squid-2.5.STABLE1-auth-proxy.patch

   1 Index: squid/src/client_side.c
   2 diff -c squid/src/client_side.c:1.561.2.23 squid/src/client_side.c:1.561.2.25
   3 *** squid/src/client_side.c:1.561.2.23  Sun Nov 10 07:33:06 2002
   4 --- squid/src/client_side.c     Mon Nov 11 14:00:23 2002
   5 ***************
   6 *** 1357,1362 ****
   7 --- 1357,1379 ----
   8             httpHeaderPutInt(hdr, HDR_AGE,
   9                 squid_curtime - http->entry->timestamp);
  10       }
  11 +     /* Filter unproxyable authentication types */
  12 +     if (http->log_type != LOG_TCP_DENIED &&
  13 +       (httpHeaderHas(hdr, HDR_WWW_AUTHENTICATE) || httpHeaderHas(hdr, HDR_PROXY_AUTHENTICATE))) {
  14 +       HttpHeaderPos pos = HttpHeaderInitPos;
  15 +       HttpHeaderEntry *e;
  16 +       while ((e = httpHeaderGetEntry(hdr, &pos))) {
  17 +           if (e->id == HDR_WWW_AUTHENTICATE || e->id == HDR_PROXY_AUTHENTICATE) {
  18 +               const char *value = strBuf(e->value);
  19 +               if ((strncasecmp(value, "NTLM", 4) == 0 &&
  20 +                       (value[4] == '\0' || value[4] == ' '))
  21 +                   ||
  22 +                   (strncasecmp(value, "Negotiate", 9) == 0 &&
  23 +                       (value[9] == '\0' || value[9] == ' ')))
  24 +                   httpHeaderDelAt(hdr, pos);
  25 +           }
  26 +       }
  27 +     }
  28       /* Handle authentication headers */
  29       if (request->auth_user_request)
  30         authenticateFixHeader(rep, request->auth_user_request, request, http->flags.accel, 0);