ntlm_auth squid_2_5_basic password problem

M A Young m.a.young at durham.ac.uk
Mon Dec 22 17:40:05 GMT 2003


I have discovered that ntlm_auth from samba 3.0 doesn't correctly
authenticate a password with the '+' character in when the squid-2.5-basic
helper protocol is used. I observed this when trying to authenticate from
squid-2.5-STABLE4, so I suspect this is a genuine error. I have traced the
problem to the rfc1738_unescape subroutine, which for some reason replaces
'+' with ' '. As far as I can tell from rfc1738, it is completely legal to
have an unescaped '+' sign in a password.

	Michael Young


More information about the samba-technical mailing list