Bug in rfc1783_decode() in 3.4 and master

Andrew Bartlett abartlet at samba.org
Fri Oct 30 07:13:01 MDT 2009

I noticed doing some work in master that the current rfc1783_decode()

	while ((p=strchr(p,'+')))
		*p = ' ';

As far as I can see, this was merged incorrectly from Samba4 when the
string util code was brought back in common in Nov last year.  The
Samba3 code is deliberately missing this loop, with this loop move to
SWAT specificity. 

Anyway, the long and the short of it is that ntlm_auth uses
rfc1783_decode(), and when Squid calls the plaintext ntlm_auth helpers,
it does not replace space characters with +, so this merge (I suspect)
breaks squid. 

I'm importing a full rfc1783 decode and encode impelementation from
squid, but a patch to 3.4 may wish to just remove those lines. 

(Anyway, I'm tired, but I wanted to mention this before I merged in the
replacement code)

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20091031/8168dff7/attachment.pgp>

More information about the samba-technical mailing list