Re: [PATCH] fakeauth rename and libntlmauth API extensions

[Bundle Buggy]

Bundle Buggy has detected this merge request.

For details, see: 
http://bundlebuggy.aaronbentley.com/project/squid/request/%3C4C07ACC5.5080308%40treenet.co.nz%3E

Project: Squid

Re: [PATCH] fakeauth rename and libntlmauth API extensions

[Henrik Nordström]

tis 2010-06-08 klockan 23:30 +1200 skrev Amos Jeffries:

> Says something sad about our present audit process for nobody to have 
> noticed that in 4 days :(

Well, can't comment much on the code before it's in the tree and hits
the compiler, and trust you to shuffle things reasonably to the right
place.

Plus that the fake NTLM auth helper is not on the list of things in
Squid that I care about..

Regards
Henrik

Re: [PATCH] fakeauth rename and libntlmauth API extensions

[Amos Jeffries]

I suppose it would help if I attached the patch :)

Says something sad about our present audit process for nobody to have 
noticed that in 4 days :(



Amos Jeffries wrote:

This is the fakeauth merger and upgrade.

 - renames fakeauth to ntlm_fake_auth
 - links ntlm_fake_auth to libntlmauth
 - removes duplicate code provided by libcompat and libntlmauth
 - moves the remaining bits of fakeauth/ntlm.h to ntlm_fake_auth.cc.

 - moves some of the basic NTLM operations into libntlmauth
* fetch_string UNICODE support
* make challenge packet
* validate packet type
* make challenge nonce
* unpack user and domain from authenticate packet

 - tweaks libntlmauth to split the make challenge operation so that it 
only generates the challenge object (does not encode blob for sending, 
or hard-code field values any more).


 - tweaks the smb_lm helper which already linked libntlmauth so that it 
uses the updated API correctly after the above changes.


 - documents libntlmauth and some of ntlm_fake_auth helper



Amos
--
Please be using
  Current Stable Squid 2.7.STABLE9 or 3.1.4
=== modified file 'configure.in'
--- configure.in	2010-06-02 13:36:08 +
+++ configure.in	2010-06-03 06:52:51 +
@@ -3815,7 +3815,7 @@
 	helpers/digest_auth/file/Makefile \
 	helpers/digest_auth/ldap/Makefile \
 	helpers/ntlm_auth/Makefile \
-	helpers/ntlm_auth/fakeauth/Makefile \
+	helpers/ntlm_auth/fake/Makefile \
 	helpers/ntlm_auth/no_check/Makefile \
 	helpers/ntlm_auth/smb_lm/Makefile \
 	helpers/ntlm_auth/smb_lm/smbval/Makefile \

=== modified file 'doc/release-notes/release-3.2.sgml'
--- doc/release-notes/release-3.2.sgml	2010-06-03 10:10:36 +
+++ doc/release-notes/release-3.2.sgml	2010-06-03 10:35:43 +
@@ -123,6 +123,7 @@
 
 NTLM Authentication protocol helpers
 
+	fakeauth_auth - ntlm_fake_auth - Perform NTLMSSP to recover the username but don't verify the password.
 	ntlm_auth - ntlm_smb_lm_auth - Perform SMB LanManager domain-less authentication over NTLM protocol.
 
 

=== modified file 'helpers/ntlm_auth/Makefile.am'
--- helpers/ntlm_auth/Makefile.am	2009-11-12 01:12:50 +
+++ helpers/ntlm_auth/Makefile.am	2010-06-03 06:52:51 +
@@ -3,5 +3,5 @@
 #  $Id$
 #
 
-DIST_SUBDIRS	= fakeauth no_check smb_lm mswin_sspi
+DIST_SUBDIRS	= fake no_check smb_lm mswin_sspi
 SUBDIRS		= $(NTLM_AUTH_HELPERS)

=== renamed directory 'helpers/ntlm_auth/fakeauth' => 'helpers/ntlm_auth/fake'
=== modified file 'helpers/ntlm_auth/fake/Makefile.am'
--- helpers/ntlm_auth/fakeauth/Makefile.am	2010-04-14 11:13:32 +
+++ helpers/ntlm_auth/fake/Makefile.am	2010-06-03 06:52:51 +
@@ -1,15 +1,14 @@
 include $(top_srcdir)/src/Common.am
 
-libexec_PROGRAMS = fakeauth_auth
-fakeauth_auth_SOURCES	= fakeauth_auth.c ntlm.h
-
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += -I$(srcdir)
-
-LDADD = \
-	$(top_builddir)/compat/libcompat.la \
-	-L$(top_builddir)/lib -lmiscutil \
+libexec_PROGRAMS = ntlm_fake_auth
+ntlm_fake_auth_SOURCES	= ntlm_fake_auth.cc
+
+ntlm_fake_auth_LDADD = \
+	-L$(top_builddir)/lib -lntlmauth \
+	$(COMPAT_LIB) \
 	$(CRYPTLIB) \
 	$(XTRA_LIBS)
 
+ntlm_fake_auth_DEPENDENCIES = $(top_builddir)/lib/libntlmauth.a
+
 EXTRA_DIST = config.test

=== removed file 'helpers/ntlm_auth/fakeauth/ntlm.h'
--- helpers/ntlm_auth/fakeauth/ntlm.h	2009-08-23 09:30:49 +
+++ helpers/ntlm_auth/fakeauth/ntlm.h	1970-01-01 00:00:00 +
@@ -1,161 +0,0 @@
-/*
- * $Id$
- *
- * AUTHOR: Andrew Doran 
- *
- * SQUID Web Proxy Cache  http://www.squid-cache.org/
- * --
- *
- *  Squid is the result of efforts by numerous individuals from
- *  the Internet community; see the CONTRIBUTORS file for full
- *  details.   Many organizations have provided support for Squid's
- *  development; see the SPONSORS file for full details.  Squid is
- *  Copyrighted (C) 2001 by the Regents of the University of
- *  California; see the COPYRIGHT file for full details.  Squid
- *  incorporates software developed and/or copyrighted by other
- *  sources; see the CREDITS file for full details.
- *
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 2 of the License, or
- *  (at your option) any later version.
- *
- *  This program is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, write to the Free Software
- *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
- */
-
-#ifndef _NTLM_H_
-#define _NTLM_H_
-
-/* undefine this to have strict protocol adherence. You don't really need
- * that though */
-#define