I suppose it would help if I attached the patch :)
Says something sad about our present audit process for nobody to have
noticed that in 4 days :(
Amos Jeffries wrote:
This is the fakeauth merger and upgrade.
- renames fakeauth to ntlm_fake_auth
- links ntlm_fake_auth to libntlmauth
- removes duplicate code provided by libcompat and libntlmauth
- moves the remaining bits of fakeauth/ntlm.h to ntlm_fake_auth.cc.
- moves some of the basic NTLM operations into libntlmauth
* fetch_string UNICODE support
* make challenge packet
* validate packet type
* make challenge nonce
* unpack user and domain from authenticate packet
- tweaks libntlmauth to split the make challenge operation so that it
only generates the challenge object (does not encode blob for sending,
or hard-code field values any more).
- tweaks the smb_lm helper which already linked libntlmauth so that it
uses the updated API correctly after the above changes.
- documents libntlmauth and some of ntlm_fake_auth helper
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.4
=== modified file 'configure.in'
--- configure.in 2010-06-02 13:36:08 +
+++ configure.in 2010-06-03 06:52:51 +
@@ -3815,7 +3815,7 @@
helpers/digest_auth/file/Makefile \
helpers/digest_auth/ldap/Makefile \
helpers/ntlm_auth/Makefile \
- helpers/ntlm_auth/fakeauth/Makefile \
+ helpers/ntlm_auth/fake/Makefile \
helpers/ntlm_auth/no_check/Makefile \
helpers/ntlm_auth/smb_lm/Makefile \
helpers/ntlm_auth/smb_lm/smbval/Makefile \
=== modified file 'doc/release-notes/release-3.2.sgml'
--- doc/release-notes/release-3.2.sgml 2010-06-03 10:10:36 +
+++ doc/release-notes/release-3.2.sgml 2010-06-03 10:35:43 +
@@ -123,6 +123,7 @@
NTLM Authentication protocol helpers
+ fakeauth_auth - ntlm_fake_auth - Perform NTLMSSP to recover the username but don't verify the password.
ntlm_auth - ntlm_smb_lm_auth - Perform SMB LanManager domain-less authentication over NTLM protocol.
=== modified file 'helpers/ntlm_auth/Makefile.am'
--- helpers/ntlm_auth/Makefile.am 2009-11-12 01:12:50 +
+++ helpers/ntlm_auth/Makefile.am 2010-06-03 06:52:51 +
@@ -3,5 +3,5 @@
# $Id$
#
-DIST_SUBDIRS = fakeauth no_check smb_lm mswin_sspi
+DIST_SUBDIRS = fake no_check smb_lm mswin_sspi
SUBDIRS = $(NTLM_AUTH_HELPERS)
=== renamed directory 'helpers/ntlm_auth/fakeauth' => 'helpers/ntlm_auth/fake'
=== modified file 'helpers/ntlm_auth/fake/Makefile.am'
--- helpers/ntlm_auth/fakeauth/Makefile.am 2010-04-14 11:13:32 +
+++ helpers/ntlm_auth/fake/Makefile.am 2010-06-03 06:52:51 +
@@ -1,15 +1,14 @@
include $(top_srcdir)/src/Common.am
-libexec_PROGRAMS = fakeauth_auth
-fakeauth_auth_SOURCES = fakeauth_auth.c ntlm.h
-
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += -I$(srcdir)
-
-LDADD = \
- $(top_builddir)/compat/libcompat.la \
- -L$(top_builddir)/lib -lmiscutil \
+libexec_PROGRAMS = ntlm_fake_auth
+ntlm_fake_auth_SOURCES = ntlm_fake_auth.cc
+
+ntlm_fake_auth_LDADD = \
+ -L$(top_builddir)/lib -lntlmauth \
+ $(COMPAT_LIB) \
$(CRYPTLIB) \
$(XTRA_LIBS)
+ntlm_fake_auth_DEPENDENCIES = $(top_builddir)/lib/libntlmauth.a
+
EXTRA_DIST = config.test
=== removed file 'helpers/ntlm_auth/fakeauth/ntlm.h'
--- helpers/ntlm_auth/fakeauth/ntlm.h 2009-08-23 09:30:49 +
+++ helpers/ntlm_auth/fakeauth/ntlm.h 1970-01-01 00:00:00 +
@@ -1,161 +0,0 @@
-/*
- * $Id$
- *
- * AUTHOR: Andrew Doran
- *
- * SQUID Web Proxy Cache http://www.squid-cache.org/
- * --
- *
- * Squid is the result of efforts by numerous individuals from
- * the Internet community; see the CONTRIBUTORS file for full
- * details. Many organizations have provided support for Squid's
- * development; see the SPONSORS file for full details. Squid is
- * Copyrighted (C) 2001 by the Regents of the University of
- * California; see the COPYRIGHT file for full details. Squid
- * incorporates software developed and/or copyrighted by other
- * sources; see the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
- */
-
-#ifndef _NTLM_H_
-#define _NTLM_H_
-
-/* undefine this to have strict protocol adherence. You don't really need
- * that though */
-#define