[packages/squid.git] / squid-2.5.STABLE7-fakeauth_auth.patch

Index: squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
diff -c squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1 squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.7
*** squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1	Fri Aug 20 02:09:58 2004
--- squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c	Fri Jan  7 14:12:27 2005
***************
*** 38,47 ****
  #if HAVE_PWD_H
  #include <pwd.h>
  #endif
! 
! 
! #define ERR    "ERR\n"
! #define OK     "OK\n"
  
  #if 0
  #define NTLM_STATIC_CHALLENGE "deadbeef"
--- 38,46 ----
  #if HAVE_PWD_H
  #include <pwd.h>
  #endif
! #if HAVE_ASSERT_H
! #include <assert.h>
! #endif
  
  #if 0
  #define NTLM_STATIC_CHALLENGE "deadbeef"
***************
*** 55,61 ****
  static void
  lc(char *string)
  {
!     char *p = string, c;
      while ((c = *p)) {
  	*p = tolower(c);
  	p++;
--- 54,61 ----
  static void
  lc(char *string)
  {
!     char *p = string;
!     char c;
      while ((c = *p)) {
  	*p = tolower(c);
  	p++;
***************
*** 65,71 ****
  
  /*
   * Generates a challenge request. The randomness of the 8 byte 
!  * challenge strings can be guarenteed to be poor at best.
   */
  void
  ntlmMakeChallenge(struct ntlm_challenge *chal)
--- 65,71 ----
  
  /*
   * Generates a challenge request. The randomness of the 8 byte 
!  * challenge strings can be guaranteed to be poor at best.
   */
  void
  ntlmMakeChallenge(struct ntlm_challenge *chal)
***************
*** 89,95 ****
      if (authenticate_ntlm_domain != NULL)
  	while (authenticate_ntlm_domain[i++]);
  
- 
      chal->target.offset = WSWAP(48);
      chal->target.maxlen = SSWAP(i);
      chal->target.len = chal->target.maxlen;
--- 89,94 ----
***************
*** 110,116 ****
  }
  
  /*
!  * Check the vailidity of a request header. Return -1 on error.
   */
  int
  ntlmCheckHeader(ntlmhdr * hdr, int type)
--- 109,115 ----
  }
  
  /*
!  * Check the validity of a request header. Return -1 on error.
   */
  int
  ntlmCheckHeader(ntlmhdr * hdr, int type)
***************
*** 127,135 ****
  	return 0;
  
      if (WSWAP(hdr->type) != type) {
! /* don't report this error - it's ok as we do a if() around this function */
! //      fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n",
! 	//          WSWAP(hdr->type), type);
  	return (-1);
      }
      return (0);
--- 126,133 ----
  	return 0;
  
      if (WSWAP(hdr->type) != type) {
! 	/* don't report this error - it's ok as we do a if() around this function */
! 	/* fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n", WSWAP(hdr->type), type); */
  	return (-1);
      }
      return (0);
***************
*** 142,150 ****
  ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags)
  {
      static char buf[512];
!     u_short *s, c;
!     char *d, *sc;
!     int l, o;
  
      l = SSWAP(str->len);
      o = WSWAP(str->offset);
--- 140,151 ----
  ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags)
  {
      static char buf[512];
!     u_short *s;
!     u_short c;
!     char *d;
!     char *sc;
!     int l;
!     int o;
  
      l = SSWAP(str->len);
      o = WSWAP(str->offset);
***************
*** 195,256 ****
  int
  ntlmDecodeAuth(struct ntlm_authenticate *auth, char *buf, size_t size)
  {
!     char *p, *origbuf;
      int s;
  
!     if (!buf) {
  	return 1;
-     }
      origbuf = buf;
!     if (ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE)) {
  
- 	fprintf(stderr, "ntlmDecodeAuth: header check fails\n");
- 	return -1;
-     }
- /* only on when you need to debug
-  * fprintf(stderr,"ntlmDecodeAuth: size of %d\n", size);
-  * fprintf(stderr,"ntlmDecodeAuth: flg %08x\n", auth->flags);
-  * fprintf(stderr,"ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, auth->user.len);
-  */
      if ((p = ntlmGetString(&auth->hdr, &auth->domain, 2)) == NULL)
  	p = authenticate_ntlm_domain;
! //      fprintf(stderr,"ntlmDecodeAuth: Domain '%s'.\n",p);
      if ((s = strlen(p) + 1) >= size)
  	return 1;
      strcpy(buf, p);
! //      fprintf(stdout,"ntlmDecodeAuth: Domain '%s'.\n",buf);
  
      size -= s;
      buf += (s - 1);
      *buf++ = '\\';		/* Using \ is more consistent with MS-proxy */
  
      p = ntlmGetString(&auth->hdr, &auth->user, 2);
      if ((s = strlen(p) + 1) >= size)
  	return 1;
      while (*p)
! 	*buf++ = (*p++);	//tolower
  
      *buf++ = '\0';
      size -= s;
! //      fprintf(stderr, "ntlmDecodeAuth: user: %s%s\n",origbuf, p);
! 
  
      return 0;
  }
  
  
  int
! main()
  {
      char buf[256];
!     char user[256], *p, *cleartext;
      struct ntlm_challenge chal;
      int len;
      char *data = NULL;
  
      setbuf(stdout, NULL);
      while (fgets(buf, 256, stdin) != NULL) {
! 	user[0] = '\0';		/*no usercode */
  
  	if ((p = strchr(buf, '\n')) != NULL)
  	    *p = '\0';		/* strip \n */
--- 196,265 ----
  int
  ntlmDecodeAuth(struct ntlm_authenticate *auth, char *buf, size_t size)
  {
!     char *p;
!     char *origbuf;
      int s;
  
!     if (!buf)
  	return 1;
      origbuf = buf;
!     assert (0 == ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE));
! 
! #if DEBUG_FAKEAUTH
!     fprintf(stderr,"ntlmDecodeAuth: size of %d\n", size);
!     fprintf(stderr,"ntlmDecodeAuth: flg %08x\n", auth->flags);
!     fprintf(stderr,"ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset,
! 	auth->user.len);
! #endif
  
      if ((p = ntlmGetString(&auth->hdr, &auth->domain, 2)) == NULL)
  	p = authenticate_ntlm_domain;
! #if DEBUG_FAKEAUTH
!     fprintf(stderr,"ntlmDecodeAuth: Domain '%s'.\n",p);
! #endif
      if ((s = strlen(p) + 1) >= size)
  	return 1;
      strcpy(buf, p);
! #if DEBUG_FAKEAUTH
!     fprintf(stdout,"ntlmDecodeAuth: Domain '%s'.\n",buf);
! #endif
  
      size -= s;
      buf += (s - 1);
      *buf++ = '\\';		/* Using \ is more consistent with MS-proxy */
  
      p = ntlmGetString(&auth->hdr, &auth->user, 2);
+     if (NULL == p)
+ 	return 1;
      if ((s = strlen(p) + 1) >= size)
  	return 1;
      while (*p)
! 	*buf++ = (*p++);	/* tolower */
  
      *buf++ = '\0';
      size -= s;
! #if DEBUG_FAKEAUTH
!     fprintf(stderr, "ntlmDecodeAuth: user: %s%s\n",origbuf, p);
! #endif
  
      return 0;
  }
  
  
  int
! main(int argc, char *argv[])
  {
      char buf[256];
!     char user[256];
!     char *p;
!     char *cleartext = NULL;
      struct ntlm_challenge chal;
      int len;
      char *data = NULL;
  
      setbuf(stdout, NULL);
      while (fgets(buf, 256, stdin) != NULL) {
! 	memset(user, '\0', sizeof(user));	/* no usercode */
  
  	if ((p = strchr(buf, '\n')) != NULL)
  	    *p = '\0';		/* strip \n */
***************
*** 270,280 ****
  		    printf("AF %s\n", user);
  		} else {
  		    lc(user);
! 		    printf("NA invalid credentials%s\n", user);
  		}
  	    } else {
  		lc(user);
! 		printf("BH wrong packet type!%s\n", user);
  	    }
  	}
  #endif
--- 279,289 ----
  		    printf("AF %s\n", user);
  		} else {
  		    lc(user);
! 		    printf("NA invalid credentials, user=%s\n", user);
  		}
  	    } else {
  		lc(user);
! 		printf("BH wrong packet type! user=%s\n", user);
  	    }
  	}
  #endif
***************
*** 291,300 ****
  		    SSWAP(chal.target.maxlen);
  		data = (char *) base64_encode_bin((char *) &chal, len);
  		printf("CH %s\n", data);
! 	    } else if (!ntlmCheckHeader
! 		((struct ntlmhdr *) cleartext, NTLM_AUTHENTICATE)) {
! 		if (!ntlmDecodeAuth
! 		    ((struct ntlm_authenticate *) cleartext, user, 256)) {
  		    lc(user);
  		    printf("OK %s\n", user);
  		} else {
--- 300,307 ----
  		    SSWAP(chal.target.maxlen);
  		data = (char *) base64_encode_bin((char *) &chal, len);
  		printf("CH %s\n", data);
! 	    } else if (!ntlmCheckHeader ((struct ntlmhdr *) cleartext, NTLM_AUTHENTICATE)) {
! 		if (!ntlmDecodeAuth ((struct ntlm_authenticate *) cleartext, user, 256)) {
  		    lc(user);
  		    printf("OK %s\n", user);
  		} else {
***************
*** 307,312 ****
--- 314,321 ----
  	    }
  	}
  #endif /*v2 */
+ 	free(cleartext);
+ 	cleartext = NULL;
      }
      exit(0);
  }
Commit	Line	Data
e22489e5 JB	1	Index: squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
	2	diff -c squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1 squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.7
	3	*** squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1 Fri Aug 20 02:09:58 2004
	4	--- squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c Fri Jan 7 14:12:27 2005
	5	***************
	6	* 38,47 **
	7	#if HAVE_PWD_H
	8	#include <pwd.h>
	9	#endif
	10	!
	11	!
	12	! #define ERR "ERR\n"
	13	! #define OK "OK\n"
	14
	15	#if 0
	16	#define NTLM_STATIC_CHALLENGE "deadbeef"
	17	--- 38,46 ----
	18	#if HAVE_PWD_H
	19	#include <pwd.h>
	20	#endif
	21	! #if HAVE_ASSERT_H
	22	! #include <assert.h>
	23	! #endif
	24
	25	#if 0
	26	#define NTLM_STATIC_CHALLENGE "deadbeef"
	27	***************
	28	* 55,61 **
	29	static void
	30	lc(char *string)
	31	{
	32	! char *p = string, c;
	33	while ((c = *p)) {
	34	*p = tolower(c);
	35	p++;
	36	--- 54,61 ----
	37	static void
	38	lc(char *string)
	39	{
	40	! char *p = string;
	41	! char c;
	42	while ((c = *p)) {
	43	*p = tolower(c);
	44	p++;
	45	***************
	46	* 65,71 **
	47
	48	/*
	49	* Generates a challenge request. The randomness of the 8 byte
	50	! * challenge strings can be guarenteed to be poor at best.
	51	*/
	52	void
	53	ntlmMakeChallenge(struct ntlm_challenge *chal)
	54	--- 65,71 ----
	55
	56	/*
	57	* Generates a challenge request. The randomness of the 8 byte
	58	! * challenge strings can be guaranteed to be poor at best.
	59	*/
	60	void
	61	ntlmMakeChallenge(struct ntlm_challenge *chal)
	62	***************
	63	* 89,95 **
	64	if (authenticate_ntlm_domain != NULL)
65	while (authenticate_ntlm_domain[i++]);
66
67	-
68	chal->target.offset = WSWAP(48);
69	chal->target.maxlen = SSWAP(i);
70	chal->target.len = chal->target.maxlen;
71	--- 89,94 ----
72	***************
73	* 110,116 **
74	}
75
76	/*
77	! * Check the vailidity of a request header. Return -1 on error.
78	*/
79	int
80	ntlmCheckHeader(ntlmhdr * hdr, int type)
81	--- 109,115 ----
82	}
83
84	/*
85	! * Check the validity of a request header. Return -1 on error.
86	*/
87	int
88	ntlmCheckHeader(ntlmhdr * hdr, int type)
89	***************
90	* 127,135 **
91	return 0;
92
93	if (WSWAP(hdr->type) != type) {
94	! /* don't report this error - it's ok as we do a if() around this function */
95	! // fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n",
96	! // WSWAP(hdr->type), type);
97	return (-1);
98	}
99	return (0);
100	--- 126,133 ----
101	return 0;
102
103	if (WSWAP(hdr->type) != type) {
104	! /* don't report this error - it's ok as we do a if() around this function */
105	! /* fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n", WSWAP(hdr->type), type); */
106	return (-1);
107	}
108	return (0);
109	***************
110	* 142,150 **
111	ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags)
112	{
113	static char buf[512];
114	! u_short *s, c;
115	! char d, sc;
116	! int l, o;
117
118	l = SSWAP(str->len);
119	o = WSWAP(str->offset);
120	--- 140,151 ----
121	ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags)
122	{
123	static char buf[512];
124	! u_short *s;
125	! u_short c;
126	! char *d;
127	! char *sc;
128	! int l;
129	! int o;
130
131	l = SSWAP(str->len);
132	o = WSWAP(str->offset);
133	***************
134	* 195,256 **
135	int
136	ntlmDecodeAuth(struct ntlm_authenticate auth, char buf, size_t size)
137	{
138	! char p, origbuf;
139	int s;
140
141	! if (!buf) {
142	return 1;
143	- }
144	origbuf = buf;
145	! if (ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE)) {
146
147	- fprintf(stderr, "ntlmDecodeAuth: header check fails\n");
148	- return -1;
149	- }
150	- /* only on when you need to debug
151	- * fprintf(stderr,"ntlmDecodeAuth: size of %d\n", size);
152	- * fprintf(stderr,"ntlmDecodeAuth: flg %08x\n", auth->flags);
153	- * fprintf(stderr,"ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, auth->user.len);
154	- */
155	if ((p = ntlmGetString(&auth->hdr, &auth->domain, 2)) == NULL)
156	p = authenticate_ntlm_domain;
157	! // fprintf(stderr,"ntlmDecodeAuth: Domain '%s'.\n",p);
158	if ((s = strlen(p) + 1) >= size)
159	return 1;
160	strcpy(buf, p);
161	! // fprintf(stdout,"ntlmDecodeAuth: Domain '%s'.\n",buf);
162
163	size -= s;
164	buf += (s - 1);
165	buf++ = '\\'; / Using \ is more consistent with MS-proxy */
166
167	p = ntlmGetString(&auth->hdr, &auth->user, 2);
168	if ((s = strlen(p) + 1) >= size)
169	return 1;
170	while (*p)
171	! buf++ = (p++); //tolower
172
173	*buf++ = '\0';
174	size -= s;
175	! // fprintf(stderr, "ntlmDecodeAuth: user: %s%s\n",origbuf, p);
176	!
177
178	return 0;
179	}
180
181
182	int
183	! main()
184	{
185	char buf[256];
186	! char user[256], p, cleartext;
187	struct ntlm_challenge chal;
188	int len;
189	char *data = NULL;
190
191	setbuf(stdout, NULL);
192	while (fgets(buf, 256, stdin) != NULL) {
193	! user[0] = '\0'; /no usercode /
194
195	if ((p = strchr(buf, '\n')) != NULL)
196	p = '\0'; / strip \n */
197	--- 196,265 ----
198	int
199	ntlmDecodeAuth(struct ntlm_authenticate auth, char buf, size_t size)
200	{
201	! char *p;
202	! char *origbuf;
203	int s;
204
205	! if (!buf)
206	return 1;
207	origbuf = buf;
208	! assert (0 == ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE));
209	!
210	! #if DEBUG_FAKEAUTH
211	! fprintf(stderr,"ntlmDecodeAuth: size of %d\n", size);
212	! fprintf(stderr,"ntlmDecodeAuth: flg %08x\n", auth->flags);
213	! fprintf(stderr,"ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset,
214	! auth->user.len);
215	! #endif
216
217	if ((p = ntlmGetString(&auth->hdr, &auth->domain, 2)) == NULL)
218	p = authenticate_ntlm_domain;
219	! #if DEBUG_FAKEAUTH
220	! fprintf(stderr,"ntlmDecodeAuth: Domain '%s'.\n",p);
221	! #endif
222	if ((s = strlen(p) + 1) >= size)
223	return 1;
224	strcpy(buf, p);
225	! #if DEBUG_FAKEAUTH
226	! fprintf(stdout,"ntlmDecodeAuth: Domain '%s'.\n",buf);
227	! #endif
228
229	size -= s;
230	buf += (s - 1);
231	buf++ = '\\'; / Using \ is more consistent with MS-proxy */
232
233	p = ntlmGetString(&auth->hdr, &auth->user, 2);
234	+ if (NULL == p)
235	+ return 1;
236	if ((s = strlen(p) + 1) >= size)
237	return 1;
238	while (*p)
239	! buf++ = (p++); /* tolower */
240
241	*buf++ = '\0';
242	size -= s;
243	! #if DEBUG_FAKEAUTH
244	! fprintf(stderr, "ntlmDecodeAuth: user: %s%s\n",origbuf, p);
245	! #endif
246
247	return 0;
248	}
249
250
251	int
252	! main(int argc, char *argv[])
253	{
254	char buf[256];
255	! char user[256];
256	! char *p;
257	! char *cleartext = NULL;
258	struct ntlm_challenge chal;
259	int len;
260	char *data = NULL;
261
262	setbuf(stdout, NULL);
263	while (fgets(buf, 256, stdin) != NULL) {
264	! memset(user, '\0', sizeof(user)); /* no usercode */
265
266	if ((p = strchr(buf, '\n')) != NULL)
267	p = '\0'; / strip \n */
268	***************
269	* 270,280 **
270	printf("AF %s\n", user);
271	} else {
272	lc(user);
273	! printf("NA invalid credentials%s\n", user);
274	}
275	} else {
276	lc(user);
277	! printf("BH wrong packet type!%s\n", user);
278	}
279	}
280	#endif
281	--- 279,289 ----
282	printf("AF %s\n", user);
283	} else {
284	lc(user);
285	! printf("NA invalid credentials, user=%s\n", user);
286	}
287	} else {
288	lc(user);
289	! printf("BH wrong packet type! user=%s\n", user);
290	}
291	}
292	#endif
293	***************
294	* 291,300 **
295	SSWAP(chal.target.maxlen);
296	data = (char ) base64_encode_bin((char ) &chal, len);
297	printf("CH %s\n", data);
298	! } else if (!ntlmCheckHeader
299	! ((struct ntlmhdr *) cleartext, NTLM_AUTHENTICATE)) {
300	! if (!ntlmDecodeAuth
301	! ((struct ntlm_authenticate *) cleartext, user, 256)) {
302	lc(user);
303	printf("OK %s\n", user);
304	} else {
305	--- 300,307 ----
306	SSWAP(chal.target.maxlen);
307	data = (char ) base64_encode_bin((char ) &chal, len);
308	printf("CH %s\n", data);
309	! } else if (!ntlmCheckHeader ((struct ntlmhdr *) cleartext, NTLM_AUTHENTICATE)) {
310	! if (!ntlmDecodeAuth ((struct ntlm_authenticate *) cleartext, user, 256)) {
311	lc(user);
312	printf("OK %s\n", user);
313	} else {
314	***************
315	* 307,312 **
316	--- 314,321 ----
317	}
318	}
319	#endif /v2 /
320	+ free(cleartext);
321	+ cleartext = NULL;
322	}
323	exit(0);
324	}