On 21/02/2013 2:47 p.m., Alex Rousskov wrote:
Hello,
It looks like NTLM and possibly Negotiate authentication is broken
in trunk because Squid eats the bare backslash that AF responses use to
separate authentication domain and user names. With the backslash
removed, the merged domainuser name never matches, of course.
The attached patch fixes the problem in my tests. Is there a better way
to do this?
Thank you,
Alex.
strwordtok() is a function of our own creation so it is probably best
long term to adjust its API to include a flag for skipping the
slashDecode behaviour instead of creating duplicate code.
Example patch attached. Re-formatting is avoided to show clearly the
small amount of change needed.
I like the extra documentation you added about statics and use cases.
Can you write something similar about strwordtok() ?
Amos
=== modified file 'src/SquidString.h'
--- src/SquidString.h 2012-09-22 10:56:48 +0000
+++ src/SquidString.h 2013-02-21 02:21:23 +0000
@@ -184,6 +184,11 @@
const char *checkNullString(const char *p);
int stringHasWhitespace(const char *);
int stringHasCntl(const char *);
-char *strwordtok(char *buf, char **t);
+
+/**
+ * Like strtok(start, " ") but contains a rudimentary knowledge of quoted
strings and backslashing.
+ * When slashDecode parameter is set to false does NOT decode backslashes so
is safe for bare backslashes.
+ */
+char *strwordtok(char *buf, char **t, bool slashDecode = true);
#endif /* SQUID_STRING_H */
=== modified file 'src/String.cc'
--- src/String.cc 2012-10-04 09:14:06 +0000
+++ src/String.cc 2013-02-21 02:16:46 +0000
@@ -350,7 +350,7 @@
* of quoting
*/
char *
-strwordtok(char *buf, char **t)
+strwordtok(char *buf, char **t, bool slashDecode)
{
unsigned char *word = NULL;
unsigned char *p = (unsigned char *) buf;
@@ -376,6 +376,7 @@
switch (ch) {
case '\\':
+ if (slashDecode) {
++p;
switch (*p) {
@@ -396,6 +397,7 @@
break;
}
+ }
*d = ch;
++d;
