[PATCH] Negotiate NTLM fix for Squid 3.2.3

Tue, 11 Dec 2012 05:04:11 -0800
Following the previous discussions about the broken Negotiate authenticator in Squid 3.2, I've written the attached small patch which I believe fixes the problem. 


The Negotiate authenticator instantiates a config object as the 
negotiateConfig variable.  I've examined Squid 3.1 and the NTLM 
authenticator did the same.  In Squid 3.2, the Negotiate authenticator 
does not correctly initialise the negotiateConfig instance with the 
configuration.  The NTLM authenticator no longer has a similar instance, 
so I believe this is no longer required for Negotiate either and that 
its removal wasn't completed correctly in the transition between 3.1 and 
3.2.



I've used the NTLM authenticator as the basis for this code and I think 
it makes sense.  Preliminary testing shows that it works.


--

 - Steve Hill
   Technical Director
   Opendium Limited     http://www.opendium.com

Direct contacts:
   Instant messager: xmpp:[email protected]
   Email:            [email protected]
   Phone:            sip:[email protected]

Sales / enquiries contacts:
   Email:            [email protected]
   Phone:            +44-844-9791439 / sip:[email protected]

Support contacts:
   Email:            [email protected]
   Phone:            +44-844-4844916 / sip:[email protected]

Fix Negotiate NTLM authentication
	
Steve Hill <[email protected]>

Index: source/src/auth/negotiate/auth_negotiate.cc
===================================================================
--- source/src/auth/negotiate/auth_negotiate.cc	(revision 154)
+++ source/src/auth/negotiate/auth_negotiate.cc	(working copy)
@@ -67,9 +67,6 @@
 static int authnegotiate_initialised = 0;
 
 /// \ingroup AuthNegotiateInternal
-Auth::Negotiate::Config negotiateConfig;
-
-/// \ingroup AuthNegotiateInternal
 static hash_table *proxy_auth_cache = NULL;
 
 /*
@@ -293,7 +290,7 @@
 Auth::UserRequest::Pointer
 Auth::Negotiate::Config::decode(char const *proxy_auth)
 {
-    Auth::Negotiate::User *newUser = new Auth::Negotiate::User(&negotiateConfig);
+    Auth::Negotiate::User *newUser = new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
     Auth::UserRequest *auth_user_request = new Auth::Negotiate::UserRequest();
     assert(auth_user_request->user() == NULL);
 






















					Reply via email to