Resolved: #896127 - basic_ncsa_auth does not work

2013-03-09 17:16:25 +01:00 · 2013-03-09 17:16:25 +01:00 · 71ebdc6bb1
commit 71ebdc6bb1
parent 80d2ca5dfc
2 changed files with 29 additions and 1 deletions
--- a/squid-NCSA_auth.patch
+++ b/squid-NCSA_auth.patch
@ -0,0 +1,23 @@
+--- ./helpers/basic_auth/NCSA/basic_ncsa_auth.cc	2013-03-02 02:46:03.000000000 +0100
+++ ./helpers/basic_auth/NCSA/basic_ncsa_auth.cc	2013-03-07 15:45:22.000000000 +0100
+@@ -114,6 +114,7 @@
+     time_t change_time = -1;
+     char buf[HELPER_INPUT_BUFFER];
+     char *user, *passwd, *p;
+    char *crypted;
+     user_data *u;
+     setbuf(stdout, NULL);
+     if (argc != 2) {
+@@ -147,10 +148,10 @@
+         if (u == NULL) {
+             SEND_ERR("No such user");
+ #if HAVE_CRYPT
+-        } else if (strlen(passwd) <= 8 && strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
+        } else if (strlen(passwd) <= 8 && (crypted = crypt(passwd, u->passwd)) && (strcmp(u->passwd, crypted) == 0)) {
+             // Bug 3107: crypt() DES functionality silently truncates long passwords.
+             SEND_OK("");
+-        } else if (strlen(passwd) > 8 && strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
+        } else if (strlen(passwd) > 8 && (crypted = crypt(passwd, u->passwd)) && (strcmp(u->passwd, crypted) == 0)) {
+             // Bug 3107: crypt() DES functionality silently truncates long passwords.
+             SEND_ERR("Password too long. Only 8 characters accepted.");
+ #endif
--- a/squid.spec
+++ b/squid.spec
@ -4,7 +4,7 @@

 Name:     squid
 Version:  3.2.8
-Release:  1%{?dist}
+Release:  2%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@ -38,6 +38,7 @@ Patch203: squid-3.0.STABLE1-perlpath.patch
 Patch204: squid-3.2.0.9-fpic.patch
 Patch205: squid-3.1.9-ltdl.patch
 Patch206: squid-makefile.patch
+Patch207: squid-NCSA_auth.patch

 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires: bash >= 2.0
@ -106,6 +107,7 @@ The squid-sysvinit contains SysV initscritps support.
 %patch204 -p1 -b .fpic
 %patch205 -p1 -b .ltdl
 %patch206 -p1 -b .makefile
+%patch207 -p1 -b .NCSA_auth

 %build
 %ifarch sparcv9 sparc64 s390 s390x
@ -309,6 +311,9 @@ fi
        /sbin/chkconfig --add squid >/dev/null 2>&1 || :

 %changelog
+* Sat Mar 09 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.8-2
+- Resolved: #896127 - basic_ncsa_auth does not work
+
 * Fri Mar 08 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.8-1
 - Update to latest upstream version 3.2.8
 - Fixed rawhide build issues (-make check)