wb_ntlm_auth.c =================================================================== RCS file: /cvsroot/squid/squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c,v retrieving revision 1.1.2.3 diff -u -p -r1.1.2.3 wb_ntlm_auth.c --- ntlm_auth/winbind/wb_ntlm_auth.c 18 Jul 2002 21:03:32 -0000 1.1.2.3 +++ ntlm_auth/winbind/wb_ntlm_auth.c 20 Jul 2002 08:05:16 -0000 @@ -17,9 +17,7 @@ */ /* * TODO: - * -add handling of the -d flag * -move all squid-helper-protocol-related operations to helper functions - * -remove the hard-coded target NT domain name * * - MAYBE move squid-helper-protocol-related opetations to an external * library? @@ -363,7 +361,7 @@ usage(char *program) { fprintf(stderr,"Usage: %s [-d] [-h] [domain]\n" " -d enable debugging\n" - " -hi this message\n" + " -h this message\n" " domain target domain, if different from the winbind configuration\n", program); } @@ -374,6 +372,7 @@ process_options(int argc, char *argv[]) int opt; char *target_domain = NULL; + opterr = 0; while (-1 != (opt = getopt(argc, argv, "dh"))) { switch (opt) { case 'd': @@ -383,7 +382,7 @@ process_options(int argc, char *argv[]) usage(argv[0]); exit(0); default: - warn("Unknown option: -%c\n\n", opt); + warn("Unknown option: -%c\n\n", optopt); usage(argv[0]); exit(1); break; /* not reached */