[squid/f17] Resolved: #896127 - basic_ncsa_auth does not work

mluscon mluscon at fedoraproject.org
Sat Mar 9 16:57:03 UTC 2013 

commit 33bd5e15e332eb738b2325b1c6c8605e594ee4d0
Author: Michal Luscon <mluscon at redhat.com>
Date:   Sat Mar 9 17:50:38 2013 +0100

    Resolved: #896127 - basic_ncsa_auth does not work

 squid-NCSA_auth.patch |   23 +++++++++++++++++++++++
 squid.spec            |    7 ++++++-
 2 files changed, 29 insertions(+), 1 deletions(-)
---
diff --git a/squid-NCSA_auth.patch b/squid-NCSA_auth.patch
new file mode 100644
index 0000000..a4e9b90
--- /dev/null
+++ b/squid-NCSA_auth.patch
@@ -0,0 +1,23 @@
+--- ./helpers/basic_auth/NCSA/basic_ncsa_auth.cc	2013-03-02 02:46:03.000000000 +0100
++++ ./helpers/basic_auth/NCSA/basic_ncsa_auth.cc	2013-03-07 15:45:22.000000000 +0100
+@@ -114,6 +114,7 @@
+     time_t change_time = -1;
+     char buf[HELPER_INPUT_BUFFER];
+     char *user, *passwd, *p;
++    char *crypted;
+     user_data *u;
+     setbuf(stdout, NULL);
+     if (argc != 2) {
+@@ -147,10 +148,10 @@
+         if (u == NULL) {
+             SEND_ERR("No such user");
+ #if HAVE_CRYPT
+-        } else if (strlen(passwd) <= 8 && strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
++        } else if (strlen(passwd) <= 8 && (crypted = crypt(passwd, u->passwd)) && (strcmp(u->passwd, crypted) == 0)) {
+             // Bug 3107: crypt() DES functionality silently truncates long passwords.
+             SEND_OK("");
+-        } else if (strlen(passwd) > 8 && strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
++        } else if (strlen(passwd) > 8 && (crypted = crypt(passwd, u->passwd)) && (strcmp(u->passwd, crypted) == 0)) {
+             // Bug 3107: crypt() DES functionality silently truncates long passwords.
+             SEND_ERR("Password too long. Only 8 characters accepted.");
+ #endif
diff --git a/squid.spec b/squid.spec
index 1fb51f8..eeeac6f 100644
--- a/squid.spec
+++ b/squid.spec
@@ -4,7 +4,7 @@
 
 Name:     squid
 Version:  3.2.8
-Release:  1%{?dist}
+Release:  2%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@@ -37,6 +37,7 @@ Patch202: squid-3.1.0.9-location.patch
 Patch203: squid-3.0.STABLE1-perlpath.patch
 Patch204: squid-3.2.0.9-fpic.patch
 Patch205: squid-3.1.9-ltdl.patch
+Patch206: squid-NCSA_auth.patch
 
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires: bash >= 2.0
@@ -104,6 +105,7 @@ The squid-sysvinit contains SysV initscritps support.
 %patch203 -p1 -b .perlpath
 %patch204 -p1 -b .fpic
 %patch205 -p1 -b .ltdl
+%patch206 -p1 -b .NCSA_auth
 
 %build
 %ifarch sparcv9 sparc64 s390 s390x
@@ -315,6 +317,9 @@ fi
         /sbin/chkconfig --add squid >/dev/null 2>&1 || :
 
 %changelog
+* Sat Mar 09 2013 Michal Luscon <mluscon at redhat.com> - 7:3.2.8-2
+- Resolved: #896127 - basic_ncsa_auth does not work 
+
 * Fri Mar 08 2013 Michal Luscon <mluscon at redhat.com> - 7:3.2.8-1
 - Update to latest upstream version 3.2.8

More information about the scm-commits mailing list