ntlm_auth squid_2_5_basic password problem
Andrew Bartlett
abartlet at samba.org
Wed Dec 24 03:31:08 GMT 2003
On Tue, 2003-12-23 at 04:40, M A Young wrote:
> I have discovered that ntlm_auth from samba 3.0 doesn't correctly
> authenticate a password with the '+' character in when the squid-2.5-basic
> helper protocol is used. I observed this when trying to authenticate from
> squid-2.5-STABLE4, so I suspect this is a genuine error. I have traced the
> problem to the rfc1738_unescape subroutine, which for some reason replaces
> '+' with ' '. As far as I can tell from rfc1738, it is completely legal to
> have an unescaped '+' sign in a password.
Hmm - this code was from SWAT originally - I'm quite happy to remove it,
but I need to find out why it thought there might be an unescaped + in
SWAT's input...
Make sure you assign me a bug in bugzilla, so I don't forget it.
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20031224/abc9014f/attachment.bin
More information about the samba-technical
mailing list