On tor, 2008-07-03 at 12:39 +0200, [EMAIL PROTECTED] wrote:
> Hi,
>
> I also had problems with umlauts. We use our Lotus Domino Server as LDAP
> server and since an update from version 6.5 to 8, our users are unable to
> authenticate via IE or Firefox if their password contains umlauts.
> We are running squid on BSD and Linux and on both system you are able to
> authenticate using squid_ldap_auth on command line.
> I figured out that if you use the command line (set to utf-8) the utf-8
> code will be send and if you try to use IE or Firefox the ASCII code will
> be send.
> So I wrote a small work around by adding a new function
> rfc1738_unescape_with_utf to squid_ldap_auth.c. The base content is the
> original function rfc1738_unescape, but I added a switch statement to
> change the character representation from ascii to utf-8 (see code for
> german special chars below).
Can you try the attached patch instead? It tries to address the problem
in a generic manner.
Regards
Henrik
Index: helpers/basic_auth/LDAP/squid_ldap_auth.c
===
RCS file: /cvsroot/squid/squid/helpers/basic_auth/LDAP/squid_ldap_auth.c,v
retrieving revision 1.35
diff -u -p -r1.35 squid_ldap_auth.c
--- helpers/basic_auth/LDAP/squid_ldap_auth.c 27 Aug 2007 14:52:51 - 1.35
+++ helpers/basic_auth/LDAP/squid_ldap_auth.c 4 Jul 2008 08:29:16 -
@@ -608,24 +608,37 @@ static int
ldap_escape_value(char *escaped, int size, const char *src)
{
int n = 0;
-while (size > 4 && *src) {
- switch (*src) {
+unsigned char ch;
+while (size > 1 && (ch = (unsigned char) *src++) != 0) {
+ switch (ch) {
case '*':
case '(':
case ')':
case '\\':
+ if (size < 4)
+ break;
n += 3;
size -= 3;
if (size > 0) {
- *escaped++ = '\\';
- snprintf(escaped, 3, "%02x", (unsigned char) *src++);
- escaped += 2;
+ snprintf(escaped, 4, "\\%02x", ch);
+ escaped += 3;
}
break;
default:
- *escaped++ = *src++;
- n++;
- size--;
+ if (ch < 0x80) {
+ *escaped++ = ch;
+ n++;
+ size--;
+ } else {
+ if (size < 7)
+ break;
+ snprintf(escaped, 7, "\\%02x\\%02x",
+ (ch >> 6) | 0xc0,
+ (ch & 0x3f) | 0x80);
+ escaped += 6;
+ n += 6;
+ size -= 6;
+ }
}
}
*escaped = '\0';
@@ -656,7 +669,7 @@ checkLDAP(LDAP * persistent_ld, const ch
LDAPMessage *res = NULL;
LDAPMessage *entry;
char *searchattr[] =
- {(char *)LDAP_NO_ATTRS, NULL};
+ {(char *) LDAP_NO_ATTRS, NULL};
char *userdn;
int rc;
LDAP *search_ld = persistent_ld;
Index: helpers/digest_auth/ldap/ldap_backend.c
===
RCS file: /cvsroot/squid/squid/helpers/digest_auth/ldap/ldap_backend.c,v
retrieving revision 1.6
diff -u -p -r1.6 ldap_backend.c
--- helpers/digest_auth/ldap/ldap_backend.c 13 Aug 2007 09:20:13 - 1.6
+++ helpers/digest_auth/ldap/ldap_backend.c 4 Jul 2008 08:29:16 -
@@ -160,24 +160,37 @@ static int
ldap_escape_value(char *escaped, int size, const char *src)
{
int n = 0;
-while (size > 4 && *src) {
- switch (*src) {
+unsigned char ch;
+while (size > 1 && (ch = (unsigned char) *src++) != 0) {
+ switch (ch) {
case '*':
case '(':
case ')':
case '\\':
+ if (size < 4)
+ break;
n += 3;
size -= 3;
if (size > 0) {
- *escaped++ = '\\';
- snprintf(escaped, 3, "%02x", (int) *src++);
- escaped += 2;
+ snprintf(escaped, 4, "\\%02x", ch);
+ escaped += 3;
}
break;
default:
- *escaped++ = *src++;
- n++;
- size--;
+ if (ch < 0x80) {
+ *escaped++ = ch;
+ n++;
+ size--;
+ } else {
+ if (size < 7)
+ break;
+ snprintf(escaped, 7, "\\%02x\\%02x",
+ (ch >> 6) | 0xc0,
+ (ch & 0x3f) | 0x80);
+ escaped += 6;
+ n += 6;
+ size -= 6;
+ }
}
}
*escaped = '\0';
Index: helpers/external_acl/ldap_group/squid_ldap_group.c
===
RCS file: /cvsroot/squid/squid/helpers/external_acl/ldap_group/squid_ldap_group.c,v
retrieving revision 1.16
diff -u -p -r1.16 squid_ldap_group.c
--- helpers/external_acl/ldap_group/squid_ldap_group.c 18 Mar 2008 02:44:56 - 1.16
+++ helpers/external_acl/ldap_group/squid_ldap_group.c 4 Jul 2008 08:29:16 -
@@ -608,24 +608,37 @@ static int
ldap_escape_value(char *escaped, int size, const char *src)
{
int n = 0;
-while (size > 4 && *src) {
- switch (*src) {
+unsigned char ch;
+while (size > 1 && (ch = (unsigned char) *src++) != 0) {
+ switch (ch) {
case '*':
case '(':
case ')':
case '\\':
+ if (size < 4)
+ break;
n += 3;
size -= 3;
if (size > 0) {
- *escaped++ = '\\';
- snprintf(escaped, 3, "%02x", (unsigned char) *src++);
- escaped += 2;
+ snprintf(escaped, 4, "\\%02x", ch);
+ escaped += 3;
}
break;
default:
- *escaped++ = *src++;
- n++;
- size--;
+ if (ch < 0x80) {
+ *escaped++ = ch;
+ n