Re: [squid-users] Digest_Ldap_Auth bug??

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Thu, 05 Jun 2008 22:19:19 +0200

tor 2008-06-05 klockan 12:47 -0500 skrev Luis Daniel Lucio Quiroz:
>
> Helo Squids,
> While debugin why my auth does not work I find this function with a little
> pitty I'm not sure it is okay. I'm a C++ programmer. At file digest_pw_auth
> (squid 3stable6) I found this function:

> static void
> ParseBuffer(char *buf, RequestData * requestData)

> If you read carefully request-Data->real appears twice. So char *password is
> not pointed and always will be null.

Correct and it's intended. password is from another source (the password
file). This function parses the request sent by Squid, not the password
file.

The request sent by Squid is having the format
"user":"realm"

The first realm assignment in that function is a dummy assignment. The
correct line should read

    if ((strtok(NULL, "\"")) == NULL)

as the result is only verified then discarded (it's the ':' token)

Regards
Henrik
Received on Thu Jun 05 2008 - 20:19:30 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 06 2008 - 12:00:03 MDT