[squid] Resolved: #896127 - basic_ncsa_auth does not work

mluscon mluscon at fedoraproject.org
Sat Mar 9 16:22:55 UTC 2013 

commit 71ebdc6bb16abe75ff38b7573836d35a20bae880
Author: Michal Luscon <mluscon at redhat.com>
Date:   Sat Mar 9 17:16:25 2013 +0100

    Resolved: #896127 - basic_ncsa_auth does not work

 squid-NCSA_auth.patch |   23 +++++++++++++++++++++++
 squid.spec            |    7 ++++++-
 2 files changed, 29 insertions(+), 1 deletions(-)
---
diff --git a/squid-NCSA_auth.patch b/squid-NCSA_auth.patch
new file mode 100644
index 0000000..a4e9b90
--- /dev/null
+++ b/squid-NCSA_auth.patch
@@ -0,0 +1,23 @@
+--- ./helpers/basic_auth/NCSA/basic_ncsa_auth.cc	2013-03-02 02:46:03.000000000 +0100
++++ ./helpers/basic_auth/NCSA/basic_ncsa_auth.cc	2013-03-07 15:45:22.000000000 +0100
+@@ -114,6 +114,7 @@
+     time_t change_time = -1;
+     char buf[HELPER_INPUT_BUFFER];
+     char *user, *passwd, *p;
++    char *crypted;
+     user_data *u;
+     setbuf(stdout, NULL);
+     if (argc != 2) {
+@@ -147,10 +148,10 @@
+         if (u == NULL) {
+             SEND_ERR("No such user");
+ #if HAVE_CRYPT
+-        } else if (strlen(passwd) <= 8 && strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
++        } else if (strlen(passwd) <= 8 && (crypted = crypt(passwd, u->passwd)) && (strcmp(u->passwd, crypted) == 0)) {
+             // Bug 3107: crypt() DES functionality silently truncates long passwords.
+             SEND_OK("");
+-        } else if (strlen(passwd) > 8 && strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
++        } else if (strlen(passwd) > 8 && (crypted = crypt(passwd, u->passwd)) && (strcmp(u->passwd, crypted) == 0)) {
+             // Bug 3107: crypt() DES functionality silently truncates long passwords.
+             SEND_ERR("Password too long. Only 8 characters accepted.");
+ #endif
diff --git a/squid.spec b/squid.spec
index 0ecb9fc..5bf5fad 100644
--- a/squid.spec
+++ b/squid.spec
@@ -4,7 +4,7 @@
 
 Name:     squid
 Version:  3.2.8
-Release:  1%{?dist}
+Release:  2%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@@ -38,6 +38,7 @@ Patch203: squid-3.0.STABLE1-perlpath.patch
 Patch204: squid-3.2.0.9-fpic.patch
 Patch205: squid-3.1.9-ltdl.patch
 Patch206: squid-makefile.patch
+Patch207: squid-NCSA_auth.patch
 
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires: bash >= 2.0
@@ -106,6 +107,7 @@ The squid-sysvinit contains SysV initscritps support.
 %patch204 -p1 -b .fpic
 %patch205 -p1 -b .ltdl
 %patch206 -p1 -b .makefile
+%patch207 -p1 -b .NCSA_auth
 
 %build
 %ifarch sparcv9 sparc64 s390 s390x
@@ -309,6 +311,9 @@ fi
         /sbin/chkconfig --add squid >/dev/null 2>&1 || :
 
 %changelog
+* Sat Mar 09 2013 Michal Luscon <mluscon at redhat.com> - 7:3.2.8-2
+- Resolved: #896127 - basic_ncsa_auth does not work
+
 * Fri Mar 08 2013 Michal Luscon <mluscon at redhat.com> - 7:3.2.8-1
 - Update to latest upstream version 3.2.8
 - Fixed rawhide build issues (-make check)

More information about the scm-commits mailing list