Package: squid
Version: 2.7.STABLE3-4.1
Severity: normal
File: /usr/lib/squid/smb_auth.sh


After upgrading to lenny from etch, smb_auth is broken - it returns ERR for all 
valid username/password combinations, instead of OK.

We found that this was because of a change in the way that lenny's version of 
smbclient (2:3.2.5-4lenny2) behaves.  smb_auth.sh uses smbclient to connect to 
a share as the user who is attempting to authenticate.  Previous versions of 
smbclient expected the user and password to be passed via the environment 
variable USER in the form "user%pass".  However, in the new version, smbclient 
expects the user and password to be passed in separate environment variables 
(USER and PASSWD respectively).

I've created a patch to smb_auth.sh which has fixed the problem at our site 
(included below).

*** smb_auth.sh.diff
--- smb_auth.sh 2009-02-06 06:16:00.000000000 +1100
+++ smb_auth.sh.new     2009-04-21 13:39:26.000000000 +1000
@@ -58,8 +58,10 @@
 [ -n "$dcname" ] || exit 1
 
 # Pass password to smbclient through environment. Not really safe.
-USER="$SMBUSER%$SMBPASS"
+USER="$SMBUSER"
+PASSWD="$SMBPASS"
 export USER
+export PASSWD
 
 # Read the contents of the file $AUTHFILE on the $AUTHSHARE share
 authfilebs=`echo "$AUTHFILE" | tr / '\\\\'`


-- System Information:
Debian Release: 5.0.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/8 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages squid depends on:
ii  adduser         3.110                    add and remove users and groups
ii  debconf [debcon 1.5.24                   Debian configuration management sy
ii  libc6           2.7-18                   GNU C Library: Shared libraries
ii  libcomerr2      1.41.3-1                 common error description library
ii  libdb4.6        4.6.21-11                Berkeley v4.6 Database Libraries [
ii  libkrb53        1.6.dfsg.4~beta1-5lenny1 MIT Kerberos runtime libraries
ii  libldap-2.4-2   2.4.11-1                 OpenLDAP libraries
ii  libpam0g        1.0.1-5+lenny1           Pluggable Authentication Modules l
ii  logrotate       3.7.1-5                  Log rotation utility
ii  lsb-base        3.2-20                   Linux Standard Base 3.2 init scrip
ii  netbase         4.34                     Basic TCP/IP networking system
ii  squid-common    2.7.STABLE3-4.1          Internet object cache (WWW proxy c

squid recommends no packages.

Versions of packages squid suggests:
pn  logcheck-database        <none>          (no description available)
pn  resolvconf               <none>          (no description available)
ii  smbclient                2:3.2.5-4lenny2 a LanManager-like simple client fo
ii  squid-cgi                2.7.STABLE3-4.1 Squid cache manager CGI program
pn  squidclient              <none>          (no description available)
ii  winbind                  2:3.2.5-4lenny2 service to resolve user and group 

-- debconf information excluded



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to