---------------------
PatchSet 10429 
Date: 2008/01/23 14:47:49
Author: adri
Branch: s27_adri
Tag: (none) 
Log:
Make NTLM proxy authentication succeed.

Members: 
	ADRIAN_TODO:1.1.2.21->1.1.2.22 
	src/auth/ntlm/auth_ntlm.c:1.39.10.1->1.39.10.2 

Index: squid/ADRIAN_TODO
===================================================================
RCS file: /cvsroot/squid-sf//squid/Attic/ADRIAN_TODO,v
retrieving revision 1.1.2.21
retrieving revision 1.1.2.22
diff -u -r1.1.2.21 -r1.1.2.22
--- squid/ADRIAN_TODO	21 Jan 2008 03:36:43 -0000	1.1.2.21
+++ squid/ADRIAN_TODO	23 Jan 2008 14:47:49 -0000	1.1.2.22
@@ -146,9 +146,17 @@
 
 * Verify that httpHeaderHasConnDir() is correct!
 
+* The new parser isn't doing the content-type checks or being string/loose like the
+  Rousskov parser. Please update it to do so.
+
 String stuff
 
 * There's a mess between passing strings by pointer and by copying (and still neither
   reference!) Pick one, probably pointer-based, and convert all the string using
   routines to pass strings in by pointer unless absolutely necessary not to.
 
+
+==== STUFF TO TEST ====
+
+* NTLM proxy authentication!
+* SSL Tunneling
Index: squid/src/auth/ntlm/auth_ntlm.c
===================================================================
RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/auth_ntlm.c,v
retrieving revision 1.39.10.1
retrieving revision 1.39.10.2
diff -u -r1.39.10.1 -r1.39.10.2
--- squid/src/auth/ntlm/auth_ntlm.c	20 Dec 2007 10:35:29 -0000	1.39.10.1
+++ squid/src/auth/ntlm/auth_ntlm.c	23 Jan 2008 14:47:50 -0000	1.39.10.2
@@ -311,7 +311,7 @@
 	httpHeaderPutStrf(&rep->header, type, "NTLM");
 	if (!ntlmConfig->keep_alive) {
 	    /* drop the connection */
-	    httpHeaderDelByName(&rep->header, "keep-alive");
+	    httpHeaderDelByNameCstr(&rep->header, "keep-alive");
 	    request->flags.proxy_keepalive = 0;
 	}
 	return;
@@ -323,7 +323,7 @@
 	debug(29, 9) ("authenticateNTLMFixErrorHeader: Sending type:%d header: 'NTLM'\n", type);
 	httpHeaderPutStrf(&rep->header, type, "NTLM");
 	/* drop the connection */
-	httpHeaderDelByName(&rep->header, "keep-alive");
+	httpHeaderDelByNameCstr(&rep->header, "keep-alive");
 	request->flags.proxy_keepalive = 0;
 	break;
     case AUTHENTICATE_STATE_NEGOTIATE:
@@ -654,7 +654,8 @@
 static void
 authenticateNTLMAuthenticateUser(auth_user_request_t * auth_user_request, request_t * request, ConnStateData * conn, http_hdr_type type)
 {
-    const char *proxy_auth, *blob;
+    String *proxy_auth;
+    int l;
     auth_user_t *auth_user;
     ntlm_request_t *ntlm_request;
     ntlm_user_t *ntlm_user;
@@ -682,22 +683,22 @@
 	return;
     }
     /* get header */
-    proxy_auth = httpHeaderGetStr(&request->header, type);
-    blob = proxy_auth;
-    while (xisspace(*blob) && *blob)
-	blob++;
-    while (!xisspace(*blob) && *blob)
-	blob++;
-    while (xisspace(*blob) && *blob)
-	blob++;
+    proxy_auth = httpHeaderGetString(&request->header, type);
+    l = 0;
+    while ((l < strLen2(*proxy_auth)) && xisspace(strGetPos(*proxy_auth, l)))
+        l++;
+    while ((l < strLen2(*proxy_auth)) && !xisspace(strGetPos(*proxy_auth, l)))
+        l++;
+    while ((l < strLen2(*proxy_auth)) && xisspace(strGetPos(*proxy_auth, l)))
+        l++;
 
     switch (ntlm_request->auth_state) {
     case AUTHENTICATE_STATE_NONE:
 	/* we've received a ntlm request. pass to a helper */
-	debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm none. %s\n", proxy_auth);
+	debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm none. %.*s\n", strLen2(*proxy_auth), strBuf2(*proxy_auth));
 	ntlm_request->auth_state = AUTHENTICATE_STATE_INITIAL;
 	safe_free(ntlm_request->client_blob);
-	ntlm_request->client_blob = xstrdup(blob);
+	ntlm_request->client_blob = strCDupOffset(*proxy_auth, l);
 	conn->auth_type = AUTH_NTLM;
 	conn->auth_user_request = auth_user_request;
 	ntlm_request->conn = conn;
@@ -714,12 +715,12 @@
     case AUTHENTICATE_STATE_NEGOTIATE:
 	/* we should have received a blob from the clien. pass it to the same 
 	 * helper process */
-	debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state challenge with header %s.\n", proxy_auth);
+	debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state challenge with header %.*s.\n", strLen2(*proxy_auth), strBuf2(*proxy_auth));
 	/* do a cache lookup here. If it matches it's a successful ntlm 
 	 * challenge - release the helper and use the existing auth_user 
 	 * details. */
 	safe_free(ntlm_request->client_blob);
-	ntlm_request->client_blob = xstrdup(blob);
+	ntlm_request->client_blob = strCDupOffset(*proxy_auth, l);
 	if (ntlm_request->request)
 	    requestUnlink(ntlm_request->request);
 	ntlm_request->request = requestLink(request);
@@ -730,7 +731,7 @@
 	break;
     case AUTHENTICATE_STATE_FAILED:
 	/* we've failed somewhere in authentication */
-	debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm failed. %s\n", proxy_auth);
+	debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm failed. %.*s\n", strLen2(*proxy_auth), strBuf2(*proxy_auth));
 	return;
     }
     return;