* that though */
#define IGNORANCE_IS_BLISS
-#include "config.h"
+#include "squid.h"
#include "base64.h"
#include "helpers/defines.h"
#include "ntlmauth/ntlmauth.h"
#include "ntlmauth/support_bits.cci"
//#include "util.h"
-#if HAVE_CTYPE_H
-#include <ctype.h>
-#endif
#if HAVE_STRING_H
#include <string.h>
#endif
+#if HAVE_CTYPE_H
+#include <ctype.h>
+#endif
#if HAVE_CRYPT_H
#include <crypt.h>
#endif
#if HAVE_GETOPT_H
#include <getopt.h>
#endif
+#if HAVE_STDIO_H
+#include <stdio.h>
+#endif
+#if HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#if HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
/* A couple of harmless helper macros */
#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
{
char buf[HELPER_INPUT_BUFFER];
int buflen = 0;
+ char decodedBuf[HELPER_INPUT_BUFFER];
+ int decodedLen;
char user[NTLM_MAX_FIELD_LENGTH], domain[NTLM_MAX_FIELD_LENGTH];
char *p;
ntlmhdr *packet = NULL;
if ((p = strchr(buf, '\n')) != NULL)
*p = '\0'; /* strip \n */
buflen = strlen(buf); /* keep this so we only scan the buffer for \0 once per loop */
- if (buflen > 3)
- packet = (ntlmhdr*)base64_decode(buf + 3);
+ if (buflen > 3) {
+ decodedLen = base64_decode(decodedBuf, sizeof(decodedBuf), buf+3);
+ packet = (ntlmhdr*)decodedBuf;
+ } else {
+ packet = NULL;
+ decodedLen = 0;
+ }
if (buflen > 3 && NTLM_packet_debug_enabled) {
strncpy(helper_command, buf, 2);
helper_command[2] = '\0';
debug("Got '%s' from Squid with data:\n", helper_command);
- hex_dump((unsigned char*)packet, ((buflen - 3) * 3) / 4);
+ hex_dump((unsigned char *)decodedBuf, decodedLen);
} else
debug("Got '%s' from Squid\n", buf);
- if (strncasecmp(buf, "YR", 2) == 0) {
+ if (strncmp(buf, "YR", 2) == 0) {
char nonce[NTLM_NONCE_LEN];
ntlm_challenge chal;
ntlm_make_nonce(nonce);
hex_dump((unsigned char *)&chal, len);
} else
SEND2("TT %s", data);
- } else if (strncasecmp(buf, "KK ", 3) == 0) {
+ } else if (strncmp(buf, "KK ", 3) == 0) {
if (!packet) {
SEND("BH received KK with no data! user=");
} else if (ntlm_validate_packet(packet, NTLM_AUTHENTICATE) == NTLM_ERR_NONE) {
- if (ntlm_unpack_auth((ntlm_authenticate *)packet, user, domain, (buflen-3)) == NTLM_ERR_NONE) {
+ if (ntlm_unpack_auth((ntlm_authenticate *)packet, user, domain, decodedLen) == NTLM_ERR_NONE) {
lc(user);
lc(domain);
if (strip_domain_enabled) {