ntlm_auth squid_2_5_basic password problem

M A Young m.a.young at durham.ac.uk
Wed Dec 24 09:23:56 GMT 2003

On Wed, 24 Dec 2003, Andrew Bartlett wrote:

> On Tue, 2003-12-23 at 04:40, M A Young wrote:
> > I have discovered that ntlm_auth from samba 3.0 doesn't correctly
> > authenticate a password with the '+' character in when the squid-2.5-basic
> > helper protocol is used. I observed this when trying to authenticate from
> > squid-2.5-STABLE4, so I suspect this is a genuine error. I have traced the
> > problem to the rfc1738_unescape subroutine, which for some reason replaces
> > '+' with ' '. As far as I can tell from rfc1738, it is completely legal to
> > have an unescaped '+' sign in a password.
> Hmm - this code was from SWAT originally - I'm quite happy to remove it,
> but I need to find out why it thought there might be an unescaped + in
> SWAT's input...
> Make sure you assign me a bug in bugzilla, so I don't forget it.

This issue is now bug 916.

	Michael Young

More information about the samba-technical mailing list